Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
htbridge.com vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2013-3638
SQL injection vulnerability in Boonex Dolphin prior to 7.1.3 allows remote authenticated users to execute arbitrary SQL commands via the 'pathes' parameter in 'categories.php'.
Boonex Dolphin
NA
CVE-2013-36391
Xaraya version 2.4.0-b1 suffers from multiple cross site scripting vulnerabilities.
6.1
CVSSv3
CVE-2015-8349
Cross-site scripting (XSS) vulnerability in SourceBans prior to 2.0 pre-alpha allows remote malicious users to inject arbitrary web script or HTML via the advSearch parameter to index.php.
Gameconnect Sourcebans
6.1
CVSSv3
CVE-2015-8353
Cross-site scripting (XSS) vulnerability in the Role Scoper plugin prior to 1.3.67 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the object_name parameter in a rs-object_role_edit page to wp-admin/admin.php.
Role Scoper Project Role Scoper
NA
CVE-2013-5983
Multiple cross-site scripting (XSS) vulnerabilities in GuppY prior to 4.6.28 allow remote malicious users to inject arbitrary web script or HTML via the (1) "an" parameter to agenda.php or (2) cat parameter to mobile/thread.php.
Guppy Guppy
Guppy Guppy 4.5.10
Guppy Guppy 4.5.11
Guppy Guppy 4.5.16
Guppy Guppy 2.4
Guppy Guppy 2.4 P1
Guppy Guppy 4.5.3
Guppy Guppy 4.5.3a
Guppy Guppy 4.0
Guppy Guppy 4.5
Guppy Guppy 4.6.3
Guppy Guppy 2.4 P3
Guppy Guppy 2.4 P4
Guppy Guppy 4.5.4
Guppy Guppy 4.5.9
NA
CVE-2013-63421
WordPress Tweet Blender plugin version 4.0.1 suffers from a cross site scripting vulnerability.
5.3
CVSSv3
CVE-2013-6879
The Mijosoft MijoSearch component 2.0.1 and previous versions for Joomla! allows remote malicious users to obtain sensitive information via a request to component/mijosearch/search, which reveals the installation path in an error message.
Miwisoft Mijosearch
NA
CVE-2013-6992
Cross-site request forgery (CSRF) vulnerability in askapache-firefox-adsense.php in the AskApache Firefox Adsense plugin 3.0 and previous versions for WordPress allows remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scrip...
Askapache Firefox Adsense
NA
CVE-2015-33004
WordPress TheCartPress plugin version 1.3.9 suffers from local file inclusion, improper access control, and cross site scripting vulnerabilities.
6.1
CVSSv3
CVE-2015-3421
The eshop_checkout function in checkout.php in the Wordpress Eshop plugin 6.3.11 and previous versions does not validate variables in the "eshopcart" HTTP cookie, which allows remote malicious users to perform cross-site scripting (XSS) attacks, or a path disclosure att...
Eshop Project Eshop
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »