Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

htbridge.com vulnerabilities and exploits

(subscribe to this query)
7.5
CVSSv2

CVE-2012-2762

SQL injection vulnerability in include/functions_trackbacks.inc.php in Serendipity 1.6.2 allows remote malicious users to execute arbitrary SQL commands via the url parameter to comment.php.
S9y SerendipityS9y Serendipity 0.3S9y Serendipity 0.4S9y Serendipity 0.7S9y Serendipity 0.7.1S9y Serendipity 0.8S9y Serendipity 0.8.1S9y Serendipity 0.8.2S9y Serendipity 0.8.3S9y Serendipity 0.8.4S9y Serendipity 0.8.5S9y Serendipity 0.9
4.3
CVSSv2

CVE-2014-5257

Multiple cross-site scripting (XSS) vulnerabilities in Forma Lms prior to 1.2.1 p01 allow remote malicious users to inject arbitrary web script or HTML via the (1) id_custom parameter in an amanmenu request or (2) id_game parameter in an alms/games/edit request to appCore/index.p...
Formalms Formalms
NA

CVE-2014-52571

Forma Lms version 1.2.1 suffers from a cross site scripting vulnerability.
4.3
CVSSv2

CVE-2014-5259

Cross-site scripting (XSS) vulnerability in cattranslate.php in the CatTranslate JQuery plugin in BlackCat CMS 1.0.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the msg parameter.
Blackcat-cms Blackcat Cms
NA

CVE-2015-33004

WordPress TheCartPress plugin version 1.3.9 suffers from local file inclusion, improper access control, and cross site scripting vulnerabilities.
6.1
CVSSv3

CVE-2015-3421

The eshop_checkout function in checkout.php in the Wordpress Eshop plugin 6.3.11 and previous versions does not validate variables in the "eshopcart" HTTP cookie, which allows remote malicious users to perform cross-site scripting (XSS) attacks, or a path disclosure att...
Eshop Project Eshop
4.3
CVSSv2

CVE-2015-3647

Multiple cross-site scripting (XSS) vulnerabilities in wppa-ajax-front.php in the WP Photo Album Plus (aka WPPA) plugin prior to 6.1.3 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) comemail or (2) comname parameter in a wppa do-comm...
Wppa.opajaap Wp-photo-album-plus
7.5
CVSSv2

CVE-2015-3648

Directory traversal vulnerability in pages/setup.php in Montala Limited ResourceSpace prior to 7.2.6727 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the defaultlanguage parameter.
Montala Resourcespace
NA

CVE-2012-58491

ClipBucket version 2.6 revision 738 suffers from a remote SQL injection vulnerability.
4.3
CVSSv2

CVE-2012-5866

Cross-site scripting (XSS) vulnerability in include.php in Achievo 1.4.5 allows remote malicious users to inject arbitrary web script or HTML via the field parameter.
Achievo Achievo 1.4.5
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
sourcecodesterCVE-2025-42599memory leakdifyCVE-2025-3826CVE-2025-30158tenableCVE-2025-2492cameraunprivilegedCVE-2025-3795CVE-2025-43918hiddenpearls
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook