MariaDB 10.2 Command Execution
Posted by deepcore under exploit (No Respond)
MariaDB version 10.2 suffers from a command execution vulnerability.
Archive for April, 2021
Trojan.Win32.Agent.zfgh Insecure Permissions
Posted by deepcore under exploit (No Respond)
Trojan.Win32.Agent.zfgh malware suffers from an insecure permissions vulnerability.
CITSmart ITSM 9.1.2.22 LDAP Injection
Posted by deepcore under exploit (No Respond)
CITSmart ITSM version 9.1.2.22 suffers from an LDAP injection vulnerability.
CITSmart ITSM 9.1.2.27 SQL Injection
Posted by deepcore under exploit (No Respond)
CITSmart ITSM version 9.1.2.27 suffers from a remote time-based blind SQL injection vulnerability.
HEUR.Hoax.Win32.FrauDrop.gen Insecure Permissions
Posted by deepcore under exploit (No Respond)
HEUR.Hoax.Win32.FrauDrop.gen malware suffers from an insecure permissions vulnerability.
Webmail Edition 5.2.22 XSS / Remote Code Execution
Posted by deepcore under exploit (No Respond)
Webmail Edition version 5.2.22 suffers from remote code execution and cross site scripting vulnerabilities via the Horde_Text_Filter library.
Microsoft Azure DevOps Server 2020.0.1 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Microsoft Azure DevOps Server version 2020.0.1 suffers from a cross site scripting vulnerability.
SMASH Rowhammer Proof Of Concept
Posted by deepcore under exploit (No Respond)
This is a script to trigger (Rowhammer) bit flips on TRR-enabled DDR4 SDRAM through Firefox. It will only work with THP enabled and after having set the target-specific parameters.
Tileserver-gl 3.0.0 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Tileserver-gl version 3.0.0 suffers from a cross site scripting vulnerability.
Horde Groupware Webmail 5.2.22 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Horde Groupware Webmail version 5.2.22 suffers from a persistent cross site scripting vulnerability.