:: Deepquest ::

Sonar Qube 8.3.1 – ‘SonarQube Service’ Unquoted Service Path

Simple Startup Manager 1.17 – ‘File’ Local Buffer Overflow (PoC)

Various V-SOL OLTs suffer from multiple backdoor issues, hardcoded RSA keys, potential command injection, and insecure management vulnerabilities.

Verint Impact 360 version 15.1 has an issue where the helpURL parameter in wfo/help/help_popup.jsp can be changed to embed arbitrary content inside of an iFrame. Attackers may use this in conjunction with social engineering to embed malicious scripts or phishing pages on a site where this product is installed, given the attacker can convince a […]

Verint Impact 360 version 15.1 suffers from an open redirection vulnerability.

Verint Impact 360 version 15.1 suffers from a cross site request forgery vulnerability.

BIG-IP versions 15.0.0 through 15.1.0.3, 14.1.0 through 14.1.2.5, 13.1.0 through 13.1.3.3, 12.1.0 through 12.1.5.1, and 11.6.1 through 11.6.5.1 suffer from Traffic Management User Interface (TMUI) arbitrary file read and command execution vulnerabilities. Checker CVE-2020-5902 is a scanning tool to look for vulnerable instances.

Client Management System version 1.0 suffers from a remote SQL injection vulnerability.

Teachers Record Management System version 1.0 suffers from a remote SQL injection vulnerability.

Cyber Cafe Management System from phpgurukul.com suffers from multiple remote SQL injection vulnerabilities. One allows for authentication bypass.