[Canvas] Gleg's SCADA+ pack 1.46 , Agora 2.46

Yuriy Gurkin audit at gleg.net
Thu Jul 16 06:19:55 EDT 2015

Hi list, new versions available:
SCADA+ 1.46
contains two fresh new modules including one 0day:
 - UCanCode E-XD++ Visualization Enterprise Suite Remote Code Execution
Vulnerability. [0Day]
 - Soitec SmartEnergy 1.4 SCADA Login SQL Injection Authentication Bypass.
public. (no CVE)

AGORA 2.46
contains three remote Command Execution exploits for web and server side
ag_easy_address_book_web_server_rce - Easy Address Book Web Server 1.6
Remote Code Execution Exploit
ag_open_letters_rce - Open-Letters Remote PHP Code Injection Exploit
ag_uplus_ftp_rce - UPlus FTP Server v1.7.0.13 Remote Code Execution Exploit

Happy hunting,
Gleg's development team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/canvas/attachments/20150716/bd57b3a4/attachment.html>

More information about the Canvas mailing list