[webapps] OpenEMR 5.0.0 – Remote Code Execution (Authenticated)
Posted by deepcore under Security (No Respond)
Archive for June, 2021
[webapps] Microsoft SharePoint Server 16.0.10372.20060 – 'GetXmlDataFromDataSource' Server-Side Request Forgery (SSRF)
Posted by deepcore under Security (No Respond)
Microsoft SharePoint Server 16.0.10372.20060 – ‘GetXmlDataFromDataSource’ Server-Side Request Forgery (SSRF)
Tags: 0day, remote exploit[webapps] Cerberus FTP Web Service 11 – 'svg' Stored Cross-Site Scripting (XSS)
Posted by deepcore under Security (No Respond)
[webapps] Accela Civic Platform 21.1 – 'servProvCode' Cross-Site-Scripting (XSS)
Posted by deepcore under Security (No Respond)
n+otes 1.6.2 Denial Of Service
Posted by deepcore under exploit (No Respond)
n+otes version 1.6.2 suffers from a denial of service vulnerability.
Sticky Notes Widget 3.0.6 Denial Of Service
Posted by deepcore under exploit (No Respond)
Sticky Notes Widget version 3.0.6 suffers from a denial of service vulnerability.
EasyFTP Server 1.7.0.11 Denial Of Service
Posted by deepcore under exploit (No Respond)
EasyFTP Server version 1.7.0.11 XRMD denial of service proof of concept exploit.
memono Notepad 4.2 Denial Of Service
Posted by deepcore under exploit (No Respond)
memono Notepad 4.2 denial of service proof of concept exploit.
TextPattern CMS 4.8.7 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
TextPattern CMS version 4.8.7 suffers from a persistent cross site scripting vulnerability.
Student Result Management System 1.0 SQL Injection
Posted by deepcore under exploit (No Respond)
Student Result Management System version 1.0 remote SQL injection exploit. This is a variant of the original discovery of SQL injection in this version by Ritesh Gohil.