https://amnat-ed.go.th/1975.html notified by 1975 Team
http://www.mhs-pao.go.th/zil.php
http://www.mhs-pao.go.th/zil.php notified by AnonCoders
qdPM 9.1 Remote Code Execution
qdPM version 9.1 authenticated remote code execution exploit that leverages a path traversal.
ChromeOS usbguard Bypass
ChromeOS uses usbguard when the screen is locked but appears to suffer from bypass issues.
Tigase XMPP Server Stanza Smuggling
Tigase XMPP server suffers from a security vulnerability due to not escaping double quote character when serializing parsed XML. This can be used to smuggle (or, if you prefer, inject) an arbitrary attacker-controlled stanza in the XMPP server’s output stream. A malicious client can abuse this vulnerability to send arbitrary XMPP stanzas to another client […]
Tigase XMPP Server Stanza Smuggling
Tigase XMPP server suffers from a security vulnerability due to not escaping double quote character when serializing parsed XML. This can be used to smuggle (or, if you prefer, inject) an arbitrary attacker-controlled stanza in the XMPP server’s output stream. A malicious client can abuse this vulnerability to send arbitrary XMPP stanzas to another client […]
http://cems.diw.go.th/sadme.htm
http://cems.diw.go.th/sadme.htm notified by typicalsadboy
http://policeubon.go.th/o.htm
http://policeubon.go.th/o.htm notified by ./Fell Ganns
Print Spooler Remote DLL Injection
The print spooler service can be abused by an authenticated remote attacker to load a DLL through a crafted DCERPC request, resulting in remote code execution as NT AUTHORITYSYSTEM. This module uses the MS-RPRN vector which requires the Print Spooler service to be running.
Print Spooler Remote DLL Injection
The print spooler service can be abused by an authenticated remote attacker to load a DLL through a crafted DCERPC request, resulting in remote code execution as NT AUTHORITY\SYSTEM. This module uses the MS-RPRN vector which requires the Print Spooler service to be running.