2 - 2022 - :: Deepquest ::

>> Shopmetrics Mystery Shopping Software Broken Access Control / XSS

USER: deepcore // 2022-02-05 // 0 CMT

Shopmetrics Mystery Shopping Software SaaS platform versions before v21-11 suffer from broken access control and cross site scripting vulnerabilities.

[EXPLOIT]

>> Feberr 12.7 Shell Upload

USER: deepcore // 2022-02-04 // 0 CMT

Feberr version 12.7 suffers from a remote shell upload vulnerability.

[EXPLOIT]

>> Vivellio 1.2.1 User Account Enumeration

USER: deepcore // 2022-02-04 // 0 CMT

Vivellio version 1.2.1 suffers from a user account enumeration vulnerability.

[SECURITY]

>> [webapps] Servisnet Tessa – Add sysAdmin User (Unauthenticated) (Metasploit)

USER: deepcore // 2022-02-04 // 0 CMT

Servisnet Tessa – Add sysAdmin User (Unauthenticated) (Metasploit)

[SECURITY]

>> [webapps] Servisnet Tessa – Privilege Escalation (Metasploit)

USER: deepcore // 2022-02-04 // 0 CMT

Servisnet Tessa – Privilege Escalation (Metasploit)

[SECURITY]

>> [webapps] WordPress Plugin IP2Location Country Blocker 2.26.7 – Stored Cross Site Scripting (XSS) (Authenticated)

USER: deepcore // 2022-02-04 // 0 CMT

WordPress Plugin IP2Location Country Blocker 2.26.7 – Stored Cross Site Scripting (XSS) (Authenticated)

[SECURITY]

>> [local] FLAME II MODEM USB – Unquoted Service Path

USER: deepcore // 2022-02-04 // 0 CMT

FLAME II MODEM USB – Unquoted Service Path

[SECURITY]

>> [webapps] WBCE CMS 1.5.2 – Remote Code Execution (RCE) (Authenticated)

USER: deepcore // 2022-02-04 // 0 CMT

WBCE CMS 1.5.2 – Remote Code Execution (RCE) (Authenticated)

[SECURITY]

>> [webapps] Servisnet Tessa – MQTT Credentials Dump (Unauthenticated) (Metasploit)

USER: deepcore // 2022-02-04 // 0 CMT

Servisnet Tessa – MQTT Credentials Dump (Unauthenticated) (Metasploit)

[EXPLOIT]

>> CONTPAQi AdminPAQ 14.0.0 Unquoted Service Path

USER: deepcore // 2022-02-03 // 0 CMT

CONTPAQi AdminPAQ version 14.0.0 suffers from an unquoted service path vulnerability.

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: