Subscribe via feed.
Archive for May, 2018

QNAP PhotoStation Cross Site Scripting

Posted by deepcore under exploit (No Respond)

QNAP PhotoStation versions prior to 5.x suffer from a cross site scripting vulnerability.

Feedy RSS News Ticker 2.0 SQL Injection

Posted by deepcore under exploit (No Respond)

Feedy RSS News Ticker version 2.0 suffers from a remote SQL injection vulnerability.

Procps-ng Audit Report

Posted by deepcore under exploit (No Respond)

Qualys performed an extensive audit of procps-ng. They discovered hundreds of bugs and vulnerabilities.

Epic Games Launcher 7.9.4-4058369 Insecure File Permissions

Posted by deepcore under exploit (No Respond)

Epic Games Launcher version 7.9.4-4058369 suffers from an insecure file permissions vulnerability.

Epic Games Fortnite 4.2-CL-4072250 Insecure File Permissions

Posted by deepcore under exploit (No Respond)

Epic Games Fortnite version 4.2-CL-4072250 suffers from an insecure file permissions vulnerability.

MySQL Blob Uploader 1.7 Cross Site Scripting / SQL Injection

Posted by deepcore under exploit (No Respond)

MySQL Blob Uploader version 1.7 suffers from cross site scripting and remote SQL injection vulnerabilities.

MySQL Smart Reports 1.0 Cross Site Scripting / SQL Injection

Posted by deepcore under exploit (No Respond)

MySQL Smart Reports version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

[local] GNU glibc < 2.27 – Local Buffer Overflow

Posted by deepcore under Security (No Respond)

GNU glibc < 2.27 – Local Buffer Overflow

Tags: ,

[webapps] Timber 1.1 – Cross-Site Request Forgery

Posted by deepcore under Security (No Respond)

Timber 1.1 – Cross-Site Request Forgery

Tags: ,

[webapps] ASP.NET jVideo Kit – 'query' SQL Injection

Posted by deepcore under Security (No Respond)

ASP.NET jVideo Kit – ‘query’ SQL Injection

Tags: ,