10 - 2020 - :: Deepquest ::

>> [webapps] Lot Reservation Management System 1.0 – Cross-Site Scripting (Stored)

USER: deepcore // 2020-10-23 // 0 CMT

Lot Reservation Management System 1.0 – Cross-Site Scripting (Stored)

>> [webapps] Gym Management System 1.0 – 'id' SQL Injection

USER: deepcore // 2020-10-23 // 0 CMT

Gym Management System 1.0 – ‘id’ SQL Injection

>> [webapps] Lot Reservation Management System 1.0 – Authentication Bypass

USER: deepcore // 2020-10-23 // 0 CMT

Lot Reservation Management System 1.0 – Authentication Bypass

>> Hrsale 2.0.0 Local File Inclusion

USER: deepcore // 2020-10-22 // 0 CMT

Hrsale version 2.0.0 suffers from a local file inclusion vulnerability.

>> School Faculty Scheduling System 1.0 Cross Site Scripting

USER: deepcore // 2020-10-22 // 0 CMT

School Faculty Scheduling System version 1.0 suffers from a persistent cross site scripting vulnerability.

>> School Faculty Scheduling System 1.0 SQL Injection

USER: deepcore // 2020-10-22 // 0 CMT

School Faculty Scheduling System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

>> GOautodial 4.0 Shell Upload

USER: deepcore // 2020-10-22 // 0 CMT

GOautodial version 4.0 suffers from a remote shell upload vulnerability.

>> Libtaxii 1.1.117 / OpenTaxi 0.2.0 Server-Side Request Forgery

USER: deepcore // 2020-10-22 // 0 CMT

Libtaxii versions 1.1.117 and below and OpenTaxi versions 0.2.0 and below suffer from a server-side request forgery vulnerability.

>> Tiki Wiki CMS Groupware 21.1 Authentication Bypass

USER: deepcore // 2020-10-22 // 0 CMT

Tiki Wiki CMS Groupware version 21.1 suffers from an authentication bypass vulnerability.

>> Bludit 3.9.2 Bruteforce Mitigation Bypass

USER: deepcore // 2020-10-22 // 0 CMT

Bludit versions 3.9.2 and below bruteforce mitigation bypass exploit. Please visit the related homepage for deep dive details on usage.