BugTracker.Net versions 3.5.8 and below suffer from remote SQL Injection, cross site scripting, and file disclosure vulnerabilities. Full report and advisory included.
f6d5f1fa984abc41834fd266a98e43d88d5e71390ad9ba926bb5a1b98c758c10
WordPress WP E-Commerce third party plugin version 3.8.9 suffers from cross site scripting and multiple remote SQL injection vulnerabilities.
0d217823abae38bc48512f5c07fbec5a29e015e3bfddc654f8069b7e4310d5e4