PHP-SHOP Master 1.0 Cross Site Request Forgery
Posted by deepcore under exploit (No Respond)
PHP-SHOP Master version 1.0 suffers from a cross site request forgery vulnerability.
Archive for October, 2018
OwnTicket 1.0 SQL Injection
Posted by deepcore under exploit (No Respond)
OwnTicket version 1.0 suffers from a remote SQL injection vulnerability.
http://leaves.eppo.go.th/security/lang.tmp
Posted by deepcore under defacement (No Respond)
http://leaves.eppo.go.th/security/lang.tmp notified by VenoM
Tags: defacementAny Sound Recorder 2.93 Buffer Overflow
Posted by deepcore under exploit (No Respond)
Any Sound Recorder version 2.93 SEH buffer overflow proof of concept exploit.
Time And Expense Management System 3.0 Cross Site Request Forgery
Posted by deepcore under exploit (No Respond)
Time and Expense Management System version 3.0 suffers from a cross site request forgery vulnerability.
Git Submodule Arbitrary Code Execution
Posted by deepcore under exploit (No Respond)
This write up provides a proof of concept with technical details for the git submodule arbitrary code execution vulnerability.
LANGO Codeigniter Multilingual Script 1.0 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
LANGO Codeigniter Multilingual Script version 1.0 suffers from html injection and cross site scripting vulnerabilities.
Ekushey Project Manager CRM 3.1 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Ekushey Project Manager CRM version 3.1 suffers from a persistent cross site scripting vulnerability.
TP-Link TL-SC3130 1.6.18 Unauthenticated RTSP Stream Disclosure
Posted by deepcore under exploit (No Respond)
TP-Link TL-SC3130 version 1.6.18 suffers from an unauthenticated and unauthorized live RTSP stream disclosure.
D-Link Plain-Text Password Storage / Code Execution / Directory Traversal
Posted by deepcore under exploit (No Respond)
Multiple D-Link router models suffer from code execution, plain-text password storage, and directory traversal vulnerabilities.
