:: Deepquest ::

>> [dos] Blacknote 2.2.1 – Denial of Service (PoC)

USER: deepcore // 2021-06-03 // 0 CMT

Blacknote 2.2.1 – Denial of Service (PoC)

>> [dos] Notepad notes 2.6.7 – Denial of Service (PoC)

USER: deepcore // 2021-06-03 // 0 CMT

Notepad notes 2.6.7 – Denial of Service (PoC)

>> [dos] ColorNote 4.1.9 – Denial of Service (PoC)

USER: deepcore // 2021-06-03 // 0 CMT

ColorNote 4.1.9 – Denial of Service (PoC)

>> [webapps] CHIYU IoT Devices – Denial of Service (DoS)

USER: deepcore // 2021-06-03 // 0 CMT

CHIYU IoT Devices – Denial of Service (DoS)

>> [dos] BasicNote 1.1.9 – Denial of Service (PoC)

USER: deepcore // 2021-06-03 // 0 CMT

BasicNote 1.1.9 – Denial of Service (PoC)

>> [webapps] Seo Panel 4.8.0 – 'from_time' Reflected XSS

USER: deepcore // 2021-06-03 // 0 CMT

Seo Panel 4.8.0 – ‘from_time’ Reflected XSS

>> [remote] CHIYU IoT Devices – 'Telnet' Authentication Bypass

USER: deepcore // 2021-06-03 // 0 CMT

CHIYU IoT Devices – ‘Telnet’ Authentication Bypass

>> [webapps] FUDForum 3.1.0 – 'srch' Reflected XSS

USER: deepcore // 2021-06-03 // 0 CMT

FUDForum 3.1.0 – ‘srch’ Reflected XSS

>> [webapps] PHP 8.1.0-dev – 'User-Agentt' Remote Code Execution

USER: deepcore // 2021-06-03 // 0 CMT

PHP 8.1.0-dev – ‘User-Agentt’ Remote Code Execution

>> Cacti 1.2.12 SQL Injection / Remote Command Execution

USER: deepcore // 2021-06-02 // 0 CMT

This Metasploit module exploits a SQL injection vulnerability in Cacti versions 1.2.12 and below. An admin can exploit the filter variable within color.php to pull arbitrary values as well as…