:: Deepquest ::

>> SuiteCRM Log File Remote Code Execution

USER: deepcore // 2021-06-04 // 0 CMT

This Metasploit module exploits an input validation error on the log file extension parameter. It does not properly validate upper/lower case characters. Once this occurs, the application log file will…

>> Cisco HyperFlex HX Data Platform Command Execution

USER: deepcore // 2021-06-04 // 0 CMT

This Metasploit module exploits an unauthenticated command injection in Cisco HyperFlex HX Data Platform’s /storfs-asup endpoint to execute shell commands as the Tomcat user.

>> [dos] My Notes Safe 5.3 – Denial of Service (PoC)

USER: deepcore // 2021-06-04 // 0 CMT

My Notes Safe 5.3 – Denial of Service (PoC)

>> [dos] Macaron Notes great notebook 5.5 – Denial of Service (PoC)

USER: deepcore // 2021-06-04 // 0 CMT

Macaron Notes great notebook 5.5 – Denial of Service (PoC)

>> [dos] Color Notes 1.4 – Denial of Service (PoC)

USER: deepcore // 2021-06-04 // 0 CMT

Color Notes 1.4 – Denial of Service (PoC)

>> [dos] Inkpad Notepad & To do list 4.3.61 – Denial of Service (PoC)

USER: deepcore // 2021-06-04 // 0 CMT

Inkpad Notepad & To do list 4.3.61 – Denial of Service (PoC)

>> [webapps] Gitlab 13.10.2 – Remote Code Execution (Authenticated)

USER: deepcore // 2021-06-04 // 0 CMT

Gitlab 13.10.2 – Remote Code Execution (Authenticated)

>> [webapps] Monstra CMS 3.0.4 – Remote Code Execution (Authenticated)

USER: deepcore // 2021-06-04 // 0 CMT

Monstra CMS 3.0.4 – Remote Code Execution (Authenticated)

>> Microsoft RDP Remote Code Execution

USER: deepcore // 2021-06-03 // 0 CMT

Proof of concept exploit for a remote code execution vulnerability in Microsoft’s RDP service.

>> GetSimple CMS 3.3.4 Information Disclosure

USER: deepcore // 2021-06-03 // 0 CMT

GetSimple CMS version 3.3.4 suffers from an information disclosure vulnerability.