ES File Explorer 4.1.9.7.4 Arbitrary File Read
Posted by deepcore under exploit (No Respond)
ES File Explorer version 4.1.9.7.4 arbitrary file read exploit.
Archive for June, 2021
[webapps] Doctors Patients Management System 1.0 – SQL Injection (Authentication Bypass)
Posted by deepcore under Security (No Respond)
Doctors Patients Management System 1.0 – SQL Injection (Authentication Bypass)
Tags: 0day, remote exploit[webapps] Apache Superset 1.1.0 – Time-Based Account Enumeration
Posted by deepcore under Security (No Respond)
[webapps] Simple Traffic Offense System 1.0 – Stored Cross Site Scripting (XSS)
Posted by deepcore under Security (No Respond)
[webapps] phpAbook 0.9i – SQL Injection
Posted by deepcore under Security (No Respond)
Atlassian Jira Server/Data Center 8.16.0 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Atlassian Jira Server / Data Center version 8.16.0 suffer from a cross site scripting vulnerability.
Email-Worm.Win32.Trance.a Insecure Permissions
Posted by deepcore under exploit (No Respond)
Email-Worm.Win32.Trance.a malware suffers from an insecure permissions vulnerability.
Android Data Exfiltration
Posted by deepcore under exploit (No Respond)
This is a tool that was developed to run as alternative “/init”. The program will make an Android phone show up as mass storage device during boot. The complete internal storage is available for reading including the partition table and all 42 partitions of the Android system.
SAS Environment Manager 2.5 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
SAS Environment Manager version 2.5 suffers from a persistent cross site scripting vulnerability.
Personnel Record Management System 1.0 SQL Injection
Posted by deepcore under exploit (No Respond)
Personnel Record Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.