high-tech bridge sa vulnerabilities and exploits

NA
CVE-2013-2649

Hero Framework CVE-2013-2649 Multiple Cross-Site Scripting Vulnerabilities...

7.5
CVSSv2
CVE-2011-5313

Multiple SQL injection vulnerabilities in includes/password.php in Redaxscript 0.3.2 allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) password parameter to the password_reset program....

Redaxscript
7.5
CVSSv2
CVE-2011-1047

Multiple SQL injection vulnerabilities in VastHTML Forum Server (aka ForumPress) plugin 1.6.1 and 1.6.5 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) search_max parameter in a search action to index.php, which is not properly handled by...

VasthtmlForum Server
NA
CVE-2013-1420

GetSimple CMS version 3.1.2 suffers from multiple cross site scripting vulnerabilities....

7.5
CVSSv2
CVE-2012-2227

Directory traversal vulnerability in update/index.php in PluXml before 5.1.6 allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the default_lang parameter....

Pluxml
NA
CVE-2012-1001

Chyrp version 2.5b1 suffers from a cross site scripting vulnerability....

7.5
CVSSv2
CVE-2010-5317

Multiple SQL injection vulnerabilities in index.php in SweetRice CMS before 0.6.7.1 allow remote attackers to execute arbitrary SQL commands via (1) the file_name parameter in an attachment action, (2) the post parameter in a show_comment action, (3) the sys-name parameter in an...

Basic-cmsSweetrice
4.3
CVSSv2
CVE-2010-5318

The password-reset feature in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to modify the administrator's password by specifying the administrator's e-mail address in the email parameter....

Basic-cmsSweetrice
7.5
CVSSv2
CVE-2012-2208

Directory traversal vulnerability in upgrade.php in Piwigo before 2.3.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter....

Piwigo
4.3
CVSSv2
CVE-2012-2209

Multiple cross-site scripting (XSS) vulnerabilities in admin.php in Piwigo before 2.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) section parameter in the configuration module, (2) installstatus parameter in the languages_new module, or (3) theme...

Piwigo