:: Deepquest ::

SAP J2EE Engine/7.01/Fiori suffers from a cross site scripting vulnerability in /ctcprotocol/Protocol.

MarcomCentral FusionPro VDP Creator versions prior to 10.0 suffer from a directory traversal vulnerability.

Fiberhome AN5506-04-F RP2669 suffers from a persistent cross site scripting vulnerability.

elFinder versions 2.1.47 and below suffer from a command injection vulnerability in the PHP connector.

This Metasploit module exploits a file upload vulnerability Booked 2.7.5. In the “Look and Feel” section of the management panel, you can modify the Logo-Favico-CSS files. Upload sections has file extension control except favicon part. You can upload the file with the extension you want through the Favicon field. The file you upload is written […]

Raisecom XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 remote code execution proof of concept exploit.

Splunk Enterprise version 7.2.4 custom application remote code execution exploit using a persistent backdoor with a custom binary payload.

Linux/x86 – XOR Encoder / Decoder execve() /bin/sh Shellcode (45 bytes)

Linux/x86 – XOR Encoder / Decoder execve() /bin/sh Shellcode (45 bytes)

OpenDocMan 1.3.4 – ‘search.php where’ SQL Injection