9 - 2022 - :: Deepquest ::

[SECURITY]

>> [webapps] WordPress Plugin Testimonial Slider and Showcase 2.2.6 – Stored Cross-Site Scripting (XSS)

USER: deepcore // 2022-09-02 // 0 CMT

WordPress Plugin Testimonial Slider and Showcase 2.2.6 – Stored Cross-Site Scripting (XSS)

[SECURITY]

>> [webapps] Sophos XG115w Firewall 17.0.10 MR-10 – Authentication Bypass

USER: deepcore // 2022-09-02 // 0 CMT

Sophos XG115w Firewall 17.0.10 MR-10 – Authentication Bypass

[EXPLOIT]

>> WordPress Core Cross Site Scripting / SQL Injection

USER: deepcore // 2022-09-01 // 0 CMT

The WordPress Core version 6.0.2 release addresses cross site scripting and remote SQL injection vulnerabilities.

[EXPLOIT]

>> Zyxel Firewall SUID Binary Privilege Escalation

USER: deepcore // 2022-09-01 // 0 CMT

This Metasploit module exploits CVE-2022-30526, a local privilege escalation vulnerability that allows a low privileged user (e.g. nobody) escalate to root. The issue stems from a suid binary that allows…

[EXPLOIT]

>> Packet Storm New Exploits For August, 2022

USER: deepcore // 2022-09-01 // 0 CMT

This archive contains all of the 79 exploits added to Packet Storm in August, 2022.

>> [webapps] WordPress Plugin Testimonial Slider and Showcase 2.2.6 – Stored Cross-Site Scripting (XSS)

Share this:

>> [webapps] Sophos XG115w Firewall 17.0.10 MR-10 – Authentication Bypass

Share this:

>> WordPress Core Cross Site Scripting / SQL Injection

Share this:

>> Zyxel Firewall SUID Binary Privilege Escalation

Share this:

>> Packet Storm New Exploits For August, 2022

Share this: