#windows

Aures Booking and POS Terminal suffers from a local privilege escalation vulnerability.

Webile version 1.0.1 suffers from multiple cross site scripting vulnerabilities.

Dooblou WiFi File Explorer version 1.13.3 suffers from multiple cross site scripting vulnerabilities.

Tiva Events Calender version 1.4 suffers from a persistent cross site scripting vulnerability.

Active Super Shop CMS version 2.5 suffers from an html injection vulnerability.

Boom CMS version 8.0.7 suffers from a cross site scripting vulnerability.

Microsoft Office 365 version 18.2305.1222.0 suffers from a remote code execution vulnerability when a malicious link is clicked on in a Word file.

Clip Share version 4.1.4 suffers from a cross site scripting vulnerability.

Ciuis CRM version 1.0.8 suffers from an add administrator vulnerability.

IBM Sterling Connect:Express for UNIX 1.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 252135.