2016 April

[remote] – Advantech WebAccess Dashboard Viewer Arbitrary File Upload

Posted by deepcore under Security (No Respond)

Advantech WebAccess Dashboard Viewer Arbitrary File Upload

Notes v4.5 iOS – File Include Web Vulnerability

Posted by deepcore under exploit (No Respond)

The vulnerability laboratory core research team discovered a local file include vulnerability in the official Notes v4.5 iOS mobile web-application (wifi).

VoipNow v4.0.1 – (xajax_handler) Persistent Vulnerability

Posted by deepcore under exploit (No Respond)

The vulnerability laboratory core research team discovered an application-side input validation vulnerability in the VoipNow v4.0.1 web-application.

Sophos XG Firewall (SF01V) – Persistent Web Vulnerability

Posted by deepcore under exploit (No Respond)

An independent vulnerability laboratory researcher discovered an application-side validation vulnerability in the official Sophos XG Firewall (SF01V) appliance web-application.

Trend Micro (Account) – Email Spoofing Web Vulnerability

Posted by deepcore under exploit (No Respond)

The Vulnerability Laboratory Core Research Team discovered an application-side vulnerability in the official Trend Micro Accounts online service web-application.

Negin Group CMS – (v) Multiple Web Vulnerabilities

Posted by deepcore under exploit (No Respond)

The vulnerability laboratory core research team discovered multiple web vulnerabilities in the official Negin Group content management system.

[webapps] – Gemtek CPE7000 – WLTCS-106 Administrator SID Retriever (MSF)

Posted by deepcore under Security (No Respond)

Gemtek CPE7000 – WLTCS-106 Administrator SID Retriever (MSF)

Tags: 0day, remote exploit

[webapps] – C/C++ Offline Compiler and C For OS – Persistent XSS

Posted by deepcore under Security (No Respond)

C/C++ Offline Compiler and C For OS – Persistent XSS

Tags: 0day, remote exploit

[local] – CompuSource Systems – Real Time Home Banking – Local Privilege Escalation

Posted by deepcore under Security (No Respond)

CompuSource Systems – Real Time Home Banking – Local Privilege Escalation

Tags: 0day, remote exploit

[webapps] – Gemtek CPE7000 – WLTCS-106 sysconf.cgi Unauthenticated Remote Command Execution (MSF)

Posted by deepcore under Security (No Respond)

Gemtek CPE7000 – WLTCS-106 sysconf.cgi Unauthenticated Remote Command Execution (MSF)

Tags: 0day, remote exploit

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

[remote] – Advantech WebAccess Dashboard Viewer Arbitrary File Upload

Notes v4.5 iOS – File Include Web Vulnerability

VoipNow v4.0.1 – (xajax_handler) Persistent Vulnerability

Sophos XG Firewall (SF01V) – Persistent Web Vulnerability

Trend Micro (Account) – Email Spoofing Web Vulnerability

Negin Group CMS – (v) Multiple Web Vulnerabilities

[webapps] – Gemtek CPE7000 – WLTCS-106 Administrator SID Retriever (MSF)

[webapps] – C/C++ Offline Compiler and C For OS – Persistent XSS

[local] – CompuSource Systems – Real Time Home Banking – Local Privilege Escalation

[webapps] – Gemtek CPE7000 – WLTCS-106 sysconf.cgi Unauthenticated Remote Command Execution (MSF)

Tabs Switcher

Categories

Archives

Meta

BLOGROLL