المساعد الشخصي الرقمي

مشاهدة النسخة كاملة : exploit database


الصفحات : [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68

  1. [webapps] ImpressCMS 1.4.2 - Remote Code Execution (RCE) (Authenticated)
  2. [webapps] Seowon 130-SLC router - 'queriesCnt' Remote Code Execution (Unauthenticated
  3. [webapps] Evolution CMS 3.1.6 - Remote Code Execution (RCE) (Authenticated)
  4. [webapps] AlphaWeb XE - File Upload Remote Code Execution (RCE) (Authenticated)
  5. [webapps] Purchase Order Management System 1.0 - Authentication Bypass
  6. [webapps] Support Board 3.3.3 - 'Multiple' SQL Injection (Unauthenticated)
  7. [webapps] Purchase Order Management System 1.0 - Remote File Upload
  8. [webapps] ECOA Building Automation System - Remote Privilege Escalation
  9. [webapps] ECOA Building Automation System - Local File Disclosure
  10. [webapps] ECOA Building Automation System - Arbitrary File Deletion
  11. [webapps] Wordpress Plugin Download From Files 1.48 - Arbitrary File Upload
  12. [webapps] Apartment Visitor Management System (AVMS) 1.0 - SQLi to RCE
  13. [local] Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai
  14. [webapps] ECOA Building Automation System - Path Traversal Arbitrary File Upload
  15. [webapps] ECOA Building Automation System - Directory Traversal Content Disclosure
  16. [webapps] ECOA Building Automation System - 'multiple' Cross-Site Request Forgery (CS
  17. [webapps] ECOA Building Automation System - Cookie Poisoning Authentication Bypass
  18. [webapps] ECOA Building Automation System - Configuration Download Information Disclo
  19. [webapps] ECOA Building Automation System - Hidden Backdoor Accounts and backdoor() F
  20. [remote] ECOA Building Automation System - Hard-coded Credentials SSH Access
  21. [local] ECOA Building Automation System - Missing Encryption Of Sensitive Information
  22. [local] Active WebCam 11.5 - Unquoted Service Path
  23. [webapps] Men Salon Management System 1.0 - Multiple Vulnerabilities
  24. [webapps] ECOA Building Automation System - Weak Default Credentials
  25. [webapps] Bus Pass Management System 1.0 - 'adminname' Stored Cross-Site Scripting (X
  26. [webapps] WordPress Plugin TablePress 1.14 - CSV Injection
  27. [webapps] WordPress Plugin Survey & Poll 1.5.7.3 - 'sss_params' SQL Injection (2)
  28. [webapps] WordPress Plugin WP Sitemap Page 1.6.4 - Stored Cross-Site Scripting (XSS)
  29. [webapps] Antminer Monitor 0.5.0 - Authentication Bypass
  30. [webapps] OpenEMR 6.0.0 - 'noteid' Insecure Direct Object Reference (IDOR)
  31. [local] Argus Surveillance DVR 4.0 - Unquoted Service Path
  32. [webapps] FlatCore CMS 2.0.7 - Remote Code Execution (RCE) (Authenticated)
  33. [webapps] Bus Pass Management System 1.0 - 'viewid' Insecure direct object references
  34. [webapps] Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload & Re
  35. [webapps] Patient Appointment Scheduler System 1.0 - Persistent/Stored XSS
  36. [dos] SmartFTP Client 10.0.2909.0 - 'Multiple' Denial of Service
  37. [webapps] OpenSIS 8.0 'modname' - Directory/Path Traversal
  38. [local] Remote Mouse 4.002 - Unquoted Service Path
  39. [webapps] WordPress Plugin Duplicate Page 4.4.1 - Stored Cross-Site Scripting (XSS)
  40. [webapps] WPanel 4.3.1 - Remote Code Execution (RCE) (Authenticated)
  41. [webapps] Compro Technology IP Camera - ' mjpegStreamer.cgi' Screenshot Disclosure
