The user profile dashboard for paloaltonetworks.com suffered from a cross site request forgery vulnerability.
>> ARCHIVE: 2019-09
Dokeos versions 1.8.6.1 and 1.8.6.3 suffer from a remote file upload vulnerability via an fckeditor.
http://www.atsc.doae.go.th notified by 0x1998
http://sirattana.sisaket.doae.go.th notified by 0x1998
http://phusing.sisaket.doae.go.th notified by 0x1998
http://huaithapthan.sisaket.doae.go.th notified by 0x1998
http://sukhothai2.go.th/007.html notified by 0x1998
DIGIT CENTRIS 4 ERP suffers from a remote SQL injection vulnerability.
GOautodial version 4.0 suffers from a persistent cross site scripting vulnerability in the CreateEvent flow.
LayerBB version 1.1.3 suffers from a cross site request forgery vulnerability.