8 - 2016 - :: Deepquest ::

>> NASdeluxe NDL-2400r 2.01.10 Command Injection

USER: deepcore // 2016-08-06 // 0 CMT

NASdeluxe NDL-2400r version 2.01.10 suffers from an OS command injection vulnerability.

>> ntop 2.5 Cross Site Request Forgery / Command Execution

USER: deepcore // 2016-08-06 // 0 CMT

ntop versions 2.3 through 2.5 suffer from cross site request forgery and multiple command execution vulnerabilities.

>> PHP Power Browse 1.2 Path Traversal

USER: deepcore // 2016-08-06 // 0 CMT

PHP Power Browse version 1.2 suffers from a path traversal vulnerability.

>> Davolink DV-2051 Missing Access Control

USER: deepcore // 2016-08-06 // 0 CMT

Davolink DV-2051 suffers from a missing access control vulnerability.

>> SMB Delivery Module

USER: deepcore // 2016-08-06 // 0 CMT

This Metasploit module serves payloads via an SMB server and provides commands to retrieve and execute the generated payloads. Currently supports DLLs and Powershell.

>> Internet Explorer 11 VBScript Engine Memory Corruption

USER: deepcore // 2016-08-06 // 0 CMT

This Metasploit module exploits the memory corruption vulnerability (CVE-2016-0189) present in the VBScript engine of Internet Explorer 11.

>> Samsung Security Manager 1.5 ActiveMQ Broker Service PUT Method Remote Code Execution

USER: deepcore // 2016-08-06 // 0 CMT

This is an exploit against Samsung Security Manager that bypasses the patch in CVE-2015-3435 by exploiting the vulnerability against the client side. This exploit has been tested successfully against IE,…

>> http://www.dgr.go.th/bgepa/chaing_rai/index.html

USER: deepcore // 2016-08-06 // 0 CMT

http://www.dgr.go.th/bgepa/chaing_rai/index.html notified by islamic ghosts team

>> [webapps] – NUUO NVRmini 2 3.0.8 – Local File Disclosure

USER: deepcore // 2016-08-06 // 0 CMT

NUUO NVRmini 2 3.0.8 – Local File Disclosure

>> [webapps] – NUUO NVRmini 2 3.0.8 – Arbitrary File Deletion

USER: deepcore // 2016-08-06 // 0 CMT

NUUO NVRmini 2 3.0.8 – Arbitrary File Deletion