[webapps] Event Registration System with QR Code 1.0 – Authentication Bypass & RCE
Posted by deepcore under Security (No Respond)
Archive for July, 2021
PHP 7.3.15-3 PHP_SESSION_UPLOAD_PROGRESS Session Data Injection
Posted by deepcore under exploit (No Respond)
PHP version 7.3.15-3 suffers from a PHP_SESSION_UPLOAD_PROGRESS session data injection vulnerability.
Zabbix 5.x SQL Injection / Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Zabbix versions 1.x through 5.x suffer from persistent cross site scripting and remote blind SQL injection vulnerabilities.
Elasticsearch ECE 7.13.3 Database Disclosure
Posted by deepcore under exploit (No Respond)
Elasticsearch ECE version 7.13.3 anonymous database dumping exploit.
Backdoor.Win32.Hupigon.aaur Unauthenticated Open Proxy
Posted by deepcore under exploit (No Respond)
Backdoor.Win32.Hupigon.aaur malware suffers from an unauthenticated open proxy vulnerability.
Backdoor.Win32.Mazben.me Unauthenticated Open Proxy
Posted by deepcore under exploit (No Respond)
Backdoor.Win32.Mazben.me malware suffers from an unauthenticated open proxy vulnerability.
Leawo Prof. Media 11.0.0.1 Denial Of Service
Posted by deepcore under exploit (No Respond)
Leawo Prof. Media version 11.0.0.1 suffers from a denial of service vulnerability.
Backdoor.Win32.Agent.cu Authentication Bypass
Posted by deepcore under exploit (No Respond)
Backdoor.Win32.Agent.cu malware suffers from an authentication bypass vulnerability that can lead to code execution.
XOS Shop 1.0.9 Arbitrary File Deletion
Posted by deepcore under exploit (No Respond)
XOS Shop version 1.0.9 suffers from an authenticated arbitrary file deletion vulnerability.
Backdoor.Win32.Agent.cu Man-In-The-Middle
Posted by deepcore under exploit (No Respond)
Backdoor.Win32.Agent.cu malware suffers from a man-in-the-middle vulnerability.