:: Deepquest ::

RaspAP 2.6.6 – Remote Code Execution (RCE) (Authenticated)

Simple Phone book/directory 1.0 – ‘Username’ SQL Injection (Unauthenticated)

Online Traffic Offense Management System 1.0 – Remote Code Execution (RCE) (Unauthenticated)

https://www.ccit.go.th/azu.php notified by Wedus

Laundry Booking Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

Laundry Booking Management System version 1.0 suffers from a remote SQL injection vulnerability.

NetModule Router Software versions prior to 4.3.0.113, 4.4.0.111, and 4.5.0.105 suffer from insecure password handling and session fixation vulnerabilities.

Online Traffic Offense Management System version 1.0 suffers from a remote SQL injection vulnerability.

This Metasploit module exploits a vulnerability on Microsoft Exchange Server that allows an attacker to bypass the authentication, impersonate an arbitrary user, and write an arbitrary file to achieve remote code execution. By taking advantage of this vulnerability, you can execute arbitrary commands on the remote Microsoft Exchange Server. This vulnerability affects Exchange 2013 CU23 […]

This Metasploit module exploits a vulnerability on Microsoft Exchange Server that allows an attacker to bypass the authentication, impersonate an arbitrary user, and write an arbitrary file to achieve remote code execution. By taking advantage of this vulnerability, you can execute arbitrary commands on the remote Microsoft Exchange Server. This vulnerability affects Exchange 2013 CU23 […]