Subscribe via feed.
Archive for February, 2016

Mobile Drive Free v.18 iOS – Multiple Web Vulnerabilities

Posted by deepcore under exploit (No Respond)

The Vulnerability Laboratory Core Research Team discovered multiple vulnerabilities in the official Mobile Drive Free iOS mobile web-application.

Getdpd BB #5 -Persistent Filename Vulnerability

Posted by deepcore under exploit (No Respond)

The Vulnerability Laboratory Research team discovered an application-side input validation web vulnerability in the official Getpdp online service web-application.

Equibase.com HTML Injection

Posted by deepcore under exploit (No Respond)

Equibase.com suffers from an html injection vulnerability that may allow for cross site scripting.

Atutor 2.2 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Atutor version 2.2 suffers from a cross site scripting vulnerability.

yTree 1.94-1.1 Buffer Overflow

Posted by deepcore under exploit (No Respond)

yTree version 1.94-1.1 suffers from a buffer overflow vulnerability.

D-Link DVG-N5402SP Path Traversal / Information Disclosure

Posted by deepcore under exploit (No Respond)

D-Link DVG-N5402SP suffers from path traversal, weak credential management, and information leakage vulnerabilities.

Opendocman 1.3.4 HTML Injection

Posted by deepcore under exploit (No Respond)

Opendocman version 1.3.4 suffers from an html injection vulnerability.

Opendocman 1.3.4 Cross Site Request Forgery

Posted by deepcore under exploit (No Respond)

Opendocman version 1.3.4 suffers from a cross site request forgery vulnerability.

MailPoet Newsletters 2.6.19 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

MailPoet Newsletters version 2.6.19 suffers from a cross site scripting vulnerability.

Mezzanine 4.1.0 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Mezzanine version 4.1.0 suffers from a cross site scripting vulnerability.