Toplist 2 SQL Injection / Backdoor Account / Shell Upload
Posted by deepcore under exploit (No Respond)
Toplist 2 suffers from remote shell upload, backdoor account, and remote SQL injection vulnerabilities.
Archive for January, 2018
Online Hotel Booking System Pro 1.3 SQL Injection
Posted by deepcore under exploit (No Respond)
Online Hotel Booking System Pro version 1.3 suffers from a remote SQL injection vulnerability.
CentOS Web Panel v0.9.8.12 – Persistent Vulnerabilities
Posted by deepcore under exploit (No Respond)
The vulnerability laboratory core research team discovered multiple persistent web vulnerabilities in the official CentO…
Magento Commerce – CSRLF Web UI Security Vulnerability
Posted by deepcore under exploit (No Respond)
The Vulnerability Laboratory Research Team discovered a client-side clickjacking web vulnerability in the official Magen…
Acadmic Microsoft – API Query Filter Cross Site Vulnerability
Posted by deepcore under exploit (No Respond)
The vulnerability laboratory core research team discovered a client-side vulnerability in the official Microsoft Academi…
http://samutprakarn.police.go.th
Posted by deepcore under defacement (No Respond)
http://samutprakarn.police.go.th notified by mohamed.xo
Tags: defacementSeagate Personal Cloud Command Injection
Posted by deepcore under exploit (No Respond)
Seagate Personal Cloud suffers from multiple command injection vulnerabilities.
Synology Photo Station 6.8.2-3461 Remote Code Execution
Posted by deepcore under exploit (No Respond)
Synology Photo Station versions 6.8.2-3461 and below suffer from a SYNOPHOTO_Flickr_MultiUpload race condition file write remote code execution vulnerability.
Zenario CMS 7.6 SQL Injection
Posted by deepcore under exploit (No Respond)
Zenario CMS version 7.6 suffers from a remote SQL injection vulnerability.
D-Link DSL-2640R Unauthenticated Remote DNS Changer
Posted by deepcore under exploit (No Respond)
D-Link DSL-2640R unauthenticated remote DNS changing exploit.