Laravel Log Viewer Local File Download
Posted by deepcore under exploit (No Respond)
Laravel Log Viewer versions prior to 0.13.0 suffers from a local file download vulnerability.
Archive for March, 2018
Hikvision IP Camera 5.3.9 Access Control Bypass
Posted by deepcore under exploit (No Respond)
Hikvision IP Camera versions 5.2.0 through 5.3.9 (builds 140721 up until 170109) suffer from an access control bypass vulnerability.
Acrolinx Server Directory Traversal
Posted by deepcore under exploit (No Respond)
Acrolinux Server versions prior to 5.2.5 suffer from a directory traversal vulnerability.
ClipBucket beats_uploader Unauthenticated Arbitrary File Upload
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits a vulnerability found in ClipBucket versions before 4.0.0 (Release 4902). A malicious file can be uploaded using an unauthenticated arbitrary file upload vulnerability. It is possible for an attacker to upload a malicious script to issue operating system commands. This issue is caused by improper session handling in /action/beats_uploader.php file. This […]
Weblication CMS Core And Grid 12.6.24 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Weblication CMS Core and Grid version 12.6.24 suffers from multiple cross site scripting vulnerabilities.
Tenda N11 Wireless Router 5.07.43_en_NEX01 Remote DNS Changer
Posted by deepcore under exploit (No Respond)
Tenda N11 wireless router version 5.07.43_en_NEX01 cookie session weakness remote dns change proof of concept exploit.
AEF CMS 1.0.9 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
AEF CMS version 1.0.9 suffers from a cross site scripting vulnerability.
[webapps] Open-AuditIT Professional 2.1 – Cross-Site Scripting
Posted by deepcore under Security (No Respond)
[webapps] TwonkyMedia Server 7.0.11-8.5 – Directory Traversal
Posted by deepcore under Security (No Respond)
[webapps] Microsoft Windows Remote Assistance – XML External Entity Injection
Posted by deepcore under Security (No Respond)