Multiple Stored Cross-site Scripting Vulnerabilities in ForkCMS 5.0.6
https://goo.gl/JqzGpr

Re: [CVE-2018-18009] dirary0.js on D-Link DIR-140L, DIR-640L devices allows remote unauthenticated attackers to discover admin credentials
https://goo.gl/BCiKyJ

Re: [CVE-2018-18008] spaces.htm on multiple D-Link devices (DSL, DIR, DWR) allows remote unauthenticated attackers to discover admin credentials
https://goo.gl/cP7GP5

Re: [CVE-2018-18007] atbox.htm on D-Link DSL-2770L devices allows remote unauthenticated attackers to discover admin credentials
https://goo.gl/ykvbDJ

DSA-2018-224:RSA Archer GRC Platform Improper Access Control Vulnerability
https://goo.gl/bFehnU

BMC Remedy + ITAM - multiple security issues.
https://goo.gl/GFvDdF

Open-Xchange Security Advisory 2018-12-31
https://goo.gl/3jsygX

Vulnerabilities in Zurmo 2.3.4
https://goo.gl/AAeuUP

Multiple Cross-site Scripting Vulnerabilities in ImpressCMS 1.3.10
https://goo.gl/nM1mPW

/bin/statistics in TWiki 6.0.2 allows XSS via the webs parameter(CVE-2018-20212)
https://goo.gl/2UxZNP

CWE-80 XSS Bose Soundtouch App
https://goo.gl/VZNsZ3

CVE-2018-19509-19513: multiple vulnerabilities (incl. critical pre-auth RCE) in Webgalamb
https://goo.gl/StbbBn

Multiple Cross-site Scripting Vulnerabilities in Family Connections 3.7.0
https://goo.gl/LWG8Jr

Multiple Cross-site Scripting Vulnerabilities in GeniXCMS 1.1.5
https://goo.gl/cTRXTV

Reflected Cross-site Scripting Vulnerability in Microweber 1.0.8
https://goo.gl/izj35K

DSA-2018-226: RSA® Authentication Manager Relative Path Traversal Vulnerability
https://goo.gl/mddcgk

BMC Network Automation v8.7 - remote session hijacking.
https://goo.gl/qRjmfo

CSRF in MapSVG Lite could allow an attacker to do almost anything an admin can (WordPress plugin)
https://goo.gl/dF8KL4

Multiple Root RCE in Unibox Wifi Access Controller 0.x - 3.x
https://goo.gl/e5aWZy

Re: Reflected Cross-site Scripting Vulnerability in Microweber 1.0.8
https://goo.gl/4BpZVW

New Release: UFONet v1.2 - "Armageddon!"
https://goo.gl/K7MxLD