5 - 2021 - :: Deepquest ::

>> Microsoft ACL Shortcomings

USER: deepcore // 2021-05-19 // 0 CMT

The way Microsoft Windows implements file security appears to have some significant shortcomings.

>> rxvt 2.7.0 / rxvt-unicode 9.22 Code Execution

USER: deepcore // 2021-05-19 // 0 CMT

rxvt version 2.7.0 and rxvt-unicode version 9.22 incorrectly handles ANSI escape sequences allowing for arbitrary code execution.

>> rxvt 2.7.0 / rxvt-unicode 9.22 Code Execution

USER: deepcore // 2021-05-19 // 0 CMT

rxvt version 2.7.0 and rxvt-unicode version 9.22 incorrectly handles ANSI escape sequences allowing for arbitrary code execution.

>> [webapps] ManageEngine ADSelfService Plus 6.1 – CSV Injection

USER: deepcore // 2021-05-19 // 0 CMT

ManageEngine ADSelfService Plus 6.1 – CSV Injection

>> [webapps] In4Suit ERP 3.2.74.1370 – 'txtLoginId' SQL injection

USER: deepcore // 2021-05-19 // 0 CMT

In4Suit ERP 3.2.74.1370 – ‘txtLoginId’ SQL injection

>> [dos] WebSSH for iOS 14.16.10 – 'mashREPL' Denial of Service (PoC)

USER: deepcore // 2021-05-19 // 0 CMT

WebSSH for iOS 14.16.10 – ‘mashREPL’ Denial of Service (PoC)

>> [local] Visual Studio Code 1.47.1 – Denial of Service (PoC)

USER: deepcore // 2021-05-19 // 0 CMT

Visual Studio Code 1.47.1 – Denial of Service (PoC)

>> [webapps] WordPress Plugin Stop Spammers 2021.8 – 'log' Reflected Cross-site Scripting (XSS)

USER: deepcore // 2021-05-19 // 0 CMT

WordPress Plugin Stop Spammers 2021.8 – ‘log’ Reflected Cross-site Scripting (XSS)

>> Customer Relationship Management System 1.0 Cross Site Scripting

USER: deepcore // 2021-05-18 // 0 CMT

Customer Relationship Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Original discovery of persistent cross site scripting in this version is attributed to Richard Jones in…

>> Backdoor.Win32.Delf.abb Insecure Transit

USER: deepcore // 2021-05-18 // 0 CMT

Backdoor.Win32.Delf.abb malware suffers from insecure transit issues.