4 - 2015 - :: Deepquest ::

>> [shellcode] – Create 'my.txt' Working Directory (37 Bytes)

USER: deepcore // 2015-04-13 // 0 CMT

Create ‘my.txt’ Working Directory (37 Bytes)

>> [webapps] – WordPress Duplicator <= 0.5.14 – SQL Injection & CSRF

USER: deepcore // 2015-04-13 // 0 CMT

WordPress Duplicator <= 0.5.14 – SQL Injection & CSRF

>> [webapps] – JBoss AS versions 3, 4, 5, 6 – Remote Command Execution

USER: deepcore // 2015-04-13 // 0 CMT

JBoss AS versions 3, 4, 5, 6 – Remote Command Execution

>> [webapps] – Traidnt Up 3.0 – SQL Injection

USER: deepcore // 2015-04-13 // 0 CMT

Traidnt Up 3.0 – SQL Injection

>> [webapps] – WordPress N-Media Website Contact Form with File Upload 1.3.4 – Shell Upload Vulnerability

USER: deepcore // 2015-04-13 // 0 CMT

WordPress N-Media Website Contact Form with File Upload 1.3.4 – Shell Upload Vulnerability

>> [webapps] – u-Auctions – Multiple Vulnerabilities

USER: deepcore // 2015-04-13 // 0 CMT

u-Auctions – Multiple Vulnerabilities

>> Mac OS X Rootpipe Privilege Escalation

USER: deepcore // 2015-04-11 // 0 CMT

This Metasploit module exploits a hidden backdoor API in Apple’s Admin framework on Mac OS X to escalate privileges to root, dubbed Rootpipe. Tested on Yosemite 10.10.2 and should work…

>> #1337day BOA Web Server 0.94.8.2 – Arbitrary File Access Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]

USER: deepcore // 2015-04-10 // 0 CMT

>> #1337day WordPress SP Project & Document Manager 2.5.3 – Blind SQL Injection Vulnerability [#0day #Exploit]

USER: deepcore // 2015-04-10 // 0 CMT

>> #1337day Comalatech Comala Workflows 4.6.1 CSRF / XSS Vulnerabilities [webapps #exploits #Vulnerabilities #0day #Exploit]

USER: deepcore // 2015-04-10 // 0 CMT