[webapps] MySQL Edit Table 1.0 – 'id' SQL Injection
Posted by deepcore under Security (No Respond)
Archive for October, 2018
[dos] Modbus Poll 7.2.2 – Denial of Service (PoC)
Posted by deepcore under Security (No Respond)
libSSH Authentication Bypass
Posted by deepcore under exploit (No Respond)
libSSH suffers from an authentication bypass vulnerability.
WiFiRanger 7.0.8rc3 Incorrect Access Control / Privilege Escalation
Posted by deepcore under exploit (No Respond)
WiFiRanger version 7.0.8rc3 suffers from an incorrect access control that allows for ftp retrieval of an RSA identity that an attacker can use to ssh in as root.
Viprinet VPN Hub Router Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Viprinet VPN Hub Router suffers from a persistent cross site scripting vulnerability.
Microsoft Windows SetImeInfoEx Win32k NULL Pointer Dereference
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits an elevation of privilege vulnerability that exists in Windows 7 and 2008 R2 when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploits this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create […]
iOS / macOS MIG Object Lifetime Semantics Sandbox Escape
Posted by deepcore under Apple (No Respond)
Apple Intel GPU Driver Use-After-Free / Double-Delete
Posted by deepcore under Apple (No Respond)
[remote] LibSSH 0.7.6 / 0.8.4 – Unauthorized Access
Posted by deepcore under Security (No Respond)
Learning With Texts 1.6.2 SQL Injection
Posted by deepcore under exploit (No Respond)
Learning with Texts version 1.6.2 suffers from a remote SQL injection vulnerability.
