[webapps] Ajenti 2.1.31 – Remote Code Exection (Metasploit)
Posted by deepcore under Security (No Respond)
Archive for October, 2019
ham3d 1.1 Information Disclosure / Default Credentials
Posted by deepcore under exploit (No Respond)
ham3d version 1.1 suffers from information disclosure and default credential vulnerabilities.
ClonOs WEB UI 19.09 Improper Access Control
Posted by deepcore under exploit (No Respond)
ClonOs WEB UI version 19.09 suffers from an improper access control vulnerability.
Sahi Pro 8.x Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Sahi Pro version 8.x suffers from a reflective cross site scripting vulnerability.
CWP 0.9.8.885 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
CWP version 0.9.8.885 suffers from a persistent cross site scripting vulnerability.
Part-DB 0.4 Authentication Bypass
Posted by deepcore under exploit (No Respond)
Part-DB version 0.4 suffers from an authentication bypass vulnerability.
JumpStart 0.6.0.0 Unquoted Service Path
Posted by deepcore under exploit (No Respond)
JumpStart version 0.6.0.0 suffers from a jswpbapi unquoted service path vulnerability.
Intelbras Router WRN150 1.0.18 Cross Site Request Forgery
Posted by deepcore under exploit (No Respond)
Intelbras Router WRN150 version 1.0.18 suffers from a cross site request forgery vulnerability.
waldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 SQL Injection
Posted by deepcore under exploit (No Respond)
waldronmatt FullCalendar-BS4-PHP-MySQL-JSON version 1.21 suffers from a remote SQL injection vulnerability.
delpino73 Blue-Smiley-Organizer 1.32 SQL Injection
Posted by deepcore under exploit (No Respond)
delpino73 Blue-Smiley-Organizer version 1.32 suffers from a remote SQL injection vulnerability.