0day – Page 35 – :: Deepquest ::

>> [webapps] Hotel Druid 3.0.3 – Remote Code Execution (RCE)

USER: deepcore // 2022-02-18 // 0 CMT

Hotel Druid 3.0.3 – Remote Code Execution (RCE)

>> [local] Connectify Hotspot 2018 'ConnectifyService' – Unquoted Service Path

USER: deepcore // 2022-02-18 // 0 CMT

Connectify Hotspot 2018 ‘ConnectifyService’ – Unquoted Service Path

>> [local] File Sanitizer for HP ProtectTools 5.0.1.3 – 'HPFSService' Unquoted Service Path

USER: deepcore // 2022-02-18 // 0 CMT

File Sanitizer for HP ProtectTools 5.0.1.3 – ‘HPFSService’ Unquoted Service Path

>> [webapps] WordPress Plugin MasterStudy LMS 2.7.5 – Unauthenticated Admin Account Creation

USER: deepcore // 2022-02-18 // 0 CMT

WordPress Plugin MasterStudy LMS 2.7.5 – Unauthenticated Admin Account Creation

>> [webapps] WordPress Plugin dzs-zoomsounds 6.60 – Remote Code Execution (RCE) (Unauthenticated)

USER: deepcore // 2022-02-18 // 0 CMT

WordPress Plugin dzs-zoomsounds 6.60 – Remote Code Execution (RCE) (Unauthenticated)

>> [local] Emerson PAC Machine Edition 9.80 Build 8695 – 'TrapiServer' Unquoted Service Path

USER: deepcore // 2022-02-16 // 0 CMT

Emerson PAC Machine Edition 9.80 Build 8695 – ‘TrapiServer’ Unquoted Service Path

>> [webapps] Multi-Vendor Online Groceries Management System 1.0 – 'id' Blind SQL Injection

USER: deepcore // 2022-02-16 // 0 CMT

Multi-Vendor Online Groceries Management System 1.0 – ‘id’ Blind SQL Injection

>> [webapps] ServiceNow – Username Enumeration

USER: deepcore // 2022-02-16 // 0 CMT

ServiceNow – Username Enumeration

>> [webapps] Simple Student Quarterly Result/Grade System 1.0 – SQLi Authentication Bypass

USER: deepcore // 2022-02-16 // 0 CMT

Simple Student Quarterly Result/Grade System 1.0 – SQLi Authentication Bypass

>> [remote] H3C SSL VPN – Username Enumeration

USER: deepcore // 2022-02-16 // 0 CMT

H3C SSL VPN – Username Enumeration