Serv-U FTP Server 15.1.7 Persistent Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Serv-U FTP Server version 15.1.7 suffers from a persistent cross site scripting vulnerability.
Archive for December, 2019
Serv-U FTP Server 15.1.7 CSV Injection
Posted by deepcore under exploit (No Respond)
Serv-U FTP Server version 15.1.7 suffers from a CSV injection vulnerability.
Control Web Panel 0.9.8.864 phpMyAdmin Password Disclosure
Posted by deepcore under exploit (No Respond)
Control Web Panel versions 0.9.8.856 through 0.9.8.864 suffer from a phpMyAdmin password disclosure vulnerability.
Microsoft Teams Instant Messenger DLL Hijacking
Posted by deepcore under exploit (No Respond)
Microsoft Teams Instant Messenger application on Windows 7 SP1 fully patched is vulnerable to remote DLL hijacking.
Bash Profile Persistence
Posted by deepcore under exploit (No Respond)
This Metasploit module writes an execution trigger to the target’s Bash profile. The execution trigger executes a call back payload whenever the target user opens a Bash terminal. A handler is not run automatically, so you must configure an appropriate exploit/multi/handler to receive the callback.
Apple Security Advisory 2019-12-10-1
Posted by deepcore under Apple (No Respond)
[webapps] NopCommerce 4.2.0 – Privilege Escalation
Posted by deepcore under Security (No Respond)
[webapps] Netgear R6400 – Remote Code Execution
Posted by deepcore under Security (No Respond)
[webapps] Zendesk App SweetHawk Survey 1.6 – Persistent Cross-Site Scripting
Posted by deepcore under Security (No Respond)
https://www.sme.go.th/readme.htm
Posted by deepcore under defacement (No Respond)
https://www.sme.go.th/readme.htm notified by Dijehaji
Tags: defacement