0day – Page 145 – :: Deepquest ::

>> [webapps] WordPress Plugin Custom Global Variables 1.0.5 – 'name' Stored Cross-Site Scripting (XSS)

USER: deepcore // 2021-01-11 // 0 CMT

WordPress Plugin Custom Global Variables 1.0.5 – ‘name’ Stored Cross-Site Scripting (XSS)

>> [webapps] OpenCart 3.0.36 – ATO via Cross Site Request Forgery

USER: deepcore // 2021-01-11 // 0 CMT

OpenCart 3.0.36 – ATO via Cross Site Request Forgery

>> [webapps] Life Insurance Management System 1.0 – Multiple Stored XSS

USER: deepcore // 2021-01-08 // 0 CMT

Life Insurance Management System 1.0 – Multiple Stored XSS

>> [webapps] Online Doctor Appointment System 1.0 – Multiple Stored XSS

USER: deepcore // 2021-01-08 // 0 CMT

Online Doctor Appointment System 1.0 – Multiple Stored XSS

>> [webapps] Cockpit Version 234 – Server-Side Request Forgery (Unauthenticated)

USER: deepcore // 2021-01-08 // 0 CMT

Cockpit Version 234 – Server-Side Request Forgery (Unauthenticated)

>> [webapps] Apache Flink 1.11.0 – Unauthenticated Arbitrary File Read (Metasploit)

USER: deepcore // 2021-01-08 // 0 CMT

Apache Flink 1.11.0 – Unauthenticated Arbitrary File Read (Metasploit)

>> [local] dnsrecon 0.10.0 – CSV Injection

USER: deepcore // 2021-01-08 // 0 CMT

dnsrecon 0.10.0 – CSV Injection

>> [webapps] WordPress Plugin Autoptimize 2.7.6 – Authenticated Arbitrary File Upload (Metasploit)

USER: deepcore // 2021-01-08 // 0 CMT

WordPress Plugin Autoptimize 2.7.6 – Authenticated Arbitrary File Upload (Metasploit)

>> [webapps] WordPress Plugin wpDiscuz 7.0.4 – Unauthenticated Arbitrary File Upload (Metasploit)

USER: deepcore // 2021-01-08 // 0 CMT

WordPress Plugin wpDiscuz 7.0.4 – Unauthenticated Arbitrary File Upload (Metasploit)

>> [webapps] ECSIMAGING PACS 6.21.5 – Remote code execution

USER: deepcore // 2021-01-07 // 0 CMT

ECSIMAGING PACS 6.21.5 – Remote code execution