>> TAG: #0day

JMX RMI – Multiple Applications Remote Code Execution

Rukovoditel ERP & CRM 2.4.1 – ‘path’ Cross-Site Scripting

XooGallery – Multiple SQL Injection

XooDigital – ‘p’ SQL Injection

Titan FTP Server Version 2019 Build 3505 – Directory Traversal / Local File Inclusion

SJS Simple Job Script – SQL Injection / Cross-Site Scripting

Microsoft Windows 7/2008 – ‘Win32k’ Denial of Service (PoC)

Spidermonkey – IonMonkey Type Inference is Incorrect for Constructors Entered via OSR

X-NetStat Pro 5.63 – Local Buffer Overflow

Apache CouchDB 2.3.1 – Cross-Site Request Forgery / Cross-Site Scripting