Canon PRINT 2.5.5 URI Injection

Canon PRINT version 2.5.5 suffers from a content provider URI injection vulnerability.

August 31, 2019
Sentrifugo 3.2 File Upload Restriction Bypass

Sentrifugo version 3.2 suffers from a file upload restriction bypass vulnerability.

Sentrifugo 3.2 Cross Site Scripting

Sentrifugo version 3.2 suffers from a persistent cross site scripting vulnerability.

DomainMod 4.13 Cross Site Scripting

DomainMod versions 4.13 and below suffer from a cross site scripting vulnerability.

Zyxel NWA/NAP/WAC Hardcoded Credentials

An FTP service runs on the Zyxel wireless access point that contains the configuration file for the WiFi network. This FTP server can be accessed with hard-coded credentials that are embedded in the firmware of the AP. When the WiFi network is bound to another VLAN, an attacker can cross the network by fetching the […]

Zyxel USG/UAG/ATP/VPN/NXC External DNS Requests

Zyxel USG/UAG/ATP/VPN/NXC series suffer from an issue where a DNS request can be made by an unauthenticated attacker to either spam a DNS service of a third party with requests that have a spoofed origin or probe whether domain names are present on the internal network behind the firewall.

http://www.thamchalong.go.th/index.php

http://www.thamchalong.go.th/index.php notified by SaMi1

August 30, 2019
http://www.moungjedton.go.th/news_files_att/[a1435651102].

http://www.moungjedton.go.th/news_files_att/[a1435651102]. notified by SaMi1

Google Finds Malicious Sites Pushing iOS Exploits For Years
Outlook Password Recovery 2.10 Denial Of Service

Outlook Password Recovery version 2.10 suffers from a denial of service vulnerability.