1 - 2021 - :: Deepquest ::

>> [webapps] Library System 1.0 – 'category' SQL Injection

USER: deepcore // 2021-01-25 // 0 CMT

Library System 1.0 – ‘category’ SQL Injection

>> [webapps] CASAP Automated Enrollment System 1.0 – 'route' Stored XSS

USER: deepcore // 2021-01-25 // 0 CMT

CASAP Automated Enrollment System 1.0 – ‘route’ Stored XSS

>> [webapps] CASAP Automated Enrollment System 1.0 – 'First Name' Stored XSS

USER: deepcore // 2021-01-25 // 0 CMT

CASAP Automated Enrollment System 1.0 – ‘First Name’ Stored XSS

>> [webapps] MyBB Timeline Plugin 1.0 – Cross-Site Scripting / CSRF

USER: deepcore // 2021-01-25 // 0 CMT

MyBB Timeline Plugin 1.0 – Cross-Site Scripting / CSRF

>> [webapps] Collabtive 3.1 – 'address' Persistent Cross-Site Scripting

USER: deepcore // 2021-01-25 // 0 CMT

Collabtive 3.1 – ‘address’ Persistent Cross-Site Scripting

>> http://www.chaisatarn.go.th/Vz.txt

USER: deepcore // 2021-01-24 // 0 CMT

http://www.chaisatarn.go.th/Vz.txt notified by VenoRyan

>> Oracle WebLogic Server 14.1.1.0 Remote Code Execution

USER: deepcore // 2021-01-23 // 0 CMT

Oracle WebLogic Server version 14.1.1.0 authenticated remote code execution exploit.

>> Selea Targa IP OCR-ANPR Camera Cross Site Scripting

USER: deepcore // 2021-01-23 // 0 CMT

Selea Targa IP OCR-ANPR Camera suffers from a persistent cross site scripting vulnerability. Multiple versions and firmwares are affected.

>> Selea Targa IP OCR-ANPR Camera Developer Backdoor Config Overwrite

USER: deepcore // 2021-01-23 // 0 CMT

Selea Targa IP OCR-ANPR Camera has a hard-coded password for a hidden and undocumented /dev.html page that enables the vendor to enable configuration upload / overwrite to the affected device…

>> CASAP Automated Enrollment System 1.0 Authentication Bypass

USER: deepcore // 2021-01-23 // 0 CMT

CASAP Automated Enrollment System version 1.0 suffers from an authentication bypass vulnerability.