PHPKB Multi-Language 9 – Authenticated Remote Code Execution
>> AUTHOR: deepcore
PHPKB Multi-Language 9 – Authenticated Remote Code Execution
PHPKB Multi-Language 9 – ‘image-upload.php’ Authenticated Remote Code Execution
Revive Adserver versions 5.0.4 and below suffer from bypass and open redirection vulnerabilities.
Phoenix Contact TC Router and TC Cloud Client versions 2.05.3 and below, 2.03.17 and below, and 1.03.17 and below suffer from authenticated command injection and various other vulnerabilities.
This Metasploit module exploits a Java deserialization vulnerability in the getChartImage() method from the FileStorage class within ManageEngine Desktop Central versions below 10.0.474. Tested against 10.0.465 x64.
http://www.udonthani.go.th notified by C0RT3X
https://lawreform.go.th/t3x.htm notified by C0RT3X
http://ssobkl.go.th/t3x.htm notified by C0RT3X
CentOS Webpanel version 7 suffers from a remote SQL injection vulnerability.
AnyBurn version 4.8 SEH buffer overflow exploit.