Sentrifugo CMS version 3.2 suffers from a persistent cross site scripting vulnerability.

Car Park Management System version 1.0 suffers a remote SQL injection vulnerability that allows for authentication bypass.

iChat version 1.6 suffers from a cross site scripting vulnerability.

KeeWeb version 1.14.0 suffers from an html injection vulnerability.

OpenZ ERP version 3.6.60 suffers from a persistent cross site scripting vulnerability.

Online Clothing Store version 1.0 suffers from an arbitrary file upload vulnerability.

Create-Project Manager version 1.07 suffers from cross site scripting and html injection vulnerabilities.

Draytek VigorAP suffers from a persistent cross site scripting vulnerability. Multiple different versions are affected.

LANCOM WLAN Controller suffers from multiple cross site scripting vulnerabilities. Multiple versions and firmware are affected.