11 - 2018 - :: Deepquest ::

>> [webapps] Ticketly 1.0 – Cross-Site Request Forgery (Add Admin)

USER: deepcore // 2018-11-20 // 0 CMT

Ticketly 1.0 – Cross-Site Request Forgery (Add Admin)

>> [dos] MacOS 10.13 – 'workq_kernreturn' Denial of Service (PoC)

USER: deepcore // 2018-11-20 // 0 CMT

MacOS 10.13 – ‘workq_kernreturn’ Denial of Service (PoC)

>> Microsoft BingPlaces – TrackEmailOpen (url) Open Redirect

USER: deepcore // 2018-11-19 // 0 CMT

The vulnerability laboratory core research team discovered a open redirect web vulnerability in the official Microsoft B…

>> [dos] XMPlay 3.8.3 – '.m3u' Denial of Service (PoC)

USER: deepcore // 2018-11-19 // 0 CMT

XMPlay 3.8.3 – ‘.m3u’ Denial of Service (PoC)

>> [local] HTML Video Player 1.2.5 – Buffer-Overflow (SEH)

USER: deepcore // 2018-11-19 // 0 CMT

HTML Video Player 1.2.5 – Buffer-Overflow (SEH)

>> Everus.org 1.0.9 Second Factor Redirection

USER: deepcore // 2018-11-17 // 0 CMT

The Everus.org Android application version 1.0.9 has a fundamental design flaw where the client can send a random phone number during the second factor flow with an arbitrary existing user…

>> Warranty Tracking System 11.06.3 SQL Injection

USER: deepcore // 2018-11-17 // 0 CMT

Warranty Tracking System version 11.06.3 suffers from a remote SQL injection vulnerability.

>> Helpdezk 1.1.1 Shell Upload

USER: deepcore // 2018-11-17 // 0 CMT

Helpdezk version 1.1.1 suffers from a remote shell upload vulnerability.

>> DomainMOD 4.11.01 Cross Site Scripting

USER: deepcore // 2018-11-17 // 0 CMT

DomainMOD versions 4.09.03 through 4.11.01 suffer from a cross site scripting vulnerability.

>> Mumsoft Easy Software 2.0 Denial Of Service

USER: deepcore // 2018-11-17 // 0 CMT

Mumsoft Easy Software version 2.0 suffers from a denial of service vulnerability.