>> TAG: #0day

Powerlogic/Schneider Electric IONXXXX Series – Cross-Site Request Forgery

Apache Struts 2 – Struts 1 Plugin Showcase OGNL Code Execution (Metasploit)

Linux < 4.16.9 / < 4.14.41 – 4-byte Infoleak via Uninitialized Struct Field in compat adjtimex Syscall

SuperCom Online Shopping Ecommerce Cart 1 – Persistent Cross-Site scripting / Cross site request forgery / Authentication bypass

Rockwell Scada System 27.011 – Cross-Site Scripting

VirtueMart 3.1.14 – Persistent Cross-Site Scripting

MyBB Admin Notes Plugin 1.1 – Cross-Site Request Forgery

WhatsApp 2.18.31 – Memory Corruption

Monstra CMS 3.0.4 – Remote Code Execution

Linux/x86 – Reverse TCP (127.0.0.1:4444/TCP) Shell Shellcode (96 Bytes)