[Canvas] SCADA+ pack 1.51 , Agora pack 2.50 are out
Yuriy Gurkin
audit at gleg.net
Mon Jan 25 13:08:59 EST 2016
Dear colleagues,
Agora 2.50 contains 4 new modules for fresh publicly known vulns:
- Magento Server MAGMI Plugin Local File Include.
- McAfee ePolicy Orchestrator Authenticated XXE Credentials Exposure.
- Wordpress Business Intelligence Plugin v 1.6.1 - Blind SQL injection
Vulnerability.
- Creative Contact Form Arbitrary File Upload Exploit.
SCADA+ 1.51 contains nice module with jsp shell uploading for Mango
automation,
and 0day vuln in Interactive Graphical SCADA
List:
- Mango Automation File Upload Vulnerability. shell uploading vector
- Interactive Graphical SCADA System v.11.0. Remote vuln PoC [0Day]
Regards,
Gleg's research team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/canvas/attachments/20160125/ea183dd7/attachment.html>
More information about the Canvas
mailing list