Emby MediaServer 3.2.5 Password Reset
Posted by deepcore under exploit (No Respond)
Emby MediaServer version 3.2.5 suffers from a password reset vulnerability.
Archive for May, 2017
Emby MediaServer 3.2.5 Reflected Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Emby MediaServer version 3.2.5 suffers from a XSS issue due to a failure to properly sanitize user-supplied input to the URL path filename when handling ‘not found’ errors. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user’s browser session.
Emby MediaServer 3.2.5 Directory Traversal
Posted by deepcore under exploit (No Respond)
Emby MediaServer version 3.2.5 suffers from a directory traversal vulnerability that allows for arbitrary file disclosure.
Joomla JGrid 4.44 SQL Injection
Posted by deepcore under exploit (No Respond)
Joomla JGrid component version 4.44 suffers from a remote SQL injection vulnerability.
Packet Storm New Exploits For April, 2017
Posted by deepcore under exploit (No Respond)
This archive contains all of the 258 exploits added to Packet Storm in April, 2017.
MySQL 5.6.35 / 5.7.17 Integer Overflow
Posted by deepcore under exploit (No Respond)
MySQL versions 5.6.35 and below and 5.7.17 and below suffer from an integer overflow vulnerability.
Ghostscript 9.21 Type Confusion Arbitrary Command Execution
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits a type confusion vulnerability in Ghostscript that can be exploited to obtain arbitrary command execution. This vulnerability affects Ghostscript versions 9.21 and earlier and can be exploited through libraries such as ImageMagick and Pillow.
HideMyAss Pro VPN Client 2.2.7.0 Privilege Escalation
Posted by deepcore under Apple (No Respond)
HideMyAss Pro VPN Client 3.3.0.3 Privilege Escalation
Posted by deepcore under Apple (No Respond)
http://paijamsin.go.th/hek.htm
Posted by deepcore under defacement (No Respond)
http://paijamsin.go.th/hek.htm notified by ./cOLI
Tags: defacement