:: Deepquest ::

Cmsimple 5.4 – Remote Code Execution (RCE) (Authenticated)

Cyber Cafe Management System Project (CCMS) 1.0 – SQL Injection Authentication Bypass

WordPress Plugin JS Jobs Manager 1.1.7 – Unauthenticated Plugin Install/Activation

Pet Shop Management System version 1.0 suffers from a remote shell upload vulnerability.

WordPress TranslatePress plugin version 2.0.8 suffers from a persistent cross site scripting vulnerability.

WordPress Contact Form plugin version 1.7.14 suffers from a cross site scripting vulnerability.

WordPress Popup plugin version 1.10.4 suffers from a cross site scripting vulnerability.

Apache James Server version 2.3.2 remote command execution exploit.

WordPress Ultimate Maps plugin version 1.2.4 suffers from a cross site scripting vulnerability.

The application interface FatPipe Networks WARP/IPVPN/MPVPN version 10.2.2 allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.