http://nbcsystem.dip.go.th/x3.html notified by Explosion Squad Cyber
WordPress 5.3 Username Enumeration
WordPress version 5.3 suffers from a username enumeration vulnerability.
TexasSoft CyberPlanet 6.4.131 Unquoted Service Path
TexasSoft CyberPlanet version 6.4.131 suffers from a CCSrvProxy unquoted service path vulnerability.
GHIA CamIP 1.2 For iOS Denial Of Service
GHIA CamIP version 1.2 for iOS suffers from a denial of service vulnerability.
Mersive Solstice 2.8.0 Remote Code Execution
Mersive Solstice version 2.8.0 suffers from a remote code execution vulnerability.
SpotAuditor 5.3.2 Denial Of Service
SpotAuditor version 5.3.2 Name and Key proof of concept denial of service exploits.
Online Inventory Manager 3.2 Cross Site Scripting
Online Inventory Manager version 3.2 suffers from a persistent cross site scripting vulnerability.
Bash 5.0 Patch 11 Privilege Escalation
An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that […]
OwnCloud 8.1.8 Username Disclosure
OwnCloud version 8.1.8 suffers from a username disclosure vulnerability.
WordPress Plainview Activity Monitor 20161228 Remote Command Execution
WordPress Plainview Activity Monitor plugin is vulnerable to OS command injection which allows an attacker to remotely execute commands on the underlying system. Application passes unsafe user supplied data to ip parameter into activities_overview.php. Privileges are required in order to exploit this vulnerability. Vulnerable plugin version: 20161228 and possibly prior. Fixed plugin version: 20180826.