>> TAG: #0day

DomainMOD 4.11.01 – Cross-Site Scripting

Mumsoft Easy Software 2.0 – Denial of Service (PoC)

Easy Outlook Express Recovery 2.0 – Denial of Service (PoC)

Precurio Intranet Portal 2.0 – Cross-Site Request Forgery (Add Admin)

Kordil EDMS 2.2.60rc3 – Arbitrary File Upload

Simple E-Document 1.31 – ‘username’ SQL Injection

Meneame English Pligg 5.8 – ‘search’ SQL Injection

2-Plan Team 1.0.4 – Arbitrary File Upload

Galaxy Forces MMORPG 0.5.8 – ‘type’ SQL Injection

WordPress Plugin Ninja Forms 3.3.17 – Cross-Site Scripting