deepcore - :: Deepquest ::

>> [webapps] Umbraco CMS 8.9.1 – Path traversal and Arbitrary File Write (Authenticated)

USER: deepcore // 2021-08-31 // 0 CMT

Umbraco CMS 8.9.1 – Path traversal and Arbitrary File Write (Authenticated)

>> [webapps] WordPress Plugin ProfilePress 3.1.3 – Privilege Escalation (Unauthenticated)

USER: deepcore // 2021-08-31 // 0 CMT

WordPress Plugin ProfilePress 3.1.3 – Privilege Escalation (Unauthenticated)

>> [webapps] Strapi 3.0.0-beta – Set Password (Unauthenticated)

USER: deepcore // 2021-08-30 // 0 CMT

Strapi 3.0.0-beta – Set Password (Unauthenticated)

>> [webapps] Usermin 1.820 – Remote Code Execution (RCE) (Authenticated)

USER: deepcore // 2021-08-30 // 0 CMT

Usermin 1.820 – Remote Code Execution (RCE) (Authenticated)

>> [webapps] Strapi CMS 3.0.0-beta.17.4 – Remote Code Execution (RCE) (Unauthenticated)

USER: deepcore // 2021-08-30 // 0 CMT

Strapi CMS 3.0.0-beta.17.4 – Remote Code Execution (RCE) (Unauthenticated)

>> [webapps] Strapi 3.0.0-beta.17.7 – Remote Code Execution (RCE) (Authenticated)

USER: deepcore // 2021-08-30 // 0 CMT

Strapi 3.0.0-beta.17.7 – Remote Code Execution (RCE) (Authenticated)

>> [webapps] Projectsend r1295 – 'name' Stored XSS

USER: deepcore // 2021-08-30 // 0 CMT

Projectsend r1295 – ‘name’ Stored XSS

>> [local] MySQL User-Defined (Linux) x32 / x86_64 – 'sys_exec' Local Privilege Escalation (2)

USER: deepcore // 2021-08-30 // 0 CMT

MySQL User-Defined (Linux) x32 / x86_64 – ‘sys_exec’ Local Privilege Escalation (2)

>> [webapps] Bus Pass Management System 1.0 – 'viewid' SQL Injection

USER: deepcore // 2021-08-30 // 0 CMT

Bus Pass Management System 1.0 – ‘viewid’ SQL Injection

>> [webapps] ZesleCP 3.1.9 – Remote Code Execution (RCE) (Authenticated)

USER: deepcore // 2021-08-30 // 0 CMT

ZesleCP 3.1.9 – Remote Code Execution (RCE) (Authenticated)