Hyperoptic (Tilgin) routers versions HG2330, HG2302, and HG2301 suffer from cross site request forgery and cross site scripting vulnerabilities.
The fix applied for CVE-2014-1520 does not fix a DLL hijacking issue with Mozilla Firefox’s executable installer.
Joomla En-Masse component versions 5.1 through 6.4 suffer from a remote SQL injection vulnerability.
BookingWizz versions prior to 5.5 suffer from having default administrative credentials, local file inclusion, cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
http://www.e-learning.dss.go.th notified by r00tkit
Tags: defacement