urlscan.io logo urlscan.io
SecurityTrails logo

cxsecurity.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Back to summary
Submitted URL: http://cxsecurity.com/
Effective URL: https://cxsecurity.com/
Submission: On December 06 via api from US — Scanned from NL

Form analysis 0 forms found in the DOM

Text Content

 * Home
 * Bugtraq
   * Full List
   * 
   * Only Bugs
   * Only Tricks
   * Only Exploits
   * Only Dorks
   * Only CVE
   * Only CWE
   * 
   * Fake Notes
   * 
   * Ranking
 * CVEMAP
   * Full List
   * 
   * Show Vendors
   * Show Products
   * 
   * CWE Dictionary
   * 
   * Check CVE Id
   * Check CWE Id
 * Search
   * Bugtraq
   * 
   * CVEMAP
   * 
   * By author
   * 
   * CVE Id
   * CWE Id
   * 
   * By vendors
   * By products
 * RSS
   * Bugtraq
   * 
   * CVEMAP
   * CVE Products
   * 
   * Bugs
   * Exploits
   * Dorks
 * More
   * cIFrex
   * 
   * Facebook
   * Twitter
   * 
   * Donate
   * 
   * About

 * Submit

BUGTRAQ STATS

Yesterday: 0
Last month: 62
Current month: 22
Total: 40474

BEST HACKERS:

1. nu11secur1ty
2. Istvan Marton
3. Rahad Chowdhury



CVE DATABASE

Last Update: 26
Last month: 2715
Current month: 1877
Total CVE: 229894

AFFECTED

1. imagegear (2)


RANDOM COMMENT

Web Design By East Technologies - SQL Injection Vulnerability
Test
Nice nice


VOTED

emart-Laravel-Multi-Vendor-eCommerce-Advanced... +1 0
Click Stocks-1.3 - File Upload - RCE +1 0
Plesk Obsidian 18.0.56 command injecrion +1 -1

CHECK THE BUGTRAQ

2023-12-05

MED.

POWERED BY ASSAMLOOK.COM - SQL INJECTION
BEHROUZ MANSOORI

2023-12-04

HIGH

STOCK-COUPON-2.1 FILE UPLOAD - RCE
NU11SECUR1TY

LOW

WORDPRESS THEME PHLOX-PRO 5.14.0 - 'SEARCHFORM' CROSS-SITE SCRIPTING (XSS)
HAKTRAK TEAM

LOW

PHP8: PHP-CURL-RCE-PRIVILAGE-ESCALATION
NU11SECUR1TY

2023-12-03

HIGH

QUICK-QUIZ-2.4 FILE UPLOAD - RCE
NU11SECUR1TY

MED.

FIRSTIDEABOOKS - SQL INJECTION VULNERABILITY
MAHDI KARIMI

MED.

ARTANDAUSTRALIA - SQL INJECTION VULNERABILITY
MAHDI KARIMI

MED.

ORPAK FUELING SYSTEMS EXPLOIT AND DEFAULT PASSWORD
PARSA REZAEI KHIABANLOO

HIGH

DOKSOFT UPLOADER CSRF FILE UPLOAD
L4663R666H05T

2023-11-29

LOW

ISRAEL YCMS 4 - REMOTE FILE UPLOAD - CSRF / SHELL UPLOAD
1933 (TURK TM - SS CYBER)

MED.

TENDA D151 2 - AUTHENTICATION BYPASS
1933 (TURK TM - SS CYBER)

HIGH

INTOUCH-1.0 FILE UPLOAD - RCE
NU11SECUR1TY

2023-11-27

MED.

OSCOMMERCE 4 - REFLECTED XSS CVE-2023-6296
CRACKER






THE LATEST CVES

2023-11-23

CVE-2023-4593

PATH TRAVERSAL VULNERABILITY WHOSE EXPLOITATION COULD ALLOW AN AUTHENTICATED
REMOTE USER TO BYPASS SECURITYMANAGER'S INTENDED RESTRICTIONS AND LIST A PARENT
DIRECTORY VIA ANY FILENAME, SUCH AS A MULTIPLE ..%2F VALUE AFFECTING THE 'DODOC'
PARAMETER IN THE /MAILADMIN_DLL.HTM FILE.

CVE-2023-4594

STORED XSS VULNERABILITY. THIS VULNERABILITY COULD ALLOW AN ATTACKER TO STORE A
MALICIOUS JAVASCRIPT PAYLOAD VIA GET AND POST METHODS ON MULTIPLE PARAMETERS IN
THE MAILADMIN_DLL.HTM FILE.

CVE-2023-4595

AN INFORMATION EXPOSURE VULNERABILITY HAS BEEN FOUND, THE EXPLOITATION OF WHICH
COULD ALLOW A REMOTE USER TO RETRIEVE SENSITIVE INFORMATION STORED ON THE SERVER
SUCH AS CREDENTIAL FILES, CONFIGURATION FILES, APPLICATION FILES, ETC., SIMPLY
BY APPENDING ANY OF THE FOLLOWING PARAMETERS TO THE END OF THE URL: %00 %0A,
%20, %2A, %A0, %AA, %C0 AND %CA.

CVE-2023-28811

THERE IS A BUFFER OVERFLOW IN THE PASSWORD RECOVERY FEATURE OF HIKVISION NVR/DVR
MODELS. IF EXPLOITED, AN ATTACKER ON THE SAME LOCAL AREA NETWORK (LAN) COULD
CAUSE THE DEVICE TO MALFUNCTION BY SENDING SPECIALLY CRAFTED PACKETS TO AN
UNPATCHED DEVICE.

CVE-2023-39253

DELL OS RECOVERY TOOL, VERSIONS 2.2.4013, 2.3.7012.0, AND 2.3.7515.0 CONTAIN AN
IMPROPER ACCESS CONTROL VULNERABILITY. A LOCAL AUTHENTICATED NON-ADMINISTRATOR
USER COULD POTENTIALLY EXPLOIT THIS VULNERABILITY, LEADING TO THE ELEVATION OF
PRIVILEGE ON THE SYSTEM.

CVE-2023-43086

DELL COMMAND | CONFIGURE, VERSIONS PRIOR TO 4.11.0, CONTAINS AN IMPROPER ACCESS
CONTROL VULNERABILITY. A LOCAL MALICIOUS USER COULD POTENTIALLY MODIFY FILES
INSIDE INSTALLATION FOLDER DURING APPLICATION UPGRADE, LEADING TO PRIVILEGE
ESCALATION.

CVE-2023-44289

DELL COMMAND | CONFIGURE VERSIONS PRIOR TO 4.11.0, CONTAIN AN IMPROPER ACCESS
CONTROL VULNERABILITY. A LOCAL MALICIOUS STANDARD USER COULD POTENTIALLY EXPLOIT
THIS VULNERABILITY WHILE REPAIRING/CHANGING INSTALLATION, LEADING TO PRIVILEGE
ESCALATION.

CVE-2023-44290

DELL COMMAND | MONITOR VERSIONS PRIOR TO 10.10.0, CONTAIN AN IMPROPER ACCESS
CONTROL VULNERABILITY. A LOCAL MALICIOUS STANDARD USER COULD POTENTIALLY EXPLOIT
THIS VULNERABILITY WHILE REPAIRING/CHANGING INSTALLATION, LEADING TO PRIVILEGE
ESCALATION.

CVE-2023-28812

THERE IS A BUFFER OVERFLOW VULNERABILITY IN A WEB BROWSER PLUG-IN COULD ALLOW AN
ATTACKER TO EXPLOIT THE VULNERABILITY BY SENDING CRAFTED MESSAGES TO COMPUTERS
INSTALLED WITH THIS PLUG-IN, WHICH COULD LEAD TO ARBITRARY CODE EXECUTION OR
CAUSE PROCESS EXCEPTION OF THE PLUG-IN.

CVE-2023-28813

AN ATTACKER COULD EXPLOIT A VULNERABILITY BY SENDING CRAFTED MESSAGES TO
COMPUTERS INSTALLED WITH THIS PLUG-IN TO MODIFY PLUG-IN PARAMETERS, WHICH COULD
CAUSE AFFECTED COMPUTERS TO DOWNLOAD MALICIOUS FILES.




DORKS

2023-12-05

MED.

POWERED BY ASSAMLOOK.COM - SQL INJECTION
"POWERED BY ASSAMLOOK.COM"

behrouz mansoori

2023-12-03

MED.

FIRSTIDEABOOKS - SQL INJECTION VULNERABILITY
"POWERED BY FIRSTIDEABOOKS"

Mahdi Karimi

MED.

ARTANDAUSTRALIA - SQL INJECTION VULNERABILITY
"POWERED BY ARTANDAUSTRALIA"

Mahdi Karimi

MED.

ORPAK FUELING SYSTEMS EXPLOIT AND DEFAULT PASSWORD
INTITLE:"SITEOMAT LOADER"

Parsa Rezaei khiabanloo

HIGH

DOKSOFT UPLOADER CSRF FILE UPLOAD
INURL:/DOKSOFT_UPLOADER/USERFILES/

L4663r666h05t

QUICK GOTO:

BUGTRAQ THE LATEST CVES DORKS
SEARCH
 * BUGTRAQ
 * 
 * CVEMAP
 * 
 * BY AUTHOR
 * 
 * CVE ID
 * CWE ID
 * 
 * BY VENDORS
 * BY PRODUCTS



ARE YOU LOOKING CVE FOR SOME PRODUCT?




TOP VENDORS:

Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla
 
Full List of Vendors

--------------------------------------------------------------------------------


TOP PRODUCTS:



LINUX KERNEL MAC OS X WINDOWS XP WINDOWS 10 FLASH PLAYER ADOBE READER PHP JRE
JDK
WORDPRESS JOOMLA CHROME IE FIREFOX SAFARI HTTPD TOMCAT NGINX
 


FULL LIST OF PRODUCTS



--------------------------------------------------------------------------------



TOP CWE:

CWE-89 (SQL INJECTION) CWE-79 (XSS) CWE-119 (BUFFER OVERFLOW) CWE-22 (PATH
TRAVERSAL)
 
CHECK CWE DICTIONARY

--------------------------------------------------------------------------------



DONATE:

IS AN OPEN PROJECT DEVELOPED AND MODERATED FULLY BY ONE INDEPENDENT PERSON.

HELP DEVELOP THE PROJECT AND MAKE
DONATIONS



--------------------------------------------------------------------------------

Copyright 2023, cxsecurity.com

 

Back to Top