:: Deepquest ::

ImpressCMS 1.4.2 – Remote Code Execution (RCE)

Message System version 1.0 suffers from a remote shell upload vulnerability.

One Church Management System version 1.0 suffers from multiple cross site scripting vulnerabilities.

Microfinance Management System version suffers from multiple remote SQL injection vulnerabilities including one that allows for authentication bypass. Original discovery of SQL injection in this version is attributed to Hejap Zairy in March of 2022.

One Church Management System version 1.0 suffers from a remote SQL injection vulnerability.

This is an exploit for FruityWifi that binds a shell to tcp port 4444 using a remote code execution vulnerability leveraged via a SOAP request.

ALLMediaServer version 1.6 suffers from a remote buffer overflow vulnerability.

Backdoor.Win32.Cyn.20 malware suffers from an insecure permissions vulnerability.

Pay Slip PDF Generator System version suffers from multiple remote SQL injection vulnerabilities that can lead to remote code execution.

Pay Slip PDF Generator System version 1.0 suffers from a remote shell upload vulnerability.