:: Deepquest ::

NASdeluxe NDL-2400r version 2.01.10 suffers from an OS command injection vulnerability.

ntop versions 2.3 through 2.5 suffer from cross site request forgery and multiple command execution vulnerabilities.

PHP Power Browse version 1.2 suffers from a path traversal vulnerability.

Davolink DV-2051 suffers from a missing access control vulnerability.

This Metasploit module serves payloads via an SMB server and provides commands to retrieve and execute the generated payloads. Currently supports DLLs and Powershell.

This Metasploit module exploits the memory corruption vulnerability (CVE-2016-0189) present in the VBScript engine of Internet Explorer 11.

This is an exploit against Samsung Security Manager that bypasses the patch in CVE-2015-3435 by exploiting the vulnerability against the client side. This exploit has been tested successfully against IE, FireFox and Chrome by abusing a GET request XSS to bypass CORS and reach the vulnerable PUT. Finally, a traversal is used in the PUT […]

http://www.dgr.go.th/bgepa/chaing_rai/index.html notified by islamic ghosts team

NUUO NVRmini 2 3.0.8 – Local File Disclosure

NUUO NVRmini 2 3.0.8 – Arbitrary File Deletion