:: Deepquest ::

>> Batflat CMS 1.3.6 Cross Site Scripting

USER: deepcore // 2021-02-24 // 0 CMT

Batflat CMS version 1.3.6 suffers from multiple persistent cross site scripting vulnerabilities.

>> Apache Flink JAR Upload Java Code Execution

USER: deepcore // 2021-02-24 // 0 CMT

This Metasploit module uses job functionality in the Apache Flink dashboard web interface to upload and execute a JAR file, leading to remote execution of arbitrary Java code as the…

[DEFACEMENT]

>> https://jobok.go.th/ina.htm

USER: deepcore // 2021-02-24 // 0 CMT

https://jobok.go.th/ina.htm notified by Xyp3r2667

[DEFACEMENT]

>> https://www.kohsathon.go.th/ina.htm

USER: deepcore // 2021-02-24 // 0 CMT

https://www.kohsathon.go.th/ina.htm notified by Xyp3r2667

[SECURITY]

>> [dos] Product Key Explorer 4.2.7 – 'multiple' Denial of Service (PoC)

USER: deepcore // 2021-02-24 // 0 CMT

Product Key Explorer 4.2.7 – ‘multiple’ Denial of Service (PoC)

[SECURITY]

>> [local] Softros LAN Messenger 9.6.4 – 'SoftrosSpellChecker' Unquoted Service Path

USER: deepcore // 2021-02-24 // 0 CMT

Softros LAN Messenger 9.6.4 – ‘SoftrosSpellChecker’ Unquoted Service Path

[SECURITY]

>> [remote] Unified Remote 3.9.0.2463 – Remote Code Execution

USER: deepcore // 2021-02-24 // 0 CMT

Unified Remote 3.9.0.2463 – Remote Code Execution

[SECURITY]

>> [local] LogonExpert 8.1 – 'LogonExpertSvc' Unquoted Service Path

USER: deepcore // 2021-02-24 // 0 CMT

LogonExpert 8.1 – ‘LogonExpertSvc’ Unquoted Service Path

[SECURITY]

>> [remote] python jsonpickle 2.0.0 – Remote Code Execution

USER: deepcore // 2021-02-24 // 0 CMT

python jsonpickle 2.0.0 – Remote Code Execution

[SECURITY]

>> [dos] SpotAuditor 5.3.5 – 'multiple' Denial Of Service (PoC)

USER: deepcore // 2021-02-24 // 0 CMT

SpotAuditor 5.3.5 – ‘multiple’ Denial Of Service (PoC)

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: