:: Deepquest ::

>> Apple Security Advisory 2020-11-05-7

USER: deepcore // 2020-11-10 // 0 CMT

Apple Security Advisory 2020-11-05-7 – tvOS 14.2 is now available and addresses code execution, integer overflow, out of bounds read, out of bounds write, path sanitization, and use-after-free vulnerabilities.

>> [webapps] Anuko Time Tracker 1.19.23.5325 – CSV/Formula Injection

USER: deepcore // 2020-11-10 // 0 CMT

Anuko Time Tracker 1.19.23.5325 – CSV/Formula Injection

>> [webapps] ShoreTel Conferencing 19.46.1802.0 – Reflected Cross-Site Scripting

USER: deepcore // 2020-11-10 // 0 CMT

ShoreTel Conferencing 19.46.1802.0 – Reflected Cross-Site Scripting

>> [webapps] Car Rental Management System 1.0 – SQL injection + Arbitrary File Upload

USER: deepcore // 2020-11-10 // 0 CMT

Car Rental Management System 1.0 – SQL injection + Arbitrary File Upload

>> https://www.lomrad.go.th//images/fighter.gif

USER: deepcore // 2020-11-09 // 0 CMT

https://www.lomrad.go.th//images/fighter.gif notified by Royal Battler BD

>> https://www.maeprik-municipality.go.th//images/fighter.gif

USER: deepcore // 2020-11-09 // 0 CMT

https://www.maeprik-municipality.go.th//images/fighter.gif notified by Royal Battler BD

>> [local] MEMU PLAY 3.7.0 – 'MEmusvc' Unquoted Service Path

USER: deepcore // 2020-11-09 // 0 CMT

MEMU PLAY 3.7.0 – ‘MEmusvc’ Unquoted Service Path

>> [local] KMSpico 17.1.0.0 – 'Service KMSELDI' Unquoted Service Path

USER: deepcore // 2020-11-09 // 0 CMT

KMSpico 17.1.0.0 – ‘Service KMSELDI’ Unquoted Service Path

>> [webapps] Genexis Platinum-4410 P4410-V2-1.28 – Broken Access Control and CSRF

USER: deepcore // 2020-11-09 // 0 CMT

Genexis Platinum-4410 P4410-V2-1.28 – Broken Access Control and CSRF

>> [local] Motorola Device Manager 2.5.4 – 'ForwardDaemon.exe ' Unquoted Service Path

USER: deepcore // 2020-11-09 // 0 CMT

Motorola Device Manager 2.5.4 – ‘ForwardDaemon.exe ‘ Unquoted Service Path