:: Deepquest ::

Multiples Nexon Games – Unquoted Path Privilege Escalation

eXtplorer 2.1.9 – Archive Path Traversal

NRSS News Reader version 0.3.9-1 suffers from a buffer overflow vulnerability which allows local attackers to obtain privileged access when exploited.

runAV with mod_security suffers from a command injection vulnerability that leads to privilege escalation providing the clamscan binary is setuid.

CakePHP Framework versions 3.2.4 and below suffer from a vulnerability that allows users to spoof the source IP address logged by the server.

eXtplorer version 2.1.9 suffers from a traversal vulnerability.

Various JVC products suffer from having weak and poorly protected credentials, cross site request forgery, cross site scripting, header injection, and information disclosure vulnerabilities.

Multiple vulnerabilities were identified in Aruba AP, IAP and AMP devices. The vulnerabilities were discovered during a black box security assessment and therefore the vulnerability list should not be considered exhaustive. Several of the high severity vulnerabilities listed in this report are related to the Aruba proprietary PAPI protocol and allow remote compromise of affected […]

Ajaxel CMS version 8.0 suffers from cross site request forgery, cross site scripting, file disclosure, and remote SQL injection vulnerabilities.

PHPWebFTP version 3.3b suffers from cross site scripting vulnerabilities.