This Metasploit module exploits a remote code execution vulnerability in Zen Cart version 1.5.7b.
>> AUTHOR: deepcore
CASAP Automated Enrollment System version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Web Based Quiz System version 1.0 suffers from a persistent cross site scripting vulnerability related to MCQ options.
Local Services Search Engine Management System (LSSMES) 1.0 – Blind & Error based SQL injection (Authenticated)
Local Services Search Engine Management System (LSSMES) 1.0 – ‘name’ Persistent Cross-Site Scripting (XSS)
AnyDesk 5.5.2 – Remote Code Execution
https://buathongcity.go.th/tmp/senius.html notified by ZoRRoKiN
http://procurement.dgr.go.th/egp/ notified by Xyp3r2667
http://bgepa.dgr.go.th/2558/templates/ notified by Xyp3r2667
WiFi Mouse version 1.7.8.5 suffers from a remote code execution vulnerability.