SonicALERT
Search

Sonicwall Signatures

 

  All Categories


Category: WEB-ATTACKS

Web-Attacks Category Description

This SonicWALL IPS signature category consists of a group of signatures that can detect and prevent attacks targeted at servers through standard internet ports. This category contains three main groups of attacks.

The first are web application attacks that attempt to input commands directly into the application, hoping that the application fails to verify the source of the input. On very badly written applications, this type of attack can allow attackers to change file permissions on a server, steal passwords, or execute arbitrary scripts. While dangerous, the chance of such an attack succeeding is low. Signatures in this group range from low- to high-priority.

The second type of attack involves usage of the PUT and DELETE requests that are part of the HTTP standard. These commands allow users to add or delete files on a server, and can be a security threat if the server is configured to handle these requests and has no way to verify their source. Most servers, however, are configured by default to ignore these requests, so these signatures are set only to detect such traffic. If a server is not meant to allow users to upload or edit content but administrators notice a large number of PUT or DELETE HTTP requests, they can consider enabling the signatures for prevention becaue there is a good chance that attackers are attempting to vandalise their server.

The final type of attack allows attackers to bypass authentication routines for certain web applications. For example, the Axis Network Camera has an authentication routine for users who wish to remotely access the camera. Attackers can gain access to the camera by slightly modifying the URL request that they enter into their browser, bypassing the security system. These attacks are classified as medium priority threats.

  Proxy-Pro Professional GateKeeper Buffer Overflow
  Apache Struts 2 Jakarta Remote Code Execution (S2-045) 2
  Apache Struts 2 Jakarta Remote Code Execution (S2-045) 1
  Microsoft Exchange Server SSRF (CVE-2022-41040)
  Spring Framework Remote Code Execution (Spring4Shell) IOC
  Apache Struts 2 Jakarta Remote Code Execution (S2-045) 3
  Spring Framework Remote Code Execution (Spring4Shell) 2
  Spring Framework Remote Code Execution (Spring4Shell) 1
  HPE Intelligent Management Center Remote Code Execution 7
  Windows HTTP.sys HTTP/2 Server DoS (AUG 19) 2
  Webmin password_change.cgi Remote Command Injection 1
  Webmin password_change.cgi Remote Command Injection 2
  HPE Intelligent Management Center Remote Code Execution 8
  Windows HTTP.sys HTTP/2 Server DoS (AUG 19) 3
  HPE Intelligent Management Center Remote Code Execution 9
  Windows HTTP.sys HTTP/2 Server DoS (AUG 19) 4
  HPE Intelligent Management Center Remote Code Execution 10
  Microsoft SharePoint Remote Code Execution (SEP 19) 1
  Windows HTTP.sys HTTP/2 Server DoS (AUG 19) 5
  Atlassian Confluence Server Information Disclosure
  HTTP Request with Malformed Connection Header 4
  Pulse Connect Secure diag.cgi Command Injection
  Squid Digest Authentication DoS
  Jenkins plugin Pipeline Groovy Sandbox Bypass 1
  Jenkins plugin Pipeline Groovy Sandbox Bypass 2
  HPE Intelligent Management Center Remote Code Execution 11
  Pulse Connect Secure Information Disclosure
  Harbor Project user API Privilege Escalation
  Jenkins plugin Git Client Remote Command Execution
  Apache Traffic Server HTTP/2 SETTINGS DoS
  Pulse Connect Secure Buffer Overflow 1
  Pulse Connect Secure Buffer Overflow 2
  HPE Intelligent Management Center Insecure Deserialization 6
  HPE Intelligent Management Center Insecure Deserialization 7
  Apache Solr DataImportHandler Remote Code Execution 1
  Apache Solr DataImportHandler Remote Code Execution 2
  vBulletin widgetConfig Remote Command Execution
  HPE Intelligent Management Center Insecure Deserialization 8
  YouPHPTube checkConfiguration.php Remote Code Execution
  Apache Struts OGNL Wildcard Remote Code Execution 6
  Wavelink Emulation License Server Buffer Overflow 3
  WiKID 2FA Enterprise Server searchDevices.jsp SQL Injection 1
  Web Application SQL Injection (CREATE TABLE) 5
  Apache Struts OGNL Wildcard Remote Code Execution 7
  Visual Mining NetCharts Directory Traversal 3
  WiKID 2FA Enterprise Server processPref.jsp SQL Injection -hl
  YouPHPTube Encoder Command Injection 1
  ThinkPHP Remote Code Execution 4
  ThinkPHP Remote Code Execution 5
  Cisco FireSIGHT Management Center DoS
  Apache Struts OGNL Wildcard Remote Code Execution 8
  Apache Solr DataImportHandler Remote Code Execution 3
  Apache Solr VelocityResponseWriter Remote Code Execution
  Elastic Kibana Timelion Remote Command Execution
  Envoy Proxy HTTP Headers DoS 1
  Envoy Proxy HTTP Headers DoS 2
  rConfig search.crud.php Remote Command Execution
  rConfig ajaxServerSettingsChk.php Remote Command Execution
  YouPHPTube Encoder Command Injection 3
  Web Application Cross-Site Scripting (XSS) 63 -hl
  WiKID 2FA Enterprise Server Log.jsp SQL Injection -hl
  Squid Nonce Token Information Disclosure
  rConfig devices.php SQL Injection -hl
  Bludit upload-images.php Arbitrary File Creation
  Samsung Security Manager ActiveMQ Broker Arbitrary File Deletion
  Adobe ColdFusion Arbitrary File Creation 1
  Trend Micro OfficeScan cgiRecvFile Directory Traversal 1 -hl
  WiKID 2FA Enterprise Server XSS 1
  WiKID 2FA Enterprise Server XSS 2
  WiKID 2FA Enterprise Server XSS 3
  Web Application Remote Code Execution 82
  Microsoft SharePoint Remote Code Execution (FEB 19)
  Oracle E-Business Suite General Ledger SQL Injection
  Nostromo nhttpd DoS
  WiKID 2FA Enterprise Server XSS 4
  Oracle E-Business Suite Messages SQL Injection
  OpenEMR Scanned Forms Command Injection
  ELOG NULL Pointer Dereference 1
  ELOG NULL Pointer Dereference 2
  ELOG NULL Pointer Dereference 3
  Microsoft SharePoint Information Disclosure (NOV 19) 1
  Microsoft SharePoint Information Disclosure (NOV 19) 2
  Web Application Directory Traversal 16 -c2
  Microsoft SharePoint XSS (OCT 19)
  Oracle Fusion Middleware ADF Insecure Deserialization
  rConfig ajaxArchiveFiles.php Command Injection 1
  rConfig ajaxArchiveFiles.php Command Injection 2
  ELOG Password Hash Disclosure 1
  ELOG Password Hash Disclosure 2
  Web Application Cross-Site Scripting (XSS) 64
  Pivotal RabbitMQ X-Reason Header DoS
  Cisco Data Center Network Manager Authentication Bypass
  Jenkins plugin Gitlab Hook XSS
  Cisco Data Center Network Manager Authentication Bypass 2
  Linear eMerge E3-Series Command Injection
  Oracle E-Business Suite Hierarchy Diagrammers SQL Injection
  Gila CMS Directory Traversal
  ELOG NULL Pointer Dereference 4
  ELOG NULL Pointer Dereference 5
  Apache OFBiz Insecure Deserialization 1
  Apache OFBiz Insecure Deserialization 2
  Cisco Data Center Network Manager Directory Traversal
  Gila CMS Directory Traversal 2
  HPE Intelligent Management Center Remote Code Execution 12
  WordPress GDPR Cookie Consent XSS
  Cisco Data Center Network Manager Directory Traversal 2 -hl
  Cisco Data Center Network Manager Directory Traversal 3 -hl
  Apache Tomcat AJP Local File Inclusion
  Web Application SQL Injection (CREATE TABLE) 6
  Web Application SQL Injection (DELETE FROM) 5
  Web Application SQL Injection (DROP TABLE) 5
  Web Application SQL Injection (SELECT FROM) 5
  Cisco Data Center Network Manager Command Injection 2
  Web Application SQL Injection (INSERT INTO) 7
  Web Application SQL Injection (UPDATE SET) 5
  Web Application Cross-Site Scripting (XSS) 59 -c2
  Web Application Cross-Site Scripting (XSS) 65
  Web Application SQL Injection (CREATE TABLE) 1 -c4
  Web Application SQL Injection (CREATE TABLE) 3 -c3
  Cisco Data Center Network Manager Command Injection
  WiKID 2FA Enterprise Server searchDevices.jsp SQL Injection 2
  Microsoft SharePoint XSS (CVE-2020-0693) 1
  Microsoft SharePoint XSS (CVE-2020-0693) 2
  WordPress plugin 10Web Photo Gallery XSS
  Cisco Data Center Network Manager Directory Traversal 4
  Cisco Data Center Network Manager Directory Traversal 5
  HPE Intelligent Management Center Remote Code Execution 13
  Web Application Cross-Site Scripting (XSS) 65 -c2
  Web Application Remote Code Execution 84 -c2
  Centreon internal.php Command Injection
  Web Application Remote Code Execution 86
  Web Application Remote Code Execution 86 -c2
  rConfig ajaxAddTemplate.php Command Injection 1
  rConfig ajaxAddTemplate.php Command Injection 2
  ManageEngine Desktop Central Insecure Deserialization
  rConfig commands.inc.php SQL Injection
  Microsoft Exchange Server Memory Corruption (CVE-2020-0688) 1
  Microsoft Exchange Server Memory Corruption (CVE-2020-0688) 2
  CODESYS Runtime Web Server Buffer Overflow 1
  CODESYS Runtime Web Server Buffer Overflow 2
  Nagios Log Server update_profile XSS
  Apache ShardingSphere SnakeYAML Insecure Deserialization
  WordPress plugin Rank Math SEO Privilege Escalation
  dotCMS assets Directory Traversal 1
  dotCMS assets Directory Traversal 2
  dotCMS assets Directory Traversal 3
  Trend Micro Apex One Directory Traversal
  Web Application SQL Injection (CREATE TABLE) 7 -c2
  Oracle E-Business Suite Human Resources SQL Injection 1
  Nagios XI ldap_ad_integration XSS
  Oracle E-Business Suite Human Resources SQL Injection 2
  Sonatype Nexus Repository XSS
  Cisco SD-WAN Solution vManage SQL Injection
  Web Application Malformed Request URI 25
  Cisco UCS Director Directory Traversal 1
  Cisco UCS Director Directory Traversal 2
  Oracle Business Intelligence Enterprise Insecure Deserialization 1
  Cisco UCS Director Directory Traversal 3
  Nagios XI export-rrd.php Remote Command Execution 1
  Nagios XI export-rrd.php Remote Command Execution 2
  Telerik UI Arbitrary File Creation
  Web Application Suspicious File Upload 2 -c3
  Liferay Portal JSON Web Service Insecure Deserialization
  Opmantek Open-AudIT Remote Command Injection 1
  Web Application Remote Code Execution 75 -c2
  Cisco Data Center Network Manager SQL Injection 1 -hl
  ssh_host_rsa_key Access
  WordPress plugin Calculated Fields Form XSS
  Gila CMS Arbitrary File Creation
  OpenMRS sessionLocation XSS
  Sonatype Nexus Repository Remote Command Injection
  Web Application Suspicious File Upload 7
  Web Application Malformed Request URI 19
  Oracle E-Business Suite Calendar XSS
  PHP-Fusion banners.php XSS
  Oracle E-Business Suite User Interface XSS
  Apache Kylin REST API Command Injection 1
  Apache Kylin REST API Command Injection 2
  Apache Kylin REST API Command Injection 3
  JetBrains TeamCity Authentication Bypass 4
  WordPress plugin Photo Gallery SQL Injection 1
  Cisco Data Center Network Manager Directory Traversal 6
  Ignition Gateway Insecure Deserialization
  Cisco Data Center Network Manager Directory Traversal 7
  HPE Intelligent Management Center Remote Code Execution 14
  ManageEngine Desktop Central Arbitrary File Creation 2
  HPE Intelligent Management Center Remote Code Execution 15
  Microsoft SharePoint Remote Code Execution (CVE-2020-1181) 1
  Microsoft SharePoint Remote Code Execution (CVE-2020-1181) 2
  Fortinet SSL VPN Web Portal Directory Traversal
  Zimbra Collaboration Suite XXE Injection
  SAP NetWeaver AS Java Directory Traversal 1
  Cisco Data Center Network Manager SQL Injection 2
  Draytek Vigor Remote Code Execution
  NEC ESMPRO Manager Directory Traversal
  rConfig devicemgmnt.php XSS
  ManageEngine ADSelfService NTLM Hash Disclosure 1
  Opmantek Open-AudIT Remote Command Injection 2
  Apache Kylin REST API Command Injection 4
  Apache Kylin REST API Command Injection 5
  Cisco UCS Director Directory Traversal 5
  Cisco UCS Director Directory Traversal 6
  Citrix Products Authentication Bypass 1
  Citrix Products Authentication Bypass 2
  HPE Intelligent Management Center Remote Code Execution 16
  Apache Tomcat WebSocket DoS
  Cisco UCS Director Directory Traversal 7
  GitLab Branch Name XSS
  Veeam ONE Reporter_ImportLicense XXE Injection
  Citrix Products Information Disclosure
  JetBrains TeamCity Path Traversal
  Cisco UCS Director Directory Traversal 8
  Cisco UCS Director Directory Traversal 9
  OCS Inventory NG Remote Command Execution
  IBM Spectrum Protect Plus Remote Code Execution 1 -hl
  Apache OFBiz XML-RPC Insecure Deserialization 1
  Apache OFBiz XML-RPC Insecure Deserialization 2
  Artica Proxy Command Injection
  IBM Spectrum Protect Plus Remote Code Execution 2
  IBM Spectrum Protect Plus Remote Code Execution 3
  rConfig configDevice.php XSS -hl
  Apache Struts 2 File Upload DoS 1
  Apache Struts 2 File Upload DoS 2
  Apache Struts OGNL Double Evaluation Remote Code Execution 1
  Apache Struts OGNL Double Evaluation Remote Code Execution 2
  Jenkins plugin Amazon EC2 CSRF
  Nagios XI Remote Command Execution 3
  Artica Proxy fw.progrss.details.php Directory Traversal
  IBM Spectrum Protect Plus Command Injection 1
  ManageEngine Applications Manager Arbitrary File Creation
  vBulletin widget_tabbedContainer_tab_panel Remote Command Execution
  Pulse Connect Secure Remote Code Execution
  rConfig vendors.crud.php Remote Code Execution
  Microsoft Exchange Server Remote Code Execution (CVE-2020-16875)
  Microsoft .NET Framework Remote Code Execution (CVE-2020-0646)
  Jenkins plugin CVS CSRF
  NEC ExpressCluster XXE Injection
  Veeam ONE SSRSReport XXE Injection 1
  Veeam ONE SSRSReport XXE Injection 2
  Apache httpd Cache-Digest Header DoS 1
  Apache httpd Cache-Digest Header DoS 2
  Micro Focus Secure Messaging Gateway Command Injection
  HAProxy HPACK Decoder Remote Code Execution 1
  HAProxy HPACK Decoder Remote Code Execution 2
  Apache SkyWalking ALARM_MESSAGE SQL Injection 1
  Apache SkyWalking ALARM_MESSAGE SQL Injection 2
  IBM Spectrum Protect Plus Command Injection 2
  IBM Spectrum Protect Plus Command Injection 3
  Oracle E-Business Suite Unrestricted File Upload 1
  Oracle E-Business Suite Unrestricted File Upload 2
  Oracle E-Business Suite Unrestricted File Upload 3
  Oracle E-Business Suite Unrestricted File Upload 4
  SolarView Compact Command Injection
  Apache Kafka Connect SASL JAAS Insecure Deserialization
  Microsoft Exchange Server OWA RCE (CVE-2022-41080)
  IBM Aspera Faspex RCE
  Microsoft Exchange Server Remote Code Execution (CVE-2023-21706)
  Froxlor Arbitrary File Write
  Froxlor Remote Command Execution
  WordPress plugin FQuiz and Survey Master Arbitrary File Deletion
  pyLoad Code Injection
  Web Application Directory Traversal 33
  Magento Checkout Process Remote Code Execution
  OpenEMR MySQL Arbitrary File Read
  Icinga Web 2 Arbitrary File Read
  MinIO Sensitive Information Disclosure
  Adobe ColdFusion Insecure Deserialization
  Cacti remote_agent Command Injection 2
  Zimbra Collaboration launchNewWindow Component XSS
  Zimbra Collaboration launchNewWindow Component XSS 2
  Adobe ColdFusion Remote Code Execution 2
  Adobe ColdFusion Remote Code Execution 3
  PaperCut NG Authentication Bypass
  ForgeRock Access Management Path Traversal
  ManageEngine Desktop Central Authentication Bypass
  ManageEngine Desktop Central Authentication Bypass 2
  Oracle WebLogic Server Remote Code Execution 7
  Oracle WebLogic Server Remote Code Execution 8
  Oracle Opera 5 Unrestricted File Upload
  CPanel Cpsrvd Error Page XSS
  CPanel Cpsrvd Error Page XSS 2
  Embedded JavaScript Templates Server-Side Templates Injection
  Apache httpd mod_proxy HTTP Request Smuggling
  Wordpress plugin Beautiful Cookie Consent Banner XSS
  Progress MOVEit SQLi IOC Activity
  Progress MOVEit SQLi IOC Activity 2
  Progress MOVEit SQLi IOC Activity 3
  Progress MOVEit SQL Injection 1
  Apache RocketMQ Remote Code Execution
  VMware Aria Operations for Networks Command Injection
  WordPress plugin File Manager Advanced Unrestricted File Upload
  WordPress plugin File Manager Advanced Unrestricted File Upload 2
  WordPress plugin WooCommerce Payments Privilege Escalation
  Adobe ColdFusion Access Control Bypass 1
  Adobe ColdFusion Access Control Bypass 2
  Adobe ColdFusion Access Control Bypass 3
  Adobe ColdFusion Access Control Bypass 4
  NetScaler ADC/Gateway RCE 2
  NetScaler ADC/Gateway Buffer Overflow
  Arcserve UDP Authentication Bypass 1
  Arcserve UDP Authentication Bypass 2
  Zimbra Collaboration Web Client XSS
  VMware Workspace ONE Insecure Deserailization
  Adobe ColdFusion Insecure Deserialization 6
  Avaya Aura Device Arbitrary File Upload
  Citrix ShareFile Directory Traversal 3
  Ivanti MobileIron Sentry Authentication Bypass
  XWiki Platform Command Injection
  NetScaler ADC/Gateway RCE 3
  phpPgAdmin Insecure Deserialization
  Elasticsearch search API Stack Buffer Overflow
  LG Simple Editor deleteFolder Directory Traversal
  JetBrains TeamCity Authentication Bypass
  GitLab CE/EE Web IDE Stored XSS
  RichFaces Framework Expression Language Injection
  Atlassian Confluence Server Privilege Escalation 1
  HTTP/2 Rapid Reset DoS
  ManageEngine ADManager Plus Command Injection
  CasaOS Authentication Bypass 1
  CasaOS Authentication Bypass 2
  Qlik Sense Enterprise Path Traversal
  Qlik Sense Enterprise HTTP Request Smuggling 1
  Atlassian Confluence Server Improper Authorization 1
  Splunk Enterprise XML Injection
  CrushFTP Enterprise Suite Authentication Bypass
  CrushFTP Enterprise Suite Privilege Escalation 1
  CrushFTP Enterprise Suite Privilege Escalation 2
  Qlik Sense Enterprise HTTP Request Smuggling 2
  Apache OFBiz Authentication Bypass
  Apache OFBiz Authentication Bypass 2
  Cacti Local File Inclusion 1
  Cacti Local File Inclusion 2
  ManageEngine OpManager Path Traversal
  XWiki User Registration RCE
  Apache Solr Arbitrary Config File Upload
  Apache Solr Arbitrary Config File Upload 2
  Apache Solr Arbitrary Config File Upload 3
  Apache Solr Arbitrary Config File Upload 4
  JetBrains TeamCity Path Traversal 2
  JetBrains TeamCity Path Traversal 3
  JetBrains TeamCity Path Traversal 4
  JetBrains TeamCity Authentication Bypass 2
  JetBrains TeamCity Authentication Bypass 3
  Fortra FileCatalyst Path Traversal
  Citrix Session Recording Insecure Deserialization
  SolarWinds Security Event Manager AMF Insecure Deserialization
  Cisco Jabber Remote Code Execution
  CMS Made Simple module import Remote Code Execution
  CMS Made Simple File Manager Remote Code Execution
  QNAP Qcenter Virtual Appliance Command Injection 1
  SoftNAS Cloud recentVersion Remote Command Execution
  QNAP Qcenter Virtual Appliance Password Manipulation
  QNAP Qcenter Virtual Appliance Command injection 2
  QNAP Qcenter Virtual Appliance Command injection 3
  QNAP Qcenter Virtual Appliance Command injection 4
  Dolibarr ERP CRM SQL Injection 2
  WordPress plugin The Events Calendar XSS
  Gitlist Remote Code Execution 1
  Nagios XI CCM Authentication Bypass
  Nagios XI Remote Command Execution 4
  Nagios XI Privilege Escalation
  Pimcore REST API SQL Injection
  Western Bridge Cobub Razor SQL Injection
  Schneider Electric U.motion Builder Command Injection
  SearchBlox UserServlet Cross-Site Request Forgery
  PyScript PyscriptJs Source Code Disclosure
  Fortify Software Security Center XXE Injection
  ntopng Deterministic Session ID Privilege Escalation
  DenyAll WAF Remote Code Execution
  Ektron CMS activateuser.aspx Access
  Plex Media Server SSDP XXE Injection
  Enalean Tuleap tracker SQL Injection
  Easy File Sharing Web Server forum.ghp Buffer Overflow
  TextPattern CMS qty SQL Injection
  GitLab Project Import Command Injection 2
  Joomla! Backup File Download
  Joomla! Jtag Members Directory extension Information Disclosure
  CAYIN CMS Remote Command Injection 1
  CAYIN CMS Remote Command Injection 2
  Joomla! JS Support Ticket extension CSRF
  Joomla! AllVideos Reloaded extension SQL Injection
  Easy Car Script SQL Injection
  RAVPower Filehub Arbitrary File Creation
  Pi-hole Web Remote Code Execution
  Anuko Time Tracker Puncher Plugin SQLi
  Joomla! LiveCRM SaaS Cloud extension SQL Injection
  Joomla! Smart Shoutbox extension SQL Injection
  Joomla! JGive extension SQL Injection
  Apache Unomi Expression Language Injection 2
  MailCleaner Remote Command Execution
  Vendure Asset Server Plugin Path Traversal
  Webmin update.cgi Remote Command Execution
  Nagios XI profile Remote Command Execution
  Total.js CMS Remote Command Execution
  Cisco Data Center Network Manager Remote Code Execution
  Apache Solr Velocity Template Remote Code Execution
  Oracle JDeveloper Insecure Deserialization 2
  Tautulli shutdown CSRF
  WordPress plugin Ninja Forms XSS
  WordPress plugin GDPR Compliance Remote Code Execution
  ProjeQtOr Management Tool Remote Code Execution
  WordPress plugin Download Manager Information Disclosure
  SugarCRM FlashCanvas XSS
  IBM Identity Governance and Intelligence SQL Injection
  WordPress plugin Booking Calendar SQL Injection 2
  MyBB Visual Editor XSS
  WordPress plugin Wechat Broadcast Directory Traversal
  ES File Explore Command Injection
  Horde Groupware Webmail Auth Arbitrary File Upload
  Citrix XenMobile Server XXE Injection
  Claymore Dual Miner Remote Code Execution
  Moodle Evil Teacher Remote Code Execution
  Moodle Evil Teacher Remote Code Execution 2
  GreenCMS Remote Code Execution
  MODX Revolution Remote Code Execution
  Gitlist Remote Code Execution 2
  WUZHI CMS Password Manipulation
  WordPress plugin Pie Register SQL Injection
  Schools Alert Management Script Arbitrary File Deletion
  KRAMER VIAware RCE
  Responsive FileManager Directory Traversal
  Nagios XI autodiscover_new.php Privilege Escalation
  WordPress plugin Plainview Activity Monitor Remote Code Execution
  WordPress plugin Duplicator Remote Code Execution
  Navigate CMS Directory Traversal
  Navigate CMS SQL Injection
  IBM Operational Decision Management XXE Injection 1
  IBM Operational Decision Management XXE Injection 2
  Trend Micro Email Encryption Gateway SQL Injection 1
  Trend Micro Email Encryption Gateway SQL Injection 2
  Twonky Media Server Directory Traversal 1
  Twonky Media Server Directory Traversal 2
  Sitecore.Net Directory Traversal
  Apache Superset Remote Code Execution
  Datalust Seq Authentication Bypass
  Webmin Install Package Remote Command Execution
  DotNetNuke DNNArticle Module Information Disclosure
  CyberArk Password Vault Web Access Remote Code Execution
  Joomla! Social Factory extension SQL Injection
  OctoBot WebInterface Add Package RCE
  Badaso API Builder RCE
  Maian-Cart Remote Code Execution
  Django Unicorn Cross-Site Scripting
  ManageEngine ServiceDesk Plus Arbitrary File Creation
  Integard Pro NoJs Buffer Overflow 1
  Integard Pro NoJs Buffer Overflow 2
  Symantec Messaging Gateway RCE
  CodoForum Unrestricted File Upload
  WordPress plugin WPS Hide Login Security Feature Bypass
  SolarWinds Orion Patch Manager Insecure Deserialization 5
  Pandora FMS Remote Command Execution 1
  Pandora FMS Remote Command Execution 2
  Pandora FMS Arbitrary File Upload 1
  Pandora FMS Arbitrary File Upload 2
  SAP Business Objects Intelligence XXE Injection
  Pandora FMS Arbitrary File Upload 4
  Pydio Cells Remote Code Execution
  HP OpenView NNM nnmRptConfig.exe Format String Attack
  SAP Crystal Reports Directory Traversal
  ManageEngine ADSelfService NTLM Hash Disclosure 2
  ZeroShell Remote Command Execution 2
  ZeroShell Remote Command Execution 3
  NetScaler ADC/Gateway Directory Traversal
  Grav CMS Command Injection
  Mitel MiVoice Connect RCE
  Atlassian Confluence Server Default Account Login
  Zimbra Collaboration mboximport RCE IOC 1
  Zimbra Collaboration mboximport RCE IOC 2
  Zimbra Collaboration mboximport RCE IOC 3
  GitHub Pages Build Pipeline Command Injection
  Eclipse Jetty ConcatServlet Double Decoding Information Disclosure
  pfSense pfBlockerNG Plugin Command Injection
  Ivanti Avalanche File Upload Path Traversal 1
  Ivanti Avalanche File Upload Path Traversal 2
  WordPress plugin WPGateway Privilege Escalation
  Atlassian Bitbucket Server Multiple API Command Injection
  UniSharp Laravel File Manager Path Traversal
  fluent-bit Memory Corruption 2
  Intel Data Center Manager RCE
  Cacti remote_agent Command Injection
  Roxy-WI Remote Code Execution
  Spring Boot SpEL RCE
  Linear eMerge E3 Series SQLi
  SugarCRM Arbitrary File Upload
  Atlassian Jira Seraph WBS Gantt-Chart Addon Authentication Bypass
  Atlassian Jira Seraph WBS Gantt-Chart Addon Authentication Bypass 2
  Atlassian Jira Seraph Authentication Bypass
  JetBrains TeamCity User Creation XSS
  Microsoft SharePoint Security Feature Bypass (MS08-077)
  Oracle Secure Backup Authentication Bypass
  Gallery Photo Album Package Remote File Inclusion
  NginxProxyManager requestLetsEncryptSsl RCE
  phpBB viewtopic.php Remote Code Execution
  vBulletin misc.php Remote Code Execution
  WebCalendar Remote Code Execution
  Optergy Proton Backdoor RCE
  WordPress plugin Quick Post Widget XSS
  Microsoft IIS Security Feature Bypass
  Moodle texed.php Remote Command Execution
  Moodle setings.php Remote Command Execution
  Family Connections Remote Command Execution
  op5 Monitor Command Injection 1
  Snortreport nmap.php Remote Command Execution
  Basilic diff.php Command Injection
  PolarPearCms Remote Code Execution
  Piwigo install.php Directory Traversal
  WebUI mainfile.php Command Injection 2
  YouPHPTube Encoder Command Injection 2
  YouPHPTube Encoder Command Injection 4
  CakePHP _validatePost Function Remote Code Execution
  wkhtmlTOpdf Server Side Request Forgery
  WordPress plugin Popular Posts Arbitrary File Upload
  ImpressCMS SQL Injection 2
  Web Application SQL Injection (CREATE TABLE) 2 -c4 -hl
  Composr CMS Arbitrary File Deletion
  IBAX go-ibax SQL Injection
  Xunrui CMS Information Disclosure
  BoxBilling Arbitrary File Upload
  Sjqzhang go-fastdfs Path Traversal
  Progress WS_FTP Server XSS
  ManageEngine multiple products ImageUploadServlet DoS 2
  ManageEngine multiple products ImageUploadServlet DoS 3
  ManageEngine multiple products ImageUploadServlet DoS 4
  ManageEngine multiple products ImageUploadServlet DoS 5
  ManageEngine multiple products ImageUploadServlet DoS 6
  ManageEngine multiple products ImageUploadServlet DoS 7
  ManageEngine multiple products ImageUploadServlet DoS 8
  Dynamic Transaction Queuing System Arbitrary File Upload
  GitLab Arbitrary File Upload
  EyesOfNetwork Elevation of Privilege
  VMware ESXi OpenSLP Use-After-Free
  WordPress plugin Snap Creek Duplicator Directory Traversal
  Kaseya VSA ManagedITSync RCE
  Kaseya VSA ManagedITSync SQLi
  Kaseya VSA ManagedITSync SQLi 2
  Pulse Connect Secure Authentication Bypass
  ECShop user.php SQL Injection
  Sitecore XP 7.5 Insecure Deserialization
  NetScaler SD-WAN RCE 1
  NetScaler SD-WAN RCE 2
  Oracle Fusion Middleware BI Publisher XXE
  LG N1A1 NAS Remote Command Execution
  LG N1A1 NAS Remote Command Execution 2
  LG N1A1 NAS Remote Command Execution 3
  Oracle Business Intelligence Path Traversal
  GitLab Arbitrary File Upload 2
  Aviatrix Controller Path Traversal
  Microsoft Exchange Server Elevation of Privilege (CVE-2018-8581)
  Apache Struts ActionForm DoS
  SAP NetWeaver Detour Authentication Bypass
  Fuel CMS SQL Injection
  Fuel CMS SQL Injection 2
  Fuel CMS SQL Injection 3
  Apache Tomcat Manager Unauthorized Access
  pgAdmin Import Servers Directory Traversal 2
  pgAdmin Import Servers Directory Traversal 3
  pgAdmin Import Servers Directory Traversal 4
  pgAdmin Import Servers Directory Traversal 5
  pgAdmin Import Servers Directory Traversal 6
  pgAdmin Import Servers Directory Traversal 7
  Froxlor Arbitrary File Creation 2
  PhpTax Remote Command Execution
  php-xmlrpc Remote Code Execution
  VMware Aria Operations for Logs Insecure Deserialization 2
  VMware Aria Operations for Logs Insecure Deserialization 3
  Adobe ColdFusion Information Disclosure
  Pulse Connect Secure Command Injection
  Adobe Multiple Products XXE Injection
  Adobe Multiple Products XXE Injection 2
  pgAdmin Import Servers Directory Traversal 8
  WordPress plugin Advanced Custom Fields XSS 1
  SourceCodester Judging Management System SQLi
  ThinkPHP Remote Code Execution 2
  Hitachi Vantara Pentaho Command Injection
  Hitachi Vantara Pentaho Authentication Bypass
  Yachtcontrol Command Injection
  Thomson Reuters Velocity Analytics RCE
  Centreon updateGroups SQL Injection
  LibreNMS bills Stored XSS
  SourceCodester Online Exam System SQLi
  SourceCodester Online Exam System SQLi 2
  Sar2HTML Remote Command Execution
  Squid strListGetItem Function DoS
  Sourcecodester OCL Store Unrestricted File Upload
  Sourcecodester Pharmacy Management System SQLi
  WordPress plugin DZS Video Gallery Information Disclosure
  WordPress plugin page-flip-image-gallery Arbitrary File Overwrite
  WordPress plugin Tinymce Thumbnail Gallery Directory Traversal
  WordPress plugin MailPoet Newsletters Arbitrary File Overwrite
  SourceCodester Pizza Ordering System Arbitrary File Upload
  SoftExpert Excellence Suite RCE
  KodExplorer Arbitrary File Upload
  Ellucian Ethos Identity XSS
  Piwigo SQL Injection
  Piwigo SQL Injection 2
  Code-projects Bus Dispatch and Information System SQLi
  Camaleon CMS Server-Side Template Injection
  Pluck CMS Unrestricted File Upload 2
  WordPress plugin MStore API Authentication Bypass
  GeoServer SQL Injection
  Accellion File Transfer Appliance SQLi 2
  Jenkins plugin Sidebar Link Directory Traversal 2
  HP OpenView NNM OvWebHelp.exe Heap Buffer Overflow
  HP OpenView NNM Toolbar.exe Buffer Overflow 1
  HP OpenView NNM ovalarm.exe Buffer Overflow
  HP OpenView NNM Toolbar.exe Buffer Overflow 2
  HP OpenView NNM ovwebsnmpsrv.exe Buffer Overflow
  Progress MOVEit SQL Injection 1 -c2
  GitLab Public Project Directory Traversal 2
  ManageEngine ADSelfService Plus DoS
  Evasys Logbuch SQL Injection
  Oracle GlassFish Server Authentication Bypass
  Chamilo LMS Command Injection
  Progress MOVEit SQL Injection 2
  Progress MOVEit SQL Injection 3
  JEECG P3 Biz Chat LFI
  JEECG Boot SQL Injection
  Thruk Monitoring Path Traversal
  WordPress plugin The Slimstat Analytics SQLi
  Dolibarr ERP Sensitive Data Exposure
  Apache Struts 2 REST Plugin Insecure Deserialization
  GitLab CE/EE User Profile XSS
  Roundcube Webmail RCE
  Roundcube Webmail RCE 2
  Roundcube Webmail RCE 3
  Roundcube Webmail RCE 4
  Parse Server Prototype Pollution RCE 2
  Onlyoffice Community Server Path Traversal
  SPIP Remote Code Execution
  NGINX ngx_http_parse_chunked Function Buffer Overflow
  GitLab Merge Request Stored XSS
  WordPress plugin File Manager Advanced Unrestricted File Upload 3
  Oracle Java System Web Server DoS
  OpenEMR Cross-Site Scripting
  Microsoft IIS WebDAV Message Handler DoS (MS04-030)
  ManageEngine Desktop Central RCE
  Codextrous B2J Contact Path Traversal
  HPE System Management Homepage XSS
  HPE Intelligent Management Center PLAT Remote Code Execution
  ImpressCMS SQL Injection 1
  Lansweeper HelpdeskSetupActions SQL Injection 2
  Trend Micro Smart Protection Server Cron Job RCE
  Trend Micro Smart Protection Server LFI
  OpenDreambox Command Parameter RCE
  Kaltura Hardcoded Cookie Secret RCE
  Virtua Cobranca SQLi
  Sourcegraph Gitserver Remote Code Execution
  KRAMER VIAware Unrestricted File Upload
  Interspire Email Marketer Authentication Bypass
  Joomla! LDAP Authentication extension Information Disclosure
  ManageEngine ADManager Plus Proxy Settings Command Injection 3
  WordPress plugin CM Download Manager Command Injection
  Teleport 9.3.6 Command Injection
  Trend Micro InterScan Messaging Security Command Injection
  DNATools dnaLIMS Remote Command Execution
  WordPress plugin Perfect Survey SQLi
  PlaySMS import.php Code Injection
  Online Diagnostic Lab Management System SQL Injection
  Parse Server Prototype Pollution RCE 3
  Claymore Dual Miner Buffer Overflow
  WordPress plugin The Simple File List LFI
  WordPress plugin WPCargo Arbitrary File Upload
  Accellion File Transfer Appliance CRLF Injection
  Tenable Appliance simpleupload.py Command Injection
  Accellion File Transfer Appliance RCE
  Accellion File Transfer Appliance SQLi
  Accellion File Transfer Appliance SSRF
  OpenDaylight AAA Component SQLi 1
  OpenDaylight AAA Component SQLi 2
  Chamilo LMS Remote Command Execution
  Open Web Analytics RCE
  C-DATA Web Management System Command Injection
  Quarkus Dev UI Config Editor Drive-by Localhost
  Quarkus Dev UI Config Editor Drive-by Localhost 2
  Linear eMerge E3-Series Command Injection 2
  Studio-42 elFinder connector.minimal.php Directory Traversal 2
  FlatPress Arbitrary File Upload
  FlatPress Arbitrary File Upload 2
  OpenEMR Arbitrary File Upload 3
  FeehiCMS Arbitrary File Upload
  ZK Framework Sensitive Data Exposure 1
  ZK Framework Sensitive Data Exposure 2
  ZK Framework Sensitive Data Exposure 3
  Liferay Portal CE Insecure Deserialization
  LinuxKI Remote Code Execution
  SAP NetWeaver UDDI Server SQLi
  JasperReports Path Traversal 2
  Sage XRT Business Exchange XSS
  GitLab GitHub API Remote Code Execution 2 -c2
  WordPress plugin LetsRecover SQLi
  Rocket TRUfusion Enterprise SSRF
  daloRADIUS Mail Settings RCE
  Control Web Panel 7 RCE
  VMware vCenter Server SSRF
  VMware vCenter Server Arbitrary File Read
  WordPress plugin WooCommerce SQLi
  Trend Micro Control Manager sCloudService SQL Injection
  ManageEngine multiple products xmlsec Remote Code Execution 3
  Fortra GoAnywhere Command Injection 3
  Pharmacy Management System Arbitrary File Upload
  Openfire Admin Console Directory Traversal
  WordPress plugin Paid Memberships Pro SQL Injection
  Mitel AWC Remote Command Execution
  Multiple DVR Devices Information Disclosure
  Sourcecodester Class and Exam Timetabling System SQLi
  BOA Web Server Arbitrary File Read
  Teampass Password Manager External Control Of File
  lighttpd Connection Header DoS 2
  GitLab Label Color XSS 2
  XWiki Commons documentTree Remote Code Execution 2
  Wordpress plugin Essential Addons Information Disclosure
  WordPress plugin User Profile Builder Arbitrary File Upload
  PhpIPAM SQL Injection 2
  MicroWorld eScan Remote Command Execution
  WanEm Remote Command Execution
  NodeBB socket.io Privilege Escalation 2
  OpenEMR ofc_upload_image.php Arbitrary File Overwrite
  Red Hat Piranha Virtual Server Remote Command Execution
  Red Hat JBoss Seam Remote Command Execution
  Carberp Remote Code Execution
  agent_win_helper.jar Access
  Akarru Social BookMarking main_content.php Remote File Inclusion
  HP OpenView NNM Remote Command Execution 1
  Apache Struts ParametersInterceptor Remote Code Execution 1
  IBM QRadar HTTP Request Smuggling
  JetBrains TeamCity Agent Distribution XSS
  Grav CMS addmedia Directory Traversal
  WordPress plugin Ultimate Member SQLi 3
  Micro Focus GroupWise Messenger Information Disclosure
  Centreon main.get.php SQL Injection 1
  Centreon main.get.php SQL Injection 2
  Centreon main.get.php SQL Injection 3
  Centreon main.get.php SQL Injection 4
  Centreon main.get.php SQL Injection 5
  Centreon main.get.php Command Injection 1
  Centreon main.get.php Command Injection 3
  Combodo iTop Arbitrary File Read
  HP Operations Agent Buffer Overflow 1
  HP Operations Agent Buffer Overflow 2
  HP Operations Agent Buffer Overflow 3
  HP Operations Agent Buffer Overflow 4
  XWiki Platform DatabaseSearch Code Injection
  Progress Kemp LoadMaster Command Injection 2
  Progress Kemp LoadMaster Command Injection 3
  Progress Kemp LoadMaster Command Injection 4
  Progress Kemp LoadMaster Command Injection 5
  LG LED Assistant Directory Traversal 6
  Apache httpd mod_md NULL Pointer Dereference 3
  JetBrains TeamCity Authentication Bypass 5
  WordPress Automatic Plugin SQL Injection
  LG LED Assistant Password Reset 2
  LG LED Assistant Password Reset 3
  Judge0 Sandbox Escape
  WordPress Core Avatar XSS 1
  PaperCut NG XSS
  WordPress plugin InstaWP Connect Arbitrary File Upload
  Varnish Cache HTTP2 DoS 1
  Varnish Cache HTTP2 DoS 2
  Varnish Cache HTTP2 DoS 3
  Varnish Cache HTTP2 DoS 4
  HSC Mailinspector Path Traversal
  HSC Mailinspector Path Traversal 2
  HSC Mailinspector SQL Injection
  WordPress Core Avatar XSS 2
  WordPress plugin WPvivid Backup Insecure Deserialization 2
  WordPress plugin WPvivid Backup Insecure Deserialization 3
  WordPress plugin LiteSpeed Cache XSS
  WordPress plugin LiteSpeed Cache XSS 2
  pgAdmin /settings/store API XSS
  Microsoft Exchange Server XamlImageInfo Insecure Deserialization
  Gradio Local File Inclusion
  Cacti cmd_realtime Command Injection
  WWBN AVideo systemRootPath RCE
  LG LED Assistant Directory Traversal 7
  LG LED Assistant Directory Traversal 8
  WordPress plugin BWL Advanced FAQ Manager SQL Injection
  Visitor Management System SQL Injection
  WordPress plugin Mailster Local File Inclusion
  Microsoft SharePoint Server Remote Code Execution (CVE-2024-30044) 1
  Microsoft SharePoint Server Remote Code Execution (CVE-2024-30044) 2
  Microsoft SharePoint Server Remote Code Execution (CVE-2024-30044) 3
  Spider-Flow saveFunction RCE
  WordPress plugin Forminator SQL Injection
  Allegra SiteConfigAction Improper Access Control
  Sonatype Nexus Repository Directory Traversal
  WordPress plugin rtMedia SQL Injection
  Progress Kemp LoadMaster Command Injection 6
  Apache HugeGraph Remote Command Execution
  Apache HugeGraph Remote Command Execution 2
  Apache HugeGraph Remote Command Execution 3
  Centreon main.get.php SQL Injection 6
  Centreon main.get.php SQL Injection 7
  Do-more Designer Simulator Arbitrary File Upload
  Multiple Sitecore Products Remote Code Execution
  Oracle WebLogic Server XMLDecoder RCE 4
  Oracle WebLogic Server XMLDecoder RCE 5
  Oracle WebLogic Server XMLDecoder RCE 6
  GitLab AbstractReferenceFilter XSS
  rejetto HFS SSTI 1
  LoLLMs WebUI Path Traversal
  LibreNMS Service Template XSS
  SearchBlox Information Disclosure
  Tinyproxy Connection Headers Use-After-Free 3
  HP OpenView NNM webappmon.exe Remote Code Execution
  Ivanti Avalanche adHocPackage Directory Traversal
  Microsoft SharePoint XSS (MS12-011) 1
  Microsoft SharePoint XSS (MS12-011) 2
  Micro Focus GroupWise Messenger NM_A_PARM1 Memory Corruption
  Gradio Local File Inclusion 2
  Gradio Path Traversal
  Gradio Server Side Request Forgery
  Cacti import_package Arbitrary File Overwrite 1
  Cacti import_package Arbitrary File Overwrite 2
  Ivanti EPM SQL Injection 2
  Cacti automation_get_new_graphs_sql SQL Injection
  rejetto HFS SSTI 2
  GitLab CE/EE FileFinder DoS
  Micro Focus GroupWise Messenger createsearch Memory Corruption
  Avaya CCR Arbitrary File Creation
  GeoServer JAI-EXT Remote Code Execution
  LibreNMS packages-search SQL Injection
  GeoServer OGC Remote Code Execution
  GeoServer OGC Remote Code Execution 2
  Ollama GetBlobsPath digest Directory Traversal
  GitLab Search Regex Denial of Service
  Progress MOVEit Transfer Authentication Bypass 3
  Provectus Kafka UI RCE 2
  Ivanti Virtual Traffic Manager Authentication Bypass
  Pi-hole Server-Side Request Forgery
  Pi-hole Server-Side Request Forgery 2
  ServiceNow Macros Template Injection
  Directus loopback SSRF
  Microsoft SharePoint Server XXE Injection
  Provectus UI for Apache Kafka JMX Insecure Deserialization
  Centreon main.get.php SQL Injection 8
  Chamilo LMS Unrestricted File Upload
  Apache JSPWiki Upload XSS
  Dolibarr ERP Remote Code Execution
  Cacti graph_templates_inputs.php SQL Injection
  Apache NiFi Parameter Context XSS
  GitLab CE/EE Markdown Content DoS
  Novell ZENworks Asset Management Information Disclosure
