Subscribe via feed.
Archive for January, 2018

[remote] HPE iMC 7.3 – RMI Java Deserialization

Posted by deepcore under Security (No Respond)

Last Updated on January 30, 2018 by deepcore has been added to

Tags: ,

LiveCRM SaaS Cloud 1.0 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Last Updated on January 29, 2018 by deepcore LiveCRM SaaS Cloud version 1.0 suffers from a cross site scripting vulnerability.

BMC BladeLogic 8.3.00.64 Remote Command Execution

Posted by deepcore under exploit (No Respond)

Last Updated on January 29, 2018 by deepcore BMC BladeLogic version 8.3.00.64 suffers from a remote command execution vulnerability.

WordPress Good LMS SQL Injection

Posted by deepcore under exploit (No Respond)

Last Updated on January 29, 2018 by deepcore WordPress Good LMS Learning Management System plugin suffers from a remote SQL Injection vulnerability.

Asus Router Cross Site Script / Authentication Bypass

Posted by deepcore under exploit (No Respond)

Last Updated on January 29, 2018 by deepcore ASUS router DSL-RT-N13 suffers from an authentication bypass vulnerability. ASUS router DSL-N14U B1 suffers from a cross site scripting vulnerability.

Dodocool DC38 N300 Cross Site Request Forgery

Posted by deepcore under exploit (No Respond)

Last Updated on January 29, 2018 by deepcore Dodocool DC38 N300 suffers from a cross site request forgery vulnerability.

BMC Track-It! 11.4 Code Execution / Information Disclosure

Posted by deepcore under exploit (No Respond)

Last Updated on January 29, 2018 by deepcore BMC Track-It! version 11.4 suffers from remote code execution and credential disclosure vulnerabilities.

Sophos Web Gateway 4.4.1 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Last Updated on January 29, 2018 by deepcore Sophos Web Gateway version 4.4.1 suffers from a persistent cross site scripting vulnerability.

WordPress Splashing Images 2.1 Cross Site Scripting / PHP Object Injection

Posted by deepcore under exploit (No Respond)

Last Updated on January 29, 2018 by deepcore WordPress Splashing Images plugin version 2.1 suffers from PHP object injection and cross site scripting vulnerabilities.

KeystoneJS Cross Site Request Forgery

Posted by deepcore under exploit (No Respond)

Last Updated on January 29, 2018 by deepcore KeystoneJS versions prior to 4.0.0-beta.7 suffers from a cross site request forgery vulnerability.