>> ARCHIVE: 2021-03

Plone CMS version 5.2.3 suffers from a persistent cross site scripting vulnerability.

LiveZilla Server version 8.0.1.0 suffers from a cross site scripting vulnerability.

Boonex Dolphin version 7.4.2 suffers from a persistent cross site scripting vulnerability.

Profiling System for Human Resource Management version 1.0 suffers from a remote code execution vulnerability.

Eclipse Mosquitto MQTT broker version 2.0.9 suffers from an unquoted service path vulnerability.

VestaCP version 0.9.8 suffers from a command injection vulnerability.

The controller in SOYAL Biometric Access Control System version 5.0 suffers from a cleartext transmission of sensitive information. This allows interception of the HTTP traffic and disclose the Master code…

The web control panel SOYAL Biometric Access Control System version 5.0 uses a weak set of default administrative credentials (no password) that can be easily guessed in remote password attacks.

SOYAL Biometric Access Control System version 5.0 suffers from a cross site request forgery vulnerability.