  Progress WhatsUp Gold CommunityController Arbitrary File Upload
  Microsoft SharePoint Server Remote Code Execution (CVE-2024-38023) 1
  Sourcecodester Human Resource Management SQL Injection
  Bazarr.Media Path Traversal
  WordPress plugin LearnPress Command Injection
  Microsoft SharePoint Server Remote Code Execution (CVE-2024-38023) 2
  Microsoft SharePoint Server Remote Code Execution (CVE-2024-38023) 3
  Cacti automation_get_new_graphs_sql XSS
  FreeRDP Out-Of-Bounds Memory Read
  Changedetection.io Jinja2 Server Side Template Injection
  GeoServer OGC Remote Code Execution 3
  Progress WhatsUp Gold Path Traversal
  OpenCart Arbitrary File Overwrite
  rejetto HFS execSync Command Injection
  Apache HugeGraph Remote Command Execution 4
  Apache HugeGraph Remote Command Execution 5
  GitLab CE/EE Pin Menu DoS
  Nginx UI Remote Code Execution
  Progress WhatsUp Gold TestController DoS
  Nette Command Injection 1
  Nette Command Injection 2
  Nette Command Injection 3
  Dolibarr ERP CRM card.php XSS 2
  E-Staff CRLF Injection
  IBM Tivoli Endpoint Manager ScheduleParam XSS
  EMC Data Protection Advisor DoS
  Lenovo ThinkManagement Console Arbitrary File Overwrite
  Progress WhatsUp Gold TestController DoS 2
  Microsoft SharePoint Server Remote Code Execution (CVE-2024-38024) 1
  Microsoft SharePoint Server Remote Code Execution (CVE-2024-38024) 2
  WordPress plugin SEO SQL Injection
  Moment.js Path Traversal
  IPeakCMS print.php SQL Injection
  LibreNMS order SQL Injection
  Adobe Commerce XXE Injection 2
  Adobe Commerce XXE Injection 3
  Progress WhatsUp Gold Remote Code Execution 2
  JumpServer Ansible Playbook Arbitrary File Read
  JumpServer Ansible Playbook Arbitrary File Upload
  Cisco SSM Admin Password Reset
  Apache CloudStack SAML Authentication Bypass
  Mura CMS SQL Injection
  JFrog Artifactory Privilege Escalation
  XWiki Platform Upload Attachment XSS
  Apache Kafka Remote Code Execution
  WordPress plugin Web Directory Free SQL Injection
  Microsoft IIS UNC Information Disclosure
  Calibre e-book Manager RCE
  GitLab CE/EE Description DoS 1
  GitLab CE/EE Description DoS 2
  Novell iManager Create Attribute Buffer Overflow
  Lenovo ThinkManagement Console Directory Traversal
  PaperCut NG/MF API Authentication Bypass 1
  PaperCut NG/MF API Authentication Bypass 2
  PaperCut NG/MF API Authentication Bypass 3
  Logsign Unified SecOps Remote Code Execution
  WordPress plugin Husky Products Filter SQL Injection 1
  WordPress plugin Husky Products Filter SQL Injection 2
  FastAdmin Path Traversal
  WordPress plugin 10Web Photo Gallery XSS 2
  Progress WhatsUp Gold Arbitrary File Upload 2
  Haven IndieAuthClient Command Injection
  Traccar Path Traversal
  Traccar Path Traversal 2
  Centreon main.get.php SQL Injection 9
  CentralSquare CryWolf Path Traversal
  WordPress plugin GiveWP Insecure Deserialization
  Ivanti Avalanche Skin Management Directory Traversal
  WordPress plugin GiveWP Insecure Deserialization 2
  Moodle Calculated Questions RCE
  XWiki Platform Server-Side Template Injection 1
  XWiki Platform Server-Side Template Injection 2
  Symantec Web Gateway timer.php XSS
  rejetto HFS execSync Command Injection 2
  SPIP porte_plume plugin RCE
  GitLab CE/EE Gollum Link DoS
  DrayTek VigorConnect Local File Inclusion
  Progress WhatsUp Gold Insecure Deserialization
  WordPress plugin GiveWP Insecure Deserialization 3
  Centreon main.get.php SQL Injection 10
  CRMEB Product Controller SQL Injection
  PaperCut NG/MF SSRF
  Symantec Web Gateway Remote Command Execution 1
  Symantec Web Gateway Remote Command Execution 2
  Symantec Web Gateway Remote Command Execution 3
  Symantec Web Gateway Remote Command Execution 4
  Ollama extractFromZipFile Directory Traversal
  SolarWinds Web Help Desk Insecure Deserialization
  VICIdial SQL Injection
  VICIdial Remote Code Execution
  Redmine Remote Command Execution
  Centreon generateMetricImage.php SQL Injection
  Cisco Unified Communications Manager SQL Injection
  Symantec Web Gateway SQL Injection 2
  Spring Cloud Data Flow Arbitrary File Upload 2
  Weaver E-Office Arbitrary File Upload
  Micro Focus Operations Bridge Manager Remote Code Execution
  Django get_supported_language_variant DoS
  GitLab CE/EE POST DoS
  DuxCMS SQL Injection
  Issabel PBX Command Injection
  OpenCart SQL Injection
  PrestaShop pkfacebook SQL Injection
  Ivanti CSA Command Injection 2
  Ivanti CSA Command Injection 3
  Ivanti CSA Command Injection 4
  WordPress plugin LearnDash Privilege Escalation
  WordPress plugin LearnPress SQL Injection 4
  Symantec Web Gateway Remote Command Execution 5
  Oracle Secure Backup Command Injection
  ZeroShell Remote Command Execution 4
  Ruby on Rails Where Hash SQL Injection
  Ivanti EPM GetDBPatchProducts SQL Injection
  Trend Micro Smart Protection Server Command Injection 2
  Apache httpd mod_proxy Object Confusion
  WordPress plugin Stop Spammers XSS
  phpMyAdmin server_sync.php Access
  NGINX Request URI Security Feature Bypass 1
  NGINX Request URI Security Feature Bypass 2
  HP SiteScope Information Disclosure 1
  HP SiteScope Information Disclosure 2
  HTTP Request with Malformed Host Header 1
  HTTP Request with Malformed Host Header 2
  Web Application Cross-Site Scripting (XSS) 71
  Web Application Remote Code Execution 1
  Web Application Remote Code Execution 2
  Web Application Cross-Site Scripting (XSS) 39 -c3
  GitLab ipynb Stored XSS 1
  Web Application Remote Code Execution 3
  Web Application Remote Code Execution 33
  Web Application Remote Code Execution 28
  /etc/shadow Access 1
  Web Application Cross-Site Scripting (XSS) 22
  Web Application SQL Injection (UNION SELECT) 12
  Kentico CMS Insecure Deserialization
  WordPress plugin wp-google-maps SQL Injection
  Microsoft SharePoint Server Elevation of Privilege (CVE-2023-29357) 3
  Web Application Cross-Site Scripting (XSS) 78 -c6
  Java Web Application Remote Code Execution 22
  Web Application Cross-Site Scripting (XSS) 2
  Web Application Cross-Site Scripting (XSS) 4
  Java Web Application Suspicious File Upload 5
  GLPI Inventory SQL Injection
  Web Application Remote Code Execution 19
  Web Application SQL Injection (CASE WHEN SUBSTR) 1
  Web Application Malformed Request URI 24
  Web Application Malformed Request URI 26
  Web Application SQL Injection (DECLARE EXEC) 1
  Web Application SQL Injection (CASE WHEN SUBSTR) 2
  Web Application Attack 48
  Web Application Directory Traversal 7
  Web Application Directory Traversal 8
  Web Application Attack 3
  Web Application Attack 4
  Web Application SQL Injection (DECLARE EXEC) 2
  Schools Alert Management Script Arbitrary File Read
  Web Application Remote Code Execution 54
  Web Application Remote Code Execution 55
  MailEnable HTTP Authorization Header Buffer Overflow
  Web Application Cross-Site Scripting (XSS) 29
  Web Application Attack 5
  Web Application Cross-Site Scripting (XSS) 17
  Web Application Cross-Site Scripting (XSS) 18
  Web Application SQL Injection (CAST EXEC)
  WordPress plugin Site Editor Local File Inclusion
  Responsive FileManager url Parameter SSRF
  LG SuperSign CMS Arbitrary File Read
  WordPress plugin ThemeREX Addons Remote Code Execution
  Web Application Attack 27
  Web Application Directory Traversal 1 -c3
  Web Application Cross-Site Scripting (XSS) 39 -c4
  Web Application Directory Traversal 2
  Web Application Directory Traversal 23
  Web Application Attack 53
  WordPress plugin BulletProof Security Information Disclosure 1
  Web Application SQL Injection (DECLARE CAST)
  ManageEngine OpManager getReportData API SQL Injection
  Cisco UCS Director XXE Information Disclosure 1
  Web Application Attack 54
  Cisco UCS Director XXE Information Disclosure 2
  Web Application SQL Injection (SELECT FROM) 1
  Web Application Malformed Request URI 27
  Web Application Malformed Request URI 28
  Web Application Malformed Request URI 29
  Web Application SQL Injection (UNION ALL) 1
  Apache Superset Markdown Component XSS 1
  HAProxy HTTP Header Handling Integer Overflow
  WordPress plugin BulletProof Security Information Disclosure 2
  HTTP Request with Malformed User-Agent Header 5
  Web Application Directory Traversal 49
  Web Application Remote File Inclusion 1
  Centreon MediaWiki Script SQL Injection
  Web Application Remote File Inclusion 3
  Oracle WebLogic Server XMLDecoder RCE 1
  Web Application Cross-Site Scripting (XSS) 70 -c3
  Web Application Remote Code Execution 4
  Web Application SQL Injection (SELECT SLEEP) 3
  Web Application Cross-Site Scripting (XSS) 1
  Web Application Cross-Site Scripting (XSS) 13
  Web Application Cross-Site Scripting (XSS) 1 -c2
  Web Application Cross-Site Scripting (XSS) 3
  Java Web Application Remote Code Execution 20 -c2
  Web Application SQL Injection (CREATE TABLE) 1
  Web Application Attack 59
  Web Application SQL Injection (INSERT INTO) 1
  Web Application SQL Injection (UNION SELECT) 1
  Web Application SQL Injection (CREATE TABLE) 2
  boot.ini Access 1
  Web Application Remote Code Execution 5
  Web Application Remote Code Execution 6
  Web Application Remote Code Execution 7
  fastify Content-Type Header DoS
  Apache JSPWiki UserPreferences.jsp CSRF
  Web Application Remote Code Execution 10
  Web Application Cross-Site Scripting (XSS) 72
  Web Application Cross-Site Scripting (XSS) 72 -c2
  /~root Access
  Web Application Attack 58 -c2
  Web Application Cross-Site Scripting (XSS) 36 -c2
  Web Application Cross-Site Scripting (XSS) 38
  HTTP Request with Malformed Range Header 5
  Web Application Remote Code Execution 87
  Web Application Cross-Site Scripting (XSS) 30
  Web Application Remote Code Execution 88
  Web Application Cross-Site Scripting (XSS) 19
  Web Application Directory Traversal 1 -c2
  Web Application Directory Traversal 1
  Web Application NULL Poisoning (php) 1
  Web Application Cross-Site Scripting (XSS) 39
  Web Application Cross-Site Scripting (XSS) 39 -c2
  HTTP Request with Malformed Host Header 3
  Nagios Log Server create_snapshot XSS
  Web Application Cross-Site Scripting (XSS) 24
  Web Application Remote File Inclusion 2
  Web Application SQL Injection (DROP TABLE) 1
  Web Application SQL Injection (UPDATE SET) 1
  Web Application SQL Injection (INSERT INTO) 2
  Web Application SQL Injection (DELETE FROM) 1
  Web Application SQL Injection (OR) 1
  Web Application SQL Injection (OR) 3
  Web Application Cross-Site Scripting (XSS) 20
  Web Application Directory Traversal 16 -c3
  Web Application Cross-Site Scripting (XSS) 21
  Web Application SQL Injection (xp_cmdshell) 1
  Web Application SQL Injection (xp_cmdshell) 1 -c2
  pfSense status.php Command Injection
  Ghost CMS Information Disclosure
  Centreon generateImage.php SQL Injection
  Web Application Suspicious File Upload 5
  Web Application SQL Injection (WAITFOR DELAY) 1 -c2
  Apache Superset Markdown Component XSS 2
  Web Application Cross-Site Scripting (XSS) 55 -c2
  Web Application Attack 7
  Web Application SQL Injection (UNION SELECT) 10
  Web Application SQL Injection (UNION ALL) 8
  Centreon csv_HostGroupLogs.php SQL Injection
  Flarum HTML Markup XSS
  XWiki Commons documentTree Remote Code Execution 1
  Spring Cloud Netflix Hystrix Dashboard SSRF
  Oracle Support Tools XXE Injection
  Studio-42 elFinder connector.minimal.php Command Injection 2
  Web Application Remote Code Execution 75
  Web Application Cross-Site Scripting (XSS) 47
  Web Application Cross-Site Scripting (XSS) 48
  Web Application Cross-Site Scripting (XSS) 55 -c3
  Web Application Remote Code Execution 37
  Citrix ShareFile Directory Traversal 1
  WordPress plugin The True Ranker Directory Traversal
  Ghost CMS static-theme.js Directory Traversal
  Web Application Cross-Site Scripting (XSS) 78 -c5
  WordPress Comment Section XSS 1
  Web Application Directory Traversal 42
  Nagios XI Archive Name Command Injection
  Web Application Directory Traversal 48
  WWBN AVideo chunkfile Command Injection
  Nagios XI custom-includes Component Arbitrary File Creation
  Web Application Cross-Site Scripting (XSS) 50
  Web Application Cross-Site Scripting (XSS) 51
  Web Application Cross-Site Scripting (XSS) 75
  Web Application Cross-Site Scripting (XSS) 78
  Lansweeper HelpdeskSetupActions SQL Injection 1
  ManageEngine ADSelfService Plus Authentication Bypass
  Web Application Cross-Site Scripting (XSS) 73 -c3
  Microsoft Open Management Infrastructure RCE (CVE-2021-38647) 1
  SolarWinds Orion RenderControl Insecure Deserialization
  Squid Vary Header DoS
  Grafana AngularJS XSS 1
  Grafana AngularJS XSS 2
  WordPress plugin LearnPress XSS 1
  SolarWinds Orion Patch Manager Insecure Deserialization 2
  Squid Range Header DoS 1
  Squid Range Header DoS 2
  Web Application Cross-Site Scripting (XSS) 70
  Jenkins plugin Active Choices XSS
  Adobe RoboHelp Server Directory Traversal
  Web Application Cross-Site Scripting (XSS) 73
  SolarWinds Orion Patch Manager Insecure Deserialization 4
  ResourceSpace tiles.php Arbitrary File Deletion 1
  ResourceSpace tiles.php Arbitrary File Deletion 2
  Microsoft Exchange Server RCE (CVE-2022-41082) 2
  Web Application Cross-Site Scripting (XSS) 58
  Web Application Cross-Site Scripting (XSS) 23
  Dolibarr ERP CRM Command Injection
  ManageEngine ADManager Plus Arbitrary File Creation 1
  Smartstore boards Stored XSS 1
  Web Application Remote Code Execution 66 -c2
  Web Application SQL Injection (OR) 1 -c2
  Smartstore boards Stored XSS 2
  Smartstore privatemessages Stored XSS 1
  Smartstore privatemessages Stored XSS 2
  EnterpriseDT CompleteFTP Server Arbitrary File Deletion
  Web Application Directory Traversal 44
  Web Application Directory Traversal 45
  Web Application SQL Injection (OR) 1 -c3
  HAProxy Cookie Parsing DoS
  Web Application Directory Traversal 45 -c2
  Web Application Cross-Site Scripting (XSS) 59 -c3
  Web Application SQL Injection (PASSWORD) 1
  Web Application SQL Injection (CREATE TABLE) 1 -c5
  ManageEngine multiple products ImportTechnicians Arbitrary File Creation
  Dolibarr ERP CRM card.php XSS
  HTTP Request with Malformed Content-Length Header 1
  Web Application Directory Traversal 46
  Web Application Attack 57
  ManageEngine ADManager Plus Arbitrary File Creation 2
  Web Application Cross-Site Scripting (XSS) 66
  ManageEngine ServiceDesk Plus Authentication Bypass
  Web Application SQL Injection (UNION SELECT) 4 -c2
  Apache ShenYu Admin JWT Authentication Bypass 1
  Commvault CommCell CVSearchService Authentication Bypass 1
  Commvault CommCell CVSearchService Authentication Bypass 2
  ManageEngine ADManager Plus Arbitrary File Creation 3
  Web Application Cross-Site Scripting (XSS) 45
  Web Application Cross-Site Scripting (XSS) 45 -c2
  Joomla! User-Agent Header Remote Code Execution 2
  ManageEngine Network Configuration Manager Command Injection
  Apache httpd mod_lua Buffer Overflow
  Atlassian Confluence Data Center and Server SSTI
  Web Application Cross-Site Scripting (XSS) 76
  Nagios XI main.php XSS
  Ivanti Avalanche Inforail Service Command Injection -hl
  Ivanti Avalanche Inforail Service Arbitrary File Creation -hl
  Web Application SQL Injection (SELECT SLEEP) 1
  ManageEngine ServiceDesk Plus Command Injection -hl
  Cacti color.php SQL Injection
  VMware vCenter Server PSC Insecure Deserialization
  Web Application Cross-Site Scripting (XSS) 27
  ManageEngine ADManager Plus Proxy Settings Command Injection
  Web Application Cross-Site Scripting (XSS) 77
  Web Application Cross-Site Scripting (XSS) 59 -c4
  Apache Tapestry Information Disclosure 1
  ResourceSpace add_keyword.php SQL Injection
  lighttpd mod_extforward DoS
  Web Application SQL Injection (UNION SELECT) 1 -c2
  Commvault CommCell Arbitrary File Creation 1 -hl
  Web Application Cross-Site Scripting (XSS) 91
  Commvault CommCell Arbitrary File Creation 2
  HTTP Request with Malformed Y-Forwarded-For Header 1
  Apache Kylin REST API DiagnosisService Command Injection
  ManageEngine ServiceDesk Plus Secondary Email Field XSS
  Web Application Cross-Site Scripting (XSS) 34
  Web Application Remote Code Execution 40
  Web Application Remote Code Execution 21
  Web Application Directory Traversal 12
  Ivanti EPM Cloud Services Appliance RCE
  Oracle Fusion Middleware Endeca Remote Command Execution 1
  HTTP Request with Malformed Host Header 6
  Oracle Fusion Middleware Endeca Remote Command Execution 2
  PineApp Mail-Secure conflivelog.pl Command Injection
  Apache Tomcat AJP12 DoS
  Web Application Remote Code Execution 41
  Graphite pickle.loads Remote Code Execution
  Web Application Attack 1
  PineApp Mail-Secure livelog.html Command Injection 1
  Red Hat JBoss JMX Console Authentication Bypass 1
  HTTP Request with Malformed Authorization Header 3
  Web Application Suspicious File Upload 9
  HP ProCurve Manager Remote Code Execution 1
  HP ProCurve Manager Authentication Bypass
  Adobe ColdFusion scheduleedit.cfm Remote Code Execution
  Oracle Business Intelligence Mobile Information Disclosure
  Apache httpd mod_proxy DoS 1
  SugarCRM unserialize Function Remote Code Execution 1
  HPE Intelligent Management Center Information Disclosure 2
  Foreman BookMarks Controller Remote Code Execution
  VMware vCenter CBM Remote Code Execution
  /etc/shadow Access 5
  NetMechanica NetDecision Buffer Overflow
  Web Application Directory Traversal 4
  TWiki MakeText Shell Command Injection
  Web Application Authentication Bypass 1
  Web Application Cross-Site Scripting (XSS) 11
  HPE Intelligent Management Center Information Disclosure 3
  HTTP Request with Malformed Connection Header 1
  Web Application Attack 2
  HP ProCurve Manager Remote Code Execution 3
  Web Application Authentication Bypass 2
  Horde Groupware Webmail CSRF
  Web Application Attack 24
  HPE Intelligent Management Center Authentication Bypass 1
  ManageEngine Desktop Central Directory Traversal 1
  Oracle Fusion Middleware Web Services Information Disclosure
  IBM Platform Symphony Buffer Overflow
  Web Application Directory Traversal 25
  Web Application Directory Traversal 5
  Web Application Remote Code Execution 42
  Web Application Directory Traversal 21
  HP Network Virtualization storedNtxFile Directory Traversal
  HTTP Request with Malformed Authorization Header 5
  Web Application Directory Traversal 43
  Drupal core XML-RPC DoS 1
  Atlassian JIRA Directory Traversal 1
  Atlassian JIRA Directory Traversal 2
  system.ini Access 1
  Web Application Directory Traversal 18
  Web Application Directory Traversal 3
  Web Application Directory Traversal 26
  GestioIP Remote Command Execution
  Web Application Directory Traversal 27
  Web Application Remote Code Execution 57
  Web Application Directory Traversal 28
  Web Application Attack 26
  Cisco Prime Data Center Network Manager Information Disclosure
  Web Application Remote Code Execution 25
  vBulletin nodeid SQL Injection
  Novell File Reporter Directory Traversal 3
  IBM Rational Focal Point Information Disclosure 1
  Apache httpd mod_isapi Remote Code Execution 1
  IBM Rational Focal Point Information Disclosure 2
  HP Network Virtualization toServerObject Directory Traversal 1
  Drupal core XML-RPC DoS 2
  Squid Range Header DoS
  SolarWinds Storage Manager Authentication Bypass 1
  HP LoadRunner Virtual User Generator Directory Traversal 1
  HP LoadRunner Virtual User Generator Directory Traversal 2
  EMC CMCNE Directory Traversal 1
  SolarWinds Storage Manager Authentication Bypass 2
  Micro Focus GroupWise Admin Service Directory Traversal
  Web Application Directory Traversal 9
  GNU Bash Remote Code Execution (CVE-2014-6271) 2
  HP LoadRunner Virtual User Generator Directory Traversal 3
  HP LoadRunner Virtual User Generator Directory Traversal 4
