[webapps] – AirOS 6.x – Arbitrary File Upload
Posted by deepcore under Security (No Respond)
Archive for April, 2016
[shellcode] – Linux/x86_64 – Read /etc/passwd – 65 bytes
Posted by deepcore under Security (No Respond)
UBNT Bug Bounty #2 – XML External Entity Vulnerability
Posted by deepcore under exploit (No Respond)
The Vulnerability Laboratory Core Research Team discovered a XEE Vulnerability in the official Ubnt online service web-application.
Django CMS v3.2.3 – Filter Bypass & Persistent Vulnerability
Posted by deepcore under exploit (No Respond)
The vulnerability laboratory core research team discovered an application-side vulnerability in the Django v3.2.3 Content Management System.
Webline CMS 2016Q2 SQL Injection
Posted by deepcore under exploit (No Respond)
Webline CMS 2016Q2 suffers from a remote SQL injection vulnerability.
Texas Instruments Calculators Emulator 3.03-nogdb+dfsg-3 Buffer Overflow
Posted by deepcore under exploit (No Respond)
Texas Instruments Calculators Emulator version 3.03-nogdb+dfsg-3 suffers from a buffer overflow vulnerability.
Dell KACE K1000 File Upload
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits a file upload vulnerability in Kace K1000 versions 5.0 to 5.3, 5.4 prior to 5.4.76849, and 5.5 prior to 5.5.90547 which allows unauthenticated users to execute arbitrary commands under the context of the ‘www’ user. This Metasploit module also abuses the ‘KSudoClient::RunCommandWait’ function to gain root privileges. This Metasploit module has […]
[dos] – Microsoft Office Excel Out-of-Bounds Read Remote Code Execution (MS16-042)
Posted by deepcore under Security (No Respond)
Microsoft Office Excel Out-of-Bounds Read Remote Code Execution (MS16-042)
Tags: 0day, remote exploit[webapps] – pfSense Firewall <= 2.2.6 – Services CSRF
Posted by deepcore under Security (No Respond)
[webapps] – PHPmongoDB 1.0.0 – Multiple Vulnerabilities
Posted by deepcore under Security (No Respond)