:: Deepquest ::

Superfood 1.0 – Multiple Vulnerabilities

Multiple Siemens SIMATIC panels suffer from cross site request forgery and cross site scripting vulnerabilities.

Cisco SA520W Security Appliance suffers from a path traversal vulnerability.

Prime95 version 29.4b8 SEH buffer overflow exploit.

Infinity Market Classified Ads Script version 1.6.2 suffers from a cross site request forgery vulnerability.

DynoRoot DHCP suffers from a client command injection vulnerability.

SAP B2B / B2C CRM versions 2.x up to 4.x suffer from a local file inclusion vulnerability.

This Metasploit module exploits an expression language injection vulnerability, along with an authentication bypass vulnerability in Hewlett Packard Enterprise Intelligent Management Center before version 7.3 E0504P04 to achieve remote code execution. The HP iMC server suffers from multiple vulnerabilities allows unauthenticated attacker to execute arbitrary Expression Language via the beanName parameter, allowing execution of arbitrary […]

Healwire Online Pharmacy version 3.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

This Metasploit module exploits a vulnerability in the rds_page_copy_user function in net/rds/page.c (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8 to execute code as root (CVE-2010-3904). This Metasploit module has been tested successfully on Fedora 13 (i686) with kernel version 2.6.33.3-85.fc13.i686.PAE and Ubuntu 10.04 (x86_64) with kernel version 2.6.32-21-generic.