KNOX 2.3 Clipboard Data Disclosure
Posted by deepcore under exploit (No Respond)
KNOX versions 1.0 through 2.3 on Android suffer from a clipboard data disclosure vulnerability.
Archive for April, 2016
Zarafe.net CMS 1.0 SQL Injection
Posted by deepcore under exploit (No Respond)
Zarafe.net CMS version 1.0 suffers from a remote SQL injection vulnerability.
Novell ServiceDesk Authenticated File Upload
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits an authenticated arbitrary file upload via directory traversal to execute code on the target. It has been tested on versions 6.5 and 7.1.0, in Windows and Linux installations of Novell ServiceDesk, as well as the Virtual Appliance provided by Novell.
[webapps] – modified eCommerce Shopsoftware 2.0.0.0 rev 9678 – Blind SQL Injection
Posted by deepcore under Security (No Respond)
Ahrare Andeysheh CMS – Multiple Web Vulnerabilities
Posted by deepcore under exploit (No Respond)
An independent vulnerability laboratory researcher discovered multiple web vulnerabilities in the official Ahrare Andeysheh Content Management System.
Cyberoam CC v02.03.1 – Multiple Persistent Vulnerabilities
Posted by deepcore under exploit (No Respond)
An independent vulnerability laboratory researcher discovered multiple application-side validation vulnerabilities in the offical Cyberoam Central Console v02.03.1 appliance web-application.
AVAST (My) #15 – (frontend.exception) CS XSS Vulnerability
Posted by deepcore under exploit (No Respond)
An independent vulnerability laboratory researcher discovered a client-side cross site scripting web vulnerability in the official Avast Business online service web-application.
[remote] – Novell ServiceDesk Authenticated File Upload
Posted by deepcore under Security (No Respond)
[webapps] – pfSense Community Edition 2.2.6 – Multiple Vulnerabilities
Posted by deepcore under Security (No Respond)
[dos] – TH692 Outdoor P2P HD Waterproof IP Camera – Hard Coded Credentials
Posted by deepcore under Security (No Respond)