Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
htbridge.com vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2013-6168
Cross-site scripting (XSS) vulnerability in Zikula Application Framework prior to 1.3.6 allows remote malicious users to inject arbitrary web script or HTML via the returnpage parameter to index.php.
Zikula Zikula Application Framework 1.3.2
Zikula Zikula Application Framework 1.3.1
Zikula Zikula Application Framework 1.3.0
Zikula Zikula Application Framework
Zikula Zikula Application Framework 1.3.4
Zikula Zikula Application Framework 1.3.3
605
VMScore
CVE-2012-3231
Multiple cross-site request forgery (CSRF) vulnerabilities in web@all 2.0, as downloaded before May 30, 2012, allow remote malicious users to hijack the authentication of administrators for requests that add, delete, or modify sensitive information, as demonstrated by adding a fi...
Webatall Web\\@all 2.0
NA
CVE-2012-32311
Web@All version 2.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
383
VMScore
CVE-2013-6804
Cross-site scripting (XSS) vulnerability in the Search module prior to 1.1.1 for Jamroom allows remote malicious users to inject arbitrary web script or HTML via the search_string parameter to search/results/all/1/4.
Jamroom Search Module 1.0.0
Jamroom Search Module
383
VMScore
CVE-2015-3421
The eshop_checkout function in checkout.php in the Wordpress Eshop plugin 6.3.11 and previous versions does not validate variables in the "eshopcart" HTTP cookie, which allows remote malicious users to perform cross-site scripting (XSS) attacks, or a path disclosure att...
Eshop Project Eshop
383
VMScore
CVE-2015-3647
Multiple cross-site scripting (XSS) vulnerabilities in wppa-ajax-front.php in the WP Photo Album Plus (aka WPPA) plugin prior to 6.1.3 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) comemail or (2) comname parameter in a wppa do-comm...
Wppa.opajaap Wp-photo-album-plus
NA
CVE-2013-61681
Zikula version 1.3.5 build 20 suffers from a cross site scripting vulnerability.
578
VMScore
CVE-2015-2062
Multiple SQL injection vulnerabilities in the Huge-IT Slider (slider-image) plugin prior to 2.7.0 for WordPress allow remote administrators to execute arbitrary SQL commands via the removeslide parameter in a popup_posts or edit_cat action in the sliders_huge_it_slider page to wp...
Huge-it Huge-it Slider
NA
CVE-2014-14011
AuraCMS version 2.3 suffers from a remote SQL injection vulnerability.
NA
CVE-2012-09841
XOOPS version 2.5.4 suffers from multiple cross site scripting vulnerabilities.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »