Databaze Hot News 2021 March -  H 2021 January  February  March 


30.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

 

Exploit

 

29.3.2021

Bugtraq

 

Malware

 

Phishing

Bank of America EDD Debit Card28th March 2021
Deactivation Confirmation :
Your Bank of America EDD Debit
Is Blocked

Vulnerebility

CVE.2021.03.29.html

Exploit

SyncBreeze 10.1.16 - XML Parsing Stack-based Buffer Overflow

Novel Boutique House-plus 3.5.1 - Arbitrary File Download

Budget Management System 1.0 - 'Budget title' Stored XSS

Equipment Inventory System 1.0 - 'multiple' Stored XSS

Concrete5 8.5.4 - 'name' Stored XSS

TP-Link Devices - 'setDefaultHostname' Stored Cross-site Scripting (Unauthenticated)

vsftpd 3.0.3 - Remote Denial of Service

WordPress Plugin WP Super Cache 1.7.1 - Remote Code Execution (Authenticated)

28.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.27.html

CVE.2021.03.28.html

Exploit

 

26.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.26.html

Exploit

Moodle 3.10.3 - 'label' Persistent Cross Site Scripting

Regis Inventory And Monitoring System 1.0 - 'Item List' Stored XSS

GetSimple CMS Custom JS Plugin 0.1 - CSRF to Persistent XSS

25.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.25.html

Exploit

Genexis Platinum-4410 P4410-V2-1.31A - 'start_addr' Persistent Cross-Site Scripting

Linksys EA7500 2.0.8.194281 - Cross-Site Scripting

Ovidentia 6 - 'id' SQL injection (Authenticated)

24.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.24.html

Exploit

Ext2Fsd v0.68 - 'Ext2Srv' Unquoted Service Path

23.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.23.html

Exploit

Elodea Event Collector 4.9.3 - 'ElodeaEventCollectorService' Unquoted Service Path

ActivIdentity 8.2 - 'ac.sharedstore' Unquoted Service Path

ELAN Touchpad 15.2.13.1_X64_WHQL - 'ETDService' Unquoted Service Path

Hi-Rez Studios 5.1.6.3 - 'HiPatchService' Unquoted Service Path

Hotel And Lodge Management System 1.0 - 'Customer Details' Stored XSS

MyBB 1.8.25 - Poll Vote Count SQL Injection

22.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.22.html

Exploit

OSAS Traverse Extension 11 - 'travextensionhostsvc' Unquoted Service Path

ProFTPD 1.3.7a - Remote Denial of Service

MyBB 1.8.25 - Chained Remote Command Execution

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Weak Default WiFi Password Algorithm

MacPaw Encrypto 1.0.1 - 'Encrypto Service' Unquoted Service Path

WordPress Plugin Delightful Downloads Jquery File Tree 1.6.6 - Path Traversal

Winpakpro 4.8 - 'WPCommandFileService' Unquoted Service Path

Winpakpro 4.8 - 'ScheduleService' Unquoted Service Path

Winpakpro 4.8 - 'GuardTourService' Unquoted Service Path

SAPSetup Automatic Workstation Update Service 750 - 'NWSAPAutoWorkstation
UpdateSvc' Unquoted Service Path

21.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.20.html
CVE.2021.03.21.html

Exploit

 

19.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.19.html

Exploit

Online News Portal 1.0 - 'Multiple' Stored Cross-Site Scripting

Online News Portal 1.0 - 'name' SQL Injection

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Config Download (Unauthenticated)

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Device Reboot (Unauthenticated)

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Factory Reset (Unauthenticated)

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Remote Code Execution

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Hard coded Credentials Shell Access

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Authentication Bypass

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Command Injection (Authenticated)

SOYAL 701 Client 9.0.1 - Insecure Permissions

SOYAL 701 Server 9.0.1 - Insecure Permissions

SOYAL Biometric Access Control System 5.0 - 'Change Admin Password' CSRF

SOYAL Biometric Access Control System 5.0 - Master Code Disclosure

VestaCP 0.9.8 - 'v_sftp_licence' Command Injection

Eclipse Mosquitto MQTT broker 2.0.9 - 'mosquitto' Unquoted Service Path

Profiling System for Human Resource Management 1.0 - Remote Code Execution (Unauthenticated)

BRAdmin Professional 3.75 - 'BRA_Scheduler' Unquoted Service Path

Boonex Dolphin 7.4.2 - 'width' Stored XSS

LiveZilla Server 8.0.1.0 - 'Accept-Language' Reflected XSS

Plone CMS 5.2.3 - 'Title' Stored XSS

18.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.18.html

Exploit

Hestia Control Panel 1.3.2 - Arbitrary File Write

SEO Panel 4.8.0 - 'order_col' Blind SQL Injection

rConfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated)

Microsoft Exchange 2019 - SSRF to Arbitrary File Write (Proxylogon)

VestaCP 0.9.8 - 'v_interface' Add IP Stored XSS

VFS for Git 1.0.21014.1 - 'GVFS.Service' Unquoted Service Path

17.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.17.html

Exploit

FastStone Image Viewer 7.5 - .cur BITMAPINFOHEADER 'BitCount' Stack Based Buffer Overflow (ASLR & DEP Bypass)

VestaCP 0.9.8 - File Upload CSRF

WoWonder Social Network Platform 3.1 - 'event_id' SQL Injection

16.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.16.html

Exploit

GeoGebra 3D Calculator 5.0.511.0 - Denial of Service (PoC)

GeoGebra CAS Calculato‪r‬ 6.0.631.0 - Denial of Service (PoC)

GeoGebra Classic 5.0.631.0-d - Denial of Service (PoC)

GeoGebra Graphing Calculato‪r‬ 6.0.631.0 - Denial Of Service (PoC)

Alphaware E-Commerce System 1.0 - Unauthenicated Remote Code Execution (File Upload + SQL injection)

15.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.15.html

Exploit

SonLogger 4.2.3.3 - Unauthenticated Arbitrary File Upload (Metasploit)

Sonlogger 4.2.3.3 - SuperAdmin Account Creation / Information Disclosure

openMAINT openMAINT 2.1-3.3-b - 'Multiple' Persistent Cross-Site Scripting

Interactive Suite 3.6 - 'eBeam Stylus Driver' Unquoted Service Path

eBeam education suite 2.5.0.9 - 'eBeam Device Service' Unquoted Service Path

Realtek Wireless LAN Utility 700.1631 - 'Realtek11nSU' Unquoted Service Path

QNAP QVR Client 5.0.0.13230 - 'QVRService' Unquoted Service Path

rConfig 3.9.6 - 'path' Local File Inclusion (Authenticated)

MagpieRSS 0.72 - 'url' Command Injection and Server Side Request Forgery

Zenario CMS 8.8.53370 - 'id' Blind SQL Injection

14.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.13.html

CVE.2021.03.14.html

Exploit

 

12.3.2021

Bugtraq

 

Malware

Trojan.Win64.HAFNIUM.A

REDXOR

Nimar Loader

Phishing

 

Vulnerebility

CVE.2021.03.12.html

Exploit

Vembu BDR 4.2.0.1 U1 - Multiple Unquoted Service Paths

Monitoring System (Dashboard) 1.0 - File Upload RCE (Authenticated)

Monitoring System (Dashboard) 1.0 - 'uname' SQL Injection

11.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.11.html

Exploit

Nsasoft Hardware Software Inventory 1.6.4.0 - 'multiple' Denial of Service (PoC)

MyBB OUGC Feedback Plugin 1.8.22 - Cross-Site Scripting

NuCom 11N Wireless Router 5.07.90 - Remote Privilege Escalation

10.3.2021

Bugtraq

 

Malware

 

Phishing

Royal - Ltd Group Redelivery P9th March 2021
Update delivery address. We`ve
missed you
Email Admin 9th March 2021
16th March New Microsoft Word.

Vulnerebility

CVE.2021.03.10.html

Exploit

Atlassian JIRA 8.11.1 - User Enumeration

9.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.09.html

Exploit

 

8.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.08.html

Exploit

GLPI 9.5.3 - 'fromtype' Unsafe Reflection

Joomla JCK Editor 6.4.4 - 'parent' SQL Injection (2)

Pingzapper 2.3.1 - 'PingzapperSvc' Unquoted Service Path

Hotel and Lodge Management System 1.0 - Remote Code Execution (Unauthenticated)

Configuration Tool 1.6.53 - 'OpLclSrv' Unquoted Service Path

Print Job Accounting 4.4.10 - 'OkiJaSvc' Unquoted Service Path

7.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.06.html

CVE.2021.03.07.html

Exploit

 

5.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.05.html

Exploit

Fluig 1.7.0 - Path Traversal

CatDV 9.2 - RMI Authentication Bypass

4.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.04.html

Exploit

Textpattern 4.8.3 - Remote code execution (Authenticated) (2)

Web Based Quiz System 1.0 - 'eid' Union Based Sql Injection (Authenticated)

Online Ordering System 1.0 - Blind SQL Injection (Unauthenticated)

Textpattern CMS 4.9.0-dev - 'Excerpt' Persistent Cross-Site Scripting (XSS)

Textpattern CMS 4.8.4 - 'Comments' Persistent Cross-Site Scripting (XSS)

Online Ordering System 1.0 - Arbitrary File Upload to Remote Code Execution

e107 CMS 2.3.0 - CSRF

3.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.03.html

Exploit

AnyDesk 5.5.2 - Remote Code Execution

Local Services Search Engine Management System (LSSMES) 1.0 - Blind & Error based SQL injection (Authenticated)

Local Services Search Engine Management System (LSSMES) 1.0 - 'name' Persistent Cross-Site Scripting (XSS)

2.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.02.html

Exploit

Zen Cart 1.5.7b - Remote Code Execution (Authenticated)

Web Based Quiz System 1.0 - 'name' Persistent/Stored Cross-Site Scripting

Tiny Tiny RSS - Remote Code Execution

Web Based Quiz System 1.0 - 'MCQ options' Persistent/Stored Cross-Site Scripting

1.3.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.03.01.html

Exploit

Covid-19 Contact Tracing System 1.0 - Remote Code Execution (Unauthenticated)

Online Catering Reservation System 1.0 - Remote Code Execution (Unauthenticated)

VMware vCenter Server 7.0 - Unauthenticated File Upload

WiFi Mouse 1.7.8.5 - Remote Code Execution

FortiLogger 4.4.2.2 - Unauthenticated Arbitrary File Upload (Metasploit)

28.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.02.27.html

Exploit

 

26.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.02.26.html

Exploit

Remote Desktop Web Access - Authentication Timing Attack (Metasploit Module)

LightCMS 1.3.4 - 'exclusive' Stored XSS

Triconsole 3.75 - Reflected XSS

Simple Employee Records System 1.0 - File Upload RCE (Unauthenticated)

25.2.2021

Bugtraq

 

Malware

Trojan.MacOS.SLISP.A

Ransom.MSIL.POVLSOM.THBAOBA

Phishing

 

Vulnerebility

CVE.2021.02.25.html

Exploit

ASUS Remote Link 1.1.2.13 - Remote Code Execution

24.2.2021

Bugtraq

 

Malware

 

Phishing

GOVUK-DVLA

23rd February 2021

CUSTOMER ENQUIRY - GOV.UK (UK)
FORM - DONOTREPLY

Vulnerebility

 

Exploit

LayerBB 1.1.4 - 'search_query' SQL Injection

Product Key Explorer 4.2.7 - 'multiple' Denial of Service (PoC)

SpotAuditor 5.3.5 - 'multiple' Denial Of Service (PoC)

Softros LAN Messenger 9.6.4 - 'SoftrosSpellChecker' Unquoted Service Path

Unified Remote 3.9.0.2463 - Remote Code Execution

LogonExpert 8.1 - 'LogonExpertSvc' Unquoted Service Path

python jsonpickle 2.0.0 - Remote Code Execution

23.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.02.23.html

Exploit

HFS (HTTP File Server) 2.3.x - Remote Command Execution (3)

Batflat CMS 1.3.6 - 'multiple' Stored XSS

Monica 2.19.1 - 'last_name' Stored XSS

22.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.02.22.html

Exploit

 

21.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.02.20.html

Exploit

 

19.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.02.19.html

Exploit

OpenText Content Server 20.3 - 'multiple' Stored Cross-Site Scripting

dataSIMS Avionics ARINC 664-1 - Local Buffer Overflow (PoC)

Online Exam System With Timer 1.0 - 'email' SQL injection Auth Bypass

Comment System 1.0 - 'multiple' Stored Cross-Site Scripting

PEEL Shopping 9.3.0 - 'Comments/Special Instructions' Stored Cross-Site Scripting

18.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.02.18.html

Exploit

Batflat CMS 1.3.6 - Remote Code Execution (Authenticated)

Apport 2.20 - Local Privilege Escalation

Gitea 1.12.5 - Remote Code Execution (Authenticated)

17.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.02.17.html

Exploit

Billing Management System 2.0 - 'email' SQL injection Auth Bypass

Faulty Evaluation System 1.0 - 'multiple' Stored Cross-Site Scripting

16.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.02.16.html

Exploit

Nsauditor 3.2.2.0 - 'Event Description' Denial of Service (PoC)

AgataSoft PingMaster Pro 2.1 - Denial of Service (PoC)

Managed Switch Port Mapping Tool 2.85.2 - Denial of Service (PoC)

BlackCat CMS 1.3.6 - 'Display name' Cross Site Scripting (XSS)

