[192] Advisories
Show only with CVSS score
Search: %
Search
vdbid
title
vulndate
download
vendor
notified
vcontact
description
vulnerability
cveids
osvdbid
exploit
url
media
for
Date
Title
CVE/DWF ID
2022-09-08
CreativeDream software arbitrary file upload
2022-40721
2020-10-20
Solaris 11 x86 nsdb-update-nci utility can reveal password in temporary file
2020-14758
2020-10-20
The Solaris 11 utility nsdb-convert and other fedfs scripts use temporary files insecurely
2020-14759
2020-05-19
SQL Injection in search field of phpzag live add edit delete data tables records with ajax php mysql
2020-8519
2020-8520
2020-8521
2020-02-02
Insecure /tmp file use in Oracle Solaris 11 Device Driver Utility v1.3.1 leads to root
2020-14724
2019-12-16
Arbitrary file upload vulnerability in upload-image-with-ajax
2019-8293
2019-09-18
Multiple vulnerabilities in Online store system v1.0 Stored XSS and unauthenticated product deletions.
2019-8288
2019-8289
2019-8290
2019-8291
2019-8292
2018-11-15
Arbitrary File Upload File Upload Vulnerability in php-traditional-server v1.2.2
2018-9209
2018-11-02
Arbitrary file upload vulnerability in jQuery Upload File v4.0.2
2018-9207
2018-11-02
Arbitrary file upload vulnerability in jQuery-Picture-Cut v1.1beta
2018-9208
2018-10-15
Arbitrary file upload vulnerabiity in WordPress Plugin tajer v1.05
2018-9206
2018-10-09
jQuery-File-Upload <= v9.22.0 unauthenticated arbitrary file upload vulnerability
2018-9206
2018-08-22
Blind SQL injection and multiple reflected XSS vulnerabilities in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8
2018-1002000
2018-1002001
2018-1002002
2018-1002003
2018-1002004
2018-1002005
2018-1002006
2018-1002007
2018-1002008
2018-1002009
2018-03-30
Arbitrary file download vulnerability in Drupal module avatar_uploader v7.x-1.0-beta8
2018-9205
2017-09-08
Vulnerability in Wordpress Plugin backwpup v3.4.1 possible brute forcing of backup file download
2017-2551
2017-09-07
Joomla extension Easy Joomla Backup v3.2.4 database backup exposure
2017-2550
2017-07-22
Blind SQL Injection in Wordpress plugin wordpress-gallery-transformation v1.0
2017-1002028
2017-07-04
Blind SQL injection in wordpress plugin event-espresso-free v3.1.37.11.L
2017-1002026
2017-07-01
Blind SQL Injection vulnerability in Wordpress plugin rk-responsive-contact-form v1.0
2017-1002027
2017-06-21
Authenticated blind SQL injection in add-edit-delete-listing-for-member-module v1.0
2017-1002025
2017-06-14
File upload vulnerability in Kindeditor <= 4.1.12
2017-1002024
2017-05-24
Blind SQL Injection in Wordpress Plugin Easy Team Manager v1.3.2
2017-1002023
2017-05-21
Blind SQL Injection in Wordpress plugin eventr v1.02.2
2017-1002018
2017-1002019
2017-05-21
SQL Injection in Wordpress plugin surveys v1.01.8
2017-1002020
2017-1002021
2017-1002022
2017-05-15
Unauthenticated Stored XSS Vulnerability in Wordpress plugin gift-certificate-creator v1.0
2017-1002017
2017-04-26
Arbitrary file upload vulnerability in Wordpress plugin flickr-picture-backup v0.7
2017-1002016
2017-04-01
Blind SQL Injection and persistent XSS in Wordpress plugin image-gallery-with-slideshow v1.5.2
2017-1002011
2017-1002012
2017-1002013
2017-1002014
2017-1002015
2017-03-17
Multiple Unauthenticated blind SQL injections in Wordpress Plugin Membership Simplified v1.58
2017-1002009
2017-1002010
2017-03-13
Arbitrary file download vulnerability in Wordpress Plugin Membership Simplified v1.58
2017-1002008
2017-03-08
