cxsecurity.com Open in urlscan Pro
51.222.29.70  Public Scan

Form analysis
0 forms found in the DOM

Text Content

 * Home
 * Bugtraq
   * Full List
   * 
   * Only Bugs
   * Only Tricks
   * Only Exploits
   * Only Dorks
   * Only CVE
   * Only CWE
   * 
   * Fake Notes
   * 
   * Ranking
 * CVEMAP
   * Full List
   * 
   * Show Vendors
   * Show Products
   * 
   * CWE Dictionary
   * 
   * Check CVE Id
   * Check CWE Id
 * Search
   * Bugtraq
   * 
   * CVEMAP
   * 
   * By author
   * 
   * CVE Id
   * CWE Id
   * 
   * By vendors
   * By products
 * RSS
   * Bugtraq
   * 
   * CVEMAP
   * CVE Products
   * 
   * Bugs
   * Exploits
   * Dorks
 * More
   * cIFrex
   * 
   * Facebook
   * Twitter
   * 
   * Donate
   * 
   * About

 * Submit

BUGTRAQ STATS

Yesterday: 0
Last month: 153
Current month: 13
Total: 38181

BEST HACKERS:

1. behrouz mansoori
2. Cristian Giustini
3. Fikrat Ghuliev
4. Nitin Sharma



CVE DATABASE

Last Update: 148
Last month: 1857
Current month: 198
Total CVE: 170088

AFFECTED

1. ngeniusone (8)
2. spotweb (6)
3. concrete5-l... (5)
4. libiec iccp... (3)


RANDOM COMMENT

E-Learning Madrasah 2.0 - Arbitary File Upload
Kawan kelam
U cant bypas Falcon


VOTED

e107 CMS 2.3.0 Shell Upload +1 0
WordPress Revslider Exploit Grab Config +1 -2
WordPress Advanced Order Export For WooCommer... +0 -2

CHECK THE BUGTRAQ

2021-10-03

MED.

BLOOD BANK SYSTEM 1.0 SQL INJECTION
NITIN SHARMA

MED.

DRUPAL MINIORANGESAML 8.X-2.22 PRIVILEGE ESCALATION
CRISTIAN GIUSTINI

HIGH

VEHICLE SERVICE MANAGEMENT SYSTEM 1.0 SHELL UPLOAD
FIKRAT GHULIEV

MED.

KRISHNA TECH - SQL INJECTION VULNERABILITY
BEHROUZ MANSOORI

MED.

SHODH TECHNOLOGIES - SQL INJECTION VULNERABILITY
BEHROUZ MANSOORI

2021-10-02

HIGH

CMSIMPLE 5.4 REMOTE CODE EXECUTION
PUSSYCAT0X

LOW

WORDPRESS JS JOBS MANAGER 1.1.7 AUTHORIZATION BYPASS
SPACEHEN

LOW

PHPWCMS 1.9.30 CROSS SITE SCRIPTING
OKAN KURTULUS

MED.

EXAM FORM SUBMISSION SYSTEM 1.0 SQL INJECTION
NITIN SHARMA

HIGH

CMSIMPLE_XH 1.7.4 REMOTE COMMAND EXECUTION
HALIT AKAYDIN

LOW

WHATSUPGOLD 21.0.3 - STORED CROSS-SITE SCRIPTING (XSS)
ALI SEDDIGH

MED.

VEHICLE SERVICE MANAGEMENT SYSTEM 1.0 - REMOTE CODE EXECUTION (RCE)
ALI SEDDIGH

MED.

PHPWCMS 1.9.30 - FILE UPLOAD TO XSS
ALI SEDDIGH






THE LATEST CVES

2021-10-05

CVE-2021-41123

SURVEY SOLUTIONS IS A SURVEY MANAGEMENT AND DATA COLLECTION SYSTEM. IN AFFECTED
VERSIONS THE HEADQUARTERS APPLICATION PUBLISHES /METRICS ENDPOINT AVAILABLE TO
ANY USER. NONE OF THE SURVEY ANSWERS ARE EVER EXPOSED, ONLY THE AGGREGATE
COUNTERS, INCLUDING COUNT OF INTERVIEWS, OR COUNT OF ASSIGNMENTS. STARTING FROM
VERSION 21.09.1 THE ENDPOINT IS TURNE...

CVE-2021-42006

AN OUT-OF-BOUNDS ACCESS IN GFFLINE::GFFLINE IN GFF.CPP IN GCLIB 0.12.7 ALLOWS AN
ATTACKER TO CAUSE A SEGMENTATION FAULT OR POSSIBLY HAVE UNSPECIFIED OTHER IMPACT
VIA A CRAFTED GFF FILE.

CVE-2020-21386

A CROSS-SITE REQUEST FORGERY (CSRF) IN THE COMPONENT
ADMIN.PHP/ADMIN/TYPE/INFO.HTML OF MACCMS 10 ALLOWS ATTACKERS TO GAIN
ADMINISTRATOR PRIVILEGES.

