[webapps] PerfexCRM 1.9.7 – Arbitrary File Upload
Posted by deepcore under Security (No Respond)
Archive for January, 2018
[webapps] ImgHosting 1.5 – Cross-Site Scripting
Posted by deepcore under Security (No Respond)
[webapps] pfSense < 2.1.4 – 'status_rrd_graph_img.php' Command Injection
Posted by deepcore under Security (No Respond)
http://pni.go.th/index.html
Posted by deepcore under defacement (No Respond)
http://pni.go.th/index.html notified by ZoRRoKiN
Tags: defacementhttp://phonchan.go.th/cok.htm
Posted by deepcore under defacement (No Respond)
http://phonchan.go.th/cok.htm notified by ./cOLI
Tags: defacementALLMediaServer 0.95 Stack Buffer Overflow
Posted by deepcore under exploit (No Respond)
ALLMediaServer version 0.95 stack buffer overflow exploit with DEP bypass on Windows 7 x64.
D-Link Routers 110/412/615/815 Arbitrary Code Execution
Posted by deepcore under exploit (No Respond)
D-Link routers 110/412/615/815 versions prior to 1.03 suffer from a service.cgi arbitrary code execution vulnerability.
SAP NetWeaver J2EE Engine 7.40 SQL Injection
Posted by deepcore under exploit (No Respond)
SAP NetWeaver J2EE Engine version 7.40 suffers from a remote SQL injection vulnerability.
macOS process_policy Stack Leak
Posted by deepcore under exploit (No Respond)
macOS suffers from a process_policy stack leak through an uninitialized field.
eBPF 4.9-stable Verifier Bug Backported
Posted by deepcore under exploit (No Respond)
eBPF had the verifier bug backported to version 4.9-stable.