Subscribe via feed.
Archive for November, 2021

[webapps] FLEX 1085 Web 1.6.0 – HTML Injection

Posted by deepcore under Security (No Respond)

FLEX 1085 Web 1.6.0 – HTML Injection

Tags: ,

[webapps] Bus Pass Management System 1.0 – 'Search' SQL injection

Posted by deepcore under Security (No Respond)

Bus Pass Management System 1.0 – ‘Search’ SQL injection

Tags: ,

[webapps] Webrun 3.6.0.42 – 'P_0' SQL Injection

Posted by deepcore under Security (No Respond)

Webrun 3.6.0.42 – ‘P_0’ SQL Injection

Tags: ,

[local] Linux Kernel 5.1.x – 'PTRACE_TRACEME' pkexec Local Privilege Escalation (2)

Posted by deepcore under Security (No Respond)

Linux Kernel 5.1.x – ‘PTRACE_TRACEME’ pkexec Local Privilege Escalation (2)

Tags: ,

[webapps] WordPress Plugin WP Guppy 1.1 – WP-JSON API Sensitive Information Disclosure

Posted by deepcore under Security (No Respond)

WordPress Plugin WP Guppy 1.1 – WP-JSON API Sensitive Information Disclosure

Tags: ,

[remote] GNU gdbserver 9.2 – Remote Command Execution (RCE)

Posted by deepcore under Security (No Respond)

GNU gdbserver 9.2 – Remote Command Execution (RCE)

Tags: ,

[webapps] Aimeos Laravel ecommerce platform 2021.10 LTS – 'sort' SQL injection

Posted by deepcore under Security (No Respond)

Aimeos Laravel ecommerce platform 2021.10 LTS – ‘sort’ SQL injection

Tags: ,

[dos] Modbus Slave 7.3.1 – Buffer Overflow (DoS)

Posted by deepcore under Security (No Respond)

Modbus Slave 7.3.1 – Buffer Overflow (DoS)

Tags: ,

[dos] Pinkie 2.15 – TFTP Remote Buffer Overflow (PoC)

Posted by deepcore under Security (No Respond)

Pinkie 2.15 – TFTP Remote Buffer Overflow (PoC)

Tags: ,

Apache Storm Nimbus 2.2.0 Command Execution

Posted by deepcore under exploit (No Respond)

This Metasploit module exploits an unauthenticated command injection vulnerability within the Nimbus service component of Apache Storm. The getTopologyHistory RPC method method takes a single argument which is the name of a user which is concatenated into a string that is executed by bash. In order for the vulnerability to be exploitable, there must have […]