:: Deepquest ::

http://nbcsystem.dip.go.th/x3.html notified by Explosion Squad Cyber

WordPress version 5.3 suffers from a username enumeration vulnerability.

TexasSoft CyberPlanet version 6.4.131 suffers from a CCSrvProxy unquoted service path vulnerability.

GHIA CamIP version 1.2 for iOS suffers from a denial of service vulnerability.

Mersive Solstice version 2.8.0 suffers from a remote code execution vulnerability.

SpotAuditor version 5.3.2 Name and Key proof of concept denial of service exploits.

Online Inventory Manager version 3.2 suffers from a persistent cross site scripting vulnerability.

An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that […]

OwnCloud version 8.1.8 suffers from a username disclosure vulnerability.

WordPress Plainview Activity Monitor plugin is vulnerable to OS command injection which allows an attacker to remotely execute commands on the underlying system. Application passes unsafe user supplied data to ip parameter into activities_overview.php. Privileges are required in order to exploit this vulnerability. Vulnerable plugin version: 20161228 and possibly prior. Fixed plugin version: 20180826.