Advisories

VULNERABILITY

Exponent CMS 2.6.0 patch2 - Stored XSS (User-Agent)


Author picture

Oscar Uribe


  • Code name: cobain
  • Product: Exponent CMS 2.6.0 patch2
  • Release date: 2022-01-25 12:00 COT
  • CVE ID(s): Pending

VULNERABILITY

Exponent CMS 2.6.0 patch2 - Insecure file upload (RCE)


Author picture

Oscar Uribe


  • Code name: dylan
  • Product: Exponent CMS 2.6.0 patch2
  • Release date: 2022-01-24 12:00 COT
  • CVE ID(s): Pending

VULNERABILITY

Exponent CMS 2.6.0 patch2 - Stored XSS


Author picture

Oscar Uribe


  • Code name: franklin
  • Product: Exponent CMS 2.6.0 patch2
  • Release date: 2022-01-24 12:00 COT
  • CVE ID(s): Pending

VULNERABILITY

Zenario CMS 9.2 - Insecure file upload (RCE)


Author picture

Oscar Uribe


  • Code name: simone
  • Product: Zenario CMS 9.2
  • Release date: 2022-01-14 11:00 COT
  • CVE ID(s): CVE-2022-23043

VULNERABILITY

PHP Server Monitor v3.5.2 - Stored XSS


Author picture

Oscar Uribe


  • Code name: gilmour
  • Product: PHP Server Monitor v3.5.2
  • Release date: 2022-01-11 15:00 COT
  • CVE ID(s): CVE-2022-23044

VULNERABILITY

phpIPAM 1.4.4 - SQL Injection


Author picture

Oscar Uribe


  • Code name: mercury
  • Product: phpIPAM 1.4.4
  • Release date: 2022-01-07 14:00 COT
  • CVE ID(s): CVE-2022-23046

VULNERABILITY

phpIPAM 1.4.4 - Stored XSS


Author picture

Oscar Uribe


  • Code name: osbourne
  • Product: phpIPAM 1.4.4
  • Release date: 2022-01-07 10:00 COT
  • CVE ID(s): CVE-2022-23045

VULNERABILITY

PartKeepr v1.4.0 url attachment 'add parts' - LFI


Author picture

Oscar Uribe


  • Code name: hendrix
  • Product: PartKeepr v1.4.0
  • Release date: 2022-01-04 14:00 COT
  • CVE ID(s): CVE-2022-22701

VULNERABILITY

PartKeepr v1.4.0 url attachment 'add parts' - SSRF


Author picture

Oscar Uribe


  • Code name: joplin
  • Product: PartKeepr v1.4.0
  • Release date: 2022-01-04 14:00 COT
  • CVE ID(s): CVE-2022-22702

VULNERABILITY

Squid Cache vulnerability


Author picture

Andres Roldan


  • Code name: morrison
  • Product: Squid Cache
  • Release date: 2021-02-16 14:00 COT
  • CVE ID(s): Pending

VULNERABILITY

DupScout Enterprise 10.0.18 'sid' Buffer Overflow


Author picture

Andres Roldan


  • Code name: prine
  • Product: DupScout Enterprise
  • Release date: 2020-12-15 14:00 COT
  • CVE ID(s): CVE-2020-29659

For more information, you can read our Disclosure Policy