https://sla.skhospital.go.th/marketplace/xx.txt notified by xstro0 another bite the dust, mirror here:Read More
Chitor CMS 1.1.2 SQL Injection
Chitor CMS version 1.1.2 suffers from a remote SQL injection vulnerability. Original discovery of this finding is attributed to msd0pe in April of 2023.
Multi-Vendor Online Groceries Management System 1.0 Remote Code Execution
Multi-Vendor Online Groceries Management System version 1.0 suffers from a remote code execution vulnerability.
Telit Cinterion IoT Traversal / Escalation / Bypass / Heap Overflow
This is an extension of research on the original findings of CVE-2020-15858 in Telit Cinterion IoT devices. Numerous issues have been discovered including path traversal, Java privilege elevation, AT commands whitelist / blacklist bypass, a heap overflow in fragmented SMS, and more.
http://www.koisoong.go.th
http://www.koisoong.go.th notified by Ajoyy
http://www.namkrai.go.th
http://www.namkrai.go.th notified by Ajoyy
[webapps] KodExplorer 4.49 – CSRF to Arbitrary File Upload
KodExplorer 4.49 – CSRF to Arbitrary File Upload
Chrome media::mojom::VideoFrame Missing Validation
Chrome suffers from an issue where the traits for media::mojom::VideoFrame do not perform any validation on the stride and offset parameters when deserializing untrusted message data.
Chrome GL_ShaderBinary Untrusted Process Exposure
Chrome has an issue where the GL_ShaderBinary is exposed to untrusted processes.
Chrome SpvGetMappedSamplerName Out-Of-Bounds String Copy
Chrome has an issue where there is an out-of-bounds string copy that can occur when parsing a uniform sampler name in SpvGetMappedSamplerName.