Professional Documents
Culture Documents
Zinc Web Vulnerabilities L1 Scan
Zinc Web Vulnerabilities L1 Scan
Zinc Web Vulnerabilities L1 Scan
632
vulnerabilies
245
786CVE-2004-0809
700CVE-2005-2728 CVE-2005-2970
1
Vulnerability Name CVE CWE Severity
847
304CVE-2007-3847
422CVE-2008-0005
password
credentials
denial of service
denial of service
vulnerability
Filesystems
filesystems
vulnerability
password
2
Vulnerability Name CVE CWE Severity
450CVE-2007-3382 CVE-2007-3383CVE-2007-3385 CVE-200
7-5333CVE-2007-5461
385CVE-2007-3386
286
385CVE-2007-3386
286CVE-2008-0002
431CVE-2012-4534
execution vulnerability
vulnerability
vulnerability
3
Vulnerability Name CVE CWE Severity
174
overflow
Aspect Low
vulnerability
traversal vulnerabilities
4
Vulnerability Name CVE CWE Severity
available
ZeroClipboard.swf
Toolkit
Toolkit
Chart
5
Vulnerability Name CVE CWE Severity
generator
generator
information disclosure
Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.1) CVE-2005-0682 CWE-79 High
Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.5) CVE-2005-3973 CWE-79 High
Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.7) CVE-2006-1226 CWE-79 High
4.5.7)
4.5.5) 13
Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - CVE-2006-2743 CWE-95 High
4.6.6)
Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - CVE-2006-2831 CWE-95 High
4.6.7)
Drupal Core 4.6.x Cross-Site Request Forgery (4.6.0 CVE-2006-5476 CWE-352 High
- 4.6.9)
4.6.10)
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.3) CVE-2005-3973 CWE-79 High
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.5) CVE-2006-1226 CWE-79 High
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.7) CVE-2006-2833 CWE-79 High
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.8) CVE-2006-4002 CWE-79 High
Drupal Core 4.6.x Denial of Service (4.6.0 - 4.6.10) CVE-2007-0124 CWE-400 High
Drupal Core 4.6.x Form Action Attribute Injection CVE-2006-5477 CWE-20 High
(4.6.0 - 4.6.9)
6
Vulnerability Name CVE CWE Severity
4.6.5)
4.6.3) 13
Drupal Core 4.6.x SQL Injection (4.6.0 - 4.6.6) CVE-2006-2742 CWE-89 High
Drupal Core 4.6.x Security Bypass (4.6.0 - 4.6.3) CVE-2005-3974 CWE-264 High
Drupal Core 4.7.x Arbitrary Code Execution (4.7.0 - CVE-2006-2743 CWE-95 High
4.7.0)
Drupal Core 4.7.x Arbitrary Code Execution (4.7.0 - CVE-2007-0626 CWE-95 High
4.7.5)
Drupal Core 4.7.x Cross-Site Request Forgery (4.7.0 CVE-2008-0272 CWE-352 High
- 4.7.10)
Drupal Core 4.7.x Cross-Site Request Forgery (4.7.0 CVE-2006-5476 CWE-352 High
- 4.7.3)
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.1) CVE-2006-2833 CWE-79 High
4.7.10)
4.7.10)
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.2) CVE-2006-4002 CWE-79 High
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.4) CVE-2007-0136 CWE-79 High
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.7) CVE-2007-5596 CWE-79 High
Drupal Core 4.7.x Denial of Service (4.7.0 - 4.7.4) CVE-2007-0124 CWE-400 High
Drupal Core 4.7.x Form Action Attribute Injection CVE-2006-5477 CWE-20 High
(4.7.0 - 4.7.3)
Drupal Core 4.7.x HTTP Response Splitting (4.7.0 - CVE-2007-5595 CWE-113 High
4.7.7)
4.7.1) 5
