Feehi CMS version 2.1.1 suffers from an authenticated remote code execution vulnerability.
>> AUTHOR: deepcore
WordPress WP-UserOnline plugin version 2.88.0 suffers from a persistent cross site scripting vulnerability.
Teleport version 10.1.1 suffers from a remote code execution vulnerability.
WordPress 3dady Real-Time Web Stats plugin version 1.0 suffers from a persistent cross site scripting vulnerability.
Multix version 2.4 suffers from a cross site scripting vulnerability.
Multix version 2.4 suffers from a cross site request forgery vulnerability.
WorkOrder CMS version 0.1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
WorkOrder CMS version 0.1.0 suffers from a cross site scripting vulnerability.
Linux stable versions 5.4 and 5.10 suffers from a page use-after-free via stale TLB caused by an rmap lock not held during PUD move.
Various versions of Bitbucket Server and Data Center are vulnerable to an unauthenticated command injection vulnerability in multiple API endpoints. The /rest/api/latest/projects/{projectKey}/repos/{repositorySlug}/archive endpoint creates an archive of the repository, leveraging…