2016 October

Colorful Blog Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Colorful Blog suffers from a persistent cross site scripting vulnerability.

ATKGFNEXSrv ATKGFNEX 1.0.11.1 Privilege Escalation

Posted by deepcore under exploit (No Respond)

ATKGFNEXSrv ATKGFNEX version 1.0.11.1 suffers from an unquoted service path privilege escalation vulnerability.

Colorful Blog Cross Site Request Forgery

Posted by deepcore under exploit (No Respond)

Colorful Blog suffers from a cross site request forgery vulnerability.

ASLDRService ATK Hotkey 1.0.69.0 Privilege Escalation

Posted by deepcore under exploit (No Respond)

ASLDRService ATK Hotkey version 1.0.69.0 suffers from an unquoted service path privilege escalation vulnerability.

InsOnSrv Asus InstantOn 2.3.1.1 Privilege Escalation

Posted by deepcore under exploit (No Respond)

InsOnSrv Asus InstantOn version 2.3.1.1 suffers from an unquoted service path privilege escalation vulnerability.

Simple Blog PHP 2.0 Cross Site Request Forgery / Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Simple Blog PHP version 2.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

Simple Blog PHP 2.0 SQL Injection

Posted by deepcore under exploit (No Respond)

Simple Blog PHP version 2.0 suffers from a remote SQL injection vulnerability.

WordPress Newsletter 4.6.0 Cross Site Request Forgery / Cross Site Scripting

Posted by deepcore under exploit (No Respond)

WordPress Newsletter plugin version 4.6.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

Ruby on Rails Dynamic Render File Upload Remote Code Execution

Posted by deepcore under exploit (No Respond)

This Metasploit module exploits a remote code execution vulnerability in the explicit render method when leveraging user parameters. This Metasploit module has been tested across multiple versions of Ruby on Rails. The technique used by this module requires the specified endpoint to be using dynamic render paths. Also, the vulnerable target will need a POST […]

Thatware 0.4.6 SQL Injection

Posted by deepcore under exploit (No Respond)

Thatware version 0.4.6 suffers from a remote SQL injection vulnerability.

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Colorful Blog Cross Site Scripting

ATKGFNEXSrv ATKGFNEX 1.0.11.1 Privilege Escalation

Colorful Blog Cross Site Request Forgery

ASLDRService ATK Hotkey 1.0.69.0 Privilege Escalation

InsOnSrv Asus InstantOn 2.3.1.1 Privilege Escalation

Simple Blog PHP 2.0 Cross Site Request Forgery / Cross Site Scripting

Simple Blog PHP 2.0 SQL Injection

WordPress Newsletter 4.6.0 Cross Site Request Forgery / Cross Site Scripting

Ruby on Rails Dynamic Render File Upload Remote Code Execution

Thatware 0.4.6 SQL Injection

Tabs Switcher

BLOGROLL

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Tabs Switcher

BLOGROLL