Subscribe via feed.
Archive for December, 2019

AVS Audio Converter 9.1.2.600 Stack Overflow

Posted by deepcore under exploit (No Respond)

AVS Audio Converter version 9.1.2.600 stack overflow proof of concept exploit.

FTP Navigator 8.03 Stack Overflow

Posted by deepcore under exploit (No Respond)

FTP Navigator version 8.03 stack overflow SEH proof of concept exploit.

Cera Intranet Community Theme 1.0.1 SQL Injection

Posted by deepcore under exploit (No Respond)

Cera Intranet Community Theme version 1.0.1 suffers from a remote SQL injection vulnerability.

elearning-script 1.0 SQL Injection

Posted by deepcore under exploit (No Respond)

elearning-script version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Wave 2.0 SQL Injection

Posted by deepcore under exploit (No Respond)

Wave version 2.0 suffers from a remote SQL injection vulnerability.

RICOH SP 4510SF Printer HTML Injection

Posted by deepcore under exploit (No Respond)

RICOH SP 4510SF Printer suffers from an html injection vulnerability.

Wing FTP Server 6.0.7 Unquoted Service Path

Posted by deepcore under exploit (No Respond)

Wing FTP Server version 6.0.7 suffers from an unquoted service path vulnerability.

Heatmiser Netmonitor 3.03 Hardcoded Credentials

Posted by deepcore under exploit (No Respond)

Heatmiser Netmonitor version 3.03 suffers from a hardcoded credential vulnerability.

WEMS Enterprise Manager 2.58 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

WEMS Enterprise Manager version 2.58 suffers from a cross site scripting vulnerability.

WEMS BEMS 21.3.1 Undocumented Backdoor Account

Posted by deepcore under exploit (No Respond)

WEMS BEMS version 21.3.1 has an undocumented backdoor account that is Base64 encoded. These sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the controller thru the RMI.