TinyTinyRSS remote code execution exploit. Versions prior to 2020-09-16 are affected.
>> ARCHIVE: 2021-03
Web Based Quiz System version 1.0 suffers from a persistent cross site scripting vulnerability in the name field.
Profiling System For Human Resource Management version 1.0 suffers from a persistent cross site scripting vulnerability.
This Metasploit module exploits a remote code execution vulnerability in Zen Cart version 1.5.7b.
CASAP Automated Enrollment System version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Web Based Quiz System version 1.0 suffers from a persistent cross site scripting vulnerability related to MCQ options.
AnyDesk 5.5.2 – Remote Code Execution
Local Services Search Engine Management System (LSSMES) 1.0 – ‘name’ Persistent Cross-Site Scripting (XSS)
Local Services Search Engine Management System (LSSMES) 1.0 – Blind & Error based SQL injection (Authenticated)
https://buathongcity.go.th/tmp/senius.html notified by ZoRRoKiN