:: Deepquest ::

CSV Import and Export version 1.1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

PHP Dashboards NEW version 5.5 suffers from a remote SQL injection vulnerability.

New STAR version 2.1 suffers from cross site scripting and remote SQL injection vulnerabilities.

TAC Xenta 511 and 911 suffer from a credential disclosure vulnerability.

PageKit CMS version 1.0.13 suffers from a cross site scripting vulnerability.

Quest DR Series Disk Backup Software version 4.0.3 suffers from multiple code execution vulnerabilities.

This Metasploit module will bypass UAC on Windows 8-10 by hijacking a special key in the Registry under the Current User hive, and inserting a custom command that will get invoked when any binary (.exe) application is launched. But slui.exe is an auto-elevated binary that is vulnerable to file handler hijacking. When we run slui.exe […]

Quest KACE System Management Appliance version 8.0 (Build 8.0.318) suffers from code execution, cross site scripting, path traversal, remote SQL injection, and various other vulnerabilities.

Epiphany 3.28.2.1 – Denial of Service

Git < 2.17.1 – Remote Code Execution