>> ARCHIVE: 2019-08

Joomla JS Support Ticket component version 1.1.6 suffers from an arbitrary file deletion vulnerability in ticket.php.

This Metasploit module exploits an arbitrary command execution vulnerability in Webmin versions 1.920 and below. If the password change module is turned on, the unauthenticated user can execute arbitrary commands…

This Metasploit module bypasses the user password requirement in the OpManager versions 12.4.034 and below. It performs authentication bypass and executes commands on the server.

VxWorks version 6.8 suffers from an integer underflow vulnerability.

This Metasploit module exploits SQL injection and command injection vulnerability in the OpManager versions 12.4.034 and below.

BSI Advance Hotel Booking System version 2.0 suffers from a persistent cross site scripting vulnerability in booking_details.php.

Joomla JS Support Ticket component version 1.1.6 suffers from a remote SQL injection vulnerability in ticketreply.php.

This Metasploit module exploits SQL injection and command injection vulnerabilities in the ManageEngine Application Manager versions 14.2 and below.

WebKit suffers from a universal cross site scripting vulnerability via XSLT and nested document replacements.

Steam Windows client local privilege escalation exploit.