  42. [webapps] Compro Technology IP Camera - ' index_MJpeg.cgi' Stream Disclosure
  43. [webapps] Compro Technology IP Camera - 'Multiple' Credential Disclosure
  44. [webapps] Compro Technology IP Camera - RTSP stream disclosure (Unauthenticated)
  45. [webapps] Compro Technology IP Camera - 'killps.cgi' Denial-of-Service (DoS)
  46. [webapps] Dolibarr ERP/CRM 14.0.1 - Privilege Escalation
  47. [webapps] OpenSIS Community 8.0 - 'cp_id_miss_attn' SQL Injection
  48. [dos] Telegram Desktop 2.9.2 - Denial of Service (PoC)
  49. [webapps] WordPress Plugin Payments Plugin | GetPaid 2.4.6 - HTML Injection
  50. [webapps] Traffic Offense Management System 1.0 - SQLi to Remote Code Execution (RCE)
  51. [webapps] Confluence Server 7.12.4 - 'OGNL injection' Remote Code Execution (RCE) (Un
  52. [webapps] Umbraco CMS 8.9.1 - Path traversal and Arbitrary File Write (Authenticated)
  53. [webapps] WordPress Plugin ProfilePress 3.1.3 - Privilege Escalation (Unauthenticated
  54. [webapps] Strapi CMS 3.0.0-beta.17.4 - Remote Code Execution (RCE) (Unauthenticated)
  55. [webapps] Projectsend r1295 - 'name' Stored XSS
  56. [webapps] Strapi 3.0.0-beta.17.7 - Remote Code Execution (RCE) (Authenticated)
  57. [webapps] Strapi 3.0.0-beta - Set Password (Unauthenticated)
  58. [local] MySQL User-Defined (Linux) x32 / x86_64 - 'sys_exec' Local Privilege Escalati
  59. [webapps] ZesleCP 3.1.9 - Remote Code Execution (RCE) (Authenticated)
  60. [webapps] Usermin 1.820 - Remote Code Execution (RCE) (Authenticated)
  61. [webapps] Bus Pass Management System 1.0 - 'viewid' SQL Injection
  62. [webapps] COMMAX UMS Client ActiveX Control 1.7.0.2 - 'CNC_Ctrl.dll' Heap Buffer Over
  63. [webapps] COMMAX WebViewer ActiveX Control 2.1.4.5 - 'Commax_WebViewer.ocx' Buffer Ov
  64. [webapps] CyberPanel 2.1 - Remote Code Execution (RCE) (Authenticated)
  65. [webapps] ProcessMaker 3.5.4 - Local File inclusion
  66. [webapps] Online Leave Management System 1.0 - Arbitrary File Upload to Shell (Unauth
  67. [webapps] HP OfficeJet 4630/7110 MYM1FN2025AR/2117A - Stored Cross-Site Scripting (XS
  68. [webapps] WordPress Plugin Mail Masta 1.0 - Local File Inclusion (2)
  69. [webapps] RaspAP 2.6.6 - Remote Code Execution (RCE) (Authenticated)
  70. [webapps] Simple Phone book/directory 1.0 - 'Username' SQL Injection (Unauthenticated
  71. [webapps] Online Traffic Offense Management System 1.0 - Remote Code Execution (RCE)
  72. [webapps] Laundry Booking Management System 1.0 - 'Multiple' Stored Cross-Site Script
  73. [webapps] Online Traffic Offense Management System 1.0 - 'id' SQL Injection (Authenti
  74. [webapps] Laundry Booking Management System 1.0 - 'Multiple' SQL Injection
  75. [webapps] Charity Management System CMS 1.0 - Multiple Vulnerabilities
  76. [webapps] Simple Image Gallery 1.0 - Remote Code Execution (RCE) (Unauthenticated)
  77. [webapps] COVID19 Testing Management System 1.0 - 'Multiple' SQL Injections
  78. [remote] crossfire-server 1.9.0 - 'SetUp()' Remote Buffer Overflow
  79. [webapps] Crime records Management System 1.0 - 'Multiple' SQL Injection (Authenticat
  80. [webapps] GeoVision Geowebserver 5.3.3 - LFI / XSS / HHI / RCE
  81. [local] SonicWall NetExtender 10.2.0.300 - Unquoted Service Path
  82. [webapps] Simple Water Refilling Station Management System 1.0 - Authentication Bypas
  83. [webapps] Simple Water Refilling Station Management System 1.0 - Remote Code Executio
