4 - 2014 - :: Deepquest ::

>> [web applications] – WordPress Work-The-Flow Plugin 1.2.1 – Arbitrary File Upload

USER: deepcore // 2014-04-26 // 0 CMT

>> [dos / poc] – cFos Personal Net 3.09 – Remote Heap Memory Corruption

USER: deepcore // 2014-04-26 // 0 CMT

>> [local exploits] – Mac OS X NFS Mount Privilege Escalation Exploit

USER: deepcore // 2014-04-26 // 0 CMT

>> [web applications] – WordPress iMember360is 3.9.001 XSS / Disclosure / Code Execution

USER: deepcore // 2014-04-26 // 0 CMT

>> [local exploits] – GeoCore MAX DB 7.3.3 Blind SQL Injection Vulnerability

USER: deepcore // 2014-04-26 // 0 CMT

>> [remote exploits] – Wireshark 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow

USER: deepcore // 2014-04-26 // 0 CMT

>> Depot WiFi 1.0.0 Code Execution / Local File Inclusion

USER: deepcore // 2014-04-26 // 0 CMT

Depot WiFi version 1.0.0 for iOS suffers from code execution and local file inclusion vulnerabilities.

>> Mac OS X NFS Mount Privilege Escalation

USER: deepcore // 2014-04-26 // 0 CMT

This exploit leverage a stack overflow vulnerability to escalate privileges. The vulnerable function nfs_convert_old_nfs_args does not verify the size of a user-provided argument before copying it to the stack. As…

>> http://old.warincity.go.th/index.php

USER: deepcore // 2014-04-26 // 0 CMT

http://old.warincity.go.th/index.php notified by TheArrow

>> http://iwis.warincity.go.th

USER: deepcore // 2014-04-26 // 0 CMT

http://iwis.warincity.go.th notified by TheArrow