Subscribe via feed.
Archive for April, 2023

[webapps] Sielco PolyEco Digital FM Transmitter 2.0.6 – Unauthenticated Information Disclosure

Posted by deepcore under Security (No Respond)

Sielco PolyEco Digital FM Transmitter 2.0.6 – Unauthenticated Information Disclosure

Tags: ,

[webapps] Sielco Analog FM Transmitter 2.12 – Cross-Site Request Forgery

Posted by deepcore under Security (No Respond)

Sielco Analog FM Transmitter 2.12 – Cross-Site Request Forgery

Tags: ,

[local] Google Chrome Browser 111.0.5563.64 – AXPlatformNodeCocoa Fatal OOM/Crash (macOS)

Posted by deepcore under Security (No Respond)

Google Chrome Browser 111.0.5563.64 – AXPlatformNodeCocoa Fatal OOM/Crash (macOS)

Tags: ,

[webapps] InnovaStudio WYSIWYG Editor 5.4 – Unrestricted File Upload / Directory Traversal

Posted by deepcore under Security (No Respond)

InnovaStudio WYSIWYG Editor 5.4 – Unrestricted File Upload / Directory Traversal

Tags: ,

File Replication Pro 7.5.0 Insecure Permissions / Privilege Escalation

Posted by deepcore under exploit (No Respond)

File Replication Pro version 7.5.0 suffers from having insecure directory permissions that can allow a local attacker the ability to escalate privileges.

InnovaStudio WYSIWYG Editor Asset Manager 5.4 Shell Upload

Posted by deepcore under exploit (No Respond)

InnovaStudio WYSIWYG Editor Asset Manager versions 5.4 and below suffer from a remote shell upload vulnerability.

WordPress Limit Login Attempts 1.7.1 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

WordPress Limit Login Attempts plugin versions 1.7.1 and below suffer from a persistent cross site scripting vulnerability.

WordPress WP Data Access 5.3.7 Privilege Escalation

Posted by deepcore under exploit (No Respond)

WordPress WP Data Access plugin versions 5.3.7 and below suffer from a privilege escalation vulnerability.

Google Chrome Browser 111.0.5563.64 AXPlatformNodeCocoa Denial Of Service

Posted by deepcore under exploit (No Respond)

Google Chrome Browser version 111.0.5563.64 suffers from an AXPlatformNodeCocoa fatal out-of-memory denial of service vulnerability on macOS.

Sielco Analog FM Transmitter 2.12 Cookie Brute Force

Posted by deepcore under exploit (No Respond)

Sielco Analog FM Transmitter version 2.12 suffers from a cookie brute forcing vulnerability that can allow for session hijacking.