http://kpp.nfe.go.th/kurd.html notified by 0x1998
>> ARCHIVE: 2021-09
http://kpp.nfe.go.th/kurd.html notified by 0x1998
Men Salon Management System version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
WordPress Download From Files plugin version 1.48 suffers from a remote shell upload vulnerability.
Apartment Visitor Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for a shell upload.
Active WebCam version 11.5 suffers from an unquoted service path vulnerability.
Purchase Order Management System version 1.0 suffers from a remote shell upload vulnerability.
Facebook ParlAI version 1.0.0 suffers from a deserialization vulnerability that can allow for code execution.
Zenitel AlphaCom XE Audio Server versions up to 11.2.3.10 have a web interface called AlphaWeb XE that allows for a remote shell upload.
Ulfius Web Framework suffers from a remote memory corruption vulnerability. When parsing malformed HTTP requests, a heap-related initialization bug is triggered resulting in a crash in the server or potentially…
DMA Softlab Radius Manager version 4.4.0 chained exploit written in go that exploits session management and cross site scripting vulnerabilities.