:: Deepquest ::

>> Printix Client 1.3.1106.0 Remote Code Execution

USER: deepcore // 2022-03-03 // 0 CMT

Printix Client versions 1.3.1106.0 and below suffer from a remote code execution vulnerability.

>> Xerte 3.10.3 Directory Traversal

USER: deepcore // 2022-03-03 // 0 CMT

Xerte versions 3.10.3 and below suffer from a directory traversal vulnerability.

>> Xerte 3.9 Remote Code Execution

USER: deepcore // 2022-03-03 // 0 CMT

Xerte versions 3.9 and below suffer from a remote code execution vulnerability.

>> Car Driving School Management 1.0 SQL Injection

USER: deepcore // 2022-03-03 // 0 CMT

Car Driving School Management version 1.0 suffers from a remote SQL injection vulnerability.

>> Prowise Reflect 1.0.9 Remote Keystroke Injection

USER: deepcore // 2022-03-03 // 0 CMT

Prowise Reflect version 1.0.9 suffers from a remote keystroke injection vulnerability.

>> Zyxel ZyWALL 2 Plus Cross Site Scripting

USER: deepcore // 2022-03-03 // 0 CMT

Zyxel ZyWALL 2 Plus suffers from a cross site scripting vulnerability.

>> http://suratpeo.go.th/boy.html

USER: deepcore // 2022-03-03 // 0 CMT

http://suratpeo.go.th/boy.html notified by AnonCoders Brazil

>> http://www.krabi.go.th/kt.html

USER: deepcore // 2022-03-02 // 0 CMT

http://www.krabi.go.th/kt.html notified by KatakBeracun

>> Rufus 3.17.1846 DLL Hijacking

USER: deepcore // 2022-03-02 // 0 CMT

Rufus version 3.17.1846 suffers from a dll hijacking vulnerability for both the executable and portable executable versions.

>> Firefox MCallGetProperty Write Side Effects Use-After-Free

USER: deepcore // 2022-03-02 // 0 CMT

This Metasploit modules exploits CVE-2020-26950, a use-after-free exploit in Firefox. The MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This exploit uses a somewhat…