[webapps] Concrete5 8.5.4 – 'name' Stored XSS
Posted by deepcore under Security (No Respond)
Archive for March, 2021
[remote] vsftpd 3.0.3 – Remote Denial of Service
Posted by deepcore under Security (No Respond)
[webapps] TP-Link Devices – 'setDefaultHostname' Stored Cross-site Scripting (Unauthenticated)
Posted by deepcore under Security (No Respond)
TP-Link Devices – ‘setDefaultHostname’ Stored Cross-site Scripting (Unauthenticated)
Tags: 0day, remote exploit[webapps] WordPress Plugin WP Super Cache 1.7.1 – Remote Code Execution (Authenticated)
Posted by deepcore under Security (No Respond)
WordPress Plugin WP Super Cache 1.7.1 – Remote Code Execution (Authenticated)
Tags: 0day, remote exploit[webapps] Novel Boutique House-plus 3.5.1 – Arbitrary File Download
Posted by deepcore under Security (No Respond)
Moodle Atto Editor Cross Site Scripting
Posted by deepcore under exploit (No Respond)
The Moodle Atto Editor, which does not have versions, suffers from a cross site scripting vulnerability.
Development Kamel KCFinder 1.7 Shell Upload
Posted by deepcore under exploit (No Respond)
Development Kamel KCFinder version 1.7 suffers from a remote shell upload vulnerability.
Backdoor.Win32.Kwak.12 Denial Of Service
Posted by deepcore under exploit (No Respond)
Backdoor.Win32.Kwak.12 malware suffers from a denial of service vulnerability.
Backdoor.Win32.Kwak.12 Authentication Bypass / Man-In-The-Middle
Posted by deepcore under exploit (No Respond)
Backdoor.Win32.Kwak.12 malware suffers from bypass and man-in-the-middle vulnerabilities.
GetSimple CMS Custom JS 0.1 Cross Site Request Forgery / Cross Site Scripting
Posted by deepcore under exploit (No Respond)
GetSimple CMS Custom JS plugin version 0.1 suffers from cross site request forgery and cross site scripting vulnerabilities.