KirbyCMS versions prior to 2.5.7 suffer from a persistent cross site scripting vulnerability.
>> ARCHIVE: 2017-11
Xlight FTP Server version 3.8.8.5 buffer overflow proof of concept exploit.
WordPress Appointments plugin version 2.2.2.2 suffers from a persistent cross site scripting vulnerability.
WordPress Cartogiraffe Map version 1.0 suffers from a persistent cross site scripting vulnerability.
WordPress Boozang plugin version 1.0.0 suffers from a cross site scripting vulnerability.
This Metasploit module leverages an unauthenticated credential disclosure vulnerability to execute arbitrary commands on DIR-850L routers as an authenticated user.
http://www.srimahaphot.go.th/r00t.html notified by cyber_hunter
http://khokmailai.go.th/r00t.html notified by cyber_hunter
PSFTPd Windows FTP Server 10.0.4 Build 729 – Log Injection / Use-After-Free
D-Link DIR-850L – Unauthenticated OS Command Execution (Metasploit)