The EditingPageParser.VerifyControlOnSafeList method fails to properly validate user supplied data. This can be leveraged by an attacker to leak sensitive information in rendered-preview content. This module will leak the ViewState…
Kerberos supports a security buffer to set the target SPN of a ticket bypassing the SPN check in LSASS.
Kerberos supports a security buffer to set the target SPN of a ticket bypassing the SPN check in LSASS.
http://dnprg15.dnp.go.th notified by Hamza Anonime
Node.JS – ‘node-serialize’ Remote Code Execution (3)
Dlink DSL2750U – ‘Reboot’ Command Injection
ICE Hrm 29.0.0.OS – ‘xml upload’ Stored Cross-Site Scripting (XSS)
ICE Hrm 29.0.0.OS – ‘Account Takeover’ Cross-Site Request Forgery (CSRF)
ICE Hrm 29.0.0.OS – ‘Account Takeover’ Cross-Site Scripting and Session Fixation
http://www.bantako.go.th notified by Xyp3r2667