:: Deepquest ::

The Samsung SW Update tool version 2.2.5.16 suffers from a man-in-the-middle vulnerability.

SAP Download Manager is a Java application offered by SAP that allows downloading software packages and support notes. This program stores the user’s settings in a configuration file. Sensitive values, such as the proxy username and password if set, are stored encrypted using a fixed static key. Versions up to 2.1.142.

This Metasploit module exploits a remote code execution vulnerability in PHP Utility Belt, which is a set of tools for PHP developers and should not be installed in a production environment, since this application runs arbitrary PHP code as an intended functionality.

http://www.amnat-ed.go.th/web2/web1/web/news/rYdbcPE8qOT5.html notified by Mr.Rizgar.halshoy.kurdish.blackhat

http://wb.srisangworn.go.th/mw.html notified by Moroccanwolf

FUCK THEM ALL (FTA) – Staminus Communications

PHP Utility Belt Remote Code Execution

WordPress Beauty & Clean Theme 1.0.8 – Arbitrary File Upload Vulnerability

WordPress DZS Videogallery Plugin <=8.60 – Multiple Vulnerabilities

Exim versions 4.84-3 and below suffer from a local privilege escalation vulnerability.