Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
htbridge.com vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2012-0993
Eval injection vulnerability in zp-core/zp-extensions/viewer_size_image.php in ZENphoto 1.4.2, when the viewer_size_image plugin is enabled, allows remote malicious users to execute arbitrary PHP code via the viewer_size_image_saved cookie.
Zenphoto Zenphoto 1.4.2
534
VMScore
CVE-2012-0994
SQL injection vulnerability in the Manage Albums feature in zp-core/admin-albumsort.php in ZENphoto 1.4.2 allows remote authenticated users to execute arbitrary SQL commands via the sortableList parameter.
Zenphoto Zenphoto 1.4.2
668
VMScore
CVE-2012-0998
Directory traversal vulnerability in account/preferences.php in LEPTON prior to 1.1.4 allows remote malicious users to include and execute arbitrary files via a .. (dot dot) in the language parameter.
Lepton-cms Lepton 1.1.2
Lepton-cms Lepton 1.1.0
Lepton-cms Lepton
Lepton-cms Lepton 1.1.1
668
VMScore
CVE-2012-0999
SQL injection vulnerability in modules/news/rss.php in LEPTON prior to 1.1.4 allows remote malicious users to execute arbitrary SQL commands via the group_id parameter.
Lepton-cms Lepton 1.1.1
Lepton-cms Lepton
Lepton-cms Lepton 1.1.2
Lepton-cms Lepton 1.1.0
NA
CVE-2012-10003
A vulnerability, which was classified as problematic, has been found in ahmyi RivetTracker. This issue affects some unknown processing. The manipulation of the argument $_SERVER['PHP_SELF'] leads to cross site scripting. The attack may be initiated remotely. The patch i...
Rivettracker Project Rivettracker
NA
CVE-2012-09851
Wireless Manager Sony VAIO version 4.0.0.0 suffers from multiple buffer overflow vulnerabilities.
NA
CVE-2012-09953
ZENphoto version 1.4.2 suffers from PHP code execution, cross site scripting and remote SQL injection vulnerabilities.
NA
CVE-2012-10011
A vulnerability was found in HD FLV PLayer Plugin up to 1.7 on WordPress. It has been rated as critical. Affected by this issue is the function hd_add_media/hd_update_media of the file functions.php. The manipulation of the argument name leads to sql injection. The attack may be ...
Contus Hd Flv Player
NA
CVE-2012-10391
Dotclear version 2.4.1.2 suffers from multiple cross site scripting vulnerabilities.
383
VMScore
CVE-2015-0866
Multiple cross-site scripting (XSS) vulnerabilities in Zoho ManageEngine SupportCenter Plus 7.9 before hotfix 7941 allow remote malicious users to inject arbitrary web script or HTML via the (1) fromCustomer, (2) username, or (3) password parameter to HomePage.do.
Zohocorp Manageengine Supportcenter Plus
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »