6 - 2020 - :: Deepquest ::

>> [local] Windscribe 1.83 – 'WindscribeService' Unquoted Service Path

USER: deepcore // 2020-06-26 // 0 CMT

Windscribe 1.83 – ‘WindscribeService’ Unquoted Service Path

>> http://huorua.go.th/d_finance/new_finance/hacked.pdf

USER: deepcore // 2020-06-25 // 0 CMT

http://huorua.go.th/d_finance/new_finance/hacked.pdf notified by Crystal_MSF

>> [remote] mySCADA myPRO 7 – Hardcoded Credentials

USER: deepcore // 2020-06-25 // 0 CMT

mySCADA myPRO 7 – Hardcoded Credentials

>> [webapps] FHEM 6.0 – Local File Inclusion

USER: deepcore // 2020-06-25 // 0 CMT

FHEM 6.0 – Local File Inclusion

>> LanSpy 2.0.1.159 Stack Buffer Overflow

USER: deepcore // 2020-06-24 // 0 CMT

LanSpy version 2.0.1.159 stack buffer overflow exploit that adds a user.

>> Code Blocks 20.03 Denial Of Service

USER: deepcore // 2020-06-24 // 0 CMT

Code Blocks version 20.03 denial of service proof of concept exploit.

>> Lansweeper 7.2 Default Account / Remote Code Execution

USER: deepcore // 2020-06-24 // 0 CMT

Lansweeper version 7.2 has a default admin account enabled which allows for remote code execution.

>> GilaCMS 1.11.5 Cross Site Request Forgery / Cross Site Scripting

USER: deepcore // 2020-06-24 // 0 CMT

GilaCMS version 1.11.5 suffers from cross site request forgery and cross site scripting vulnerabilities.

>> Qmail Local Privilege Escalation / Remote Code Execution

USER: deepcore // 2020-06-24 // 0 CMT

Qualys has released their local privilege escalation and remote code execution exploit for qmail that leverages the vulnerability as described in CVE-2005-1513.

>> Online Student Enrollment System 1.0 Cross Site Request Forgery

USER: deepcore // 2020-06-24 // 0 CMT

Online Student Enrollment System version 1.0 suffers from a cross site request forgery vulnerability.