:: Deepquest ::

>> ERPNext 12.18.0 / 13.0.0 Cross Site Scripting

USER: deepcore // 2021-05-12 // 0 CMT

ERPNext versions 12.18.0 and 13.0.0 suffer from reflective and persistent cross site scripting vulnerabilities.

>> [webapps] Chevereto 3.17.1 – Cross Site Scripting (Stored)

USER: deepcore // 2021-05-12 // 0 CMT

Chevereto 3.17.1 – Cross Site Scripting (Stored)

>> [local] Splinterware System Scheduler Professional 5.30 – Unquoted Service Path

USER: deepcore // 2021-05-12 // 0 CMT

Splinterware System Scheduler Professional 5.30 – Unquoted Service Path

>> PHP Timeclock 1.04 Cross Site Scripting

USER: deepcore // 2021-05-11 // 0 CMT

PHP Timeclock version 1.04 suffers from multiple cross site scripting vulnerabilities.

>> PHP Timeclock 1.04 SQL Injection

USER: deepcore // 2021-05-11 // 0 CMT

PHP Timeclock version 1.04 suffers from a remote SQL injection vulnerability.

>> DHCP Broadband 4.1.0.1503 Unquoted Service Path

USER: deepcore // 2021-05-11 // 0 CMT

DHCP Broadband version 4.1.0.1503 suffers from an unquoted service path vulnerability.

>> BOOTP Turbo 2.0.0.1253 Unquoted Service Path

USER: deepcore // 2021-05-11 // 0 CMT

BOOTP Turbo version 2.0.0.1253 suffers from an unquoted service path vulnerability.

>> TFTP Broadband 4.3.0.1465 Unquoted Service Path

USER: deepcore // 2021-05-11 // 0 CMT

TFTP Broadband version 4.3.0.1465 suffers from an unquoted service path vulnerability.

>> Backdoor.Win32.MotivFTP.12 Authentication Bypass / Code Execution

USER: deepcore // 2021-05-11 // 0 CMT

Backdoor.Win32.MotivFTP.12 malware suffers from bypass and code execution vulnerabilities.

>> Backdoor.Win32.Antilam.13.a Code Execution

USER: deepcore // 2021-05-11 // 0 CMT

Backdoor.Win32.Antilam.13.a malware suffers from a code execution vulnerability.