The Vulnerability Laboratory Core Research Team discovered an application-side input validation vulnerability that leads to cross-site scripting in the HiDisk version 2.4 iOS mobile application.
>> AUTHOR: deepcore
IPLINK IP-DL-801RT-B – (Url Filter Configuration Panel) Stored XSS
WordPress WP Membership Plugin 1.2.3 – Multiple Vulnerabilities
ElasticSearch < 1.4.5 / < 1.5.2 – Path Transversal
Windows – CNG.SYS Kernel Security Feature Bypass PoC (MS15-052)
QEMU – Floppy Disk Controller (FDC) PoC
Microsoft Windows – Local Privilege Escalation (MS15-051)
OpenLitespeed 1.3.9 – Use After Free (DoS)
http://saosanamchai.go.th/images/cok.txt notified by Panataran
http://laemngobcity.go.th/images/cok.txt notified by Panataran