[Canvas] Agora, DefPack and MedPack updates available
Yuriy Gurkin
audit at gleg.net
Sat Apr 30 19:16:24 EDT 2016
Hi,
Agora 2.52 version has the following fresh modules. All for web soft this
time:
- DedeCMS < 5.7-sp1 - Shell Upload Vulnerability
- Joomla J2Store 3.1.6 - Blind SQL Injection
- Joomla HTTP Header Unauthenticated Remote Code Execution
- Wordpress N-Media Website Contact Form 1.3.4 File Upload Vulnerability
- Wordpress WP Mobile Edition Version 2.2.7 Arbitrary File Download
- WordPress WP Symposium Plugin 15.1 - Blind SQL Injection
DefPack 1.6 has following new modules for public vulns:
- Panda Security for Business Remote Code Execution Exploit
- Solarwinds Log and Event Manager/Trigeo SIM 6.1.0 - Remote Command
Execution
- This module exploits multiple vulnerabilities found in Solarwinds
Firewall Security Manager. based on CVE-2015-2284 and leveraged to RCE
- Network Performance Monitor < 11.5 and 5! other popular software pieces.
- Symantec pcAnywhere 12.5.0 - Remote Command Execution.
MedPack 1.9 list:
- Medtronic Valleylab Software DoS 0-Day.
- Simacle hospital Blind SQL injection Vulnerability
Best Regards and Happy Pentesting!
Gleg ltd's team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/canvas/attachments/20160501/cbfdccc3/attachment.html>
More information about the Canvas
mailing list