>> TAG: #0day

Joomla! Component JS Jobs (com_jsjobs) 1.2.5 – ‘cities.php’ SQL Injection

BSI Advance Hotel Booking System 2.0 – ‘booking_details.php Persistent Cross-Site Scripting

VxWorks 6.8 – TCP Urgent Pointer = 0 Integer Underflow

Daily Expense Manager 1.0 – Cross-Site Request Forgery (Delete Income)

Aptana Jaxer 1.0.3.4547 – Local File inclusion

Baldr Botnet Panel – Arbitrary Code Execution (Metasploit)

Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 – Arbitrary File Download

Open-School 3.0 / Community Edition 2.3 – Cross-Site Scripting

Adive Framework 2.0.7 – Cross-Site Request Forgery

Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 – SQL Injection