Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
htbridge.com vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-59831
GuppY version 4.6.26 suffers from a cross site scripting vulnerability.
NA
CVE-2013-5984
Directory traversal vulnerability in userfiles/modules/admin/backup/delete.php in Microweber prior to 0.830 allows remote malicious users to delete arbitrary files via a .. (dot dot) in the file parameter.
Microweber Microweber
NA
CVE-2013-6788
The Bitrix e-Store module prior to 14.0.1 for Bitrix Site Manager uses sequential values for the BITRIX_SM_SALE_UID cookie, which makes it easier for remote malicious users to guess the cookie value and bypass authentication via a brute force attack.
Bitrix Bitrix E-store Module
NA
CVE-2013-6804
Cross-site scripting (XSS) vulnerability in the Search module prior to 1.1.1 for Jamroom allows remote malicious users to inject arbitrary web script or HTML via the search_string parameter to search/results/all/1/4.
Jamroom Search Module 1.0.0
Jamroom Search Module
6.1
CVSSv3
CVE-2013-6878
Cross-site scripting (XSS) vulnerability in the Mijosoft MijoSearch component 2.0.4 and previous versions for Joomla! allows remote malicious users to inject arbitrary web script or HTML via the query parameter to component/mijosearch/search.
Miwisoft Mijosearch
5.3
CVSSv3
CVE-2013-6879
The Mijosoft MijoSearch component 2.0.1 and previous versions for Joomla! allows remote malicious users to obtain sensitive information via a request to component/mijosearch/search, which reveals the installation path in an error message.
Miwisoft Mijosearch
NA
CVE-2013-6991
Cross-site scripting (XSS) vulnerability in the WP-Cron Dashboard plugin 1.1.5 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the procname parameter to wp-admin/tools.php.
Wokamoto Wp-cron Dashboard 1.1.0
Wokamoto Wp-cron Dashboard
Wokamoto Wp-cron Dashboard 1.1.4
Wokamoto Wp-cron Dashboard 1.1.3
Wokamoto Wp-cron Dashboard 1.1.2
Wokamoto Wp-cron Dashboard 1.1.1
NA
CVE-2013-6992
Cross-site request forgery (CSRF) vulnerability in askapache-firefox-adsense.php in the AskApache Firefox Adsense plugin 3.0 and previous versions for WordPress allows remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scrip...
Askapache Firefox Adsense
NA
CVE-2013-6993
Cross-site scripting (XSS) vulnerability in the Ad-minister plugin 0.6 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the key parameter in a delete action to wp-admin/tools.php.
Ad-minister Project Ad-minister 0.4.3
Ad-minister Project Ad-minister 0.4.2
Ad-minister Project Ad-minister 0.4.1
Ad-minister Project Ad-minister 0.5
Ad-minister Project Ad-minister 0.4.4
Ad-minister Project Ad-minister
Ad-minister Project Ad-minister 0.5.2
NA
CVE-2013-7138
Directory traversal vulnerability in lib/functions/d-load.php in Horizon Quick Content Management System (QCMS) 4.0 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the start parameter.
Horizon Quick Content Management System Project Horizon Quick Content Management System
Horizon Quick Content Management System Project Horizon Quick Content Management System 3.5.2
Horizon Quick Content Management System Project Horizon Quick Content Management System 3.5.1
Horizon Quick Content Management System Project Horizon Quick Content Management System 3.4
Horizon Quick Content Management System Project Horizon Quick Content Management System 3.3
Horizon Quick Content Management System Project Horizon Quick Content Management System 3.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »