:: Deepquest ::

WordPress Olimometer plugin versions 2.56 and below suffer from a remote SQL injection vulnerability.

Linux kernel versions 2.6.22 and below 3.9 Dirty COW PTRACE_POKEDATA race condition privilege escalation exploit that provides write access.

Burden TMA version 2.1.1 suffers from a cross site scripting vulnerability.

Atbox.io suffers from an open redirection vulnerability.

AOMEI Backupper Standard version 3.5 suffers from a dll hijacking vulnerability.

Core FTP LE version 2.2 build 1883 suffers from a buffer overflow vulnerability.

ChatNow version 1.1 suffers from a remote SQL injection vulnerability.

Microsoft Windows Kernel win32k.sys NtSetWindowLongPtr privilege escalation proof of concept exploit. Leverages the issue as noted in MS16-135.

Disk Pulse Enterprise version 9.1.16 suffers from a buffer overflow vulnerability.

This exploit uses the pokemon exploit as a base and automatically generates a new passwd line. The original /etc/passwd is then backed up to /tmp/passwd.bak and overwritten with the new line. The user will be prompted for the new password when the binary is run. After running the exploit you should be able to login […]