RS Authentication Manager versions prior to 8.3 P1 suffer from cross site scripting and XML external entity injection vulnerabilities.
>> ARCHIVE: 2018-05
SuperCom Online Shopping Ecommerce Cart 1 – Persistent Cross-Site scripting / Cross site request forgery / Authentication bypass
Linux < 4.16.9 / < 4.14.41 – 4-byte Infoleak via Uninitialized Struct Field in compat adjtimex Syscall
Apache Struts 2 – Struts 1 Plugin Showcase OGNL Code Execution (Metasploit)
Powerlogic/Schneider Electric IONXXXX Series – Cross-Site Request Forgery
Jenkins CLI – HTTP Java Deserialization (Metasploit)
Nanopool Claymore Dual Miner 7.3 – Remote Code Execution
NodAPS 4.0 – SQL injection / Cross-Site Request Forgery
Intelbras NCLOUD 300 1.0 – Authentication bypass
Monstra CMS version 3.0.4 suffers from a shell upload remote code execution vulnerability.