NewsBee CMS 1.4 Cross Site Request Forgery
Posted by deepcore under exploit (No Respond)
NewsBee CMS version 1.4 suffers from a cross site request forgery vulnerability.
Archive for May, 2018
GNU glibc Local Buffer Overflow
Posted by deepcore under exploit (No Respond)
GNU glibc versions prior to 2.27 suffer from a buffer overflow vulnerability.
LikeSoftware CMS Cross Site Request Forgery / Shell Upload
Posted by deepcore under exploit (No Respond)
LikeSoftware CMS suffers from cross site request forgery and remote shell upload vulnerabilities.
PaulNews 1.0 Cross Site Scripting / SQL Injection
Posted by deepcore under exploit (No Respond)
PaulNews version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
Microsoft Internet Explorer 11 Vbscript Code Execution
Posted by deepcore under exploit (No Respond)
Microsoft Internet Explorer 11 on Windows 7 x64/x86 suffers from a vbscript code execution vulnerability.
PHP Login And User Management 4.1.0 Shell Upload
Posted by deepcore under exploit (No Respond)
PHP Login and User Management versions 4.1.0 and below suffers from a remote shell upload vulnerability.
D-Link DSL-2750B OS Command Injection
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits a remote command injection vulnerability in D-Link DSL-2750B devices. Vulnerability can be exploited through “cli” parameter that is directly used to invoke “ayecli” binary. Vulnerable firmwares are from 1.01 up to 1.03.
[remote] D-Link DSL-2750B – OS Command Injection (Metasploit)
Posted by deepcore under Security (No Respond)
[webapps] MyBB Moderator Log Notes Plugin 1.1 – Cross-Site Scripting
Posted by deepcore under Security (No Respond)
[papers] Deserialization Vulnerability
Posted by deepcore under Security (No Respond)