WordPress Fruitful 3.8 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress Fruitful theme version 3.8 suffers from a persistent cross site scripting vulnerability.
Archive for February, 2020
Microsoft Windows Modules Installer Service Information Disclosure
Posted by deepcore under exploit (No Respond)
The TrustedInstaller service running on the Microsoft Windows operating system hosts a COM service called Sxs Store Class; its ISxsStore interface provides methods to install/uninstall assembles via application manifests files into the WinSxS store. These API methods were meant to be available for users with administrative privileges only, but the logic was unintentionally exposed to […]
[webapps] WordPress Plugin WP Sitemap Page 1.6.2 – Persistent Cross-Site Scripting
Posted by deepcore under Security (No Respond)
[webapps] WordPress Plugin Strong Testimonials 2.40.1 – Persistent Cross-Site Scripting
Posted by deepcore under Security (No Respond)
WordPress Plugin Strong Testimonials 2.40.1 – Persistent Cross-Site Scripting
Tags: 0day, remote exploit[local] HP System Event 1.2.9.0 – 'HPWMISVC' Unquoted Service Path
Posted by deepcore under Security (No Respond)
[local] Cuckoo Clock v5.0 – Buffer Overflow
Posted by deepcore under Security (No Respond)
[webapps] SOPlanning 1.45 – 'users' SQL Injection
Posted by deepcore under Security (No Respond)
[webapps] Avaya Aura Communication Manager 5.2 – Remote Code Execution
Posted by deepcore under Security (No Respond)
[local] BOOTP Turbo 2.0.1214 – 'BOOTP Turbo' Unquoted Service Path
Posted by deepcore under Security (No Respond)
[webapps] SOPlanning 1.45 – Cross-Site Request Forgery (Add User)
Posted by deepcore under Security (No Respond)