Adive Framework 2.0.7 – Cross-Site Request Forgery
>> AUTHOR: deepcore
Adive Framework 2.0.7 – Cross-Site Request Forgery
Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 – SQL Injection
Chrome suffers from a heap use-after-free condition in blink::PresentationAvailabilityState::UpdateAvailability.
http://www.dnp.go.th/lungset.htm notified by PYS404
WordPress Plugin JoomSport 3.3 – SQL Injection
Google Chrome 74.0.3729.0 / 76.0.3789.0 – Heap Use-After-Free in blink::PresentationAvailabilityState::UpdateAvailability
http://cco.mof.go.th notified by EvLaT_
ATutor version 2.2.4 suffers from a backup functionality remote command execution vulnerability.
Opencart versions 2.3.0.2 and below suffer from an insecure OCMod generation remote command execution vulnerability.
ATutor version 2.2.4 suffers from a language_import arbitrary file upload that allows for command execution.