On Microsoft Windows, the LsapGetClientInfo API in LSASRV will fallback and directly capture a caller’s impersonation token if it fails to impersonate, leading to elevation of privilege if the impersonation level is not checked.
The Microsoft Windows kernel suffers from an invalid read in nt!MiRelocateImage while parsing a malformed PE file.
http://www.bankangcity.go.th/index.php notified by ./Niz4r
Tags: defacementhttp://www.tungsawang.go.th/index.php notified by ./Niz4r
Tags: defacementThe Microsoft Windows kernel suffers from an invalid read in nt!MiRelocateImage while parsing a malformed PE file.
PrestaShop version 1.7.6.7 suffers from a cross site scripting vulnerability via the file upload functionality.
PrestaShop version 1.7.6.7 suffers from a cross site scripting vulnerability via the file upload functionality.
A vulnerability exists within Sourcegraph’s gitserver component that allows a remote attacker to execute arbitrary OS commands by modifying the core.sshCommand value within the git configuration. This command can then be triggered on demand by executing a git push operation. The vulnerability was patched by introducing a feature flag in version 3.37.0. This flag must […]
A vulnerability exists within Sourcegraph’s gitserver component that allows a remote attacker to execute arbitrary OS commands by modifying the core.sshCommand value within the git configuration. This command can then be triggered on demand by executing a git push operation. The vulnerability was patched by introducing a feature flag in version 3.37.0. This flag must […]
http://amss.ses26.go.th notified by XnonGermx
Tags: defacement