2016
05.28

http://www.inspector.cdd.go.th notified by SIMAO404

mirror site here.

2016
05.27

http://phimai-shls.go.th/xx.htm notified by chinafans

mirror site here.

2016
05.27

Dounia Creation version 1.4 suffers from remote SQL injection and weak default password vulnerabilities.

more details here.

2016
05.27

Bugcrowd’s web application suffered from a filter bypass and malicious script insertion vulnerability.

more details here.

2016
05.27

dotCMS Email Header Injection

dotCMS versions prior to 3.5 and 3.3.2 suffers from an email header injection vulnerability.

more details here.

2016
05.27

Open-Xchange OX AppSuite versions 7.8.0 and below suffer from cross site scripting, open redirection, and argument injection vulnerabilities.

more details here.

2016
05.27

Teampass version 2.1.25 suffers from an unauthenticated access vulnerability.

more details here.

2016
05.27

Teampass version 2.1.25 suffers from an arbitrary file download.

more details here.

2016
05.27

PHP CRUD 1.4 Backdoor Accounts

PHP CRUD version 1.4 comes installed with weakly protected backdoor accounts.

more details here.

2016
05.27

VMWare vSphere web client versions 5.1 through 6.0 suffer from a flash cross site scripting vulnerability.

more details here.