[webapps] – Roundcube 1.1.3 – Path Traversal Vulnerability
Posted by deepcore under Security (No Respond)
Archive for January, 2016
WordPress Symposium Pro Social Network 16.1 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress Symposium Pro Social Network plugin version 16.1 suffers from a cross site scripting vulnerability.
Microsoft DirectShow Remote Code Execution
Posted by deepcore under exploit (No Respond)
There exists a buffer underflow vulnerability in devenum.dll!DeviceMoniker::Load when attempting to null terminate a user supplied string.
Microsoft Office / COM Object WMALFXGFXDSP.dll DLL Planting
Posted by deepcore under exploit (No Respond)
It is possible for an attacker to execute a DLL planting attack in Microsoft Office 2010 on Windows 7 x86 with a specially crafted OLE object.
FortiGate OS 5.0.7 SSH Backdoor
Posted by deepcore under exploit (No Respond)
Fortigate OS versions 4.x through 5.0.7 remote ssh backdoor exploit.
FingerTec Default Root Password / Remote Enrollment
Posted by deepcore under exploit (No Respond)
FingerTec devices have a default root password that allows for remote enrollment.
Hacking Team's Leak Helped Researchers Hunt Down A Zero-Day
Posted by deepcore under exploit (No Respond)
[webapps] – Manage Engine Application Manager 12.5 – Arbitrary Command Execution Vulnerability
Posted by deepcore under Security (No Respond)
Manage Engine Application Manager 12.5 – Arbitrary Command Execution Vulnerability
Tags: 0day, remote exploit[webapps] – SevOne NMS <= 5.3.6.0 – Remote Root Exploit
Posted by deepcore under Security (No Respond)
[webapps] – Manage Engine Applications Manager 12 – Multiple Vulnerabilities
Posted by deepcore under Security (No Respond)