Totaljs CMS version 12.0 mints an insecure cookie that can be used to crack the administrator password.
WordPress Portrait-Archiv.com Photostore plugin version 5.0.4 suffers from a cross site scripting vulnerability.
Totaljs CMS version 12.0 suffers from an authenticated code injection vulnerability during widget creation.
Totaljs CMS version 12.0 suffers from a broken access control on an API call.
One Identity Defender version 5.9.3 suffers from an insecure cryptographic storage vulnerability.
WordPress Download Manager plugin version 2.9.93 suffers from a cross site scripting vulnerability.
DASAN Zhone ZNID GPON 2426A EU versions S3.1.285 and below suffer from multiple cross site scripting vulnerabilities.
Cisco Content Security Management Virtual Appliance M600V IronPort remote host header injection exploit.
Cisco Email Security Virtual Appliance C300V IronPort remote host header injection exploit.
Cisco Email Security Virtual Appliance C380 IronPort remote host header injection exploit.