[webapps] RICOH Aficio SP 5210SF Printer – 'entryNameIn' HTML Injection
Posted by deepcore under Security (No Respond)
Archive for March, 2020
[webapps] Alfresco 5.2.4 – Persistent Cross-Site Scripting
Posted by deepcore under Security (No Respond)
[webapps] RICOH Aficio SP 5200S Printer – 'entryNameIn' HTML Injection
Posted by deepcore under Security (No Respond)
[webapps] GUnet OpenEclass 1.7.3 E-learning platform – 'month' SQL Injection
Posted by deepcore under Security (No Respond)
Nimsoft nimcontroller 7.80 Remote Code Execution
Posted by deepcore under exploit (No Respond)
Nimsoft nimcontroller version 7.80 suffers from an unauthenticated remote code execution vulnerability.
qdPM Remote Code Execution
Posted by deepcore under exploit (No Respond)
qdPM versions prior to 9.1 suffer from a remote shell upload vulnerability that allows for remote code execution.
MITREid 1.3.3 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
MITREid versions 1.3.3 and below suffer from a cross site scripting vulnerability.
Microsoft Windows Kernel Privilege Escalation
Posted by deepcore under exploit (No Respond)
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Tracing functionality used by the Routing and Remote Access service. The issue results from […]
Packet Storm New Exploits For February, 2020
Posted by deepcore under exploit (No Respond)
This archive contains all of the 175 exploits added to Packet Storm in February, 2020.
[webapps] WordPress Plugin Tutor LMS 1.5.3 – Cross-Site Request Forgery (Add User)
Posted by deepcore under Security (No Respond)