Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
htbridge.com vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2014-8337
Unrestricted file upload vulnerability in includes/classes/uploadify-v2.1.4/uploadify.php in HelpDEZk 1.0.1 and previous versions allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to th...
Helpdezk Helpdezk
NA
CVE-2014-87931
Revive Adserver version 3.0.5 suffers from a cross site scripting vulnerability.
NA
CVE-2012-16641
osCmax version 2.5.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
NA
CVE-2012-16652
osCmax version 2.5.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
NA
CVE-2014-7139
Multiple cross-site scripting (XSS) vulnerabilities in the Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin prior to 2.8.16 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) form or (2) enc parameter in the CF7...
Cfdbplugin Contact Form Db
NA
CVE-2014-7181
Cross-site scripting (XSS) vulnerability in the Max Foundry MaxButtons plugin prior to 1.26.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the id parameter in a button action on the maxbuttons-controller page to wp-admin/admin.php, relate...
Maxfoundry Maxbuttons 1.26.0
NA
CVE-2014-7182
Multiple cross-site scripting (XSS) vulnerabilities in the WP Google Maps plugin prior to 6.0.27 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the poly_id parameter in an (1) edit_poly, (2) edit_polyline, or (3) edit_marker action in the wp...
Codecabin Wp Go Maps
NA
CVE-2015-3647
Multiple cross-site scripting (XSS) vulnerabilities in wppa-ajax-front.php in the WP Photo Album Plus (aka WPPA) plugin prior to 6.1.3 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) comemail or (2) comname parameter in a wppa do-comm...
Wppa.opajaap Wp-photo-album-plus
NA
CVE-2015-3648
Directory traversal vulnerability in pages/setup.php in Montala Limited ResourceSpace prior to 7.2.6727 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the defaultlanguage parameter.
Montala Resourcespace
NA
CVE-2012-51682
ATutor AContent versions 1.2 and below suffer from improper authentication, cross site scripting, and remote SQL injection vulnerabilities.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »