60CycleCMS 2.5.2 SQL Injection
Posted by deepcore under exploit (No Respond)
60CycleCMS version 2.5.2 suffers from a remote SQL injection vulnerability.
Archive for March, 2020
Citrix Gateway 11.1 / 12.0 / 12.1 Information Disclosure
Posted by deepcore under exploit (No Respond)
Citrix Gateway versions 11.1, 12.0, and 12.1 suffer from an information disclosure vulnerability.
Citrix Gateway 11.1 / 12.0 / 12.1 Cache Poisoning
Posted by deepcore under exploit (No Respond)
Citrix Gateway versions 11.1, 12.0, and 12.1 suffer from a cache poisoning vulnerability.
Citrix Gateway 11.1 / 12.0 / 12.1 Cache Bypass
Posted by deepcore under exploit (No Respond)
Citrix Gateway versions 11.1, 12.0, and 12.1 suffer from a caching bypass vulnerability.
pppd 2.4.8 Buffer Overflow
Posted by deepcore under exploit (No Respond)
Proof of concept crash exploit for pppd versions 2.4.2 through 2.4.8. It leverages a rhostname buffer overflow in the eap_request and eap_response functions in eap.c.
Richsploit RichFaces Exploitation Toolkit
Posted by deepcore under exploit (No Respond)
This tool can be used to exploit vulnerable versions of RichFaces. It has payloads for 4 vulnerabilities that have been identified, which can lead to remote code execution via java deserialization and EL injection.
[webapps] Persian VIP Download Script 1.0 – 'active' SQL Injection
Posted by deepcore under Security (No Respond)
[webapps] YzmCMS 5.5 – 'url' Persistent Cross-Site Scripting
Posted by deepcore under Security (No Respond)
[webapps] Sysaid 20.1.11 b26 – Remote Command Execution
Posted by deepcore under Security (No Respond)
[remote] PHP-FPM – Underflow Remote Code Execution (Metasploit)
Posted by deepcore under Security (No Respond)