:: Deepquest ::

http://internalaudit.drr.go.th/kurd.html notified by 0x1998

http://kalasin.drr.go.th/kurd.html notified by 0x1998

http://krabi.drr.go.th/kurd.html notified by 0x1998

http://lampang.drr.go.th/kurd.html notified by 0x1998

Proof of concept details for Oracle database versions 12.1.0.2, 12.2.0.1, 18c, and 19c that had a PDB isolation vulnerability allowing viewing of metadata for a different database within the same container.

WordPress Profile Builder plugin versions 3.9.0 and below suffer from a missing authorization vulnerability in wppb_toolbox_usermeta_handler().

This Metasploit module uploads a payload to the /tmp directory in addition to a cron job to /etc/cron.d which executes the payload in the context of the root user. The core vulnerability is an arbitrary file write issue in /configWizard/keyUpload.jsp which is accessible remotely and without authentication. When you send the vulnerable endpoint a ZIP […]

This Metasploit module uploads a payload to the /tmp directory in addition to a cron job to /etc/cron.d which executes the payload in the context of the root user. The core vulnerability is an arbitrary file write issue in /configWizard/keyUpload.jsp which is accessible remotely and without authentication. When you send the vulnerable endpoint a ZIP […]

This Metasploit module exploits a vulnerability in RedHat based systems where improper file permissions are applied to /usr/lib/tmpfiles.d/tomcat.conf for Apache Tomcat versions before 7.0.54-8. The configuration files in tmpfiles.d are used by systemd-tmpfiles to manage temporary files including their creation. With this weak permission, you are able to inject commands into the systemd-tmpfiles service to […]