Nsauditor 3.1.8.0 – ‘Key’ Denial of Service (PoC)
>> AUTHOR: deepcore
Nsauditor 3.1.8.0 – ‘Key’ Denial of Service (PoC)
Max Secure Anti Virus Plus 19.0.4.020 – Insecure File Permissions
Microsoft Excel 2016 1901 – XML External Entity Injection
Allied Telesis AT-GS950/8 up until firmware AT-S107 version 1.1.3 [1.00.047] suffers from a directory traversal vulnerability.
NAPC Xinet (interface) Elegant 6 Asset Library version 6.1.655 allows pre-authentication error-based SQL injection via the /elegant6/login LoginForm[username] field when double quotes are used.
Microsoft Excel 2016 version 1901 suffers from an XML external entity injection vulnerability.
Max Secure Anti Virus Plus version 19.0.4.020 suffers from an insecure permission vulnerability.
Carlo Gavazzi SmartHouse version 6.5.33 suffers from cross site request forgery along with both reflective and persistent cross site scripting vulnerabilities.
http://nbcsystem.dip.go.th/x3.html notified by Explosion Squad Cyber
WordPress version 5.3 suffers from a username enumeration vulnerability.