:: Deepquest ::

MyLittleForum version 2.3.5 suffers from a PHP command execution vulnerability.

PInfo version 0.6.9-5.1 suffers from a buffer overflow vulnerability.

BigTree CMS version 4.2.11 and below suffer from a remote authenticated SQL injection vulnerability.

HNB version 1.9.18-10 suffers from a local buffer overflow vulnerability.

This Metasploit module generates a Open API Specification 2.0 (Swagger) compliant json document that includes payload insertion points in parameters. In order for the payload to be executed, an attacker must convince someone to generate code from a specially modified swagger.json file within a vulnerable swagger-codgen appliance/container/api/service, and then to execute that generated code (or […]

Iranian Weblog Service CMS version 3.3 suffers from cross site scripting, remote shell upload, and remote SQL injection vulnerabilities.

A password reset session web vulnerability has been discovered in the official Ladesk online service web-application. The vulnerability allows remote attackers to reset a session credentials to unauthorized access user accounts or data.

Mutualaid CMS version 4.3.1 suffers from a remote SQL injection vulnerability.

Alfine CMS version 2.6 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Symantec Antivirus – Integer Overflow in TNEF Decoder