Drupal Core 4.7.x SQL Injection (4.7.0 - 4.7.0) CVE-2006-2742 CWE-89 High
Drupal Core 4.7.x SQL Injection (4.7.0 - 4.7.8) CVE-2007-6299 CWE-89 High
Drupal Core 4.7.x Security Bypass (4.7.0 - 4.7.7) CVE-2007-5597 CWE-702 High
Drupal Core 5.x Arbitrary Code Execution (5.0 - 5.0) CVE-2007-0626 CWE-95 High
Drupal Core 5.x Arbitrary Code Execution (5.0 - 5.2) CVE-2007-5593 CWE-95 High
Drupal Core 5.x Cross-Site Request Forgery (5.0 - CVE-2007-5594 CWE-352 High
5.2)
7
Vulnerability Name CVE CWE Severity
Drupal Core 5.x Cross-Site Request Forgery (5.0 - CVE-2008-0272 CWE-352 High
5.5)
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.16) CVE-2009-1575 CVE-2009-1576CVE-2009-1844 CWE-79 High
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.17) CVE-2009-1844 CWE-79 High
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.2) CVE-2007-5596 CWE-79 High
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.20) CVE-2009-4369 CWE-79 High
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.5) CVE-2008-0274 CWE-79 High
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.5) CVE-2008-0273 CWE-79 High
Drupal Core 5.x HTTP Response Splitting (5.0 - 5.2) CVE-2007-5595 CWE-113 High
Drupal Core 5.x Information Disclosure (5.0 - 5.18) CVE-2009-2374 CWE-200 High
Drupal Core 5.x Local File Inclusion (5.0 - 5.11) CVE-2008-6171 CWE-22 High
Drupal Core 5.x Local File Inclusion (5.0 - 5.15) CWE-22 High
Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.12) CVE-2008-6532 CVE-2008-6533 CWE-79 CWE-3 High
52
64 CWE-601
Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.7) CVE-2008-3219 CVE-2008-3220CVE-2008-3222 CWE-352 CWE- High
384
Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.9) CVE-2008-3740 CVE-2008-3741CVE-2008-3742 CVE-2008-3 CWE-79 CWE-3 High
744 52 CWE-434
Drupal Core 5.x SQL Injection (5.0 - 5.3) CVE-2007-6299 CWE-89 High
Drupal Core 5.x Security Bypass (5.0 - 5.2) CVE-2007-5597 CWE-702 High
Drupal Core 6.x Cross-Site Scripting (6.0 - 6.10) CVE-2009-1575 CVE-2009-1576CVE-2009-1844 CWE-79 High
Drupal Core 6.x Cross-Site Scripting (6.0 - 6.11) CVE-2009-1844 CWE-79 High
Drupal Core 6.x Denial of Service (6.0 - 6.32) CVE-2014-5265 CVE-2014-5266CVE-2014-5267 CWE-400 High
Drupal Core 6.x Information Disclosure (6.0 - 6.30) CVE-2014-2983 CWE-200 High
Drupal Core 6.x Local File Inclusion (6.0 - 6.9) CWE-22 High
8
Vulnerability Name CVE CWE Severity
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.12) CVE-2009-2372 CVE-2009-2373CVE-2009-2374 CWE-79 CWE-2 High
00 CWE-264
352 CWE-434
64 CWE-601
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.17) CVE-2010-3091 CVE-2010-3092CVE-2010-3093 CVE-2010-3 CWE-79 CWE-2 High
094CVE-2010-3685 CVE-2010-3686 64
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.2) CVE-2008-3218 CVE-2008-3219CVE-2008-3220 CVE-2008-3 CWE-79 CWE-8 High
221CVE-2008-3222 CVE-2008-3223 9 CWE-352 CWE
-384
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.22) CVE-2012-0825 CVE-2012-0826 CWE-264 CWE- High
352
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.26) CVE-2012-5651 CVE-2012-5652CVE-2012-5653 CWE-95 CWE-2 High
64
