:: Deepquest ::

ServiceNow Orlando suffers from a username enumeration vulnerability.

Medical Store Management System version 1.0 suffers from a remote SQL injection vulnerability.

Simple Student Quarterly Result / Grade System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Google Play Protect version 22.4.25 suffers from a detection bypass vulnerability.

Multi-Vendor Online Groceries Management System version 1.0 suffers from a remote blind SQL injection vulnerability.

Ignition versions prior to 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.

TeamSpeak version 3.5.6 suffers from an insecure file permissions vulnerability.

Network Video Recorder version NVR304-16EP suffers from a cross site scripting vulnerability.

Tiny File Manager versions 2.4.3 and below authenticated remote shell upload exploit.

http://healthnmd.nmd.go.th/wh.html notified by Mr.Kro0oz.305