:: Deepquest ::

This report describes a vulnerability chain that enables a malicious user to compromise another user over Zoom chat. User interaction is not required for a successful attack. The only ability an attacker needs is to be able to send messages to the victim over Zoom chat over XMPP protocol. Initial vulnerability (labeled XMPP Stanza Smuggling) […]

CLink Office version 2.0 anti-spam management console suffers from a remote SQL injection vulnerability.

Online Fire Reporting System version 1.0 suffers from a remote SQL injection vulnerability.

Online Fire Reporting System version 1.0 suffers from a remote SQL injection vulnerability.

qdPM 9.1 – Remote Code Execution (RCE) (Authenticated) (v2)

OpenCart Newsletter module version 3.0.2.0 suffers from a remote blind SQL injection vulnerability.

Blockchain AltExchanger version 1.2.1 suffers from multiple remote SQL injection vulnerabilities.

Blockchain FiatExchanger version 2.2.1 suffers from a remote blind SQL injection vulnerability.

m1k1o’s Blog versions 1.3 and below suffer from an authenticated remote code execution vulnerability.

iTop versions prior to 2.7.5 authenticated remote command execution exploit.