Source
CVE
An authenticated Denial-of-Service (DoS) vulnerability exists in the CLI service. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point.
MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect access control mechanisms in place for the Rest API.
ASP.NET Core Denial of Service Vulnerability
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Themeum WP Crowdfunding plugin <= 2.1.6 versions.
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sajjad Hossain Sagor WP Edit Username plugin <= 1.0.5 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability (requires PHP 8.x) in CodeBard CodeBard's Patron Button and Widgets for Patreon plugin <= 2.1.9 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Feed plugin <= 2.2.1 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Michael Uno (miunosoft) Responsive Column Widgets plugin <= 1.2.7 versions.
SQL injection vulnerability in Inventory Management v.1.0 allows a local attacker to execute arbitrary code via the name, uname and email parameters in the registration.php component.
Cross-Site Scripting (XSS) vulnerability in Inventory Management V1.0 allows attackers to execute arbitrary code via the pname parameter of the editProduct.php component.