Comodo DLL Hijacking
Posted by deepcore under exploit (No Respond)
Comodo’s installers suffer from a DLL hijacking vulnerability.
Archive for March, 2016
WordPress MailChimp Subscribe Forms 1.1 Remote Code Execution
Posted by deepcore under exploit (No Respond)
WordPress MailChimp Subscribe Forms plugin version 1.1 suffers from a code execution vulnerability.
WordPress Facebook With Login 1.0 Cross Site Scripting / SQL Injection
Posted by deepcore under exploit (No Respond)
WordPress Facebook With Login plugin version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
WordPress Issuu Panel 1.6 Remote / Local File Inclusion
Posted by deepcore under exploit (No Respond)
WordPress Issuu Panel plugin version 1.6 suffers from local file inclusion and remote file inclusion vulnerabilities.
DirectAdmin CP 1.50.0 Cross Site Request Forgery
Posted by deepcore under exploit (No Respond)
DirectAdmin CP version 1.50.0 suffers from a client-side cross site request forgery vulnerability.
CCTV-DVR Remote Code Execution
Posted by deepcore under exploit (No Respond)
CCTV-DVR remote code execution exploit that affects over 70 different vendors.
Zyxel MAX3XX Series Wimax CPEs Hardcoded Root Password
Posted by deepcore under exploit (No Respond)
Plain text hardcoded passwords have been discovered in /bin/busybox and /bin/dropbear for Zyxel MAX3XX series Wimax CPEs.
[shellcode] – Linux/x86_x64 – execve(/bin/sh) – 26 bytes
Posted by deepcore under Security (No Respond)
Hi Technology & Services CMS – SQL Injection Vulnerabilities
Posted by deepcore under exploit (No Respond)
An independent vulnerability laboratory researcher discovered multiple sql injection web vulnerabilities in the Hi Technology & Services Content Management System.
OS X Kernel Use-After-Free / Double Delete
Posted by deepcore under Apple (No Respond)