  Web Application Remote Code Execution 45
  Web Application Remote Code Execution 43
  ManageEngine EventLog Analyzer Directory Traversal 1
  EMC CMCNE Directory Traversal 2
  Red Hat JBoss Seam Interface Generator Information Disclosure
  ManageEngine EventLog Analyzer Directory Traversal 2
  ManageEngine EventLog Analyzer Directory Traversal 3
  ManageEngine OpManager Directory Traversal
  GNU Bash Command Injection (CVE-2014-7187)
  Web Application Format String Attack 3
  Web Application Suspicious File Upload 1 -c2
  rejetto HFS Remote Code Execution
  Microsoft .NET Framework ObjRef RCE Attempt
  SolarWinds Security Event Manager AMF Insecure Deserialization 2
  pgAdmin Binary Path Validation RCE (Binary Upload) 1
  pgAdmin Binary Path Validation RCE (Binary Upload) 2
  pgAdmin Binary Path Validation RCE (Binary Upload) 3
  pgAdmin Binary Path Validation RCE (Binary Upload) 4
  pgAdmin Binary Path Validation RCE
  pgAdmin External Utilities Validation RCE
  Adobe Commerce Special Elements Command Injection
  Java Web Application Remote Code Execution 15
  CData Multiple Products Path Traversal
  GitLab Autocomplete Results XSS
  GitLab Autocomplete Results XSS 2
  Progress Flowmon Command Injection
  Cisco Integrated Management Controller Command Injection
  LG LED Assistant Directory Traversal 5
  CrushFTP Server-Side Template Injection
  Progress Flowmon Command Injection 2
  CrushFTP Server-Side Template Injection 2
  CrushFTP Server-Side Template Injection 3
  XWiki Platform SearchSuggestSourceSheet Code Injection
  XWiki Platform SolrSpaceFacet Remote Code Execution
  LG LED Assistant Password Reset 1
  Squid X-Forwarded-For Header DoS
  Artica Proxy Authentication Bypass
  Citrix Netscaler ADC and Gateway Out Of Bounds Memory Read
  GitHub Enterprise Server Command Injection
  WordPress plugin WPvivid Backup Insecure Deserialization 1
  Wazuh host_deny Command Injection
  Web Application Remote Code Execution 23
  Ivanti Avalanche extractZipEntry Directory Traversal
  Tinyproxy Connection Headers Use-After-Free
  Tinyproxy Connection Headers Use-After-Free 2
  SolarWinds Access Rights Manager Remote Code Execution
  Zabbix Server Audit Log SQL Injection
  XWiki Platform UI Extensions Code Injection
  Progress Flowmon Command Injection 3
  Atlassian Confluence Data Center and Server RCE
  Atlassian Confluence Data Center and Server RCE 2
  SolarWinds Access Rights Manager Insecure Deserialization
  Microsoft SharePoint Server URL Parsing Confusion
  Progress Telerik Report Server Authentication Bypass
  Progress Telerik Report Server Insecure Deserialization
  Apache OFBiz Path Traversal
  Apache OFBiz Path Traversal 2
  HTTP Request with Malformed Authorization Header 4
  Ivanti EPM SQL Injection
  Apache OFBiz Remote Code Execution
  Progress MOVEit Transfer Authentication Bypass
  Progress MOVEit Transfer Authentication Bypass 2
  Adobe Commerce XXE Injection
  Fortra FileCatalyst Workflow SQLi
  Apache Tomcat Http2Parser Denial of Service
  Alt-N MDaemon Raw Message Handler Buffer Overflow
  Splunk Enterprise Path Traversal
  Progress WhatsUp Gold Remote Code Execution
  Apache OFBiz SQL Injection
  Automation Anywhere Automation 360 SSRF
  Apache Superset Arbitrary File Read
  Progress WhatsUp Gold Arbitrary File Upload 1
  Zabbix Ping Script RCE
  Apache OFBiz Information Disclosure
  Spring Cloud Data Flow Arbitrary File Upload 1
  Ivanti Avalanche SmartDeviceServer XXE Injection
  Apache Struts OGNL Crafted Prefix Remote Code Execution 1
  Progress WhatsUp Gold SQL Injection
  Apache OFBiz Authentication Bypass 4
  Apache Struts Open Redirect 1
  Apache Struts Open Redirect 2
  SolarWinds Web Help Desk Hardcoded Credential Access
  Windows Defender Security Feature Bypass IOC (Initial URL Access)
  Web Application Remote Code Execution 34
  Ivanti Avalanche SecureFilter allowPassThrough Authentication Bypass
  Graylog Cluster Config System Insecure Deserialization
  ConnectWise ScreenConnect Authentication Bypass
  AWStats Remote Command Execution 2
  IBM Operational Decision Manager JNDI injection 1
  IBM Operational Decision Manager Insecure Deserialization
  LibreNMS address-search SQL Injection 1
  Web Application Malformed Request URI 3
  WordPress plugin Paid Memberships Pro Arbitrary File Creation
  HTTP Request with Malformed If-Modified-Since Header
  Nagios XI SQL Injection
  Nagios XI Remote Code Execution
  LG LED Assistant Directory Traversal 1
  LG LED Assistant Directory Traversal 2
  ColumbiaSoft Document Locator Improper Authentication
  Allegra Excel Import Insecure Deserialization
  VMware Aria Operations for Networks XSS
  Web Application Attack 6
  LG LED Assistant Directory Traversal 3
  LG LED Assistant Directory Traversal 4
  Web Application Cross-Site Scripting (XSS) 92
  Web Application Cross-Site Scripting (XSS) 93
  Web Application Cross-Site Scripting (XSS) 94
  Web Application Cross-Site Scripting (XSS) 95
  Web Application Cross-Site Scripting (XSS) 43
  Monkey HTTP Daemon DoS
  Rocket Servergraph userRequest Remote Command Execution
  WordPress plugin Fastest Cache SQL Injection
  pgAdmin pga4 Session Path Traversal
  Web Application Malformed Request URI 4
  Squid Chunked Transfer DoS 1
  Joomla! cleanTags Cross-Site Scripting
  Squid Proxy HTTP Header Parser DoS
  Squid Proxy HTTP Header Parser DoS 2
  Squid Proxy HTTP Header Parser DoS 3
  Progress Kemp LoadMaster Command Injection
  Ivanti Avalanche XXE Injection
  Adobe ColdFusion Arbitrary File Read
  Adobe ColdFusion Arbitrary File Read 2
  Ivanti CSA Command Injection 1
  Cisco Smart Licensing Utility Sensitive Data Exposure
  Ivanti EPM Insecure Deserialization
  Apache Struts OGNL Crafted Prefix Remote Code Execution 2
  Zimbra Collaboration postjournal Service Remote Code Execution
  Apache Struts OGNL Crafted Prefix Remote Code Execution 3
  Ivanti Connect Secure CRLF Injection
  Ivanti Connect Secure CRLF Injection (Log Upload)
  Web Application Suspicious File Upload 13
  Grafana SQL Expressions Local File Inclusion
  Apache OFBiz Server-Side Request Forgery 2
  Apache httpd mod_dav Merge Request DoS
  Symantec Web Gateway Multiple PHP Pages XSS
  PineApp Mail-Secure test_li_connection.php Command Injection 2
  HP SiteScope Information Disclosure 4
  Apache Struts OGNL Crafted Prefix Remote Code Execution 4
  OpenX fc.php Remote Code Execution
  Web Application Malformed Request URI 18
  Crystal Reports Web Viewer Information Disclosure
  Squash YAML Remote Code Execution
  Web Application Attack 28
  Ultra Mini HTTPD Buffer Overflow
  Web Application Attack 37
  HTTP Request with Malformed Transfer-Encoding Header 1
  Web Application Remote Code Execution 8
  Web Application Attack 38
  Web Application Malformed Request URI 22
  Web Application Attack 29
  PineApp Mail-Secure confpremenu.php Command Injection
  Web Application Attack 40
  HTTP Request with Malformed User-Agent Header 1 -c2
  Apache httpd mod_rewrite Remote Command Execution
  Trend Micro SafeSync SQL Injection 1
  Trend Micro SafeSync Remote Code Execution 3
  Web Application Remote Code Execution 69
  Web Application Directory Traversal 35
  Apache Struts 2 Jakarta Remote Code Execution (S2-046)
  Microsoft IIS WebDAV Buffer Overflow 1
  HPE Intelligent Management Center Authentication Bypass 2
  Trend Micro IWSVA Command Injection 3
  Web Application Remote Code Execution 29
  ManageEngine Applications Manager SQL Injection 2
  Microsoft IIS WebDAV Buffer Overflow 2
  SquirrelMail Remote Code Execution 1
  HPE Intelligent Management Center Directory Traversal 1
  Magento CE remote_image CSRF
  Trend Micro SafeSync SQL Injection 2
  Exponent CMS SQL Injection
  Splunk Enterprise REST API SSRF
  MantisBT verify.php Password Manipulation 1
  MantisBT verify.php Password Manipulation 2
  HTTP Request with Malformed Accept-Encoding Header 2
  HPE Intelligent Management Center Information Disclosure 5
  Web Application Remote Code Execution 72
  Web Application Remote Code Execution 73
  Red Hat JBoss BPM Suite XSS
  HPE Network Automation Authentication Bypass
  Joomla! com_fields extension SQL Injection
  HPE Network Automation SQL Injection
  Brocade Network Advisor Directory Traversal 3
  HTTP Request with Malformed Content-Length Header 2
  Trend Micro IWSVA Command Injection 6
  Schneider Electric U.motion Builder Directory Traversal
  Web Application SQL Injection (UNION SELECT) 4 -c3
  Web Application Remote Code Execution 29 -c3
  Web Application Remote Code Execution 29 -c2
  Web Application SQL Injection (CREATE TABLE) 4 -c2
  Cisco Prime Infrastructure/EPNM Remote Code Execution 2
  Cisco Prime Infrastructure/EPNM Remote Code Execution 3
  Cisco Prime Collaboration Provisioning Authentication Bypass
  Cisco Prime Collaboration Provisioning Arbitrary File Deletion
  Schneider Electric U.motion Builder SQL Injection 1
  Trend Micro SafeSync Remote Code Execution 4
  Apache Struts Struts1 Plugin Remote Code Execution 1
  Cisco Prime Infrastructure/EPNM XSS
  Apache Struts Struts1 Plugin Remote Code Execution 2
  Apache Struts Struts1 Plugin Remote Code Execution 3
  Trend Micro SafeSync Remote Code Execution 5
  AlienVault USM/OSSIM Remote Code Execution 1
  HTTP Request with Malformed Range Header 4
  Web Application Authentication Bypass 5
  WordPress XML-RPC DoS
  VMTurbo Operations Manager Remote Command Execution
  GNU Bash Remote Code Execution (CVE-2014-6271) 1
  WordPress plugin Gravity Forms Remote Code Execution
  HTTP Request with Malformed Authorization Header 2
  HP Network Virtualization toServerObject Directory Traversal 2
  Joomla! Akeeba Restore extension Remote Code Execution
  Web Application Suspicious File Upload 10
  Lexmark Markvision Enterprise Directory Traversal 1
  Web Application SQL Injection (WAITFOR DELAY) 1
  Web Application SQL Injection (CONVERT INT) 1
  McAfee ePolicy Orchestrator Information Disclosure 2
  Symantec Encryption Management Server Command Injection 1
  Symantec Encryption Management Server Command Injection 2
  ManageEngine multiple products Information Disclosure
  ManageEngine ServiceDesk Plus Policy Bypass
  Apache Tomcat Large Chunked Transfer DoS 3
  HTTP Request with Malformed Header 2
  LANDESK Management Suite serverlist_grouptree.aspx XSS
  SAP SQL Anywhere Buffer Overflow
  Jetty Information Disclosure
  Java Web Application Suspicious File Upload 4
  HTTP Request with Malformed Header 2 -c2
  SolarWinds Firewall Security Manager Policy Bypass
  Symantec Web Gateway Command Injection 1
  Symantec Web Gateway Command Injection 2
  ManageEngine Desktop Central Password Manipulation
  SolarWinds Orion NPM SQL Injection 1
  Lexmark Markvision Enterprise Directory Traversal 2
  Web Application Suspicious File Upload 11
  SolarWinds Orion NPM SQL Injection 2
  Web Application Malformed Request URI 10
  Web Application Directory Traversal 30
  Web Application Cross-Site Scripting (XSS) 49
  Novell ZENworks Configuration Management Directory Traversal 2
  pfSense diag_logs_filter.php XSS
  Magento CE Cms_Wysiwyg Controller Remote Code Execution 1
  pfSense system_firmware_restorefullbackup.php Directory Traversal
  Web Application Directory Traversal 31
  Web Application Directory Traversal 31 -c2
  WordPress Comment Section XSS 2
  Novell ZENworks Rtrlet.class Information Disclosure
  Novell ZENworks Configuration Management Information Disclosure 1
  Movable Type Remote Code Execution
  WordPress Comment Section XSS 3
  HP SiteScope Information Disclosure 5
  Novell ZENworks Configuration Management Information Disclosure 2
  Visual Mining NetCharts Directory Traversal 2
  NetScaler ADC/Gateway RCE 1
  Arcserve UDP EdgeServiceImpl Information Disclosure
  WebUI mainfile.php Command Injection 1
  LANDESK Management Suite frm_coremainfrm.aspx Remote File Inclusion
  LANDESK Management Suite sm_actionfrm.asp Remote File Inclusion
  ManageEngine Applications Manager SQL Injection 1
  LANDESK Management Suite frm_splitfrm.aspx Remote File Inclusion
  Web Application Attack 41
  pfSense zone Parameter XSS
  Wavelink Emulation License Server Buffer Overflow 1
  Micro Focus GroupWise WebAccess XSS 1
  Wavelink Emulation License Server Buffer Overflow 2
  ManageEngine OpManager resIds SQL Injection
  Oracle Fusion Middleware Endeca Directory Traversal 1
  Oracle Fusion Middleware Endeca Directory Traversal 2
  Symantec Endpoint Protection Manager Password Manipulation
  Novell ZENworks Mobile Management XSS
  WordPress plugin Subscribe Form Remote Code Execution
  Openfire group-summary.jsp XSS
  Reprise License Manager Directory Traversal
  Openfire user-password.jsp CSRF
  TYPO3 returnUrl XSS
  OpenEMR ignoreAuth Authentication Bypass
  Endian Firewall Remote Command Execution
  Web Application Malformed Request URI 11
  Reprise License Server Remote Code Execution
  ManageEngine OpManager SubmitQuery.do Remote Code Execution
  IBM WebSphere Application Server Remote Code Execution 1
  Reprise License Manager Directory Traversal 2
  CloudBees Jenkins Remote Code Execution
  ManageEngine Desktop Central Arbitrary File Creation 1
  Joomla! User-Agent Header Remote Code Execution
  Apache Subversion Web Server Heap Buffer Overflow
  Oracle Application Testing Suite Directory Traversal 1
  Web Application Remote Code Execution 61
  Oracle Application Testing Suite Directory Traversal 2
  Oracle Application Testing Suite Authentication Bypass 1
  Oracle Application Testing Suite Directory Traversal 3
  Oracle Application Testing Suite Directory Traversal 4
  Microsoft .NET Framework XSLT DoS (MS16-019)
  Oracle Application Testing Suite Authentication Bypass 2
  Oracle GlassFish Server Directory Traversal
  Apache Jetspeed Directory Traversal
  ManageEngine Firewall Analyzer SQL Injection
  Apache Jetspeed XSS 1
  Apache OpenMeetings Directory Traversal
  CloudBees Jenkins Insecure Deserialization
  HP Enterprise Vertica Command Injection
  Apache OpenMeetings XSS
  HTTP Request with Malformed Header 3
  Squid ESI Response Buffer Overflow
  pfSense status_rrd_graph_img.php Command Injection
  Apache Struts XSLTResult Remote Code Execution
  SolarWinds SRM Profiler SQL Injection 1
  SolarWinds SRM Profiler SQL Injection 2
  Apache Struts Dynamic Method Invocation Remote Code Execution 1
  Apache Struts Dynamic Method Invocation Remote Code Execution 2
  Web Application SQL Injection (CREATE TABLE) 1 -c2
  Magento CE Shopping Cart Data Remote Code Execution 1
  Magento CE Shopping Cart Data Remote Code Execution 2
  SolarWinds SRM Profiler SQL Injection 3
  Trend Micro IWSVA Command Injection
  Apache ActiveMQ Directory Traversal 1
  Apache Struts REST Plugin Remote Code Execution
  Apache Subversion req_check_access Function DoS
  Trend Micro IWSVA Command Injection 2
  Nagios XI Incident Manager SQL Injection
  Apache ActiveMQ Directory Traversal 2
  Apache Struts URLValidator DoS
  HTTP Request with Malformed Content-Type Header 3
  NetIQ Sentinel Server Authentication Bypass
  Drupal RESTWS module Remote Code Execution
  Apache Continuum Command Injection
  Cisco Prime Infrastructure/EPNM Remote Code Execution 1
  Web Application SQL Injection (CREATE TABLE) 3 -c2
  Drupal RESTWS module Remote Code Execution 2
  Drupal Coder module Remote Code Execution
  Squid ESI Response DoS
  Trend Micro Control Manager Information Disclosure 1
  IBM WebSphere Application Server SIP DoS
  Trend Micro Control Manager Information Disclosure 2
  Web Application Remote Code Execution 62
  Web Application Cross-Site Scripting (XSS) 46 -c2
  Web Application Cross-Site Scripting (XSS) 53
  Web Application Remote Code Execution 62 -c2
  Nagios Network Analyzer CSRF
  Web Application Cross-Site Scripting (XSS) 55 -c4
  Web Application Remote Code Execution 62 -c3
  Web Application SQL Injection (AND) 2
  Web Application SQL Injection (AND) 2 -c2
  Web Application Remote Code Execution 62 -c4
  Web Application Cross-Site Scripting (XSS) 56
  Adobe ColdFusion OOXML XXE Information Disclosure 1
  Adobe ColdFusion OOXML XXE Information Disclosure 2
  AlienVault USM/OSSIM SQL Injection
  Trend Micro SafeSync Remote Command Execution
  Trend Micro Control Manager Information Disclosure 3
  Micro Focus GroupWise Administration Console XSS
  Drupal core Information Disclosure
  Web Application Directory Traversal 34
  Micro Focus GroupWise Administration Console XSS 2
  Trend Micro Control Manager Information Disclosure 4
  Web Application Remote Code Execution 85 -c2
  IBM WebSphere Application Server Remote Code Execution 2
  Nagios Network Analyzer Command Injection 1
  Nagios Network Analyzer Command Injection 2
  Joomla! UsersModelRegistration extension Privilege Escalation 1
  Joomla! UsersModelRegistration extension Privilege Escalation 2
  Web Application SQL Injection (OUTFILE)
  IPFire proxy.cgi Remote Code Execution 1
  WebNMS Framework Server Arbitrary File Overwrite
  Web Application Remote Code Execution 65
  op5 Monitor Command Injection 2
  Web Application Remote Code Execution 66
  Web Application Remote Code Execution 63
  Trend Micro Smart Protection Server Command Injection
  Trend Micro Virtual Mobile Infrastructure Command Injection 1
  Trend Micro Virtual Mobile Infrastructure Command Injection 2
  Apache Tomcat JMX Remote Code Execution
  Apache httpd mod_http2 DoS
  Web Application Remote Code Execution 67
  Apache httpd mod_http2 DoS 2
  Web Application SQL Injection (CAST AS)
  Web Application SQL Injection (UNION ALL) 7
  HPE Operations Orchestration Insecure Deserialization 1
  Web Application Attack 36
  MailStore Server Redirect XSS
  WordPress plugin Slider Revolution Directory Traversal
  WordPress REST API Privilege Escalation
  Brocade Network Advisor Directory Traversal 2
  Trend Micro Control Manager Information Disclosure 5
  WordPress REST API Privilege Escalation 2
  Web Application Attack 39
  Trend Micro Control Manager Information Disclosure 6
  McAfee ePolicy Orchestrator SQL Injection 2
  Web Application Remote Code Execution 68
  PHPMailer mailSend Function Command Injection
  Trend Micro Control Manager Information Disclosure 7
  Trend Micro SafeSync Remote Code Execution 1
  Trend Micro SafeSync Remote Code Execution 2
  Web Application SQL Injection (CONVERT INT) 2
  Microsoft SharePoint Remote Code Execution (CVE-2022-38053) 1
  Apache Druid JDBC Remote Code Execution
  WordPress plugin Simple File List XSS
  GLPI htmlawed Module Code Injection 1
  ManageEngine ADAudit Plus Arbitrary File Upload
  Web Application Directory Traversal 7 -c2
  ManageEngine ADAudit Plus XXE Injection 1
  Apache Commons Text Remote Code Execution
  WordPress plugin Search Logger SQLi
  Ivanti Avalanche Path Traversal
  Nagios XI switch.inc.php Command Injection
  Java Web Application Remote Code Execution 5
  VMware Cloud Foundation XStream Library RCE 2
  PrestaShop NdkAdvancedCustomizationFields Module SQL Injection
  Pulse Connect Secure system.cfg File Overwrite
  Apache XML Graphics Batik SSRF
  WordPress plugin BookingPress SQL Injection
  ManageEngine OpManager getUserAPIKey Authentication Bypass
  Microsoft Exchange Server RCE (CVE-2022-41082)
  Grafana SMTP Server CRLF Injection
  Mongo Express Remote Code Execution
  Jenkins plugin Artifact Repository Parameter XSS
  WordPress async-upload.php XXE Injection
  Apache Tapestry Information Disclosure 2
  Apache Tapestry Information Disclosure 3
  Oracle E-Business Suite Shopping Cart XSS
  Nagios XI Manage Plugins Page Command Injection
  Apache OFBiz Insecure Deserialization 4
  Apache OFBiz Insecure Deserialization 5
  Apache Shiro Authentication Bypass 1
  OpenEMR edit_group.php SQL Injection
  Microsoft Exchange Server Remote Code Execution (CVE-2021-28482)
  Chamilo LMS Arbitrary File Creation
