Totaljs CMS version 12.0 suffers from a broken access control on an API call.
>> ARCHIVE: 2019-09
Totaljs CMS version 12.0 suffers from a broken access control on an API call.
One Identity Defender version 5.9.3 suffers from an insecure cryptographic storage vulnerability.
WordPress Download Manager plugin version 2.9.93 suffers from a cross site scripting vulnerability.
DASAN Zhone ZNID GPON 2426A EU versions S3.1.285 and below suffer from multiple cross site scripting vulnerabilities.
Cisco Content Security Management Virtual Appliance M600V IronPort remote host header injection exploit.
Cisco Email Security Virtual Appliance C300V IronPort remote host header injection exploit.
Cisco Email Security Virtual Appliance C380 IronPort remote host header injection exploit.
WordPress Spryng Payments WooCommerce plugin version 1.6.7 suffers from a cross site scripting vulnerability.
AwindInc SNMP Service – Command Injection (Metasploit)
http://haisokbr.go.th/zx.htm notified by Zarox~Ztayli