:: Deepquest ::

>> Worm.Win32.Busan.k Insecure Transit

USER: deepcore // 2021-04-26 // 0 CMT

Worm.Win32.Busan.k malware suffers from an insecure transit vulnerability.

>> Windows 10 Wi-Fi Drivers For Intel Wireless Adapters 22.30.0 Privilege Escalation

USER: deepcore // 2021-04-26 // 0 CMT

Windows 10 Wi-Fi Drivers For Intel Wireless Adapters version 22.30.0 suffer from a privilege escalation vulnerability.

>> SEO Panel 4.8.0 SQL Injection

USER: deepcore // 2021-04-26 // 0 CMT

SEO Panel version 4.8.0 remote blind SQL injection exploit. Original discovery in this version is attributed to Piyush Patil in February of 2021.

>> OpenPLC 3 Remote Code Execution

USER: deepcore // 2021-04-26 // 0 CMT

OpenPLC version 3 authenticated remote code execution exploit.

>> Hasura GraphQL 1.3.3 Remote Code Execution

USER: deepcore // 2021-04-26 // 0 CMT

Hasura GraphQL version 1.3.3 remote code execution exploit.

>> [webapps] SEO Panel 4.8.0 – 'order_col' Blind SQL Injection (2)

USER: deepcore // 2021-04-26 // 0 CMT

SEO Panel 4.8.0 – ‘order_col’ Blind SQL Injection (2)

>> [webapps] OpenPLC 3 – Remote Code Execution (Authenticated)

USER: deepcore // 2021-04-26 // 0 CMT

OpenPLC 3 – Remote Code Execution (Authenticated)

>> [webapps] Hasura GraphQL 1.3.3 – Remote Code Execution

USER: deepcore // 2021-04-26 // 0 CMT

Hasura GraphQL 1.3.3 – Remote Code Execution

>> Moodle 3.10.3 Cross Site Scripting

USER: deepcore // 2021-04-23 // 0 CMT

Moodle version 3.10.3 suffers from a persistent cross site scripting vulnerability. Original discovery of persistent cross site scripting in this version is attributed to Vincent666 ibn Winnie in March of…

>> GetSimple CMS My SMTP Contact 1.1.1 CSRF/ XSS / Code Execution

USER: deepcore // 2021-04-23 // 0 CMT

GetSimple CMS My SMTP Contact plugin versions 1.1.1 and below cross site request forgery to persistent cross site scripting to remote code execution exploit.