  Alibaba Nacos AuthFilter Authentication Bypass
  Apache OFBiz Insecure Deserialization 6
  Jenkins plugin Dashboard View XSS
  Envoy Proxy Authentication Bypass
  Cisco HyperFlex HX Command Injection
  VMware vCenter vSAN Health Check plugin RCE 1
  VMware vCenter vSAN Health Check plugin RCE 2
  VMware vCenter vSAN Health Check plugin RCE 3
  Web Application Directory Traversal 32
  Web Application Directory Traversal 47 -c2
  WordPress plugin Fancy Product Designer Arbitrary File Creation
  Drupal Form API Remote Code Execution 5
  PHPUnit eval-stdin.php Remote Code Execution
  MacCMS Remote Command Execution
  Jenkins plugin URLTrigger XXE Injection 1
  VMware vCenter vSAN Health Check plugin RCE 4
  VMware vCenter vSAN Health Check plugin RCE 5
  WordPress plugin wpDiscuz Arbitrary File Creation
  Rocket.Chat NoSQL Injection
  Jenkins plugin Claim XSS
  Apache Solr ReplicationHandler SSRF
  GLPI wifinetwork.form.php Remote Code Execution
  Microsoft SharePoint SSRF (CVE-2021-31950)
  Nagios XI custom-includes Component Arbitrary File Overwrite
  Oracle E-Business Suite Template Component DoS 1
  Oracle E-Business Suite Template Component DoS 2
  WebSVN Remote Code Execution
  Zenario CMS SQL Injection
  ManageEngine Applications Manager SQL Injection 7
  Apache Superset URL Shortener Open Redirect
  Web Application Cross-Site Scripting (XSS) 65 -c4
  Oracle E-Business Suite Template Component DoS 3
  Oracle E-Business Suite Template Component DoS 4
  ManageEngine Applications Manager XSS 1
  ManageEngine Applications Manager XSS 2
  WordPress plugin Backup Guard Arbitrary File Creation
  SolarWinds Network Performance Monitor Insecure Deserialization 1
  ForgeRock Open Access Management Insecure Deserialization
  ForgeRock Open Access Management Insecure Deserialization 2
  Microsoft SharePoint Remote Code Execution (CVE-2021-34467)
  Microsoft Exchange Server Remote Code Execution (CVE-2021-34473)
  Jenkins plugin Config File Provider XXE Injection
  ManageEngine ADSelfService Plus Remote Code Execution 1
  ManageEngine ServiceDesk Plus XSS 1
  ManageEngine Applications Manager XSS 3
  Webmin link.cgi Remote Code Execution
  Alibaba Nacos ConfigOpsController Authentication Bypass 1
  Web Application Remote Code Execution 39
  Atlassian Crowd Arbitrary File Creation 1
  Atlassian Crowd Remote Code Execution Postinfection
  MobileIron MDM Server Remote Code Execution 1
  Oracle E-Business Suite Setup/Admin XSS
  MobileIron MDM Server Remote Code Execution 2
  Oracle Business Intelligence Publisher Arbitrary File Creation
  WordPress plugin WooCommerce SQL Injection
  ElasticSearch CVE-2021-22145 Information Disclosure
  Oracle Business Intelligence Publisher XXE Injection 1
  Nagios XI monitoringwizard.php Command Injection 2
  Nagios XI monitoringwizard.php Command Injection 3
  Oracle Business Intelligence Publisher XXE Injection 2
  Microsoft Exchange Server Remote Code Execution (CVE-2021-34473) 2
  Microsoft Exchange Server Remote Code Execution (CVE-2021-34473) 3
  Atlassian Confluence Server Expression Language Injection 1
  Microsoft SharePoint Server Remote Code Execution (CVE-2024-30044)
  Oracle Business Intelligence Enterprise Insecure Deserialization 2
  Microsoft Exchange Server Security Feature Bypass (CVE-2021-31207)
  Nagios XI Bulk Modifications Tool SQL Injection
  Atlassian Confluence Server Expression Language Injection 2 -hl
  Atlassian Confluence Server Expression Language Injection 3
  Microsoft Open Management Infrastructure RCE (CVE-2021-38647) 2
  flatCore CMS Arbitrary File Creation
  VMware vCenter Server AsyncTelemetryController Arbitrary File Creation 1
  VMware vCenter Server DataAppController Arbitrary File Creation
  GitLab Mermaid Markdown XSS
  WordPress plugin Supsystic XSS
  Atlassian Confluence Server Arbitrary File Read 1
  Atlassian Confluence Server Arbitrary File Read 2
  Apache httpd Path Traversal (CVE-2021-42013)
  WordPress plugin OptinMonster Authentication Bypass
  Apache httpd mod_proxy SSRF
  SolarWinds Orion Patch Manager Insecure Deserialization 1
  VM2 Sandbox handleException RCE
  Micro Focus Operation Bridge Reporter Remote Code Execution
  Microsoft Exchange Server Remote Code Execution (CVE-2021-42321)
  Microsoft Exchange Server Remote Code Execution (CVE-2021-42321) 2
  Microsoft Exchange Server Spoofing Vulnerability (CVE-2021-41349)
  IBM Data Risk Manager Path Traversal
  IBM Data Risk Manager Command Injection
  Oracle WebLogic Server Remote Code Execution 2
  Java Web Application Remote Code Execution 19
  ZeroShell Remote Command Execution
  Sourcecodester Online Learning System SQL Injection
  Sourcecodester Online Learning Arbitrary File Upload
  Sourcecodester Simple Subscription Website SQL Injection
  Grafana plugins Directory Traversal
  GitLab OmniAuth Authentication Bypass
  Navigate CMS navigate.php SSRF
  Apache SkyWalking GraphQL SQL Injection
  WordPress plugin wp-file-manager Remote Code Execution
  Microsoft SharePoint Remote Code Execution (CVE-2020-16952) 1
  Microsoft SharePoint Remote Code Execution (CVE-2020-16952) 2
  Nagios XI CCM Arbitrary File Overwrite
  ThinkAdmin encode Directory Traversal
  Nagios XI mibs.php Command Injection
  Oracle WebLogic Server Remote Code Execution 1
  Microsoft SharePoint Remote Code Execution (CVE-2020-17061) 1
  Microsoft SharePoint Remote Code Execution (CVE-2020-17061) 2
  Nagios XI ajaxhelper.php Command Injection
  Ivanti EPM Mobile Authentication Bypass
  Adobe ColdFusion Insecure Deserialization 5
  Web Application SQL Injection (UNION SELECT) 11
  Web Application SQL Injection (CREATE TABLE) 8
  Web Application SQL Injection (OR) 6
  Web Application SQL Injection (OR) 5
  Web Application Cross-Site Scripting (XSS) 52
  IBM QRadar SIEM Insecure Deserialization 1
  IBM QRadar SIEM Insecure Deserialization 2
  IBM QRadar SIEM Insecure Deserialization 3
  Nagios XI SNMP Trap SQL Injection
  Java Web Application Remote Code Execution 13
  Web Application SQL Injection (PASSWORD) 2
  PHP-Fusion downloads.php Remote Command Execution
  Web Application Cross-Site Scripting (XSS) 69
  Web Application Cross-Site Scripting (XSS) 69 -c2
  Web Application SQL Injection (PASSWORD) 3
  Trend Micro IMSVA XXE Information Disclosure
  Atlassian JIRA ViewUserHover.jspa Information Disclosure
  Cisco Security Manager Insecure Deserialization 1
  WordPress plugin Easy WP SMTP Information Disclosure
  VMware Multiple Products Command Injection
  Cisco Security Manager Insecure Deserialization 2
  Arcserve D2D getNews XXE Injection
  Apache Struts OGNL Evaluation Remote Code Execution
  Microsoft Exchange Server Remote Code Execution (CVE-2020-17144)
  Web Application SQL Injection (CREATE TABLE) 2 -c2
  Microsoft Exchange Server Remote Code Execution (CVE-2020-17083) 1
  Microsoft Exchange Server Remote Code Execution (CVE-2020-17083) 2
  Trend Micro InterScan Messaging Security Information Disclosure 1
  Trend Micro InterScan Messaging Security Information Disclosure 2
  Nagios XI Auto-Discovery Remote Command Execution
  Microsoft Exchange Server Remote Code Execution (CVE-2020-17085)
  SolarWinds Orion Authentication Bypass
  Cisco Security Manager Insecure Deserialization 3
  Apache Flink JobManager Directory Traversal
  Web Application SQL Injection (UNION SELECT) 9
  Web Application SQL Injection (UNION SELECT) 9 -c2
  SAP Solution Manager Remote Code Execution
  Microsoft Exchange Server Remote Code Execution (CVE-2020-17132) 1
  Microsoft Exchange Server Remote Code Execution (CVE-2020-17132) 2
  Microsoft SharePoint Remote Code Execution (CVE-2021-24072)
  Web Application Remote Code Execution 90 -c2
  Web Application Remote Code Execution 91 -c2
  SolarWinds Orion Arbitrary File Write
  Trend Micro InterScan Web Security AddVLANItem Command Injection
  fluent-bit Memory Corruption 1
  Trend Micro InterScan Web Security Password Hashing Command Injection
  Webmin index.cgi XSS
  VMware vCenter Server VMSA-2021-0002 Remote Code Execution (Linux)
  VMware vCenter Server VMSA-2021-0002 Remote Code Execution (Windows)
  VMware vCenter Server vropspluginui Access
  VMware vCenter Server VMSA-2021-0002 Remote Code Execution 3
  VMware vCenter Server VMSA-2021-0002 Remote Code Execution 4
  VMware vCenter Server VMSA-2021-0002 Remote Code Execution 5
  VMware vCenter Server VMSA-2021-0002 Remote Code Execution 6
  VMware vCenter Server VMSA-2021-0002 Remote Code Execution 7
  Apache ActiveMQ message.jsp XSS
  Microsoft Exchange Server Remote Code Execution (CVE-2021-26857)
  Microsoft Exchange Server Remote Code Execution (CVE-2021-26855) 1
  Microsoft Exchange Server Remote Code Execution (CVE-2021-26855) 2
  Microsoft Exchange Server Remote Code Execution 1
  Node.js System Information Library Command Injection
  Microsoft Exchange Server Remote Code Execution (CVE-2020-17117)
  ManageEngine Applications Manager SQL Injection 5
  VMware View Planner VMSA-2021-0003 Arbitrary File Creation 1
  Microsoft Exchange Server Remote Code Execution (CVE-2021-26855) 4
  Apache Subversion mod_authz_svn DoS
  phpMyAdmin SearchController SQL Injection
  vBulletin Insecure Deserialization
  Apache Druid JavaScriptDimFilter Remote Code Execution
  OneDev AttachmentUploadServlet Insecure Deserialization 1
  Facade Ignition Insecure Deserialization 1
  Facade Ignition Insecure Deserialization 2
  SaltStack Salt salt.wheel.pillar_roots.write Directory Traversal 1
  SaltStack Salt salt.wheel.pillar_roots.write Directory Traversal 2
  Web Application Cross-Site Scripting (XSS) 65 -c3
  OpenEMR backup.php Command Injection 1
  OpenEMR backup.php Command Injection 2
  Microsoft Exchange Server Remote Code Execution (CVE-2021-26855) 3
  Micro Focus Operations Bridge Reporter Command Injection
  ThinkPHP Deprecated Request URI 1
  ThinkPHP Deprecated Request URI 2
  Microsoft Exchange Server Remote Code Execution (CVE-2021-27065)
  VMware View Planner VMSA-2021-0003 Arbitrary File Creation 2
  Microsoft Exchange Server Remote Code Execution (CVE-2021-26855) 5
  Apache OpenMeetings NetTest DoS 1
  ManageEngine ServiceDesk Plus Remote Command Execution
  Nagios XI monitoringwizard.php Command Injection 1
  CMS Made Simple Smarty Remote Code Execution
  Umbraco CMS svg File XSS 1
  Apache OFBiz Insecure Deserialization 3
  VMware vRealize Operations Manager API SSRF VMSA 2021-0004
  Microsoft Exchange Server Remote Code Execution (CVE-2021-26412)
  Web Application Cross-Site Scripting (XSS) 70 -c2
  VMware vRealize Operations Manager API Arbitrary File Write
  ManageEngine Applications Manager SQL Injection 6
  Microsoft Exchange Server Remote Code Execution (CVE-2021-26858)
  Synology DiskStation Manager RCE
  WBCE CMS SQL Injection
  VMware vCloud Director Remote Code Execution
  IBM Spectrum Protect Plus Command Injection
  IBM Spectrum Protect Plus Path Traversal
  Gila CMS SQL Injection
  Plex Media Server Insecure Deserialization
  WordPress plugin School Management Pro RCE
  Ivanti Avalanche imageFilePath Directory Traversal 2
  Apache ShenYu Admin JWT Authentication Bypass 2
  MiniDLNA UPnP Request Heap Corruption 1
  MiniDLNA UPnP Request Heap Corruption 2
  OneDev AttachmentUploadServlet Insecure Deserialization 2
  OneDev AttachmentUploadServlet Insecure Deserialization 3
  Magnolia CMS Cross-Site Scripting
  VestaCP Arbitrary File Upload
  FortiLogger Arbitrary File Upload
  SAP NetWeaver CRM Log injection Remote Command Execution 1
  SAP NetWeaver CRM Log injection Remote Command Execution 2
  Unitrends Backup HTTP API Remote Code Execution 1
  Unitrends Backup HTTP API Remote Code Execution 2
  Umbraco CMS svg File XSS 2
  VMware NSX SD WAN Edge Command Injection 1
  VMware NSX SD WAN Edge Command Injection 2
  TestLink Test Management Remote Code Execution
  Opsview Web Management Console Command Injection
  Opsview Monitor Test Connection Command Injection
  AMD Gaming Plays.tv Remote Code Execution 1
  AMD Gaming Plays.tv Remote Code Execution 2
  Composr CMS ajax_tree.php XSS
  Jellyfin Media Server Arbitrary File Read
  Quest KACE System Management Remote Code Execution
  TCPDF phar Wrapper Insecure Deserialization 1
  TCPDF phar Wrapper Insecure Deserialization 2
  WordPress plugin Booking Calendar SQL Injection
  WSO2 Management Console XSS
  Bludit Pages Editor Arbitrary File Upload
  Prestashop Extension blockwishlist Module SQLi
  Seo Panel alerts.php XSS
  Apache Tapestry Information Disclosure 4
  Apache Shiro Authentication Bypass 2
  Gerapy Remote Code Execution
  WordPress plugin WP Visitor Statistics SQL Injection
  Opmantek Open-AudIT Community XSS
  Quest KACE System Management Appliance XSS
  Quest KACE System Management Appliance Command Injection
  Quest KACE System Management Appliance Path Traversal
  HP SiteScope Remote Code Execution
  WordPress plugin HTML Forms SQLi
  Xplico Remote Command Execution
  Apache OpenWhisk Remote Code Execution
  Schools Alert Management Script Arbitrary File Upload
  Red Hat JBoss RichFaces Code Injection
  M1k1o Blog Unrestricted File Upload
  b2evolution CMS evoadm.php SQL Injection
  Spring Security OAuth Remote Code Execution
  WordPress post.php Arbitrary File Deletion
  WordPress plugin Advanced Uploader Unrestricted File Upload
  Ivanti Avalanche imageFilePath Directory Traversal 3
  Ivanti Avalanche imageFilePath Directory Traversal 4
  FasterXML Jackson Databind Insecure Serialization
  FasterXML Jackson Databind Insecure Serialization 2
  Moodle ddwtos Remote Code Execution
  Werkzeug Debug System Command Execution
  Oracle Communications Diameter Signaling Router SQLi
  OpenEMR OS Command Injection
  CMS Made Simple editusertag.php Remote Code Execution
  Nagios XI nagiosadmin User API Key Regeneration
  IBM QRadar SIEM Remote Code Execution
  Postbird IMG element XSS
  Codiad Web IDE Arbitrary File Upload
  Agentejo Cockpit CMS Remote Command Execution
  Agentejo Cockpit CMS NoSQL Injection 1
  Agentejo Cockpit CMS NoSQL Injection 2
  vBulletin cacheTemplates Arbitrary File Deletion
  DedeCMS SQL Injection 1
  ManageEngine Applications Manager Insecure Deserialization 1
  ManageEngine Applications Manager Insecure Deserialization 2 -hl
  ThinkPHP SQL Injection
  Rausoft ID.prove SQL injection
  Simple POS SQL Injection
  Grav CMS Server-Side Template Injection
  CentOS Web Panel Command Injection
  CentOS Web Panel Local File Inclusion
  Advanced HRM Remote Code Execution
  Accela Civic Platform Cross-Site Scripting 2
  OpenEMR Arbitrary File Upload
  DedeCMS SQL Injection 2
  Nextcloud Security Feature Bypass
  pfSense system_advanced_misc.php Command Injection
  Shopware loadPreviewAction XXE Injection
  Monstra CMS Arbitrary File Upload 1
  Fastjson parseObject RCE
  SAP NetWeaver Unrestricted File Upload
  SquirrelMail Remote Code Execution 2
  CMS Made Simple Cross Site Scripting 1
  OpenEMR Arbitrary File Upload 2
  Monstra CMS Arbitrary File Upload 2
  FUDForum Cross-Site Scripting
  PHP Melody SQL Injection
  JasperReports Path Traversal
  Oracle WebLogic Server XMLDecoder RCE 2
  Oracle WebLogic Server XMLDecoder RCE 3
  IPFire proxy.cgi Remote Code Execution 2
  Online Ordering System SQLi
  AlienVault USM/OSSIM Remote Code Execution 2
  CMS Made Simple Cross-Site Scripting 2
  Easy Hosting Control Panel XSS
  Joomla! Second Order SQL Injection
  WordPress load-scripts DoS
  Antsle antMan Authentication Bypass
  WordPress plugin XCloner Remote Code Execution
  WordPress plugin Modern Events Calendar Arbitrary File Upload
  ES File Explore Arbitrary File Read
  Cisco CiscoWorks Common Services Help Servlet XSS
  SolarWinds Network Performance Monitor Insecure Deserialization 2
  SolarWinds Network Performance Monitor Insecure Deserialization 3
  Microsoft Forefront UAG XSS (MS11-079)
  Apache Airflow DAG Command Injection 3
  Oracle GlassFish Server Administration XSS
  HP Data Protector LogClientInstallation SQL Injection
  HP Data Protector GetPolicies SQL Injection
  HP Data Protector RequestCopy SQL Injection
  HP Data Protector FinishedCopy SQL Injection
  Apache httpd mod_proxy_ajp DoS
  Prestashop Remote Command Execution
  Kaspersky Anti-Virus Reflected XSS
  ManageEngine ADSelfService Plus Remote Code Execution 2
  ManageEngine ADSelfService Plus Remote Code Execution 3
  ManageEngine ServiceDesk Plus XSS 2
  Apache OpenMeetings NetTest DoS 2
  Kaspersky Anti-Virus Remote Code Execution
  GrandNode Path Traversal
  ManageEngine Applications Manager XSS 4
  WordPress plugin LearnPress SQL Injection
  Feehi CMS Arbitrary File Upload
  Cisco Data Center Network Manager Log File Access
  Cisco Data Center Network Manager Local File Inclusion
  Alibaba Nacos ConfigOpsController Authentication Bypass 2
  Moodle h5p Activity Web Service SQL Injection
  Django SQL Injection 1
  Django SQL Injection 2
  LibreNMS Command Injection
  Pimcore Insecure Deserialization 1
  Pimcore Insecure Deserialization 2
  GetSimple CMS Arbitrary File Upload
  qdPM Remote Code Execution
  qdPM Path Traversal
  IBM Websphere Application Server Insecure Deserialization
  Pandora FMS Arbitrary File Upload 3
  AhsayCBS Arbitrary File Upload
  TeemIp IPAM Remote Command Injection
  Joomla! Core Directory Traversal
  pfSense apcupsd_status.php Cross-Site Scripting
  pfSense apcupsd_status.php Command Execution
  ThinStation Command Injection
  ThinStation Command Injection 2
  Strapi CSM Remote Code Execution
  Centreon main.get.php Command Injection 2
  LiveZilla Server HTTP Header XSS
  MuleSoft Runtime Insecure Deserialization
  HPE Moonshot Provisioning Manager Directory Traversal 3
  WordPress plugin AdRotate SQL Injection
  WordPress plugin Advanced CF7 DB SQL Injection
  WordPress plugin NextGEN Gallery SQL Injection
  Total.js CMS 12.0 Path Traversal
  NETSAS Enigma NMS OS Command Injection
  WordPress plugin Photo Gallery SQL Injection
  pfSense xmlrpc.php Code Injection 1
  pfSense xmlrpc.php Code Injection 2
  IBM Data Risk Manager Authentication Bypass
  Codiad Web IDE Remote Code Injection
  PrestaShop Arbitrary File Upload 1
  PrestaShop Arbitrary File Upload 2
  Nagios XI Remote Command Execution
  OpenCats XML External Entity Injection
  Exhibitor Web UI Command Injection 1
  Exhibitor Web UI Command Injection 2
  ThinkPHP Deprecated Request URI 3
  ThinkPHP Remote Command Execution
  Studio-42 elFinder connector.minimal.php Command Injection 1
  myfactory.FMS XSS
  Webmin upload.cgi Remote Code Execution
  Apache APISIX Security Feature Bypass 2
  Symantec DLP Cross-Site Scripting
  WordPress plugin Social Warfare XSS
  CMS Made Simple Arbitrary File Upload
  Atlassian Confluence Server Arbitrary File Read 3 -hl
  SysAid Help Desk Arbitrary File Upload
  rConfig search.crud.php Command Injection
  Pi-hole Gravity Updater Arbitrary File Upload
  Movable Type 7 r.5002 OS Command Injection
  Open-AudIT Arbitrary File Upload
  Microsoft Open Management Infrastructure RCE (CVE-2021-38647) 3
  EyesOfNetwork Command Injection
  EyesOfNetwork SQL Injection 1
  EyesOfNetwork SQL Injection 2
  Pulse Connect Secure Perl Template Remote Code Execution
  SAP NetWeaver AS Authentication Bypass
  Booked Scheduler Arbitrary File Upload
  Intellian Aptus Web Remote Command Execution
  Trend Micro Web Security Virtual Appliance Remote Code Execution
  WordPress plugin InfiniteWP Client Authentication Bypass
  WordPress plugin Download Manager XSS 1
  pfSense interfaces_groups XSS
  WordPress plugin LearnPress XSS 2
  SolarWinds Orion Patch Manager Insecure Deserialization 3
  Squid Range Header DoS 3
  WordPress plugin Download Manager XSS 2
  Micro Focus OBR SQL Injection
  DotNetNuke Cookie Value Insecure Deserialization
  Roundcube Webmail Local File Inclusion
  SAP NetWeaver AS JAVA XXE Injection
