OpenCart 3.0.3.6 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
OpenCart version 3.0.3.6 suffers from multiple persistent cross site scripting vulnerabilities.
Archive for November, 2020
Seowon 130-SLC 1.0.11 Remote Code Execution
Posted by deepcore under exploit (No Respond)
Seowon 130-SLC router version 1.0.11 suffers from a remote code execution vulnerability.
ZeroShell 3.9.0 Remote Command Execution
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits an unauthenticated command injection vulnerability found in ZeroShell version 3.9.0 in the “/cgi-bin/kerbynet” url. As sudo is configured to execute /bin/tar without a password (NOPASSWD) it is possible to run root commands using the “checkpoint” tar options.
ZTE MF253V 1.0.0B04 XSS / CSRF / Hardcoded Password
Posted by deepcore under exploit (No Respond)
ZTE WLAN router MF253V version 1.0.0B04 suffers from cross site request forgery, hardcoded password, outdated component, and cross site scripting vulnerabilities.
http://reg-users.dft.go.th/kro.txt
Posted by deepcore under defacement (No Respond)
http://reg-users.dft.go.th/kro.txt notified by Mr.Kro0oz.305
Tags: defacement[webapps] SyncBreeze 10.0.28 – 'password' Remote Buffer Overflow
Posted by deepcore under Security (No Respond)
[webapps] osCommerce 2.3.4.1 – 'title' Persistent Cross-Site Scripting
Posted by deepcore under Security (No Respond)
[webapps] WonderCMS 3.1.3 – 'page' Persistent Cross-Site Scripting
Posted by deepcore under Security (No Respond)
[local] Wondershare Driver Install Service help 10.7.1.321 – 'ElevationService' Unquote Service Path
Posted by deepcore under Security (No Respond)
Wondershare Driver Install Service help 10.7.1.321 – ‘ElevationService’ Unquote Service Path
Tags: 0day, remote exploitBoxoft Audio Converter 2.3.0 Buffer Overflow
Posted by deepcore under exploit (No Respond)
Boxoft Audio Converter version 2.3.0 suffers from a buffer overflow vulnerability.