:: Deepquest ::

WordPress Single Personal Message plugin version 1.0.3 suffers from a remote SQL injection vulnerability.

Microsoft PowerShell suffers from an XML external entity (XXE) injection vulnerability that allows for file exfiltration.

AbanteCart version 1.2.7 suffers from a stored cross site scripting vulnerability.

A specially crafted web-page can trigger a memory corruption vulnerability in Microsoft Internet Explorer 9. A pointer set up to point to certain data on the stack can be used after that data has been removed from the stack. This results in a stack-based analog to a heap use-after-free vulnerability. The stack memory where the […]

Sony IPELA ENGINE IP Cameras contain multiple backdoors that, among other functionality, allow an attacker to enable the Telnet/SSH service for remote administration over the network. Other available functionality may have undesired effects to the camera image quality or other camera functionality. After enabling Telnet/SSH, another backdoor allows an attacker to gain access to a […]

Microsoft Internet Explorer 9 suffers from a CDoc::ExecuteScriptUri use-after-free vulnerability.

Windows Media Center “ehshell.exe” is vulnerable to an XML External Entity attack allowing remote access to any files on a victim’s computer, if they open an XXE laden “.mcl” file via a remote share / USB or from a malicious “windowsmediacenterweb” web link.

Microsoft Excel Starter 2010 suffers from an XML eXternal Entity vulnerability that allows for remote file disclosure.

Shuttle Tech ADSL Wireless 920 WM suffers from cross site scripting, directory traversal, and default telnet root password vulnerabilities.

Windows System Information MSINFO32.exe version 6.1.7601 suffers from an XML external entity (XXE) injection vulnerability that allows for file exfiltration.