:: Deepquest ::

Tumder version 2.1 suffers from a remote SQL injection vulnerability.

Oracle Financial Services Analytical Applications versions 7.3.5.x and 8.0.x suffer from XML external entity injection and cross site scripting vulnerabilities.

Zechat version 1.5 suffers from a remote SQL injection vulnerability.

Wchat version 1.5 suffers from a remote SQL injection vulnerability.

SugarCRM Community Edition versions 6.5.26 and below suffer from multiple remote SQL injection vulnerabilities.

This Metasploit module triggers an arbitrary shared library load vulnerability in GoAhead web server versions between 2.5 and that have the CGI module enabled.

This Metasploit module exploits an Object Injection vulnerability in Kaltura. By exploiting this vulnerability, unauthenticated users can execute arbitrary code under the context of the web server user. Kaltura makes use of a hard-coded cookie secret which allows to sign arbitrary cookie data. After passing this signature check, the base64- decoded data is passed to […]

This Metasploit module exploits a buffer overflow in Sync Breeze Enterprise 9.5.16 by using the import command option to import a specially crafted xml file.

Oracle VirtualBox versions prior to 5.1.30 and 5.2-rc1 suffer from a guest to host escape vulnerability.

MixPad version 5.00 suffers from a buffer overflow vulnerability.