This Metasploit module exploits an expression language remote code execution flaw in the Primefaces JSF framework. Primefaces versions prior to 5.2.21, 5.3.8 or 6.0 are vulnerable to a padding oracle attack, due to the use of weak crypto and default encryption password and salt.
http://www.kkpho.go.th notified by ./Sn0w
Tags:
defacement
macOS 10.13 (17A365) – Kernel Memory Disclosure due to Lack of Bounds Checking in ‘AppleIntelCapriController::getDisplayPipeCapability’
Tags:
0day,
remote exploit
GitStack 2.3.10 – Unauthenticated Remote Code Execution
Tags:
0day,
remote exploit
Smiths Medical Medfusion 4000 – ‘DHCP’ Denial of Service
Tags:
0day,
remote exploit
Primefaces 5.x – Remote Code Execution (Metasploit)
Tags:
0day,
remote exploit
http://backoffice.onec.go.th/Vlyn.html notified by Vlyn
Tags:
defacement
http://parpong.go.th/r0t.htm notified by NmR.Hacker
Tags:
defacement
The vulnerability laboratory core research team discovered a client-side cross site scripting vulnerability in the CentO…
Microsoft Edge Chakra JIT – Stack-to-Heap Copy
Tags:
0day,
remote exploit