BlogEngine 3.3.8 – ‘Content’ Stored XSS
>> ARCHIVE: 2020-11
BlogEngine 3.3.8 – ‘Content’ Stored XSS
Sentrifugo Version 3.2 – ‘announcements’ Remote Code Execution (Authenticated)
Sentrifugo 3.2 – ‘assets’ Remote Code Execution (Authenticated)
SmartBlog 2.0.1 – ‘id_post’ Blind SQL injection
CMSUno 1.6.2 – ‘lang’ Remote Code Execution (Authenticated)
Processwire CMS version 2.4.0 suffers from a local file inclusion vulnerability.
PDW File Browser version 1.3 suffers from a remote shell upload vulnerability.
School Log Management System version 1.0 suffers from a remote SQL injection vulnerability that could lead to code execution.
Student Attendance Management System version 1.0 suffers from a remote SQL injection vulnerability that could lead to code execution.
http://www.bdlh.go.th/ay.htm notified by Senzawa