The Weekly Report

The 0Research weekly report contains the latest publicly published exploits, blacklisted IP's, and more. This report is MANUALLY updated every thursday night or friday monring.

Blacklist Last Updated: May 17, 2018
Exploits Last Updated: May 18, 2018
Software/Hardware Version Vulnerability CVE Severity Source
2345 Security Guard 3.7 DoS N/A Medium Link
Apache Struts 2 - Struts 1 Plugin Showcase ? Code Execution 2017-9791 Critical Link
Cisco Security Appliance SA520W Path Traversal N/A High Link
DynoRoot DHCP RHEL/CentOS Multiple Client Command Injection 2018-1111 High Link
EMC RecoverPoint 4.3 Command Injection N/A High Link
Healwire Online Pharmacy 3.0 Persistent XSS/CSRF N/A Medium Link
Horse Market Sell & Rent Portal Script 1.5.7 CSRF N/A Low Link
HPE iMC 7.3 RCE Multiple Critical Link
IBM Flashsystem/Storwize Multiple CSRF/Arbitrary Read Multiple High Link
Infinity Market Classified Ads Script 1.6.2 CSRF N/A Low Link
Intelbras NCLOUD 300 1.0 Authentication Bypass 2018-11094 High Link
Inteno IOPSYS 2.0-4.2.0 p610nd RCE N/A Critical Link
JasperReports Multiple 6.x.x Authenticated File Read Multiple High Link
Jenkins CLI ? Java Deserialization 2016-9299 Critical Link
Libuser roothelper 0.56.13-8/0.60-7 Privilege Escalation Multiple Critical Link
Linux < 4.16.9/<4.14.41 Info Leakage N/A Low Link
Linux 4.8.0 < 4.8.0-46 Privilege Escalation 2017-7308 High Link
Microsoft Edge Chakra JIT ? Bound Check Elimination 2018-0980 Medium Link
Microsoft Windows 2003 SP2 RCE N/A Critical Link
Microsoft Windows 10 Build 1709 Privilege Escalation 2018-8134 High Link
Monstra CMS 3.0.4 RCE 2018-9037 Critical Link
Monstra CMS 3.0.4 XSS N/A Medium Link
Multiplayer BlackJack Online Casino Game 2.5 Persistent XSS N/A Medium Link
MyBB 1.8.x DoS N/A Low Link
MyBB Admin Notes Plugin 1.1 CSRF N/A Low Link
MyBiz MyProcureNet 5.0.0 File Upload/XSS Multiple High Link
Nanopool Claymore Dual Miner 7.3 RCE 2018-1000049 Critical Link
NodAPS 4.0 SQLi/CSRF N/A High Link
Open-AudIT Community 2.2.0 XSS 2018-10314 Medium Link
Open-AudIT Professional 2.1.1 XSS 2018-9155 Medium Link
Powerlogic/Schneider Electric IONXXXX Series All CSRF 2016-5809 Low Link
Prime95 29.4b8 Stack Buffer Overflow N/A High Link
ProjectPier 0.8.8 SQLi/Authentication Bypass/RFI Multiple Citical Link
Rockwell Scada System 27.011 XSS 2016-2279 Medium Link
RSA Authentication Manager<8.3 P1 XEE Injection 2018-1247 High Link
SAP B2B/B2C CRM 2.x < 4.x LFI N/A Medium Link
SAP NetWeaver Web Dynopro 6.4 < 7.5 Information Disclosure N/A Medium Link
SuperCom Online Shopping Ecommerce Cart 1 Multiple N/A Medium Link
Totemomail Encryption Gateway 6.0.0 Build 371 CSRF 2018-6563 Low Link
VirtueMart 3.1.14 Persistent XSS 2018-7465 Medium Link
WordPress Metronet Tag Manager Plugin 1.2.7 CSRF N/A Low Link
WordPress WP Ulike 2.8.1 / 3.1 XSS N/A Medium Link
WordPress WP Ulike 2.8.1 / 3.1 Arbitrary Data Deletion N/A High Link
WordPress WP User Groups 2.0.0 CSRF N/A Low Link
WhatsApp 2.18.31 Memory Corruption N/A Medium Link
WUZHI CMS 4.1.0 XSS N/A Medium Link
WUZHI CMS 4.1.0 XSS N/A Medium Link
XATABoost 1.0.0 SQLi N/A High Link