2 - 2023 - :: Deepquest ::

>> https://division4.immigration.go.th/xx.html

USER: deepcore // 2023-02-03 // 0 CMT

https://division4.immigration.go.th/xx.html notified by xstro0

>> http://namphonsao.go.th

USER: deepcore // 2023-02-03 // 0 CMT

http://namphonsao.go.th notified by Approve1337

>> Online Eyewear Shop 1.0 SQL Injection

USER: deepcore // 2023-02-02 // 0 CMT

Online Eyewear Shop version 1.0 suffers from a remote SQL injection vulnerability.

>> eCommerce Marketplace Platform CMS 1.7 Cross Site Scripting

USER: deepcore // 2023-02-02 // 0 CMT

eCommerce Marketplace Platform CMS version 1.7 suffers from a cross site scripting vulnerability.

>> eCommerce Marketplace Platform CMS 1.7 SQL Injection

USER: deepcore // 2023-02-02 // 1 CMT

eCommerce Marketplace Platform CMS version 1.7 suffers from a remote SQL injection vulnerability.

>> vmwgfx Driver File Descriptor Handling Privilege Escalation

USER: deepcore // 2023-02-02 // 0 CMT

If the vmwgfx driver fails to copy the fence_rep object to userland, it tries to recover by deallocating the (already populated) file descriptor. This is wrong, as the fd gets…

>> io_uring Same Type Object Reuse Privilege Escalation

USER: deepcore // 2023-02-02 // 0 CMT

This Metasploit module exploits a bug in io_uring leading to an additional put_cred() that can be exploited to hijack credentials of other processes. This exploit will spawn SUID programs to…

>> Packet Storm New Exploits For January, 2023

USER: deepcore // 2023-02-02 // 0 CMT

This archive contains all of the 130 exploits added to Packet Storm in January, 2023.

>> mRemoteNG 1.76.20 Privilege Escalation

USER: deepcore // 2023-02-01 // 0 CMT

mRemoteNG version 1.76.20 suffers from a weak permission privilege escalation vulnerability.

>> PHPJabbers Auto Classifieds Script 3.2 Cross Site Scripting

USER: deepcore // 2023-02-01 // 0 CMT

PHPJabbers Auto Classifieds Script version 3.2 suffers from a cross site scripting vulnerability.