Online Internship Management System 1.0 - 'email' SQL injection Auth Bypass

15.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

CVE.2021.02.15.html

Exploit

Tasks 9.7.3 - Insecure Permissions

Teachers Record Management System 1.0 - 'searchteacher' SQL Injection

TestLink 1.9.20 - Unrestricted File Upload (Authenticated)

14.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

2013-20001
2020-13949
2021-20406
2021-20407
2021-20408
2021-20409
2021-20410
2021-20411
2021-20412
2021-22504
2021-22973
2021-22974
2021-22975
2021-22976
2021-22977
2021-22978
2021-22979
2021-22980
2021-22981
2021-22982
2021-22983
2021-22984
2021-22985
2021-26751
2021-26752
2021-26753
2021-27197
2021-27209
2021-27210
2017-15288
2017-9271
2018-10237
2019-17558
2020-11529
2020-11947
2020-12662
2020-12663
2020-14145
2020-15798
2020-25245
2020-27218
2020-27825
2020-27994
2020-28001
2020-28374
2020-28851
2020-28852
2020-28935
2020-29568
2020-29569
2020-29660
2020-29661
2020-35493
2020-35494
2020-35495
2020-35496
2020-35507
2020-36158
2020-8265
2020-8287
2021-20335
2021-21299
2021-22881
2021-24122
2021-25666
2021-26939
2021-26959
2021-27190
2021-3156
2021-3177
2021-3281
2021-3347

Exploit

 

12.2.2021

Bugtraq

 

Malware

Ransom.MSIL.TESLACRYPT.
THABGBA

Phishing

 

Vulnerebility

2019-19004
2019-19005
2020-10734
2020-13185
2020-13186
2020-1717
2020-25493
2020-27860
2020-27861
2020-27862
2020-27863
2020-27864
2020-27865
2020-27866
2020-27867
2020-27868
2020-27869
2020-35498
2020-4768
2020-8027
2020-8029
2020-8030
2020-8031
2020-9307
2021-20188
2021-20335
2021-20402
2021-20403
2021-20404
2021-20405
2021-20635
2021-20636
2021-20637
2021-20638
2021-20639
2021-20640
2021-20641
2021-20642
2021-20643
2021-20644
2021-20645
2021-20646
2021-20647
2021-20648
2021-20649
2021-20650
2021-20651
2021-21014
2021-21015
2021-21016
2021-21017
2021-21018
2021-21019
2021-21020
2021-21021
2021-21022
2021-21023
2021-21024
2021-21025
2021-21026
2021-21027
2021-21028
2021-21029
2021-21030
2021-21031
2021-21032
2021-21033
2021-21034
2021-21035
2021-21036
2021-21037
2021-21038
2021-21039
2021-21040
2021-21041
2021-21042
2021-21044
2021-21045
2021-21046
2021-21047
2021-21048
2021-21049
2021-21050
2021-21051
2021-21052
2021-21053
2021-21054
2021-21055
2021-21057
2021-21058
2021-21059
2021-21060
2021-21061
2021-21062
2021-21063
2021-21299
2021-21301
2021-21307
2021-21310
2021-21311
2021-21976
2021-22652
2021-22654
2021-22656
2021-22658
2021-22880
2021-22881
2021-23334
2021-23335
2021-25688
2021-25689
2021-25690
2021-27187
2021-27188
2021-27190
2021-27191
2021-27204
2021-27205
2017-15288
2018-12404
2018-18508
2019-11745
2019-17006
2019-17007
2019-17571
2020-1763
2020-22839
2020-22840
2020-22841
2020-25237
2020-25238
2020-25650
2020-25651
2020-25652
2020-25653
2020-26989
2020-26990
2020-26991
2020-27218
2020-27994
2020-28001
2020-29394
2020-36242
2021-21012
2021-21013
2021-21290
2021-21445
2021-21446
2021-21447
2021-21448
2021-21449
2021-21450
2021-21451
2021-21452
2021-21453
2021-21454
2021-21455
2021-21456
2021-21457
2021-21458
2021-21459
2021-21460
2021-21461
2021-21462
2021-21463
2021-21464
2021-21465
2021-21467
2021-21468
2021-21469
2021-25251
2021-26939
2021-27186
2021-3156

Exploit

School Event Attendance Monitoring System 1.0 - 'Item Name' Stored Cross-Site Scripting

