:: Deepquest ::

>> [webapps] ECSIMAGING PACS 6.21.5 – SQL injection

USER: deepcore // 2021-01-07 // 0 CMT

ECSIMAGING PACS 6.21.5 – SQL injection

>> [webapps] iBall-Baton WRA150N Rom-0 Backup – File Disclosure (Sensitive Information)

USER: deepcore // 2021-01-07 // 0 CMT

iBall-Baton WRA150N Rom-0 Backup – File Disclosure (Sensitive Information)

>> [webapps] Curfew e-Pass Management System 1.0 – Stored XSS

USER: deepcore // 2021-01-07 // 0 CMT

Curfew e-Pass Management System 1.0 – Stored XSS

>> [webapps] Cockpit CMS 0.6.1 – Remote Code Execution

USER: deepcore // 2021-01-07 // 0 CMT

Cockpit CMS 0.6.1 – Remote Code Execution

>> [webapps] Employee Record System 1.0 – Unrestricted File Upload to Remote Code Execution

USER: deepcore // 2021-01-07 // 0 CMT

Employee Record System 1.0 – Unrestricted File Upload to Remote Code Execution

>> [webapps] ECSIMAGING PACS 6.21.5 – Remote code execution

USER: deepcore // 2021-01-07 // 0 CMT

ECSIMAGING PACS 6.21.5 – Remote code execution

>> http://www.tessabantak.go.th

USER: deepcore // 2021-01-06 // 0 CMT

http://www.tessabantak.go.th notified by Xyp3r2667

>> Backdoor.Win32.Zombam.k Stack Buffer Overflow

USER: deepcore // 2021-01-06 // 0 CMT

Backdoor.Win32.Zombam.k malware suffers from a remote string dereference stack buffer overflow vulnerability.

>> sar2html 3.2.1 Remote Code Execution

USER: deepcore // 2021-01-06 // 0 CMT

sar2html version 3.2.1 remote code execution exploit. Original discovery for this vector of attack is attributed to Furkan Kayapinar in August of 2019.

>> CMS Made Simple 2.2.15 Remote Command Execution

USER: deepcore // 2021-01-06 // 0 CMT

CMS Made Simple version 2.2.15 suffers from an authenticated remote command execution vulnerability.