:: Deepquest ::

http://www.cdd.go.th notified by Nofawkx Al

The vulnerability laboratory core research team discovered a filter bypass issue and a persistent input validation vulnerability in the Python v2.7 v1.5.4 iOS mobile application.

The vulnerability laboratory core research team discovered a redirect and session web vulnerability in the official trend micro sso online service web-application.

An independent vulnerability laboratory researcher discovered multiple sql injection web vulnerabilities in the Dorma Web Content Management System.

http://cdregion01.cdd.go.th notified by Nofawkx Al

PayPal suffered from a filter bypass vulnerability that allowed for malicious input into email.

Easy Hosting Control Panel versions 0.29 through 0.37.9 suffer from information disclosure, authentication bypass, clear text password storage, and remote file upload vulnerabilities.

Manage Engine EventLog Analyzer version 11.0 build 11000 suffers from multiple cross site scripting vulnerabilities.

CubeCart version 6.0.10 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

Apache OpenMeetings versions 1.9.x through 3.1.0 suffer from a path traversal vulnerability.