School File Management System 1.0 - 'multiple' Stored Cross-Site Scripting

PDFCOMPLETE Corporate Edition 4.1.45 - 'pdfcDispatcher' Unquoted Service Path

11.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

2020-13546
2020-13548
2020-13561
2020-13565
2020-13571
2020-13572
2020-13574
2020-13575
2020-13576
2020-13577
2020-13578
2020-13581
2020-13583
2020-13585
2020-16120
2020-24837
2020-24838
2020-24842
2020-26299
2020-27250
2020-27870
2020-27871
2020-27874
2020-28595
2020-28596
2020-29171
2020-5023
2020-7021
2020-8355
2021-0302
2021-0305
2021-0314
2021-0325
2021-0326
2021-0327
2021-0328
2021-0329
2021-0330
2021-0331
2021-0332
2021-0333
2021-0334
2021-0335
2021-0336
2021-0337
2021-0338
2021-0339
2021-0340
2021-0341
2021-20353
2021-21296
2021-22133
2021-23873
2021-23874
2021-23876
2021-23878
2021-23880
2021-23881
2021-23882
2021-23883
2021-25251
2021-26936
2021-26938
2021-26939
2021-27135
2021-27139
2021-27140
2021-27141
2021-27142
2021-27143
2021-27144
2021-27145
2021-27146
2021-27147
2021-27148
2021-27149
2021-27150
2021-27151
2021-27152
2021-27153
2021-27154
2021-27155
2021-27156
2021-27157
2021-27158
2021-27159
2021-27160
2021-27161
2021-27162
2021-27163
2021-27164
2021-27165
2021-27166
2021-27167
2021-27168
2021-27169
2021-27170
2021-27171
2021-27172
2021-27173
2021-27174
2021-27175
2021-27176
2021-27177
2021-27178
2021-27179
2021-27184
2021-27185
2021-27186
2021-3033
2017-5941
2019-17558
2019-17571
2020-11853
2020-11979
2020-13947
2020-17523
2020-22839
2020-22840
2020-25725
2020-27257
2020-27259
2020-27261
2020-29369
2020-35376
2021-21289
2021-22697
2021-22698
2021-26910
2021-3177

Exploit

Online Marriage Registration System (OMRS) 1.0 - Remote code execution (3)

Openlitespeed WebServer 1.7.8 - Command Injection (Authenticated) (2)

b2evolution 6.11.6 - 'tab3' Reflected XSS

b2evolution 6.11.6 - 'redirect_to' Open Redirect

PEEL Shopping 9.3.0 - 'address' Stored Cross-Site Scripting

10.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

2019-17582
2020-10048
2020-13117
2020-14343
2020-15798
2020-16044
2020-16144
2020-17418
2020-17419
2020-17420
2020-17421
2020-17422
2020-17423
2020-17424
2020-17425
2020-17426
2020-17427
2020-17428
2020-17429
2020-17430
2020-17431
2020-17432
2020-17433
2020-17434
2020-17435
2020-17436
2020-18215
2020-22839
2020-22840
2020-22841
2020-25237
2020-25238
2020-25245
2020-26191
2020-26192
2020-26193
2020-26194
2020-26195
2020-26196
2020-26998
2020-26999
2020-27000
2020-27001
2020-27002
2020-27003
2020-27004
2020-27005
2020-27006
2020-27007
2020-27008
2020-27257
2020-27259
2020-27261
2020-27855
2020-27856
2020-27857
2020-28388
2020-28392
2020-28394
2020-28644
2020-28645
2020-28870
2020-28871
2020-35125
2020-35572
2020-35942
2020-35943
2020-36244
2020-4790
2020-4791
2020-4795
2020-4995
2020-4996
2021-20654
2021-21117
2021-21118
2021-21119
2021-21120
2021-21121
2021-21122
2021-21123
2021-21124
2021-21125
2021-21126
2021-21127
2021-21128
2021-21129
2021-21130
2021-21131
2021-21132
2021-21133
2021-21134
2021-21135
2021-21136
2021-21137
2021-21138
2021-21139
2021-21140
2021-21141
2021-21142
2021-21143
2021-21144
2021-21145
2021-21146
2021-21147
2021-21148
2021-21444
2021-21472
2021-21474
2021-21475
2021-21476
2021-21477
2021-21478
2021-21479
2021-21502
2021-22267
2021-22663
2021-25139
2021-25140
2021-25141
2021-25666
2021-26549
2021-26550
2021-26551
2021-26675
2021-26676
2021-26719
2021-26921
2021-26937
2021-26951
2021-26952
2021-26953
2021-26954
2021-26955
2021-26956
2021-26957
2021-26958
2021-26959
2021-3191
2021-3394
2018-12404
2018-18508
2019-10923
2019-10942
2019-11745
2019-13924
2019-17006
2019-17007
2019-19301
2019-19319
2019-5086
2019-5087
2019-6567
2020-11022
2020-11023
2020-15586
2020-15799
2020-15800
2020-16024
2020-16025
2020-16845
2020-1763
2020-25226
2020-25649
2020-26980
2020-26981
2020-26982
2020-26983
2020-26984
2020-26985
2020-26986
2020-26987
2020-26988
2020-26989
2020-26990
2020-26991
2020-26992
2020-26993
2020-26994
2020-26995
2020-26996
2020-28381
2020-28382
2020-28383
2020-28384
2020-28386
2020-28391
2020-28395
2020-35507
2020-35765
2020-4983
2020-7039
2020-7574
2020-7575
2020-7581
2020-7587
2020-7588
2020-7919
2020-8608
2020-9488
2021-22502
2021-25173
2021-25174
2021-25175
2021-25176
2021-25177
2021-25178
2021-26905
2021-26910
2021-26918
2021-26925
2021-3114
2021-3156
2021-3181

