http://mueang.chanthaburi.doae.go.th notified by D.R.S Dz Team
http://mueang.chanthaburi.doae.go.th notified by D.R.S Dz Team
SonicWall NetExtender version 10.2.0.300 suffers from an unquoted service path vulnerability.
Cyberoam NetGenie with a firmware version of C0101B1-20141120-NG11VO suffers from a cross site scripting vulnerability.
GeoVision Geowebserver versions 5.3.3 and below suffer from code execution, cross site request forgery, cross site scripting, html injection, and local file inclusion vulnerabilities.
This Metasploit module exploits an arbitrary file write in Lucee Administrator’s imgProcess.cfm file to execute commands as the Tomcat user.
crossfire-server 1.9.0 – ‘SetUp()’ Remote Buffer Overflow
Simple Image Gallery 1.0 – Remote Code Execution (RCE) (Unauthenticated)
COVID19 Testing Management System 1.0 – ‘Multiple’ SQL Injections
Crime records Management System 1.0 – ‘Multiple’ SQL Injection (Authenticated)
This Metasploit module exploits an arbitrary file write in Lucee Administrator’s imgProcess.cfm file to execute commands as the Tomcat user.