:: Deepquest ::

MeteoTemplate version 17.1 with Nectarine globalSnow plugin version 1.1 suffers from an open redirection vulnerability.

Meteotemplate version 17.1 with Nectarine indoorData plugin version 4.0 suffers from an open redirection vulnerability.

TeamCity versions prior to 9.0.2 disable registration bypass exploit.

DirectAdmin version 1.55 suffers from a cross site request forgery vulnerability.

McAfee ePO version 5.9.1 suffers from a local access bypass vulnerability.

Sony PlayStation 4 (PS4) versions prior to 6.20 webkit code execution proof of concept exploit.

Whitepaper discussing Flexpaper versions 2.3.6 and below which suffer from a remote code execution vulnerability.

This Metasploit module allows the execution of remote commands on the server by creating a malicious JSP file. Module has been tested successfully with OpenKM DM between 6.3.2 and 6.3.7 on Debian 4.9.18-1kali1 system. There is also the possibility of working in lower versions.

NetSetMan version 4.7.1 SEH unicode local buffer overflow exploit.

PRTG Network Monitor version 18.2.38 authenticated remote code execution exploit.