>> TAG: #0day

ADB Broadband Gateways / Routers – Privilege Escalation

CMS Made Simple 2.2.5 – Remote Code Execution

Online Trade – Information Disclosure

ManageEngine Exchange Reporter Plus < Build 5311 – Remote Code Execution

ShopNx – Arbitrary File Upload

ModSecurity 3.0.0 – Cross-Site Scripting

Geutebruck 5.02024 G-Cam/EFD-2250 – ‘simple_loglistjs.cgi’ Remote Command Execution (Metasploit)

Linux/x86 – Execve /bin/cat /etc/passwd Shellcode (37 bytes)

Dolibarr ERP CRM < 7.0.3 – PHP Code Injection

SIPp 3.6 – Local Buffer Overflow (PoC)