:: Deepquest ::

WordPress WP Google Map plugin versions 4.0.4 and below suffer from remote SQL injection vulnerabilities.

Canon PrintMe EFI suffers from a cross site scripting vulnerability.

Canon LBP7110Cw suffers from an authentication bypass vulnerability.

Canon LBP6030w suffers from an authentication bypass vulnerability.

WordPress Redirection plugin version 2.7.3 suffers from a remote file inclusion vulnerability.

WordPress Tooltipy plugin version 5.0 suffers from a cross site scripting vulnerability.

WordPress Tooltipy plugin version 5.0 suffers from a cross site request forgery vulnerability.

This Metasploit module exploits the DynoRoot vulnerability, a flaw in how the NetworkManager integration script included in the DHCP client in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier processes DHCP options. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw […]

This Metasploit module attempts to gain root privileges on Linux systems by abusing a vulnerability in GNU C Library (glibc) version 2.26 and prior. This Metasploit module uses halfdog’s RationalLove exploit to exploit a buffer underflow in glibc realpath() and create a SUID root shell. The exploit has offsets for glibc versions 2.23-0ubuntu9 and 2.24-11+deb9u1. […]

glibc – ‘realpath()’ Privilege Escalation (Metasploit)