Subscribe via feed.
Archive for February, 2017

CVE-2017-3241 Proof Of Concept

Posted by deepcore under exploit (No Respond)

This paper documents deeper dive details of the security implications noted in CVE-2017-3241. Coupled with the JtaTransactionManager flaw from 2016, it demonstrates being able to achieve remote code execution.

OpenText Documentum D2 4.x Remote Code Execution

Posted by deepcore under exploit (No Respond)

OpenText Documentum D2 version 4.x contains vulnerable BeanShell (bsh) and Apache Commons libraries and accepts serialized data from untrusted sources, which leads to remote code execution.

Coppermine Gallery 1.5.44 Directory Traversal

Posted by deepcore under exploit (No Respond)

Coppermine Gallery versions 1.5.44 and below suffer from a directory traversal vulnerability.

http://www.nptedu.go.th

Posted by deepcore under defacement (No Respond)

http://www.nptedu.go.th notified by Ashiyane Digital Security Team

Tags:

http://www3.djop.moj.go.th

Posted by deepcore under defacement (No Respond)

http://www3.djop.moj.go.th notified by Ashiyane Digital Security Team

Tags:

http://khokchang.go.th

Posted by deepcore under defacement (No Respond)

http://khokchang.go.th notified by Dark_Ghost

Tags:

Joomla GeoContent 4.5 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Joomla GeoContent component version 4.5 suffers from a cross site scripting vulnerability.

CentOS7 Kernel Denial Of Service

Posted by deepcore under exploit (No Respond)

CentOS7 suffers from a kernel crashing denial of service issue triggered by an rsyslog daemon vulnerability.

Joomla Fastball 3.2.8 SQL Injection

Posted by deepcore under exploit (No Respond)

Joomla Fastball component version 3.2.8 suffers from a remote SQL injection vulnerability.

Joomla GameServer! 3.4 SQL Injection

Posted by deepcore under exploit (No Respond)

Joomla GameServer! component version 3.4 suffers from a remote SQL injection vulnerability.