:: Deepquest ::

>> [webapps] Ericsson Network Location MPS GMPC21 – Remote Code Execution (RCE) (Metasploit)

USER: deepcore // 2021-11-02 // 0 CMT

Ericsson Network Location MPS GMPC21 – Remote Code Execution (RCE) (Metasploit)

>> [webapps] Ericsson Network Location MPS GMPC21 – Privilege Escalation (Metasploit)

USER: deepcore // 2021-11-02 // 0 CMT

Ericsson Network Location MPS GMPC21 – Privilege Escalation (Metasploit)

>> [local] Dynojet Power Core 2.3.0 – Unquoted Service Path

USER: deepcore // 2021-11-02 // 0 CMT

Dynojet Power Core 2.3.0 – Unquoted Service Path

>> [webapps] Employee Record Management System 1.2 – 'empid' SQL injection (Unauthenticated)

USER: deepcore // 2021-11-02 // 0 CMT

Employee Record Management System 1.2 – ’empid’ SQL injection (Unauthenticated)

>> Packet Storm New Exploits For October, 2021

USER: deepcore // 2021-11-01 // 0 CMT

This archive contains all of the 187 exploits added to Packet Storm in October, 2021.

>> Umbraco 8.14.1 Server-Side Request Forgery

USER: deepcore // 2021-10-30 // 0 CMT

Umbraco version 8.14.1 suffers from a server-side request forgery vulnerability.

>> Mini-XML 3.2 Heap Overflow

USER: deepcore // 2021-10-30 // 0 CMT

Mini-XML version 3.2 suffers from a heap overflow vulnerability.

>> Android NFC Type Confusion

USER: deepcore // 2021-10-30 // 0 CMT

Android NFC suffers from a type confusion vulnerability due to a race condition during a tag type change.

>> Movable Type 7 r.5002 XMLRPC API Remote Command Injection

USER: deepcore // 2021-10-30 // 0 CMT

This Metasploit module exploits an XML-RPC API OS command injection vulnerability in Movable Type 7 version r.5002.

>> WordPress NextScripts: Social Networks Auto-Poster 4.3.20 XSS

USER: deepcore // 2021-10-30 // 0 CMT

WordPress NextScripts: Social Networks Auto-Poster plugin versions 4.3.20 and below suffer from a cross site scripting vulnerability.