[webapps] Hrsale 2.0.0 – Local File Inclusion
Posted by deepcore under Security (No Respond)
Archive for October, 2020
[webapps] Stock Management System 1.0 – 'Product Name' Persistent Cross-Site Scripting
Posted by deepcore under Security (No Respond)
Stock Management System 1.0 – ‘Product Name’ Persistent Cross-Site Scripting
Tags: 0day, remote exploit[webapps] GOautodial 4.0 – Authenticated Shell Upload
Posted by deepcore under Security (No Respond)
[webapps] School Faculty Scheduling System 1.0 – Authentication Bypass POC
Posted by deepcore under Security (No Respond)
[webapps] School Faculty Scheduling System 1.0 – Stored Cross Site Scripting POC
Posted by deepcore under Security (No Respond)
Tourism Management System 1.0 Shell Upload
Posted by deepcore under exploit (No Respond)
Tourism Management System version 1.0 suffers from a remote shell upload vulnerability.
Nagios XI 5.7.3 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Nagios XI version 5.7.3 suffers from a persistent cross site scripting vulnerability.
Nagios XI 5.7.3 SQL Injection
Posted by deepcore under exploit (No Respond)
Nagios XI version 5.7.3 suffers from multiple remote SQL injection vulnerabilities.
QRadar RemoteJavaScript Deserialization
Posted by deepcore under exploit (No Respond)
A Java deserialization vulnerability exists in the QRadar RemoteJavaScript Servlet. An authenticated user can call one of the vulnerable methods and cause the Servlet to deserialize arbitrary objects. An attacker can exploit this vulnerability by creating a specially crafted (serialized) object, which amongst other things can result in a denial of service, change of system […]
Online Student's Management System 1.0 Shell Upload
Posted by deepcore under exploit (No Respond)
Online Student’s Management System version 1.0 suffers from a remote shell upload vulnerability.
