Firebase’s PHP-JWT suffers from an algorithm confusion issue. Proof of concept code included.

CentOS Web Panel version 0.9.8.1081 suffers from a persistent cross site scripting vulnerability.

NetGear D1500 version 1.0.0.21_1.0.1PE suffers from a persistent cross site scripting vulnerability.

COMMAX Biometric Access Control System version 1.0.0 suffers from a cross site scripting vulnerability.

Chrome suffers from a JS object corruption vulnerability in WasmJs::InstallConditionalFeatures.

Simple Water Refilling Station Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Simple Water Refilling Station Management System version 1.0 suffers from a remote shell upload vulnerability.

COMMAX Biometric Access Control System version 1.0.0 suffers from a authentication bypass vulnerability.

TastyIgniter version 3.0.7 suffers from a persistent cross site scripting vulnerability.

COMMAX Smart Home IoT Control System CDP-1020n suffers from a remote SQL injection vulnerability that allows for authentication bypass.