WordPress Grifus 4.0.1 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress Grifus theme version 4.0.1 suffers from a cross site scripting vulnerability.
Archive for December, 2017
WordPress Feed-Statistics 4.1 Open Redirect
Posted by deepcore under exploit (No Respond)
WordPress Feed-Statistics plugin versions 4.1 and below suffer from an open redirection vulnerability.
http://sansaimuang.go.th
Posted by deepcore under defacement (No Respond)
http://sansaimuang.go.th notified by The WTJ
Tags: defacementhttp://robwieng.go.th
Posted by deepcore under defacement (No Respond)
http://robwieng.go.th notified by The WTJ
Tags: defacementhttp://thawangthong.go.th
Posted by deepcore under defacement (No Respond)
http://thawangthong.go.th notified by The WTJ
Tags: defacementPalo Alto Networks PAN-OS Cookie Injection
Posted by deepcore under exploit (No Respond)
Palo Alto Networks PAN-OS versions before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface.
Huawei P8 wkupccpu debugfs Kernel Buffer Overflow
Posted by deepcore under exploit (No Respond)
This advisory describes a buffer overflow found in Huawei P8 Lite ALE-21 HI621sft, operating system versions EMUI 3.1 – wkupccpu debugfs driver.
Genexis GAPS 7.2 Access Control
Posted by deepcore under exploit (No Respond)
Genexis GAPS versions up to 7.2 suffers from an access control vulnerability that discloses sensitive data.
WordPress Top-10 2.4.2 SQL Injection
Posted by deepcore under exploit (No Respond)
WordPress Top-10 plugin versions 2.4.2 and below suffer from a remote SQL injection vulnerability.
WordPress Clean Up Optimizer 4.0.0 SQL Injection
Posted by deepcore under exploit (No Respond)
WordPress Clean Up Optimizer plugin versions 4.0.0 and below suffer from a remote SQL injection vulnerability.