Anchor CMS version 0.12.7 suffers from a markdown persistent cross site scripting vulnerability. Original discovery of persistent cross site scripting in this version was discovered by Sinem Sahin in September…
>> ARCHIVE: 2021-01
Coturn version 4.5.1.x suffers from a loopback access control bypass vulnerability.
WordPress Custom Global Variables plugin version 1.0.5 suffers from a persistent cross site scripting vulnerability.
SmartAgent 3.1.0 – Privilege Escalation
Cemetry Mapping and Information System 1.0 – Multiple SQL Injections
Gila CMS 2.0.0 – Remote Code Execution (Unauthenticated)
http://www.abtbungkla.go.th/test.php notified by Anonymous Indonesia
OpenCart 3.0.36 – ATO via Cross Site Request Forgery
WordPress Plugin Custom Global Variables 1.0.5 – ‘name’ Stored Cross-Site Scripting (XSS)
Cemetry Mapping and Information System 1.0 – Multiple Stored Cross-Site Scripting