Latest cro news

cro

Easy2Pilot 7 Cross Site Request Forgery

By packetstormsecurity.com
Published On :: Thu, 20 Feb 2020 17:41:12 GMT

Easy2Pilot version 7 suffers from a cross site request forgery vulnerability.

Full Article

cro

CandidATS 2.1.0 Cross Site Request Forgery

By packetstormsecurity.com
Published On :: Mon, 24 Feb 2020 09:24:01 GMT

CandidATS version 2.1.0 suffers from a cross site request forgery vulnerability.

Full Article

cro

Easy2Pilot 8 SQL Injection / Cross Site Request Forgery

By packetstormsecurity.com
Published On :: Wed, 26 Feb 2020 04:44:44 GMT

Easy2Pilot version 8 suffers from remote SQL injection, backdoor account, and cross site request forgery vulnerabilities.

Full Article

cro

Business Live Chat Software 1.0 Cross Site Request Forgery

By packetstormsecurity.com
Published On :: Wed, 26 Feb 2020 17:02:22 GMT

Business Live Chat Software version 1.0 suffers from a cross site request forgery vulnerability.

Full Article

cro

WordPress Tutor LMS 1.5.3 Cross Site Request Forgery

By packetstormsecurity.com
Published On :: Mon, 02 Mar 2020 15:26:06 GMT

WordPress Tutor LMS plugin version 1.5.3 suffers from a cross site request forgery vulnerability.

Full Article

cro

Wing FTP Server 6.2.3 Cross Site Request Forgery

By packetstormsecurity.com
Published On :: Wed, 11 Mar 2020 12:02:22 GMT

Wing FTP Server version 2.3 suffers from a cross site request forgery vulnerability.

Full Article

cro

HRSALE 1.1.8 Cross Site Request Forgery

By packetstormsecurity.com
Published On :: Thu, 12 Mar 2020 19:47:06 GMT

HRSALE version 1.1.8 suffers from a cross site request forgery vulnerability.

Full Article

cro

Enhanced Multimedia Router 3.0.4.27 Cross Site Request Forgery

By packetstormsecurity.com
Published On :: Mon, 16 Mar 2020 13:50:22 GMT

Enhanced Multimedia Router version 3.0.4.27 suffers from a cross site request forgery vulnerability.

Full Article

cro

Exagate Sysguard 6001 Cross Site Request Forgery

By packetstormsecurity.com
Published On :: Fri, 20 Mar 2020 14:45:22 GMT

Exagate Sysguard 6001 suffers from a cross site request forgery vulnerability.

Full Article

cro

ECK Hotel 1.0 Cross Site Request Forgery

By packetstormsecurity.com
Published On :: Fri, 27 Mar 2020 13:11:49 GMT

ECK Hotel version 1.0 suffers from a cross site request forgery vulnerability.

Full Article

cro

P5 FNIP-8x16A/FNIP-4xSH CSRF / Cross Site Scripting

By packetstormsecurity.com
Published On :: Tue, 21 Apr 2020 14:15:30 GMT

P5 FNIP-8x16A / FNIP-4xSH versions 1.0.20 and 1.0.11 suffer from cross site request forgery and cross site scripting vulnerabilities.

Full Article

cro

Edimax EW-7438RPn Cross Site Request Forgery

By packetstormsecurity.com
Published On :: Wed, 22 Apr 2020 15:06:13 GMT

Edimax EW-7438RPn suffers from a cross site request forgery vulnerability.

Full Article

cro

Complaint Management System 4.2 Cross Site Request Forgery

By packetstormsecurity.com
Published On :: Thu, 23 Apr 2020 19:31:05 GMT

Complaint Management System version 4.2 suffers from a cross site request forgery vulnerability.

Full Article

cro

Maian Support Helpdesk 4.3 Cross Site Request Forgery

By packetstormsecurity.com
Published On :: Mon, 27 Apr 2020 15:15:48 GMT

Maian Support Helpdesk version 4.3 suffers from a cross site request forgery vulnerability.

Full Article

cro

Apache OFBiz 17.12.03 Cross Site Request Forgery

By packetstormsecurity.com
Published On :: Fri, 01 May 2020 13:44:30 GMT

Apache OFBiz version 17.12.03 suffers from a cross site request forgery vulnerability.

Full Article

cro

osTicket 1.12 File Upload Cross Site Scripting

By packetstormsecurity.com
Published On :: Sun, 11 Aug 2019 17:54:59 GMT

An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation form allows users to upload files along with queries. It was found that the file-upload functionality has fewer (or no) mitigations implemented for file content checks; also, the output is not handled properly, causing persistent XSS that leads to cookie stealing or malicious actions.