Exploit

Node.JS - 'node-serialize' Remote Code Execution (2)

b2evolution 6.11.6 - 'plugin name' Stored XSS

9.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

2020-13407
2020-13408
2020-13409
2020-13460
2020-13461
2020-13462
2020-13947
2020-14391
2020-16629
2020-1779
2020-24685
2020-24944
2020-26051
2020-26052
2020-29021
2020-36148
2020-36149
2020-36150
2020-36151
2020-36152
2020-6649
2020-7782
2020-7785
2020-7786
2020-8578
2020-8587
2020-8590
2021-20358
2021-20359
2021-21240
2021-21288
2021-21290
2021-21304
2021-21305
2021-21306
2021-21434
2021-21435
2021-21436
2021-22122
2021-22502
2021-23327
2021-25142
2021-25168
2021-25169
2021-25170
2021-25171
2021-25172
2021-25834
2021-25835
2021-25836
2021-25837
2021-25913
2021-26220
2021-26221
2021-26222
2021-26528
2021-26529
2021-26530
2021-26539
2021-26540
2021-26541
2021-26570
2021-26571
2021-26572
2021-26573
2021-26574
2021-26575
2021-26576
2021-26577
2021-26825
2021-26826
2021-26905
2021-26910
2021-26912
2021-26913
2021-26914
2021-26915
2021-26916
2021-26917
2021-26918
2021-26925
2021-3293
2021-3294
2020-0256
2020-0674
2020-13247
2020-13248
2020-18723
2020-18724
2020-27814
2020-27841
2020-27844
2020-27845
2021-0308
2021-26723
2021-3229

Exploit

Adobe Connect 10 - Username Disclosure

AnyTXT Searcher 1.2.394 - 'ATService' Unquoted Service Path

Epson USB Display 1.6.0.0 - 'EMP_UDSA' Unquote Service Path

Online Car Rental System 1.0 - Stored Cross Site Scripting

8.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

2020-11915
2020-11920
2020-35700
2020-36242
2020-36243
2021-22161
2021-26754
2021-26843
2021-3122
2018-8006
2019-0222
2020-11998
2020-13920
2020-1941
2021-26117

Exploit

WordPress Plugin Supsystic Backup 2.3.9 - Local File Inclusion

WordPress Plugin Supsystic Contact Form 1.7.5 - Multiple Vulnerabilities

WordPress Plugin Supsystic Data Tables Generator 1.9.96 - Multiple Vulnerabilities

WordPress Plugin Supsystic Digital Publications 1.6.9 - Multiple Vulnerabilities

Microsoft Internet Explorer 11 32-bit - Use-After-Free

WordPress Plugin Supsystic Membership 1.4.7 - 'sidx' SQL injection

WordPress Plugin Supsystic Newsletter 1.5.5 - 'sidx' SQL injection

Alt-N MDaemon webmail 20.0.0 - 'file name' Stored Cross Site Scripting (XSS)

Alt-N MDaemon webmail 20.0.0 - 'Contact name' Stored Cross Site Scripting (XSS)

AMD Fuel Service - 'Fuel.service' Unquote Service Path

YetiShare File Hosting Script 5.1.0 - 'url' Server-Side Request Forgery

WordPress Plugin Supsystic Pricing Table 1.8.7 - Multiple Vulnerabilities

WordPress Plugin Supsystic Ultimate Maps 1.1.12 - 'sidx' SQL injection

WordPress Plugin Welcart e-Commerce 2.0.0 - 'search[order_column][0]' SQL injection

Millewin 13.39.146.1 - Local Privilege Escalation

Jenzabar 9.2.2 - 'query' Reflected XSS.

