[webapps] School ERP Pro 1.0 – Arbitrary File Read
Posted by deepcore under Security (No Respond)
Archive for April, 2020
[webapps] Open-AudIT Professional 3.3.1 – Remote Code Execution
Posted by deepcore under Security (No Respond)
[local] Andrea ST Filters Service 1.0.64.7 – 'Andrea ST Filters Service ' Unquoted Service Path
Posted by deepcore under Security (No Respond)
Andrea ST Filters Service 1.0.64.7 – ‘Andrea ST Filters Service ‘ Unquoted Service Path
Tags: 0day, remote exploitjQuery html() Cross Site Scripting
Posted by deepcore under exploit (No Respond)
jQuery versions prior to 3.5 suffer from an html() cross site scripting vulnerability.
Open-AudIT 3.3.0 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Open-AudIT version 3.3.0 suffers from a cross site scripting vulnerability.
Netis E1+ 1.2.32533 Hardcoded Backdoor Account
Posted by deepcore under exploit (No Respond)
Netis E1+ version 1.2.32533 suffers from having a hardcoded backdoor root account.
PHP-Fusion 9.03.50 Arbitrary File Upload
Posted by deepcore under exploit (No Respond)
PHP-Fusion version 9.03.50 suffers from an arbitrary file upload vulnerability.
Netis E1+ 1.2.32533 Password Leak
Posted by deepcore under exploit (No Respond)
Netis E1+ version 1.2.32533 suffers from an unauthenticated wifi password disclosure vulnerability.
Geeklog 2.2.1 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Geeklog version 2.2.1 suffers from a cross site scripting vulnerability.
Online Shopping System Advanced 1.0 SQL Injection
Posted by deepcore under exploit (No Respond)
Online Shopping System Advanced version 1.0 suffers from a remote SQL injection vulnerability.