WordPress Plugin Blue Admin 21.06.01 – Cross-Site Request Forgery (CSRF)

Beehive Forum – Account Takeover

MyBB 1.8.29 – MyBB 1.8.29 – Remote Code Execution (RCE) (Authenticated)

USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 – Remote Root Backdoor

PHProjekt PhpSimplyGest v1.3. – Stored Cross-Site Scripting (XSS)

Cyclos 4.14.7 – DOM Based Cross-Site Scripting (XSS)

ImpressCMS v1.4.4 – Unrestricted File Upload

Ruijie Reyee Mesh Router – Remote Code Execution (RCE) (Authenticated)

DLINK DIR850 – Insecure Access Control

SAP BusinessObjects Intelligence 4.3 – XML External Entity (XXE)