Chrome SwiftShader OpenGL Texture Binding Reference Count Leak
Posted by deepcore under exploit (No Respond)
Chrome suffers from a reference count leak in SwiftShader OpenGL texture bindings.
Archive for July, 2018
MyBB New Threads 1.1 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
MyBB New Threads plugin version 1.1 suffers from a cross site scripting vulnerability.
Chrome Swiftshader Blitting Floating-Point Precision Errors
Posted by deepcore under exploit (No Respond)
Chrome suffers from floating-point precision errors in Swiftshader blitting.
WordPress All In One Favicon 4.6 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress All In One Favicon plugin version 4.6 suffers from a cross site scripting vulnerability.
CMS Made Simple 2.2.5 Authenticated Remote Command Execution
Posted by deepcore under exploit (No Respond)
CMS Made Simple version 2.2.5 allows an authenticated administrator to upload a file and rename it to have a .php extension. The file can then be executed by opening the URL of the file in the /uploads/ directory.
[dos] TP-Link TL-WR840N – Denial of Service
Posted by deepcore under Security (No Respond)
[webapps] MSVOD 10 – 'cid' SQL Injection
Posted by deepcore under Security (No Respond)
[webapps] Touchpad / Trivum WebTouch Setup 2.53 build 13163 – Authentication Bypass
Posted by deepcore under Security (No Respond)
Touchpad / Trivum WebTouch Setup 2.53 build 13163 – Authentication Bypass
Tags: 0day, remote exploitFTP2FTP 1.0 Arbitrary File Download
Posted by deepcore under exploit (No Respond)
FTP2FTP version 1.0 suffers from an arbitrary file download vulnerability.
GhostMail Status Message HTML Injection
Posted by deepcore under exploit (No Respond)
GhostMail suffers from an html injection vulnerability.