:: Deepquest ::

PageResponse FB Inboxer Add-on 1.2 – ‘search_field’ SQL Injection

SecureSphere 12.0.0.50 – SealMode Shell Escape (Metasploit)

Sun Solaris 11.3 AVS – Local Kernel root Exploit

Universal Media Server 7.1.0 – SSDP Processing XML External Entity Injection

Imperva SecureSphere 11.5 / 12.0 / 13.0 – Privilege Escalation

TI Online Examination System v2 – Arbitrary File Download

Vtiger version 6.3.0 CRM’s administration interface allows for the upload of a company logo. Instead of uploading an image, an attacker may choose to upload a file containing PHP code and run this code by accessing the resulting PHP file. This Metasploit module was tested against vTiger CRM version 6.3.0.

This Metasploit module exploits a vulnerability in SonicWall Global Management System Virtual Appliance versions 8.1 (Build 8110.1197) and below. This virtual appliance can be downloaded from http://www.sonicwall.com/products/sonicwall-gms/ and is used ‘in a holistic way to manage your entire network security environment.’ These vulnerable versions (8.1 Build 8110.1197 and below) do not prevent unauthenticated, external entities […]

This Metasploit module exploits a SQL injection and command injection vulnerability in MicroFocus Secure Messaging Gateway. An unauthenticated user can execute a terminal command under the context of the web user. One of the user supplied parameters of API endpoint is used by the application without input validation and/or parameter binding, which leads to SQL […]

[Hebrew] Digital Whisper Security Magazine #97