  Apache Shiro Cookie Deserialize Remote Code Execution
  SAP NetWeaver AS Java Directory Traversal 2
  GitLab DesignReferenceFilter Stored XSS
  Cacti Cookie Remote Command Execution
  Oracle iPlanet Web Server Remote File Inclusion 1
  Oracle iPlanet Web Server Remote File Inclusion 2
  Oracle iPlanet Web Server Authentication Bypass
  Synology DiskStation Manager RCE 2
  Micro Focus ArcSight Logger RCE
  GitLab ipynb Stored XSS 2
  WordPress plugin UpdraftPlus Unauthorized Backups Access
  Xerte fileupload.php Path Traversal
  Xerte getfile.php Path Traversal
  Mediawiki SyntaxHighlight Extension Parameters Injection
  October CMS Remote Code Execution
  PhpIPAM SQL Injection 1
  Moodle 2nd Order SQL Injection
  Tiny File Manager Webroot Disclosure
  Pluck CMS Unrestricted File Upload
  File Browser Remote Code Execution
  Jenkins CLI Remote Code Execution
  WordPress plugin Webapp-Builder Unrestricted File Upload 1
  WordPress plugin Wp2android Unrestricted File Upload
  WordPress plugin Webapp-Builder Unrestricted File Upload 2
  WordPress plugin App-Builder-by-Easytouch Unrestricted File Upload
  WordPress plugin Mobile App Native Unrestricted File Upload
  Telerik Web UI RadAsyncUpload Unrestricted File Upload
  Hyip Rio Arbitrary File Upload
  HP OpenView NNM netmon.exe Buffer Overflow
  FSMLabs TimeKeeper Commanmd Injection
  FSMLabs TimeKeeper Commanmd Injection 2
  AudimexEE Full Path Disclosure
  Gruppo SCAI RealGimm Arbitrary File Upload
  WordPress plugin Ajax Load More Path Traversal
  CloudPanel 2 Authentication Bypass
  Faculty Evaluation System Arbitrary File Upload
  WordPress Theme Workreap Arbitrary File Upload
  OpenTSDB Remote Code Execution
  Fortra DeliverNow SearchTextBox SQL Injection
  Cacti graph_view.php SQL Injection
  Craft CMS Arbitrary File Upload
  WordPress Plugin The Simple URLs XSS
  Atlassian Confluence Server Privilege Escalation 2
  Atlassian Confluence Server Privilege Escalation 3
  Supermicro BMC Command Injection
  XWiki Platform XWikiServerClassSheet Code Injection
  Trend Micro OfficeScan cgiRecvFile Directory Traversal 2
  NodeBB socket.io eventName DoS 3
  NodeBB socket.io eventName DoS 4
  NodeBB socket.io eventName DoS 5
  NodeBB socket.io eventName DoS 6
  Netscape Enterprise Server Information Disclosure
  Pi-hole Access Control Bypass
  MagnusSolution MagnusBilling Command Injection
  Cacti SNMP Command Injection 2
  Visualware MyConnection Server Arbitrary File Upload
  Visualware MyConnection Server Arbitrary File Upload 2
  Visualware MyConnection Server Arbitrary File Upload 3
  NextGen Mirth Connect RCE
  CachetHQ Server-Side Template Injection 2
  CachetHQ Server-Side Template Injection 3
  VMware Aria Operations for Networks Information Disclosure 2
  WordPress plugin Slider Revolution Arbitrary File Overwrite
  WordPress plugin Drag and Drop Multiple File Uploader Arbitrary File Upload
  WordPress plugin Events Made Easy SQL Injection
  WordPress plugin AYS Popup Box XSS
  Cogent DataHub Web Server Command Injection 2
  phpFileManager Remote Command Execution 1
  phpFileManager Remote Command Execution 2
  VegaDNS axfr_get.php Command Injection
  WordPress plugin Royal Elementor Arbitrary File Upload
  MyBB Custom MyCode XSS 1
  MyBB Custom MyCode XSS 2
  Atlassian Confluence Server Improper Authorization 2
  Atlassian Confluence Server Improper Authorization 3
  Microsoft SharePoint XSS (MS10-039)
  Microsoft IIS Directory Authentication Bypass (MS10-065)
  Microsoft IIS FastCGI Buffer Overflow (MS10-065)
  Microsoft IIS Repeated Parameter DoS (MS10-065)
  Orthanc Server Arbitrary File Upload
  Microsoft Exchange Server Spoofing Vulnerability (CVE-2023-36757)
  LG Simple Editor Arbitrary File Upload
  LG Simple Editor Path Traversal
  Adobe ColdFusion Remote Code Execution 4
  Arcserve UDP Remote Code Execution
  Arcserve UDP FileHandlingServlet Directory Traversal
  Microsoft Exchange Server Information Disclosure (CVE-2023-36777)
  Pimcore getFilterCondition SQL Injection 1
  Pimcore getFilterCondition SQL Injection 2
  HP OpenView NNM getnnmdata.exe Buffer Overflow
  HP OpenView NNM webappmon.exe Format String Attack
  Red Hat JBoss JMX Console Authentication Bypass
  HP Universal CMDB Authentication Bypass
  Squid string-comparison Function DoS
  WordPress plugin My Calendar SQL Injection
  pfSense status_logs_filter XSS
  pfSense interfaces_gif_edit.php Command Injection 1
  pfSense interfaces_gre_edit.php Command Injection 1
  LibreNMS Health View XSS
  Teampass Password Manager Arbitrary File Upload
  Squid HTTP Digest Authentication DoS
  Microsoft SharePoint Server Remote Code Execution (CVE-2024-21318) 1
  Microsoft SharePoint Server Remote Code Execution (CVE-2024-21318) 2
  Microsoft SharePoint Server Remote Code Execution (CVE-2024-21318) 3
  Microsoft SharePoint Server Remote Code Execution (CVE-2024-21318) 4
  Cisco Data Center Network Manager Directory Traversal 3
  Cisco Data Center Network Manager Directory Traversal 2
  Trend Micro OfficeScan cgiRecvFile Directory Traversal 1
  Ivanti Avalanche Inforail Service Command Injection
  Ivanti Avalanche Inforail Service Arbitrary File Creation
  ManageEngine ServiceDesk Plus Command Injection
  Commvault CommCell Arbitrary File Creation 1
  Apache OFBiz XML-RPC Insecure Deserialization 3
  rConfig devices.php SQL Injection
  WiKID 2FA Enterprise Server Log.jsp SQL Injection
  WiKID 2FA Enterprise Server processPref.jsp SQL Injection
  CPH2 Charging Station Command Injection
  Microsoft Exchange Server Spoofing Vulnerability (CVE-2023-38181)
  Atlassian Confluence Server Expression Language Injection 2
  Microsoft Exchange Server Spoofing Vulnerability (CVE-2023-36050)
  Cacti data_source Cross Site Scripting
  Cacti SNMP Notification Receivers SQLi
  Tencent tdsqlpcloud Critical Information Exposure
  Kyocera Device Manager NTLM Credential Exposure
  Supermicro BMC Cross-Site Scripting
  Apache httpd mod_proxy DoS 2
  Apache Airflow DAG Command Injection 5
  WordPress plugin LearnPress SQL Injection 2
  WordPress plugin LearnPress SQL Injection 3
  Ivanti Connect Secure Command Injection 1
  Ivanti Connect Secure Command Injection 2
  VMware vCenter Arbitrary File Read
  Likeshop Arbitrary File Upload
  NextGen Mirth Connect RCE 2
  Provectus Kafka UI RCE
  Microsoft Exchange Server Spoofing Vulnerability (CVE-2023-36039) 1
  Microsoft Exchange Server Spoofing Vulnerability (CVE-2023-36039) 2
  Microsoft Exchange Server Spoofing Vulnerability (CVE-2023-36039) 3
  Microsoft Exchange Server Spoofing Vulnerability (CVE-2023-36039) 4
  Microsoft Exchange Server Spoofing Vulnerability (CVE-2023-36039) 5
  HotelDruid Cross-Site Scripting
  Paessler PRTG Network Monitor Command Injection
  WordPress plugin Cookie Information Arbitrary Options Update (Admin)
  Microsoft Exchange Server Spoofing Vulnerability (CVE-2023-36035)
  Schlix CMS Arbitrary File Upload
  WordPress plugin POST SMTP Mailer Log View Attempt
  Form Tools Path Traversal
  Sourcecodester Information System SQLi
  WordPress plugin The Shield Security LFI
  ThoughtWorks GoCD Path Traversal
  ThoughtWorks GoCD Information Disclosure
  ThoughtWorks GoCD Information Disclosure 2
  LibreNMS address-search SQL Injection 2
  Upsmon Pro Path Traversal
  WordPress plugin Bricks Builder RCE
  HP OpenView NNM webappmon.exe Buffer Overflow 2
  Arcserve D2D Information Disclosure
  Sybase M-Business Anywhere Remote Code Execution
  Torrentpier Insecure Deserialization
  SCHUHFRIED Sensitive Information Exposure
  SCHUHFRIED Sensitive Information Exposure 2
  SCHUHFRIED Local File Inclusion
  WordPress plugin Ultimate Member SQLi
  Citrix XenApp Password Buffer Overflow
  Symantec IM Manager Management Console Remote Code Execution 1
  Symantec IM Manager Management Console Remote Code Execution 2
  HP NNMi XSS 1
  HP NNMi XSS 2
  HP NNMi XSS 3
  Microsoft Forefront UAG Session Cookie DoS
  Uverif Local File Inclusion
  Uverif Local File Inclusion 2
  Uverif Local File Inclusion 3
  WordPress plugin Ultimate Member SQLi 2
  WordPress plugin Better Search Replace Insecure Desearialization
  WordPress plugin Better Search Replace Insecure Desearialization 2
  Allegra GanttAndSchExportAction Directory Traversal
  Allegra getFileContentAsString Directory Traversal
  HP OpenView NNM nnmRptconfig.exe Buffer Overflow 1
  HP OpenView NNM nnmRptconfig.exe Buffer Overflow 2
  CA Total Defense SQL Injection
  CA Total Defense getDBConfigSettings Information Disclosure
  NextGen Mirth Connect RCE 3
  Nagios XI command_test.php Remote Code Execution
  WordPress plugin Popup Builder XSS
  WordPress plugin Popup Builder SSRF
  WordPress plugin Popup Builder LFI
  Avada Website Builder Arbitrary File Upload
  NextChat Server-Side Request Forgery (AWS Metadata Retrival)
  Webmin show.cgi Remote Command Execution 2
  Apache OFBiz loadJWT Authentication Bypass
  Datacube3 Unrestricted File Upload Vulnerability
  Nagios XI SQL Injection 2
  Cisco Network Registrar Authentication Bypass
  Python aiohttp Path Traversal
  Komm.One CMS Server-Side Template Injection
  Artica Proxy Insecure Deserialization 1
  WordPress plugin NotificationX SQLi
  OpenMetadata SpEL Injection
  OpenMetadata SpEL Injection 2
  OpenMetadata Authentication Bypass
  OpenMetadata Authentication Bypass 2
  Gambio Online Shop Software Insecure Deserialization
  WordPress plugin Elementor Website Builder Arbitrary File Upload
  SolarWinds Security Event Manager AMF Insecure Deserialization 3
  pgAdmin pga4 Session Path Traversal 2
  Jenkins CLI Cross-Site WebSocket Hijacking
  Squid Chunked Transfer DoS 2
  Jenkins plugin Build Monitor View XSS
  Arcserve UDP ImportNodeServlet Directory Traversal
  IBM Operational Decision Manager JNDI injection 2
  IBM Operational Decision Manager JNDI injection 3
  IBM Operational Decision Manager JNDI injection 4
  Anyscale Ray Arbitrary File Read
  Anyscale Ray Job Submission From Outside Network
  Anyscale Ray logproxy SSRF
  Gibbon School Management System Insecure Deserialization
  Artica Proxy Insecure Deserialization 2
  Artica Proxy Insecure Deserialization 3
  WordPress plugin WP Statistics XSS 2
  Microsoft Visual Studio Report Viewer Control XSS (MS11-067)
  Parse Server PostgreSQL SQL Injection
  JumpServer Ansible Playbook Input Validation Bypass
  JumpServer Ansible Playbook Jinja2 Template Injection
  WordPress plugin Advanced Custom Fields XSS 2
  Apache Solr Arbitrary Config File Upload 5
  Apache Solr Arbitrary Config File Upload 6
  Arcserve UDP ASNative.dll DoS
  Django UsernameField DoS
  Microsoft ASP.NET HashTable DoS (MS11-100) 1
  Microsoft ASP.NET HashTable DoS (MS11-100) 2
  Microsoft ASP.NET Forms Authentication Bypass (MS11-100) 1
  Microsoft ASP.NET Forms Authentication Bypass (MS11-100) 2
  Apache Struts OGNL Crafted Prefix Remote Code Execution 5
  Apache Struts OGNL Expression Language Injection 1
  Apache Struts OGNL Expression Language Injection 2
  IBM Spectrum Protect Plus Remote Code Execution 1
  Openfire Admin Console Directory Traversal 2
  Micro Focus GroupWise WebAccess XSS 3
  MicroWorld eScan Management Console SQLi
  XWiki Platform Scheduler Code Injection 1
  Progress MOVEit SQL Injection 4
  WordPress plugin AutoComplete Search SQLi
  Icinga Web 2 Path Traversal
  RealTimeLogic FuguHub Unrestricted File Upload
  Projectworlds Online Art Gallery Arbitrary File Upload
  Alcatel-Lucent OmniPCX Remote Command Execution
  POS Codekop Arbitrary File Upload
  Django Accept-Language Header DoS
  UVdesk Arbitrary File Upload
  GitLab GraphQL Description DoS 2
  ESDS eMagic Data Center Management Suit Command Injection
  PyroCMS Server-Side Template Injection
  RosarioSIS CSV Injection
  Webedition CMS Remote Code Execution
  RaspAP Command Injection
  RaspAP Command Injection 2
  RaspAP Command Injection 3
  Lexmark Devices Command Injection
  Lost and Found Information System SQLi
  Adobe ColdFusion Insecure Deserialization 7
  Adobe ColdFusion Insecure Deserialization 8
  PaperCut NG Path Traversal
  SourceCodester Inventory Management System SQLi
  WordPress plugin The Forminator Arbitrary File Upload
  HP OpenView NNM webappmon.exe Buffer Overflow
  HP SiteScope Information Disclosure 3
  WordPress plugin Backuply SQL Injection 1
  WordPress plugin Backuply SQL Injection 2
  ManageEngine ADAudit Plus SQL Injection
  SPIP BigUp Command Injection
  SPIP BigUp Command Injection 2
  Microsoft IIS WebDAV Source Code Disclosure
  Digdag getFile Directory Traversal
  Apache httpd NTML SSRF
  Cacti Malicious Hostname RCE
  Spring Cloud Data Flow Insecure Deserialization 1
  Spring Cloud Data Flow Insecure Deserialization 2
  Spring Cloud Data Flow Insecure Deserialization 3
  Hylafax Faxsurvey Remote Command Execution
  phf Remote Command Execution
  Gitorious Remote Command Execution
  Palo Alto Expedition Admin Credential Reset
  Palo Alto Expedition Command Injection
  Palo Alto Expedition SQL Injection
  Linear eMerge E3-Series Command Injection 3
  Palo Alto Expedition Command Injection 2
  ChurchCRM GetText.php SQL Injection
  VMware vSphere RetrieveProp DoS
  Ivanti EPM XXE Injection
  Ruby Devise Authentication Bypass
  VMware vCenter Server Heap Buffer Overflow
  angular-base64-upload Library Arbitrary File Upload
  SQLPad Server Side Template Injection
  ManageEngine EventLog Analyzer CSRF
  GeoServer OGC Remote Code Execution 4
  Easy File Sharing Web Server vfolder.ghp Buffer Overflow 1
  Easy File Sharing Web Server vfolder.ghp Buffer Overflow 2
  LibreNMS Alert Rules XSS
  ManageEngine multiple products URL Monitoring SQL Injection
  Ivanti EPM GetSQLStatement SQL Injection
  Wonder CMS Cross-Site Scripting
  WordPress plugin WPML Remote Code Execution
  Craft CMS GraphQL SQL Injection
  Zimbra Collaboration postjournal Service Remote Code Execution 2
  Zimbra Collaboration postjournal Service Remote Code Execution 3
  Ivanti CSA SQL Injection
  pyLoad addcrypted2 RCE
  Lansweeper HelpdeskActions.aspx Directory Traversal
  ManageEngine multiple products xmlsec Remote Code Execution 1
  ManageEngine multiple products xmlsec Remote Code Execution 2
  Zabbix Server Report Generation Arbitrary File Read
  Web Application XXE Injection 1 -c2
  Web Application Remote Code Execution 18
  Netdata Streaming Command Injection
  Adobe ColdFusion Directory Traversal 1
  Adobe ColdFusion Directory Traversal 2
  Apache Kylin spark-cmd Command Injection
  Microsoft Exchange Server Remote Code Execution (CVE-2023-21529)
  Fortra GoAnywhere Command Injection 1
  Fortra GoAnywhere Command Injection 2
  Oracle E-Business Suite Unrestricted File Upload 5
  dotCMS API Directory Traversal
  EMC CMCNE FileUploadController Information Disclosure
  GitLab Label Color XSS 1
  ManageEngine SupportCenter Plus Command Injection
  Apache httpd mod_log_config DoS 2
  McAfee Asset Manager downloadReport Directory Traversal
  Web Application SQL Injection (WAITFOR DELAY) 3
  lighttpd Host Header Directory Traversal
  Web Application SQL Injection (WAITFOR DELAY) 3 -c2
  NodeBB socket.io Privilege Escalation 1
  Atlassian JIRA Server-Side Template Injection
  Web Application Cross-Site Scripting (XSS) 87
  Apache Struts Directory Traversal
  WordPress plugin Paid Memberships Pro XSS
  HTTP Request with Malformed Host Header 5
  WordPress plugin WP Statistics SQL Injection 4
  ManageEngine ADManager Plus Arbitrary File Creation 5
  Web Application Remote Code Execution 56
  Web Application NULL Poisoning (php) 2
  Iomega StorCenter Pro Authentication Bypass
  gogs (GitHub repo) File Upload Command Injection 3
  XWiki Platform Annotations Code Injection
  Web Application Cross-Site Scripting (XSS) 89
  Web Application Cross-Site Scripting (XSS) 90
  GitLab Kroki Diagram XSS 1
  GitLab Kroki Diagram XSS 2
  Java Web Application Remote Code Execution 11
  Symantec LiveUpdate Administrator Security Feature Bypass
  HAProxy HTTP Header Access Control Bypass
  Ivanti Avalanche RCServlet Authentication Bypass
  pfSense restore_rrddata Function Command Injection
  ManageEngine ServiceDesk Plus comment Field XSS
  Web Application Cross-Site Scripting (XSS) 5
  Web Application Directory Traversal (/Windows/System32) 2
  Adobe ColdFusion Remote Code Execution 1
  McAfee Asset Manager ReportsAudit SQL Injection
  HTTP Request with Malformed Content-Type Header 2
  ManageEngine ADManager Plus Proxy Settings Command Injection 2
  Splunk collect script Directory Traversal
  XWiki Platform AttachmentSelector Code Injection
  pgAdmin Import Servers Directory Traversal 1
  PaperCut NG Authentication Bypass 2
  XWiki Platform LegacyNotificationAdministration Code Injection
  Froxlor Arbitrary File Creation 1
  VMware Aria Operations for Logs Insecure Deserialization 1
  Microsoft SharePoint Server Spoofing (CVE-2023-24950)
  Web Application Remote Code Execution 20
  CA ERwin Web Portal Directory Traversal 1
  Web Application SQL Injection (WAITFOR DELAY) 4
  Apache Struts ClassLoader Manipulation Spoofing 2
  Web Application SQL Injection (UNION SELECT) 2 -c3
  Web Application SQL Injection (WAITFOR DELAY) 4 -c2
  Web Application SQL Injection (WAITFOR DELAY) 5
  Web Application SQL Injection (WAITFOR DELAY) 5 -c2
  Web Application SQL Injection (WAITFOR DELAY) 6
  Web Application SQL Injection (WAITFOR DELAY) 7
  Web Application SQL Injection (WAITFOR DELAY) 7 -c2
  Web Application SQL Injection (WAITFOR DELAY) 8
  Web Application Cross-Site Scripting (XSS) 28
  Web Application SQL Injection (WAITFOR DELAY) 9
  Xerox DocuShare ResultBackgroundJobMultiple SQL Injection
  CA ERwin Web Portal Directory Traversal 2
  Web Application Remote Code Execution 36
  Web Application Remote Code Execution 22
  Symantec Messaging Gateway Management Console XXS
  Microsoft Exchange Server Remote Code Execution (CVE-2023-21707)
  CA ERwin Web Portal Directory Traversal 3
  Web Application XXE Injection 3
  Microsoft SharePoint XSS (MS14-022)
  Web Application XXE Injection 1
  ManageEngine OpManager getObjectData Insecure Deserialization
  Pimcore Search SQL Injection
  Cogent DataHub Web Server Command Injection 1
  Jenkins plugin Sidebar Link Directory Traversal 1
  Microsoft Exchange Server Remote Code Execution (CVE-2023-21529) 2
  GitLab Public Project Directory Traversal 1
  Microsoft SharePoint Server Elevation of Privilege (CVE-2023-29357)
  Apache Tomcat Chunk Size DoS
  Sybase ESP esp_parse ConnectionType Remote Code Execution
  Microsoft SharePoint Server Elevation of Privilege (CVE-2023-29357) 2
  HP Release Control Information Disclosure
  Splunk Lookup File Editing Directory Traversal
  Microsoft Exchange Server Remote Code Execution (CVE-2023-32031)
  Trend Micro Mobile Security Arbitrary File Deletion
  Apache RocketMQ Remote Code Execution 2
  Microsoft SharePoint Server Remote Code Execution (CVE-2023-33134)
  Microsoft SharePoint Remote Code Execution (CVE-2023-33157)
  XWiki Platform importinline XSS
  Progress MOVEit DoS
  XWiki Platform Scheduler Code Injection 1 -hl
  Web Application Cross-Site Scripting (XSS) 44
  Progress MOVEit X-Silock-Fileid SQL Injection
  Web Application Cross-Site Scripting (XSS) 44 -c2
  XWiki Platform InvitationGuestActions Code Injection
  Citrix ShareFile Directory Traversal 2
  Progress MOVEit FolderListRecursive SQL Injection
  Adobe ColdFusion Insecure Deserialization 3
  Web Application Attack 43
  Microsoft SharePoint Server Spoofing (CVE-2023-24950) 2
  GitLab GraphQL Description DoS
  Adobe ColdFusion Directory Traversal 3
  Ivanti Avalanche Remote Control Server Directory Traversal
  XWiki Platform SkinsCode.XWikiSkinsSheet Code Injection
  Web Application SQL Injection (SELECT SLEEP) 2
  WordPress plugin Kadence Blocks Arbitrary File Creation
  Pimcore GridHelperService SQL Injection 2
