deepcore - :: Deepquest ::

>> [dos] Quick N Easy Web Server 3.3.8 – Denial of Service (PoC)

USER: deepcore // 2020-02-24 // 0 CMT

Quick N Easy Web Server 3.3.8 – Denial of Service (PoC)

>> [webapps] AMSS++ 4.7 – Backdoor Admin Account

USER: deepcore // 2020-02-24 // 0 CMT

AMSS++ 4.7 – Backdoor Admin Account

>> [webapps] CandidATS 2.1.0 – Cross-Site Request Forgery (Add Admin)

USER: deepcore // 2020-02-24 // 0 CMT

CandidATS 2.1.0 – Cross-Site Request Forgery (Add Admin)

>> http://nbc.dip.go.th/rx.html

USER: deepcore // 2020-02-23 // 0 CMT

http://nbc.dip.go.th/rx.html notified by ifactoryx

>> http://nec.dip.go.th/rx.html

USER: deepcore // 2020-02-23 // 0 CMT

http://nec.dip.go.th/rx.html notified by ifactoryx

>> AMSS++ 4.31 SQL Injection

USER: deepcore // 2020-02-22 // 0 CMT

AMSS++ version 4.31 suffers from a remote SQL injection vulnerability.

>> D-Link DGS-1250 Header Injection

USER: deepcore // 2020-02-22 // 0 CMT

D-Link DGS-1250 suffers from a header injection vulnerability that can be leveraged through cross site scripting.

>> Online Birth Certificate System 1.0 Cross Site Scripting

USER: deepcore // 2020-02-22 // 0 CMT

Online Birth Certificate System version 1.0 suffers from a persistent cross site scripting vulnerability.

>> Open-Xchange App Suite / Documents Server-Side Request Forgery

USER: deepcore // 2020-02-22 // 0 CMT

Open-Xchange App Suite and Documents versions 7.10.2 and below suffer from multiple server-side request forgery vulnerabilities.

>> OpenNetAdmin Ping Command Injection

USER: deepcore // 2020-02-22 // 0 CMT

This Metasploit module exploits a command injection in OpenNetAdmin between versions 8.5.14 and 18.1.1.