:: Deepquest ::

[SECURITY]

>> [webapps] Umbraco CMS 8.9.1 – Path traversal and Arbitrary File Write (Authenticated)

USER: deepcore // 2021-08-31 // 0 CMT

Umbraco CMS 8.9.1 – Path traversal and Arbitrary File Write (Authenticated)

[SECURITY]

>> [webapps] Projectsend r1295 – 'name' Stored XSS

USER: deepcore // 2021-08-30 // 0 CMT

Projectsend r1295 – ‘name’ Stored XSS

[SECURITY]

>> [webapps] Strapi 3.0.0-beta.17.7 – Remote Code Execution (RCE) (Authenticated)

USER: deepcore // 2021-08-30 // 0 CMT

Strapi 3.0.0-beta.17.7 – Remote Code Execution (RCE) (Authenticated)

[SECURITY]

>> [webapps] Strapi 3.0.0-beta – Set Password (Unauthenticated)

USER: deepcore // 2021-08-30 // 0 CMT

Strapi 3.0.0-beta – Set Password (Unauthenticated)

[SECURITY]

>> [local] MySQL User-Defined (Linux) x32 / x86_64 – 'sys_exec' Local Privilege Escalation (2)

USER: deepcore // 2021-08-30 // 0 CMT

MySQL User-Defined (Linux) x32 / x86_64 – ‘sys_exec’ Local Privilege Escalation (2)

[SECURITY]

>> [webapps] Usermin 1.820 – Remote Code Execution (RCE) (Authenticated)

USER: deepcore // 2021-08-30 // 0 CMT

Usermin 1.820 – Remote Code Execution (RCE) (Authenticated)

[SECURITY]

>> [webapps] Bus Pass Management System 1.0 – 'viewid' SQL Injection

USER: deepcore // 2021-08-30 // 0 CMT

Bus Pass Management System 1.0 – ‘viewid’ SQL Injection

[SECURITY]

>> [webapps] Strapi CMS 3.0.0-beta.17.4 – Remote Code Execution (RCE) (Unauthenticated)

USER: deepcore // 2021-08-30 // 0 CMT

Strapi CMS 3.0.0-beta.17.4 – Remote Code Execution (RCE) (Unauthenticated)

[SECURITY]

>> [webapps] ZesleCP 3.1.9 – Remote Code Execution (RCE) (Authenticated)

USER: deepcore // 2021-08-30 // 0 CMT

ZesleCP 3.1.9 – Remote Code Execution (RCE) (Authenticated)

[EXPLOIT]

>> ProcessMaker 3.5.4 Local File Inclusion

USER: deepcore // 2021-08-27 // 0 CMT

ProcessMaker version 3.5.4 suffers from a local file inclusion vulnerability.

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: