Vicidial 1.4.0.20 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Vicidial version 1.4.0.20 suffers from a reflective cross site scripting vulnerability.
Archive for June, 2016
http://lamphun.drr.go.th/index.htm
Posted by deepcore under Security (No Respond)
http://lamphun.drr.go.th/index.htm notified by Fallaga team
Tags: defacementhttp://mec.drr.go.th/index.htm
Posted by deepcore under Security (No Respond)
http://mec.drr.go.th/index.htm notified by Fallaga team
Tags: defacementhttp://video.drr.go.th/index.htm
Posted by deepcore under Security (No Respond)
http://video.drr.go.th/index.htm notified by Fallaga team
Tags: defacementhttp://trafficsafety.drr.go.th/index.htm
Posted by deepcore under Security (No Respond)
http://trafficsafety.drr.go.th/index.htm notified by Fallaga team
Tags: defacementFortiAnalyzer & FortiManager – CS Cross Site Vulnerability
Posted by deepcore under exploit (No Respond)
The Vulnerability Laboratory Core Research Team discovered a non-persistent web validation vulnerability in the official Fotinet FortiManager & Fortianalyzer appliance product series.
[webapps] – Tiki-Wiki CMS Calendar 14.2, 12.5 LTS, 9.11 LTS, and 6.15 – Remote Code Execution
Posted by deepcore under Security (No Respond)
Tiki-Wiki CMS Calendar 14.2, 12.5 LTS, 9.11 LTS, and 6.15 – Remote Code Execution
Tags: 0day, remote exploit[shellcode] – Linux x86_64 Shellcode Null-Free Reverse TCP Shell
Posted by deepcore under Security (No Respond)
[webapps] – SlimCMS 0.1 – CSRF (Change Admin Password)
Posted by deepcore under Security (No Respond)
[webapps] – ATCOM PBX IP01, IP08 , IP4G, IP2G4A – Authentication Bypass
Posted by deepcore under Security (No Respond)