:: Deepquest ::

This Metasploit exploit module illustrates how a vulnerability could be exploited in a webapp.

OpenMRS is an open-source platform that supplies users with a customizable medical record system. There exists an object deserialization vulnerability in the webservices.rest module used in OpenMRS Platform. Unauthenticated remote code execution can be achieved by sending a malicious XML payload to a Rest API endpoint such as /ws/rest/v1/concept. This Metasploit module uses an XML […]

Zendesk SweetHawk Survey version 1.6 suffers from a persistent cross site scripting vulnerability.

NopCommerce version 4.2.0 suffers from a privilege escalation vulnerability.

The Xerox AltaLink C8035 Printer suffers from a cross site request forgery vulnerability.

Tautulli version 2.1.9 suffers from a cross site request forgery vulnerability.

Serv-U FTP Server version 15.1.7 suffers from a persistent cross site scripting vulnerability leveraging the Email parameter.

Netgear R6400 suffers from a remote code execution vulnerability.

Telerik UI – Remote Code Execution via Insecure Deserialization

OpenMRS – Java Deserialization RCE (Metasploit)