deepcore - :: Deepquest ::

>> [webapps] EyouCMS 1.4.6 – Persistent Cross-Site Scripting

USER: deepcore // 2020-05-28 // 0 CMT

EyouCMS 1.4.6 – Persistent Cross-Site Scripting

>> [webapps] Online-Exam-System 2015 – 'fid' SQL Injection

USER: deepcore // 2020-05-28 // 0 CMT

Online-Exam-System 2015 – ‘fid’ SQL Injection

>> [webapps] QNAP QTS and Photo Station 6.0.3 – Remote Command Execution

USER: deepcore // 2020-05-28 // 0 CMT

QNAP QTS and Photo Station 6.0.3 – Remote Command Execution

>> WordPress Form Maker 5.4.1 SQL Injection

USER: deepcore // 2020-05-27 // 0 CMT

WordPress Form Maker plugin versions 5.4.1 and below suffer from a remote SQL injection vulnerability.

>> GoldWave 5.70 Buffer Overflow

USER: deepcore // 2020-05-27 // 0 CMT

GoldWave version 5.70 SEH unicode buffer overflow exploit.

>> Victor CMS 1.0 Cross Site Scripting

USER: deepcore // 2020-05-27 // 0 CMT

Victor CMS version 1.0 suffers from an add_user persistent cross site scripting vulnerability.

>> Online Discussion Forum Site 1.0 Remote Code Execution

USER: deepcore // 2020-05-27 // 0 CMT

Online Discussion Forum Site version 1.0 suffers from a remote code execution vulnerability.

>> OpenEMR Remote Code Execution

USER: deepcore // 2020-05-27 // 0 CMT

OpenEMR versions prior to 5.0.1 suffer from a remote code execution vulnerability.

>> Joomla XCloner Backup 3.5.3 Local File Disclosure

USER: deepcore // 2020-05-27 // 0 CMT

Joomla XCloner Backup version 3.5.3 suffers from a local file disclosure vulnerability.

>> Pi-Hole 3.3 Command Execution

USER: deepcore // 2020-05-27 // 0 CMT

This Metasploit module exploits a command execution vulnerability in Pi-Hole versions 3.3 and below. When adding a new domain to the whitelist, it is possible to chain a command to…