Update: 2017 => You can find latest posts here… https://www.xc0re.net
Monthly Archives: September 2012
- 67 Anonymity anonymous Antispyware Antivirus art Avast BSR-webweaver bypass Bypass WAF Cherokee Web Server Cisco cracker deception Denial Of Service detection Directory Traversal disclaimer DOS email Exploit exploitation ezine Facebook facebook Directory Facebook hack firewall ftp GET Hackers hack firewalls hacking Hacking & Security hopster Http Server intrusion Kolibri+ Webserver 2 password perl exploit code Personal Firewall phrack Port port 25 proxy review scripts Security Skull security smtp social network spam subscriber manager sunray thin client Tor tunnel username usman saeed version 0.5.4 version 1.33 vulnerability vulnerbility Web applicattion firewalls websense Webserver exploit white hats Xc0re xc0re.net xc0re security research group Xitami Xitami 5.0a0 XSS zeroday exploit Zonealarm ZyXEL P-660R ZyXEL P-660R-T1 V2
Error: Twitter did not respond. Please wait a few minutes and refresh this page.
- Xen Unbounded Recursion In Pagetable De-Typing October 19, 2017Xen allows pagetables of the same level to map each other as readonly in PV domains. This is useful if a guest wants to use the self-referential pagetable trick for easy access to pagetables by mapped virtual address.
- Microsoft Windows GDFMaker 6.3.9600.16384 XXE Injection October 18, 2017Microsoft Windows Game Definition File Editor (GDFMaker) version 6.3.9600.16384 suffers from an XML external entity injection vulnerability.
- Apache Solr 7.0.1 XXE Injection / Code Execution October 18, 2017Apache Solar version 7.0.1 suffers from XML external entity injection and remote code execution vulnerabilities.
- Career Portal 1.0 SQL Injection October 18, 2017Career Portal version 1.0 suffers from a remote SQL injection vulnerability.
- WordPress Car Park Booking SQL Injection October 18, 2017WordPress Car Park Booking plugin suffers from a remote SQL injection vulnerability.
- Afian AB FileRun 2017.03.18 CSRF / Shell Upload / XSS / Redirection October 17, 2017Afian AB FileRun version 2017.03.18 suffers from cross site request forgery, cross site scripting, open redirection, remote shell upload, and various other vulnerabilities.
- Linksys E Series CSRF / XSS / Denial Of Service / Header Injection October 17, 2017Linksys E series devices suffer from cross site request forgery, cross site scripting, header injection, denial of service, and various other vulnerabilities.
- Webtrekk Pixel Tracking Cross Site Scripting October 17, 2017Webtrekk Pixel Track versions 3.24 to 3.40, 4.00 to 4.40, and 5.00 to 5.04 suffer from a cross site scripting vulnerability.
- 3CX Phone System 15.5.3554.1 Directory Traversal October 16, 20173CX Phone System version 15.5.3554.1 suffers from an authentication directory traversal vulnerability.
- Windows Kernel Pool nt!NtQueryObject Memory Disclosure October 16, 2017It was discovered that the nt!NtQueryObject syscall handler discloses portions of uninitialized pool memory to user-mode clients when certain conditions are met.
- Xen Unbounded Recursion In Pagetable De-Typing October 19, 2017
- FreeBSD Security Advisory FreeBSD-SA-17:07.wpa [REVISED] October 19, 2017
- [slackware-security] xorg-server (SSA:2017-291-03) October 19, 2017
- [slackware-security] wpa_supplicant (SSA:2017-291-02) October 19, 2017
- [slackware-security] libXres (SSA:2017-291-01) October 19, 2017
- WebKitGTK+ Security Advisory WSA-2017-0008 October 18, 2017
- SEC Consult SA-20171018-1 :: Multiple vulnerabilities in Linksys E-series products October 18, 2017