2021 July

WordPress SP Project And Document Manager 4.21 Shell Upload

Posted by deepcore under exploit (No Respond)

WordPress SP Project and Document Manager plugin version 4.21 suffers from a remote shell upload vulnerability.

Employee Record Management System 1.2 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Employee Record Management System version 1.2 suffers from a persistent cross site scripting vulnerability.

Online Covid Vaccination Scheduler System 1.0 Shell Upload

Posted by deepcore under exploit (No Respond)

Online Covid Vaccination Scheduler System version 1.0 suffers from a remote shell upload vulnerability.

MpEngine ASProtect Embedded Runtime DLL Memory Corruption

Posted by deepcore under exploit (No Respond)

ASProtect embeds a runtime DLL that is susceptible to memory corruption. Crash testcase provided.

Wyomind Help Desk 1.3.6 XSS / Traversal / Shell Upload

Posted by deepcore under exploit (No Respond)

Wyomind Help Desk version 1.3.6 suffers from remote shell upload, cross site scripting, and directory traversal vulnerabilities.

[webapps] Zoo Management System 1.0 – 'Multiple' Stored Cross-Site-Scripting (XSS)

Posted by deepcore under Security (No Respond)

Zoo Management System 1.0 – ‘Multiple’ Stored Cross-Site-Scripting (XSS)

Tags: 0day, remote exploit

[webapps] Church Management System 1.0 – SQL Injection (Authentication Bypass) + Arbitrary File Upload + RCE

Posted by deepcore under Security (No Respond)

Church Management System 1.0 – SQL Injection (Authentication Bypass) + Arbitrary File Upload + RCE

Tags: 0day, remote exploit

Online Covid Vaccination Scheduler System 1.0 SQL Injection

Posted by deepcore under exploit (No Respond)

Online Covid Vaccination Scheduler System version 1.0 suffers from a remote time-based blind SQL injection vulnerability.

Docker Dashboard Remote Command Execution

Posted by deepcore under exploit (No Respond)

Docker Dashboard suffers from a remote command execution vulnerability. The fix is added in commit 79cdc41.

Rocket.Chat 3.12.1 NoSQL Injection / Code Execution

Posted by deepcore under exploit (No Respond)

Rocket.Chat 3.12.1 unauthenticated NoSQL injection to remote code execution exploit.

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

WordPress SP Project And Document Manager 4.21 Shell Upload

Employee Record Management System 1.2 Cross Site Scripting

Online Covid Vaccination Scheduler System 1.0 Shell Upload

MpEngine ASProtect Embedded Runtime DLL Memory Corruption

Wyomind Help Desk 1.3.6 XSS / Traversal / Shell Upload

[webapps] Zoo Management System 1.0 – 'Multiple' Stored Cross-Site-Scripting (XSS)

[webapps] Church Management System 1.0 – SQL Injection (Authentication Bypass) + Arbitrary File Upload + RCE

Online Covid Vaccination Scheduler System 1.0 SQL Injection

Docker Dashboard Remote Command Execution

Rocket.Chat 3.12.1 NoSQL Injection / Code Execution

Tabs Switcher

Categories

Archives

Meta

BLOGROLL

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Tabs Switcher

Categories

Archives

Meta

BLOGROLL