:: Deepquest ::

>> Laundry Booking Management System 1.0 Remote Code Execution

USER: deepcore // 2021-12-01 // 0 CMT

Laundry Booking Management System version 1.0 suffers from a remote code execution vulnerability.

>> [webapps] Advanced Comment System 1.0 – Remote Command Execution (RCE)

USER: deepcore // 2021-12-01 // 0 CMT

Advanced Comment System 1.0 – Remote Command Execution (RCE)

>> [local] MilleGPG5 5.7.2 Luglio 2021 – Local Privilege Escalation

USER: deepcore // 2021-12-01 // 0 CMT

MilleGPG5 5.7.2 Luglio 2021 – Local Privilege Escalation

>> [webapps] Online Enrollment Management System in PHP and PayPal 1.0 – 'U_NAME' Stored Cross-Site Scripting

USER: deepcore // 2021-12-01 // 0 CMT

Online Enrollment Management System in PHP and PayPal 1.0 – ‘U_NAME’ Stored Cross-Site Scripting

>> Nextar C472 POS DLL Hijacking

USER: deepcore // 2021-11-30 // 0 CMT

Nextar C472 POS suffers from a dll hijacking vulnerability.

>> Polkit Authentication Bypass / Local Privilege Escalation

USER: deepcore // 2021-11-30 // 0 CMT

This whitepaper provides an overview of a Polkit authentication bypass vulnerability that allows for local privilege escalation.

>> Apache HTTP Server 2.4.50 CVE-2021-42013 Exploitation

USER: deepcore // 2021-11-30 // 0 CMT

This document aims at explaining some recent vulnerabilities in Apache HTTP Server that leads to attacks like path traversal and remote code execution.

>> Opencart 3.0.3.8 Session Injection

USER: deepcore // 2021-11-30 // 0 CMT

Opencart version 3.0.3.8 suffers from a session injection vulnerability.

>> Orangescrum 1.8.0 Cross Site Scripting

USER: deepcore // 2021-11-30 // 0 CMT

Orangescrum version 1.8.0 suffers from reflective and persistent cross site scripting vulnerabilities.

>> Orangescrum 1.8.0 SQL Injection

USER: deepcore // 2021-11-30 // 0 CMT

Orangescrum version 1.8.0 suffers from multiple remote SQL injection vulnerabilities.