Patron Info System SQL Injection
Posted by deepcore under exploit (No Respond)
Patron Info System suffers from a remote SQL injection vulnerability.
Archive for April, 2016
Hi Technology And Services CMS SQL Injection
Posted by deepcore under exploit (No Respond)
Hi Technology and Services CMS suffers from a remote SQL injection vulnerability.
Docker UI 0.10.0 Cross Site Request Forgery
Posted by deepcore under exploit (No Respond)
Docker UI version 0.10.0 suffers from multiple client-side cross site request forgery vulnerabilities.
Docker UI 0.10.0 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Docker UI version 0.10.0 suffers from a persistent cross site scripting vulnerability.
Cades 2016Q1 SQL Injection
Posted by deepcore under exploit (No Respond)
Cades 2016Q1 suffers from a remote SQL injection vulnerability.
Dorsa Web CMS 2016 Q1 SQL Injection
Posted by deepcore under exploit (No Respond)
Dorsa Web CMS from 2016 Q1 suffers from a remote SQL injection vulnerability.
TrendMicro SSO Redirect / Session Theft
Posted by deepcore under exploit (No Respond)
TrendMicro’s SSO suffers from a redirection and session theft vulnerability.
Python 2.7 For iOS Filter Bypass
Posted by deepcore under exploit (No Respond)
Python 2.7 iOS application version 1.5.4 suffers from a filter bypass issue that allows malicious script code to get inserted client-side.
Wireshark Heap-Based Out-Of-Bounds Read
Posted by deepcore under exploit (No Respond)
A crash was identified due to a heap-based out-of-bounds read in dissect_pktc_rekey in an ASAN build of Wireshark (current git master).
Adobe Flash Color.setTransform Use-After-Free
Posted by deepcore under exploit (No Respond)
If Color.setTransform in Adobe Flash is set to a transform that deletes the field it is called on, a use-after-free occurs.