Cabot 0.11.12 – Persistent Cross-Site Scripting
>> ARCHIVE: 2020-09
Cabot 0.11.12 – Persistent Cross-Site Scripting
https://www.pattawee.go.th/U72.html notified by Unravel72
http://www.roiet.go.th notified by TAHU PETIS
The COVR 3902 REVA router with firmware 1.01B0 has hardcoded telnet credentials.
All versions up to and prior to OnBase Foundation EP1 (tested: 19.8.9.1000) and OnBase 18 (tested: 18.0.0.32) suffer from a multitude of remote SQL injection vulnerabilities.
Nord VPN version 6.31.13.0 suffers from an unquoted service path vulnerability.
SiteMagic CMS version 4.4.2 suffers from a remote shell upload vulnerability.
Noise-Java suffers from an issue located in the AESGCMFallbackCipherState.encryptWithAd() method defined in AESGCMFallbackCipherState.java, where multiple boundary checks are performed to prevent invalid length or offsets from being specified for the…
Noise-Java suffers from an issue located in the ChaChaPolyCipherState.encryptWithAd() method defined in ChaChaPolyCipherState.java, where multiple boundary checks are performed to prevent invalid length or offsets from being specified for the…
Red Lion N-Tron 702-W and 702M12-W versions 2.0.26 and below suffer from cross site request forgery, hidden shell interface, cross site scripting and busybox vulnerabilities.