0day – Page 28 – :: Deepquest ::

[SECURITY]

>> [local] ProtonVPN 1.26.0 – Unquoted Service Path

USER: deepcore // 2022-03-23 // 0 CMT

ProtonVPN 1.26.0 – Unquoted Service Path

[SECURITY]

>> [webapps] WordPress Plugin amministrazione-aperta 3.7.3 – Local File Read – Unauthenticated

USER: deepcore // 2022-03-23 // 0 CMT

WordPress Plugin amministrazione-aperta 3.7.3 – Local File Read – Unauthenticated

[SECURITY]

>> [webapps] ICEHRM 31.0.0.0S – Cross-site Request Forgery (CSRF) to Account Takeover

USER: deepcore // 2022-03-22 // 0 CMT

ICEHRM 31.0.0.0S – Cross-site Request Forgery (CSRF) to Account Takeover

[SECURITY]

>> [remote] iRZ Mobile Router – CSRF to RCE

USER: deepcore // 2022-03-22 // 0 CMT

iRZ Mobile Router – CSRF to RCE

[SECURITY]

>> [remote] Ivanti Endpoint Manager 4.6 – Remote Code Execution (RCE)

USER: deepcore // 2022-03-22 // 0 CMT

Ivanti Endpoint Manager 4.6 – Remote Code Execution (RCE)

[SECURITY]

>> [local] Sysax FTP Automation 6.9.0 – Privilege Escalation

USER: deepcore // 2022-03-22 // 0 CMT

Sysax FTP Automation 6.9.0 – Privilege Escalation

[SECURITY]

>> [remote] ICT Protege GX/WX 2.08 – Stored Cross-Site Scripting (XSS)

USER: deepcore // 2022-03-22 // 0 CMT

ICT Protege GX/WX 2.08 – Stored Cross-Site Scripting (XSS)

[SECURITY]

>> [remote] ICT Protege GX/WX 2.08 – Client-Side SHA1 Password Hash Disclosure

USER: deepcore // 2022-03-22 // 0 CMT

ICT Protege GX/WX 2.08 – Client-Side SHA1 Password Hash Disclosure

[SECURITY]

>> [webapps] WordPress Plugin iQ Block Country 1.2.13 – Arbitrary File Deletion via Zip Slip (Authenticated)

USER: deepcore // 2022-03-21 // 0 CMT

WordPress Plugin iQ Block Country 1.2.13 – Arbitrary File Deletion via Zip Slip (Authenticated)

[SECURITY]

>> [webapps] Moodle 3.11.5 – SQLi (Authenticated)

USER: deepcore // 2022-03-16 // 0 CMT

Moodle 3.11.5 – SQLi (Authenticated)

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: