:: Deepquest ::

>> http://envfund.onep.go.th/ay.htm

USER: deepcore // 2020-11-18 // 0 CMT

http://envfund.onep.go.th/ay.htm notified by D3D0T

>> [remote] ZeroLogon – Netlogon Elevation of Privilege

USER: deepcore // 2020-11-18 // 0 CMT

ZeroLogon – Netlogon Elevation of Privilege

>> [webapps] BigBlueButton 2.2.25 – Arbitrary File Disclosure and Server-Side Request Forgery

USER: deepcore // 2020-11-18 // 0 CMT

BigBlueButton 2.2.25 – Arbitrary File Disclosure and Server-Side Request Forgery

>> [webapps] WordPress Plugin WPForms 1.6.3.1 – Persistent Cross Site Scripting (Authenticated)

USER: deepcore // 2020-11-18 // 0 CMT

WordPress Plugin WPForms 1.6.3.1 – Persistent Cross Site Scripting (Authenticated)

>> Advanced System Care Service 13 Unquoted Service Path

USER: deepcore // 2020-11-17 // 0 CMT

Advanced System Care Service version 13 suffers from an unquoted service path vulnerability.

>> Pandora FMS 7.0 NG 749 SQL Injection

USER: deepcore // 2020-11-17 // 0 CMT

Pandora FMS version 7.0 NG 749 suffers from a remote SQL injection vulnerability.

>> KiteService 1.2020.1113.1 Unquoted Service Path

USER: deepcore // 2020-11-17 // 0 CMT

KiteService version 1.2020.1113.1 suffers from an unquoted service path vulnerability.

>> Taskcafe 0.1.0 / 0.1.1 Cross Origin Resource Sharing

USER: deepcore // 2020-11-17 // 0 CMT

Taskcafe version 0.1.0 and 0.1.1 suffer from a cross-origin resource sharing vulnerability.

>> Water Billing System 1.0 SQL Injection

USER: deepcore // 2020-11-17 // 0 CMT

Water Billing System version 1.0 suffers from a remote SQL injection vulnerability. This version was already found to be susceptible to SQL injection by Sarang Tumne in November of 2020.

>> Super Store Finder 3.3 Cross Site Scripting

USER: deepcore // 2020-11-17 // 0 CMT

Super Store Finder versions 3.3 and below suffer from a cross site scripting vulnerability.