Ruckus IoT Controller (Ruckus vRIoT) versions 1.5.1.0.21 and below suffer from a remote code execution vulnerability.
>> AUTHOR: deepcore
Best Support System version 3.0.4 suffers from a persistent cross site scripting vulnerability.
Heroic Knowledge Base plugin versions 3.0.1 and below suffer from persistent cross site scripting vulnerabilities.
This Metasploit module uses the NiFi API to create an ExecuteProcess processor that will execute OS commands. The API must be unsecured (or credentials provided) and the ExecuteProcess processor must…
http://www.kerng.go.th/Anonime.txt notified by Hamza Anonime
http://www.sikhoraphumcity.go.th/o.txt notified by Mr.ToKeiChun69
http://nptedu.go.th/0day.html notified by Smash1337
SAP Lumira 1.31 – Stored Cross-Site Scripting
WordPress Theme Accesspress Social Icons 1.7.9 – SQL injection (Authenticated)
WordPress Theme Wibar 1.1.8 – ‘Brand Component’ Stored Cross Site Scripting