This Metasploit module uses job functionality in the Apache Flink dashboard web interface to upload and execute a JAR file, leading to remote execution of arbitrary Java code as the…
>> AUTHOR: deepcore
https://jobok.go.th/ina.htm notified by Xyp3r2667
https://www.kohsathon.go.th/ina.htm notified by Xyp3r2667
SpotAuditor 5.3.5 – ‘multiple’ Denial Of Service (PoC)
python jsonpickle 2.0.0 – Remote Code Execution
LogonExpert 8.1 – ‘LogonExpertSvc’ Unquoted Service Path
Unified Remote 3.9.0.2463 – Remote Code Execution
Softros LAN Messenger 9.6.4 – ‘SoftrosSpellChecker’ Unquoted Service Path
Product Key Explorer 4.2.7 – ‘multiple’ Denial of Service (PoC)
Apache MyFaces versions 2.2.13 and below, 2.3.7 and below, 2.3-next-M4 and below, and 2.1 and below suffer from a cross site request forgery vulnerability.