:: Deepquest ::

>> Microsoft SharePoint SSI / ViewState Remote Code Execution

USER: deepcore // 2020-10-20 // 0 CMT

This Metasploit module exploits a server-side include (SSI) in SharePoint to leak the web.config file and forge a malicious ViewState with the extracted validation key. This exploit is authenticated and…

[DEFACEMENT]

>> http://thamuang101.go.th/new.html

USER: deepcore // 2020-10-20 // 0 CMT

http://thamuang101.go.th/new.html notified by roet404

[DEFACEMENT]

>> http://trat-edu.go.th/new.html

USER: deepcore // 2020-10-20 // 0 CMT

http://trat-edu.go.th/new.html notified by roet404

[DEFACEMENT]

>> http://bigdata.ednan1.go.th/new.html

USER: deepcore // 2020-10-20 // 0 CMT

http://bigdata.ednan1.go.th/new.html notified by roet404

[DEFACEMENT]

>> http://nb2.go.th/new.html

USER: deepcore // 2020-10-20 // 0 CMT

http://nb2.go.th/new.html notified by roet404

[SECURITY]

>> [webapps] Visitor Management System in PHP 1.0 – SQL Injection (Authenticated)

USER: deepcore // 2020-10-20 // 0 CMT

Visitor Management System in PHP 1.0 – SQL Injection (Authenticated)

[SECURITY]

>> [webapps] WordPress Plugin WP Courses < 2.0.29 – Broken Access Controls leading to Courses Content Disclosure

USER: deepcore // 2020-10-20 // 0 CMT

WordPress Plugin WP Courses < 2.0.29 – Broken Access Controls leading to Courses Content Disclosure

[SECURITY]

>> [webapps] Loan Management System 1.0 – Multiple Cross Site Scripting (Stored)

USER: deepcore // 2020-10-20 // 0 CMT

Loan Management System 1.0 – Multiple Cross Site Scripting (Stored)

[SECURITY]

>> [webapps] Comtrend AR-5387un router – Persistent XSS (Authenticated)

USER: deepcore // 2020-10-20 // 0 CMT

Comtrend AR-5387un router – Persistent XSS (Authenticated)

[DEFACEMENT]

>> http://ocsb.go.th/u.htm

USER: deepcore // 2020-10-19 // 0 CMT

http://ocsb.go.th/u.htm notified by ./Fell Ganns

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: