[Canvas] Agora pack 2.64 is out

Yuriy Gurkin audit at gleg.net
Tue Apr 25 04:09:28 EDT 2017

Hi, List.

2.64 ver. of Agora contains 3 modules. List:

- FileRun Arbitrary File Upload [0-Day]
- Dolibarr ERP/CRM. Allows attacker with minimum privileges to get all
users info inc. credentials), create new user, etc. [0-Day]
- SugarCRM 6.5.23 - REST PHP Object Injection Exploit

Happy pentesting,
Gleg`s Security team <http://gleg.net/>
Follow us on Twitter: GlegExploitPack <https://twitter.com/GlegExploitPack>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/canvas/attachments/20170425/f1cdf612/attachment.html>

More information about the Canvas mailing list