2021 January

H2 Database 1.4.199 JNI Code Execution

Posted by deepcore under exploit (No Respond)

H2 Database version 1.4.199 JNI code execution exploit. This exploit utilizes the Java Native Interface to load a a Java class without needing to use the Java Compiler.

Sonatype Nexus 3.21.1 Remote Code Execution

Posted by deepcore under exploit (No Respond)

Sonatype Nexus version 3.21.1 suffers from an authenticated remote code execution vulnerability.

Rocket.Chat 3.7.1 Email Address Enumeration

Posted by deepcore under exploit (No Respond)

Rocket.Chat versions 3.7.1 and below suffers from an email address enumeration vulnerability.

[webapps] WordPress Plugin wpDiscuz 7.0.4 – Unauthenticated Arbitrary File Upload (Metasploit)

Posted by deepcore under Security (No Respond)

WordPress Plugin wpDiscuz 7.0.4 – Unauthenticated Arbitrary File Upload (Metasploit)

Tags: 0day, remote exploit

[webapps] WordPress Plugin Autoptimize 2.7.6 – Authenticated Arbitrary File Upload (Metasploit)

Posted by deepcore under Security (No Respond)

WordPress Plugin Autoptimize 2.7.6 – Authenticated Arbitrary File Upload (Metasploit)

Tags: 0day, remote exploit

[local] dnsrecon 0.10.0 – CSV Injection

Posted by deepcore under Security (No Respond)

dnsrecon 0.10.0 – CSV Injection

Tags: 0day, remote exploit

[webapps] Apache Flink 1.11.0 – Unauthenticated Arbitrary File Read (Metasploit)

Posted by deepcore under Security (No Respond)

Apache Flink 1.11.0 – Unauthenticated Arbitrary File Read (Metasploit)

Tags: 0day, remote exploit

[webapps] Cockpit Version 234 – Server-Side Request Forgery (Unauthenticated)

Posted by deepcore under Security (No Respond)

Cockpit Version 234 – Server-Side Request Forgery (Unauthenticated)

Tags: 0day, remote exploit

[webapps] Online Doctor Appointment System 1.0 – Multiple Stored XSS

Posted by deepcore under Security (No Respond)

Online Doctor Appointment System 1.0 – Multiple Stored XSS

Tags: 0day, remote exploit

[webapps] Life Insurance Management System 1.0 – Multiple Stored XSS

Posted by deepcore under Security (No Respond)

Life Insurance Management System 1.0 – Multiple Stored XSS

Tags: 0day, remote exploit

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

H2 Database 1.4.199 JNI Code Execution

Sonatype Nexus 3.21.1 Remote Code Execution

Rocket.Chat 3.7.1 Email Address Enumeration

[webapps] WordPress Plugin wpDiscuz 7.0.4 – Unauthenticated Arbitrary File Upload (Metasploit)

[webapps] WordPress Plugin Autoptimize 2.7.6 – Authenticated Arbitrary File Upload (Metasploit)

[local] dnsrecon 0.10.0 – CSV Injection

[webapps] Apache Flink 1.11.0 – Unauthenticated Arbitrary File Read (Metasploit)

[webapps] Cockpit Version 234 – Server-Side Request Forgery (Unauthenticated)

[webapps] Online Doctor Appointment System 1.0 – Multiple Stored XSS

[webapps] Life Insurance Management System 1.0 – Multiple Stored XSS

Tabs Switcher

BLOGROLL

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Tabs Switcher

BLOGROLL