6 - 2018 - :: Deepquest ::

>> CSV Import And Export 1.1.0 Cross Site Scripting / SQL Injection

USER: deepcore // 2018-06-01 // 0 CMT

CSV Import and Export version 1.1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

>> PHP Dashboards NEW 5.5 SQL Injection

USER: deepcore // 2018-06-01 // 0 CMT

PHP Dashboards NEW version 5.5 suffers from a remote SQL injection vulnerability.

>> New STAR 2.1 Cross Site Scripting / SQL Injection

USER: deepcore // 2018-06-01 // 0 CMT

New STAR version 2.1 suffers from cross site scripting and remote SQL injection vulnerabilities.

>> TAC Xenta 511 / 911 Credential Disclosure

USER: deepcore // 2018-06-01 // 0 CMT

TAC Xenta 511 and 911 suffer from a credential disclosure vulnerability.

>> PageKit CMS 1.0.13 Cross Site Scripting

USER: deepcore // 2018-06-01 // 0 CMT

PageKit CMS version 1.0.13 suffers from a cross site scripting vulnerability.

>> Quest DR Series Disk Backup Software 4.0.3 Code Execution

USER: deepcore // 2018-06-01 // 0 CMT

Quest DR Series Disk Backup Software version 4.0.3 suffers from multiple code execution vulnerabilities.

>> Windows UAC Protection Bypass (Via Slui File Handler Hijack)

USER: deepcore // 2018-06-01 // 0 CMT

This Metasploit module will bypass UAC on Windows 8-10 by hijacking a special key in the Registry under the Current User hive, and inserting a custom command that will get…

>> Quest KACE System Management Appliance 8.0 (Build 8.0.318) XSS / Traversal / Code Execution / SQL Injection

USER: deepcore // 2018-06-01 // 0 CMT

Quest KACE System Management Appliance version 8.0 (Build 8.0.318) suffers from code execution, cross site scripting, path traversal, remote SQL injection, and various other vulnerabilities.

>> [dos] Epiphany 3.28.2.1 – Denial of Service

USER: deepcore // 2018-06-01 // 0 CMT

Epiphany 3.28.2.1 – Denial of Service

>> [remote] Git < 2.17.1 – Remote Code Execution

USER: deepcore // 2018-06-01 // 0 CMT

Git < 2.17.1 – Remote Code Execution