2018 September

FsPro Labs Event Log Explorer 4.6.1.2115 XML Injection

Posted by deepcore under exploit (No Respond)

FsPro Labs Event Log Explorer version 4.6.1.2115 suffers from an XML external entity injection vulnerability.

MIWiFi Xiaomi_55DD 2.8.50 Out-Of-Band Resource Load

Posted by deepcore under exploit (No Respond)

An out-of-band resource load issue was discovered on Xiaomi MIWiFi Xiaomi_55DD version 2.8.50 devices. It is possible to induce the application to retrieve the contents of an arbitrary external URL and return those contents in its own response. If a domain name (containing a random string) is used in the HTTP Host header, the application […]

Packet Storm New Exploits For August, 2018

Posted by deepcore under exploit (No Respond)

This archive contains all of the 201 exploits added to Packet Storm in August, 2018.

[dos] Microsoft Windows Explorer Out-of-Bound Read – Denial of Service (PoC)

Posted by deepcore under Security (No Respond)

Microsoft Windows Explorer Out-of-Bound Read – Denial of Service (PoC)

Tags: 0day, remote exploit

[webapps] Admidio 3.3.5 – Cross-Site Request Forgery (Change Permissions)

Posted by deepcore under Security (No Respond)

Admidio 3.3.5 – Cross-Site Request Forgery (Change Permissions)

Tags: 0day, remote exploit

[webapps] FsPro Labs Event Log Explorer v4.6.1.2115 – XML External Entity Injection

Posted by deepcore under Security (No Respond)

FsPro Labs Event Log Explorer v4.6.1.2115 – XML External Entity Injection

Tags: 0day, remote exploit

[webapps] Online Quiz Maker 1.0 – 'catid' SQL Injection

Posted by deepcore under Security (No Respond)

Online Quiz Maker 1.0 – ‘catid’ SQL Injection

Tags: 0day, remote exploit

[dos] Trend Micro Virtual Mobile Infrastructure 5.5.1336 – 'Server address' Denial of Service (PoC)

Posted by deepcore under Security (No Respond)

Trend Micro Virtual Mobile Infrastructure 5.5.1336 – ‘Server address’ Denial of Service (PoC)

Tags: 0day, remote exploit

[dos] Symantec Mobile Encryption for iPhone 2.1.0 – 'Server' Denial of Service (PoC)

Posted by deepcore under Security (No Respond)

Symantec Mobile Encryption for iPhone 2.1.0 – ‘Server’ Denial of Service (PoC)

Tags: 0day, remote exploit

[dos] VSAXESS V2.6.2.70 build20171226_053 – 'Nickname' Denial of Service (PoC)

Posted by deepcore under Security (No Respond)

VSAXESS V2.6.2.70 build20171226_053 – ‘Nickname’ Denial of Service (PoC)

Tags: 0day, remote exploit

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

FsPro Labs Event Log Explorer 4.6.1.2115 XML Injection

MIWiFi Xiaomi_55DD 2.8.50 Out-Of-Band Resource Load

Packet Storm New Exploits For August, 2018

[dos] Microsoft Windows Explorer Out-of-Bound Read – Denial of Service (PoC)

[webapps] Admidio 3.3.5 – Cross-Site Request Forgery (Change Permissions)

[webapps] FsPro Labs Event Log Explorer v4.6.1.2115 – XML External Entity Injection

[webapps] Online Quiz Maker 1.0 – 'catid' SQL Injection

[dos] Trend Micro Virtual Mobile Infrastructure 5.5.1336 – 'Server address' Denial of Service (PoC)

[dos] Symantec Mobile Encryption for iPhone 2.1.0 – 'Server' Denial of Service (PoC)

[dos] VSAXESS V2.6.2.70 build20171226_053 – 'Nickname' Denial of Service (PoC)

Tabs Switcher

BLOGROLL

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Tabs Switcher

BLOGROLL