[webapps] AlchemyCMS 4.1 – Cross-Site Scripting
Posted by deepcore under Security (No Respond)
Archive for October, 2018
[webapps] Advanced HRM 1.6 – Remote Code Execution
Posted by deepcore under Security (No Respond)
[webapps] FLIR AX8 Thermal Camera 1.32.16 – RTSP Stream Disclosure
Posted by deepcore under Security (No Respond)
[webapps] MaxOn ERP Software 8.x-9.x – 'nomor' SQL Injection
Posted by deepcore under Security (No Respond)
[webapps] FLIR Brickstream 3D+ 2.1.742.1842 – Config File Disclosure
Posted by deepcore under Security (No Respond)
[webapps] FLIR AX8 Thermal Camera 1.32.16 – Arbitrary File Disclosure
Posted by deepcore under Security (No Respond)
[webapps] Academic Timetable Final Build 7.0a-7.0b – 'id' SQL Injection
Posted by deepcore under Security (No Respond)
HaPe PKH 1.1 SQL Injection
Posted by deepcore under exploit (No Respond)
HaPe PKH version 1.1 suffers from a remote SQL injection vulnerability.
Cockpit CMS CSRF / XSS / Path Traversal
Posted by deepcore under exploit (No Respond)
Cockpit CMS suffers from cross site request forgery, cross site scripting, and traversal vulnerabilities. Version 0.6.2 should address these issues.
Phoenix Contact WebVisit 2985725 Authentication Bypass
Posted by deepcore under exploit (No Respond)
Phoenix Contact WebVisit 2985725 suffers from an authentication bypass vulnerability.
