Visual Studio Code Remote Debugger Enabled
Posted by deepcore under exploit (No Respond)
Visual Studio Code enables its remote debugger by default when installed.
Archive for October, 2019
SugarCRM 9.0.1 Path Traversal
Posted by deepcore under exploit (No Respond)
SugarCRM versions 9.0.1 and below suffer from multiple path traversal vulnerabilities.
SugarCRM 9.0.1 PHP Code Injection
Posted by deepcore under exploit (No Respond)
SugarCRM versions 9.0.1 and below suffer from multiple PHP code injection vulnerabilities.
SugarCRM 9.0.1 PHP Object Injection
Posted by deepcore under exploit (No Respond)
SugarCRM versions 9.0.1 and below suffer from multiple php object injection vulnerabilities.
SugarCRM 9.0.1 Phar Deserialization
Posted by deepcore under exploit (No Respond)
SugarCRM versions 9.0.1 and below suffer from multiple phar deserialization vulnerabilities.
Openfire 4.4.1 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Openfire version 4.4.1 suffers from multiple cross site scripting vulnerabilities.
http://live.cdd.go.th/love.txt
Posted by deepcore under defacement (No Respond)
http://live.cdd.go.th/love.txt notified by UnM@SK
Tags: defacementTP-Link TL-WR1043ND 2 Authentication Bypass
Posted by deepcore under exploit (No Respond)
TP-Link TL-WR1043ND 2 suffers from an authentication bypass vulnerability.
ASX To MP3 Converter 3.1.3.7 Stack Overflow
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits a stack buffer overflow in ASX to MP3 converter 3.1.3.7. By constructing a specially crafted ASX file and attempting to convert it to an MP3 file in the application, a buffer is overwritten, which allows for running shellcode. Tested on: Microsoft Windows 7 Enterprise, 6.1.7601 Service Pack 1 Build 7601, x64-based […]
SMA Solar Technology AG Sunny WebBox 1.6 Cross Site Request Forgery
Posted by deepcore under exploit (No Respond)
SMA Solar Technology AG Sunny WebBox device version 1.6 suffers from a cross site request forgery vulnerability.