WordPress Userpro plugin versions 4.9.17 and below suffer from an authentication bypass vulnerability.
>> ARCHIVE: 2017-11
mkvalidator version 0.5.1 suffers from multiple denial of service vulnerabilities leveraging libebml2 and mkclean.
Logitech Media Server version 7.9.0 suffers from multiple cross site scripting vulnerabilities.
pfSense versions 2.3.1_1 and below suffers from a post authentication command execution vulnerability.
The Actiontec C1000A modem has a hard-coded backdoor admin account.
This is a proof of concept exploit for the waitid bug introduced in version 4.13 of the Linux kernel. It can be used to break out of sandboxes such as…
WordPress Duplicator Migration plugin version 1.2.28 suffers from a cross site scripting vulnerability.
http://pattanipao.go.th notified by Nexamos
http://kumpangcity.go.th notified by Nexamos
http://khuandoncity.go.th notified by Nexamos