>> TAG: #0day

Patient Appointment Scheduler System 1.0 – Persistent/Stored XSS

SmartFTP Client 10.0.2909.0 – ‘Multiple’ Denial of Service

Antminer Monitor 0.5.0 – Authentication Bypass

Remote Mouse 4.002 – Unquoted Service Path

OpenSIS 8.0 ‘modname’ – Directory/Path Traversal

Dolibarr ERP/CRM 14.0.1 – Privilege Escalation

Compro Technology IP Camera – ‘ mjpegStreamer.cgi’ Screenshot Disclosure

Compro Technology IP Camera – ‘killps.cgi’ Denial-of-Service (DoS)

OpenSIS Community 8.0 – ‘cp_id_miss_attn’ SQL Injection

Compro Technology IP Camera – RTSP stream disclosure (Unauthenticated)