:: Deepquest ::

Eco Search version 1.0.2.0 suffers from a denial of service vulnerability.

FastTube version 1.0.1.0 suffers from a denial of service vulnerability.

SCP clients have an issue where additional files can be copied over without your knowledge.

This Metasploit module exploits an arbitrary command execution vulnerability in Webmin versions 1.900 and below. Any user authorized to the “Java file manager” and “Upload and Download” fields, to execute arbitrary commands with root privileges. In addition, “Running Processes” field must be authorized to discover the directory to be uploaded. A vulnerable file can be […]

DotNetNuke Events Calendar module version 1.x suffers from a file download vulnerability.

SeoToaster Ecommerce version 3.0.0 suffers from a local file inclusion vulnerability.

phpTransformer version 2016.9 suffers from a remote SQL injection vulnerability.

phpTransformer version 2016.9 suffers from a directory traversal vulnerability.

Joomla! version 3.9.1 suffers from a persistent cross site scripting vulnerability in the global configuration textfilter settings.

Kentix MultiSensor-LAN versions 5.63.00 and below suffer from an authentication bypass vulnerability. The web based application is not using a usual session concept with a session cookie for managing authenticated user sessions. Some URLs are protected with HTTP Basic Authentication, but the user management web page can be accessed and used without any authentication.