:: Deepquest ::

>> http://secondary34.go.th/robh.htm

USER: deepcore // 2020-07-13 // 0 CMT

http://secondary34.go.th/robh.htm notified by SW1337

>> [webapps] Park Ticketing Management System 1.0 – 'viewid' SQL Injection

USER: deepcore // 2020-07-13 // 0 CMT

Park Ticketing Management System 1.0 – ‘viewid’ SQL Injection

>> [webapps] Park Ticketing Management System 1.0 – Authentication Bypass

USER: deepcore // 2020-07-13 // 0 CMT

Park Ticketing Management System 1.0 – Authentication Bypass

>> Barangay Management System 1.0 SQL Injection

USER: deepcore // 2020-07-11 // 0 CMT

Barangay Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

>> HelloWeb 2.0 Arbitrary File Download

USER: deepcore // 2020-07-11 // 0 CMT

HelloWeb version 2.0 suffers from an arbitrary file download vulnerability.

>> Webtareas 2.1 / 2.1p Cross Site Scripting

USER: deepcore // 2020-07-11 // 0 CMT

Webtareas versions 2.1 and 2.1p suffer from multiple cross site scripting vulnerabilities.

>> Impress CMS 1.4.0 Cross Site Scripting

USER: deepcore // 2020-07-11 // 0 CMT

Impress CMS version 1.4.0 suffers from a cross site scripting vulnerability.

>> Pandora FMS 7.0 NG 746 Script Insertion / Code Execution

USER: deepcore // 2020-07-11 // 0 CMT

Pandora FMS 7.0 NG versions 746 and below remote code execution exploit that leverages cross site scripting. Requires administrator to perform an snmp scan with a cross site scripting payload.

>> Pandora FMS 7.0 NG 7XX Remote Command Execution

USER: deepcore // 2020-07-11 // 0 CMT

This Metasploit module exploits a vulnerability (CVE-2020-13851) in Pandora FMS versions 7.0 NG 742, 7.0 NG 743, and 7.0 NG 744 (and perhaps older versions) in order to execute arbitrary…

>> PHP 7.4 FFI disable_functions Bypass

USER: deepcore // 2020-07-10 // 0 CMT

PHP version 7.4 FFI disable_functions bypass proof of concept exploit.