ProjeQtOr Project Management version 9.1.4 suffers from a remote shell upload vulnerability.
Multiple Korenix products are affected by unauthenticated device administration, backdoor accounts, cross site request forgery, unauthenticated tftp actions, and command injection vulnerabilities. Products affected include JetNet 5428G-20SFP, JetNet 5810G, JetNet…
http://www.chiangmaiarea1.go.th/pwn.txt notified by Royal Battler BD
Seo Panel 4.8.0 – ‘search_name’ Reflected XSS
Products.PluggableAuthService 2.6.0 – Open Redirect
Intel(R) Audio Service x64 01.00.1080.0 – ‘IntelAudioService’ Unquoted Service Path
Thecus N4800Eco Nas Server Control Panel – Comand Injection
GetSimple CMS 3.3.4 – Information Disclosure
Apache Airflow 1.10.10 – ‘Example Dag’ Remote Code Execution
Multiple Korenix products are affected by unauthenticated device administration, backdoor accounts, cross site request forgery, unauthenticated tftp actions, and command injection vulnerabilities. Products affected include JetNet 5428G-20SFP, JetNet 5810G, JetNet…