>> ARCHIVE: 2020-11

Fortinet FortiOS version 6.0.4 suffers from an unauthenticated SSL VPN user password modification vulnerability.

Gitlab version 12.9.0 authenticated arbitrary file read exploit. A file read vulnerability was previously discovered in this version in May of 2020 by KouroshRZ.

M/Monit version 3.7.4 suffers from a privilege escalation vulnerability.

M/Monit version 3.7.4 suffers from a password disclosure vulnerability.

Nagios Log Server version 2.1.7 suffers from a persistent cross site scripting vulnerability.

Internet Download Manager version 6.38.12 suffers from a scheduler downloads scheduler buffer overflow vulnerability.

Gemtek WVRTM-127ACN version 01.01.02.141 suffers from an authentication arbitrary command injection vulnerability.

TestBox CFML Test Framework version 4.1.0 suffers from a directory traversal vulnerability.

TestBox CFML Test Framework version 4.1.0 suffers from arbitrary file write and remote code execution vulnerabilities.

Sokrates SOWA SowaSQL suffers from a cross site scripting vulnerability. The module SOWA.WWW was fixed in version 4.8.16, whereas the module SOWA.OPAC was fixed in version 5.6.2.