:: Deepquest ::

Joomla Ad Agency component version 6.0.9 suffers from a remote SQL injection vulnerability.

This Metasploit module exploits a vulnerability in VMware Workstation Pro and Player on Linux which allows users to escalate their privileges by using an ALSA configuration file to load and execute a shared object as root when launching a virtual machine with an attached sound card. This Metasploit module has been tested successfully on VMware […]

This Metasploit module exploits a stack-based buffer overflow vulnerability against Ayukov NFTPD FTP Client 2.0 and earlier. By responding with a long string of data for the SYST request, it is possible to cause a denial-of-service condition on the FTP client, or arbitrary remote code execution under the context of the user if successfully exploited.

Atmail version 7.1.1 PRO suffers from a cross site scripting vulnerability.

Boost My Campaign version 1.1 suffers from multiple information disclosure vulnerabilities.

Kingsoft Antivirus / Internet Security version 9+ suffers from privilege escalation vulnerability.

This Metasploit module exploits a command injection vulnerability in Xplico. Unauthenticated users can register a new account and then execute a terminal command under the context of the root user.

The Linksys WVBR0-25 Wireless Video Bridge, used by DirecTV to connect wireless Genie cable boxes to the Genie DVR, is vulnerable to OS command injection in versions prior to 1.0.41 of the web management portal via the User-Agent header. Authentication is not required to exploit this vulnerability.

Iopsys router suffers from a dhcp related remote code execution vulnerability.

Spectre information disclosure proof of concept exploit that affects multiple CPUs.