2021 September

FatPipe Networks WARP 10.2.2 Authorization Bypass

Posted by deepcore under exploit (No Respond)

FatPipe Networks WARP version 10.2.2 suffers from an authorization bypass vulnerability.

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Configuration Disclosure

Posted by deepcore under exploit (No Respond)

FatPipe Networks WARP/IPVPN/MPVPN version 10.2.2 is vulnerable to an unauthenticated configuration disclosure when a direct object reference is made to the backup archive file using an HTTP GET request.

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Backdoor Account

Posted by deepcore under exploit (No Respond)

FatPipe Networks WARP/IPVPN/MPVPN version 10.2.2 has the hidden administrative account cmuser that has no password and has write access permissions to the device. The user cmuser is not visible in the Users menu list of the application.

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Privilege Escalation

Posted by deepcore under exploit (No Respond)

FatPipe Networks WARP/IPVPN/MPVPN version 10.2.2 suffers from a remote privilege escalation vulnerability.

[webapps] Pet Shop Management System 1.0 – Remote Code Execution (RCE) (Unauthenticated)

Posted by deepcore under Security (No Respond)

Pet Shop Management System 1.0 – Remote Code Execution (RCE) (Unauthenticated)

Tags: 0day, remote exploit

[remote] Mitrastar GPT-2541GNAC-N1 – Privilege escalation

Posted by deepcore under Security (No Respond)

Mitrastar GPT-2541GNAC-N1 – Privilege escalation

Tags: 0day, remote exploit

[webapps] WordPress Plugin Redirect 404 to Parent 1.3.0 – Reflected Cross-Site Scripting (XSS)

Posted by deepcore under Security (No Respond)

WordPress Plugin Redirect 404 to Parent 1.3.0 – Reflected Cross-Site Scripting (XSS)

Tags: 0day, remote exploit

[webapps] WordPress Plugin Select All Categories and Taxonomies 1.3.1 – Reflected Cross-Site Scripting (XSS)

Posted by deepcore under Security (No Respond)

WordPress Plugin Select All Categories and Taxonomies 1.3.1 – Reflected Cross-Site Scripting (XSS)

Tags: 0day, remote exploit

[webapps] OpenSIS 8.0 – 'cp_id_miss_attn' Reflected Cross-Site Scripting (XSS)

Posted by deepcore under Security (No Respond)

OpenSIS 8.0 – ‘cp_id_miss_attn’ Reflected Cross-Site Scripting (XSS)

Tags: 0day, remote exploit

[webapps] Storage Unit Rental Management System 1.0 – Remote Code Execution (RCE) (Unauthenticated)

Posted by deepcore under Security (No Respond)

Storage Unit Rental Management System 1.0 – Remote Code Execution (RCE) (Unauthenticated)

Tags: 0day, remote exploit

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

FatPipe Networks WARP 10.2.2 Authorization Bypass

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Configuration Disclosure

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Backdoor Account

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Privilege Escalation

[webapps] Pet Shop Management System 1.0 – Remote Code Execution (RCE) (Unauthenticated)

[remote] Mitrastar GPT-2541GNAC-N1 – Privilege escalation

[webapps] WordPress Plugin Redirect 404 to Parent 1.3.0 – Reflected Cross-Site Scripting (XSS)

[webapps] WordPress Plugin Select All Categories and Taxonomies 1.3.1 – Reflected Cross-Site Scripting (XSS)

[webapps] OpenSIS 8.0 – 'cp_id_miss_attn' Reflected Cross-Site Scripting (XSS)

[webapps] Storage Unit Rental Management System 1.0 – Remote Code Execution (RCE) (Unauthenticated)

Tabs Switcher

Categories

Archives

Meta

BLOGROLL