6 - 2019 - :: Deepquest ::

>> [local] ProShow 9.0.3797 – Local Privilege Escalation

USER: deepcore // 2019-06-11 // 0 CMT

ProShow 9.0.3797 – Local Privilege Escalation

>> [shellcode] Linux/x86_64 – Bind (4444/TCP) Shell (/bin/sh) Shellcode (104 bytes)

USER: deepcore // 2019-06-10 // 0 CMT

Linux/x86_64 – Bind (4444/TCP) Shell (/bin/sh) Shellcode (104 bytes)

>> [webapps] UliCMS 2019.1 'Spitting Lama' – Persistent Cross-Site Scripting

USER: deepcore // 2019-06-10 // 0 CMT

UliCMS 2019.1 ‘Spitting Lama’ – Persistent Cross-Site Scripting

>> [local] Ubuntu 18.04 – 'lxd' Privilege Escalation

USER: deepcore // 2019-06-10 // 0 CMT

Ubuntu 18.04 – ‘lxd’ Privilege Escalation

>> Microsoft Windows AppX Deployment Service Local Privilege Escalation

USER: deepcore // 2019-06-08 // 0 CMT

Microsoft Windows AppX Deployment Service local privilege escalation exploit that bypasses CVE-2019-0841.

>> Zimbra XML Injection / Server-Side Request Forgery

USER: deepcore // 2019-06-07 // 0 CMT

Zimbra versions prior to 8.8.1 suffer from XML external entity injection and server-side request forgery vulnerabilities.

>> WordPress Satoshi 2.0 Cross Site Request Forgery / File Upload

USER: deepcore // 2019-06-07 // 0 CMT

WordPress Satoshi theme version 2.0 suffers from cross site request forgery and remote file upload vulnerabilities.

>> Supra Smart Cloud TV Remote File Inclusion

USER: deepcore // 2019-06-07 // 0 CMT

Supra Smart Cloud TV suffers from an openLiveURL() remote file inclusion vulnerability.

>> [local] Microsoft Windows – AppX Deployment Service Local Privilege Escalation (3)

USER: deepcore // 2019-06-07 // 0 CMT

Microsoft Windows – AppX Deployment Service Local Privilege Escalation (3)

>> [shellcode] Linux/x86_64 – Bind (4444/TCP) Shell (/bin/sh) Shellcode (131 bytes)

USER: deepcore // 2019-06-07 // 0 CMT

Linux/x86_64 – Bind (4444/TCP) Shell (/bin/sh) Shellcode (131 bytes)