[local] Apport 2.20 – Local Privilege Escalation
Posted by deepcore under Security (No Respond)
Archive for February, 2021
[webapps] Gitea 1.12.5 – Remote Code Execution (Authenticated)
Posted by deepcore under Security (No Respond)
http://phibuncity.go.th/27.html
Posted by deepcore under defacement (No Respond)
http://phibuncity.go.th/27.html notified by roet404
Tags: defacementOnline Internship Management System 1.0 SQL Injection
Posted by deepcore under exploit (No Respond)
Online Internship Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Backdoor.Win32.Cabrotor.21 Insecure Permissions
Posted by deepcore under exploit (No Respond)
Backdoor.Win32.Cabrotor.21 malware suffers from an insecure permissions vulnerability.
Trojan-Spy.Win32.WinSpy.wlt Insecure Permissions
Posted by deepcore under exploit (No Respond)
Trojan-Spy.Win32.WinSpy.wlt malware suffers from an insecure permissions vulnerability.
AgataSoft PingMaster Pro 2.1 Denial Of Service
Posted by deepcore under exploit (No Respond)
AgataSoft PingMaster Pro version 2.1 denial of service proof of concept exploit.
Backdoor.Win32.Azbreg.aant Insecure Permissions
Posted by deepcore under exploit (No Respond)
Backdoor.Win32.Azbreg.aant malware suffers from an insecure permissions vulnerability.
Backdoor.Win32.Bifrose.ahvb Insecure Permissions
Posted by deepcore under exploit (No Respond)
Backdoor.Win32.Bifrose.ahvb malware suffers from an insecure permissions vulnerability.
CASAP Automated Enrollment System 1.0 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
CASAP Automated Enrollment System version 1.0 First Name persistent cross site scripting exploit. Original discovery of persistent cross site scripting in this version is attributed to Richard Jones.