:: Deepquest ::

>> Backdoor.Win32.Agent.afq Missing Authentication

USER: deepcore // 2021-04-29 // 0 CMT

Backdoor.Win32.Agent.afq malware suffers from a missing authentication vulnerability.

>> GitHub Missing Audit Logging

USER: deepcore // 2021-04-29 // 0 CMT

Release functionality on GitHub.com allows modification of assets within a release by any project collaborator. This can occur after the release is published, and without notification or audit logging accessible…

[EXPLOIT]

>> Backdoor.Win32.Agent.afq Directory Traversal

USER: deepcore // 2021-04-29 // 0 CMT

Backdoor.Win32.Agent.afq malware suffers from a directory traversal vulnerability.

[EXPLOIT]

>> Backdoor.Win32.Agent.afq Heap Corruption

USER: deepcore // 2021-04-29 // 0 CMT

Backdoor.Win32.Agent.afq malware suffers from a heap corruption vulnerability.

[EXPLOIT]

>> Android NFC Stack Out-Of-Bounds Write

USER: deepcore // 2021-04-29 // 0 CMT

Android suffers from an out-of-bounds write in the NFC stack when handling MIFARE Classic TLVs.

[EXPLOIT]

>> PFSense 2.5.0 Cross Site Scripting

USER: deepcore // 2021-04-29 // 0 CMT

PFSense version 2.5.0 suffers from a persistent cross site scripting vulnerability.

[SECURITY]

>> [webapps] FOGProject 1.5.9 – File Upload RCE (Authenticated)

USER: deepcore // 2021-04-29 // 0 CMT

FOGProject 1.5.9 – File Upload RCE (Authenticated)

[SECURITY]

>> [webapps] Cacti 1.2.12 – 'filter' SQL Injection / Remote Code Execution

USER: deepcore // 2021-04-29 // 0 CMT

Cacti 1.2.12 – ‘filter’ SQL Injection / Remote Code Execution

[DEFACEMENT]

>> http://mhkpeo.go.th/er.php

USER: deepcore // 2021-04-28 // 0 CMT

http://mhkpeo.go.th/er.php notified by LahBodoAmat

[SECURITY]

>> [webapps] Kirby CMS 3.5.3.1 – 'file' Cross-Site Scripting (XSS)

USER: deepcore // 2021-04-28 // 0 CMT

Kirby CMS 3.5.3.1 – ‘file’ Cross-Site Scripting (XSS)

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: