:: Deepquest ::

phpATM versions 1.32 and below suffers from cross site request forgery and path disclosure vulnerabilities.

Skype for Business 2013 suffers from a user enumeration timing attack vulnerability.

WordPress Ultimate Product Catalog plugin versions 3.8.1 and below suffer from a privilege escalation vulnerability.

SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a directory traversal vulnerability.

SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a cross site scripting vulnerability.

Squid version 0.4.16_2 running on pfSense version 2.3.1-RELEASE-p1 suffers from cross site scripting and log manipulation vulnerabilities.

SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from an XML external entity injection vulnerability.

Vicidial version 2.11 suffers from a persistent cross site scripting vulnerability.

HP StoreEver MSL6480 Tape Library version 4.10 suffers from cross site request forgery, weak default credentials, and access control vulnerabilities.

Papouch TME ethernet thermometer and TME multi: Temperature and humidity via ethernet both suffer from cross site request forgery, hardcoded backdoor super user accounts, and missing access controls.