2019 February

Nokia 8810 Denial Of Service

Posted by deepcore under exploit (No Respond)

A denial of service issue has been discovered in the Gecko component of KaiOS 2.5 10.05 (platform 48.0.a2) on Nokia 8810 4G devices. When a crafted web page is visited with the internal browser, the Gecko process crashes with a segfault. Successful exploitation could lead to the remote code execution on the device.

Jiofi 4 (JMR 1140) Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Jiofi 4 (JMR 1140) with firmware version Amtel_JMR1140_R12.07 suffers from a cross site scripting vulnerability.

Jiofi 4 (JMR 1140) WiFi Password Cross Site Request Forgery

Posted by deepcore under exploit (No Respond)

Jiofi 4 (JMR 1140) with firmware version Amtel_JMR1140_R12.07 suffers from a WiFi password disclosure cross site request forgery vulnerability.

Jiofi 4 (JMR 1140) Admin Token Disclosure Cross Site Request Forgery

Posted by deepcore under exploit (No Respond)

Jiofi 4 (JMR 1140) with firmware version Amtel_JMR1140_R12.07 suffers from an admin token disclosure cross site request forgery vulnerability.

Rukovoditel Project Management CRM 2.4.1 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Rukovoditel Project Management CRM version 2.4.1 suffers from a cross site scripting vulnerability.

NetworkSleuth 3.0 Denial Of Service

Posted by deepcore under exploit (No Respond)

NetworkSleuth version 3.0 suffers from a denial of service vulnerability.

PilusCart 1.4.1 SQL Injection

Posted by deepcore under exploit (No Respond)

PilusCart version 1.4.1 suffers from a remote SQL injection vulnerability.

[dos] ApowerManager 3.1.7 – Phone Manager Remote Denial of Service (DoS)

Posted by deepcore under Security (No Respond)

ApowerManager 3.1.7 – Phone Manager Remote Denial of Service (DoS)

Tags: 0day, remote exploit

[dos] MediaMonkey 4.1.23 – '.mp3' URL Denial of Service (PoC)

Posted by deepcore under Security (No Respond)

MediaMonkey 4.1.23 – ‘.mp3’ URL Denial of Service (PoC)

Tags: 0day, remote exploit

[webapps] WordPress Plugin Booking Calendar 8.4.3 – Authenticated SQL Injection

Posted by deepcore under Security (No Respond)

WordPress Plugin Booking Calendar 8.4.3 – Authenticated SQL Injection

Tags: 0day, remote exploit

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Nokia 8810 Denial Of Service

Jiofi 4 (JMR 1140) Cross Site Scripting

Jiofi 4 (JMR 1140) WiFi Password Cross Site Request Forgery

Jiofi 4 (JMR 1140) Admin Token Disclosure Cross Site Request Forgery

Rukovoditel Project Management CRM 2.4.1 Cross Site Scripting

NetworkSleuth 3.0 Denial Of Service

PilusCart 1.4.1 SQL Injection

[dos] ApowerManager 3.1.7 – Phone Manager Remote Denial of Service (DoS)

[dos] MediaMonkey 4.1.23 – '.mp3' URL Denial of Service (PoC)

[webapps] WordPress Plugin Booking Calendar 8.4.3 – Authenticated SQL Injection

Tabs Switcher

BLOGROLL

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Tabs Switcher

BLOGROLL