Multiple Blind SQL injection vulnerability in Wordpress Plugin DTracker v1.5
2017-1002004
2017-1002005
2017-03-08
Two Content Injection vulnerabilities in Wordpress Plugin DTracker v1.5
2017-1002006
2017-1002007
2017-03-01
Unrestricted File Upload vulnerability in Wordpress Plugin mobile-friendly-app-builder-by-easytouch v3.0
2017-1002000
2017-03-01
Unrestricted File Upload vulnerability in Wordpress Plugin mobile-app-builder-by-wappress v1.05
2017-1002001
2017-03-01
Unrestricted File Upload vulnerability in Wordpress Plugin webapp-builder v2.0
2017-1002002
2017-03-01
Unrestricted File Upload vulnerability in Wordpress Plugin wp2android-turn-wp-site-into-android-app v1.1.4
2017-1002003
2017-02-27
Unrestricted File Upload vulnerability in Wordpress Plugin Mobile App Native 3.0
2017-6104
2017-02-21
Persistent XSS Vulnerability in Wordpress plugin AnyVar v0.1.1
2017-6103
2017-02-20
Persistent XSS in wordpress plugin rockhoist-badges v1.2.2
2017-6102
2016-11-01
Mailcwp remote file upload vulnerability incomplete fix v1.100
2016-1000156
2016-10-03
/tmp race condition in Teradata Studio Express v15.12.00.00 studioexpressinstall
2016-7490
2016-10-01
Teradata Virtual Machine Community Edition v15.10 has insecure file permission
2016-7488
2016-10-01
Teradata Virtual Machine Community Edition v15.10 Insecure creation of files in /tmp
2016-7489
2016-09-16
Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6
2016-1000124
2016-09-16
Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla
2016-1000125
2016-09-15
Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla
2016-1000123
2016-07-22
XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension
2016-1000121
2016-1000122
2016-07-17
XSS & SQLi in HugeIT slideshow v1.0.4
2016-1000117
2016-1000118
2016-07-17
SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla
2016-1000119
2016-1000120
2016-07-15
Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS
2016-1000115
2016-1000116
2016-07-14
XSS and SQLi in huge IT gallery v1.1.5 for Joomla
2016-1000113
2016-1000114
2016-06-15
Unauthenticated remote .jpg file upload in contus-video-comments v1.0 wordpress plugin
2016-1000112
2016-02-01
Open Proxy & Authentication by pass for wordpress plugin wp-miniaudioplayer v1.7.6
2016-0796
2016-01-27
Reflected XSS & Blind SQLi in wordpress plugin eshop v6.3.14
2016-0765
2016-0769
2016-01-26
Wordpress plugin Reflected XSS in connections v8.5.8
2016-0770
2015-12-17
Local root vulnerability in DeleGate v9.9.13
2015-7556
2015-11-29
Command Injection in cool-video-gallery v1.9 Wordpress plugin
2015-7527
2015-11-24
SQL injection in wordpress plugin double-opt-in-for-download v2.0.8
2015-7517
2015-10-29
/tmp race condition in IBM Installation Manager v1.8.1 install script
2015-7442
2015-10-22
Blind SQL injection in wp-championship wordpress plugin v5.8
2015-5308
2015-09-15
Local File Inclusion Vulnerability in mypixs v0.3 wordpress plugin
2015-1000012
2015-09-11
Remote file upload Vulnerability in Wordpress plugin csv2wpec-coupon v1.1
2015-1000013
2015-08-15
Open proxy in Wordpress plugin google-adsense-and-hotel-booking v1.05
2015-1000009
2015-08-04
Blind SQL Injection in wordpress plugin dukapress v2.5.9
2015-1000011
2015-07-17
Arbitrary file download vulnerability in wptf-image-gallery v1.03
2015-1000007
2015-07-16
Arbitrary file download in simple-image-manipulator v1.0 wordpress plugin
2015-1000010
2015-07-13
Arbitrary file download vulnerability in recent-backups v0.7 wordpress plugin
2015-1000006
2015-07-13
Remote file upload vulnerability in wpe-indoshipping v2.5.0 wordpress plugin [Previously Discovered]
none
2015-07-12
Remote file upload vulnerability in wp-front-end-repository v1.1 Wordpress plugin [Previously Discovered]
none
2015-07-12
Arbitrary file download vulnerability in candidate-application-form v1.0 wordpress plugin
2015-1000005
2015-07-12
Path Disclosure Vulnerability in wordpress plugin MP3-jPlayer v2.3.2
2015-1000008
2015-07-11
Open Proxy in filedownload v1.4 wordpress plugin
2015-1000002
2015-1000003
2015-1000004
2015-07-10
Remote file upload vulnerability in fast-image-adder v1.1 Wordpress plugin
2015-1000001
2015-07-09
Remote file upload vulnerability in mailcwp v1.99 wordpress plugin
2015-1000000
2015-07-08
Arbitrary file download vulnerability in ibs-Mappro v0.6 Wordpress plugin
2015-5472
2015-07-05
Arbitrary file download vulnerability in wordpress plugin wp-ecommerce-shop-styling v2.5
2015-5468
2015-07-02
Arbitrary file download vulnerability in Wordpress Plugin wp-swimteam v1.44.10777
2015-5471
2015-07-01
Arbitrary file download vulnerability in Wordpress Plugin mdc-youtube-downloader v2.1.0
2015-5469
2015-07-01
Arbitrary file download vulnerability in Wordpress Plugin image-export v1.1
2015-5609
2015-06-27
Remote file upload vulnerability & Blind SQLi in wordpress plugin wp-powerplaygallery v3.3
2015-5599
2015-5681
2015-5682
2015-06-12
Arbitrary File download in wordpress plugin wp-instance-rename v1.0
2015-4703
2015-06-10
zip-attachments v1.1.4 wordpress plugin arbitrary file download vulnerability
2015-4694
2015-06-10
Arbitrary file download vulnerability in download-zip-attachments v1.0
2015-4704
2015-06-08
SQL Injection in easy2map-photos wordpress plugin v1.09
2015-4615
2015-4617
2015-06-08
SQL Injection in easy2map wordpress plugin v1.24
2015-4614
2015-4616
2015-06-07
Remote file upload vulnerability in aviary-image-editor-add-on-for-gravity-forms v3.0beta Wordpress plugin
2015-4455
2015-06-06
Path Traversal vulnerability in Wordpress plugin se-html5-album-audio-player v1.1.0
2015-4414
2015-06-01
Grand Media v1.6.4 Wordpress Plugin open proxy [previous discovery by Chad Seaman]
2015-4339
2015-05-11
Reflected XSS in Phpwhois component of adsense-click-fraud-monitoring wordpress plugin v1.7.5
2015-3998
2015-05-10
wow-moodboard-lite v1.1.1.1 Wordpress plugin has an open redirect
2015-4070
2015-05-10
Xcloner v3.1.2 wordpress plugin authenticated command execution and XSS
2015-4336
2015-4337
2015-4338
2015-03-29
Remote file upload vulnerability in videowhisper-video-conference-integration wordpress plugin v4.91.8
2015-9271
2015-03-29
Remote file upload vulnerability in wordpress plugin videowhisper-video-presentation v3.31.17
2015-9272
2015-02-17
xaviershay-dm-rails v0.10.3.8 mysql credential exposure
2015-2179
2015-01-25
SEANux Linux v1.0 Remote Web Shell Access Vulnerability
none
2014-11-11
Command injection in Ruby Gem Webbynode 1.0.5.3
2013-7086
2014-11-02
Wordpress WP-DB-Backup v2.2.4 Plugin Remote Database Backup Download Vulnerability
2014-10076
2014-10-17
XCloner Backup Plugin v3.1.1 (Wordpress) v3.5.1 (Joomla!) Vulnerabilities
2014-8603
2014-8604
2014-8605
2014-8606
2014-8607
2014-10-13
Vulnerabilities in WordPress Database Manager v2.7.1
2014-8334
2014-8335
2014-09-25
Ruby Gem as-1.0 Password exposure
none
2014-09-02
Rooted SSH/SFTP Daemon Default Login Credentials
none
2014-07-01
