10 - 2018 - :: Deepquest ::

[SECURITY]

>> [webapps] AlchemyCMS 4.1 – Cross-Site Scripting

USER: deepcore // 2018-10-15 // 0 CMT

AlchemyCMS 4.1 – Cross-Site Scripting

[SECURITY]

>> [webapps] Advanced HRM 1.6 – Remote Code Execution

USER: deepcore // 2018-10-15 // 0 CMT

Advanced HRM 1.6 – Remote Code Execution

[SECURITY]

>> [webapps] FLIR AX8 Thermal Camera 1.32.16 – RTSP Stream Disclosure

USER: deepcore // 2018-10-15 // 0 CMT

FLIR AX8 Thermal Camera 1.32.16 – RTSP Stream Disclosure

[SECURITY]

>> [webapps] MaxOn ERP Software 8.x-9.x – 'nomor' SQL Injection

USER: deepcore // 2018-10-15 // 0 CMT

MaxOn ERP Software 8.x-9.x – ‘nomor’ SQL Injection

[SECURITY]

>> [webapps] FLIR Brickstream 3D+ 2.1.742.1842 – Config File Disclosure

USER: deepcore // 2018-10-15 // 0 CMT

FLIR Brickstream 3D+ 2.1.742.1842 – Config File Disclosure

[SECURITY]

>> [webapps] FLIR AX8 Thermal Camera 1.32.16 – Arbitrary File Disclosure

USER: deepcore // 2018-10-15 // 0 CMT

FLIR AX8 Thermal Camera 1.32.16 – Arbitrary File Disclosure

[SECURITY]

>> [webapps] Academic Timetable Final Build 7.0a-7.0b – 'id' SQL Injection

USER: deepcore // 2018-10-15 // 0 CMT

Academic Timetable Final Build 7.0a-7.0b – ‘id’ SQL Injection

[EXPLOIT]

>> HaPe PKH 1.1 SQL Injection

USER: deepcore // 2018-10-13 // 0 CMT

HaPe PKH version 1.1 suffers from a remote SQL injection vulnerability.

[EXPLOIT]

>> Cockpit CMS CSRF / XSS / Path Traversal

USER: deepcore // 2018-10-13 // 0 CMT

Cockpit CMS suffers from cross site request forgery, cross site scripting, and traversal vulnerabilities. Version 0.6.2 should address these issues.

[EXPLOIT]

>> Phoenix Contact WebVisit 2985725 Authentication Bypass

USER: deepcore // 2018-10-13 // 0 CMT

Phoenix Contact WebVisit 2985725 suffers from an authentication bypass vulnerability.

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: