[webapps] Flexpaper PHP Publish Service 2.3.6 – Remote Code Execution
Posted by deepcore under Security (No Respond)
Archive for March, 2019
[webapps] OpenKM 6.3.2 < 6.3.7 – Remote Command Execution (Metasploit)
Posted by deepcore under Security (No Respond)
[webapps] Liferay CE Portal < 7.1.2 ga3 – Remote Command Execution (Metasploit)
Posted by deepcore under Security (No Respond)
[shellcode] Linux/x86 – Polymorphic execve(/bin/sh) Shellcode (63 bytes)
Posted by deepcore under Security (No Respond)
phpBB 3.2.3 Remote Code Execution
Posted by deepcore under exploit (No Respond)
phpBB version 3.2.3 remote code execution exploit.
Sparkasse Cross Site Scripting
Posted by deepcore under exploit (No Respond)
The vulnerability laboratory core research team discovered multiple persistent cross site vulnerabilities in the Sparkasse online service web-application.
Anyburn 4.x x86 Buffer Overflow
Posted by deepcore under exploit (No Respond)
Anyburn version 4.3 x86 “Copy disc to image file” buffer overflow SEH unicode exploit.
QNAP TS-431 QTS Remote Command Execution
Posted by deepcore under exploit (No Respond)
This Metasploit module creates a virtual web server and uploads the php payload into it. Admin privileges cannot access any server files except File Station files. The user who is authorized to create Virtual Web Server can upload malicious php file by activating the server. Exploit creates a new directory into File Station to connect […]
OrientDB 3.0.17 GA Community Edition XSS / CSRF
Posted by deepcore under exploit (No Respond)
OrientDB version 3.0.17 GA Community Edition suffers from cross site request forgery and cross site scripting vulnerabilities.
Kados R10 GreenBee SQL Injection
Posted by deepcore under exploit (No Respond)
Kados R10 GreenBee suffers from a remote SQL injection vulnerability in the menu_lev1 parameter.