2022 February

[webapps] WordPress Plugin Error Log Viewer 1.1.1 – Arbitrary File Clearing (Authenticated)

Posted by deepcore under Security (No Respond)

WordPress Plugin Error Log Viewer 1.1.1 – Arbitrary File Clearing (Authenticated)

Tags: 0day, remote exploit

[webapps] Network Video Recorder NVR304-16EP – Reflected Cross-Site Scripting (XSS) (Unauthenticated)

Posted by deepcore under Security (No Respond)

Network Video Recorder NVR304-16EP – Reflected Cross-Site Scripting (XSS) (Unauthenticated)

Tags: 0day, remote exploit

[local] TeamSpeak 3.5.6 – Insecure File Permissions

Posted by deepcore under Security (No Respond)

TeamSpeak 3.5.6 – Insecure File Permissions

Tags: 0day, remote exploit

[remote] H3C SSL VPN – Username Enumeration

Posted by deepcore under Security (No Respond)

H3C SSL VPN – Username Enumeration

Tags: 0day, remote exploit

[webapps] Simple Student Quarterly Result/Grade System 1.0 – SQLi Authentication Bypass

Posted by deepcore under Security (No Respond)

Simple Student Quarterly Result/Grade System 1.0 – SQLi Authentication Bypass

Tags: 0day, remote exploit

[webapps] ServiceNow – Username Enumeration

Posted by deepcore under Security (No Respond)

ServiceNow – Username Enumeration

Tags: 0day, remote exploit

[webapps] Multi-Vendor Online Groceries Management System 1.0 – 'id' Blind SQL Injection

Posted by deepcore under Security (No Respond)

Multi-Vendor Online Groceries Management System 1.0 – ‘id’ Blind SQL Injection

Tags: 0day, remote exploit

[local] Emerson PAC Machine Edition 9.80 Build 8695 – 'TrapiServer' Unquoted Service Path

Posted by deepcore under Security (No Respond)

Emerson PAC Machine Edition 9.80 Build 8695 – ‘TrapiServer’ Unquoted Service Path

Tags: 0day, remote exploit

WordPress International SMS For Contact Form 7 Integration 1.2 CSRF

Posted by deepcore under exploit (No Respond)

WordPress International SMS for Contact Form 7 Integration plugin version 1.2 suffers from a cross site request forgery vulnerability.

Slurp 1.10.2 Format String

Posted by deepcore under exploit (No Respond)

Slurp version 1.10.2 suffers from a format string vulnerability.

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

[webapps] WordPress Plugin Error Log Viewer 1.1.1 – Arbitrary File Clearing (Authenticated)

[webapps] Network Video Recorder NVR304-16EP – Reflected Cross-Site Scripting (XSS) (Unauthenticated)

[local] TeamSpeak 3.5.6 – Insecure File Permissions

[remote] H3C SSL VPN – Username Enumeration

[webapps] Simple Student Quarterly Result/Grade System 1.0 – SQLi Authentication Bypass

[webapps] ServiceNow – Username Enumeration

[webapps] Multi-Vendor Online Groceries Management System 1.0 – 'id' Blind SQL Injection

[local] Emerson PAC Machine Edition 9.80 Build 8695 – 'TrapiServer' Unquoted Service Path

WordPress International SMS For Contact Form 7 Integration 1.2 CSRF

Slurp 1.10.2 Format String

Tabs Switcher

Categories

Archives

Meta

BLOGROLL

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Tabs Switcher

Categories

Archives

Meta

BLOGROLL