:: Deepquest ::

Tunnel Interface Driver suffers from a denial of service vulnerability.

OPSWAT Metadefender Core version 4.21.1 suffers from a privilege escalation vulnerability.

Moodle LMS version 4.0 suffers from a cross site scripting vulnerability.

Hashicorp Consul version 1.0 suffers from a remote command execution vulnerability.

This Metasploit module exploits an undocumented backdoor vulnerability in the Optergy Proton and Enterprise Building Management System (BMS) applications. Versions 2.0.3a and below are vulnerable. Attackers can exploit this issue by directly navigating to an undocumented backdoor script called Console.jsp in the tools directory and gain full system access. Successful exploitation results in root command […]

ReQlogic version 11.3 suffers from a cross site scripting vulnerability.

iBooking version 1.0.8 suffers from a remote shell upload vulnerability.

rukovoditel version 3.2.1 suffers from a cross site scripting vulnerability.

The SolarWinds Information Service (SWIS) is vulnerable to remote code execution by way of a crafted message received through the AMQP message queue. A malicious user that can authenticate to the AMQP service can publish such a crafted message whose body is a serialized .NET object which can lead to OS command execution as NT […]

The SolarWinds Information Service (SWIS) is vulnerable to remote code execution by way of a crafted message received through the AMQP message queue. A malicious user that can authenticate to the AMQP service can publish such a crafted message whose body is a serialized .NET object which can lead to OS command execution as NT […]