Subscribe via feed.
Archive for December, 2015

Grawlix 1.0.3 Cross Site Request Forgery

Posted by deepcore under exploit (No Respond)

Grawlix version 1.0.3 suffers from a cross site request forgery vulnerability.

Grawlix 1.0.3 Code Execution

Posted by deepcore under exploit (No Respond)

Grawlix version 1.0.3 suffers from a code execution vulnerability.

Arastta 1.1.5 SQL Injection

Posted by deepcore under exploit (No Respond)

Arastta version 1.1.5 suffers from a remote SQL injection vulnerability.

ATOMYMAXSITE 2.5 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

ATOMYMAXSITE CMS version 2.5 suffers from a cross site scripting vulnerability.

ATOMYMAXSITE 2.5 SQL Injection

Posted by deepcore under exploit (No Respond)

ATOMYMAXSITE CMS version 2.5 suffers from a remote SQL injection vulnerability.

Rips Scanner 0.5 Local File Inclusion

Posted by deepcore under exploit (No Respond)

Rips Scanner version 0.5 suffers from multiple local file inclusion vulnerabilities.

Rips Scanner 0.5 Directory Listing

Posted by deepcore under exploit (No Respond)

Rips Scanner version 0.5 suffers from a directory listing exposure vulnerability in leakscan.php.

XZERES 442SR Wind Turbine Cross Site Scripting

Posted by deepcore under exploit (No Respond)

XZERES 442SR wind turbine suffers from a cross site scripting vulnerability.

Nordex Control 2 (NC2) SCADA 16 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Nordex Control 2 (NC2) SCADA version 16 suffers from a cross site scripting vulnerability.

eWON XSS / CSRF / Session Management / RBAC Issues

Posted by deepcore under exploit (No Respond)

eWON routers with firmware versions prior to 10.1s0* suffer from cross site request forgery, session management, RBAC control, and cross site scripting vulnerabilities.