Iskysoft Application Framework Service 2.4.3.241 Unquoted Service Path
Posted by deepcore under exploit (No Respond)
Iskysoft Application Framework Service version 2.4.3.241 suffers from an unquoted service path vulnerability.
Archive for March, 2020
Microsoft Windows WizardOpium Local Privilege Escalation
Posted by deepcore under exploit (No Respond)
Microsoft Windows WizardOpium local privilege escalation exploit.
SpyHunter 4 Unquoted Service Path
Posted by deepcore under exploit (No Respond)
SpyHunter 4 suffers from an unquoted service path vulnerability.
ManageEngine Desktop Central Deserialization / Remote Code Execution
Posted by deepcore under exploit (No Respond)
ManageEngine Desktop Central FileStorage getChartImage deserialization and unauthenticated remote code execution exploit.
ASUS GiftBox Desktop 1.1.1.127 Unquoted Service Path
Posted by deepcore under exploit (No Respond)
ASUS GiftBox Desktop version 1.1.1.127 suffers from an unquoted service path vulnerability.
Deep Instinct Windows Agent 1.2.29.0 Unquoted Service Path
Posted by deepcore under exploit (No Respond)
Deep Instinct Windows Agent version 1.2.29.0 suffers from an unquoted service path vulnerability.
Sentrifugo HRMS 3.2 SQL Injection
Posted by deepcore under exploit (No Respond)
Sentrifugo HRMS version 3.2 suffers from a remote SQL injection vulnerability. This version of this software already had a remote SQL injection issue reported to Packet Storm in August of 2018. This is a variant.
IRISgraphic 1.0 SQL Injection
Posted by deepcore under exploit (No Respond)
IRISgraphic version 1.0 suffers from a remote SQL injection vulnerability.
Creative Contact Form 4.6.2 Directory Traversal
Posted by deepcore under exploit (No Respond)
Creative Contact Form version 4.6.2 before Dec 03 2019 suffers from a directory traversal vulnerability.
iOS / macOS AWDL Heap Corruption / Bounds Checking
Posted by deepcore under exploit (No Respond)
A remote iOS / macOS heap corruption issue exists due to insufficient bounds checking in AWDL.