2020 August

XenForo 2.1.10 Patch 2 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

XenForo version 2.1.0 Patch 2 suffers from a cross site scripting vulnerability.

WordPress Fancybox Lightbox 1.0.1 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

WordPress Fancybox Lightbox plugin version 1.0.1 suffers from a persistent cross site scripting vulnerability.

Samsung Android Skia Qmage Image Codec Heap Buffer Overflow

Posted by deepcore under exploit (No Respond)

Samsung Android suffers from a heap buffer overflow vulnerability and other issues in the Skia Qmage image codec.

Apache OFBiz XML-RPC Java Deserialization

Posted by deepcore under exploit (No Respond)

This Metasploit module exploits a Java deserialization vulnerability in Apache OFBiz’s unauthenticated XML-RPC endpoint /webtools/control/xmlrpc for versions prior to 17.12.04.

Geutebruck testaction.cgi Remote Command Execution

Posted by deepcore under exploit (No Respond)

This Metasploit module exploits an authenticated arbitrary command execution vulnerability within the ‘server’ GET parameter of the /uapi-cgi/testaction.cgi page of Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions <= 1.12.0.25 as well as firmware versions 1.12.13.2 and 1.12.14.5 when the 'type' GET parameter is set to 'ntp'. Successful exploitation […]

[webapps] Savsoft Quiz 5 – Stored Cross-Site Scripting

Posted by deepcore under Security (No Respond)

Savsoft Quiz 5 – Stored Cross-Site Scripting

Tags: 0day, remote exploit

[webapps] Pharmacy Medical Store and Sale Point 1.0 – 'catid' SQL Injection

Posted by deepcore under Security (No Respond)

Pharmacy Medical Store and Sale Point 1.0 – ‘catid’ SQL Injection

Tags: 0day, remote exploit

https://nsw2.go.th

Posted by deepcore under defacement (No Respond)

https://nsw2.go.th notified by SW1337

Tags: defacement

[webapps] QiHang Media Web Digital Signage 3.0.9 – Remote Code Execution (Unauthenticated)

Posted by deepcore under Security (No Respond)

QiHang Media Web Digital Signage 3.0.9 – Remote Code Execution (Unauthenticated)

Tags: 0day, remote exploit

[webapps] QiHang Media Web Digital Signage 3.0.9 – Unauthenticated Arbitrary File Deletion

Posted by deepcore under Security (No Respond)

QiHang Media Web Digital Signage 3.0.9 – Unauthenticated Arbitrary File Deletion

Tags: 0day, remote exploit

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

XenForo 2.1.10 Patch 2 Cross Site Scripting

WordPress Fancybox Lightbox 1.0.1 Cross Site Scripting

Samsung Android Skia Qmage Image Codec Heap Buffer Overflow

Apache OFBiz XML-RPC Java Deserialization

Geutebruck testaction.cgi Remote Command Execution

[webapps] Savsoft Quiz 5 – Stored Cross-Site Scripting

[webapps] Pharmacy Medical Store and Sale Point 1.0 – 'catid' SQL Injection

https://nsw2.go.th

[webapps] QiHang Media Web Digital Signage 3.0.9 – Remote Code Execution (Unauthenticated)

[webapps] QiHang Media Web Digital Signage 3.0.9 – Unauthenticated Arbitrary File Deletion

Tabs Switcher

Categories

Archives

Meta

BLOGROLL