[webapps] NixCMS 1.0 – 'category_id' SQL Injection
Posted by deepcore under Security (No Respond)
Archive for February, 2018
[webapps] Wonder CMS 2.3.1 – 'Host' Header Injection
Posted by deepcore under Security (No Respond)
http://www.sakon-nfe.go.th/index.php
Posted by deepcore under defacement (No Respond)
http://www.sakon-nfe.go.th/index.php notified by KATENBAD
Tags: defacementhttp://www.info.mua.go.th/ash.html
Posted by deepcore under defacement (No Respond)
http://www.info.mua.go.th/ash.html notified by Ashiyane Digital Security Team
Tags: defacementhttp://phudin.go.th/jembot.htm
Posted by deepcore under defacement (No Respond)
http://phudin.go.th/jembot.htm notified by Trenggalek Cyber Army
Tags: defacementFree CMS 1.0a Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Free CMS version 1.0a suffers from a cross site scripting vulnerability via a malicious upload.
Rich FileManager 2.7.0 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Rich FileManager version 2.7.0 suffers from a cross site scripting vulnerability via a malicious file upload.
Mara CMS 7.1 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Mara CMS version 7.1 suffers from a cross site scripting vulnerability.
Wikindx 5.2.1 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Wikindx version 5.2.1 suffers from a cross site scripting vulnerability.
WordPress Doctor Appointment Booking 1.0.0 SQL Injection / XSS
Posted by deepcore under exploit (No Respond)
WordPress Doctor Appointment Booking plugin version 1.0.0 suffers from cross site scripting and remote SQL injection vulnerabilities.