12 - 2016 - :: Deepquest ::

>> PHPMailer 5.2.17 Remote Code Execution

USER: deepcore // 2016-12-27 // 0 CMT

PHPMailer version 5.2.17 suffers from a remote code execution vulnerability.

>> http://umjan.go.th

USER: deepcore // 2016-12-27 // 0 CMT

http://umjan.go.th notified by Krypton

>> http://dhr.go.th

USER: deepcore // 2016-12-27 // 0 CMT

http://dhr.go.th notified by Krypton

>> http://namon.go.th

USER: deepcore // 2016-12-27 // 0 CMT

http://namon.go.th notified by Krypton

>> http://www.phachi.go.th

USER: deepcore // 2016-12-27 // 0 CMT

http://www.phachi.go.th notified by Krypton

>> XAMPP Control Panel Denial Of Service

USER: deepcore // 2016-12-25 // 0 CMT

XAMPP Control Panel suffers from a denial of service vulnerability.

>> http://www.khanom.go.th/usronline.php

USER: deepcore // 2016-12-24 // 0 CMT

http://www.khanom.go.th/usronline.php notified by freemandz

>> Nidesoft MP3 Converter 2.6.18 DLL Hijacking

USER: deepcore // 2016-12-24 // 0 CMT

Nidesoft MP3 Converter version 2.6.18 suffers from a dll hijacking vulnerability.

>> OpenSSH Arbitrary Library Loading

USER: deepcore // 2016-12-24 // 0 CMT

The OpenSSH agent permits its clients to load PKCS11 providers using the commands SSH_AGENTC_ADD_SMARTCARD_KEY and SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED if OpenSSH was compiled with the ENABLE_PKCS11 flag (normally enabled) and the agent isn’t…

>> OpenSSH Local Privilege Escalation

USER: deepcore // 2016-12-24 // 0 CMT

OpenSSH can forward TCP sockets and UNIX domain sockets. If privilege separation is disabled, then on the server side, the forwarding is handled by a child of sshd that has…