Subscribe via feed.
Archive for February, 2016

eClinicalWorks Population Health (CCMR) SQL Injection / CSRF / XSS

Posted by deepcore under exploit (No Respond)

eClinicalWorks Population Health (CCMR) suffers from cross site request forgery, cross site scripting, session fixation, and remote SQL injection vulnerabilities.

Packet Storm New Exploits For January, 2016

Posted by deepcore under exploit (No Respond)

This archive contains 192 exploits that were added to Packet Storm in January, 2016.

Pdfium Opj_t2_read_packet_header Use-After-Free

Posted by deepcore under exploit (No Respond)

Pdfium suffers from a heap use-after-free in Opj_t2_read_packet_header (libopenjpeg).

[webapps] – ManageEngine EventLog Analyzer 4.0 – 10 – Privilege Escalation

Posted by deepcore under Security (No Respond)

ManageEngine EventLog Analyzer 4.0 – 10 – Privilege Escalation

Tags: ,

[webapps] – Manage Engine Network Configuration Manager Build 11000 – CSRF

Posted by deepcore under Security (No Respond)

Manage Engine Network Configuration Manager Build 11000 – CSRF

Tags: ,

[dos] – pdfium – opj_t2_read_packet_header (libopenjpeg) Heap Use-After-Free

Posted by deepcore under Security (No Respond)

pdfium – opj_t2_read_packet_header (libopenjpeg) Heap Use-After-Free

Tags: ,

[webapps] – eClinicalWorks (CCMR) – Multiple Vulnerabilities

Posted by deepcore under Security (No Respond)

eClinicalWorks (CCMR) – Multiple Vulnerabilities

Tags: ,

[dos] – Toshiba Viewer v2 p3console – Local Denial of Service

Posted by deepcore under Security (No Respond)

Toshiba Viewer v2 p3console – Local Denial of Service

Tags: ,

PayPal #123 – Security Key Pin Approval & Expire Bypass

Posted by deepcore under exploit (No Respond)

File Hub v3.3 iOS (Wifi) – Multiple Web Vulnerabilities

Posted by deepcore under exploit (No Respond)

The vulnerability laboratory core research team discovered multiple vulnerabilities in the official File Hub mobile iOS wifi web-application.