[remote] Disk Pulse Enterprise 10.0.12 – GET Buffer Overflow (SEH)
Posted by deepcore under Security (No Respond)
Archive for September, 2017
[remote] Supervisor 3.0a1 – 3.3.2 – XML-RPC Authenticated Remote Code Execution (Metasploit)
Posted by deepcore under Security (No Respond)
Supervisor 3.0a1 – 3.3.2 – XML-RPC Authenticated Remote Code Execution (Metasploit)
Tags: 0day, remote exploithttp://mahasawat.go.th
Posted by deepcore under defacement (No Respond)
http://mahasawat.go.th notified by Hentaic0de
Tags: defacementWordPress Responsive Image Gallery 1.1.8 SQL Injection
Posted by deepcore under exploit (No Respond)
WordPress Responsive Image Gallery plugin version 1.1.8 suffers from a remote SQL injection vulnerability.
phpMyFAQ 2.9.8 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
phpMyFAQ version 2.9.8 suffers from a persistent cross site scripting vulnerability.
Microsoft Edge Chakra Incorrect Parse
Posted by deepcore under exploit (No Respond)
Microsoft Edge Charka incorrectly parses object patterns.
Microsoft Edge Charka Wrong Scopes In Deferred Parsing
Posted by deepcore under exploit (No Respond)
Microsoft Edge Chakra makes wrong scopes in deferred parsing.
Microsoft Edge Chakra Parser::ParseCatch Failed eval Handle
Posted by deepcore under exploit (No Respond)
Microsoft Edge Chakra Parser::ParseCatch fail to handle eval properly.
Microsoft Edge Chakra JavascriptFunction::ReparseAsmJsModule Parsing Issue
Posted by deepcore under exploit (No Respond)
Microsoft Edge Chakra JavascriptFunction::ReparseAsmJsModule suffers from a parsing issue.
DenyAll Web Application Firewall Remote Code Execution
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits the command injection vulnerability of DenyAll Web Application Firewall. Unauthenticated users can execute a terminal command under the context of the web server user.