[dos] Microsoft Edge 44.17763.1.0 – NULL Pointer Dereference
Posted by deepcore under Security (No Respond)
Archive for January, 2019
[webapps] All in One Video Downloader 1.2 – Authenticated SQL Injection
Posted by deepcore under Security (No Respond)
[remote] Mailcleaner – Authenticated Remote Code Execution (Metasploit)
Posted by deepcore under Security (No Respond)
[webapps] Embed Video Scripts – Persistent Cross-Site Scripting
Posted by deepcore under Security (No Respond)
[webapps] MyBB OUGC Awards Plugin 1.8.3 – Persistent Cross-Site Scripting
Posted by deepcore under Security (No Respond)
SugarCRM WorkFlow PHP Code Injection
Posted by deepcore under exploit (No Respond)
SugarCRM versions prior to 7.9.4.0 and 7.11.0.0 suffer from a PHP code injection vulnerability in the WorkFlow module. User input passed through the $_POST[‘base_module’] parameter to the “Save” action of the WorkFlow module is not properly sanitized before being used to write data into the ‘workflow.php’ file. This can be exploited to inject and execute […]
Oracle Application Express AnyChart Flash-Based Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Oracle Application Express versions prior to 5.1.4.00.08 suffer from a cross site scripting vulnerability. The vulnerability is located in the OracleAnyChart.swf file. User input passed through the “__externalobjid” GET parameter is not properly sanitized before being passed to the “ExternalInterface.call” method.
SugarCRM addLabels PHP Code Injection
Posted by deepcore under exploit (No Respond)
SugarCRM versions prior to 7.9.5.0, 8.0.2, and 8.2.0 suffer from a PHP code injection vulnerability. User input passed through key values of the ‘labels_’ parameters is not properly sanitized before being used to save PHP code within the “ParserLabel::addLabels()” method when saving labels through the Module Builder. This can be exploited to inject and execute […]
SugarCRM Web Logic Hooks Module PHP Code Injection
Posted by deepcore under exploit (No Respond)
SugarCRM versions prior to 7.9.5.0, 8.0.2, and 8.2.0 suffer from a PHP code injection vulnerability. User input passed through the “trigger_event” parameter is not properly sanitized before being used to save PHP code into the ‘logic_hooks.php’ file through the Web Logic Hooks module. This can be exploited to inject and execute arbitrary PHP code. Successful […]
SugarCRM Web Logic Hooks Module Path Traversal
Posted by deepcore under exploit (No Respond)
SugarCRM versions prior to 7.9.5.0, 8.0.2, and 8.2.0 suffer from a path traversal vulnerability. User input passed through the “webhook_target_module” parameter is not properly sanitized before being used to save PHP code into the hooks file through the Web Logic Hooks module. This can be exploited to carry out path traversal attacks and e.g. create […]
