Subscribe via feed.
Archive for September, 2020

VTENEXT 19 CE Remote Code Execution

Posted by deepcore under exploit (No Respond)

VTENEXT 19 CE suffers from a remote code execution vulnerability.

DnsAdmin ServerLevelPluginDll Feature Abuse Privilege Escalation

Posted by deepcore under exploit (No Respond)

This Metasploit module exploits a feature in the DNS service of Windows Server. Users of the DnsAdmins group can set the ServerLevelPluginDll value using dnscmd.exe to create a registry key at HKLMSYSTEMCurrentControlSetServicesDNSParameters named ServerLevelPluginDll that can be made to point to an arbitrary DLL.

Input Director 1.4.3 Unquoted Service Path

Posted by deepcore under exploit (No Respond)

Input Director version 1.4.3 suffers from an unquoted service path vulnerability.

ShareMouse 5.0.43 Unquoted Service Path

Posted by deepcore under exploit (No Respond)

ShareMouse version 5.0.43 suffers from an unquoted service path vulnerability.

Scopia XT Desktop 8.3.915.4 Cross Site Request Forgery

Posted by deepcore under exploit (No Respond)

Scopia XT Desktop version 8.3.915.4 suffers from a cross site request forgery vulnerability.

Audio Playback Recorder 3.2.2 Local Buffer Overflow

Posted by deepcore under exploit (No Respond)

Audio Playback Recorder version 3.2.2 SEH local buffer overflow exploit.

IlchCMS 2.1.37 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

IlchCMS version 2.1.37 suffers from multiple cross site scripting vulnerabilities.

[local] Internet Explorer 11 – Use-After-Free

Posted by deepcore under Security (No Respond)

Internet Explorer 11 – Use-After-Free

Tags: ,

[webapps] Tea LaTex 1.0 – Remote Code Execution (Unauthenticated)

Posted by deepcore under Security (No Respond)

Tea LaTex 1.0 – Remote Code Execution (Unauthenticated)

Tags: ,

[webapps] VTENEXT 19 CE – Remote Code Execution

Posted by deepcore under Security (No Respond)

VTENEXT 19 CE – Remote Code Execution

Tags: ,