Bludit version 3.13.1 suffers from a cross site scripting vulnerability.

Quick.CMS version 6.7 suffers from a cross site scripting vulnerability that can allow for cross site request forgery attacks.

GitLab version 13.10.2 remote code execution exploit that provides a reverse shell.

LiquidFiles version 3.5.13 suffers from a privilege escalation vulnerability. The LiquidFiles API allows a User Admin to access keys for System Administrators.

WordPress Smart Product Review plugin versions 1.0.4 and below suffer from a remote shell upload vulnerability.

This Metasploit module exploits an input validation error on the log file extension parameter of SuiteCRM version 7.11.18. It does not properly validate upper/lower case characters. Once this occurs, the…

Fuel CMS version 1.4.13 suffers from a remote blind SQL injection vulnerability.

Talariax sendQuick Alertplus Server Admin version 4.3 suffers from a vulnerability that allows an authenticated user to perform error-based SQL injection via unsanitized form fields.

KONGA version 0.14.9 suffers from a privilege escalation vulnerability.

WordPress Contact Form to Email plugin version 1.3.24 suffers from a persistent cross site scripting vulnerability.