:: Deepquest ::

ForensiTAppxService 2.2.0.4 – ‘ForensiTAppxService.exe’ Unquoted Service Path

BlackCat CMS 1.3.6 – Cross-Site Request Forgery

Online Shop Project 1.0 – ‘p’ SQL Injection

http://www.wanghos.go.th notified by AlterExploit

D-Link DGS-1210-28 suffers from a denial of service vulnerability.

SpamTitan version 7.07 suffers from an authenticated remote code execution vulnerability.

Mantis Bug Tracker version 2.3.0 suffers from a remote code execution vulnerability.

The Navy Federal site at navyfederal.org suffered from a cross site scripting vulnerability.

TP-Link cloud cameras NCXXX series (NC200, NC210, NC220, NC230, NC250, NC260, NC450) are vulnerable to an authenticated command injection vulnerability. In all devices except NC210, despite a check on the name length in swSystemSetProductAliasCheck, no other checks are in place in order to prevent shell metacharacters from being introduced. The system name would then be […]

Apple Security Advisory 2020-09-16-1 – iOS 14.0 and iPadOS 14.0 are now available and address code execution, cross site scripting, out of bounds read, and out of bounds write vulnerabilities.