CVE-2020-21387

A CROSS-SITE SCRIPTING (XSS) VULNERABILITY IN THE PARAMETER TYPE_EN OF MACCMS 10
ALLOWS ATTACKERS TO OBTAIN THE ADMINISTRATOR COOKIE AND ESCALATE PRIVILEGES VIA
A CRAFTED PAYLOAD.

CVE-2021-39433

A LOCAL FILE INCLUSION (LFI) VULNERABILITY EXISTS IN VERSION BIQS IT BIQS-DRIVE
V1.83 AND BELOW WHEN SENDING A SPECIFIC PAYLOAD AS THE FILE PARAMETER TO
DOWNLOAD/INDEX.PHP. THIS ALLOWS THE ATTACKER TO READ ARBITRARY FILES FROM THE
SERVER WITH THE PERMISSIONS OF THE CONFIGURED WEB-USER.

CVE-2021-41092

DOCKER CLI IS THE COMMAND LINE INTERFACE FOR THE DOCKER CONTAINER RUNTIME. A BUG
WAS FOUND IN THE DOCKER CLI WHERE RUNNING `DOCKER LOGIN
MY-PRIVATE-REGISTRY.EXAMPLE.COM` WITH A MISCONFIGURED CONFIGURATION FILE
(TYPICALLY `~/.DOCKER/CONFIG.JSON`) LISTING A `CREDSSTORE` OR `CREDHELPERS` THAT
COULD NOT BE EXECUTED WOULD RESULT IN ANY PROVIDED CREDENTI...

CVE-2020-21431

HONGCMS V3.0 CONTAINS AN ARBITRARY FILE READ AND WRITE VULNERABILITY IN THE
COMPONENT /ADMIN/INDEX.PHP/TEMPLATE/EDIT.

CVE-2020-21434

MACCMS 10 CONTAINS A CROSS-SITE SCRIPTING (XSS) VULNERABILITY IN THE EDITING
FUNCTION UNDER THE MEMBER MODULE. THIS VULNERABILITY IS EXPLOITED VIA A CRAFTED
PAYLOAD IN THE NICKNAME TEXT FIELD.

CVE-2020-21493

AN ISSUE IN THE COMPONENT ROUTE\USER.PHP OF XIUNO BBS V4.0.4 ALLOWS ATTACKERS TO
ENUMERATE USERNAMES.

CVE-2020-21494

A CROSS-SITE SCRIPTING (XSS) VULNERABILITY IN THE COMPONENT INSTALL\INSTALL.SQL
OF XIUNO BBS 4.0.4 ALLOWS ATTACKERS TO EXECUTE ARBITRARY WEB SCRIPTS OR HTML VIA
CHANGING THE DOCTYPE VALUE TO 0.




DORKS

2021-10-03

MED.

KRISHNA TECH - SQL INJECTION VULNERABILITY
"POWERED BY KRISHNA TECH"

behrouz mansoori

MED.

SHODH TECHNOLOGIES - SQL INJECTION VULNERABILITY
"POWERED BY SHODH TECHNOLOGIES®"

behrouz mansoori

2021-10-02

LOW

WORDPRESS JS JOBS MANAGER 1.1.7 AUTHORIZATION BYPASS
INURL:/WP-CONTENT/PLUGINS/JS-JOBS/

spacehen

2021-09-27

MED.

ZIRCON WEB DESIG - SQL INJECTION VULNERABILITY
"WEBSITE DESIGN AND HOSTED BY ZIRCON WEB DESIGN"

behrouz mansoori

MED.

ZIRCON WEB DESIG - BLIND SQL INJECTION VULNERABILITY
"WEBSITE DESIGN AND HOSTED BY ZIRCON WEB DESIGN"

behrouz mansoori

QUICK GOTO:

BUGTRAQ THE LATEST CVES DORKS
SEARCH
 * BUGTRAQ
 * 
 * CVEMAP
 * 
 * BY AUTHOR
 * 
 * CVE ID
 * CWE ID
 * 
 * BY VENDORS
 * BY PRODUCTS



ARE YOU LOOKING CVE FOR SOME PRODUCT?




TOP VENDORS:

Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla
 
Full List of Vendors

--------------------------------------------------------------------------------


TOP PRODUCTS:



LINUX KERNEL MAC OS X WINDOWS XP WINDOWS 10 FLASH PLAYER ADOBE READER PHP JRE
JDK
WORDPRESS JOOMLA CHROME IE FIREFOX SAFARI HTTPD TOMCAT NGINX
 


FULL LIST OF PRODUCTS



--------------------------------------------------------------------------------



TOP CWE:

CWE-89 (SQL INJECTION) CWE-79 (XSS) CWE-119 (BUFFER OVERFLOW) CWE-22 (PATH
TRAVERSAL)
 
CHECK CWE DICTIONARY

--------------------------------------------------------------------------------



DONATE:

IS AN OPEN PROJECT DEVELOPED AND MODERATED FULLY BY ONE INDEPENDENT PERSON.

HELP DEVELOP THE PROJECT AND MAKE
DONATIONS



--------------------------------------------------------------------------------

Copyright 2021, cxsecurity.com

 

Back to Top