Subscribe via feed.
Archive for February, 2018

[webapps] IPSwitch MOVEit 8.1 < 9.4 – Cross-Site Scripting

Posted by deepcore under Security (No Respond)

IPSwitch MOVEit 8.1 < 9.4 – Cross-Site Scripting

Tags: ,

[webapps] Joomla! Component JE PayperVideo 3.0.0 – 'usr_plan' SQL Injection

Posted by deepcore under Security (No Respond)

Joomla! Component JE PayperVideo 3.0.0 – ‘usr_plan’ SQL Injection

Tags: ,

[webapps] Joomla! Component JEXTN Reverse Auction 3.1.0 – SQL Injection

Posted by deepcore under Security (No Respond)

Joomla! Component JEXTN Reverse Auction 3.1.0 – SQL Injection

Tags: ,

[shellcode] Linux/x64 – Twofish Encoded + DNS (CNAME) Password + execve(/bin/sh) Shellcode

Posted by deepcore under Security (No Respond)

Linux/x64 – Twofish Encoded + DNS (CNAME) Password + execve(/bin/sh) Shellcode

Tags: ,

[webapps] Joomla! Component JMS Music 1.1.1 – SQL Injection

Posted by deepcore under Security (No Respond)

Joomla! Component JMS Music 1.1.1 – SQL Injection

Tags: ,

[webapps] Joomla! Component Jimtawl 2.1.6 – Arbitrary File Upload

Posted by deepcore under Security (No Respond)

Joomla! Component Jimtawl 2.1.6 – Arbitrary File Upload

Tags: ,

[webapps] Oracle Hospitality Simphony (MICROS) 2.7 < 2.9 – Directory Traversal

Posted by deepcore under Security (No Respond)

Oracle Hospitality Simphony (MICROS) 2.7 < 2.9 – Directory Traversal

Tags: ,

[webapps] Joomla! Component JEXTN Classified 1.0.0 – 'sid' SQL Injection

Posted by deepcore under Security (No Respond)

Joomla! Component JEXTN Classified 1.0.0 – ‘sid’ SQL Injection

Tags: ,

[webapps] FiberHome AN5506 – Unauthenticated Remote DNS Change

Posted by deepcore under Security (No Respond)

FiberHome AN5506 – Unauthenticated Remote DNS Change

Tags: ,

systemd Local Privilege Escalation

Posted by deepcore under exploit (No Respond)

systemd (systemd-tmpfiles) versions prior to 236 suffer from an fs.protected_hardlinks=0 local privilege escalation vulnerability.