Joomla! Component JS Support Ticket (com_jssupportticket) 1.1.6 – ‘ticket.php’ Arbitrary File Deletion
>> TAG: #0day
osTicket 1.12 – Persistent Cross-Site Scripting
osTicket 1.12 – Formula Injection
ManageEngine Application Manager 14.2 – Privilege Escalation / Remote Command Execution (Metasploit)
ManageEngine OpManager 12.4x – Privilege Escalation / Remote Command Execution (Metasploit)
ManageEngine OpManager 12.4x – Unauthenticated Remote Command Execution (Metasploit)
Webmin 1.920 – Unauthenticated Remote Code Execution (Metasploit)
Ghidra (Linux) 9.0.4 – .gar Arbitrary Code Execution
UNA 10.0.0 RC1 – ‘polyglot.php’ Persistent Cross-Site Scripting
Cisco Adaptive Security Appliance – Path Traversal (Metasploit)