:: Deepquest ::

OpenMRS 2.3 (1.11.4) – Local File Disclosure Vulnerability

Cyclope Employee Surveillance <= v8.6.1- Insecure File Permissions

WordPress Advanced Uploader plugin version 2.10 suffers from a remote shell upload vulnerability.

WordPress TheCartPress plugin version 1.4.7 suffers from code execution and local file disclosure vulnerabilities.

The login.fortinet.com site suffered from a reflective cross site scripting vulnerability.

WordPress Sell Download plugin version 1.0.16 suffers from a local file disclosure vulnerability.

Linksys EA6100 Wireless Router suffers from an authentication bypass vulnerability.

Atlassian Hipchat is a web service for internal instant messaging. A plugin is available for Jira that allows team collaboration at real time. A message can be used to inject Java code into a Velocity template, and gain code execution as Jira. Authentication is required to exploit this vulnerability, and you must make sure the […]

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners […]

ASUS RT-N15U suffers from code execution, cross site request forgery, cross site scripting, and open redirection vulnerabilities.