2021 February

Comment System 1.0 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Comment System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

Backdoor.Win32.Bionet.10 Anonymous Login

Posted by deepcore under exploit (No Respond)

Backdoor.Win32.Bionet.10 malware has an ftp service that allows for anonymous login.

Beauty Parlour Management System 1.0 SQL Injection

Posted by deepcore under exploit (No Respond)

Beauty Parlour Management System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to Prof. Kailas Patil in June of 2020.

Beauty Parlour Management System 1.0 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Beauty Parlour Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

Online Exam System With Timer 1.0 SQL Injection

Posted by deepcore under exploit (No Respond)

Online Exam System With Timer version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

dataSIMS Avionics ARINC 664-1 4.5.3 Buffer Overflow

Posted by deepcore under exploit (No Respond)

dataSIMS Avionics ARINC 664-1 version 4.5.3 suffers from a local buffer overflow vulnerability.

Firejail TOCTOU Race Condition

Posted by deepcore under exploit (No Respond)

This program demonstrates a time-of-check-time-of-use TOCTOU vulnerability in Firejail. Winning it causes Firejail to create an insecure overlayfs layout, that is then used to escalate privileges by making /etc/ld.so.preload user writable.

Gitea 1.12.5 Remote Code Execution

Posted by deepcore under exploit (No Respond)

Gitea version 1.12.5 suffers from a remote code execution vulnerability.

Backdoor.Win32.Agent.aak Hardcoded Credentials

Posted by deepcore under exploit (No Respond)

Backdoor.Win32.Agent.aak malware suffers from a hardcoded credential vulnerability.

Backdoor.Win32.Agent.aak Code Execution / Cross Site Request Forgery

Posted by deepcore under exploit (No Respond)

Backdoor.Win32.Agent.aak malware suffers from code execution and cross site request forgery vulnerabilities.

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Comment System 1.0 Cross Site Scripting

Backdoor.Win32.Bionet.10 Anonymous Login

Beauty Parlour Management System 1.0 SQL Injection

Beauty Parlour Management System 1.0 Cross Site Scripting

Online Exam System With Timer 1.0 SQL Injection

dataSIMS Avionics ARINC 664-1 4.5.3 Buffer Overflow

Firejail TOCTOU Race Condition

Gitea 1.12.5 Remote Code Execution

Backdoor.Win32.Agent.aak Hardcoded Credentials

Backdoor.Win32.Agent.aak Code Execution / Cross Site Request Forgery

Tabs Switcher

Categories

Archives

Meta

BLOGROLL