SmartFoxServer 2X 2.17.0 - God Mode Console WebSocket XSS

SmartFoxServer 2X 2.17.0 - Credentials Disclosure

SmartFoxServer 2X 2.17.0 - God Mode Console Remote Code Execution

7.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

2020-10234
2020-10375
2020-10552
2020-10553
2020-10554
2020-10857
2020-10858
2020-11836
2020-12122
2020-14312
2020-5812
2020-9014
2020-9118
2020-9205
2020-9453
2021-1072
2021-20176
2021-21303
2021-22292
2021-22293
2021-22298
2021-22299
2021-22300
2021-22301
2021-22302
2021-22303
2021-22304
2021-22305
2021-22306
2021-22307
2021-22499
2021-22500
2021-26723
2021-3229
2016-8827
2020-14409
2020-14410
2020-15999
2020-27218
2020-29598
2020-8695
2020-8696
2020-8698
2021-3114
2021-3115
2021-3177

Exploit

 

5.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

2020-16194
2020-18713
2020-18714
2020-18715
2020-18716
2020-18717
2020-27872
2020-27873
2020-28449
2020-28450
2020-35765
2020-36241
2020-4640
2020-4825
2020-4826
2020-4827
2020-4828
2020-5032
2021-0343
2021-0344
2021-0345
2021-0346
2021-0347
2021-0348
2021-0349
2021-0350
2021-0351
2021-1128
2021-1136
2021-1221
2021-1243
2021-1244
2021-1266
2021-1268
2021-1288
2021-1289
2021-1290
2021-1291
2021-1292
2021-1293
2021-1294
2021-1295
2021-1296
2021-1297
2021-1313
2021-1314
2021-1315
2021-1316
2021-1317
2021-1318
2021-1319
2021-1320
2021-1321
2021-1322
2021-1323
2021-1324
2021-1325
2021-1326
2021-1327
2021-1328
2021-1329
2021-1330
2021-1331
2021-1332
2021-1333
2021-1334
2021-1335
2021-1336
2021-1337
2021-1338
2021-1339
2021-1340
2021-1341
2021-1342
2021-1343
2021-1344
2021-1345
2021-1346
2021-1347
2021-1348
2021-1354
2021-1370
2021-1389
2021-25227
2021-25228
2021-25229
2021-25230
2021-25231
2021-25232
2021-25233
2021-25234
2021-25235
2021-25236
2021-25237
2021-25238
2021-25239
2021-25240
2021-25241
2021-25242
2021-25243
2021-25244
2021-25245
2021-25246
2021-25248
2021-25249
2021-26708
2021-26710
2021-26711
2021-3311
2011-3374
2019-0205
2019-16268
2019-9740
2019-9947
2020-15690
2020-15692
2020-15693
2020-15694
2020-25681
2020-25682
2020-25683
2020-25684
2020-25685
2020-25686
2020-25687
2020-27218
2021-25646
2021-26271
2021-26272
2021-3156
2021-3325
2021-3347

Exploit

SEO Panel 4.6.0 - Remote Code Execution (2)

PhreeBooks 5.2.3 ERP - Remote Code Execution (2)

LiteSpeed Web Server Enterprise 5.4.11 - Command Injection (Authenticated)

