:: Deepquest ::

>> Micro Focus UCMDB Remote Code Execution

USER: deepcore // 2021-01-29 // 0 CMT

This Metasploit module exploits two vulnerabilities, that when chained allow an attacker to achieve unauthenticated remote code execution in Micro Focus UCMDB. UCMDB included in versions 2020.05 and below of…

>> PRTG Network Monitor Remote Code Execution

USER: deepcore // 2021-01-29 // 0 CMT

This Metasploit module exploits an authenticated remote code execution vulnerability in PRTG Network Monitor. Notifications can be created by an authenticated user and can execute scripts when triggered. Due to…

>> http://paknamprasae.rayongpolice.go.th/bc7.html

USER: deepcore // 2021-01-29 // 0 CMT

http://paknamprasae.rayongpolice.go.th/bc7.html notified by BCA-X666X

>> [webapps] Quick.CMS 6.7 – Remote Code Execution (Authenticated)

USER: deepcore // 2021-01-29 // 0 CMT

Quick.CMS 6.7 – Remote Code Execution (Authenticated)

>> [webapps] Online Grading System 1.0 – 'uname' SQL Injection

USER: deepcore // 2021-01-29 // 0 CMT

Online Grading System 1.0 – ‘uname’ SQL Injection

>> [webapps] BloofoxCMS 0.5.2.1 – 'text' Stored Cross Site Scripting

USER: deepcore // 2021-01-29 // 0 CMT

BloofoxCMS 0.5.2.1 – ‘text’ Stored Cross Site Scripting

>> Openlitespeed Web Server 1.7.8 Command Injection

USER: deepcore // 2021-01-28 // 0 CMT

Openlitespeed Web Server version 1.7.8 suffers from an authenticated command injection vulnerability.

>> Backdoor.Win32.DarkKomet.apbb Insecure Permissions

USER: deepcore // 2021-01-28 // 0 CMT

Backdoor.Win32.DarkKomet.apbb malware suffers from an insecure permissions vulnerability.

>> Backdoor.Win32.Wollf.14 Missing Authentication

USER: deepcore // 2021-01-28 // 0 CMT

Backdoor.Win32.Wollf.14 malware has a backdoor on TCP/7614 that does not require any authentication.

>> Constructor.Win32.SpyNet.a Remote Password Leak

USER: deepcore // 2021-01-28 // 0 CMT

Constructor.Win32.SpyNet.a malware suffers from a remote password leak vulnerability.