  JetBrains TeamCity Copy Build Step XSS
  LG Simple Editor copyStickerContent Directory Traversal
  PaperCut NG Authentication Bypass 3
  PaperCut NG Authentication Bypass 4
  Microsoft SharePoint Server Remote Code Execution (CVE-2023-24955) 1
  Microsoft SharePoint Server Remote Code Execution (CVE-2023-24955) 2
  Microsoft SharePoint Server Remote Code Execution (CVE-2023-24955) 3
  Microsoft SharePoint Server Remote Code Execution (CVE-2023-24955) 4
  Microsoft SharePoint Server Remote Code Execution (CVE-2023-24955) 5
  HTTP Request with Malformed Cookie Header 1
  Web Application Format String Attack 1
  Web Application SQL Injection (SELECT FROM) 2
  Web Application SQL Injection (UNION ALL) 2
  Microsoft SharePoint Server Remote Code Execution (CVE-2023-24955) 6
  Microsoft SharePoint Server Remote Code Execution (CVE-2023-24955) 7
  Progress WS_FTP Server Insecure Deserialization 1
  Apache Tomcat maxParameterCount DoS
  Microsoft Exchange Server Remote Code Execution (CVE-2023-36744)
  Web Application SQL Injection (UNION SELECT) 2
  Progress WS_FTP Server Insecure Deserialization 2
  GitLab CE/EE AutolinkFilter DoS
  Web Application SQL Injection (UPDATE SET) 2
  Dolibarr ERP CRM export.php Command Injection
  Apache Tomcat Open Redirect
  Web Application Format String Attack 2
  LG Simple Editor deleteCheckSession Directory Traversal
  Web Application Cross-Site Scripting (XSS) 40
  Titan MFT and SFTP Servers Path Traversal
  Web Application Directory Traversal 22
  Titan MFT and SFTP Servers Arbitrary File Access
  Sybase ESP esp_parse Connection Remote Code Execution
  Web Application SQL Injection (CREATE TABLE) 3
  Web Application Malformed Request URI 1
  Web Application SQL Injection (DELETE FROM) 2
  Web Application Malformed Request URI 2
  PineApp Mail-Secure ldapsyncnow.php Command Injection
  HTTP Request with Malformed Host Header 9
  Microsoft Exchange Server Remote Code Execution (CVE-2023-36756)
  Web Application SQL Injection (DELETE FROM) 3
  Web Application SQL Injection (DROP TABLE) 2
  Web Application XXE Injection 9
  Web Application Cross-Site Scripting (XSS) 88
  NodeBB socket.io eventName DoS 1
  NodeBB socket.io eventName DoS 2
  NetScaler ADC/Gateway Information Disclosure
  Cacti SNMP Command Injection 1
  Cacti sql_save Function SQL Injection
  Microsoft Exchange Server Remote Code Execution (CVE-2023-36778)
  Web Application SQL Injection (DROP TABLE) 3
  Web Application SQL Injection (INSERT INTO) 3
  LG Simple Editor cropImage Directory Traversal
  Web Application SQL Injection (SELECT FROM) 3
  McAfee ePolicy Orchestrator SQL Injection 1
  CachetHQ Server-Side Template Injection 1
  VMware Aria Operations for Networks Information Disclosure 1
  Metabase Remote Command Execution 1
  Web Application SQL Injection (UNION ALL) 3
  Web Application SQL Injection (UNION SELECT) 3
  Metabase Remote Command Execution 2
  Microsoft Exchange Server Remote Code Execution (CVE-2023-36745)
  Apache httpd HTTP/2 Initial Window Size DoS 1
  Apache httpd HTTP/2 Initial Window Size DoS 2
  Web Application SQL Injection (UPDATE SET) 3
  Veeam ONE Web Client NTLM hash Disclosure
  SysAid On-Prem Software Directory Traversal
  LG Simple Editor copyTemplateAll Directory Traversal
  PaperCut NG External User Lookup Code Injection
  Apache Submarine SnakeYaml Insecure Deserialization
  XWiki Platform XWiki.AdminSheet Code Injection -hl
  ownCloud GraphAPI Sensitive Data Exposure
  ownCloud pre-signed URL Authentication Bypass 1
  ownCloud pre-signed URL Authentication Bypass 2
  ManageEngine RecoveryManager Plus Proxy Command Injection 1
  ManageEngine RecoveryManager Plus Proxy Command Injection 2
  pfSense system_advanced_misc.php Command Injection 1
  pfSense system_advanced_misc.php Command Injection 2
  pfSense interfaces_gif_edit.php Command Injection 2
  pfSense interfaces_gre_edit.php Command Injection 2
  Web Application SQL Injection (CREATE TABLE) 4
  Web Application SQL Injection (INSERT INTO) 4
  boot.ini Access 2
  Web Application SQL Injection (DELETE FROM) 4
  Web Application SQL Injection (DROP TABLE) 4
  EvoLogical EvoCam Buffer Overflow
  Ivanti Avalanche Remote Control Server SSRF
  Web Application SQL Injection (SELECT FROM) 4
  PineApp Mail-Secure test_li_connection.php Command Injection 1
  Web Application SQL Injection (UNION ALL) 4
  GLPI Inventory Endpoint SQL Injection 1
  Web Application SQL Injection (UNION SELECT) 4
  GLPI Inventory Endpoint SQL Injection 2
  WordPress plugin Backup Migration Remote Code Execution
  GitLab CE/EE Password Manipulation
  Fortra GoAnywhere MFT Authentication Bypass
  Web Application SQL Injection (UPDATE SET) 4
  Ivanti Connect Secure Authentication Bypass
  Apache OFBiz Server-Side Request Forgery
  Apache Solr Metrics API Sensitive Data Exposure
  JetBrains YouTrack Server-Side Template Injection 1
  JetBrains YouTrack Server-Side Template Injection 2
  Web Application Directory Traversal 19
  Web Application Directory Traversal 13
  Ivanti Connect Secure Authentication Bypass 2
  Atlassian Confluence Data Center and Server SSTI 2
  Jenkins CLI Arbitrary File Read
  Fortra GoAnywhere MFT Authentication Bypass 2
  Ivanti Connect Secure Server-Side Request Forgery
  Ivanti Connect Secure Server-Side Request Forgery 2
  Web Application Directory Traversal 37
  Azure HDInsight Apache Oozie Workflow Scheduler XXE
  Azure HDInsight Apache Ambari JDBC Injection
  XWiki Platform SearchAdmin Code Injection 1
  XWiki Platform SearchAdmin Code Injection 2
  Jenkins CLI Arbitrary File Read 2
  Ivanti Connect Secure XXE Injection
  Ivanti Avalanche getAdhocFilePath Directory Traversal
  HTTP Request with Malformed If-Modified-Since Header 2
  WordPress plugin Backup Migration Command Injection
  Web Application Directory Traversal 20
  Web Application Suspicious File Upload 3 -c2
  Web Application Directory Traversal 29
  HP System Management Homepage XSS
  Web Application Attack 30
  Web Application Malformed Request URI 5
  Web Application Attack 46
  Web Application Malformed Request URI 6
  Web Application Cross-Site Scripting (XSS) 36
  Visual Mining NetCharts Directory Traversal 1
  Web Application Directory Traversal 6
  EMC CMCNE Directory Traversal 3
  Visual Mining NetCharts Server Arbitrary File Creation
  Web Application Remote Code Execution 38
  Web Application Remote Code Execution 26
  Symantec Endpoint Protection Manager XSS 1
  Symantec Endpoint Protection Manager XSS 2
  Web Application Remote Code Execution 27
  ManageEngine EventLog Analyzer Information Disclosure
  Web Application Attack 31
  Web Application Remote Code Execution 44
  Web Application Remote Code Execution 46
  Web Application Remote Code Execution 47
  Web Application Remote Code Execution 48
  Web Application Remote Code Execution 50
  Web Application Remote Code Execution 51
  Microsoft SharePoint DoS (MS13-067) 1
  Microsoft SharePoint DoS (MS13-067) 2
  Microsoft SharePoint Remote Code Execution (MS13-067)
  Web Application Remote Code Execution 52
  Microsoft SharePoint XSS (MS13-067)
  Web Application NULL Poisoning (jsp)
  Mitel Audio and Web Conferencing Command Injection
  Web Application SQL Injection (UNION SELECT) 5
  Web Application Suspicious File Upload 1
  Web Application SQL Injection (UNION SELECT) 6
  ManageEngine NetFlow Analyzer Directory Traversal
  ManageEngine Desktop Central Policy Bypass
  ManageEngine multiple products Directory Traversal
  Novell eDirectory IMONITOR XSS
  ManageEngine Desktop Central Directory Traversal 2
  Web Application Attack 32
  AlienVault OSSIM Web UI Remote Command Execution 2
  AlienVault OSSIM Web UI Remote Command Execution 1
  HP Performance Insight Remote Command Execution 1
  HP Performance Insight Remote Command Execution 2
  McAfee ePolicy Orchestrator Information Disclosure 1
  test-cgi Access
  Web Application Suspicious File Upload 8
  Web Application Suspicious File Upload 8 -c2
  Web Application Cross-Site Scripting (XSS) 46
  system.ini Access 2
  Web Application Remote Code Execution 24
  Web Application Directory Traversal (/Windows/System32) 1
  Spreecommerce Remote Command Execution
  Squid strHdrAcptLangGetItem DoS 2
  Web Application SQL Injection (OR) 4
  Web Application Attack 49
  Web Application Cross-Site Scripting (XSS) 16
  Web Application Attack 47
  Web Application Malformed Request URI 7
  /etc/shadow Access 2
  Web Application SQL Injection (AND) 1
  Web Application SQL Injection (USER) 1
  Web Application SQL Injection (HAVING)
  Web Application Cross-Site Scripting (XSS) 6
  Web Application Cross-Site Scripting (XSS) 7
  Web Application Cross-Site Scripting (XSS) 8
  Web Application SQL Injection (USER) 2
  Web Application Directory Traversal 10
  Web Application Cross-Site Scripting (XSS) 9
  Web Application Cross-Site Scripting (XSS) 10
  Web Application Cross-Site Scripting (XSS) 11 -c2
  Web Application Cross-Site Scripting (XSS) 12
  Web Application Cross-Site Scripting (XSS) 8 -c2
  Web Application Cross-Site Scripting (XSS) 15
  IBM Tivoli Endpoint Manager lcfd.exe Buffer Overflow
  HTTP Request with Malformed Range Header 1
  Web Application Directory Traversal 38
  HTTP Request with Malformed Host Header 7
  Web Application Attack 52
  Plone and Zope Remote Command Execution
  Web Application Suspicious File Upload 2 -c2
  Java Web Application Remote Code Execution 6
  Web Application Attack 33
  Web Application Attack 34
  HP OpenView NNM ovas.exe Buffer Overflow 2
  phpMyAdmin preg_replace Remote Code Execution
  HP iMC BIMS Arbitrary File Creation
  Web Application Attack 50
  HTTP Request with Malformed Range Header 2
  Web Application SQL Injection (INSERT INTO) 5
  HP OpenView NNM ovas.exe Buffer Overflow 3
  vBulletin Authentication Bypass
  Dolibarr ERP CRM SQL Injection 1
  Web Application NULL Poisoning (asp)
  Oracle GlassFish Server Web Container XSS 1
  Oracle GlassFish Server Web Container XSS 2
  Oracle GlassFish Server Web Container XSS 3
  Oracle GlassFish Server Web Container XSS 4
  Microsoft SharePoint XSS (MS13-035)
  HTTP Request with Malformed Content-Type Header 1
  Java Web Application Suspicious File Upload 3
  Java Web Application Suspicious File Upload 3 -c2
  HTTP Request with Malformed User-Agent Header 1
  Apache httpd mod_log_config DoS 1
  Web Application Cross-Site Scripting (XSS) 25
  Web Application Directory Traversal 14
  HTTP Request with Malformed User-Agent Header 2
  Web Application Directory Traversal 15
  Web Application Malformed Request URI 8
  Web Application XXE Injection 2
  Web Application SQL Injection (UNION SELECT) 7
  Web Application Remote File Inclusion 4
  Web Application Remote File Inclusion 5
  Web Application Remote File Inclusion 6
  Web Application Remote File Inclusion 7
  Web Application SQL Injection (UNION SELECT) 8
  Web Application Cross-Site Scripting (XSS) 35
  Web Application Cross-Site Scripting (XSS) 25 -c2
  Web Application Remote Code Execution 4 -c2
  Web Application Directory Traversal 11
  Web Application Directory Traversal 17
  HTTP Request with Malformed Connection Header 2
  HTTP Request with Malformed Transfer-Encoding Header 2
  Symantec Web Gateway SQL Injection 1
  SugarCRM unserialize Function Remote Code Execution 2
  Simple Web Server Buffer Overflow
  Web Application Remote Code Execution 31
  Apache Struts OGNL Wildcard Remote Code Execution 2
  Web Application Attack 58
  Oracle Business Transaction Management Arbitrary File Deletion
  Web Application Remote Code Execution 22 -c2
  Apache httpd .htpasswd Access
  /~bin Access
  HP SiteScope Security Feature Bypass 1
  HP SiteScope Security Feature Bypass 2
  HP SiteScope Directory Traversal
  Adobe ColdFusion cfmlsyntaxcheck.cfm Access
  Adobe ColdFusion cfcache.map Access
  Adobe ColdFusion startstop.html Access
  Web Application SQL Injection (CONVERT NVARCHAR) 1
  Web Application SQL Injection (CONVERT NVARCHAR) 2
  Apache httpd X-Forwarded-For Header DoS 1
  Apache httpd X-Forwarded-For Header DoS 2
  Webmin show.cgi Remote Command Execution
  ksh Remote Login
  sh Remote Login
  zsh Remote Login
  tcsh Remote Login
  csh Remote Login
  bash Remote Login
  Web Application Attack 35
  Web Application Attack 42
  HP SiteScope issueSiebelCmd Remote Code Execution
  Spring Cloud Function SpEL RCE 1
  Spring Cloud Function SpEL RCE 2
  Novell File Reporter VOL Tag Heap Buffer Overflow
  Novell Privileged User Manager modifyAccounts Policy Bypass
  Novell File Reporter Directory Traversal 1
  Novell Privileged User Manager eval Policy Bypass
  lighttpd Connection Header DoS 1
  Novell File Reporter Directory Traversal 2
  Adobe Indesign Server Remote Code Execution 1
  Ektron CMS XSLT Remote Code Execution
  Microsoft FrontPage author.dll Access
  Microsoft FrontPage author.exe Access
  Microsoft FrontPage shtml.dll Access
  Microsoft FrontPage shtml.exe Access
  Symantec Messaging Gateway save.do Access
  Web Application Malformed Request URI 20
  Symantec Messaging Gateway Directory Traversal
  Open Data Protocol DoS 1
  Ruby on Rails Remote Code Execution 1
  Ruby on Rails Remote Code Execution 2
  SolarWinds Storage Manager SQL Injection
  Umbraco CMS Remote Command Execution
  Web Application Suspicious File Upload 3
  Microsoft IIS MDAC Remote Command Execution
  WordPress plugin Google Doc Embedder Information Disclosure
  Nagios history.cgi Remote Command Execution
  Adobe Indesign Server Remote Code Execution 2
  Web Application Cross-Site Scripting (XSS) 37
  Web Application Cross-Site Scripting (XSS) 14
  WordPress Password Manipulation
  Web Application Cross-Site Scripting (XSS) 41
  Web Application Cross-Site Scripting (XSS) 42
  Web Application Remote Code Execution 9
  Nuxeo Platform Directory Traversal
  Web Application Remote Code Execution 77
  Web Application Remote Code Execution 78
  Ruby on Rails Action View Directory Traversal
  HTTP Request with Malformed Header 1
  ManageEngine Applications Manager Remote Code Execution
  Web Application Cross-Site Scripting (XSS) 58 -c2
  Nagios Autodiscovery Remote Command Execution
  Java Web Application Suspicious File Upload 1
  Java Web Application Suspicious File Upload 1 -c2
  Java Web Application Suspicious File Upload 2
  Java Web Application Suspicious File Upload 2 -c2
  Microsoft SharePoint XSS (MS13-024)
  Squid httpMakeVaryMark DoS 1
  Squid httpMakeVaryMark DoS 2
  Web Application Remote Code Execution 5 -c2
  WordPress plugin Advanced Custom Fields Remote File Inclusion
  HP iMC Arbitrary File Overwrite
  OpenPLI Remote Command Execution
  Squid strHdrAcptLangGetItem DoS 1
  Web Application Remote Code Execution 30
  Web Application Suspicious File Upload 2
  Novell ZENworks Configuration Management Directory Traversal 1
  HTTP Request with Malformed Range Header 3
  Apache Tomcat Transfer-Encoding Header DoS
  Ruby WEBrick DoS
  Web Application Attack 55
  HTTP Request with Malformed Accept-Encoding Header 1
  Apache Struts OGNL Wildcard Remote Code Execution 1
  Squid Port Number Handling DoS
  HTTP Request with Malformed User-Agent Header 3
  Web Application SQL Injection (CONCAT)
  eScan Web Management Console Command Injection
  HTTP Request with Malformed Referer Header 2
  HP ProCurve Manager Remote Code Execution 2
  Openfiler NetworkCard Object Remote Command Execution
  Web Application Malformed Request URI 9
  IBM Rational Focal Point Information Disclosure 3
  IBM Rational Focal Point Information Disclosure 4
  lighttpd Host Header SQL Injection
  Web Application XXE Injection 4
  Web Application XXE Injection 5
  Web Application XXE Injection 2 -c2
  McAfee ePolicy Orchestrator XXE Injection
  Web Application XXE Injection 6 -c2
  Symantec Workspace Streaming Remote Code Execution
  ElasticSearch Remote Code Execution
  Nagios Core Config Manager SQL Injection
  pfSense snort_log_view.php Local File Inclusion
  /etc/shadow Access 3
  CA ERwin Web Portal Directory Traversal 4
  Web Application Authentication Bypass 3
  Web Application Authentication Bypass 4
  Spring Framework Remote Code Execution (Spring4Shell) 3
  Spring Framework Remote Code Execution (Spring4Shell) 4
  Drupal core phar Stream Wrapper Remote Code Execution
  Apache Tomcat Arbitrary File Creation 3
  Apache httpd MPM Privilege Escalation
  WordPress _wp_attached_file Arbitrary File Overwrite
  Web Application Attack 8
  Web Application Attack 9
  Web Application Attack 10
  Web Application Attack 11
  Web Application Attack 12
  Web Application Attack 13
  Web Application Attack 14
  Web Application Attack 15
  Drupal core File module XSS 1
  Drupal core File module XSS 2
  Web Application Attack 16
  Web Application Attack 17
  Web Application Attack 18
  Web Application Attack 19
  Oracle WebLogic Server Core Components Directory Traversal 1
  Oracle WebLogic Server Core Components Directory Traversal 2
  Java Web Application Remote Code Execution 7
  Java Web Application Remote Code Execution 8
  ManageEngine Applications Manager SQL Injection 3
  Oracle WebLogic Server Information Disclosure 1
  Oracle WebLogic Server Information Disclosure 2
  Oracle WebLogic Server Insecure Deserialization 3
  Oracle WebLogic Server Insecure Deserialization 4
  Web Application Attack 20
  Web Application Attack 21
  Web Application Attack 22
  lighttpd burl.c Integer Overflow 1
  lighttpd burl.c Integer Overflow 2
  Atlassian Confluence Server Remote Code Execution
  Nagios XI Remote Command Execution 2
  Microsoft SharePoint Remote Code Execution (CVE-2019-0604) 1
  Web Application Remote Code Execution 84
  Microsoft SharePoint Remote Code Execution (CVE-2019-0604) 2
  Microsoft SharePoint Remote Code Execution (CVE-2019-0604) 3
  WordPress Comment Remote Code Execution
  HTTP Request with Malformed Accept Header 1
  OpenProject Activities API SQL Injection
  ManageEngine Applications Manager SQL Injection 4
  Ruby on Rails Remote Code Execution 3
  Ruby on Rails Remote Code Execution 4
  WordPress plugin Ninja Forms Remote Code Execution
  Microsoft SharePoint ActionRedirect.aspx Access
  Microsoft SharePoint downloadexternaldata.aspx Access
  Microsoft SharePoint profileredirect.aspx Access
  Oracle WebLogic Server Information Disclosure 3
  HPE Intelligent Management Center Insecure Deserialization 5
  Cisco Elastic Services Controller Authentication Bypass
  Adobe ColdFusion Arbitrary File Creation 3
  Oracle WebLogic Server Information Disclosure 4
  Cisco Prime Infrastructure/EPNM Directory Traversal 1
  Cisco Prime Infrastructure/EPNM Directory Traversal 2
  pfSense acme_accountkeys_edit.php XSS 1
  pfSense acme_accountkeys_edit.php XSS 2
  HPE Intelligent Management Center Remote Code Execution 3
  pfSense haproxy_listeners_edit.php XSS
  Oracle WebLogic Server Insecure Deserialization 5
  Oracle WebLogic Server Insecure Deserialization 6
  Web Application Attack 23
  Web Application Attack 25
  Web Application Attack 45
  HTTP Request with Malformed Header 4
  Adobe ColdFusion File Extension Blacklist Bypass
  Oracle WebLogic Server Information Disclosure 5
  Oracle WebLogic Server Information Disclosure 6
  Cisco Data Center Network Manager Arbitrary File Creation
  Web Application Cross-Site Scripting (XSS) 60
  Web Application Cross-Site Scripting (XSS) 61
  Web Application Cross-Site Scripting (XSS) 62
  Atlassian JIRA Server-Side Template Injection 1
  Atlassian JIRA Server-Side Template Injection 2
  Jenkins Core FileParameterValue Directory Traversal
  ThinkPHP Remote Code Execution 3
  HPE Intelligent Management Center Remote Code Execution 4
  Squid HttpHeader getAuth Heap Buffer Overflow 1
  Squid HttpHeader getAuth Heap Buffer Overflow 2
  HPE Intelligent Management Center Remote Code Execution 5
