>> TAG: #0day

Lazybone Studios WiFi Music 1.0 iOS – Multiple Vulnerabilities

InterWorx Control Panel 5.0.13 build 574 (xhr.php, i param) – SQL Injection

Katello (Red Hat Satellite) users/update_roles Missing Authorization

GetSimple CMS 3.3.1 – Persistent Cross Site Scripting

Couchdb 1.5.0 – uuids DoS Exploit

Allied Telesis AT-RG634A ADSL Broadband Router – Unauthenticated Webshell

qEngine CMS 6.0.0 – Multiple Vulnerabilities

Cart Engine 3.0.0 Database Backup Disclosure Exploit

Kemana Directory 1.5.6 Remote Code Execution

Haihaisoft Universal Player 1.5.8 (.m3u, .pls, .asx) – Buffer Overflow (SEH)