:: Deepquest ::

B-swiss 3 Digital Signage System 3.6.5 – Cross-Site Request Forgery (Add Maintenance Admin)

Anchor CMS 0.12.7 – Persistent Cross-Site Scripting (Authenticated)

BigTree CMS 4.4.10 – Remote Code Execution

Online Food Ordering System version 1.0 suffers from a remote code execution vulnerability.

Visitor Management System in PHP 1.0 – Persistent Cross-Site Scripting

Simple Online Food Ordering System 1.0 – ‘id’ SQL Injection (Unauthenticated)

Seat Reservation System version 1.0 suffers from an unauthenticated file upload vulnerability that allows for remote code execution.

Comodo Unified Threat Management Web Console version 2.7.0 suffers from a remote code execution vulnerability.

Flatpress Add Blog version 1.0.3 suffers from a persistent cross site scripting vulnerability.

Google’s osconfig agent was vulnerable to local privilege escalation due to relying on a predictable path inside the /tmp directory. An unprivileged malicious process could abuse this flaw to win a race condition and take over the files managed by the high privileged agent process and thus execute arbitrary commands as the root user (full […]