[webapps] Opencart 3.0.3.2 – 'extension/feed/google_base' Denial of Service PoC
Posted by deepcore under Security (No Respond)
Archive for May, 2019
[local] Axessh 4.2 – 'Log file name' Local Stack-based Buffer Overflow
Posted by deepcore under Security (No Respond)
WordPress Inkblot Theme 4.9.10 Cross Site Request Forgery
Posted by deepcore under exploit (No Respond)
WordPress Inkblot Theme version 4.9.10 suffers from a cross site request forgery vulnerability.
WordPress Memphis Documents Library 3.9.19 Cross Site Request Forgery
Posted by deepcore under exploit (No Respond)
WordPress Memphis Documents Library plugin version 3.9.19 suffers from a cross site request forgery vulnerability.
Microsoft Windows Task Scheduler .job Import Arbitrary DACL Write
Posted by deepcore under exploit (No Respond)
Microsoft Windows task scheduler .job import arbitrary DACL write proof of concept exploit.
Blue Prism Robotic Process Automation (RPA) Privilege Escalation
Posted by deepcore under exploit (No Respond)
Blue Prism Robotic Process Automation (RPA) versions prior to 6.5.0.12573 suffer from a privilege escalation vulnerability.
[papers] Web Application Firewall Bypass Methods
Posted by deepcore under Security (No Respond)
[local] Microsoft Windows 10 (17763.379) – Install DLL
Posted by deepcore under Security (No Respond)
[remote] Shopware – createInstanceFromNamedArguments PHP Object Instantiation Remote Code Execution (Metasploit)
Posted by deepcore under Security (No Respond)
Shopware – createInstanceFromNamedArguments PHP Object Instantiation Remote Code Execution (Metasploit)
Tags: 0day, remote exploit[dos] Visual Voicemail for iPhone – IMAP NAMESPACE Processing Use-After-Free
Posted by deepcore under Security (No Respond)