Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN – Arbitrary File Disclosure (metasploit)
>> AUTHOR: deepcore
Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN – Arbitrary File Disclosure (metasploit)
RAR Password Recovery version 1.80 suffers from a user name and registration code denial of service vulnerability.
Kimai version 2 suffers from a persistent cross site scripting vulnerability.
Neo Billing version 3.5 suffers from a persistent cross site scripting vulnerability.
This Metasploit module exploits FortiOS versions 5.6.3 through 5.6.7 and 6.0.0 through 6.0.4 to leverage a credential disclosure vulnerability by reading the /dev/cmdb/sslvpn_websession file.
YouPHPTube version 7.2 suffers from a remote SQL injection vulnerability in userCreate.json.php.
FortiOS versions 5.6.3 through 5.6.7 and 6.0.0 through 6.0.4 suffer from a credential disclosure vulnerability.
http://chaimongkon.go.th/activity/images/ notified by Umam1337
http://www.bangphlab.go.th/activity/images/ notified by Umam1337
http://www.nonkoon.go.th/activity/images/ notified by Umam1337