:: Deepquest ::

Online Student Admission System version 1.0 suffers from remote SQL injection and shell upload vulnerabilities.

WordPress Media-Tags plugin version 3.2.0.2 suffers from a persistent cross site scripting vulnerability.

This Metasploit module exploits an unauthenticated remote code execution vulnerability which exists in Apache version 2.4.49 (CVE-2021-41773). If files outside of the document root are not protected by ‘require all denied’ and CGI has been explicitly enabled, it can be used to execute arbitrary commands. This vulnerability has been reintroduced in the Apache 2.4.50 fix […]

FreeSWITCH versions 1.10.6 and below fails to authenticate SIP MESSAGE requests, leading to spam and message spoofing vulnerabilities.

WordPress Ninja Tables plugin version 4.1.7 suffers from a persistent cross site scripting vulnerability.

WordPress version 4.9.6 arbitrary file deletion exploit. Original discovery of this vulnerability is attributed to VulnSpy in June of 2018.

Gestionale Open version 11.00.00 suffers from a local privilege escalation vulnerability.

FreeSWITCH versions 1.10.5 and below fail to authenticate SIP SUBSCRIBE requests by default.

FreeSWITCH versions 1.10.6 and below suffer from a denial of service vulnerability when handling invalid SRTP packets.

FreeSWITCH versions 1.10.6 and below suffer from a denial of service vulnerability when handling invalid SRTP packets.