Archive for May, 2018
Posted by deepcore under Security (No Respond)
http://hr2.hss.moph.go.th
Posted by deepcore under defacement (No Respond)
http://hr2.hss.moph.go.th notified by ZoRRoKiN
Tags: defacement[remote] CloudMe Sync < 1.11.0 – Buffer Overflow (SEH) (DEP Bypass)
Posted by deepcore under Security (No Respond)
[webapps] TP-Link TL-WR840N/TL-WR841N – Authenticaton Bypass
Posted by deepcore under Security (No Respond)
[webapps] DomainMod 4.09.03 – 'sslpaid' Cross-Site Scripting
Posted by deepcore under Security (No Respond)
[webapps] DomainMod 4.09.03 – 'oid' Cross-Site Scripting
Posted by deepcore under Security (No Respond)
Oracle WebCenter (Fatwire) 7.x Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Oracle WebCenter versions 7.x prior to 11gR1 suffer from multiple cross site scripting vulnerabilities.
Tim Balitbang Depdiknas 3.5 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Tim Balitbang Depdiknas version 3.5 suffers from a persistent cross site scripting vulnerability.
Tim Balitbang Depdiknas 3.5 SQL Injection
Posted by deepcore under exploit (No Respond)
Tim Balitbang Depdiknas version 3.5 suffers from a remote SQL injection vulnerability.
Android OS FLAG_SECURE Information Disclosure
Posted by deepcore under exploit (No Respond)
Android OS did not use the FLAG_SECURE flag for sensitive settings, potentially exposing sensitive data to other applications on the same device with the screen capture permissions. The vendor (Google) fixed this issue in 2018-02-01 Pixel security update.