openMAINT version 1.1-2.4.2 suffers from an arbitrary file upload vulnerability.
>> AUTHOR: deepcore
DynPG version 4.9.1 suffers from a persistent cross site scripting vulnerability.
Sage DPW versions 2020_06_000 and 2020_06_001 suffer from cross site scripting and unauthenticated malicious file upload vulnerabilities.
JioChat for Android has an issue where a caller can cause the callee device to send audio without user interaction.
berliCRM 1.0.24 – ‘src_record’ SQL Injection
Battle.Net 1.27.1.12428 – Insecure File Permissions
Small CRM 2.0 – ’email’ SQL Injection
Online Students Management System 1.0 – ‘username’ SQL Injections
MedDream PACS Server 6.8.3.751 – Remote Code Execution (Unauthenticated)
Liman 0.7 – Cross-Site Request Forgery (Change Password)