Remote command injection and SQLi in Ruby Gem brbackup-0.1.1
2014-5004
2014-06-07
Remote command injection in Screen Capture v0.0.0
none
2014-06-01
Vulnerability Report for Ruby Gem VladTheEnterprising-0.2
none
2014-06-01
Vulnerability Report for Ruby Gem backup-agoddard-3.0.28
2014-4993
2014-06-01
Ruby Gem backup_checksum-3.0.23 exposes password to the process table
2014-4993
2014-06-01
Command Injection for for Ruby Gem cap-strap-0.1.5
none
2014-06-01
Vulnerability Report for Ruby Gem ciborg-3.0.0
2014-5003
2014-06-01
Vulnerability Report for Ruby Gem codders-dataset-1.3.2.1
2014-4991
2014-06-01
codders-dataset Gem for Ruby Process Table Local Plaintext Credential Disclosure
2014-4991
2014-06-01
Vulnerability Report for Ruby Gem gnms-2.1.1
none
2014-06-01
Vulnerability Report for Ruby Gem gyazo-1.0.0
2014-4994
2014-06-01
Report for Ruby Gem kajam-1.0.3.rc2
2014-4999
2014-06-01
Vulnerability Report for Ruby Gem karo-2.3.8
2014-10075
2014-06-01
Vulnerability Report for Ruby Gem kcapifony-2.1.6
2014-5001
2014-06-01
Vulnerability Report for Ruby Gem kompanee-recipes-0.1.4
none
2014-06-01
Vulnerability Report for Ruby Gem lawn-login-0.0.7
2014-5000
2014-06-01
Vulnerability Report for Ruby Gem lean-ruport-0.3.8
2014-4998
2014-06-01
Vulnerability Report for Ruby Gem lingq-0.3.1
none
2014-06-01
Vulnerability Report for Ruby Gem lynx-0.2.0
2014-5002
2014-06-01
Vulnerability Report for Ruby Gem point-cli-0.0.1
2014-4997
2014-05-14
Vulnerabilities in YingZhi Python Programming Language for iOS
2013-5655
2014-04-15
Square Hoptoad Notifier v2.4.8 Ruby Gem API Key exposure
none
2014-04-14
Remote Command Injection in Ruby Gem sfpagent 0.4.14
2014-2888
2014-03-20
Persistent XSS in NextCellent Gallery 1.9.13 WordPress plugin
2014-3123
2014-02-09
Command Injection flickrcaptionr v1.1.0 ruby gem
none
2014-02-01
Persistent XSS in Wordpress 3.3.1+dfsg-1 (Packaged with Ubuntu 12.04.4)
none
2014-01-31
Persistent XSS in Media File Renamer v1.7.0
2014-2040
2014-01-08
Paratrooper-newrelic 1.0.1 Ruby Gem exposes API key
2014-1234
2014-01-01
jspec-steventux 3.3.2.1 /tmp vulnerability
none
2013-12-26
paratrooper-pingdom-1.0.0 ruby gem exposes API login credentials
2014-1233
2013-12-17
Remote Command Injection in Arabic Prawn 0.0.1 Ruby Gem
2014-2322
2013-11-15
Bio Basespace SDK 0.1.7 Ruby Gem exposes API Key via command line
2013-7111
2013-11-10
Command Injection in Ruby Gem Sprout 0.7.246
2013-6421
2013-09-17
Remote access to Android ftp server 1.2 configuration file allows login as admin
none
2013-09-08
Multiple vulnerabilities in Ice Cold Apps Servers Ulitmate Version 6.0.2(12) for Android
2013-7465
2013-09-01
Features 0.3.0 Ruby gem file injection vulnerability
2013-4318
2013-09-01
Remote Command Injection in fog-dragonfly-0.8.2 Ruby Gem
2013-5671
2013-08-10
Command Injection in Ruby Gem Sounder 1.0.1
2013-5647
2013-08-01
Unauthenticated Remote File Upload via HTTP for perl-Programming language 1.6 on iOS
none
2013-08-01
Unauthenticated Remote File Upload via HTTP for Personal Address Book 2.0 on iOS
none
2013-08-01
Unauthenticated Remote File Upload via HTTP for ruby-Programming language 1.7 on iOS
none
2013-07-31
Rgpg 0.2.2 Ruby Gem Remote Command Injection
2013-4203
2013-07-03
Solaris Recommended Patch Cluster 6/19 local root on x86
2010-1183
2013-06-03
Remote command Injection in Ruby Gem lipsiadmin 5.1.9
none
2013-05-23
Show In Browser 0.0.3 Ruby Gem /tmp file injection vulnerability
2013-2105
2013-05-14
