BMW Online appears to allow script insertion that can get embedded into emails.
>> AUTHOR: deepcore
SPA Cart CMS version 2021 suffers from a remote SQL injection vulnerability.
PHP Melody version 3.0 suffers from multiple cross site scripting vulnerabilities.
PHP Melody version 3.0 suffers from a remote SQL injection vulnerability.
PHP Melody version 3.0 suffers from a persistent Editor related cross site scripting vulnerability.
Isshue Shopping Cart version 3.5 suffers from a persistent cross site scripting vulnerability.
PHP Melody version 3.0 suffers from a persistent cross site scripting vulnerability in the submitted parameter.
Vanguard version 2.1 suffers from a cross site scripting vulnerability via a POST.
Linux suffers from a use-after-free read in the SELinux handler for PTRACE_TRACEME.
Ultimate POS version 4.4 suffers from a cross site scripting vulnerability.