9 - 2016 - :: Deepquest ::

[EXPLOIT]

>> Infoblox 7.0.1 Cross Site Scripting

USER: deepcore // 2016-09-08 // 0 CMT

Infoblox versions 7.0.1 suffers from a cross site scripting vulnerability.

[EXPLOIT]

>> Adobe ColdFusion 11 XML External Entity Injection

USER: deepcore // 2016-09-08 // 0 CMT

Adobe ColdFusion versions 11 and below suffer from an XML external entity (XXE) injection vulnerability.

[EXPLOIT]

>> SugarCRM REST Unserialize PHP Code Execution

USER: deepcore // 2016-09-08 // 0 CMT

This Metasploit module exploits a PHP Object Injection vulnerability in SugarCRM CE <= 6.5.23 which could be abused to allow unauthenticated users to execute arbitrary PHP code with the permissions…

[DEFACEMENT]

>> http://www.kiriwong.go.th/usronline.txt

USER: deepcore // 2016-09-08 // 0 CMT

http://www.kiriwong.go.th/usronline.txt notified by EviL-r00t

[SECURITY]

>> [webapps] – Zabbix 2.0 < 3.0.3 – SQL Injection

USER: deepcore // 2016-09-08 // 0 CMT

Zabbix 2.0 < 3.0.3 – SQL Injection

[SECURITY]

>> [dos] – Adobe Flash – Transform.colorTranform Getter Info Leak

USER: deepcore // 2016-09-08 // 0 CMT

Adobe Flash – Transform.colorTranform Getter Info Leak

[SECURITY]

>> [local] – LogMeIn Client 1.3.2462 (64bit) – Local Credentials Disclosure

USER: deepcore // 2016-09-08 // 0 CMT

LogMeIn Client 1.3.2462 (64bit) – Local Credentials Disclosure

[SECURITY]

>> [local] – Apple iCloud Desktop Client 5.2.1.0 – Local Credentials Disclosure

USER: deepcore // 2016-09-08 // 0 CMT

Apple iCloud Desktop Client 5.2.1.0 – Local Credentials Disclosure

[SECURITY]

>> [webapps] – Jobberbase 2.0 – Multiple Vulnerabilities

USER: deepcore // 2016-09-08 // 0 CMT

Jobberbase 2.0 – Multiple Vulnerabilities

[SECURITY]

>> [shellcode] – Windows x86 – Bind Shell TCP Shellcode

USER: deepcore // 2016-09-08 // 0 CMT

Windows x86 – Bind Shell TCP Shellcode

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: