Subscribe via feed.
Archive for June, 2019

[local] Vim < 8.1.1365 / Neovim < 0.3.6 – Arbitrary Code Execution

Posted by deepcore under Security (No Respond)

Vim < 8.1.1365 / Neovim < 0.3.6 – Arbitrary Code Execution

Tags: ,

[webapps] Zoho ManageEngine ServiceDesk Plus 9.3 – 'SiteLookup.do' Cross-Site Scripting

Posted by deepcore under Security (No Respond)

Zoho ManageEngine ServiceDesk Plus 9.3 – ‘SiteLookup.do’ Cross-Site Scripting

Tags: ,

[remote] Cisco RV130W 1.0.3.44 – Remote Stack Overflow

Posted by deepcore under Security (No Respond)

Cisco RV130W 1.0.3.44 – Remote Stack Overflow

Tags: ,

[remote] NUUO NVRMini 2 3.9.1 – 'sscanf' Stack Overflow

Posted by deepcore under Security (No Respond)

NUUO NVRMini 2 3.9.1 – ‘sscanf’ Stack Overflow

Tags: ,

[webapps] IceWarp 10.4.4 – Local File Inclusion

Posted by deepcore under Security (No Respond)

IceWarp 10.4.4 – Local File Inclusion

Tags: ,

[local] DVD X Player 5.5 Pro – Local Buffer Overflow (SEH)

Posted by deepcore under Security (No Respond)

DVD X Player 5.5 Pro – Local Buffer Overflow (SEH)

Tags: ,

http://member.ses26.go.th

Posted by deepcore under defacement (No Respond)

http://member.ses26.go.th notified by XnonGermx

Tags:

http://www.mhkpeo.ses26.go.th

Posted by deepcore under defacement (No Respond)

http://www.mhkpeo.ses26.go.th notified by XnonGermx

Tags:

Safari Webkit Proxy Object Type Confusion

Posted by deepcore under exploit (No Respond)

This Metasploit module exploits a type confusion bug in the Javascript Proxy object in WebKit. The DFG JIT does not take into account that, through the use of a Proxy, it is possible to run arbitrary JS code during the execution of a CreateThis operation. This makes it possible to change the structure of e.g. […]

[webapps] WordPress Plugin Form Maker 1.13.3 – SQL Injection

Posted by deepcore under Security (No Respond)

WordPress Plugin Form Maker 1.13.3 – SQL Injection

Tags: ,