2022 February

Shopmetrics Mystery Shopping Software Broken Access Control / XSS

Posted by deepcore under exploit (No Respond)

Shopmetrics Mystery Shopping Software SaaS platform versions before v21-11 suffer from broken access control and cross site scripting vulnerabilities.

Feberr 12.7 Shell Upload

Posted by deepcore under exploit (No Respond)

Feberr version 12.7 suffers from a remote shell upload vulnerability.

Vivellio 1.2.1 User Account Enumeration

Posted by deepcore under exploit (No Respond)

Vivellio version 1.2.1 suffers from a user account enumeration vulnerability.

[webapps] Servisnet Tessa – Add sysAdmin User (Unauthenticated) (Metasploit)

Posted by deepcore under Security (No Respond)

Servisnet Tessa – Add sysAdmin User (Unauthenticated) (Metasploit)

Tags: 0day, remote exploit

[webapps] Servisnet Tessa – Privilege Escalation (Metasploit)

Posted by deepcore under Security (No Respond)

Servisnet Tessa – Privilege Escalation (Metasploit)

Tags: 0day, remote exploit

[webapps] WordPress Plugin IP2Location Country Blocker 2.26.7 – Stored Cross Site Scripting (XSS) (Authenticated)

Posted by deepcore under Security (No Respond)

WordPress Plugin IP2Location Country Blocker 2.26.7 – Stored Cross Site Scripting (XSS) (Authenticated)

Tags: 0day, remote exploit

[local] FLAME II MODEM USB – Unquoted Service Path

Posted by deepcore under Security (No Respond)

FLAME II MODEM USB – Unquoted Service Path

Tags: 0day, remote exploit

[webapps] WBCE CMS 1.5.2 – Remote Code Execution (RCE) (Authenticated)

Posted by deepcore under Security (No Respond)

WBCE CMS 1.5.2 – Remote Code Execution (RCE) (Authenticated)

Tags: 0day, remote exploit

[webapps] Servisnet Tessa – MQTT Credentials Dump (Unauthenticated) (Metasploit)

Posted by deepcore under Security (No Respond)

Servisnet Tessa – MQTT Credentials Dump (Unauthenticated) (Metasploit)

Tags: 0day, remote exploit

CONTPAQi AdminPAQ 14.0.0 Unquoted Service Path

Posted by deepcore under exploit (No Respond)

CONTPAQi AdminPAQ version 14.0.0 suffers from an unquoted service path vulnerability.

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Shopmetrics Mystery Shopping Software Broken Access Control / XSS

Feberr 12.7 Shell Upload

Vivellio 1.2.1 User Account Enumeration

[webapps] Servisnet Tessa – Add sysAdmin User (Unauthenticated) (Metasploit)

[webapps] Servisnet Tessa – Privilege Escalation (Metasploit)

[webapps] WordPress Plugin IP2Location Country Blocker 2.26.7 – Stored Cross Site Scripting (XSS) (Authenticated)

[local] FLAME II MODEM USB – Unquoted Service Path

[webapps] WBCE CMS 1.5.2 – Remote Code Execution (RCE) (Authenticated)

[webapps] Servisnet Tessa – MQTT Credentials Dump (Unauthenticated) (Metasploit)

CONTPAQi AdminPAQ 14.0.0 Unquoted Service Path

Tabs Switcher

Categories

Archives

Meta

BLOGROLL

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Tabs Switcher

Categories

Archives

Meta

BLOGROLL