[Canvas] Agora 2.11 and SCADA+ 1.12 is out

[Yuriy Gurkin]

SCADA+ professional 1.12:
NOTE: starting from this 1.12 version SCADA+ standard and Step-ahead
licenses will be gradually merged into single "SCADA+ professional
package"!

This time we include 3 step ahead scada modules from previous releases.
We have also powered this release with some modules for network devices.
Modules list:
- CEserver from Advantech Studio and Indusoft Web Studio buffer overflow. [0day]
- Carel Plant Visor Pro Hardcoded credentials vulnerability. [0day]
- Sunway ForceControl and pNetPower httpsvr.exe heap-based buffer overflow
modules for network devices:
- D-Link Wireless N Router (DIR-615) firmware 3.10NA apply.cgi Admin
Authentication Bypass
- D-Link ShareCenter DNS-320 firmware v2.00b06 remote DoS
- D-Link Wireless G Router (WBR-1310) firmware 2.00 Authentication Bypass
- TRENDnet internet camera TV-IP201(P) firmware v2.00 Authentication Bypass

******
Agora 2.11:
Agora pack 2.11 is out with 7 new modules. Web software is covered this time.
Included are modules for popular CMSystems, web based Promise raid
Array Management Software, phpDenora used for IRC servers
administrating, HomeSeer Home Automation Software and more...
- Promise WebPAM v2.2.0.13. Add admin user. [0day]
- LEPTON CMS <= 1.1.3 SQL Injection
- OneFileCMS v.1.1.5 Local File Inclusion Vulnerability
- XRayCMS 1.1.1 Remote PHP shell uploader
- HomeSeer HS2 and HomeSeer PRO Directory Traversal
- PHP Address Book 6.2.12 Remote PHP shell uploader
- phpDenora <= 1.4.6 Remote PHP shell uploader

Best wishes,
Gleg team.