Subscribe via feed.
Archive for February, 2022

Microweber CMS 1.2.10 Local File Inclusion

Posted by deepcore under exploit (No Respond)

Microweber CMS version 1.2.10 has a backup functionality that enables a local file inclusion vulnerability.

Backdoor.Win32.FTP.Ics Remote Command Execution

Posted by deepcore under exploit (No Respond)

Backdoor.Win32.FTP.Ics malware suffers from an unauthenticated remote command execution vulnerability.

[local] Wondershare MirrorGo 2.0.11.346 – Insecure File Permissions

Posted by deepcore under Security (No Respond)

Wondershare MirrorGo 2.0.11.346 – Insecure File Permissions

Tags: ,

Trojan.Win32.Cosmu.abix Insecure Permissions

Posted by deepcore under exploit (No Respond)

Trojan.Win32.Cosmu.abix malware suffers from an insecure permissions vulnerability.

Air Cargo Management System 1.0 SQL Injection

Posted by deepcore under exploit (No Respond)

Air Cargo Management System version 1.0 suffers from a remote SQL injection vulnerability.

WordPress 99robots Header Footer Code Manager 1.1.16 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

WordPress 99robots Header Footer Code Manager plugin versions 1.1.16 and below suffer from a cross site scripting vulnerability.

Backdoor.Win32.Agent.baol Insecure Permissions

Posted by deepcore under exploit (No Respond)

Backdoor.Win32.Agent.baol malware suffers from an insecure permissions vulnerability.

Agirhnet 1.0 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Agirhnet version 1.0 suffers from a cross site scripting vulnerability.

Backdoor.Win32.Dsocks.10 Hardcoded Password

Posted by deepcore under exploit (No Respond)

Backdoor.Win32.Dsocks.10 malware suffers from a hardcoded cleartext password vulnerability.

ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 Remote File Modification

Posted by deepcore under exploit (No Respond)

ICL ScadaFlex II SCADA Controllers SC-1/SC-2 version 1.03.07 is vulnerable to unauthenticated file write/overwrite and deletion. This allows an attacker to execute critical file CRUD operations on the device that can potentially allow system access and impact availability.