4.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

2019-16268
2019-20468
2019-20470
2019-20471
2019-20473
2019-25017
2019-25018
2020-13562
2020-13563
2020-13564
2020-13579
2020-13580
2020-13586
2020-14192
2020-14221
2020-14245
2020-14246
2020-14247
2020-14255
2020-15097
2020-17516
2020-17523
2020-18568
2020-18723
2020-18724
2020-1896
2020-1910
2020-20287
2020-20289
2020-20290
2020-20294
2020-20295
2020-20296
2020-21176
2020-21179
2020-21180
2020-24271
2020-24335
2020-24490
2020-25035
2020-25036
2020-25037
2020-2506
2020-2507
2020-25208
2020-25506
2020-25594
2020-25853
2020-25854
2020-25855
2020-25856
2020-25857
2020-27222
2020-27247
2020-27248
2020-27249
2020-27994
2020-28001
2020-28144
2020-28194
2020-28426
2020-28493
2020-28494
2020-28495
2020-28498
2020-28653
2020-28895
2020-29163
2020-29164
2020-29165
2020-29166
2020-29582
2020-29662
2020-35152
2020-35481
2020-35482
2020-35667
2020-36109
2020-36231
2020-4081
2020-4934
2020-6088
2020-7775
2020-8101
2020-8294
2020-8588
2020-8589
2020-8672
2020-8734
2020-9388
2020-9389
2020-9390
2021-0352
2021-0353
2021-0354
2021-0355
2021-0356
2021-0357
2021-0358
2021-0359
2021-0360
2021-0361
2021-0362
2021-0363
2021-0364
2021-0365
2021-20016
2021-20199
2021-20207
2021-21043
2021-21266
2021-21276
2021-21277
2021-21284
2021-21285
2021-21286
2021-21287
2021-21289
2021-21291
2021-21292
2021-21293
2021-21294
2021-23271
2021-23330
2021-23331
2021-25274
2021-25275
2021-25276
2021-25310
2021-25755
2021-25756
2021-25757
2021-25758
2021-25759
2021-25760
2021-25761
2021-25762
2021-25763
2021-25765
2021-25766
2021-25767
2021-25768
2021-25769
2021-25770
2021-25771
2021-25772
2021-25773
2021-25774
2021-25775
2021-25776
2021-25777
2021-25778
2021-25912
2021-26023
2021-26024
2021-26687
2021-26688
2021-26689
2021-3024
2021-3281
2021-3282
2021-3283
2021-3340
2021-3378
2021-3395
2021-3401
2014-3153
2016-9396
2016-9397
2016-9398
2016-9399
2017-1000050
2017-13745
2017-13746
2017-13747
2017-13748
2017-13749
2017-13750
2017-13751
2017-13752
2017-14132
2017-16651
2018-8975
2019-17558
2019-20838
2019-8943
2020-0427
2020-10176
2020-12352
2020-13520
2020-13956
2020-14155
2020-15250
2020-15358
2020-23522
2020-23826
2020-25066
2020-2510
2020-2517
2020-25645
2020-26159
2020-26870
2020-26976
2020-27336
2020-27337
2020-27338
2020-27825
2020-27828
2020-27904
2020-28374
2020-28488
2020-29568
2020-29569
2020-29660
2020-29661
2020-35310
2020-35738
2020-36158
2020-36221
2020-36222
2020-36223
2020-36224
2020-36225
2020-36226
2020-36227
2020-36228
2020-36229
2020-36230
2020-4027
2020-7551
2020-7552
2020-7553
2020-8020
2020-8021
2020-8554
2020-8570
2020-9320
2020-9492
2020-9972
2021-3156
2021-3317
2021-3345
2021-3347

Exploit

 

3.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

 

Exploit

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (2)

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (1)

Car Rental Project 2.0 - Arbitrary File Upload to Remote Code Execution

Pixelimity 1.0 - 'password' Cross-Site Request Forgery

2.2.2021

Bugtraq

 

Malware

 

Phishing

𝘀𝗲𝗿𝘃𝗶𝗰𝗲�

2nd February 2021

Your account has been locked

Vulnerebility

 

Exploit

Solaris 10 1/13 (SPARC) - 'dtprintinfo' Local Privilege Escalation (3)

Solaris 10 1/13 (SPARC) - 'dtprintinfo' Local Privilege Escalation (2)

Solaris 10 1/13 (SPARC) - 'dtprintinfo' Local Privilege Escalation (1)

Solaris 10 1/13 (Intel) - 'dtprintinfo' Local Privilege Escalation (3)

Solaris 10 1/13 (Intel) - 'dtprintinfo' Local Privilege Escalation (2)

Student Record System 4.0 - 'cid' SQL Injection

1.2.2021

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

2020-13856
2020-13857
2020-13858
2020-13859
2020-13860
2020-15832
2020-15833
2020-15834
2020-15835
2020-15836
2020-26547
2021-23329
2021-3348
2021-3349
2021-3350
2020-14765
2020-14812
2020-26976

Exploit

WordPress 5.0.0 - Image Remote Code Execution

Klog Server 2.4.1 - Command Injection (Authenticated)

Roundcube Webmail 1.2 - File Disclosure

Vehicle Parking Tracker System 1.0 - 'Owner Name' Stored Cross-Site Scripting

H8 SSRMS - 'id' IDOR

bloofoxCMS 0.5.2.1 - CSRF (Add user)

MyBB Thread Redirect Plugin 0.2.1 - Cross-Site Scripting

MyBB Trending Widget Plugin 1.2 - Cross-Site Scripting

Park Ticketing Management System 1.0 - 'viewid' SQL Injection

User Management System 1.0 - 'uid' SQL Injection

Zoo Management System 1.0 - 'anid' SQL Injection

MyBB Delete Account Plugin 1.4 - Cross-Site Scripting