Mezzanine 4.1.0 Arbitrary File Upload
Posted by deepcore under exploit (No Respond)
Mezzanine version 4.1.0 suffers from an arbitrary file upload vulnerability.
Archive for February, 2016
UliCMS 9.8.1 SQL Injection
Posted by deepcore under exploit (No Respond)
UliCMS versions 9.8.1 and below suffer from a remote SQL injection vulnerability.
GE Industrial Solutions UPS SNMP Adapter Command Injection
Posted by deepcore under exploit (No Respond)
GE Industrial Solutions UPS SNMP adapter suffers from command injection and clear-text storage of sensitive information.
Timeclock 0.995 SQL Injection
Posted by deepcore under exploit (No Respond)
Timeclock version 0.995 suffers from a remote SQL injection vulnerability.
ASUS RT-N56U 3.0.0.4.374_239 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
ASUS RT-N56U version 3.0.0.4.374_239 suffers from a persistent cross site scripting vulnerability.
ThumbDrive v1.1 (USB) iOS – Multiple Web Vulnerabilities
Posted by deepcore under exploit (No Respond)
The Vulnerability Laboratory Core Research Team discovered multiple vulnerabilities in the official ThumbDrive v1.1 iOS mobile web-application.
Apple iOS v9.x – Application Update Loop Pass Code Bypass
Posted by deepcore under exploit (No Respond)
Apple iOS v9.x – Application Update Loop Pass Code Bypass
Posted by deepcore under exploit (No Respond)
The Vulnerability Laboratory Core Research Team discovered a pass code lock auth bypass vulnerability in the official Apple iOS (iPhone5&6|iPad2) v8.x, v9.0, v9.1 & v9.2.
Barracuda Networks MDM – Persistent Mail Vulnerability
Posted by deepcore under exploit (No Respond)
The Vulnerability Laboratory Research Team discovered a persistent vulnerability in the Barracuda Networks Mobile Device Manager appliance web-application.
Oracle 9i XDB FTP Pass Overflow
Posted by deepcore under exploit (No Respond)
Oracle 9i XDB FTP PASS overflow for win32. Ported to python from the oracle9i_xdb_ftp_pass.rb exploit.