OpenNetAdmin versions 8.5.14 through 18.1.1 remote command execution exploit written in Ruby. This exploit was based on the original discovery of the issue by mattpascoe.
>> ARCHIVE: 2021-05
The javascript terminal emulator used by AWS CloudShell handles certain terminal escape codes incorrectly. This can lead to remote code execution if attacker controlled data is displayed in a CloudShell…
http://www.bpp1.go.th//images/fighter.gif notified by Royal Battler BD
Odoo 12.0.20190101 – ‘nssm.exe’ Unquoted Service Path
Microweber CMS 1.1.20 – Remote Code Execution (Authenticated)
PHP Timeclock 1.04 – ‘Multiple’ Cross Site Scripting (XSS)
TFTP Broadband 4.3.0.1465 – ‘tftpt.exe’ Unquoted Service Path
BOOTP Turbo 2.0.0.1253 – ‘bootpt.exe’ Unquoted Service Path
DHCP Broadband 4.1.0.1503 – ‘dhcpt.exe’ Unquoted Service Path
Human Resource Information System 0.1 – ‘First Name’ Persistent Cross-Site Scripting (Authenticated)