2020 October

Typesetter CMS 5.1 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Typesetter CMS version 5.1 suffers from a persistent cross site scripting vulnerability.

WebsiteBaker 2.12.2 SQL Injection

Posted by deepcore under exploit (No Respond)

WebsiteBaker version 2.12.2 suffers from an authenticated remote SQL injection vulnerability.

SpinetiX Fusion Digital Signage 3.4.8 Username Enumeration

Posted by deepcore under exploit (No Respond)

SpinetiX Fusion Digital Signage versions 3.4.8 and below suffer from a username enumeration vulnerability.

MonoCMS Blog 1.0 File Deletion / CSRF / Hardcoded Credentials

Posted by deepcore under exploit (No Respond)

MonoCMS Blog version 1.0 suffers from arbitrary file deletion, cross site request forgery, and information disclosure vulnerabilities.

SpinetiX Fusion Digital Signage 3.4.8 Cross Site Request Forgery

Posted by deepcore under exploit (No Respond)

SpinetiX Fusion Digital Signage version 3.4.8 suffers from a cross site request forgery vulnerability.

GetSimple CMS 3.3.16 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

GetSimple CMS version 3.3.16 suffers from a persistent cross site scripting vulnerability.

CMS Made Simple 2.2.14 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

CMS Made Simple version 2.2.14 suffers from a persistent cross site scripting vulnerability.

SpinetiX Fusion Digital Signage 3.4.8 Database Backup Disclosure

Posted by deepcore under exploit (No Respond)

SpinetiX Fusion Digital Signage version 3.4.8 suffers from a database backup disclosure vulnerability.

SpinetiX Fusion Digital Signage 3.4.8 Path Traversal

Posted by deepcore under exploit (No Respond)

SpinetiX Fusion Digital Signage version 3.4.8 suffers from an authenticated path traversal vulnerability. Input passed via several parameters in index.php script is not properly verified before being used to create and delete files. This can be exploited to write backup files to an arbitrary location and/or delete arbitrary files via traversal attacks.

BrightSign Digital Signage Diagnostic Web Server 8.2.26 Server-Side Request Forgery

Posted by deepcore under exploit (No Respond)

BrightSign Digital Signage Diagnostic Web Server version 8.2.26 suffers from an unauthenticated server-side request forgery vulnerability.

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Typesetter CMS 5.1 Cross Site Scripting

WebsiteBaker 2.12.2 SQL Injection

SpinetiX Fusion Digital Signage 3.4.8 Username Enumeration

MonoCMS Blog 1.0 File Deletion / CSRF / Hardcoded Credentials

SpinetiX Fusion Digital Signage 3.4.8 Cross Site Request Forgery

GetSimple CMS 3.3.16 Cross Site Scripting

CMS Made Simple 2.2.14 Cross Site Scripting

SpinetiX Fusion Digital Signage 3.4.8 Database Backup Disclosure

SpinetiX Fusion Digital Signage 3.4.8 Path Traversal

BrightSign Digital Signage Diagnostic Web Server 8.2.26 Server-Side Request Forgery

Tabs Switcher

BLOGROLL

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Tabs Switcher

BLOGROLL