[webapps] Online Resort Management System 1.0 – SQLi (Authenticated)
Posted by deepcore under Security (No Respond)
Archive for January, 2022
[local] WorkTime 10.20 Build 4967 – Unquoted Service Path
Posted by deepcore under Security (No Respond)
[remote] Archeevo 5.0 – Local File Inclusion
Posted by deepcore under Security (No Respond)
Microsoft Windows EFSRPC Arbitrary File Upload / Privilege Escalation
Posted by deepcore under exploit (No Respond)
The EFSRPC service on Microsoft Windows Server versions 2019 and 2022 does not prevent a caller specifying a local device path allowing any authenticated user to upload arbitrary files to a server.
Chrome IPC::ChannelAssociatedGroupController Memory Corruption
Posted by deepcore under exploit (No Respond)
Chrome suffers from a memory corruption vulnerability in IPC::ChannelAssociatedGroupController due to interface ID reuse.
SonicWall SMA 100 Series Authenticated Command Injection
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits an authenticated command injection vulnerability in the SonicWall SMA 100 series web interface. Exploitation results in command execution as root. The affected versions are 10.2.1.2-24sv and below, 10.2.0.8-37sv and below, and 9.0.0.11-31sv and below.
Apple Security Advisory 2022-01-12-1
Posted by deepcore under Apple (No Respond)
Apple ColorSync Out-Of-Bounds Read
Posted by deepcore under Apple (No Respond)
RLM 14.2 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
RLM version 14.2 suffers from a cross site scripting vulnerability.
Online Diagnostic Lab Management System 1.0 Missing Access Control
Posted by deepcore under exploit (No Respond)
Online Diagnostic Lab Management System version 1.0 suffers from an account takeover vulnerability.