>> TAG: #0day

Joomla! Component jDownloads 3.2.58 – Cross Site Scripting

D-Link DIR-615 Wireless Router – Persistent Cross Site Scripting

Brave Browser < 0.13.0 – 'window.close(self)' Denial of Service

Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 – 'Drupalgeddon2' Remote Code Execution (Metasploit)

Brave Browser < 0.13.0 – 'long alert() argument' Denial of Service

Cobub Razor 0.8.0 – SQL injection

SysGauge Pro 4.6.12 – Local Buffer Overflow (SEH)

Barco ClickShare CSE-200 – Remote Denial of Service

Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 – 'Drupalgeddon2' Remote Code Execution (PoC)

Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 – 'Drupalgeddon2' Remote Code Execution