:: Deepquest ::

CMSimple 5.2 – ‘External’ Stored XSS

Insufficient data validation in V8 in Google Chrome versions prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

An out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Trojan-Downloader.Win32.FraudLoad.xevn malware suffers from an insecure permissions vulnerability.

Mini Mouse version 9.3.0 suffers from local file inclusion and path traversal vulnerabilities.

Pulse Secure Pulse Connect Secure versions 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure versions 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1 have an administrative web interface that allows an authenticated attacker to inject and execute commands.

smtp_mailaddr in smtp_session.c in OpenSMTPD version 6.6, as used in OpenBSD version 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the “uncommented” default configuration. The issue exists because of an incorrect return value […]

Ignition versions prior to 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel versions prior to 8.4.2.

This Metasploit module exploits a Java deserialization vulnerability in Apache OFBiz’s unauthenticated SOAP endpoint /webtools/control/SOAPService for versions prior to 17.12.06.

Atlassian Jira Service Desk 4.9.1 – Unrestricted File Upload to XSS