Charity Management System CMS version 1.0 suffers from code execution, cross site scripting, and remote SQL injection vulnerabilities.
WebKit suffers from a heap use-after-free vulnerability in WebCore::FrameLoader::PolicyChecker::checkNavigationPolicy.
JavaScriptCore suffers from a crash condition due to an uninitialized register in slow_path_profile_catch. Proof of concept that affects Safari is included.
WebKit suffers from a heap use-after-free vulnerability in Element::dispatchMouseEvent.
Multiple Altus Sistemas de Automacao products such as the Nexto NX30xx Series, Nexto NX5xxx Series, Nexto Xpress XP3xx Series, and Hadron Xtorm HX3040 Series suffer from command injection, cross site request forgery, and hardcoded credential vulnerabilities.
Laundry Booking Management System 1.0 – ‘Multiple’ Stored Cross-Site Scripting (XSS)
Tags: 0day, remote exploitOnline Traffic Offense Management System 1.0 – ‘id’ SQL Injection (Authenticated)
Tags: 0day, remote exploitMultiple Altus Sistemas de Automacao products such as the Nexto NX30xx Series, Nexto NX5xxx Series, Nexto Xpress XP3xx Series, and Hadron Xtorm HX3040 Series suffer from command injection, cross site request forgery, and hardcoded credential vulnerabilities.