:: Deepquest ::

Freelancy version 1.0.0 suffers from a remote code execution vulnerability.

Car Rental Project version 1.0 suffers from a remote code execution vulnerability.

Digi AnywhereUSB version 14 suffers from a cross site scripting vulnerability.

Hospital Management System version 4.0 suffers from multiple reflective cross site scripting vulnerabilities.

This Metasploit module exploits a remote code execution vulnerability in Citrix Application Delivery Controller and Gateway version 10.5.

VPN Unlimited version 6.1 suffers from an unquoted service path vulnerability.

The IBM RICOH InfoPrint 6500 printer suffers from an html injection vulnerability.

WordPress is vulnerable to denial of service by abusing XMLRPC API. The system.multicall function lets you batch other API calls. Another API function is pingback.ping, which makes WordPress make a connection out to another site. If you batch a few thousand pingback.ping requests using the multicall feature, you can exhaust a variety of different resources […]

This exploit uses the Cable Haunt vulnerability to open a shell for the Sagemcom F@ST 3890 (50_10_19-T1) cable modem. The exploit serves a website that sends a malicious websocket request to the cable modem. The request will overflow a return address in the spectrum analyzer of the cable modem and using a rop chain start […]

Redir version 3.3 suffers from a denial of service vulnerability.