  84. [webapps] COMMAX Biometric Access Control System 1.0.0 - Authentication Bypass
  85. [webapps] COMMAX Smart Home IoT Control System CDP-1020n - SQL Injection Authenticati
  86. [webapps] COMMAX Smart Home Ruvie CCTV Bridge DVR Service - RTSP Credentials Disclosu
  87. [webapps] COMMAX Smart Home Ruvie CCTV Bridge DVR Service - Config Write / DoS (Unaut
  88. [webapps] COMMAX CVD-Axx DVR 5.1.4 - Weak Default Credentials Stream Disclosure
  89. [webapps] NetGear D1500 V1.0.0.21_1.0.1PE - 'Wireless Repeater' Stored Cross-Site Scr
  90. [webapps] CentOS Web Panel 0.9.8.1081 - Stored Cross-Site Scripting (XSS)
  91. [webapps] Care2x Open Source Hospital Information Management 2.7 Alpha - 'Multiple' S
  92. [webapps] Simple Image Gallery System 1.0 - 'id' SQL Injection
  93. [webapps] RATES SYSTEM 1.0 - Authentication Bypass
  94. [webapps] easy-mock 1.6.0 - Remote Code Execution (RCE) (Authenticated)
  95. [webapps] Police Crime Record Management System 1.0 - 'Multiple' Stored Cross-Site Sc
  96. [webapps] Police Crime Record Management System 1.0 - 'casedetails' SQL Injection
  97. [webapps] 4images 1.8 - 'limitnumber' SQL Injection (Authenticated)
  98. [webapps] RATES SYSTEM 1.0 - 'Multiple' SQL Injections
  99. [webapps] COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection
  100. [webapps] Altova MobileTogether Server 7.3 - XML External Entity Injection (XXE)
  101. [webapps] Simple Library Management System 1.0 - 'rollno' SQL Injection
  102. [local] Xiaomi browser 10.2.4.g - Browser Search History Disclosure
  103. [webapps] WordPress Plugin LifterLMS 4.21.1 - Access Other Student Grades/Answers via
  104. [webapps] WordPress Plugin Picture Gallery 1.4.2 - 'Edit Content URL' Stored Cross-Si
  105. [webapps] IPCop 2.1.9 - Remote Code Execution (RCE) (Authenticated)
  106. [local] Amica Prodigy 1.7 - Privilege Escalation
  107. [webapps] Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injectio
  108. [webapps] CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated)
  109. [webapps] Moodle 3.9 - Remote Code Execution (RCE) (Authenticated)
  110. [webapps] GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauth
  111. [webapps] ApacheOfBiz 17.12.01 - Remote Command Execution (RCE) via Unsafe Deserializ
  112. [webapps] qdPM 9.1 - Remote Code Execution (RCE) (Authenticated)
  113. [webapps] qdPM 9.2 - DB Connection String and Password Exposure (Unauthenticated)
  114. [webapps] Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS)
  115. [webapps] WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-
  116. [webapps] Hotel Management System 1.0 - Cross-Site Scripting (XSS) Arbitrary File Upl
  117. [webapps] Panasonic Sanyo CCTV Network Camera 2.03-0x - 'Disable Authentication / Cha
  118. [webapps] Men Salon Management System 1.0 - SQL Injection Authentication Bypass
  119. [remote] Neo4j 3.4.18 - RMI based Remote Code Execution (RCE)
  120. [webapps] Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting (XSS)
  121. [webapps] IntelliChoice eFORCE Software Suite 2.5.9 - Username Enumeration
  122. [webapps] Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL Injection
  123. [webapps] CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF) to Remote Code Execution
  124. [webapps] Oracle Fatwire 6.3 - Multiple Vulnerabilities
  125. [webapps] Denver IP Camera SHO-110 - Unauthenticated Snapshot
