2016 October

Aura Video Converter 1.6.3 – DLL Hijacking Exploit

Posted by deepcore under exploit (No Respond)

An independent vulnerability laboratory researcher discovered a dll hijacking exploit in the Aura Video Converter v1.6.3…

Serimux SSH Console Switch 2.4 – Multiple XSS Vulnerabilities

Posted by deepcore under exploit (No Respond)

The vulnerability laboratory core research team discovered multiple cross site vulnerabilities in the Serimux SSH Consol…

Flv Player 2011 1.3 DLL Hijacking

Posted by deepcore under exploit (No Respond)

Flv Player 2011 version 1.3 suffers from a dll hijacking vulnerability.

SAP Netweaver 7.40 SP 12 SCTC_REFRESH_EXPORT_TAB_COMP Command Injection

Posted by deepcore under exploit (No Respond)

The SAP Netweaver version 7.40 SP 12 SCTC_REFRESH_EXPORT_TAB_COMP function does not correctly sanitize variables used when executing CALL ‘SYSTEM’ statement, allowing an attacker, with particular privileges, to execute any arbitrary OS command.

SAP Netweaver 7.40 SP 12 SCTC_REFRESH_CHECK_ENV Command Injection

Posted by deepcore under exploit (No Respond)

The SAP Netweaver version 7.40 SP 12 SCTC_REFRESH_CHECK_ENV function does not correctly sanitize variables used when executing CALL ‘SYSTEM’ statement, allowing an attacker, with particular privileges, to execute any arbitrary OS command.

SAP Netweaver 7.40 SP 12 SCTC_TMS_MAINTAIN_ALOG Command Injection

Posted by deepcore under exploit (No Respond)

The SAP Netweaver version 7.40 SP 12 SCTC_TMS_MAINTAIN_ALOG function does not correctly sanitize variables used when executing CALL ‘SYSTEM’ statement, allowing an attacker, with particular privileges, to execute any arbitrary OS command.

Windows Firewall Control Privilege Escalation

Posted by deepcore under exploit (No Respond)

Windows Firewall Control suffers from an unquoted service path privilege escalation vulnerability.

DWebPro 8.4.2 Remote Binary Execution / File Inclusion

Posted by deepcore under exploit (No Respond)

DWebPro version 8.4.2 suffers from a file inclusion vulnerability that can trigger remote binary execution.

Zero-Day Flaws Found In EMC Storage Systems

Posted by deepcore under exploit (No Respond)

[webapps] Mambo < 4.5.4 – SQL Injection

Posted by deepcore under Security (No Respond)

Mambo < 4.5.4 – SQL Injection

Tags: 0day, remote exploit

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Aura Video Converter 1.6.3 – DLL Hijacking Exploit

Serimux SSH Console Switch 2.4 – Multiple XSS Vulnerabilities

Flv Player 2011 1.3 DLL Hijacking

SAP Netweaver 7.40 SP 12 SCTC_REFRESH_EXPORT_TAB_COMP Command Injection

SAP Netweaver 7.40 SP 12 SCTC_REFRESH_CHECK_ENV Command Injection

SAP Netweaver 7.40 SP 12 SCTC_TMS_MAINTAIN_ALOG Command Injection

Windows Firewall Control Privilege Escalation

DWebPro 8.4.2 Remote Binary Execution / File Inclusion

Zero-Day Flaws Found In EMC Storage Systems

[webapps] Mambo < 4.5.4 – SQL Injection

Tabs Switcher

Archives

Meta

BLOGROLL

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Tabs Switcher

Archives

Meta

BLOGROLL