10 - 2020 - :: Deepquest ::

[EXPLOIT]

>> Genexis Platinum-4410 Cross Site Scripting

USER: deepcore // 2020-10-27 // 0 CMT

The Genexis Platinum-4410 router suffers from a persistent cross site scripting vulnerability.

[SECURITY]

>> [webapps] Sphider Search Engine 1.3.6 – 'word_upper_bound' RCE (Authenticated)

USER: deepcore // 2020-10-27 // 0 CMT

Sphider Search Engine 1.3.6 – ‘word_upper_bound’ RCE (Authenticated)

[SECURITY]

>> [webapps] Client Management System 1.0 – 'searchdata' SQL injection

USER: deepcore // 2020-10-27 // 0 CMT

Client Management System 1.0 – ‘searchdata’ SQL injection

[SECURITY]

>> [webapps] Sentrifugo 3.2 – File Upload Restriction Bypass (Authenticated)

USER: deepcore // 2020-10-27 // 0 CMT

Sentrifugo 3.2 – File Upload Restriction Bypass (Authenticated)

[SECURITY]

>> [remote] Adtec Digital Multiple Products – Default Hardcoded Credentials Remote Root

USER: deepcore // 2020-10-27 // 0 CMT

Adtec Digital Multiple Products – Default Hardcoded Credentials Remote Root

[SECURITY]

>> [local] TDM Digital Signage PC Player 4.1 – Insecure File Permissions

USER: deepcore // 2020-10-27 // 0 CMT

TDM Digital Signage PC Player 4.1 – Insecure File Permissions

[DEFACEMENT]

>> https://baantarn.go.th/indonesia.php

USER: deepcore // 2020-10-26 // 0 CMT

https://baantarn.go.th/indonesia.php notified by hell_c0de

[DEFACEMENT]

>> https://huayrai-lomsak.go.th/indonesia.php

USER: deepcore // 2020-10-26 // 0 CMT

https://huayrai-lomsak.go.th/indonesia.php notified by hell_c0de

[DEFACEMENT]

>> https://jaothong.go.th/indonesia.php

USER: deepcore // 2020-10-26 // 0 CMT

https://jaothong.go.th/indonesia.php notified by hell_c0de

[DEFACEMENT]

>> https://jiktueng.go.th/indonesia.php

USER: deepcore // 2020-10-26 // 0 CMT

https://jiktueng.go.th/indonesia.php notified by hell_c0de

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: