Subscribe via feed.
Archive for October, 2020

Kentico CMS 9.0-12.0.49 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Kentico CMS version 9.0-12.0.49 suffers from a persistent cross site scripting vulnerability.

openMAINT 1.1-2.4.2 Arbitrary File Upload

Posted by deepcore under exploit (No Respond)

openMAINT version 1.1-2.4.2 suffers from an arbitrary file upload vulnerability.

DynPG 4.9.1 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

DynPG version 4.9.1 suffers from a persistent cross site scripting vulnerability.

Sage DPW 2020_06_000 / 2020_06_001 XSS / File Upload

Posted by deepcore under exploit (No Respond)

Sage DPW versions 2020_06_000 and 2020_06_001 suffer from cross site scripting and unauthenticated malicious file upload vulnerabilities.

JioChat For Android Audio Sniffing

Posted by deepcore under exploit (No Respond)

JioChat for Android has an issue where a caller can cause the callee device to send audio without user interaction.

[local] Battle.Net 1.27.1.12428 – Insecure File Permissions

Posted by deepcore under Security (No Respond)

Battle.Net 1.27.1.12428 – Insecure File Permissions

Tags: ,

[webapps] berliCRM 1.0.24 – 'src_record' SQL Injection

Posted by deepcore under Security (No Respond)

berliCRM 1.0.24 – ‘src_record’ SQL Injection

Tags: ,

[webapps] Cisco ASA and FTD 9.6.4.42 – Path Traversal

Posted by deepcore under Security (No Respond)

Cisco ASA and FTD 9.6.4.42 – Path Traversal

Tags: ,

[webapps] Liman 0.7 – Cross-Site Request Forgery (Change Password)

Posted by deepcore under Security (No Respond)

Liman 0.7 – Cross-Site Request Forgery (Change Password)

Tags: ,

[webapps] MedDream PACS Server 6.8.3.751 – Remote Code Execution (Unauthenticated)

Posted by deepcore under Security (No Respond)

MedDream PACS Server 6.8.3.751 – Remote Code Execution (Unauthenticated)

Tags: ,