2021 November

[webapps] Quick.CMS 6.7 – Cross Site Request Forgery (CSRF) to Cross Site Scripting (XSS) (Authenticated)

Posted by deepcore under Security (No Respond)

Quick.CMS 6.7 – Cross Site Request Forgery (CSRF) to Cross Site Scripting (XSS) (Authenticated)

Tags: 0day, remote exploit

[webapps] Bludit 3.13.1 – 'username' Cross Site Scripting (XSS)

Posted by deepcore under Security (No Respond)

Bludit 3.13.1 – ‘username’ Cross Site Scripting (XSS)

Tags: 0day, remote exploit

WordPress WPSchoolPress 2.1.16 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

WordPress WPSchoolPress plugin version 2.1.16 suffers from cross site scripting vulnerabilities.

[webapps] Online Learning System 2.0 – Remote Code Execution (RCE)

Posted by deepcore under Security (No Respond)

Online Learning System 2.0 – Remote Code Execution (RCE)

Tags: 0day, remote exploit

[webapps] CMDBuild 3.3.2 – 'Multiple' Cross Site Scripting (XSS)

Posted by deepcore under Security (No Respond)

CMDBuild 3.3.2 – ‘Multiple’ Cross Site Scripting (XSS)

Tags: 0day, remote exploit

[webapps] PHP Laravel 8.70.1 – Cross Site Scripting (XSS) to Cross Site Request Forgery (CSRF)

Posted by deepcore under Security (No Respond)

PHP Laravel 8.70.1 – Cross Site Scripting (XSS) to Cross Site Request Forgery (CSRF)

Tags: 0day, remote exploit

[webapps] Fuel CMS 1.4.13 – 'col' Blind SQL Injection (Authenticated)

Posted by deepcore under Security (No Respond)

Fuel CMS 1.4.13 – ‘col’ Blind SQL Injection (Authenticated)

Tags: 0day, remote exploit

[webapps] Simple Subscription Website 1.0 – SQLi Authentication Bypass

Posted by deepcore under Security (No Respond)

Simple Subscription Website 1.0 – SQLi Authentication Bypass

Tags: 0day, remote exploit

[webapps] KONGA 0.14.9 – Privilege Escalation

Posted by deepcore under Security (No Respond)

KONGA 0.14.9 – Privilege Escalation

Tags: 0day, remote exploit

[webapps] WordPress Plugin Contact Form to Email 1.3.24 – Stored Cross Site Scripting (XSS) (Authenticated)

Posted by deepcore under Security (No Respond)

WordPress Plugin Contact Form to Email 1.3.24 – Stored Cross Site Scripting (XSS) (Authenticated)

Tags: 0day, remote exploit

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

[webapps] Quick.CMS 6.7 – Cross Site Request Forgery (CSRF) to Cross Site Scripting (XSS) (Authenticated)

[webapps] Bludit 3.13.1 – 'username' Cross Site Scripting (XSS)

WordPress WPSchoolPress 2.1.16 Cross Site Scripting

[webapps] Online Learning System 2.0 – Remote Code Execution (RCE)

[webapps] CMDBuild 3.3.2 – 'Multiple' Cross Site Scripting (XSS)

[webapps] PHP Laravel 8.70.1 – Cross Site Scripting (XSS) to Cross Site Request Forgery (CSRF)

[webapps] Fuel CMS 1.4.13 – 'col' Blind SQL Injection (Authenticated)

[webapps] Simple Subscription Website 1.0 – SQLi Authentication Bypass

[webapps] KONGA 0.14.9 – Privilege Escalation

[webapps] WordPress Plugin Contact Form to Email 1.3.24 – Stored Cross Site Scripting (XSS) (Authenticated)

Tabs Switcher

Categories

Archives

Meta

BLOGROLL