Web2py 2.14.5 CSRF / XSS / Local File Inclusion
Posted by deepcore under exploit (No Respond)
Web2py version 2.14.5 suffers from cross site request forgery, cross site scripting, and local file inclusion vulnerabilities.
Archive for May, 2016
Teampass v2.1.25 – Arbitrary File Download Vulnerability
Posted by deepcore under exploit (No Respond)
An independent vulnerability laboratory researcher discovered an arbitrary file download vulnerability in the Teampass Password Manager v2.1.25 web-application.
http://barahom.go.th/by.htm
Posted by deepcore under Security (No Respond)
http://barahom.go.th/by.htm notified by GeNErAL
Tags: defacementhttp://khonkaen4.go.th/by.htm
Posted by deepcore under Security (No Respond)
http://khonkaen4.go.th/by.htm notified by GeNErAL
Tags: defacementhttp://bkkpro3.go.th/by.htm
Posted by deepcore under Security (No Respond)
http://bkkpro3.go.th/by.htm notified by GeNErAL
Tags: defacementhttp://board.bkkpro3.go.th/by.htm
Posted by deepcore under Security (No Respond)
http://board.bkkpro3.go.th/by.htm notified by GeNErAL
Tags: defacement[dos] – Adobe Flash – Heap Overflow in ATF Processing (Image Reading)
Posted by deepcore under Security (No Respond)
[dos] – Windows – gdi32.dll Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055)
Posted by deepcore under Security (No Respond)
Windows – gdi32.dll Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055)
Tags: 0day, remote exploit[dos] – Adobe Flash – Type Confusion in FileReference Constructor
Posted by deepcore under Security (No Respond)
[dos] – Windows – gdi32.dll Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055)
Posted by deepcore under Security (No Respond)
Windows – gdi32.dll Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055)
Tags: 0day, remote exploit