>> TAG: #0day

Apache Solr 8.2.0 – Remote Code Execution

TheJshen contentManagementSystem 1.04 – ‘id’ SQL Injection

OpenVPN Private Tunnel 2.8.4 – ‘ovpnagent’ Unquoted Service Path

ownCloud 10.3.0 stable – Cross-Site Request Forgery

Nostromo – Directory Traversal Remote Command Execution (Metasploit)

MikroTik RouterOS 6.45.6 – DNS Cache Poisoning

WordPress Plugin Google Review Slider 6.1 – ‘tid’ SQL Injection

WMV to AVI MPEG DVD WMV Convertor 4.6.1217 – Buffer OverFlow (SEH)

Ajenti 2.1.31 – Remote Code Exection (Metasploit)

Citrix StoreFront Server 7.15 – XML External Entity Injection