NEProfile – Host Header Injection
Posted by ghost on Aug 25 Exploit Title: NEProfile - Host Header Injection Date: 5/13/2020 Vendor Homepage: https://seczetta.com Software Link:...
Vulnerabilities
Google Chromecast Auth Bypass/RCE
Posted by Benjamin Floyd on Aug 25Problem: Most modern Google-based smart devices run some form of Chromecast (and a version...
CVE-2020-24548 / Ericom Access Server for (AccessNow & Ericom Blaze) v9.2.0 / Server Side Request Forgery
Posted by hyp3rlinx on Aug 25 Credits: John Page (aka hyp3rlinx) Website: hyp3rlinx.altervista.org Source:http://hyp3rlinx.altervista.org/advisories/ERICOM-ACCESS-SERVER-ACCESS-NOW-BLAZE-9.2.0-SERVER-SIDE-REQUEST-FORGERY.txt twitter.com/hyp3rlinx ISR: ApparitionSec www.ericom.com Ericom Access...
Open-Xchange Security Advisory 2020-08-20
Posted by Open-Xchange GmbH via Fulldisclosure on Aug 21Dear subscribers, we're sharing our latest advisory with you and like to...
Payment bypass in WordPress – WooCommerce – NAB Transact plugin disclosure
Posted by Jack Misiura via Fulldisclosure on Aug 21Title: Payment bypass Product: WordPress NAB Transact WooCommerce Plugin Vendor Homepage: https://woocommerce.com/products/nab-transact-direct-post/...
New Release: UFONet v1.6 – “M4RAuD3R!”…
Posted by psy on Aug 17Hi Community, I am glad to present a new release of this tool: - https://ufonet.03c8.net...
Two vulnerabilities found in MikroTik’s RouterOS
Posted by Q C on Aug 14Advisory: two vulnerabilities found in MikroTik's RouterOS Details ======= Product: MikroTik's RouterOS Vendor URL:...
Avian JVM vm::arrayCopy() silent return on negative length
Posted by Pietro Oliva via Fulldisclosure on Aug 11Vulnerability title: Avian JVM vm::arrayCopy() silent return on negative length Author: Pietro...
Avian JVM vm::arrayCopy() Multiple Integer Overflows
Posted by Pietro Oliva via Fulldisclosure on Aug 11Vulnerability title: Avian JVM vm::arrayCopy() Multiple Integer Overflows Author: Pietro Oliva CVE:...
SugarCRM < 10.1.0 (Reports Export) SQL Injection Vulnerability
Posted by Egidio Romano on Aug 11SugarCRM < 10.1.0 (Reports Export) SQL Injection Vulnerability *• Software Link:*https://www.sugarcrm.com *• Affected Versions:*...
