Best Support System version 3.0.4 suffers from a persistent cross site scripting vulnerability.
Ruckus IoT Controller (Ruckus vRIoT) versions 1.5.1.0.21 and below suffer from a remote code execution vulnerability.
Heroic Knowledge Base plugin versions 3.0.1 and below suffer from persistent cross site scripting vulnerabilities.
This Metasploit module uses the NiFi API to create an ExecuteProcess processor that will execute OS commands. The API must be unsecured (or credentials provided) and the ExecuteProcess processor must…
http://www.kerng.go.th/Anonime.txt notified by Hamza Anonime
http://www.sikhoraphumcity.go.th/o.txt notified by Mr.ToKeiChun69
http://nptedu.go.th/0day.html notified by Smash1337
Foxit Reader 9.0.1.1049 – Arbitrary Code Execution
Moodle 3.8 – Unrestricted File Upload
Acronis Cyber Backup 12.5 Build 16341 – Unauthenticated SSRF