1C-Bitrix Site Management Russia version 2.0 suffers from an open redirection vulnerability.
>> ARCHIVE: 2019-03
WordPress WP-DreamworkGallery plugin version 2.3 suffers from cross site request forgery and remote shell upload vulnerabilities.
zzzphp CMS version 1.6.1 suffers from a cross site request forgery vulnerability.
Microsoft Edge Chakra version 1.11.4 read permission via type confusion proof of concept exploit.
Mailtraq WebMail version 2.17.7.3550 suffers from a persistent cross site scripting vulnerability.
Ability Mail Server version 4.2.6 suffers from a persistent cross site scripting vulnerability.
Bold CMS version 3.6.4 suffers from a cross site scripting vulnerability.
Craft CMS version 3.1.12 Pro suffers from a cross site scripting vulnerability.
SAP J2EE Engine/7.01/Portal/EPP suffers from a cross site scripting vulnerability in /ctcprotocol/Protocol.
SAP J2EE Engine/7.01/Fiori suffers from a cross site scripting vulnerability in /TestJDBC_Web/test2.