[webapps] Rocket.Chat 2.1.0 – Cross-Site Scripting
Posted by deepcore under Security (No Respond)
Archive for October, 2019
https://ic.nbtc.go.th/xampp/lang.tmp
Posted by deepcore under defacement (No Respond)
https://ic.nbtc.go.th/xampp/lang.tmp notified by SeRaVo BlackHaT
Tags: defacementTotal.js CMS 12 Widget JavaScript Code Injection
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits a vulnerability in Total.js CMS. The issue is that a user with admin permission can embed a malicious JavaScript payload in a widget, which is evaluated server side, and gain remote code execution.
[remote] Total.js CMS 12 – Widget JavaScript Code Injection (Metasploit)
Posted by deepcore under Security (No Respond)
https://nonghuafancity.go.th/o.htm
Posted by deepcore under defacement (No Respond)
https://nonghuafancity.go.th/o.htm notified by chinafans
Tags: defacementhttp://www.pamat.go.th/o.htm
Posted by deepcore under defacement (No Respond)
http://www.pamat.go.th/o.htm notified by chinafans
Tags: defacementTrend Micro Anti-Threat Toolkit (ATTK) 1.62.0.1218 Remote Code Execution
Posted by deepcore under exploit (No Respond)
Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below suffer from a remote code execution vulnerability.
[local] Solaris 11.4 – xscreensaver Privilege Escalation
Posted by deepcore under Security (No Respond)
[dos] winrar 5.80 64bit – Denial of Service
Posted by deepcore under Security (No Respond)
[dos] Adobe Acrobat Reader DC for Windows – Heap-Based Buffer Overflow due to Malformed JP2 Stream (2)
Posted by deepcore under Security (No Respond)
Adobe Acrobat Reader DC for Windows – Heap-Based Buffer Overflow due to Malformed JP2 Stream (2)
Tags: 0day, remote exploit