Synaccess netBooter NP-0801DU 7.4 – Cross-Site Request Forgery (Add Admin)
Tags: 0day, remote exploitHTML Video Player version 1.2.5 suffers from a buffer overflow vulnerability.
XMPlay version 3.8.3 suffers from a denial of service vulnerability.
Microsoft Edge suffers from a Chakra OP_Memset type confusion vulnerability.
Synaccess netBooter NP-02x and NP-08x version 6.8 suffer from an authentication bypass vulnerability due to a missing control check when calling the webNewAcct.cgi script while creating users. This allows an unauthenticated attacker to create an admin user account and bypass authentication giving her the power to turn off a power supply to a resource.
Synaccess netBooter NP-0801DU version 7.4 suffers from a cross site request forgery vulnerability.
Ricoh myPrint suffers from hardcoded application credential and information disclosure vulnerabilities. The myPrint windows client version 2.9.2.4 and myPrint android client version 2.2.7 are both affected.
http://www.nonsamran.go.th/nonsamran/file_editor/Hx.html notified by ./H9xHacker
Tags: defacementhttp://www.donsailocal.go.th/donsailocal/file_editor/Hx.html notified by ./H9xHacker
Tags: defacement