Rocket.Chat 2.1.0 – Cross-Site Scripting
>> ARCHIVE: 2019-10
Rocket.Chat 2.1.0 – Cross-Site Scripting
https://ic.nbtc.go.th/xampp/lang.tmp notified by SeRaVo BlackHaT
This Metasploit module exploits a vulnerability in Total.js CMS. The issue is that a user with admin permission can embed a malicious JavaScript payload in a widget, which is evaluated…
Total.js CMS 12 – Widget JavaScript Code Injection (Metasploit)
https://nonghuafancity.go.th/o.htm notified by chinafans
http://www.pamat.go.th/o.htm notified by chinafans
Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below suffer from a remote code execution vulnerability.
Solaris 11.4 – xscreensaver Privilege Escalation
winrar 5.80 64bit – Denial of Service
Adobe Acrobat Reader DC for Windows – Heap-Based Buffer Overflow due to Malformed JP2 Stream (2)