  126. [webapps] Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download
  127. [webapps] Event Registration System with QR Code 1.0 - Authentication Bypass & RCE
  128. [remote] Denver Smart Wifi Camera SHC-150 - 'Telnet' Remote Code Execution (RCE)
  129. [webapps] TripSpark VEO Transportation - Blind SQL Injection
  130. [webapps] Customer Relationship Management System (CRM) 1.0 - Sql Injection Authentic
  131. [webapps] PHP 7.3.15-3 - 'PHP_SESSION_UPLOAD_PROGRESS' Session Data Injection
  132. [webapps] XOS Shop 1.0.9 - 'Multiple' Arbitrary File Deletion (Authenticated)
  133. [dos] Leawo Prof. Media 11.0.0.1 - Denial of Service (DoS) (PoC)
  134. [webapps] NoteBurner 2.35 - Denial Of Service (DoS) (PoC)
  135. [webapps] Elasticsearch ECE 7.13.3 - Anonymous Database Dump
  136. [webapps] Microsoft SharePoint Server 2019 - Remote Code Execution (2)
  137. [webapps] WordPress Plugin Simple Post 1.1 - 'Text field' Stored Cross-Site Scripting
  138. [webapps] ElasticSearch 7.13.3 - Memory disclosure
  139. [webapps] KevinLAB BEMS 1.0 - Unauthenticated SQL Injection / Authentication Bypass
  140. [webapps] KevinLAB BEMS 1.0 - File Path Traversal Information Disclosure (Authenticat
  141. [webapps] CSZ CMS 1.2.9 - 'Multiple' Arbitrary File Deletion
  142. [remote] KevinLAB BEMS 1.0 - Undocumented Backdoor Account
  143. [webapps] WordPress Plugin KN Fix Your Title 1.0.1 - 'Separator' Stored Cross-Site Sc
  144. [webapps] Webmin 1.973 - 'run.cgi' Cross-Site Request Forgery (CSRF)
  145. [webapps] PEEL Shopping 9.3.0 - 'id' Time-based SQL Injection
  146. [webapps] Dolibarr ERP/CRM 10.0.6 - Login Brute Force
  147. [webapps] WordPress Plugin Mimetic Books 0.2.13 - 'Default Publisher ID field' Stored
  148. [webapps] WordPress Plugin LearnPress 3.2.6.8 - Privilege Escalation
  149. [webapps] WordPress Plugin LearnPress 3.2.6.7 - 'current_items' SQL Injection (Authen
  150. [local] Linux Kernel 2.6.19 < 5.9 - 'Netfilter Local Privilege Escalation
  151. [remote] Aruba Instant (IAP) - Remote Code Execution
  152. [remote] Aruba Instant 8.7.1.0 - Arbitrary File Modification
  153. [webapps] Seagate BlackArmor NAS sg2000-2000.1331 - Command Injection
  154. [webapps] ForgeRock Access Manager/OpenAM 14.6.3 - Remote Code Execution (RCE) (Unaut
  155. [local] Argus Surveillance DVR 4.0 - Weak Password Encryption
  156. [webapps] WordPress Plugin Popular Posts 5.3.2 - Remote Code Execution (RCE) (Authent
  157. [webapps] osCommerce 2.3.4.1 - Remote Code Execution (2)
  158. [webapps] Webmin 1.973 - Cross-Site Request Forgery (CSRF)
  159. [webapps] WordPress Plugin Current Book 1.0.1 - 'Book Title and Author field' Stored
  160. [webapps] Garbage Collection Management System 1.0 - SQL Injection + Arbitrary File U
  161. [webapps] WordPress Plugin WPFront Notification Bar 1.9.1.04012 - Stored Cross-Site S
  162. [webapps] OpenEMR 5.0.1.3 - 'manage_site_files' Remote Code Execution (Authenticated)
  163. [webapps] Invoice System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)
  164. [webapps] Apache Tomcat 9.0.0.M1 - Open Redirect
  165. [webapps] Apache Tomcat 9.0.0.M1 - Cross-Site Scripting (XSS)
  166. [webapps] Church Management System 1.0 - SQL Injection (Authentication Bypass) + Arbi
  167. [webapps] Zoo Management System 1.0 - 'Multiple' Stored Cross-Site-Scripting (XSS)
  168. [webapps] Wyomind Help Desk 1.3.6 - Remote Code Execution (RCE)
