Backdoor.Win32.DarkKomet.irv malware suffers from an insecure permissions vulnerability.
>> ARCHIVE: 2021-02
HFS (HTTP File Server) 2.3.x – Remote Command Execution (3)
Monica 2.19.1 – ‘last_name’ Stored XSS
Batflat CMS 1.3.6 – ‘multiple’ Stored XSS
http://www.cs.moe.go.th/1.php notified by -1
https://www.priest-hospital.go.th/galau.html notified by F.Z MalaikatHati
This is a whitepaper that details identifying cross site scripting vulnerabilities in both the Neo and Matrix LMS codebase.
OpenText Content Server version 20.3 suffers from multiple persistent cross site scripting vulnerabilities.
Backdoor.Win32.DarkKomet.bhfh malware suffers from an insecure permissions vulnerability.
Backdoor.Win32.DarkKomet.apcc malware suffers from an insecure permissions vulnerability.