>> TAG: #0day

Online Appointment System V1.0 – Cross-Site Scripting (XSS)

Online-Pizza-Ordering -1.0 – Remote Code Execution (RCE)

RSA NetWitness Platform 12.2 – Incorrect Access Control / Code Execution

Palo Alto Cortex XSOAR 6.5.0 – Stored Cross-Site Scripting (XSS)

Joomla! v4.2.8 – Unauthenticated information disclosure

Symantec Messaging Gateway 10.7.4 – Stored Cross-Site Scripting (XSS)

ActFax 10.10 – Unquoted Path Services

Stonesoft VPN Client 6.2.0 / 6.8.0 – Local Privilege Escalation

Restaurant Management System 1.0 – SQL Injection

Suprema BioStar 2 v2.8.16 – SQL Injection