4 - 2016 - :: Deepquest ::

[EXPLOIT]

>> KNOX 2.3 Clipboard Data Disclosure

USER: deepcore // 2016-04-19 // 0 CMT

KNOX versions 1.0 through 2.3 on Android suffer from a clipboard data disclosure vulnerability.

[EXPLOIT]

>> Zarafe.net CMS 1.0 SQL Injection

USER: deepcore // 2016-04-19 // 0 CMT

Zarafe.net CMS version 1.0 suffers from a remote SQL injection vulnerability.

[EXPLOIT]

>> Novell ServiceDesk Authenticated File Upload

USER: deepcore // 2016-04-19 // 0 CMT

This Metasploit module exploits an authenticated arbitrary file upload via directory traversal to execute code on the target. It has been tested on versions 6.5 and 7.1.0, in Windows and…

[SECURITY]

>> [webapps] – modified eCommerce Shopsoftware 2.0.0.0 rev 9678 – Blind SQL Injection

USER: deepcore // 2016-04-19 // 0 CMT

modified eCommerce Shopsoftware 2.0.0.0 rev 9678 – Blind SQL Injection

[EXPLOIT]

>> Ahrare Andeysheh CMS – Multiple Web Vulnerabilities

USER: deepcore // 2016-04-18 // 0 CMT

An independent vulnerability laboratory researcher discovered multiple web vulnerabilities in the official Ahrare Andeysheh Content Management System.

[EXPLOIT]

>> Cyberoam CC v02.03.1 – Multiple Persistent Vulnerabilities

USER: deepcore // 2016-04-18 // 0 CMT

An independent vulnerability laboratory researcher discovered multiple application-side validation vulnerabilities in the offical Cyberoam Central Console v02.03.1 appliance web-application.

[EXPLOIT]

>> AVAST (My) #15 – (frontend.exception) CS XSS Vulnerability

USER: deepcore // 2016-04-18 // 0 CMT

An independent vulnerability laboratory researcher discovered a client-side cross site scripting web vulnerability in the official Avast Business online service web-application.