>> TAG: #0day

LeptonCMS 4.5.0 – Persistent Cross-Site Scripting

UliCMS 2020.1 – Persistent Cross-Site Scripting

WordPress Plugin WPForms 1.5.9 – Persistent Cross-Site Scripting

Veyon 4.3.4 – ‘VeyonService’ Unquoted Service Path

UCM6202 1.0.18.13 – Remote Command Injection

FIBARO System Home Center 5.021 – Remote File Include

ProficySCADA for iOS 5.0.25920 – ‘Password’ Denial of Service (PoC)

Google Chrome 80.0.3987.87 – Heap-Corruption Remote Denial of Service (PoC)

CyberArk PSMP 10.9.1 – Policy Restriction Bypass

rConfig 3.9.4 – ‘search.crud.php’ Remote Command Injection