[local] Windscribe 1.83 – 'WindscribeService' Unquoted Service Path
Posted by deepcore under Security (No Respond)
Archive for June, 2020
http://huorua.go.th/d_finance/new_finance/hacked.pdf
Posted by deepcore under defacement (No Respond)
http://huorua.go.th/d_finance/new_finance/hacked.pdf notified by Crystal_MSF
Tags: defacement[remote] mySCADA myPRO 7 – Hardcoded Credentials
Posted by deepcore under Security (No Respond)
[webapps] FHEM 6.0 – Local File Inclusion
Posted by deepcore under Security (No Respond)
LanSpy 2.0.1.159 Stack Buffer Overflow
Posted by deepcore under exploit (No Respond)
LanSpy version 2.0.1.159 stack buffer overflow exploit that adds a user.
Code Blocks 20.03 Denial Of Service
Posted by deepcore under exploit (No Respond)
Code Blocks version 20.03 denial of service proof of concept exploit.
Lansweeper 7.2 Default Account / Remote Code Execution
Posted by deepcore under exploit (No Respond)
Lansweeper version 7.2 has a default admin account enabled which allows for remote code execution.
GilaCMS 1.11.5 Cross Site Request Forgery / Cross Site Scripting
Posted by deepcore under exploit (No Respond)
GilaCMS version 1.11.5 suffers from cross site request forgery and cross site scripting vulnerabilities.
Qmail Local Privilege Escalation / Remote Code Execution
Posted by deepcore under exploit (No Respond)
Qualys has released their local privilege escalation and remote code execution exploit for qmail that leverages the vulnerability as described in CVE-2005-1513.
Online Student Enrollment System 1.0 Cross Site Request Forgery
Posted by deepcore under exploit (No Respond)
Online Student Enrollment System version 1.0 suffers from a cross site request forgery vulnerability.