HRSALE The Ultimate HRM 1.0.2 Local File Inclusion
Posted by deepcore under exploit (No Respond)
HRSALE The Ultimate HRM version 1.0.2 suffers from a local file inclusion vulnerability.
Archive for April, 2018
HRSALE The Ultimate HRM 1.0.2 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
HRSALE The Ultimate HRM version 1.0.2 suffers from a cross site scripting vulnerability.
Google Chrome V8 AwaitedPromise Update Bug
Posted by deepcore under exploit (No Respond)
Google Chrome V8 Await methods call ResolveNativePromise which calls InternalResolvePromise which can invoke a user JavaScript code through a “then” getter. If the AwaitedPromise is replaced by the user script, the AwaitedPromise will be immediately overwritten after the call to Await, this may lead the generator to an incorrect state.
GitList 0.6 Remote Code Execution
Posted by deepcore under exploit (No Respond)
GitList version 0.6 unauthenticated remote code execution exploit.
Drupal Drupalgeddon 2 Forms API Property Injection
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits a Drupal property injection in the Forms API. Drupal versions 6.x, less than 7.58, 8.2.x, less than 8.3.9, less than 8.4.6, and less than 8.5.1 are vulnerable.
Apple Security Advisory 2018-04-24-1
Posted by deepcore under Apple (No Respond)
Apple Security Advisory 2018-04-24-2
Posted by deepcore under Apple (No Respond)
Apple Security Advisory 2018-04-24-3
Posted by deepcore under Apple (No Respond)
Startup Offers $3 Million To Anyone Who Can Hack The iPhone
Posted by deepcore under exploit (No Respond)
http://maesalocal.go.th/def.html
Posted by deepcore under defacement (No Respond)
http://maesalocal.go.th/def.html notified by Mister
Tags: defacement