2019 June

IceWarp 10.4.4 Local File Inclusion

Posted by deepcore under exploit (No Respond)

IceWarp versions 10.4.4 and below suffer from a local file inclusion vulnerability.

Zoho ManageEngine ServiceDesk Plus 9.3 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Zoho ManageEngine ServiceDesk Plus version 9.3 suffers from multiple cross site scripting vulnerabilities.

Google Chrome WasmMemoryObject::Grow Use-After-Free

Posted by deepcore under exploit (No Respond)

Google Chrome suffers from a use-after-free vulnerability in WasmMemoryObject::Grow.

LibreNMS addhost Command Injection

Posted by deepcore under exploit (No Respond)

This Metasploit module exploits a command injection vulnerability in the open source network management software known as LibreNMS. The community parameter used in a POST request to the addhost functionality is unsanitized. This parameter is later used as part of a shell command that gets passed to the popen function in capture.inc.php, which can result […]

IBM Websphere Application Server Remote Code Execution

Posted by deepcore under exploit (No Respond)

This Metasploit module exploits untrusted serialized data processed by the WAS DMGR Server and Cells in the IBM Websphere Application Server. NOTE: There is a required 2 minute timeout between attempts as the neighbor being added must be reset.

[remote] Exim 4.87 < 4.91 – (Local / Remote) Command Execution

Posted by deepcore under Security (No Respond)

Exim 4.87 < 4.91 – (Local / Remote) Command Execution

Tags: 0day, remote exploit

[dos] Google Chrome 73.0.3683.103 – 'WasmMemoryObject::Grow' Use-After-Free

Posted by deepcore under Security (No Respond)

Google Chrome 73.0.3683.103 – ‘WasmMemoryObject::Grow’ Use-After-Free

Tags: 0day, remote exploit

[webapps] Zimbra < 8.8.11 – XML External Entity Injection / Server-Side Request Forgery

Posted by deepcore under Security (No Respond)

Zimbra < 8.8.11 – XML External Entity Injection / Server-Side Request Forgery

Tags: 0day, remote exploit

[remote] LibreNMS – addhost Command Injection (Metasploit)

Posted by deepcore under Security (No Respond)

LibreNMS – addhost Command Injection (Metasploit)

Tags: 0day, remote exploit

[remote] IBM Websphere Application Server – Network Deployment Untrusted Data Deserialization Remote Code Execution (Metasploit)

Posted by deepcore under Security (No Respond)

IBM Websphere Application Server – Network Deployment Untrusted Data Deserialization Remote Code Execution (Metasploit)

Tags: 0day, remote exploit

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

IceWarp 10.4.4 Local File Inclusion

Zoho ManageEngine ServiceDesk Plus 9.3 Cross Site Scripting

Google Chrome WasmMemoryObject::Grow Use-After-Free

LibreNMS addhost Command Injection

IBM Websphere Application Server Remote Code Execution

[remote] Exim 4.87 < 4.91 – (Local / Remote) Command Execution

[dos] Google Chrome 73.0.3683.103 – 'WasmMemoryObject::Grow' Use-After-Free

[webapps] Zimbra < 8.8.11 – XML External Entity Injection / Server-Side Request Forgery

[remote] LibreNMS – addhost Command Injection (Metasploit)

[remote] IBM Websphere Application Server – Network Deployment Untrusted Data Deserialization Remote Code Execution (Metasploit)

Tabs Switcher

Categories

Archives

Meta

BLOGROLL

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Tabs Switcher

Categories

Archives

Meta

BLOGROLL