2023 January

Chrome JSNativeContextSpecialization::BuildElementAccess Bypass

Posted by deepcore under exploit (No Respond)

Chrome suffers from a copy-on-write check bypass in JSNativeContextSpecialization::BuildElementAccess.

Jettweb Ready Rent A Car Script 4 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Jettweb Ready Rent A Car Script version 4 suffers from a cross site scripting vulnerability.

Ivanti Cloud Services Appliance (CSA) Command Injection

Posted by deepcore under exploit (No Respond)

This Metasploit module exploits a command injection vulnerability in the Ivanti Cloud Services Appliance (CSA) for Ivanti Endpoint Manager. A cookie based code injection vulnerability in the Cloud Services Appliance before 4.6.0-512 allows an unauthenticated user to execute arbitrary code with limited permissions. Successful exploitation results in command execution as the nobody user.

Yuvan Education CRM 3.0 SQL Injection

Posted by deepcore under exploit (No Respond)

Yuvan Education CRM version 3.0 suffers from a remote SQL injection vulnerability.

Infokart 1.1 SQL Injection

Posted by deepcore under exploit (No Respond)

Infokart version 1.1 suffers from a remote SQL Injection vulnerability.

Global Infotech CMS 1.0 SQL Injection

Posted by deepcore under exploit (No Respond)

Global Infotech CMS version 1.0 suffers from multiple remote SQL injection vulnerabilities.

Infobool 3.0 SQL Injection

Posted by deepcore under exploit (No Respond)

Infobool version 3.0 suffers from a remote SQL Injection vulnerability.

KesionCMS X 1.5.160902 Insecure Settings

Posted by deepcore under exploit (No Respond)

KesionCMS X version 1.5.160902 appears to leave a default administrative account in place post installation.

Inlislite 3.2 Insecure Settings

Posted by deepcore under exploit (No Respond)

Inlislite version 3.2 appears to leave a default administrative account in place post installation.

Incrementer CMS 0.1 Insecure Settings

Posted by deepcore under exploit (No Respond)

Incrementer CMS version 0.1 appears to leave a default administrative account in place post installation.

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Chrome JSNativeContextSpecialization::BuildElementAccess Bypass

Jettweb Ready Rent A Car Script 4 Cross Site Scripting

Ivanti Cloud Services Appliance (CSA) Command Injection

Yuvan Education CRM 3.0 SQL Injection

Infokart 1.1 SQL Injection

Global Infotech CMS 1.0 SQL Injection

Infobool 3.0 SQL Injection

KesionCMS X 1.5.160902 Insecure Settings

Inlislite 3.2 Insecure Settings

Incrementer CMS 0.1 Insecure Settings

Tabs Switcher

Categories

Archives

Meta

BLOGROLL