JexBoss is an exploitation tool that demonstrates deserialization remote code execution attacks against multiple applications and platforms.
WordPress Admin Custom Login plugin version 2.4.5.2 suffers from a persistent cross site scripting vulnerability.
osTicket version 1.9.12 suffers from multiple persistent cross site scripting vulnerabilities.
WordPress WP-Filebase Download Manager plugin version 3.4.4 suffers from a cross site scripting vulnerability.
WordPress Trust Form plugin version 2.0 suffers from a cross site scripting vulnerability.
Aruba AirWave versions 8.2.3 and below suffer from XXE injection and cross site scripting vulnerabilities.
Veritas NetBackup versions 6.5.6 and 7.6.10 suffer from remote command execution, denial of service, path traversal, and privilege escalation vulnerabilities.
This archive contains all of the 285 exploits added to Packet Storm in February, 2017.
WordPress Mobile App Native plugin version 3.0 suffers from a remote shell upload vulnerability.
http://plan.korat3.go.th notified by Ashiyane Digital Security Team
Tags: defacement