Teachers Record Management System 1.0 – ‘searchteacher’ SQL Injection
>> ARCHIVE: 2021-02
Teachers Record Management System 1.0 – ‘searchteacher’ SQL Injection
TestLink 1.9.20 – Unrestricted File Upload (Authenticated)
http://www.phayumoph.go.th/nkri.txt notified by Xyp3r2667
http://bkpw.go.th/nkri.txt notified by Xyp3r2667
https://maeteep-ngao.go.th/nkri.txt notified by Xyp3r2667
PDFCOMPLETE Corporate Edition version 4.1.45 suffers from an unquoted service path vulnerability.
School File Management System version 1.0 suffers from multiple cross site scripting vulnerabilities.
School Event Attendance Monitoring System version 1.0 suffers from a persistent cross site scripting vulnerability.
SolarWinds Serv-U File Server versions through 15.2.1 do not correctly validate path information, allowing the disclosure of files and directories outside of the user’s home directory via a specially crafted…
SolarWinds Serv-U FTP Server versions through 15.2.1 do not correctly sanitize and validate the user-supplied directory names, allowing malicious users to create directories that when clicked on (in the breadcrumb…