Full Article

cro

Apple, Samsung, Microsoft React To Wikileaks' CIA Dump

By packetstormsecurity.com
Published On :: Wed, 08 Mar 2017 14:22:09 GMT

Full Article

cro

Microsoft Windows NtUserMNDragOver Local Privilege Escalation

By packetstormsecurity.com
Published On :: Fri, 08 May 2020 20:05:13 GMT

This Metasploit module exploits a NULL pointer dereference vulnerability in MNGetpItemFromIndex(), which is reachable via a NtUserMNDragOver() system call. The NULL pointer dereference occurs because the xxxMNFindWindowFromPoint() function does not effectively check the validity of the tagPOPUPMENU objects it processes before passing them on to MNGetpItemFromIndex(), where the NULL pointer dereference will occur. This module has been tested against Windows 7 x86 SP0 and SP1. Offsets within the solution may need to be adjusted to work with other versions of Windows, such as Windows Server 2008.

Full Article

cro

Microsoft Discloses Security Breach Of Customer Support Database

By packetstormsecurity.com
Published On :: Wed, 22 Jan 2020 15:57:33 GMT

Full Article

cro

Addressing Supply-Chain Risk Starts With People, Says Microsoft

By packetstormsecurity.com
Published On :: Sat, 10 Aug 2019 16:23:28 GMT

Full Article

cro

Crown Sterling Sues Black Hat Over Hecklers

By packetstormsecurity.com
Published On :: Mon, 26 Aug 2019 13:53:45 GMT

Full Article

cro

The Doghouse: Crown Sterling

By packetstormsecurity.com
Published On :: Fri, 06 Sep 2019 15:32:44 GMT

Full Article

cro

Kr00k Vulnerability Could Allow Crooks To Intercept WiFi Data Packets

By packetstormsecurity.com
Published On :: Thu, 05 Mar 2020 14:35:33 GMT

Full Article

cro

PHP-Fusion CMS 9.03 Cross Site Scripting

By packetstormsecurity.com
Published On :: Wed, 26 Feb 2020 19:33:33 GMT

PHP-Fusion CMS versions 9 through 9.03 suffer from multiple cross site scripting vulnerabilities.

Full Article

cro

Microsoft VSCode Python Extension Code Execution

By packetstormsecurity.com
Published On :: Wed, 18 Mar 2020 15:12:49 GMT

Proof of concept exploit for a Microsoft VSCode python extension code execution vulnerability.

Full Article

cro

CentOS-WebPanel.com Control Web Panel 0.9.8.846 Cross Site Scripting

By packetstormsecurity.com
Published On :: Mon, 05 Aug 2019 20:55:44 GMT

CentOS-WebPanel.com Control Web Panel (CWP) version 0.9.8.846 suffers from a reflective cross site scripting vulnerability.

Full Article

cro

CentOS 7.6.1810 Control Web Panel 0.9.8.837 Cross Site Scripting

By packetstormsecurity.com
Published On :: Mon, 26 Aug 2019 15:59:03 GMT

CentOS version 7.6.1810 with Control Web Panel version 0.9.8.837 suffers from a persistent cross site scripting vulnerability.

Full Article

cro

CentOS 7.6.1810 Control Web Panel 0.9.8.837 Cross Site Request Forgery

By packetstormsecurity.com
Published On :: Mon, 26 Aug 2019 16:01:11 GMT

CentOS version 7.6.1810 with Control Web Panel version 0.9.8.837 suffers from a cross site request forgery vulnerability.

Full Article

cro

Microsoft Passport Cracked via Hotmail

By packetstormsecurity.com
Published On :: Mon, 05 Nov 2001 07:02:12 GMT

Full Article

cro

Django 3.0 Cross Site Request Forgery

By packetstormsecurity.com
Published On :: Wed, 08 Apr 2020 16:43:36 GMT

Django version 3.0 suffers from a cross site request forgery token bypass vulnerability.

Full Article

cro

Crown Prince Of Saudi Arabia Accused Of Hacking Jeff Bezos' Phone

By packetstormsecurity.com
Published On :: Wed, 22 Jan 2020 15:57:44 GMT

Full Article

cro

User Management System 2.0 Cross Site Scripting

By packetstormsecurity.com
Published On :: Thu, 23 Apr 2020 19:19:35 GMT

User Management System version 2.0 suffers from a persistent cross site scripting vulnerability.

