[remote] RemoteMouse 3.008 – Arbitrary Remote Command Execution
Posted by deepcore under Security (No Respond)
Archive for April, 2019
[shellcode] Linux/x86 – MMX-PUNPCKLBW Encoder Shellcode (61 bytes)
Posted by deepcore under Security (No Respond)
[remote] MailCarrier 2.51 – 'RCPT TO' Buffer Overflow
Posted by deepcore under Security (No Respond)
http://www.onep.go.th/by.htm
Posted by deepcore under defacement (No Respond)
http://www.onep.go.th/by.htm notified by GeNErAL
Tags: defacementInternet Explorer Zero-Day Lets Hackers Steal Files From Windows PCs
Posted by deepcore under exploit (No Respond)
CyberArk EPM 10.2.1.603 Security Restrictions Bypass
Posted by deepcore under exploit (No Respond)
CyberArk EPM version 10.2.1.603 suffers from a security restrictions bypass vulnerability.
ATutor file_manager Remote Code Execution
Posted by deepcore under exploit (No Respond)
This Metasploit module allows the user to run commands on the server with the teacher user privilege. The ‘Upload files’ section in the ‘File Manager’ field contains an arbitrary file upload vulnerability.
DirectAdmin 1.561 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
DirectAdmin versions 1.561 and below suffer from multiple cross site scripting vulnerabilities.
Microsoft Internet Explorer 11 XML Injection
Posted by deepcore under exploit (No Respond)
Microsoft Internet Explorer 11 suffers from an XML external entity injection vulnerability.
Zimbra Collaboration Autodiscover Servlet XXE / ProxyServlet SSRF
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits an XML external entity vulnerability and a server side request forgery to get unauthenticated code execution on Zimbra Collaboration Suite. The XML external entity vulnerability in the Autodiscover Servlet is used to read a Zimbra configuration file that contains an LDAP password for the zimbra account. The zimbra credentials are then […]