Atlassian Jira 8.15.0 Username Enumeration
Posted by deepcore under exploit (No Respond)
Atlassian Jira version 8.15.0 suffers from a username enumeration vulnerability.
Archive for June, 2021
Backdoor.Win32.NetSpy.10 Heap Corruption
Posted by deepcore under exploit (No Respond)
Backdoor.Win32.NetSpy.10 malware suffers from a heap corruption vulnerability.
Ubee EVW327 Cross Site Request Forgery
Posted by deepcore under exploit (No Respond)
Ubee EVW327 suffers from a cross site request forgery vulnerability.
ProjeQtOr Project Management 9.1.4 Shell Upload
Posted by deepcore under exploit (No Respond)
ProjeQtOr Project Management version 9.1.4 suffers from a remote shell upload vulnerability.
Korenix CSRF / Backdoor Accounts / Command Injection / Missing Authentication
Posted by deepcore under exploit (No Respond)
Multiple Korenix products are affected by unauthenticated device administration, backdoor accounts, cross site request forgery, unauthenticated tftp actions, and command injection vulnerabilities. Products affected include JetNet 5428G-20SFP, JetNet 5810G, JetNet 4706F, JetNet 4706, JetNet 4706, JetNet 4510, JetNet 5010, JetNet 5310, and JetNet 6095.
http://www.chiangmaiarea1.go.th/pwn.txt
Posted by deepcore under defacement (No Respond)
http://www.chiangmaiarea1.go.th/pwn.txt notified by Royal Battler BD
Tags: defacement[webapps] Seo Panel 4.8.0 – 'search_name' Reflected XSS
Posted by deepcore under Security (No Respond)
[webapps] Products.PluggableAuthService 2.6.0 – Open Redirect
Posted by deepcore under Security (No Respond)
[local] Intel(R) Audio Service x64 01.00.1080.0 – 'IntelAudioService' Unquoted Service Path
Posted by deepcore under Security (No Respond)
Intel(R) Audio Service x64 01.00.1080.0 – ‘IntelAudioService’ Unquoted Service Path
Tags: 0day, remote exploit[webapps] Thecus N4800Eco Nas Server Control Panel – Comand Injection
Posted by deepcore under Security (No Respond)