Full Article

cro

Complaint Management System 4.2 Cross Site Scripting

By packetstormsecurity.com
Published On :: Thu, 23 Apr 2020 19:24:07 GMT

Complaint Management System version 4.2 suffers from a persistent cross site scripting vulnerability.

Full Article

cro

jQuery html() Cross Site Scripting

By packetstormsecurity.com
Published On :: Sat, 25 Apr 2020 12:23:23 GMT

jQuery versions prior to 3.5 suffer from an html() cross site scripting vulnerability.

Full Article

cro

Open-AudIT 3.3.0 Cross Site Scripting

By packetstormsecurity.com
Published On :: Sun, 26 Apr 2020 19:22:22 GMT

Open-AudIT version 3.3.0 suffers from a cross site scripting vulnerability.

Full Article

cro

Geeklog 2.2.1 Cross Site Scripting

By packetstormsecurity.com
Published On :: Mon, 27 Apr 2020 14:55:02 GMT

Geeklog version 2.2.1 suffers from a cross site scripting vulnerability.

Full Article

cro

POS PHP 17.5 Cross Site Scripting

By packetstormsecurity.com
Published On :: Tue, 28 Apr 2020 14:50:09 GMT

POS PHP version 17.5 suffers from a persistent cross site scripting vulnerability.

Full Article

cro

Easy Transfer 1.7 Cross Site Scripting / Directory Traversal

By packetstormsecurity.com
Published On :: Tue, 28 Apr 2020 14:52:49 GMT

Easy Transfer version 1.7 for iOS suffers from cross site scripting and directory traversal vulnerabilities.

Full Article

cro

ChemInv 1 Cross Site Scripting

By packetstormsecurity.com
Published On :: Thu, 30 Apr 2020 14:52:47 GMT

ChemInv version 1 suffers from a persistent cross site scripting vulnerability.

Full Article

cro

Online Scheduling System 1.0 Cross Site Scripting

By packetstormsecurity.com
Published On :: Thu, 30 Apr 2020 19:22:22 GMT

Online Scheduling System version 1.0 suffers from a persistent cross site scripting vulnerability.

Full Article

cro

PHP-Fusion 9.03.50 Cross Site Scripting

By packetstormsecurity.com
Published On :: Thu, 30 Apr 2020 23:03:33 GMT

PHP-Fusion version 9.03.50 suffers from a persistent cross site scripting vulnerability.

Full Article

cro

osTicket 1.14.1 Cross Site Scripting

By packetstormsecurity.com
Published On :: Sun, 03 May 2020 18:22:11 GMT

osTicket version 1.14.1 suffers from a persistent cross site scripting vulnerability.

Full Article

cro

WordPress WooCommerce Advanced Order Export 3.1.3 Cross Site Scripting

By packetstormsecurity.com
Published On :: Tue, 05 May 2020 20:51:15 GMT

WordPress WooCommerce Advanced Order Export plugin version 3.1.3 suffers from a cross site scripting vulnerability.

Full Article

cro

Online Clothing Store 1.0 Cross Site Scripting

By packetstormsecurity.com
Published On :: Wed, 06 May 2020 14:53:08 GMT

Online Clothing Store version 1.0 suffers from a persistent cross site scripting vulnerability.

Full Article

cro

Sentrifugo CMS 3.2 Cross Site Scripting

By packetstormsecurity.com
Published On :: Thu, 07 May 2020 15:19:23 GMT

Sentrifugo CMS version 3.2 suffers from a persistent cross site scripting vulnerability.

Full Article

cro

iChat 1.6 Cross Site Scripting

By packetstormsecurity.com
Published On :: Thu, 07 May 2020 15:21:46 GMT

iChat version 1.6 suffers from a cross site scripting vulnerability.

Full Article

cro

OpenZ ERP 3.6.60 Cross Site Scripting

By packetstormsecurity.com
Published On :: Thu, 07 May 2020 15:25:10 GMT

OpenZ ERP version 3.6.60 suffers from a persistent cross site scripting vulnerability.

Full Article

cro

Draytek VigorAP Cross Site Scripting

By packetstormsecurity.com
Published On :: Thu, 07 May 2020 15:32:09 GMT

Draytek VigorAP suffers from a persistent cross site scripting vulnerability. Multiple different versions are affected.

Full Article

cro

Tiny MySQL Cross Site Scripting

By packetstormsecurity.com
Published On :: Fri, 08 May 2020 19:44:36 GMT

Tiny MySQL suffers from a cross site scripting vulnerability.