Remote command Injection in Creme Fraiche 0.6 Ruby Gem
2013-2090
2013-04-04
Remote command injection in Ruby Gem kelredd-pruview 0.3.8
2013-1947
2013-04-01
Remote Command Injection Karteek Docsplit 0.5.4
2013-1933
2013-03-28
Remote command execution ldoce 0.0.2
2013-1911
2013-03-27
File clobbering vulnerability in latest Solaris 10 patch cluster
2010-1183
2013-03-25
Thumbshooter 0.1.5 remote code execution
2013-1898
2013-03-16
OpenFabrics ibutils 1.5.7 /tmp clobbering vulnerability
2013-2561
2013-03-15
Remote command execution in Ruby Gem Command Wrap
2013-1875
2013-03-12
Curl Ruby Gem Remote command execution
2013-1878
2013-2617
2013-03-12
MiniMagic ruby gem remote code execution
2013-2616
2013-1877
2013-03-01
Flash Tool 0.6.0 Remote code execution vulnerability
2013-2513
2013-02-24
Fileutils 0.7 Ruby Gem remote command execution and insecure file handling in /tmp
2013-2516
2013-02-19
Oracle Auto Service Request /tmp file clobbering vulnerability
2013-1495
2013-02-18
Remote command execution for Ruby Gem ftpd-0.2.1
2013-2512
2013-01-31
SUNWswasr RPM post install /tmp race condition
none
2013-01-15
Insecure /tmp file use solaris 10 patch cluster for sparc
2013-0415
2013-01-14
Oracle Solaris Bind/Postinstall script for Bind package local root
2013-0415
2012-12-07
Centrify Deployment Manager v2.1.0.283 local root
2012-6348
2012-12-03
Centrify Deployment Manager v2.1.0.283 /tmp file clobbering vulnerability
none
2012-03-14
Oracle Exadata InfiniBand Vulnerabilities
none
2012-01-02
Mambo CMS vulnerabilities
2013-2562
2013-2565
2013-2563
2013-2564
2009-09-02
OpenOffice 1.0.1 Race condition during installation
2002-2210
2008-01-17
PatchLink Update Unix Client File clobbering vulnerability
2008-0525
2008-01-17
Patchlink local root for HP-UX Shutdown and reboot
2008-0525
2006-10-01
IBM Informix File Clobbering during Install
2006-5163
2006-03-24
Open tftpserver path traversal vulnerability
none
2006-03-04
thttpd-2.25b htpasswd Vulnerabilities
2002-2389
2003-11-26
Borland's InterBase 7.1 poor Password Data File Permissions and Password Hash
2004-1833
2003-10-20
PrimeBase Database Poor File Permissions and Crypt() Hash
none
2003-09-01
PrimeBase Database 4.2 poor file permissions
none
2003-03-11
Cache Database Poor File Permissions Lead To Local Root
2003-0498
2003-0497
2002-12-20
/tmp Symlink Vulnerability with ZeroG's InstallAnywhere5
none
2002-12-10
SAP Database Local Root Vulnerability During Installation
2003-0265
2002-10-14
Fastlink Software's TheServer http server clear text password
2002-2389
2002-08-16
Remote Buffer Overflow in pServ 2.0 Alpha 11
none
2002-01-14
local root during installation of Tarantella Enterprise 3
2002-0211
2002-01-14
Another local root during installation of Tarantella Enterprise 3
2002-0296
2001-12-27
Format String Vulnerablity in Lynx
none
2001-11-23
Xitami Webserver clear text password storage Vulnerability
2001-1481
2001-10-01
insecure temp file creation during installation of Netscape 6
2001-1066
2000-12-18
Solaris 2.7/2.8 catman Temp File Vulnerability
2001-0095
2000-11-30
Voyant Sonata doroot command vulnerability
2001-0176
2000-10-31
Vulnerability Report For Voyant Technologies Sonata Conferencing product
none
2000-06-27
Arbitrary file read & weak password encryption flower fire sawmill v5.0.21
2000-0588
2000-0589
1999-08-01
OCE plotter anonymous proxy
none
1999-05-19
Irix Midikeys local root Vulnerability
1999-0765
1999-02-17
AIX Snap command password vulnerability
1999-1405