Taskcafe 0.1.0 / 0.1.1 Cross Origin Resource Sharing
Posted by deepcore under exploit (No Respond)
Taskcafe version 0.1.0 and 0.1.1 suffer from a cross-origin resource sharing vulnerability.
Archive for November, 2020
Water Billing System 1.0 SQL Injection
Posted by deepcore under exploit (No Respond)
Water Billing System version 1.0 suffers from a remote SQL injection vulnerability. This version was already found to be susceptible to SQL injection by Sarang Tumne in November of 2020.
Super Store Finder 3.3 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Super Store Finder versions 3.3 and below suffer from a cross site scripting vulnerability.
Car Rental Management System 1.0 SQL Injection
Posted by deepcore under exploit (No Respond)
Car Rental Management System version 1.0 suffers from a remote SQL injection vulnerability. This version was already found to be susceptible to SQL injection by Fortunato Lodari in November of 2020.
PMB 5.6 Local File Disclosure / Directory Traversal
Posted by deepcore under exploit (No Respond)
PMB version 5.6 suffers from a local file disclosure vulnerability.
RED-V Super Digital Signage System RXV-A740R Log Information Disclosure
Posted by deepcore under exploit (No Respond)
RED-V Super Digital Signage System RXV-A740R is vulnerable to a sensitive information disclosure vulnerability. An unauthenticated attacker can visit several endpoints and disclose the webserver’s log file list containing sensitive system resources and debug log information running on the device.
Car Rental Management System 1.0 Shell Upload
Posted by deepcore under exploit (No Respond)
Car Rental Management System version 1.0 suffers from a remote shell upload vulnerability.
Cisco 7937G Denial Of Service / Privilege Escalation
Posted by deepcore under exploit (No Respond)
Cisco 7937G suffers from denial of service and privilege escalation vulnerabilities.
MailDepot 2033 2.3.3022 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
MailDepot version 2033 (2.3.3022) suffers from a cross site scripting vulnerability.
SIGE 3.4.1 / 3.5.3 Pro Cross Site Scripting / Remote File Inclusion
Posted by deepcore under exploit (No Respond)
SIGE versions 3.4.1 and 3.5.3 Pro suffer from cross site scripting and remote file inclusion vulnerabilities.
