2021 May

ProFTPd version 1.3.5 remote command execution exploit. This is a variant of the original vulnerability discovered in 2015 with credit going to R-73eN.

Nagios XI / Fusion Privilege Escalation / Cross Site Scripting / Code Execution

Posted by deepcore under exploit (No Respond)

Skylight Cyber has identified a total of 13 vulnerabilities in Nagios XI and Nagios Fusion servers. These include remote code execution, cross site scripting, privilege escalation, and more.

Pluck CMS 4.7.13 Remote Shell Upload

Posted by deepcore under exploit (No Respond)

Pluck CMS version 4.7.13 suffers from a remote shell upload vulnerability.

i-doit 1.15.2 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

i-doit version 1.15.2 suffers from a cross site scripting vulnerability.

nginx 1.20.0 DNS Resolver Off-By-One Heap Write

Posted by deepcore under exploit (No Respond)

An off-by-one error in ngx_resolver_copy() while processing DNS responses allows a network attacker to write a dot character (‘.’, 0x2E) out of bounds in a heap allocated buffer. The vulnerability can be triggered by a DNS response in reply to a DNS request from nginx when the resolver primitive is configured. A specially crafted packet […]

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

[webapps] WordPress Plugin LifterLMS 4.21.0 – Stored Cross-Site Scripting (XSS)

https://www.doa.go.th/th/luv.htm

CommScope Ruckus IoT Controller 1.7.1.0 Undocumented Account

RarmaRadio 2.72.8 Denial Of Service

Codiad 2.8.4 Shell Upload

ProFTPd 1.3.5 Remote Command Execution

Nagios XI / Fusion Privilege Escalation / Cross Site Scripting / Code Execution

Pluck CMS 4.7.13 Remote Shell Upload

i-doit 1.15.2 Cross Site Scripting

nginx 1.20.0 DNS Resolver Off-By-One Heap Write

Tabs Switcher

Categories

Archives

Meta

BLOGROLL