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.27) CVE-2013-0244 CVE-2013-0245 CWE-79 CWE-2 High
64
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.28) CVE-2013-6385 CVE-2013-6386 CWE-95 CWE-2 High
64 CWE-330
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.3) CVE-2008-3740 CVE-2008-3741CVE-2008-3742 CVE-2008-3 CWE-79 CWE-2 High
743CVE-2008-3744 CVE-2008-3745 64 CWE-352 CW
E-434
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.31) CVE-2014-5019 CVE-2014-5021 CWE-79 CWE-4 High
00
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.34) CVE-2015-2559 CVE-2015-2749CVE-2015-2750 CWE-264 CWE- High
601
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.36) CVE-2015-6658 CVE-2015-6660CVE-2015-6661 CWE-79 CWE-2 High
00 CWE-352
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.37) CVE-2016-3163 CVE-2016-3164CVE-2016-3165 CVE-2016-3 CWE-113 CWE- High
166CVE-2016-3167 CVE-2016-3168CVE-2016-3169 CVE-201 287 CWE-405C
6-3171 WE-601
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.5) CVE-2008-6170 CVE-2008-6171 CWE-22 CWE-7 High
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.6) CVE-2008-6532 CVE-2008-6533 CWE-79 CWE-3 High
52
64
Drupal Core 6.x Security Bypass (6.0 - 6.29) CVE-2014-1475 CWE-287 High
Drupal Core 6.x Security Bypass (6.0 - 6.35) CVE-2015-3234 CWE-287 High
Drupal Core 6.x Session Hijacking (6.0 - 6.33) CVE-2014-9015 CWE-384 High
Drupal Core 7.x Cross-Site Request Forgery (7.0 - CVE-2007-6752 CWE-352 High
7.12)
Drupal Core 7.x Denial of Service (7.0 - 7.19) CVE-2013-0316 CWE-400 High
9
Vulnerability Name CVE CWE Severity
Drupal Core 7.x Denial of Service (7.0 - 7.30) CVE-2014-5265 CVE-2014-5266CVE-2014-5267 CWE-400 High
Drupal Core 7.x Information Disclosure (7.0 - 7.14) CVE-2012-2922 CWE-200 High
Drupal Core 7.x Information Disclosure (7.0 - 7.26) CVE-2014-2983 CWE-200 High
64
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.10) CVE-2012-0825 CVE-2012-0826CVE-2012-0827 CWE-264 CWE- High
352
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.12) CVE-2012-1588 CVE-2012-1589CVE-2012-1590 CVE-2012-1 CWE-264 CWE- High
591CVE-2012-2153 400 CWE-601
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.15) CVE-2012-4553 CVE-2012-4554 CWE-95 CWE-5 High
38
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.17) CVE-2012-5651 CVE-2012-5653 CWE-95 CWE-2 High
64
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.18) CVE-2013-0244 CVE-2013-0245CVE-2013-0246 CWE-79 CWE-2 High
64
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.23) CVE-2013-6385 CVE-2013-6386CVE-2013-6387 CVE-2013-6 CWE-79 CWE-9 High
388CVE-2013-6389 5 CWE-264 CWE
-330 CWE-601
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.28) CVE-2014-5019 CVE-2014-5020CVE-2014-5021 CVE-2014-5 CWE-79 CWE-2 High
022 64 CWE-400
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.33) CVE-2014-9015 CVE-2014-9016 CWE-384 CWE- High
400
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.34) CVE-2015-2559 CVE-2015-2749CVE-2015-2750 CWE-264 CWE- High
601
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.37) CVE-2015-3231 CVE-2015-3232CVE-2015-3233 CVE-2015-3 CWE-200 CWE- High
234 287 CWE-601
