[remote] ICT Protege GX/WX 2.08 – Stored Cross-Site Scripting (XSS)
Posted by deepcore under Security (No Respond)
Archive for March, 2022
[local] Sysax FTP Automation 6.9.0 – Privilege Escalation
Posted by deepcore under Security (No Respond)
[remote] Ivanti Endpoint Manager 4.6 – Remote Code Execution (RCE)
Posted by deepcore under Security (No Respond)
[remote] iRZ Mobile Router – CSRF to RCE
Posted by deepcore under Security (No Respond)
[webapps] ICEHRM 31.0.0.0S – Cross-site Request Forgery (CSRF) to Account Takeover
Posted by deepcore under Security (No Respond)
[webapps] WordPress Plugin iQ Block Country 1.2.13 – Arbitrary File Deletion via Zip Slip (Authenticated)
Posted by deepcore under Security (No Respond)
WordPress Plugin iQ Block Country 1.2.13 – Arbitrary File Deletion via Zip Slip (Authenticated)
Tags: 0day, remote exploitSimple Mobile Comparison Website 1.0 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Simple Mobile Comparison Website version 1.0 suffers from a cross site scripting vulnerability.
Chrome chrome_pdf::PDFiumEngine::RequestThumbnail Heap Buffer Overflow
Posted by deepcore under exploit (No Respond)
Chrome suffers from a heap buffer overflow vulnerability in chrome_pdf::PDFiumEngine::RequestThumbnail.
https://bdlh.go.th/noname.html
Posted by deepcore under defacement (No Respond)
https://bdlh.go.th/noname.html notified by K4TSUY4-GH05T
Tags: defacementBuilderOrcus Insecure Permissions
Posted by deepcore under exploit (No Respond)
BuilderOrcus malware suffers from an insecure permissions vulnerability.