ProjeQtOr Project Management System 10.3.2 Shell Upload
Posted by deepcore under exploit (No Respond)
ProjeQtOr Project Management System version 10.3.2 suffers from a remote shell upload vulnerability.
Archive for April, 2023
Chitor-CMS 1.1.2 SQL Injection
Posted by deepcore under exploit (No Respond)
Chitor-CMS version 1.1.2 suffers from a remote SQL injection vulnerability.
FUXA 1.1.13-1186 Remote Code Execution
Posted by deepcore under exploit (No Respond)
FUXA version 1.1.13-1186 suffers from an unauthenticated remote code execution vulnerability.
VMware Workspace ONE Access Privilege Escalation
Posted by deepcore under exploit (No Respond)
This Metasploit module exploits CVE-2022-22960 which allows the user to overwrite the permissions of the certproxyService.sh script so that it can be modified by the horizon user. This allows a local attacker with the uid 1001 to escalate their privileges to root access.
https://dltkorat.go.th/net.html
Posted by deepcore under defacement (No Respond)
https://dltkorat.go.th/net.html notified by Desktop77N3T
Tags: defacementhttps://dltkorat.go.th/net.html
Posted by deepcore under defacement (No Respond)
https://dltkorat.go.th/net.html notified by Desktop77N3T
Tags: defacement[webapps] Serendipity 2.4.0 – Cross-Site Scripting (XSS)
Posted by deepcore under Security (No Respond)
[webapps] Piwigo 13.6.0 – Stored Cross-Site Scripting (XSS)
Posted by deepcore under Security (No Respond)
[webapps] Serendipity 2.4.0 – Remote Code Execution (RCE) (Authenticated)
Posted by deepcore under Security (No Respond)
[webapps] ProjeQtOr Project Management System 10.3.2 – Remote Code Execution (RCE)
Posted by deepcore under Security (No Respond)