This Metasploit module exploits an unauthenticated directory traversal vulnerability in WordPress Duplicator plugin versions 1.3.24 through 1.3.26, allowing arbitrary file read with the web server privileges. This vulnerability was being…
http://sakarat.go.th notified by 1K4lL_*
http://huathalae.go.th/index.php notified by 1K4lL_*
Seotoaster version 3.2.0 suffers from a persistent cross site scripting vulnerability.
Dolibarr ERP-CRM version 12.0.3 authenticated remote code execution exploit.
Interview Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
Interview Management System version 1.0 suffers from a remote SQL injection vulnerability.
Medical Center Portal Management System version 1.0 suffers from a remote SQL injection vulnerability.
Customer Support System version 1.0 suffers from a persistent cross site scripting vulnerability.
Customer Support System version 1.0 suffers from a remote SQL injection vulnerability.