2018 May

RSA Authentication Manager XML Injection / Cross Site Scripting

Posted by deepcore under exploit (No Respond)

RS Authentication Manager versions prior to 8.3 P1 suffer from cross site scripting and XML external entity injection vulnerabilities.

[webapps] SuperCom Online Shopping Ecommerce Cart 1 – Persistent Cross-Site scripting / Cross site request forgery / Authentication bypass

Posted by deepcore under Security (No Respond)

SuperCom Online Shopping Ecommerce Cart 1 – Persistent Cross-Site scripting / Cross site request forgery / Authentication bypass

Tags: 0day, remote exploit

[dos] Linux < 4.16.9 / < 4.14.41 – 4-byte Infoleak via Uninitialized Struct Field in compat adjtimex Syscall

Posted by deepcore under Security (No Respond)

Linux < 4.16.9 / < 4.14.41 – 4-byte Infoleak via Uninitialized Struct Field in compat adjtimex Syscall

Tags: 0day, remote exploit

[remote] Apache Struts 2 – Struts 1 Plugin Showcase OGNL Code Execution (Metasploit)

Posted by deepcore under Security (No Respond)

Apache Struts 2 – Struts 1 Plugin Showcase OGNL Code Execution (Metasploit)

Tags: 0day, remote exploit

[webapps] Powerlogic/Schneider Electric IONXXXX Series – Cross-Site Request Forgery

Posted by deepcore under Security (No Respond)

Powerlogic/Schneider Electric IONXXXX Series – Cross-Site Request Forgery

Tags: 0day, remote exploit

[remote] Jenkins CLI – HTTP Java Deserialization (Metasploit)

Posted by deepcore under Security (No Respond)

Jenkins CLI – HTTP Java Deserialization (Metasploit)

Tags: 0day, remote exploit

[remote] Nanopool Claymore Dual Miner 7.3 – Remote Code Execution

Posted by deepcore under Security (No Respond)

Nanopool Claymore Dual Miner 7.3 – Remote Code Execution

Tags: 0day, remote exploit

[webapps] NodAPS 4.0 – SQL injection / Cross-Site Request Forgery

Posted by deepcore under Security (No Respond)

NodAPS 4.0 – SQL injection / Cross-Site Request Forgery

Tags: 0day, remote exploit

[webapps] Intelbras NCLOUD 300 1.0 – Authentication bypass

Posted by deepcore under Security (No Respond)

Intelbras NCLOUD 300 1.0 – Authentication bypass

Tags: 0day, remote exploit

Monstra CMS 3.0.4 Remote Code Execution

Posted by deepcore under exploit (No Respond)

Monstra CMS version 3.0.4 suffers from a shell upload remote code execution vulnerability.

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

RSA Authentication Manager XML Injection / Cross Site Scripting

[webapps] SuperCom Online Shopping Ecommerce Cart 1 – Persistent Cross-Site scripting / Cross site request forgery / Authentication bypass

[dos] Linux < 4.16.9 / < 4.14.41 – 4-byte Infoleak via Uninitialized Struct Field in compat adjtimex Syscall

[remote] Apache Struts 2 – Struts 1 Plugin Showcase OGNL Code Execution (Metasploit)

[webapps] Powerlogic/Schneider Electric IONXXXX Series – Cross-Site Request Forgery

[remote] Jenkins CLI – HTTP Java Deserialization (Metasploit)

[remote] Nanopool Claymore Dual Miner 7.3 – Remote Code Execution

[webapps] NodAPS 4.0 – SQL injection / Cross-Site Request Forgery

[webapps] Intelbras NCLOUD 300 1.0 – Authentication bypass

Monstra CMS 3.0.4 Remote Code Execution

Tabs Switcher

Categories

Archives

Meta

BLOGROLL

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Tabs Switcher

Categories

Archives

Meta

BLOGROLL