Full Article

cro

WebTareas 2.0p8 Cross Site Scripting

By packetstormsecurity.com
Published On :: Fri, 08 May 2020 19:48:57 GMT

WebTareas version 2.0p8 suffers from a cross site scripting vulnerability.

Full Article

Easy2Pilot 7 Cross Site Request Forgery

CandidATS 2.1.0 Cross Site Request Forgery

Easy2Pilot 8 SQL Injection / Cross Site Request Forgery

Business Live Chat Software 1.0 Cross Site Request Forgery

WordPress Tutor LMS 1.5.3 Cross Site Request Forgery

Wing FTP Server 6.2.3 Cross Site Request Forgery

HRSALE 1.1.8 Cross Site Request Forgery

Enhanced Multimedia Router 3.0.4.27 Cross Site Request Forgery

Exagate Sysguard 6001 Cross Site Request Forgery

ECK Hotel 1.0 Cross Site Request Forgery

P5 FNIP-8x16A/FNIP-4xSH CSRF / Cross Site Scripting

Edimax EW-7438RPn Cross Site Request Forgery

Complaint Management System 4.2 Cross Site Request Forgery

Maian Support Helpdesk 4.3 Cross Site Request Forgery

Apache OFBiz 17.12.03 Cross Site Request Forgery

osTicket 1.12 File Upload Cross Site Scripting

Apple, Samsung, Microsoft React To Wikileaks' CIA Dump

Microsoft Windows NtUserMNDragOver Local Privilege Escalation

Microsoft Discloses Security Breach Of Customer Support Database

Addressing Supply-Chain Risk Starts With People, Says Microsoft

Crown Sterling Sues Black Hat Over Hecklers

The Doghouse: Crown Sterling

Kr00k Vulnerability Could Allow Crooks To Intercept WiFi Data Packets

PHP-Fusion CMS 9.03 Cross Site Scripting

Microsoft VSCode Python Extension Code Execution

CentOS-WebPanel.com Control Web Panel 0.9.8.846 Cross Site Scripting

CentOS 7.6.1810 Control Web Panel 0.9.8.837 Cross Site Scripting

CentOS 7.6.1810 Control Web Panel 0.9.8.837 Cross Site Request Forgery

Microsoft Passport Cracked via Hotmail

Django 3.0 Cross Site Request Forgery

Crown Prince Of Saudi Arabia Accused Of Hacking Jeff Bezos' Phone

User Management System 2.0 Cross Site Scripting

Complaint Management System 4.2 Cross Site Scripting

jQuery html() Cross Site Scripting

Open-AudIT 3.3.0 Cross Site Scripting

Geeklog 2.2.1 Cross Site Scripting

POS PHP 17.5 Cross Site Scripting

Easy Transfer 1.7 Cross Site Scripting / Directory Traversal

ChemInv 1 Cross Site Scripting

Online Scheduling System 1.0 Cross Site Scripting

PHP-Fusion 9.03.50 Cross Site Scripting

osTicket 1.14.1 Cross Site Scripting

WordPress WooCommerce Advanced Order Export 3.1.3 Cross Site Scripting

Online Clothing Store 1.0 Cross Site Scripting

Sentrifugo CMS 3.2 Cross Site Scripting

iChat 1.6 Cross Site Scripting

OpenZ ERP 3.6.60 Cross Site Scripting

Draytek VigorAP Cross Site Scripting

Tiny MySQL Cross Site Scripting

WebTareas 2.0p8 Cross Site Scripting

Crossville’s Wood Impressions Collection

Even a heroic detective like 'Cross' can't save this Prime Video adaptation

Visix adds Microsoft Power BI Widget to AxisTV Signage Suite

Stent em forma de ampulheta poderia aliviar a intensa dor toracica causada pela doenca microvascular

Estent en forma de reloj de arena podria aliviar el intenso dolor en el pecho causado por la enfermedad microvascular

Stent em forma de ampulheta poderia aliviar a intensa dor toracica causada pela doenca microvascular

Estent en forma de reloj de arena podria aliviar el intenso dolor en el pecho causado por la enfermedad microvascular

Linking Data on Genetics, Traits and Environment Gives Crop Breeders a Wider Lens

Lithium Exploration Initiative Expands Across Western Greenland

Kayaking Across America

Palm Springs Film Festival: Croatian 'Cowboys' wrangle laughs

Lithium Exploration Initiative Expands Across Western Greenland

Minecraft's business model is 'leave users alone' — will it be Microsoft's?

High-speed Micro weigher for precise small package weights.

BBS at a crossroads

Subscribe To Our Newsletter