Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
htbridge.com vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-5257
Multiple cross-site scripting (XSS) vulnerabilities in Forma Lms prior to 1.2.1 p01 allow remote malicious users to inject arbitrary web script or HTML via the (1) id_custom parameter in an amanmenu request or (2) id_game parameter in an alms/games/edit request to appCore/index.p...
Formalms Formalms
NA
CVE-2014-5259
Cross-site scripting (XSS) vulnerability in cattranslate.php in the CatTranslate JQuery plugin in BlackCat CMS 1.0.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the msg parameter.
Blackcat-cms Blackcat Cms
NA
CVE-2014-2654
Multiple SQL injection vulnerabilities in MobFox mAdserve 2.0 and previous versions allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) edit_ad_unit.php, (2) view_adunits.php, or (3) edit_campaign.php in www/cp/.
Mobfox Madserve
6.1
CVSSv3
CVE-2015-2690
Multiple cross-site scripting (XSS) vulnerabilities in views/add-license-form.php in the Digium Addons module (digiumaddoninstaller) prior to 2.11.0.7 for FreePBX allow remote malicious users to inject arbitrary web script or HTML via the (1) add_license_key, (2) add_license_firs...
Digium Addons Module 2.11.0.6
NA
CVE-2014-3810
SQL injection vulnerability in administration/profiles.php in BoonEx Dolphin 7.1.4 and previous versions allows remote authenticated administrators to execute arbitrary SQL commands via the members[] parameter. NOTE: this can be exploited by remote attackers by leveraging CVE-201...
Boonex Dolphin
Boonex Dolphin 7.1.3
Boonex Dolphin 7.0.8
Boonex Dolphin 7.0.7
Boonex Dolphin 7.0.1
Boonex Dolphin 7.0.0
Boonex Dolphin 7.1.0
Boonex Dolphin 7.0.4
Boonex Dolphin 7.0.3
Boonex Dolphin 7.0.9
Boonex Dolphin 7.0.2
Boonex Dolphin 7.1.2
Boonex Dolphin 7.1.1
Boonex Dolphin 7.0.6
Boonex Dolphin 7.0.5
NA
CVE-2014-3920
Cross-site request forgery (CSRF) vulnerability in Kanboard prior to 1.0.6 allows remote malicious users to hijack the authentication of administrators for requests that add an administrative user via a save action to the default URI.
Kanboard Kanboard
Kanboard Kanboard 1.0.5
Kanboard Kanboard 1.0.4
Kanboard Kanboard 1.0.1
Kanboard Kanboard 1.0.0
Kanboard Kanboard 1.0.3
Kanboard Kanboard 1.0.2
NA
CVE-2013-7138
Directory traversal vulnerability in lib/functions/d-load.php in Horizon Quick Content Management System (QCMS) 4.0 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the start parameter.
Horizon Quick Content Management System Project Horizon Quick Content Management System
Horizon Quick Content Management System Project Horizon Quick Content Management System 3.5.2
Horizon Quick Content Management System Project Horizon Quick Content Management System 3.5.1
Horizon Quick Content Management System Project Horizon Quick Content Management System 3.4
Horizon Quick Content Management System Project Horizon Quick Content Management System 3.3
Horizon Quick Content Management System Project Horizon Quick Content Management System 3.2
9.8
CVSSv3
CVE-2012-10011
A vulnerability was found in HD FLV PLayer Plugin up to 1.7 on WordPress. It has been rated as critical. Affected by this issue is the function hd_add_media/hd_update_media of the file functions.php. The manipulation of the argument name leads to sql injection. The attack may be ...
Contus Hd Flv Player
NA
CVE-2014-9571
Cross-site scripting (XSS) vulnerability in admin/install.php in MantisBT prior to 1.2.19 and 1.3.x prior to 1.3.0-beta.2 allows remote malicious users to inject arbitrary web script or HTML via the (1) admin_username or (2) admin_password parameter.
Mantisbt Mantisbt 1.3.0
Mantisbt Mantisbt
NA
CVE-2014-7181
Cross-site scripting (XSS) vulnerability in the Max Foundry MaxButtons plugin prior to 1.26.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the id parameter in a button action on the maxbuttons-controller page to wp-admin/admin.php, relate...
Maxfoundry Maxbuttons 1.26.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »