12 - 2017 - :: Deepquest ::

>> Joomla! JEXTN Question And Answer 3.1.0 SQL Injection

USER: deepcore // 2017-12-16 // 0 CMT

Joomla! JEXTN Question and Answer component version 3.1.0 suffers from a remote SQL injection vulnerability.

>> Joomla! JEXTN Video Gallery 3.0.5 SQL Injection

USER: deepcore // 2017-12-16 // 0 CMT

Joomla! JEXTN Video Gallery component version 3.0.5 suffers from a remote SQL injection vulnerability.

>> Readymade Video Sharing Script 3.2 HTML Injection

USER: deepcore // 2017-12-16 // 0 CMT

Readymade Video Sharing Script version 3.2 suffers from a html injection vulnerability.

>> Paid To Read Script 2.0.5 SQL Injection

USER: deepcore // 2017-12-16 // 0 CMT

Paid To Read Script version 2.0.5 suffers from a remote SQL injection vulnerability.

>> Piwigo 2.9.1 SQL Injection

USER: deepcore // 2017-12-16 // 0 CMT

Piwigo version 2.9.1 suffers from a remote SQL injection vulnerability.

>> Movie Guide 2.0 SQL Injection

USER: deepcore // 2017-12-16 // 0 CMT

Movie Guide version 2.0 suffers from a remote SQL injection vulnerability.

>> FS Lynda Clone 1.0 SQL Injection

USER: deepcore // 2017-12-16 // 0 CMT

FS Lynda Clone version 1.0 suffers from a remote SQL injection vulnerability.

>> Bus Booking Script 1.0 SQL Injection

USER: deepcore // 2017-12-16 // 0 CMT

Bus Booking Script version 1.0 suffers from a remote SQL injection vulnerability.

>> Western Digital MyCloud multi_uploadify File Upload

USER: deepcore // 2017-12-16 // 0 CMT

This Metasploit module exploits a file upload vulnerability found in Western Digital’s MyCloud NAS web administration HTTP service. The /web/jquery/uploader/multi_uploadify.php PHP script provides multipart upload functionality that is accessible without…

>> [shellcode] Linux/x64 – Custom Encoded XOR + execve(/bin/sh) Shellcode

USER: deepcore // 2017-12-16 // 0 CMT

Linux/x64 – Custom Encoded XOR + execve(/bin/sh) Shellcode