Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
htbridge.com vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2014-1946
OpenDocMan 1.2.7 and previous versions does not properly validate allowed actions, which allows remote authenticated users to bypass an intended access restrictions and assign administrative privileges to themselves via a crafted request to signup.php.
Opendocman Opendocman
NA
CVE-2014-18551
Seo Panel version 3.4.0 suffers from a cross site scripting vulnerability.
NA
CVE-2014-19062
VideoWhisper Live Streaming Integration version 4.27.3 suffers from cross site scripting, remote shell upload, information exposure, and path traversal vulnerabilities.
NA
CVE-2014-19084
VideoWhisper Live Streaming Integration version 4.27.3 suffers from cross site scripting, remote shell upload, information exposure, and path traversal vulnerabilities.
4.3
CVSSv2
CVE-2014-2024
Cross-site scripting (XSS) vulnerability in classes/controller/error.php in Open Classifieds 2 prior to 2.1.3 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to shared-apartments-rooms/.
Openclassifieds Open Classifieds 2 2.0.4
Openclassifieds Open Classifieds 2 2.0.5
Openclassifieds Open Classifieds 2 2.0.2
Openclassifieds Open Classifieds 2 2.0.3
Openclassifieds Open Classifieds 2 2.1.1
Openclassifieds Open Classifieds 2
Openclassifieds Open Classifieds 2 2.0.6
Openclassifieds Open Classifieds 2 2.0.7
Openclassifieds Open Classifieds 2 2.0
Openclassifieds Open Classifieds 2 2.0.1
Openclassifieds Open Classifieds 2 2.0.8
Openclassifieds Open Classifieds 2 2.1
4.3
CVSSv2
CVE-2014-2219
Cross-site scripting (XSS) vulnerability in whizzywig/wb.php in CMSimple Classic 3.54 and previous versions, possibly as downloaded before February 26, 2014, allows remote malicious users to inject arbitrary web script or HTML via the d parameter.
Cmsimple Cmsimple Classic
NA
CVE-2012-10003
A vulnerability, which was classified as problematic, has been found in ahmyi RivetTracker. This issue affects some unknown processing. The manipulation of the argument $_SERVER['PHP_SELF'] leads to cross site scripting. The attack may be initiated remotely. The patch i...
Rivettracker Project Rivettracker
4.3
CVSSv2
CVE-2012-3869
Cross-site scripting (XSS) vulnerability in include/classes/class.rex_list.inc.php in REDAXO 4.3.x and 4.4 allows remote malicious users to inject arbitrary web script or HTML via the subpage parameter to index.php.
Redaxo Redaxo 4.3
Redaxo Redaxo 4.3.2
Redaxo Redaxo 4.4
Redaxo Redaxo 4.3.1
Redaxo Redaxo 4.3.3
NA
CVE-2012-38691
Redaxo version 4.4 suffers from a cross site scripting vulnerability.
4.3
CVSSv2
CVE-2015-3421
The eshop_checkout function in checkout.php in the Wordpress Eshop plugin 6.3.11 and previous versions does not validate variables in the "eshopcart" HTTP cookie, which allows remote malicious users to perform cross-site scripting (XSS) attacks, or a path disclosure att...
Eshop Project Eshop
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »