Virtual Airlines Manager version 2.6.2 suffers from a remote SQL injection vulnerability.

Bludit version 3.9.12 suffers from a directory traversal vulnerability.

Bandwidth Monitor version 3.9 full ROP buffer overflow exploit with SEH, DEP, and ASLR taken into consideration.

WebUntis versions 2020.12.1 and below suffer from a persistent cross site scripting vulnerability.

Joomla J2 Store version 3.3.11 suffers from an authenticated remote SQL injection vulnerability.

CipherMail Community Virtual Appliance version 4.6.2 suffers from remote command execution and file injection vulnerabilities.

Pydio Cells version 2.0.4 suffers from cross site scripting, file write, code execution, and various other vulnerabilities.