Subscribe via feed.
Archive for February, 2023

[webapps] pfBlockerNG 2.1.4_26 – Remote Code Execution (RCE)

Posted by deepcore under Security (No Respond)

pfBlockerNG 2.1.4_26 – Remote Code Execution (RCE)

Tags: ,

Argon Dashboard 1.1.2 SQL Injection

Posted by deepcore under exploit (No Respond)

Argon Dashboard version 1.1.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Demanzo Matrimony 1.5 Cross Site Request Forgery

Posted by deepcore under exploit (No Respond)

Demanzo Matrimony version 1.5 suffers from a cross site request forgery vulnerability.

Zabbix Agent 6.2.7 Insecure Permissions / Privilege Escalation

Posted by deepcore under exploit (No Respond)

Zabbix Agent and Zabbix Agent 2 versions 6.2.7 and below suffer from an issue where it does not secure the permissions on a non-default installation directory, allowing an attacker to place a malicious executable to escalate privileges.

Best POS Management System 1.0 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Best POS Management System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

Best POS Management System 1.0 SQL Injection

Posted by deepcore under exploit (No Respond)

Best POS Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities.

Best POS Management System 1.0 Shell Upload

Posted by deepcore under exploit (No Respond)

Best POS Management System version 1.0 suffers from a remote shell upload vulnerability.

Kardex Mlog MCC 5.7.12+0-a203c2a213-master File Inclusion / Remote Code Execution

Posted by deepcore under exploit (No Respond)

Kardex Mlog MCC version 5.7.12+0-a203c2a213-master suffers from a file inclusion vulnerability that allows for remote code execution.

Debian Security Advisory 5351-1

Posted by deepcore under Apple (No Respond)

Debian Linux Security Advisory 5351-1 – An anonymous researcher discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Tags: , ,

Debian Security Advisory 5352-1

Posted by deepcore under Apple (No Respond)

Debian Linux Security Advisory 5352-1 – An anonymous researcher discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Tags: , ,