:: Deepquest :: This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Month: August 2021

exploit

BSCW Server Remote Code Execution

BSCW Server versions 7.4.2 and below,...

deepcoreAug 31, 2021

Security

[webapps] WordPress Plugin ProfilePress 3.1.3 – Privilege Escalation (Unauthenticated)

WordPress Plugin ProfilePress 3.1.3 – Privilege...

deepcoreAug 31, 2021

Security

[webapps] Umbraco CMS 8.9.1 – Path traversal and Arbitrary File Write (Authenticated)

Umbraco CMS 8.9.1 – Path traversal...

deepcoreAug 31, 2021

Security

[webapps] Projectsend r1295 – 'name' Stored XSS

Projectsend r1295 – ‘name’ Stored XSS

deepcoreAug 30, 2021

Security

[webapps] Strapi 3.0.0-beta.17.7 – Remote Code Execution (RCE) (Authenticated)

Strapi 3.0.0-beta.17.7 – Remote Code Execution...

deepcoreAug 30, 2021

Security

[webapps] Strapi 3.0.0-beta – Set Password (Unauthenticated)

Strapi 3.0.0-beta – Set Password (Unauthenticated)

deepcoreAug 30, 2021

Security

[local] MySQL User-Defined (Linux) x32 / x86_64 – 'sys_exec' Local Privilege Escalation (2)

MySQL User-Defined (Linux) x32 / x86_64...

deepcoreAug 30, 2021

Security

[webapps] Usermin 1.820 – Remote Code Execution (RCE) (Authenticated)

Usermin 1.820 – Remote Code Execution...

deepcoreAug 30, 2021

Security

[webapps] Bus Pass Management System 1.0 – 'viewid' SQL Injection

Bus Pass Management System 1.0 –...

deepcoreAug 30, 2021

Security

[webapps] Strapi CMS 3.0.0-beta.17.4 – Remote Code Execution (RCE) (Unauthenticated)

Strapi CMS 3.0.0-beta.17.4 – Remote Code...

deepcoreAug 30, 2021