:: Deepquest ::

Bang Resto v1.0 – ‘Multiple’ SQL Injection

Microsoft Word 16.72.23040900 – Remote Code Execution (RCE)

http://division.dwr.go.th/bic/ notified by s3cbugs.com

CentOS Stream 9 has a missing kernel security fix for a tun double-free amongst other missing fixes. Included is a local root exploit to demonstrate the issue.

WordPress Weaver Xtreme theme versions 5.0.7 and below and Weaver Show Posts plugin versions 1.6 and below suffer from a persistent cross site scripting vulnerability.

This Metasploit module combines two vulnerabilities in order achieve remote code execution in the context of the horizon user. The first vulnerability, CVE-2022-22956, is an authentication bypass in OAuth2TokenResourceController ACS which allows a remote, unauthenticated attacker to bypass the authentication mechanism and execute any operation. The second vulnerability, CVE-2022-22957, is a JDBC injection remote code […]

This Metasploit module exploits a PHP code injection in SPIP. The vulnerability exists in the oubli parameter and allows an unauthenticated user to execute arbitrary commands with web user privileges. Branches 3.2, 4.0, 4.1 and 4.2 are concerned. Vulnerable versions are below 3.2.18, below 4.0.10, below 4.1.18 and below 4.2.1.

SecurePoint UTM versions 12.x suffers from a session identifier leak vulnerability via the spcgi.cgi endpoint.

SecurePoint UTM versions 12.x suffers from a memory leak vulnerability via the spcgi.cgi endpoint.

SecurePoint UTM versions 12.x suffers from a memory leak vulnerability via the spcgi.cgi endpoint.