>> TAG: #0day

Linux/CRISv32 – Axis Communication Connect Back Shellcode (189 bytes)

Wowza Streaming Engine 4.5.0 – Add Advanced Admin CSRF

Drupal RESTWS Module 7.x – Remote PHP Code Execution (Metasploit)

Wowza Streaming Engine 4.5.0 – Remote Privilege Escalation

Wowza Streaming Engine 4.5.0 – Multiple XSS

Wowza Streaming Engine 4.5.0 – Local Privilege Escalation

Django CMS 3.3.0 – (Editor Snippet) Persistent XSS

Linux/x86 – execve /bin/sh Shellcode (19 bytes)

Axis Communications MPQT/PACS 5.20.x – Server Side Include (SSI) Daemon Remote Format String Exploit

newsp.eu PHP Calendar Script 1.0 – User Credentials Disclosure