M/Monit version 3.7.4 suffers from a password disclosure vulnerability.

Nagios Log Server version 2.1.7 suffers from a persistent cross site scripting vulnerability.

Internet Download Manager version 6.38.12 suffers from a scheduler downloads scheduler buffer overflow vulnerability.

Gemtek WVRTM-127ACN version 01.01.02.141 suffers from an authentication arbitrary command injection vulnerability.

TestBox CFML Test Framework version 4.1.0 suffers from a directory traversal vulnerability.

TestBox CFML Test Framework version 4.1.0 suffers from arbitrary file write and remote code execution vulnerabilities.

Sokrates SOWA SowaSQL suffers from a cross site scripting vulnerability. The module SOWA.WWW was fixed in version 4.8.16, whereas the module SOWA.OPAC was fixed in version 5.6.2.

This Metasploit module exploits a path traversal and a Java class instantiation in the handle implementation of WebLogic’s Administration Console to execute code as the WebLogic user. Versions 10.3.6.0.0, 12.1.3.0.0,…