cPanel Cross Domain Scripting / Information Disclosure
Posted by deepcore under exploit (No Respond)
cPanel suffers from cross domain scripting, user enumeration, and information disclosure vulnerabilities.
Archive for January, 2017
Mozilla Firefox Use-After-Free
Posted by deepcore under exploit (No Respond)
Mozilla Firefox versions prior to 50.1.0 use-after proof of concept exploit.
Roxy Fileman 1.4.5 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Roxy Fileman version 1.4.5 suffers from a cross site scripting vulnerability.
SapLPD 7.4.0 Denial Of Service
Posted by deepcore under exploit (No Respond)
SapLPD version 7.4.0 suffers from a denial of service vulnerability.
Zeroshell 3.6.0 / 3.7.0 Remote Code Execution
Posted by deepcore under exploit (No Respond)
Zeroshell versions 3.6.0 and 3.7.0 suffer from an unauthenticated remote code execution vulnerability.
aSc Timetables 2017 Buffer Overflow / Code Execution
Posted by deepcore under exploit (No Respond)
aSc Timetables 2017 suffers from buffer overflow and code execution vulnerabilities.
School Management Software 2.75 SQL Injection
Posted by deepcore under exploit (No Respond)
School Management Software version 2.75 suffers from a remote SQL injection vulnerability.
iTechscripts Freelancer Script 5.11 SQL Injection
Posted by deepcore under exploit (No Respond)
iTechscripts Freelancer Script version 5.11 suffers from a remote SQL injection vulnerability in the sk parameter.
Zimbra Cross Site Request Forgery
Posted by deepcore under exploit (No Respond)
Zimbra versions prior to 8.7 suffer from cross site request forgery vulnerabilities in the administrative interface.
Online Food Delivery 2.04 SQL Injection
Posted by deepcore under exploit (No Respond)
Online Food Delivery version 2.04 suffers from a remote SQL injection vulnerability that allows for authentication bypass.