CSZ CMS 1.2.7 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
CSZ CMS version 1.2.7 suffers from a persistent cross site scripting vulnerability.
Archive for April, 2020
CSZ CMS 1.2.7 HTML Injection
Posted by deepcore under exploit (No Respond)
CSZ CMS version 1.2.7 suffers from an html injection vulnerability.
IQrouter 3.3.1 Remote Code Execution
Posted by deepcore under exploit (No Respond)
IQrouter firmware version 3.3.1 suffers from a remote code execution vulnerability.
NSClient++ 0.5.2.35 Authenticated Remote Code Execution
Posted by deepcore under exploit (No Respond)
NSClient++ version 0.5.2.35 suffers from an authenticated remote code execution vulnerability.
Spiderman2 2.1.1 Buffer Overflow
Posted by deepcore under exploit (No Respond)
Spiderman2 version 2.1.1 suffers from a buffer overflow vulnerability.
jizhi CMS 1.6.7 Arbitrary File Download
Posted by deepcore under exploit (No Respond)
jizhi CMS version 1.6.7 suffers from an arbitrary file download vulnerability.
Sysaid 20.1.11 b26 Remote Command Execution
Posted by deepcore under exploit (No Respond)
Sysaid version 20.1.11 b26 suffers from an AJP13 remote command execution vulnerability.
PMB 5.6 SQL Injection
Posted by deepcore under exploit (No Respond)
PMB version 5.6 suffers from a remote SQL injection vulnerability.
P5 FNIP-8x16A/FNIP-4xSH CSRF / Cross Site Scripting
Posted by deepcore under exploit (No Respond)
P5 FNIP-8x16A / FNIP-4xSH versions 1.0.20 and 1.0.11 suffer from cross site request forgery and cross site scripting vulnerabilities.
Neowise CarbonFTP 1.4 Insecure Proprietary Password Encryption
Posted by deepcore under exploit (No Respond)
Neowise CarbonFTP version 1.4 suffers from an insecure proprietary password encryption implementation. Second version of this exploit that is updated to work with Python 3.