:: Deepquest ::

Backdoor.Win32.NerTe.781 malware suffers from bypass and code execution vulnerabilities.

Visual Tools DVR VX16 version 4.2.28.0 suffers from a command injection vulnerability.

perfexcrm version 1.10 suffers from a persistent cross site scripting vulnerability.

Proof of concept exploit for a path traversal vulnerability in Pallets Werkzeug version 0.15.4.

WordPress Anti-Malware Security and Bruteforce Firewall plugin version 4.20.59 suffers from a directory traversal vulnerability.

Phone Shop Sales Managements System version 1.0 shell upload exploit. This is a variant of the original discovery made in this version of the software by Richard Jones in April of 2021.

Phone Shop Sales Managements System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Billing System Project version 1.0 suffers from a remote shell upload vulnerability.

Exam Hall Management System version 1.0 suffers from an unauthenticated remote shell upload vulnerability.

This Metasploit module allows an attacker with an unprivileged windows account to gain admin access on windows system and start a shell. For this module to work, both the NSClient++ web interface and ExternalScripts features must be enabled. You must also know where the NSClient config file is, as it is used to read the […]