Subscribe via feed.
Archive for January, 2021

http://paknamprasae.rayongpolice.go.th/bc7.html

Posted by deepcore under defacement (No Respond)

http://paknamprasae.rayongpolice.go.th/bc7.html notified by BCA-X666X

Tags:

[webapps] Quick.CMS 6.7 – Remote Code Execution (Authenticated)

Posted by deepcore under Security (No Respond)

Quick.CMS 6.7 – Remote Code Execution (Authenticated)

Tags: ,

[webapps] Online Grading System 1.0 – 'uname' SQL Injection

Posted by deepcore under Security (No Respond)

Online Grading System 1.0 – ‘uname’ SQL Injection

Tags: ,

[webapps] BloofoxCMS 0.5.2.1 – 'text' Stored Cross Site Scripting

Posted by deepcore under Security (No Respond)

BloofoxCMS 0.5.2.1 – ‘text’ Stored Cross Site Scripting

Tags: ,

Openlitespeed Web Server 1.7.8 Command Injection

Posted by deepcore under exploit (No Respond)

Openlitespeed Web Server version 1.7.8 suffers from an authenticated command injection vulnerability.

Backdoor.Win32.DarkKomet.apbb Insecure Permissions

Posted by deepcore under exploit (No Respond)

Backdoor.Win32.DarkKomet.apbb malware suffers from an insecure permissions vulnerability.

Backdoor.Win32.Wollf.14 Missing Authentication

Posted by deepcore under exploit (No Respond)

Backdoor.Win32.Wollf.14 malware has a backdoor on TCP/7614 that does not require any authentication.

Constructor.Win32.SpyNet.a Remote Password Leak

Posted by deepcore under exploit (No Respond)

Constructor.Win32.SpyNet.a malware suffers from a remote password leak vulnerability.

Revive Adserver 5.1.0 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Revive Adserver versions 5.1.0 and below suffer from multiple reflective cross site scripting vulnerabilities.

STVS ProVision 5.9.10 File Disclosure

Posted by deepcore under exploit (No Respond)

STVS ProVision version 5.9.10 suffers from an authenticated file disclosure vulnerability in archive.rb.