8 - 2021 - :: Deepquest ::

>> http://www.pri1.go.th/yo.php

USER: deepcore // 2021-08-12 // 0 CMT

http://www.pri1.go.th/yo.php notified by YIIX103

>> [webapps] RATES SYSTEM 1.0 – 'Multiple' SQL Injections

USER: deepcore // 2021-08-12 // 0 CMT

RATES SYSTEM 1.0 – ‘Multiple’ SQL Injections

>> [webapps] Altova MobileTogether Server 7.3 – XML External Entity Injection (XXE)

USER: deepcore // 2021-08-12 // 0 CMT

Altova MobileTogether Server 7.3 – XML External Entity Injection (XXE)

>> [webapps] COVID19 Testing Management System 1.0 – 'searchdata' SQL Injection

USER: deepcore // 2021-08-12 // 0 CMT

COVID19 Testing Management System 1.0 – ‘searchdata’ SQL Injection

>> Canon TR150 Driver 3.71.2.10 Privilege Escalation

USER: deepcore // 2021-08-11 // 0 CMT

Canon TR150 print drivers versions 3.71.2.10 and below allow local users to read/write files within the “CanonBJ” directory and its subdirectories. By overwriting the DLL at C:\ProgramData\CanonBJ\IJPrinter\CNMWINDOWS\Canon TR150 series\LanguageModules\040C\CNMurGE.dll with…

>> http://english.dip.go.th/ma.txt

USER: deepcore // 2021-08-11 // 0 CMT

http://english.dip.go.th/ma.txt notified by Moroccan Revolution

>> Cockpit CMS 0.11.1 NoSQL Injection

USER: deepcore // 2021-08-11 // 0 CMT

Cockpit CMS version 0.11.1 username enumeration and password reset NoSQL injection exploit.

>> WordPress LifterLMS 4.21.1 Insecure Direct Object Reference

USER: deepcore // 2021-08-11 // 0 CMT

WordPress LifterLMS plugin version 4.21.1 suffers from an insecure direct object reference vulnerability.

>> IPCop 2.1.9 Remote Code Execution

USER: deepcore // 2021-08-11 // 0 CMT

IPCop version 2.1.9 authenticated remote code execution exploit.

>> Facebook For Android Friend Acceptance

USER: deepcore // 2021-08-11 // 0 CMT

Facebook for Android is vulnerable to a permission issue which allows anyone with physical access to the Android device, to accept friend requests without unlocking the phone. Facebook does not…