DiskBoss Service 12.2.18 Unquoted Service Path
Posted by deepcore under exploit (No Respond)
DiskBoss Service version 12.2.18 suffers from an unquoted service path vulnerability.
Archive for May, 2021
ePowerSvc 6.0.3008.0 Unquoted Service Path
Posted by deepcore under exploit (No Respond)
ePowerSvc version 6.0.3008.0 suffers from an unquoted service path vulnerability.
D-Link DWR-710 Missing Validation
Posted by deepcore under exploit (No Respond)
D-Link DWR-710 is missing server-side controls to ensure that null passwords are not set.
WordPress ReDi Restaurant Reservation 21.0307 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WordPress ReDi Restaurant Reservation plugin version 21.0307 suffers from a persistent cross site scripting vulnerability.
Backdoor.Win32.Spirit.12.b Insecure Permissions
Posted by deepcore under exploit (No Respond)
Backdoor.Win32.Spirit.12.b malware suffers from an insecure permissions vulnerability.
Backdoor.Win32.Upload.a Denial Of Service
Posted by deepcore under exploit (No Respond)
Backdoor.Win32.Upload.a malware suffers from a denial of service vulnerability.
iDailyDiary 4.30 Denial Of Service
Posted by deepcore under exploit (No Respond)
iDailyDiary version 4.30 suffers from a denial of service vulnerability.
Shopizer 2.16.0 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Shopizer versions 2.16.0 and below suffer from multiple cross site scripting vulnerabilities.
PHP 8.1.0-dev Backdoor Remote Command Injection
Posted by deepcore under exploit (No Respond)
PHP version 8.1.0-dev backdoor unauthenticated remote command injection exploit.
Schlix CMS 2.2.6-6 Shell Upload / Directory Traversal
Posted by deepcore under exploit (No Respond)
Schlix CMS version 2.2.6-6 suffers from an arbitrary file upload and a directory traversal that together can lead to remote command execution.