2019 January

Comodo KORUGAN LITE 1.6.5.1024 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Comodo KORUGAN LITE version 1.6.5.1024 suffers from a cross site scripting vulnerability.

SIDU 6.0 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

SIDU version 6.0 suffers from a cross site scripting vulnerability.

Comodo KORUGAN VM 1.9.3.1100 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Comodo KORUGAN VM version 1.9.3.1100 suffers from a cross site scripting vulnerability.

NUUO CMS Session Tokens / Traversal / SQL Injection

Posted by deepcore under exploit (No Respond)

NUUO CMS suffers from directory traversal, predictable session token, unauthenticated remote code execution, and various other vulnerabilities. Multiple metasploit modules included and various versions are affected by the various vulnerabilities.

Microsoft Windows VCF Arbitrary Code Execution

Posted by deepcore under exploit (No Respond)

Microsoft Windows VCF or Contact file URL manipulation arbitrary code execution proof of concept exploit. Tested on Windows 7 SP1, 8.1, 10 v.1809 with full patches up to January 2019. Both x86 and x64 architectures were tested.

ManageEngine OpManager 12.3 Privilege Escalation

Posted by deepcore under exploit (No Respond)

ManageEngine OpManager version 12.3 suffers from a weak permissions issue in which an attacker can replace the service binary with a binary of his choice. This service runs as Localsystem thus allowing for a privilege escalation vector.

Exploitation Framework For STMicroelectronics DVB Chipsets

Posted by deepcore under exploit (No Respond)

This detailed research paper discusses a multitude of security issues with STMicroelectronics DVB chipsets including, but not limited to credential leakage, buffer overflow, and data leaks.

PLC Wireless Router GPN2.4P21-C-CN Incorrect Access Control

Posted by deepcore under exploit (No Respond)

PLC Wireless Router GPN2.4P21-C-CN suffers from an incorrect access control vulnerability.

PLC Wireless Router GPN2.4P21-C-CN Cross Site Request Forgery

Posted by deepcore under exploit (No Respond)

PLC Wireless Router GPN2.4P21-C-CN suffers from a cross site request forgery vulnerability.

Two More Windows Zero Days Get Temporary Patches

Posted by deepcore under exploit (No Respond)

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Comodo KORUGAN LITE 1.6.5.1024 Cross Site Scripting

SIDU 6.0 Cross Site Scripting

Comodo KORUGAN VM 1.9.3.1100 Cross Site Scripting

NUUO CMS Session Tokens / Traversal / SQL Injection

Microsoft Windows VCF Arbitrary Code Execution

ManageEngine OpManager 12.3 Privilege Escalation

Exploitation Framework For STMicroelectronics DVB Chipsets

PLC Wireless Router GPN2.4P21-C-CN Incorrect Access Control

PLC Wireless Router GPN2.4P21-C-CN Cross Site Request Forgery

Two More Windows Zero Days Get Temporary Patches

Tabs Switcher

Categories

Archives

Meta

BLOGROLL

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Tabs Switcher

Categories

Archives

Meta

BLOGROLL