1 - 2019 - :: Deepquest ::

[EXPLOIT]

>> Joomla! J-BusinessDirectory 4.9.7 SQL Injection

USER: deepcore // 2019-01-24 // 0 CMT

Joomla! J-BusinessDirectory component version 4.9.7 suffers from a remote SQL injection vulnerability.

[EXPLOIT]

>> Joomla! Easy Shop 1.2.3 Local File Inclusion

USER: deepcore // 2019-01-24 // 0 CMT

Joomla! Easy Shop component version 1.2.3 suffers from a local file inclusion vulnerability.

[EXPLOIT]

>> Microsoft Windows Contact File HTML Link Injection Remote Code Execution

USER: deepcore // 2019-01-24 // 0 CMT

Microsoft Windows has a flaw where a contact file can be leveraged with a malicious mailto: link to achieve code execution.

[EXPLOIT]

>> DNN 9.1 XML Related Cross Site Scripting

USER: deepcore // 2019-01-24 // 0 CMT

DNN version 9.1 suffers from a cross site scripting issue that can be achieved via an XML vulnerability.

[EXPLOIT]

>> Abantecart 1.2.12 Cross Site Scripting

USER: deepcore // 2019-01-24 // 0 CMT

Abantecart version 1.2.12 suffers from a cross site scripting vulnerability.

[EXPLOIT]

>> Coppermine 1.5.46 Cross Site Scripting

USER: deepcore // 2019-01-24 // 0 CMT

Coppermine version 1.5.46 suffers from multiple cross site scripting vulnerabilities.

[EXPLOIT]

>> Ghostscript Pseudo-Operator Remote Code Execution

USER: deepcore // 2019-01-24 // 0 CMT

Ghostscript has an issue with pseudo-operators that can lead to remote code execution. Version 9.26 is affected.

[EXPLOIT]

>> AddressSanitizer (ASan) SUID Executable Privilege Escalation

USER: deepcore // 2019-01-24 // 0 CMT

This Metasploit module attempts to gain root privileges on Linux systems using setuid executables compiled with AddressSanitizer (ASan). ASan configuration related environment variables are permitted when executing setuid executables built…

[APPLE]

>> Apple Security Advisory 2019-1-22-1

USER: deepcore // 2019-01-24 // 0 CMT

Apple Security Advisory 2019-1-22-1 – iOS 12.1.3 is now available and addresses buffer overflow, code execution, cross site scripting, and denial of service vulnerabilities.

[APPLE]

>> Apple Security Advisory 2019-1-22-6

USER: deepcore // 2019-01-24 // 0 CMT

Apple Security Advisory 2019-1-22-6 – iCloud for Windows 7.10 is now available and addresses code execution and cross site scripting vulnerabilities.

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: