Dokuwiki 2018-04-22b Username Enumeration
Posted by deepcore under exploit (No Respond)
Last Updated on December 3, 2019 by deepcore Dokuwiki version 2018-04-22b suffers from a username enumeration vulnerability.
Archive for December, 2019
Microsoft Visual Studio 2008 Express IDE XML Injection
Posted by deepcore under exploit (No Respond)
Last Updated on December 3, 2019 by deepcore Microsoft Visual Studio 2008 Express IDE suffers from an XML external entity injection vulnerability.
Ajenti 2.1.31 Command Injection
Posted by deepcore under exploit (No Respond)
Last Updated on December 3, 2019 by deepcore This Metasploit module exploits a command injection in Ajenti version 2.1.31. By injecting a command into the username POST parameter to api/core/auth, a shell can be spawned.
Packet Storm New Exploits For November, 2019
Posted by deepcore under exploit (No Respond)
Last Updated on December 3, 2019 by deepcore This archive contains all of the 180 exploits added to Packet Storm in November, 2019.
SALTO ProAccess SPACE 5.5 Traversal / File Write / XSS / Bypass
Posted by deepcore under exploit (No Respond)
Last Updated on December 3, 2019 by deepcore SALTO ProAccess SPACE versions 5.5 and below suffer from path traversal, arbitrary file write, persistent cross site scripting, privilege escalation, and clear text transmission of sensitive data vulnerabilities.
http://www.silalang.go.th/o.htm
Posted by deepcore under defacement (No Respond)
Last Updated on December 3, 2019 by deepcore http://www.silalang.go.th/o.htm notified by chinafans
Tags: defacement[webapps] Intelbras Router RF1200 1.1.3 – Cross-Site Request Forgery
Posted by deepcore under Security (No Respond)
Last Updated on December 3, 2019 by deepcore Intelbras Router RF1200 1.1.3 – Cross-Site Request Forgery
Tags: 0day, remote exploit[webapps] Online Invoicing System 2.6 – 'description' Persistent Cross-Site Scripting
Posted by deepcore under Security (No Respond)
Last Updated on December 3, 2019 by deepcore Online Invoicing System 2.6 – ‘description’ Persistent Cross-Site Scripting
Tags: 0day, remote exploithttp://ncd.ddc.moph.go.th
Posted by deepcore under defacement (No Respond)
Last Updated on December 2, 2019 by deepcore http://ncd.ddc.moph.go.th notified by Zeerx7
Tags: defacement[local] Microsoft Excel 2016 1901 – XML External Entity Injection
Posted by deepcore under Security (No Respond)
Last Updated on December 2, 2019 by deepcore Microsoft Excel 2016 1901 – XML External Entity Injection
Tags: 0day, remote exploit
