>> TAG: #0day

Piwigo 2.9.1 – ‘cat_true’ / ‘cat_false’ SQL Injection

Readymade Video Sharing Script 3.2 – HTML Injection

Dup Scout Enterprise – Login Buffer Overflow (Metasploit)

pfSense 2.4.1 – CSRF Error Page Clickjacking (Metasploit)

Meinberg LANTIME Web Configuration Utility 6.16.008 – Arbitrary File Read

glibc ld.so – Memory Leak / Buffer Overflow

Joomla! Component JEXTN Question And Answer 3.1.0 – SQL Injection

Joomla! Component JBuildozer 1.4.1 – ‘appid’ SQL Injection

Accesspress Anonymous Post Pro < 3.2.0 – Unauthenticated Arbitrary File Upload

Apple XNU Kernel – Memory Corruption due to Integer Overflow in __offsetof Usage in posix_spawn on 32-bit Platforms