WordPress Contact Form 7 plugin version 5.5.6 suffers from a cross site scripting vulnerability.
>> ARCHIVE: 2022-03
WordPress Akismet Spam Protection plugin version 4.2.2 suffers from a cross site scripting vulnerability.
ProtonVPN version 1.26.0 suffers from an unquoted service path vulnerability.
ImpressCMS versions 1.4.2 and below pre-authentication SQL injection to remote code execution exploit. User input passed through the “groups” POST parameter to the /include/findusers.php script is not properly sanitized before…
Event Management System version 1.0 suffers from a remote shell upload vulnerability.
http://www.na-khu.go.th/attach_file/1643522665_lisence.txt notified by KosameAmegai
https://khoksanga.go.th/forms_file/6db2c2dc3227a2ff2a652b94fb661f87.txt notified by KosameAmegai
https://www.chaisor.go.th/forms_file/426e821c0353711d536ced779734e5f6.txt notified by KosameAmegai
http://www.silakhonkaen.go.th/sapa_file/1643523403_lisence.txt notified by KosameAmegai
https://www.pordang.go.th/sapa_file/c6ba3e75f31da3729f234e5b6e05bdbe.txt notified by KosameAmegai