Schneider Electric C-Bus Automation Controller (5500SHAC) version 1.10 suffers from an authenticated arbitrary command execution vulnerability. An attacker can abuse the Start-up (init) script editor and exploit the script POST…
https://loei2.go.th/1975.html notified by 1975 Team
https://amnat-ed.go.th/1975.html notified by 1975 Team
http://www.mhs-pao.go.th/zil.php notified by AnonCoders
qdPM version 9.1 authenticated remote code execution exploit that leverages a path traversal.
ChromeOS uses usbguard when the screen is locked but appears to suffer from bypass issues.
Tigase XMPP server suffers from a security vulnerability due to not escaping double quote character when serializing parsed XML. This can be used to smuggle (or, if you prefer, inject)…
Tigase XMPP server suffers from a security vulnerability due to not escaping double quote character when serializing parsed XML. This can be used to smuggle (or, if you prefer, inject)…
http://cems.diw.go.th/sadme.htm notified by typicalsadboy
http://policeubon.go.th/o.htm notified by ./Fell Ganns