Zero Day Initiative Advisory 12-075 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application decodes video samples encoded with the RLE codec
http://map-server.doh.go.th/lby.html notified by shmook
http://old.women-family.go.th/view.asp?ID=339 notified by shmook
http://logistics.fda.moph.go.th/data/documents/lby.html notified by shmook
Follow this link: [webapps / 0day] – WordPress Font Uploader Plugin 1.2.4 Arbitrary File Upload
More: [webapps / 0day] – WordPress FCChat Widget 2.2.12.4 Arbitrary File Upload
More: [webapps / 0day] – WordPress VideoWhisper Video Presentation Plugin 3.17 Arbitrary File Upload
View post: [webapps / 0day] – WordPress MM Forms Community Plugin 2.2.6 Arbitrary File Upload
View original post here: [webapps / 0day] – WordPress Gallery Plugin 3.06 Arbitrary File Upload
See more here: [webapps / 0day] – SN News (visualiza.php) <= 1.2 SQL Injection Vulnerability