Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20782PUBLISHED: 2019-02-17The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN messages.
CVE-2019-8407PUBLISHED: 2019-02-17HongCMS 3.0.0 allows arbitrary file read and write operations via a ../ in the filename parameter to the admin/index.php/language/edit URI.
CVE-2019-8408PUBLISHED: 2019-02-17OneFileCMS 3.6.13 allows remote attackers to modify onefilecms.php by clicking the Copy button twice.
CVE-2016-10742PUBLISHED: 2019-02-17Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter.
CVE-2019-8393PUBLISHED: 2019-02-17Hotels_Server through 2018-11-05 has SQL Injection via the API because the controller/api/login.php telephone parameter is mishandled.