Piwigo version 13.6.0 suffers from a persistent cross site scripting vulnerability.
Chitor-CMS 1.1.2 SQL Injection
Chitor-CMS version 1.1.2 suffers from a remote SQL injection vulnerability.
FUXA 1.1.13-1186 Remote Code Execution
FUXA version 1.1.13-1186 suffers from an unauthenticated remote code execution vulnerability.
VMware Workspace ONE Access Privilege Escalation
This Metasploit module exploits CVE-2022-22960 which allows the user to overwrite the permissions of the certproxyService.sh script so that it can be modified by the horizon user. This allows a local attacker with the uid 1001 to escalate their privileges to root access.
https://dltkorat.go.th/net.html
https://dltkorat.go.th/net.html notified by Desktop77N3T
https://dltkorat.go.th/net.html
https://dltkorat.go.th/net.html notified by Desktop77N3T
[remote] Microsoft Word 16.72.23040900 – Remote Code Execution (RCE)
Microsoft Word 16.72.23040900 – Remote Code Execution (RCE)
[webapps] Bang Resto v1.0 – 'Multiple' SQL Injection
Bang Resto v1.0 – ‘Multiple’ SQL Injection
[webapps] Bang Resto v1.0 – Stored Cross-Site Scripting (XSS)
Bang Resto v1.0 – Stored Cross-Site Scripting (XSS)
[local] AspEmail v5.6.0.2 – Local Privilege Escalation
AspEmail v5.6.0.2 – Local Privilege Escalation