Subscribe via feed.
Archive for January, 2023

http://kcph.go.th

Posted by deepcore under defacement (No Respond)

http://kcph.go.th notified by Yrid06

Tags:

AmazCart Laravel Ecommerce System CMS 3.4 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

AmazCart Laravel Ecommerce System CMS version 3.4 suffers from a cross site scripting vulnerability.

Food Ordering System 2 Shell Upload

Posted by deepcore under exploit (No Respond)

Food Ordering System version 2 suffers from a remote shell upload vulnerability.

Inout RealEstate 2.1.3 SQL Injection

Posted by deepcore under exploit (No Respond)

Inout RealEstate version 2.1.3 suffers from a remote SQL injection vulnerability.

ERPGo SaaS 3.9 CSV Injection

Posted by deepcore under exploit (No Respond)

ERPGo is a software as a service (SaaS) platform that is vulnerable to CSV injection attacks. This type of attack occurs when an attacker is able to manipulate the data that is imported or exported in a CSV file, in order to execute malicious code or gain unauthorized access to sensitive information. This vulnerability can […]

Active eCommerce CMS 6.5.0 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Active eCommerce CMS version 6.5.0 suffers from a persistent cross site scripting vulnerability.

Inout Multi-Vendor Shopping Cart 3.2.3 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Inout Multi-Vendor Shopping Cart version 3.2.3 suffers from a cross site scripting vulnerability.

Inout Multi-Vendor Shopping Cart 3.2.3 SQL Injection

Posted by deepcore under exploit (No Respond)

Inout Multi-Vendor Shopping Cart version 3.2.3 suffers from a remote SQL injection vulnerability.

ASKEY RTF3505VW-N1 Privilege Escalation

Posted by deepcore under exploit (No Respond)

ASKEY routers version RTF3505VW-N1 suffer from a local privilege escalation vulnerability.

wolfSSL WOLFSSL_CALLBACKS Heap Buffer Over-Read

Posted by deepcore under exploit (No Respond)

wolfSSL versions prior to 5.5.2 suffer from a heap buffer over-read with WOLFSSL_CALLBACKS and can be triggered with a single Client Hello message.