[remote] – Inductive Automation Ignition 7.8.1 Remote Leakage Of Shared Buffers
Posted by deepcore under Security (No Respond)
Archive for February, 2016
ifixit Bug Bounty #5 – Guide Search Persistent Vulnerability
Posted by deepcore under exploit (No Respond)
The Vulnerability Laboratory Core Research Team discovered an application-side input validation web vulnerability in the official ifixit online service web-application.
ifixit Bug Bounty #5 – Guide Search Persistent Vulnerability
Posted by deepcore under exploit (No Respond)
Chamilo LMS – Persistent Cross Site Scripting Vulnerability
Posted by deepcore under exploit (No Respond)
A persistent cross site scripting vulnerability has been discoverd in the official web-application Product Chamilo LMS.
WordPress ALO EasyMail Newsletter 2.6.01 CSRF
Posted by deepcore under exploit (No Respond)
WordPress ALO EasyMail Newsletter plugin version 2.6.01 suffers from a cross site request forgery vulnerability.
Google Sites Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Google Sites suffered from a persistent cross site scripting vulnerability.
desk.com Cross Site Scripting
Posted by deepcore under exploit (No Respond)
desk.com suffered from a cross site scripting vulnerability.
Windows Kerberos Security Feature Bypass
Posted by deepcore under exploit (No Respond)
Windows kerberos security feature bypass exploit that leverages the vulnerability discussed in MS16-014.
Manage Engine OPutils 8.0 Cross Site Request Forgery / Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Manage Engine OPutils version 8.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
Manage Engine OPutils 8.0 Privilege Escalation
Posted by deepcore under exploit (No Respond)
Manage Engine OPutils version 8.0 suffers from a privilege escalation vulnerability.