SMF (Simple Machine Forum) 2.0.10 Remote Memory Exfiltration
Posted by deepcore under exploit (No Respond)
SMF (Simple Machine Forum) versions 2.0.10 and below remote memory exfiltration exploit.
Archive for September, 2015
FortiManager 5.2.2 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
FortiManager version 5.2.2 suffers from multiple cross site scripting vulnerabilities.
[webapps] – X2Engine 4.2 – Arbitrary File Upload
Posted by deepcore under Security (No Respond)
[webapps] – X2Engine 4.2 – CSRF Vulnerability
Posted by deepcore under Security (No Respond)
[webapps] – FortiManager 5.2.2 – Persistent XSS Vulnerabilities
Posted by deepcore under Security (No Respond)
[dos] – FreshFTP 5.52 – .qfl Crash PoC
Posted by deepcore under Security (No Respond)
[local] – WinRar 5.21 – SFX OLE Command Execution
Posted by deepcore under Security (No Respond)
NodeBB v0.8.2 – Client Side Cross Site Web Vulnerability
Posted by deepcore under exploit (No Respond)
An independent vulnerability laboratory researcher discovered a client-side vulnerability in the offical NodeBB v0.8.2 forum web-application.
My.WiFi USB Drive v1.0 iOS – File Include Vulnerability
Posted by deepcore under exploit (No Respond)
The Vulnerability Laboratory Core Research Team discovered a local file include vulnerability in the official My.WiFi USB Drive v1.0 iOS mobile web-application.
Flowdock API Bug Bounty #3 – Persistent Web Vulnerability
Posted by deepcore under exploit (No Respond)
The Vulnerability Laboratory Research Team discovered an application-side input validation web vulnerability in the official Flowdock online service web-application.