[dos] QNap QVR Client 5.1.1.30070 – 'Password' Denial of Service (PoC)
Posted by deepcore under Security (No Respond)
Archive for July, 2018
Davolink DVW 3200 Router Password Disclosure
Posted by deepcore under exploit (No Respond)
The Davolink DVW 32000 router suffers from a password disclosure vulnerability.
Shopclues.com Cross Site Request Forgery
Posted by deepcore under exploit (No Respond)
Shopclues.com suffers from a cross site request forgery vulnerability.
McAfee.com Redirect Cross Site Scripting
Posted by deepcore under exploit (No Respond)
A URL redirect at mcafee.com suffers from a cross site scripting vulnerability.
SMPlayer 18.6.0 Memory Corruption
Posted by deepcore under exploit (No Respond)
SMPlayer version 18.6.0 suffers from a memory corruption vulnerability that allows for denial of service.
NUUO NVRmini upgrade_handle.php Remote Command Execution
Posted by deepcore under exploit (No Respond)
NUUO NVRmini suffers from a remote command execution vulnerability in upgrade_handle.php.
GeoVision GV-SNVR0811 Directory Traversal
Posted by deepcore under exploit (No Respond)
GeoVision GV-SNVR0811 suffers from a directory traversal vulnerability.
Microsoft Windows Kernel Malformed GPOS Table Buffer Overflow
Posted by deepcore under exploit (No Respond)
The Microsoft Windows kernel suffers from an OTF font processing pool-based buffer overflow via a malformed GPOS table in ATMFD.DLL.
[dos] Core FTP 2.0 – 'XRMD' Denial of Service (PoC)
Posted by deepcore under Security (No Respond)
[webapps] Trivum Multiroom Setup Tool 8.76 – Corss-Site Request Forgery (Admin Bypass)
Posted by deepcore under Security (No Respond)
Trivum Multiroom Setup Tool 8.76 – Corss-Site Request Forgery (Admin Bypass)
Tags: 0day, remote exploit