[remote] Exchange Control Panel – Viewstate Deserialization (Metasploit)
Posted by deepcore under Security (No Respond)
Archive for March, 2020
RICOH Aficio SP 5200S Printer HTML Injection
Posted by deepcore under exploit (No Respond)
The RICOH Aficio SP 5200S printer suffers from a html injection vulnerability.
Alfresco 5.2.4 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Alfresco version 5.2.4 suffers from multiple persistent cross site scripting vulnerabilities.
RICOH Aficio SP 5210SF Printer HTML Injection
Posted by deepcore under exploit (No Respond)
The RICOH Aficio SP 5210SF printer suffers from a html injection vulnerability.
GUnet OpenEclass 1.7.3 SQL Injection
Posted by deepcore under exploit (No Respond)
GUnet OpenEclass version 1.7.3 suffers from a remote SQL injection vulnerability.
EyesOfNetwork AutoDiscovery Target Command Execution
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits multiple vulnerabilities in EyesOfNetwork version 5.3 and prior in order to execute arbitrary commands as root. This module takes advantage of a command injection vulnerability in the target parameter of the AutoDiscovery functionality within the EON web interface in order to write an Nmap NSE script containing the payload to disk. […]
[webapps] UniSharp Laravel File Manager 2.0.0 – Arbitrary File Read
Posted by deepcore under Security (No Respond)
Joplin Desktop 1.0.184 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Joplin Desktop version 1.0.184 suffers from a cross site scripting vulnerability.
Wing FTP Server 6.2.5 Privilege Escalation
Posted by deepcore under exploit (No Respond)
Wing FTP Server version 6.2.5 suffers from a privilege escalation vulnerability.
TP-Link TL-WR849N Remote Code Execution
Posted by deepcore under exploit (No Respond)
TP-Link TL-WR849N suffers from a remote code execution vulnerability.