:: Deepquest ::

CMS Made Simple version 2.2.5 suffers from a remote code execution vulnerability.

Online Trade version 1 suffers from an information leakage vulnerability.

ShopNx suffers from an arbitrary file upload vulnerability.

ADB broadband gateways and routers suffer from a local root jailbreak vulnerability via a network file sharing flaw. Versions affected include ADB P.RG AV4202N, DV2210, VV2220, and VV5522.

Depending on the firmware version/feature-set of the ISP deploying the ADB device, a standard user account may not have all settings enabled within the web GUI. An authenticated attacker is able to bypass those restrictions by adding a second slash in front of the forbidden entry of the path in the URL. It is possible […]

An attacker with standard / low access rights within the web GUI is able to gain access to the CLI (if it has been previously disabled by the configuration) and escalate his privileges. Depending on the CLI features it is possible to extract the whole configuration and manipulate settings or gain access to debug features […]

Intel Processor Diagnostic Tool (IPDT) versions prior to 4.1.0.27 suffer from three code execution and privilege escalation vulnerabilities.

SoftExpert Excellence Suite version 2.0 suffers from a remote SQL injection vulnerability.

…

http://plalo.go.th/m-1.html notified by moncet