CTFd versions 2.1.5 and below suffer from an administrative account takeover vulnerability.
>> ARCHIVE: 2020-01
Open-Xchange App Suite versions 7.10.2 and below suffer from cross site scripting and improper access control vulnerabilities.
Online Course Registration version 2.0 suffers from a remote code execution vulnerability.
IceWarp versions 12.2.0 and 12.1.x suffer from a cross site scripting vulnerability in notes for contacts.
Karakuzu ERP Management Web version 5.7.0 suffers from a remote SQL injection vulnerability.
Plantronics Hub version 3.13.2 suffers from a local privilege escalation vulnerability.
IceWarp versions 12.2.0 and 12.1.x suffer from a cross site scripting vulnerability.
http://doa.go.th/readme.htm notified by Dijehaji
https://pbhospital.go.th notified by Emad Hacker
Plantronics Hub 3.13.2 – Local Privilege Escalation