[webapps] BlogEngine 3.3.8 – 'Content' Stored XSS
Posted by deepcore under Security (No Respond)
Archive for November, 2020
[webapps] Sentrifugo Version 3.2 – 'announcements' Remote Code Execution (Authenticated)
Posted by deepcore under Security (No Respond)
Sentrifugo Version 3.2 – ‘announcements’ Remote Code Execution (Authenticated)
Tags: 0day, remote exploit[webapps] Sentrifugo 3.2 – 'assets' Remote Code Execution (Authenticated)
Posted by deepcore under Security (No Respond)
[webapps] SmartBlog 2.0.1 – 'id_post' Blind SQL injection
Posted by deepcore under Security (No Respond)
[webapps] CMSUno 1.6.2 – 'lang' Remote Code Execution (Authenticated)
Posted by deepcore under Security (No Respond)
Processwire CMS 2.4.0 Local File Inclusion
Posted by deepcore under exploit (No Respond)
Processwire CMS version 2.4.0 suffers from a local file inclusion vulnerability.
PDW File Browser 1.3 Shell Upload
Posted by deepcore under exploit (No Respond)
PDW File Browser version 1.3 suffers from a remote shell upload vulnerability.
School Log Management System 1.0 Code Execution / SQL Injection
Posted by deepcore under exploit (No Respond)
School Log Management System version 1.0 suffers from a remote SQL injection vulnerability that could lead to code execution.
Student Attendance Management System 1.0 Code Execution / SQL Injection
Posted by deepcore under exploit (No Respond)
Student Attendance Management System version 1.0 suffers from a remote SQL injection vulnerability that could lead to code execution.
http://www.bdlh.go.th/ay.htm
Posted by deepcore under defacement (No Respond)
http://www.bdlh.go.th/ay.htm notified by Senzawa
Tags: defacement