  169. [webapps] Online Covid Vaccination Scheduler System 1.0 - Arbitrary File Upload to Re
  170. [webapps] Wordpress Plugin SP Project & Document Manager 4.21 - Remote Code Execution
  171. [webapps] Exam Hall Management System 1.0 - Unrestricted File Upload + RCE (Unauthent
  172. [webapps] Employee Record Management System 1.2 - Stored Cross-Site Scripting (XSS)
  173. [webapps] WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Executio
  174. [webapps] Rocket.Chat 3.12.1 - NoSQL Injection to RCE (Unauthenticated) (2)
  175. [webapps] Online Covid Vaccination Scheduler System 1.0 - 'username' time-based blind
  176. [webapps] Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation
  177. [webapps] Phone Shop Sales Managements System 1.0 - Authentication Bypass (SQLi)
  178. [webapps] Phone Shop Sales Managements System 1.0 - 'Multiple' Arbitrary File Upload
  179. [webapps] WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 - Di
  180. [webapps] Netgear DGN2200v1 - Remote Command Execution (RCE) (Unauthenticated)
  181. [webapps] Black Box Kvm Extender 3.4.31307 - Local File Inclusion
  182. [webapps] Pallets Werkzeug 0.15.4 - Path Traversal
  183. [webapps] Billing System Project 1.0 - Remote Code Execution (RCE) (Unauthenticated)
  184. [webapps] Exam Hall Management System 1.0 - Unrestricted File Upload (Unauthenticated
  185. [webapps] perfexcrm 1.10 - 'State' Stored Cross-site scripting (XSS)
  186. [webapps] Visual Tools DVR VX16 4.2.28.0 - OS Command Injection
  187. [webapps] WordPress Plugin WP Learn Manager 1.1.2 - Stored Cross-Site Scripting (XSS)
  188. [webapps] OpenEMR 5.0.1.7 - 'fileName' Path Traversal (Authenticated) (2)
  189. [webapps] Online Voting System 1.0 - SQLi (Authentication Bypass) + Remote Code Execu
  190. [webapps] Online Birth Certificate System 1.1 - 'Multiple' Stored Cross-Site Scriptin
  191. [webapps] Church Management System 1.0 - Unrestricted File Upload to Remote Code Exec
  192. [webapps] Church Management System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)
  193. [webapps] Church Management System 1.0 - 'password' SQL Injection (Authentication Byp
  194. [webapps] Wordpress Plugin Backup Guard 1.5.8 - Remote Code Execution (Authenticated)
  195. [webapps] Simple Client Management System 1.0 - Remote Code Execution (RCE)
  196. [webapps] TextPattern CMS 4.9.0-dev - Remote Command Execution (RCE) (Authenticated)
  197. [webapps] Ricon Industrial Cellular Router S9922XL - Remote Command Execution (RCE)
  198. [webapps] Wordpress Plugin Modern Events Calendar 5.16.2 - Event export (Unauthentica
  199. [webapps] Garbage Collection Management System 1.0 - SQL Injection (Unauthenticated)
  200. [webapps] Scratch Desktop 3.17 - Cross-Site Scripting/Remote Code Execution (XSS/RCE)
  201. [local] WinWaste.NET 1.0.6183.16475 - Privilege Escalation due Incorrect Access Contr
  202. [webapps] AKCP sensorProbe SPX476 - 'Multiple' Cross-Site Scripting (XSS)
  203. [webapps] b2evolution 7.2.2 - 'edit account details' Cross-Site Request Forgery (CSRF
  204. [webapps] Wordpress Plugin Modern Events Calendar 5.16.2 - Remote Code Execution (Aut
  205. [webapps] Vianeos OctoPUS 5 - 'login_user' SQLi
  206. [webapps] Online Voting System 1.0 - Authentication Bypass (SQLi)
  207. [webapps] Online Voting System 1.0 - Remote Code Execution (Authenticated)
  208. [webapps] Wordpress Plugin XCloner 4.2.12 - Remote Code Execution (Authenticated)
  209. [webapps] Doctors Patients Management System 1.0 - SQL Injection (Authentication Bypa
  210. [webapps] phpAbook 0.9i - SQL Injection
  211. [webapps] Apache Superset 1.1.0 - Time-Based Account Enumeration
  212. [webapps] Simple Traffic Offense System 1.0 - Stored Cross Site Scripting (XSS)
  213. [remote] ES File Explorer 4.1.9.7.4 - Arbitrary File Read
  214. [webapps] WordPress Plugin YOP Polls 6.2.7 - Stored Cross Site Scripting (XSS)
  215. [webapps] SAS Environment Manager 2.5 - 'name' Stored Cross-Site Scripting (XSS)
  216. [webapps] Atlassian Jira Server/Data Center 8.16.0 - Reflected Cross-Site Scripting (
  217. [webapps] Netgear WNAP320 2.0.3 - 'macAddress' Remote Code Execution (RCE) (Unauthent
  218. [webapps] Simple Client Management System 1.0 - 'uemail' SQL Injection (Unauthenticat
  219. [webapps] Lightweight facebook-styled blog 1.3 - Remote Code Execution (RCE) (Authent
  220. [local] SAPSprint 7.60 - 'SAPSprint' Unquoted Service Path
  221. [webapps] Seeddms 5.1.10 - Remote Command Execution (RCE) (Authenticated)
  222. [webapps] VMware vCenter Server RCE 6.5 / 6.7 / 7.0 - Remote Code Execution (RCE) (Un
  223. [webapps] Adobe ColdFusion 8 - Remote Command Execution (RCE)
  224. [webapps] TP-Link TL-WR841N - Command Injection
  225. [webapps] Huawei dg8045 - Authentication Bypass
  226. [webapps] Online Library Management System 1.0 - 'Search' SQL Injection
  227. [webapps] Online Library Management System 1.0 - Arbitrary File Upload Remote Code Ex
  228. [webapps] Simple CRM 3.0 - 'email' SQL injection (Authentication Bypass)
  229. [webapps] WordPress Plugin WP Google Maps 8.1.11 - Stored Cross-Site Scripting (XSS)
  230. [webapps] WordPress Plugin Poll, Survey, Questionnaire and Voting system 1.5.2 - 'dat
  231. [webapps] Responsive Tourism Website 3.1 - Remote Code Execution (RCE) (Unauthenticat
  232. [webapps] Phone Shop Sales Managements System 1.0 - Insecure Direct Object Reference
  233. [local] ASUS DisplayWidget Software 3.4.0.036 - 'ASUSDisplayWidgetService' Unquoted S
  234. [local] Remote Mouse GUI 3.008 - Local Privilege Escalation
  235. [local] Lexmark Printer Software G2 Installation Package 1.8.0.0 - 'LM__bdsvc' Unquot
  236. [webapps] Customer Relationship Management System (CRM) 1.0 - Remote Code Execution
  237. [local] Wise Care 365 5.6.7.568 - 'WiseBootAssistant' Unquoted Service Path
  238. [remote] Solaris SunSSH 11.0 x86 - libpam Remote Root (3)
  239. [local] iFunbox 4.2 - 'Apple Mobile Device Service' Unquoted Service Path
  240. [webapps] Websvn 2.6.0 - Remote Code Execution (Unauthenticated)
  241. [webapps] Simple CRM 3.0 - 'Change user information' Cross-Site Request Forgery (CSRF
  242. [webapps] Simple CRM 3.0 - 'name' Stored Cross site scripting (XSS)
  243. [webapps] OpenEMR 5.0.1.7 - 'fileName' Path Traversal (Authenticated)
  244. [remote] Dlink DSL2750U - 'Reboot' Command Injection
  245. [webapps] Node.JS - 'node-serialize' Remote Code Execution (3)
  246. [webapps] ICE Hrm 29.0.0.OS - 'xml upload' Stored Cross-Site Scripting (XSS)
  247. [webapps] ICE Hrm 29.0.0.OS - 'Account Takeover' Cross-Site Scripting and Session Fix
  248. [webapps] ICE Hrm 29.0.0.OS - 'Account Takeover' Cross-Site Request Forgery (CSRF)
  249. [webapps] Online Shopping Portal 3.1 - Remote Code Execution (Unauthenticated)
  250. [local] Workspace ONE Intelligent Hub 20.3.8.0 - 'VMware Hub Health Monitoring Servic