  HPE Intelligent Management Center Remote Code Execution 6
  Windows HTTP.sys HTTP/2 Server DoS (AUG 19) 1
  GitLab Projects Import Component Directory Traversal
  HTTP Request with Malformed User-Agent Header 4
  Jenkins Core Authentication Bypass
  HTTP Request with Malformed Accept-Language Header 1
  Apache httpd mod_md NULL Pointer Dereference
  Web Application Directory Traversal 39
  Apache Struts OGNL Wildcard Remote Code Execution 3
  Apache Struts OGNL Wildcard Remote Code Execution 4
  Apache Struts OGNL Wildcard Remote Code Execution 5
  Micro Focus Secure Messaging Gateway SQL Injection
  Oracle WebLogic Server Arbitrary File Creation 1
  Oracle WebLogic Server Arbitrary File Creation 2
  XML-RPC Malformed Request 1
  Web Application Remote Code Execution 79
  Web Application Remote Code Execution 80
  Apache Traffic Server Information Disclosure
  Spring Framework Remote Code Execution 1
  Java Web Application Remote Code Execution 20
  Web Application Remote Code Execution 64
  Apache Pluto Arbitrary File Creation
  Quest KACE System Management SQL Injection
  Web Application SQL Injection (CREATE TABLE) 1 -c3
  ManageEngine OpManager oputilsServlet Authentication Bypass
  ManageEngine OpManager setManaged SQL Injection
  jQuery-File-Upload Remote Code Execution
  ManageEngine OpManager Arbitrary File Creation 1
  ManageEngine OpManager Arbitrary File Creation 2
  ManageEngine OpManager Mail Server SQL Injection
  Web Application Cross-Site Scripting (XSS) 59
  Apache Commons FileUpload Remote Code Execution
  Adobe ColdFusion Arbitrary File Creation 2
  Nagios XI Snoopy Remote Command Execution 1
  Nagios XI Snoopy Remote Command Execution 2
  Oracle WebLogic Server Insecure Deserialization 2
  Nagios XI Remote Command Execution 1
  Apache ActiveMQ queue.jsp XSS
  Oracle Hospitality Simphony Directory Traversal
  IPFire Firewall backup.cgi Command Injection 1
  IPFire Firewall backup.cgi Command Injection 2
  GitLab Wiki API Remote Code Execution
  ThinkPHP Remote Code Execution 1
  Web Application Remote Code Execution 81
  Kubernetes API Privilege Escalation 1
  Kubernetes API Privilege Escalation 2
  phpMyAdmin server_databases.php XSS
  ManageEngine OpManager getGraphData SQL Injection
  ManageEngine OpManager Insecure Deserialization
  Nuxeo Platform Expression Language Injection
  ManageEngine OpManager Alarms SQL Injection
  Horde IMP Remote Code Execution
  Kubernetes Dashboard Authentication Bypass
  Java Web Application Remote Code Execution 19 -c2
  WordPress plugin Total Donations Authentication Bypass 1
  Apache Subversion mod_dav_svn DoS
  ManageEngine OpManager RequestXML XXE Injection
  Grafana Information Disclosure
  phpMyAdmin Local File Inclusion 2
  HPE Intelligent Management Center Remote Code Execution 1
  Web Application Directory Traversal 11 -c2
  Drupal REST module Remote Code Execution
  Web Application Directory Traversal 40
  Web Application Remote Code Execution 83
  Cisco Identity Services Engine XSS
  Sonatype Nexus Repository Remote Code Execution
  Adobe ColdFusion Insecure Deserialization 2
  HPE Intelligent Management Center Remote Code Execution 2
  HTTP Request with Malformed Content-Length Header 3
  HPE Intelligent Management Center Insecure Deserialization 3
  HPE Intelligent Management Center Insecure Deserialization 4
  Apache Solr Config API Insecure Deserialization
  IPFire ids.cgi Command Injection
  Trend Micro OfficeScan proxy.php Command Injection
  Dell Storage Manager Directory Traversal
  Java Web Application Remote Code Execution 12
  Web Application Attack 51
  Symantec Messaging Gateway Remote Code Execution
  Atlassian FishEye/Crucible Information Disclosure
  Web Application Cross-Site Scripting (XSS) 57
  Web Application SQL Injection (OR) 2 -c3
  Schneider Electric U.motion Builder SQL Injection 2
  Java Web Application Remote Code Execution 2
  Java Web Application Remote Code Execution 3
  Java Web Application Remote Code Execution 4
  OpenWebif saveConfig Function Remote Code Execution
  HPE Operations Orchestration Insecure Deserialization 2
  Apache Struts 2 REST Plugin DoS
  /etc/shadow Access 4
  Apache Tomcat Arbitrary File Creation 1
  Apache Tomcat Arbitrary File Creation 2
  Web Application Remote Code Execution 76
  Apache Solr Remote Code Execution 1
  Apache Solr Remote Code Execution 2
  Web Application Malformed Request URI 16
  Web Application Malformed Request URI 13
  HPE Intelligent Management Center Directory Traversal 3
  GNU Bash Command Injection (CVE-2014-6278)
  Web Application Suspicious File Upload 12
  HPE Intelligent Management Center Directory Traversal 2
  HPE Intelligent Management Center Insecure Deserialization 1
  Apache httpd mod_http2 NULL Pointer Dereference
  Oracle Fusion Middleware Identity Manager Default Account Login 1
  Oracle Fusion Middleware Identity Manager Default Account Login 2
  Red Hat JBoss Application Server Insecure Deserialization
  HPE Operations Orchestration Insecure Deserialization 3
  Cisco Prime Network Analysis Module graph sfile Directory Traversal
  Web Application SQL Injection (UNION ALL) 5
  Web Application Malformed Request URI 14
  ManageEngine ServiceDesk Information Disclosure
  Oracle WebLogic Server Insecure Deserialization 1
  vBulletin routestring Local File Inclusion
  HTTP Request with Malformed Content-Type Header 4
  NetGain Systems Enterprise Manager Remote Command Execution
  Quest NetVault Backup Buffer Overflow
  Node.js zlib Module DoS
  HPE Moonshot Provisioning Manager Directory Traversal
  Quest NetVault Backup Authentication Bypass
  Nagios history.cgi Remote Command Execution 2
  HPE Moonshot Provisioning Manager Directory Traversal 2
  EMC Data Protection Advisor Authentication Bypass 1
  EMC Data Protection Advisor Authentication Bypass 2
  EMC Data Protection Advisor Authentication Bypass 3
  Oracle Support Tools Command Injection 1
  HPE Intelligent Management Center Insecure Deserialization 2
  HTTP Request with Malformed Content-Type Header 5
  Trend Micro IMSVA Authentication Bypass
  Jenkins plugin Extended Choice Parameter Directory Traversal 1
  Jenkins plugin Extended Choice Parameter Directory Traversal 2
  Usermin Signature File Remote Command Execution
  Magento CE Cms_Wysiwyg Controller Remote Code Execution 2
  WordPress plugin Landing Pages Remote Code Execution
  NetGain Systems Enterprise Manager Remote Command Execution 2
  Apache Solr DataImportHandler Information Disclosure
  Drupal Form API Remote Code Execution 1
  Drupal Form API Remote Code Execution 2
  Roundcube Webmail archive.php Command Injection
  Drupal Form API Remote Code Execution 3
  Joomla! User Notes extension SQL Injection
  Web Application Malformed Request URI 15
  Drupal Form API Remote Code Execution 4
  Apache Tika ChmParser DoS
  Squid sslBumpAccessCheck DoS
  NetGain Systems Enterprise Manager Directory Traversal
  HAProxy H2 Frame Length Heap Buffer Overflow
  Web Application SQL Injection (UNION ALL) 6
  Apache Tika Command Injection
  IBM QRadar SIEM Authentication Bypass
  Oracle Support Tools Command Injection 2
  CMS Made Simple Admin Password Manipulation
  EMC Multiple Products Authentication Bypass
  Web Application SQL Injection (INSERT INTO) 6
  DotNetNuke XmlSerialization Remote Code Execution
  ManageEngine Desktop Central Arbitrary File Deletion
  phpMyAdmin Local File Inclusion 1
  Lansweeper EchoAssets.aspx XSS
  Tiny File Manager Path Traversal 1
  Pimcore Title Field XSS
  XWiki Platform XWikiServerClassSheet Code Injection -hl
  Studio-42 elFinder connector.minimal.php Directory Traversal
  OpenEMR Calendar Search SQL Injection
  Metabase GeoJSON Local File Inclusion
  VMware Workspace ONE Access Server-Side Template Injection 1
  Microsoft SharePoint Remote Code Execution (CVE-2022-30157) 1
  VMware Workspace ONE Access Server-Side Template Injection 2
  VMware Workspace ONE Access Server-Side Template Injection 3
  Microsoft SharePoint Remote Code Execution (CVE-2022-30157) 2
  Parse Server Prototype Pollution RCE 1
  Spring Cloud Function SpEL RCE 3
  Spring Cloud Function SpEL RCE 4
  Web Application (Java) Directory Traversal 1
  Web Application SQL Injection (DROP DATABASE) 1
  Web Application SQL Injection (DROP DATABASE) 2
  Web Application SQL Injection (DROP DATABASE) 3
  Web Application SQL Injection (DROP DATABASE) 4
  ManageEngine Password Manager SQL Injection 1
  Web Application (Java) Directory Traversal 2
  Studio-42 elFinder connector.minimal.php Arbitrary File Creation
  Web Application Attack 44
  Lansweeper AssetActions SQL Injection
  Micro Focus GroupWise WebAccess XSS 2
  SuiteCRM Remote Code Execution
  gogs (GitHub repo) File Upload Command Injection 1
  gogs (GitHub repo) File Upload Command Injection 2
  Web Application SQL Injection (CREATE TABLE) 2 -c3
  Web Application Cross-Site Scripting (XSS) 79
  PatrOwl Arbitrary File Upload 1
  PatrOwl Arbitrary File Upload 2
  Jenkins plugin Credentials Stored XSS
  Web Application Cross-Site Scripting (XSS) 80
  Web Application Cross-Site Scripting (XSS) 80 -c2
  Web Application Directory Traversal 36
  Web Application Remote Code Execution 59
  VMware vCenter Server AsyncTelemetryController Arbitrary File Creation 2
  nopCommerce Maintenance Directory Traversal
  Apache httpd mod_lua Denial of Service
  EMC Avamar Server Avamar Authentication Bypass
  HTTP Request with Malformed Transfer-Encoding Header 3
  Microsoft SharePoint Remote Code Execution (CVE-2022-37961)
  HTTP Request with Malformed Transfer-Encoding Header 3 -c2
  HTTP Request with Malformed Host Header 4
  ManageEngine OpManager getReportsData SQL Injection
  open-falcon SQL Injection
  Pimcore GridHelperService SQL Injection
  GLPI user_token SQL Injection
  Web Application Attack 56
  Spring Cloud Gateway Code Injection
  ManageEngine ADSelfService Plus Command Injection 1
  ManageEngine ADSelfService Plus Command Injection 2
  Apache httpd mod_sed Out-of-Bounds Write
  WordPress plugin Photo Gallery SQL Injection 3
  Web Application SQL Injection (WAITFOR DELAY) 2 -c2
  Jenkins plugin Badge XSS
  Java Web Application Remote Code Execution 14
  WordPress plugin Contact Form Entries XSS
  Java Web Application Remote Code Execution 14 -c2
  ManageEngine ADManager Plus Arbitrary File Creation 4
  Grafana Authentication Bypass
  Apache Kylin Information Disclosure
  Splunk Enterprise radio.html XSS 1
  Splunk Enterprise radio.html XSS 2
  Web Application Cross-Site Scripting (XSS) 78 -c3
  Web Application SQL Injection (WAITFOR DELAY) 2
  Web Application SQL Injection (OR) 2 -c2
  Web Application SQL Injection (OR) 2
  Jenkins plugin Matrix Project Stored XSS
  Web Application SQL Injection (SELECT FROM) 6
  Web Application SQL Injection (SELECT FROM) 7
  Web Application Cross-Site Scripting (XSS) 96
  HTTP Request with Malformed Content-Length Header 1 -c2
  Apache APISIX Dashboard Authentication Bypass 1
  Apache APISIX Dashboard Authentication Bypass 2
  Web Application Cross-Site Scripting (XSS) 67
  HTTP Request with Malformed Y-Forwarded-For Header 2
  Web Application Cross-Site Scripting (XSS) 68
  Oracle Fusion Middleware OpenSSO Agent Insecure Deserialization
  WordPress plugin WP Statistics SQL Injection 1
  WordPress plugin WP Statistics SQL Injection 2
  GitLab GitHub API Remote Code Execution
  Apache ShenYu /plugin API Authentication Bypass 1
  Apache ShenYu /plugin API Authentication Bypass 2
  HAProxy Set-Cookie2 Header DoS
  WordPress plugin TI WooCommerce Wishlist SQL Injection
  Lansweeper EchoAssets.aspx SQL Injection
  Dolibarr ERP CRM edit.php Code Injection 1
  Dolibarr ERP CRM edit.php Code Injection 2
  Django MultiPartParser DoS
  Pimcore Key Field XSS
  Apache APISIX Security Feature Bypass 1
  WordPress plugin Photo Gallery SQL Injection 2
  Dolibarr ERP CRM edit.php Code Injection 3
  Apache Airflow DAG Command Injection 1
  Apache Airflow DAG Command Injection 2
  Supervisor XML RPC Remote Code Execution
  Web Application Remote Code Execution 12
  Web Application Malformed Request URI (.pdf.js)
  Jenkins Stapler Remote Code Execution
  Web Application Malformed Request URI (.pdf.scr)
  ManageEngine multiple products ImageUploadServlet DoS 1
  Web Application Malformed Request URI (.pdf.bat)
  Atlassian JIRA Mobile plugin SSRF
  Oracle JDeveloper Insecure Deserialization 1
  WordPress plugin Userpro Authentication Bypass
  Apache Spark UI Remote Command Execution 2
  Apache Spark UI Remote Command Execution 3
  Spring Data MongoDB SpEL Expression Injection 1
  Spring Data MongoDB SpEL Expression Injection 2
  Spring Data MongoDB SpEL Expression Injection 3
  Spring Data MongoDB SpEL Expression Injection 4
  Web Application SQL Injection (OR) 1 -c4
  Node.js nghttp2 NULL Pointer Dereference
  Accela Civic Platform Cross-Site Scripting 1
  PHPCMS 2008 Code Injection
  Node.js llhttp Parser HTTP Request Smuggling 1
  Microsoft IIS HTTP.sys DoS (CVE-2022-35748)
  Zimbra Collaboration Memcache Command Injection 1
  Microsoft IIS Cachuri DoS (CVE-2022-22025)
  Web Application Cross-Site Scripting (XSS) 33
  VMware Workspace Multiple Products Authentication Bypass
  Web Application Suspicious File Upload 6
  Web Application Remote Code Execution 13
  Zimbra Collaboration mboximport Directory Traversal 1
  Ivanti Avalanche Web Server Authentication Bypass
  WordPress plugin UserPro Cross-Site Scripting
  ManageEngine Password Manager Insecure Deserialization
  Web Application Directory Traversal 12 -c2
  Zimbra Collaboration Memcache Command Injection 2
  Web Application Cross-Site Scripting (XSS) 31
  Web Application Cross-Site Scripting (XSS) 26
  Zimbra Collaboration Memcache Command Injection 3
  Zimbra Collaboration Memcache Command Injection 4
  Node.js llhttp Parser HTTP Request Smuggling 2
  Apache Unomi Expression Language Injection 1
  gogs (GitHub repo) Stored XSS
  Web Application Remote Code Execution 14
  Web Application Cross-Site Scripting (XSS) 32
  dotCMS Arbitrary File Upload
  Squid Cache Manager DoS
  GitLab Project Import Command Injection 1
  Web Application Cross-Site Scripting (XSS) 64 -c2
  Web Application Remote Code Execution 15
  Atlassian JIRA TeamManagement.jspa Reflected XSS
  Zimbra Collaboration mboximport Directory Traversal 2
  Java Web Application Remote Code Execution 9
  TYPO3 SQL Injection
  Apache OFBiz Server-Side Template Injection
  Web Application Cross-Site Scripting (XSS) 85
  Cisco Nexus DFC Insecure Deserialization
  WWBN AVideo unzipDirectory Directory Traversal
  Web Application XXE Injection 6
  Web Application Cross-Site Scripting (XSS) 78 -c2
  Web Application Cross-Site Scripting (XSS) 86
  ManageEngine multiple products getDNSResolveOption Remote Code Execution 1
  ManageEngine multiple products getDNSResolveOption Remote Code Execution 2
  WWBN AVideo downloadURL Command Injection
  Web Application Cross-Site Scripting (XSS) 55
  Java Web Application Remote Code Execution 1
  Web Application Remote Code Execution 16
  Web Application Suspicious File Upload 4
  WordPress plugin Ketchup Restaurant Reservations SQL Injection
  Web Application SQL Injection (UNION SELECT) 2 -c2
  XWiki Platform Web Parent POM Stored XSS 1
  XWiki Platform Web Parent POM Stored XSS 2
  GLPI htmlawed Module Code Injection 2
  XWiki Platform Tags.xml Code Injection
  Oracle Fusion Middleware Reports Developer Remote Code Execution
  Java Web Application Remote Code Execution 10
  Apache Kylin Cube Designer Command Injection
  pfSense firewall_aliases_edit.php Remote Code Execution
  Microsoft SharePoint Remote Code Execution (CVE-2022-38053) 2
  ManageEngine Password Manager SQL Injection 2
  Apache Airflow DAG Command Injection 4
  Web Application Remote Code Execution 17
  Atlassian Bitbucket Server Command Injection
  Microsoft SharePoint Remote Code Execution (CVE-2022-44690)
  GitLab GitHub API Remote Code Execution 2
  ManageEngine Password Manager SQL Injection 3
  pgAdmin utility_path Remote Code Execution
  Apache Tomcat Large Chunked Transfer DoS 1
  XWiki Platform Mentions UI Code Injection
  Apache Tomcat Large Chunked Transfer DoS 2
  Web Application Directory Traversal 24
  HTTP Request with Malformed Cookie Header 2
  VMware vCenter Server Content Library DoS
  SolarWinds Orion NPM SQL Injection 3
  Lansweeper AssetActions.aspx Directory Traversal
  Microsoft SharePoint Remote Code Execution (CVE-2022-35823)
  SolarWinds Network Performance Monitor Insecure Deserialization 4
  Spring Security RegexRequestMatcher Authorization Bypass 1
  Spring Security RegexRequestMatcher Authorization Bypass 2
  Ivanti Avalanche imageFilePath Directory Traversal 1
  Web Application Directory Traversal 16
  Web Application Cross-Site Scripting (XSS) 73 -c2
  Web Application Cross-Site Scripting (XSS) 54
  Java Web Application Remote Code Execution 21
  Java Web Application Remote Code Execution 16
  Java Web Application Remote Code Execution 17
  Java Web Application Remote Code Execution 18
  Web Application Cross-Site Scripting (XSS) 81
  Web Application Cross-Site Scripting (XSS) 82
  Web Application Cross-Site Scripting (XSS) 83
  Horde Groupware Webmail Insecure Deserialization
  Web Application Cross-Site Scripting (XSS) 74
  gogs (GitHub repo) Directory Traversal 1
  gogs (GitHub repo) Directory Traversal 2
  Web Application XXE Injection 7
  Apache httpd mod_sed Large Content DoS 1
  Apache httpd mod_sed Large Content DoS 2
  Web Application Malformed Request URI 23
  Adobe ColdFusion Insecure Deserialization 1
  Yonyou UFIDA NC BeanShell RCE (CNVD-2021-30167) 1
  Yonyou UFIDA NC BeanShell RCE (CNVD-2021-30167) 2
  Yonyou TurboCRM Change Password SQLi
  Zabbix Server setup.php Authentication Bypass
  Web Application Cross-Site Scripting (XSS) 84
  WordPress plugin WP Statistics XSS 1
  ManageEngine ADAudit Plus XXE Injection 2
  Web Application Malformed Request URI 12
  GLPI Login Page SQL Injection
  Web Application SQL Injection (xp_cmdshell) 2
  Web Application SQL Injection (xp_cmdshell) 3
  Web Application SQL Injection (xp_cmdshell) 4
  Web Application Malformed Request URI (.doc.exe)
  Web Application Malformed Request URI (.docx.exe)
  Web Application Cross-Site Scripting (XSS) 78 -c4
  Web Application Malformed Request URI (.xls.exe)
  Web Application Malformed Request URI (.xlsx.exe)
  Web Application Malformed Request URI (.jpg.exe)
  Web Application Remote Code Execution 11
  Web Application Malformed Request URI (.pdf.exe)
  Jenkins plugin GitHub Information Disclosure
  Eclipse Jetty WEB-INF Security Feature Bypass
  CyberPanel getresetstatus Remote Command Execution
  CyberPanel completePath Remote Command Execution
  Ivanti EPM SQL Injection 3
  CyberPanel upgrademysqlstatus Remote Command Execution
  Microsoft .NET Framework ObjRef Information Disclosure
  Microsoft .NET Framework ObjRef Information Disclosure 2
  Cisco Smart Licensing Utility Static Credentials Access
  HPE Intelligent Management Center Information Disclosure 1
  Cacti Log Path Arbitrary File Overwrite
  Progress Kemp LoadMaster Command Injection 7
  WordPress Automatic Plugin LFI
  WordPress Automatic Plugin SQL Injection 2
  OpenAPI Generator Path Traversal
  Progress WhatsUp Gold Information Disclosure 1
  Progress WhatsUp Gold Information Disclosure 2
  Ivanti CSA Authentication Bypass
  Apache Solr PKIAuthenticationPlugin Authentication Bypass
  JetBrains TeamCity Backup Directory Traversal
  Jenkins Remoting Library Insecure Deserialization 1
  Jenkins Remoting Library Insecure Deserialization 2
  Flysystem Arbitrary File Overwrite
  Web Application Suspicious form-data 2
  Web Application Remote Code Execution 85
  Web Application Suspicious form-data 1
  Web Application Suspicious form-data 1 -c2


Relevant Information