Pacosite's Blog

Comunicaciones, Linux, Tecnología e Internet

[webapps] Build Smart ERP 21.0817 – ‘eidValue’ SQL Injection (Unauthenticated)

Posted on October 31, 2021 by Frank Cisco

Build Smart ERP 21.0817 – ‘eidValue’ SQL Injection (Unauthenticated)

from Exploit-DB.com RSS Feed hxxps://https://ift.tt/3BuYc7V
via IFTTT

[webapps] Engineers Online Portal 1.0 – File Upload Remote Code Execution (RCE)

Posted on October 31, 2021 by Frank Cisco

Engineers Online Portal 1.0 – File Upload Remote Code Execution (RCE)

from Exploit-DB.com RSS Feed hxxps://https://ift.tt/3CznBi2
via IFTTT

[local] Netgear Genie 2.4.64 – Unquoted Service Path

Posted on October 31, 2021 by Frank Cisco

Netgear Genie 2.4.64 – Unquoted Service Path

from Exploit-DB.com RSS Feed hxxps://https://ift.tt/3mw4Kz1
via IFTTT

[webapps] WordPress Plugin TaxoPress 3.0.7.1 – Stored Cross-Site Scripting (XSS) (Authenticated)

Posted on October 31, 2021 by Frank Cisco

WordPress Plugin TaxoPress 3.0.7.1 – Stored Cross-Site Scripting (XSS) (Authenticated)

from Exploit-DB.com RSS Feed hxxps://https://ift.tt/3Bv2lsE
via IFTTT

[webapps] Hikvision Web Server Build 210702 – Command Injection

Posted on October 31, 2021 by Frank Cisco

Hikvision Web Server Build 210702 – Command Injection

from Exploit-DB.com RSS Feed hxxps://https://ift.tt/2ZFAs3z
via IFTTT

[local] Mini-XML 3.2 – Heap Overflow

Posted on October 29, 2021 by Frank Cisco

Mini-XML 3.2 – Heap Overflow

from Exploit-DB.com RSS Feed https://ift.tt/3CsL3xy
via IFTTT

[webapps] Movable Type 7 r.5002 – XMLRPC API OS Command Injection (Metasploit)

Posted on October 29, 2021 by Frank Cisco

Movable Type 7 r.5002 – XMLRPC API OS Command Injection (Metasploit)

from Exploit-DB.com RSS Feed https://ift.tt/3BkMfBG
via IFTTT

[webapps] WebCTRL OEM 6.5 – ‘locale’ Reflected Cross-Site Scripting (XSS)

Posted on October 29, 2021 by Frank Cisco

WebCTRL OEM 6.5 – ‘locale’ Reflected Cross-Site Scripting (XSS)

from Exploit-DB.com RSS Feed https://ift.tt/3EpCVOT
via IFTTT

[webapps] Umbraco v8.14.1 – ‘baseUrl’ SSRF

Posted on October 29, 2021 by Frank Cisco

Umbraco v8.14.1 – ‘baseUrl’ SSRF

from Exploit-DB.com RSS Feed https://ift.tt/3nyiZCE
via IFTTT

[webapps] PHPGurukul Hostel Management System 2.1 – Cross-site request forgery (CSRF) to Cross-site Scripting (XSS)

Posted on October 28, 2021 by Frank Cisco

PHPGurukul Hostel Management System 2.1 – Cross-site request forgery (CSRF) to Cross-site Scripting (XSS)

from Exploit-DB.com RSS Feed https://ift.tt/2XYu5bq
via IFTTT