11May
[webapps] Navigate CMS 2.9.4 – Server-Side Request Forgery (SSRF) (Authenticated)
Navigate CMS 2.9.4 – Server-Side Request Forgery (SSRF) (Authenticated)
Navigate CMS 2.9.4 – Server-Side Request Forgery (SSRF) (Authenticated)
SAP BusinessObjects Intelligence 4.3 – XML External Entity (XXE)
PHProjekt PhpSimplyGest v1.3. – Stored Cross-Site Scripting (XSS)
Ruijie Reyee Mesh Router – Remote Code Execution (RCE) (Authenticated)
Cyclos 4.14.7 – DOM Based Cross-Site Scripting (XSS)
MyBB 1.8.29 – MyBB 1.8.29 – Remote Code Execution (RCE) (Authenticated)
USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 – Remote Root Backdoor
WordPress Plugin Blue Admin 21.06.01 – Cross-Site Request Forgery (CSRF)
TCQ – ITeCProteccioAppServer.exe – Unquoted Service Path