We understand that it can be very difficult to find managed IT services and support company that covers Apple support, Windows support and Linux support.We use Microsoft Windows, Apple Mac OSX and Various Linux distributions on our own network....

Scanyoursecurity uses vulnerability scanning tools, both commercial and proprietary, as a part of our application assessment process. Vulnerability scanning is one part of our hybrid approach to application assessment. Combined with code review and security testing....

Your security team log many events -- more and more of them all the time. Unfortunately, they don't make much use of these logs except the oldest days when trying to understand something long after it happened.Firewall logs provide threats and traffic behaviour on the network....

Scanyoursecurity Firewall/Router Audit thoroughly evaluates the rule base for known security risks and policy violations. Firewalls and Routers must be implemented and maintained properly. Our Firewall/Router Audit provides a detailed analysis that reduces risks and increases perimeter security....


Scanyoursecurity is a consultancy responsible for protecting businesses from cyber threats, cyber-attacks, internal threats and business outages. Our technical experts have years of experience in recommending, specifying and implementing IT Security Solutions.

Port scanning is usually done in the initial phase of a penetration test in order to discover all network entry points into the target system. Port scanning is done differently for TCP ports and for UDP ports, which is why we have different tools. Before report, created result would have been completed with False Positive elimination accordingly.

Penetration Testing is to identify the presence of points where a threat (defined by the hacker) can be arranged with existing risks to achieve penetration. Scanyoursecurity helps to prevent penetration by identifying these points and providing effective methods for optimization before they are exploited by malicious hackers.


Up to Date

  • [webapps] UniSharp Laravel File Manager 2.0.0-alpha7 - Arbitrary File Upload
  • [dos] Linux - 'kvm_ioctl_create_device()' NULL Pointer Dereference
  • [webapps] qdPM 9.1 - 'search_by_extrafields[]' SQL Injection
  • [webapps] Jinja2 2.10 - 'from_string' Server Side Template Injection
  • [dos] VSCO - Denial of Service (PoC)
  • [webapps] MyBB Trash Bin Plugin 1.1.3 - Cross-Site Scripting / Cross-Site Request Forgery
  • [dos] Navicat for Oracle 12.1.15 - "Password" Denial of Service (PoC)
  • [dos] Free IP Switcher 3.1 - 'Computer Name' Denial of Service (PoC)
  • [dos] AirMore 1.6.1 - Denial of Service (PoC)
  • [dos] ApowerManager 3.1.7 - Phone Manager Remote Denial of Service (PoC)
  • [webapps] LayerBB 1.1.2 - Cross-Site Request Forgery (Add Admin)
  • [dos] MediaMonkey 4.1.23 - '.mp3' URL Denial of Service (PoC)
  • [webapps] WordPress Plugin Booking Calendar 8.4.3 - Authenticated SQL Injection
  • [webapps] DomainMOD 4.11.01 - 'assets/edit/host.php?whid=5' Cross-Site Scripting
  • [webapps] DomainMOD 4.11.01 - 'assets/add/dns.php' Cross-Site Scripting
  • [webapps] DomainMOD 4.11.01 - 'category.php CatagoryName, StakeHolder' Cross-Site Scripting
  • [webapps] DomainMOD 4.11.01 - 'ssl-accounts.php username' Cross-Site Scripting
  • [webapps] DomainMOD 4.11.01 - 'ssl-provider-name' Cross-Site Scripting
  • [dos] Core FTP/SFTP Server 1.2 Build 589.42 - 'User domain' Denial of Service (PoC)
  • [local] exacqVision ESM 5.12.2 - Privilege Escalation
  • [local] runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout (2)
  • [webapps] PilusCart 1.4.1 - 'send' SQL Injection
  • [dos] NetworkSleuth 3.0 - 'Name' Denial of Service (PoC)
  • [webapps] Rukovoditel Project Management CRM 2.4.1 - Cross-Site Scripting
  • [local] snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (2)
  • [local] snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (1)
  • [local] runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout (1)
  • [dos] Skyworth GPON HomeGateways and Optical Network Terminals - Stack Overflow
  • [dos] Android - binder Use-After-Free of VMA via race Between reclaim and munmap
  • [dos] Android - binder Use-After-Free via fdget() Optimization
  • [webapps] LayerBB 1.1.2 - Cross-Site Scripting
  • [webapps] BlogEngine.NET 3.3.6 - Directory Traversal / Remote Code Execution
  • [webapps] Jenkins 2.150.2 - Remote Command Execution (Metasploit)
  • [webapps] OPNsense < 19.1.1 - Cross-Site Scripting
  • [webapps] Webiness Inventory 2.3 - 'email' SQL Injection
  • [webapps] CentOS Web Panel - Persistent Cross-Site Scripting
  • [webapps] VA MAX 8.3.4 - Authenticated Remote Code Execution
  • [webapps] MyBB Bans List 1.0 - Cross-Site Scripting
  • [local] River Past Video Cleaner 7.6.3 - Local Buffer Overflow (SEH)
  • [local] Avast Anti-Virus < 19.1.2360 - Local Credentials Disclosure
  • [webapps] IPFire 2.21 - Cross-Site Scripting
  • [dos] NordVPN 6.19.6 - Denial of Service (PoC)
  • [remote] Indusoft Web Studio 8.1 SP2 - Remote Code Execution
  • [local] Evince - CBT File Command Injection (Metasploit)
  • [remote] NUUO NVRmini - upgrade_handle.php Remote Command Execution (Metasploit)
  • [remote] Adobe Flash Player - DeleteRangeTimelineOperation Type Confusion (Metasploit)
  • [dos] FutureDj Pro - Denial of Service
  • [dos] AirDroid - Denial of Service
  • [webapps] Coship Wireless Router 4.0.0.x/5.0.0.x - WiFi Password Reset
  • [local] River Past Cam Do 3.7.6 - Local Buffer Overflow (SEH)