WordPress Cool Flickr Slideshow 1.0 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress Cool Flickr Slideshow plugin version 1.0 suffers from a cross site scripting vulnerability.
Archive for September, 2017
WordPress Contact Form 7 International SMS Integration 1.2 XSS
Posted by deepcore under exploit (No Respond)
WordPress Contact Form 7 International SMS Integration plugin version 1.2 suffers from a cross site scripting vulnerability.
Advertiz PHP Script 0.2 Cross Site Request Forgery
Posted by deepcore under exploit (No Respond)
Advertiz PHP Script version 0.2 suffers from a cross site request forgery vulnerability.
Cory Support SQL Injection
Posted by deepcore under exploit (No Respond)
Cory Support suffers from a remote SQL injection vulnerability.
Gh0st Client Buffer Overflow
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits a Memory buffer overflow in the Gh0st client (C2 server).
PlugX Controller Stack Overflow
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits a Stack buffer overflow in the PlugX Controller (C2 server).
Apache Struts 2 REST Plugin XStream Remote Code Execution
Posted by deepcore under exploit (No Respond)
Apache Struts versions 2.5 through 2.5.12 using the REST plugin are vulnerable to a Java deserialization attack in the XStream library.
IWEBSOUL CMS 1.0 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
IWEBSOUL CMS version 1.0 suffers from multiple cross site scripting vulnerabilities.
IWEBSOUL CMS 1.0 SQL Injection
Posted by deepcore under exploit (No Respond)
IWEBSOUL CMS version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Tor Linux Sandbox Breakout Via X11
Posted by deepcore under exploit (No Respond)
It appears that you can still talk to X11 outside of the Tor sandbox.