:: Deepquest ::

>> [remote] SolarView Compact 6.00 – Directory Traversal

USER: deepcore // 2022-06-03 // 0 CMT

SolarView Compact 6.00 – Directory Traversal

>> [remote] Telesquare SDT-CW3B1 1.1.0 – OS Command Injection

USER: deepcore // 2022-06-03 // 0 CMT

Telesquare SDT-CW3B1 1.1.0 – OS Command Injection

>> [webapps] Microweber CMS 1.2.15 – Account Takeover

USER: deepcore // 2022-06-03 // 0 CMT

Microweber CMS 1.2.15 – Account Takeover

>> [remote] Zyxel USG FLEX 5.21 – OS Command Injection

USER: deepcore // 2022-06-03 // 0 CMT

Zyxel USG FLEX 5.21 – OS Command Injection

>> [webapps] Contao 4.13.2 – Cross-Site Scripting (XSS)

USER: deepcore // 2022-06-03 // 0 CMT

Contao 4.13.2 – Cross-Site Scripting (XSS)

>> [remote] Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10 – Remote Code Execution (RCE)

USER: deepcore // 2022-06-03 // 0 CMT

Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10 – Remote Code Execution (RCE)

>> Real Player 20.0.8.310 G2 Control DoGoToURL() Remote Code Execution

USER: deepcore // 2022-06-02 // 0 CMT

The G2 Control component in Real Player version 20.0.8.310 suffer from remote code execution vulnerability.

>> Real Player 16.00.282 / 16.0.3.51 / Cloud 17.0.9.17 / 20.0.7.309 Remote Code Execution

USER: deepcore // 2022-06-02 // 0 CMT

Real Player versions 16.00.282, 16.0.3.51, Cloud 17.0.9.17, and 20.0.7.309 suffer from external::Import() arbitrary file download and directory traversal vulnerabilities that lead to remote code execution.

>> Real Player 16.0.3.51 / Cloud 17.0.9.17 / 20.0.7.309 DCP URI Remote Code Execution

USER: deepcore // 2022-06-02 // 0 CMT

Real Player versions 16.0.3.51, Cloud 17.0.9.17, and 20.0.7.309 suffer from a DCP:// URI remote code execution vulnerability.

>> Avantune Genialcloud ProJ 10 Cross Site Scripting

USER: deepcore // 2022-06-02 // 0 CMT

Avantune Genialcloud ProJ version 10 suffers from a cross site scripting vulnerability.