0day – Page 600 – :: Deepquest ::

>> [webapps] – NewsP Free News Script 1.4.7 – User Credentials Disclosure

USER: deepcore // 2016-07-19 // 0 CMT

NewsP Free News Script 1.4.7 – User Credentials Disclosure

>> [papers] – Exploiting Apache James Server 2.3.2

USER: deepcore // 2016-07-19 // 0 CMT

Exploiting Apache James Server 2.3.2

>> [shellcode] – Linux/x86-64 – Syscall Persistent Bind Shell + (Multi-terminal) + Password + Daemon (83, 148, 177 bytes)

USER: deepcore // 2016-07-19 // 0 CMT

Linux/x86-64 – Syscall Persistent Bind Shell + (Multi-terminal) + Password + Daemon (83, 148, 177 bytes)

>> [remote] – OpenSSHD <= 7.2p2 – User Enumeration

USER: deepcore // 2016-07-18 // 0 CMT

OpenSSHD <= 7.2p2 – User Enumeration

>> [WebApps] – vBulletin 4.x – SQLi in breadcrumbs via xmlrpc API (Post-Auth)

USER: deepcore // 2016-07-18 // 0 CMT

vBulletin 4.x – SQLi in breadcrumbs via xmlrpc API (Post-Auth)

>> [Remote] – DropBearSSHD <= 2015.71 – Command Injection

USER: deepcore // 2016-07-18 // 0 CMT

DropBearSSHD <= 2015.71 – Command Injection

>> [Local] – Internet Explorer 11 (on Windows 10) – VBScript Memory Corruption Proof-of-Concept Exploit (MS16-051)

USER: deepcore // 2016-07-18 // 0 CMT

Internet Explorer 11 (on Windows 10) – VBScript Memory Corruption Proof-of-Concept Exploit (MS16-051)

>> [WebApps] – vBulletin 5.x/4.x – Persistent XSS in AdminCP/ApiLog via xmlrpc API (Post-Auth)

USER: deepcore // 2016-07-18 // 0 CMT

vBulletin 5.x/4.x – Persistent XSS in AdminCP/ApiLog via xmlrpc API (Post-Auth)

>> [webapps] – Clear Voyager Hotspot IMW-C910W – Arbitrary File Disclosure

USER: deepcore // 2016-07-15 // 0 CMT

Clear Voyager Hotspot IMW-C910W – Arbitrary File Disclosure

>> [webapps] – Joomla Guru Pro (com_guru) Component – SQL Injection

USER: deepcore // 2016-07-14 // 0 CMT

Joomla Guru Pro (com_guru) Component – SQL Injection