Piwigo 2.10.1 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Piwigo version 2.10.1 suffers from a cross site scripting vulnerability.
Archive for September, 2020
Acronis Cyber Backup 12.5 Build 16341 Server-Side Request Forgery
Posted by deepcore under exploit (No Respond)
Acronis Cyber Backup version 12.5 Build 16341 suffers from a server-side request forgery vulnerability.
1CRM 8.6.7 Insecure Direct Object Reference
Posted by deepcore under exploit (No Respond)
1CRM versions 8.6.7 and below suffer from an insecure direct object reference vulnerability.
Mida Solutions eFramework ajaxreq.php Command Injection
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits a command injection vulnerability in Mida Solutions eFramework version 2.9.0 and prior. The ajaxreq.php file allows unauthenticated users to inject arbitrary commands in the PARAM parameter to be executed as the apache user. The sudo configuration permits the apache user to execute any command as root without providing a password, resulting […]
[remote] Microsoft SQL Server Reporting Services 2016 – Remote Code Execution
Posted by deepcore under Security (No Respond)
http://chaleang.go.th/cl.html
Posted by deepcore under defacement (No Respond)
http://chaleang.go.th/cl.html notified by Clash Hackers
Tags: defacementTailor MS 1.0 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Tailor MS version 1.0 suffers from a cross site scripting vulnerability.
ThinkAdmin 6 Arbitrary File Read
Posted by deepcore under exploit (No Respond)
ThinkAdmin version 6 suffers from an arbitrary file read vulnerability.
[webapps] Piwigo 2.10.1 – Cross Site Scripting
Posted by deepcore under Security (No Respond)
[local] Windows TCPIP Finger Command – C2 Channel and Bypassing Security Software
Posted by deepcore under Security (No Respond)
Windows TCPIP Finger Command – C2 Channel and Bypassing Security Software
Tags: 0day, remote exploit