WordPress Z-URL Preview 1.6.1 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress Z-URL Preview plugin version 1.6.1 suffers from a persistent cross site scripting vulnerability.
Archive for December, 2017
WordPress WP Mailster 1.5.4.0 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress WP Mailster plugin version 1.5.4.0 suffers from a persistent cross site scripting vulnerability.
Claymore's Dual Miner 10.1 Stack Buffer Overflow
Posted by deepcore under exploit (No Respond)
Claymore’s Dual ETH + DCR/SC/LBC/PASC GPU Miner versions 10.1 and below suffer from a stack buffer overflow vulnerability.
VirtualBox Man-In-The-Middle
Posted by deepcore under exploit (No Respond)
VirtualBox suffers from a remote code execution vulnerability due to downloading updates over HTTP.
WordPress Smart Marketing SMS And Newsletters Forms 1.1.1 XSS
Posted by deepcore under exploit (No Respond)
WordPress Smart Marketing SMS and Newsletters Forms plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability.
Microsoft Office Equation Editor Code Execution
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits a flaw in how the Equation Editor handles OLE objects in memory to execute arbitrary code using RTF files without interaction.
Polycom Shell HDX Series Traceroute Command Execution
Posted by deepcore under exploit (No Respond)
Within Polycom command shell, a command execution flaw exists in lan traceroute, one of the dev commands, which allows for an attacker to execute arbitrary payloads with telnet or openssl.
[papers] Web Application Firewall (WAF) Evasion Techniques
Posted by deepcore under Security (No Respond)
[dos] Linux Kernel – DCCP Socket Use-After-Free
Posted by deepcore under Security (No Respond)
[remote] LaCie 5big Network 2.2.8 – Command Injection
Posted by deepcore under Security (No Respond)
