AMSS++ 4.31 SQL Injection
Posted by deepcore under exploit (No Respond)
AMSS++ version 4.31 suffers from a remote SQL injection vulnerability.
Archive for February, 2020
Online Birth Certificate System 1.0 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Online Birth Certificate System version 1.0 suffers from a persistent cross site scripting vulnerability.
D-Link DGS-1250 Header Injection
Posted by deepcore under exploit (No Respond)
D-Link DGS-1250 suffers from a header injection vulnerability that can be leveraged through cross site scripting.
Open-Xchange App Suite / Documents Server-Side Request Forgery
Posted by deepcore under exploit (No Respond)
Open-Xchange App Suite and Documents versions 7.10.2 and below suffer from multiple server-side request forgery vulnerabilities.
OpenNetAdmin Ping Command Injection
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits a command injection in OpenNetAdmin between versions 8.5.14 and 18.1.1.
http://sahathat.go.th/file_editor/db.txt
Posted by deepcore under defacement (No Respond)
http://sahathat.go.th/file_editor/db.txt notified by SeRaVo BlackHaT
Tags: defacementWordPress Default-Featured-Image 1.6.1 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress Default-Featured-Image plugin version 1.6.1 suffers from a cross site scripting vulnerability.
WordPress Events-Manager 5.9.7.3 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress Events-Manager plugin version 5.9.7.3 suffers from a cross site scripting vulnerability.
WordPress Forminator 1.11.2 Remote File Upload
Posted by deepcore under exploit (No Respond)
WordPress Forminator plugin version 1.11.2 suffers from a remote file upload vulnerability.
WordPress Forminator 1.11.2 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress Forminator plugin version 1.11.2 suffers from a cross site scripting vulnerability.