D-Link DWR-932 with firmware versions 4.00 and below suffer from authentication bypass and password disclosure vulnerabilities.
>> ARCHIVE: 2016-03
AbsoluteTelnet version 10.14 suffers from a DLL hijacking vulnerability.
http://www.nh.go.th/configuration.php notified by HUNT3RXM
An independent vulnerability laboratory researcher discovered a client-side cross site request forgery web vulnerability in the DirectAdmin CP v1.50.0 control panel.
WordPress Dharma booking Plugin 2.38.3 – File Inclusion Vulnerability
WordPress Memphis Document Library Plugin 3.1.5 – Arbitrary File Download
WordPress Brandfolder Plugin 3.0 – RFI / LFI Vulnerability
WordPress HB Audio Gallery Lite Plugin 1.0.0 – Arbitrary File Download
Joomla Easy Youtube Gallery 1.0.2 – SQL Injection Vulnerability
http://www.trat.m-society.go.th notified by Fr13nds