2016 July

[papers] – Exploiting Apache James Server 2.3.2

Posted by deepcore under Security (No Respond)

Exploiting Apache James Server 2.3.2

Tags: 0day, remote exploit

[webapps] – NewsP Free News Script 1.4.7 – User Credentials Disclosure

Posted by deepcore under Security (No Respond)

NewsP Free News Script 1.4.7 – User Credentials Disclosure

Tags: 0day, remote exploit

[webapps] – newsp.eu PHP Calendar Script 1.0 – User Credentials Disclosure

Posted by deepcore under Security (No Respond)

newsp.eu PHP Calendar Script 1.0 – User Credentials Disclosure

Tags: 0day, remote exploit

[remote] – Axis Communications MPQT/PACS 5.20.x – Server Side Include (SSI) Daemon Remote Format String Exploit

Posted by deepcore under Security (No Respond)

Axis Communications MPQT/PACS 5.20.x – Server Side Include (SSI) Daemon Remote Format String Exploit

Tags: 0day, remote exploit

[WebApps] – vBulletin 5.x/4.x – Persistent XSS in AdminCP/ApiLog via xmlrpc API (Post-Auth)

Posted by deepcore under Security (No Respond)

vBulletin 5.x/4.x – Persistent XSS in AdminCP/ApiLog via xmlrpc API (Post-Auth)

Tags: 0day, remote exploit

[Local] – Internet Explorer 11 (on Windows 10) – VBScript Memory Corruption Proof-of-Concept Exploit (MS16-051)

Posted by deepcore under Security (No Respond)

Internet Explorer 11 (on Windows 10) – VBScript Memory Corruption Proof-of-Concept Exploit (MS16-051)

Tags: 0day, remote exploit

[Remote] – DropBearSSHD <= 2015.71 – Command Injection

Posted by deepcore under Security (No Respond)

DropBearSSHD <= 2015.71 – Command Injection

Tags: 0day, remote exploit

[WebApps] – vBulletin 4.x – SQLi in breadcrumbs via xmlrpc API (Post-Auth)

Posted by deepcore under Security (No Respond)

vBulletin 4.x – SQLi in breadcrumbs via xmlrpc API (Post-Auth)

Tags: 0day, remote exploit

[remote] – OpenSSHD <= 7.2p2 – User Enumeration

Posted by deepcore under Security (No Respond)

OpenSSHD <= 7.2p2 – User Enumeration

Tags: 0day, remote exploit

http://provisgis.ntwo.moph.go.th/hunter.html

Posted by deepcore under defacement (No Respond)

http://provisgis.ntwo.moph.go.th/hunter.html notified by HUNT3RXM

Tags: defacement

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

[papers] – Exploiting Apache James Server 2.3.2

[webapps] – NewsP Free News Script 1.4.7 – User Credentials Disclosure

[webapps] – newsp.eu PHP Calendar Script 1.0 – User Credentials Disclosure

[remote] – Axis Communications MPQT/PACS 5.20.x – Server Side Include (SSI) Daemon Remote Format String Exploit

[WebApps] – vBulletin 5.x/4.x – Persistent XSS in AdminCP/ApiLog via xmlrpc API (Post-Auth)

[Local] – Internet Explorer 11 (on Windows 10) – VBScript Memory Corruption Proof-of-Concept Exploit (MS16-051)

[Remote] – DropBearSSHD <= 2015.71 – Command Injection

[WebApps] – vBulletin 4.x – SQLi in breadcrumbs via xmlrpc API (Post-Auth)

[remote] – OpenSSHD <= 7.2p2 – User Enumeration

http://provisgis.ntwo.moph.go.th/hunter.html

Tabs Switcher

Categories

Archives

Meta

BLOGROLL