:: Deepquest ::

Reservo Image Hosting Script 1.5 – Cross-Site Scripting

Oracle E-Business Suite versions 12.1.3 and 12.2.x suffer from an open redirect vulnerability.

WordPress WP File Manager plugin version 1.9 suffers from a server-side request forgery vulnerability.

OBS Studio version 20.1.3 suffers from local buffer overflow vulnerability.

Bonza Digital Cart Script version 1 suffers from a cross site scripting vulnerability.

Adminer versions 4.3.1 and below suffer from a server-side request forgery vulnerability.

A security vulnerability was found in Kaseya VSA file download file functionality. Using this vulnerability an authenticated user in a Kaseya VSA environment is able to download arbitrary files from the server (including source code of Kaseya, the database backups, configuration files, and even windows files). Version R9.2 was found affected.

VTech DigiGo with firmware version 83.60630 fails to perform validation of TLS certificates.

ILIAS CMS versions 5.2.3 and below suffer from a cross site scripting vulnerability.

SysGauge Server version 3.6.18 suffers from a buffer overflow vulnerability.