>> TAG: #0day

Dolibarr 7.0.0 – SQL Injection

Procps-ng – Multiple Vulnerabilities

MachForm < 4.2.3 – SQL Injection / Path Traversal / Upload Bypass

Sitemakin SLAC 1.0 – ‘my_item_search’ SQL Injection

NUUO NVRmini2 / NVRsolo – Arbitrary File Upload

IssueTrak 7.0 – SQL Injection

MyBB ChangUonDyU Plugin 1.0.2 – Cross-Site Scripting

Pivotal Spring Java Framework < 5.0 – Remote Code Execution

Facebook Clone Script 1.0.5 – Cross-Site Request Forgery

DomainMod 4.09.03 – ‘oid’ Cross-Site Scripting