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.38) CVE-2015-6658 CVE-2015-6659CVE-2015-6660 CVE-2015-6 CWE-79 CWE-8 High
661CVE-2015-6665 9 CWE-200 CWE
-352
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.42) CVE-2016-3162 CVE-2016-3163CVE-2016-3164 CVE-2016-3 CWE-200 CWE- High
168CVE-2016-3169 CVE-2016-3170 287 CWE-400C
WE-405 CWE-60
1
Drupal Core 7.x Open Redirect (7.0 - 7.40) CVE-2015-7943 CWE-601 High
Drupal Core 7.x SQL Injection (7.0 - 7.31) CVE-2014-3704 CWE-89 High
Drupal Core 7.x Security Bypass (7.0 - 7.2) CVE-2011-2687 CWE-264 High
Drupal Core 7.x Security Bypass (7.0 - 7.4) CVE-2011-2726 CWE-264 High
8.0.3) 287 CWE-400C
WE-601
vulnerability
10
Vulnerability Name CVE CWE Severity
injection
execution
Exim Illegal IPv6 Address and SPA Authentication CVE-2005-0021 CWE-119 High
Buffer Overflow
vulnerability
11
Vulnerability Name CVE CWE Severity
HipChat for JIRA plugin - Velocity template injection CVE-2015-5603 CWE-94 High
IBM Lotus Domino web server Cross-Site Scripting CVE-2012-3301 CVE-2012-3302 CWE-79 High
vulnerabilities
password
vulnerability
12
Vulnerability Name CVE CWE Severity
Control-Allow-Origin
post
post
page
Invision Power Board version 3.3.4 unserialize PHP CVE-2012-5692 CWE-20 High
code execution
detected
13
Vulnerability Name CVE CWE Severity
Joomla! Core 1.0 Remote File Inclusion (1.0.0 - CVE-2006-2960 CWE-94 High
1.0.0)
Joomla! Core 1.0.5 Security Bypass (1.0.5 - 1.0.5) CVE-2006-0114 CWE-264 High
1.0.11)
1.0.15)
1.0.15)
1.0.12) 00
1.0.13) 52
1.0.3) 9 CWE-400
1.0.9) 9
Joomla! Core 1.0.x Remote File Inclusion (1.0.11 - CVE-2008-5671 CWE-94 High
1.0.14)
Joomla! Core 1.0.x SQL Injection (1.0.0 - 1.0.11) CVE-2007-0374 CWE-89 High
Joomla! Core 1.0.x Security Bypass (1.0.0 - 1.0.10) CVE-2006-4471 CWE-264 High
Joomla! Core 1.0.x Session Fixation (1.0.0 - 1.0.12) CVE-2007-4188 CWE-287 High
14
Vulnerability Name CVE CWE Severity
1.0.3)
Joomla! Core 1.5.12 Arbitrary File Upload (1.5.12 - CVE-2011-4906 CVE-2011-4908 CWE-434 High
1.5.12)
Joomla! Core 1.5.x Arbitrary File Upload (1.5.0 - CVE-2010-1433 CWE-434 High
1.5.15)
1.5.10)
1.5.10)
1.5.10)
1.5.11)
1.5.11)
Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.7) CVE-2008-6299 CWE-79 High
Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.9) CVE-2009-1279 CWE-79 High
Joomla! Core 1.5.x Directory Traversal (1.5.0 - 1.5.8) CVE-2009-0113 CWE-22 High
1.5.11)
1.5.12)
1.5.14)
1.5.15)
1.5.23)
1.5.25)
1.5.9) 52
Joomla! Core 1.5.x Open Redirect (1.5.0 - 1.5.6) CVE-2008-4104 CWE-601 High
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.15) CVE-2010-1435 CWE-264 High
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.24) CVE-2011-4321 CWE-310 High
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.25) CVE-2012-1598 CWE-264 High
15
Vulnerability Name CVE CWE Severity
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.5) CVE-2008-3681 CWE-264 High
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.6) CVE-2008-4102 CWE-330 High
Joomla! Core 1.5.x Session Fixation (1.5.0 - 1.5.15) CVE-2010-1434 CWE-384 High
Joomla! Core 1.5.x Session Hijacking (1.5.0 - 1.5.8) CVE-2008-4122 CWE-310 High
Joomla! Core 1.5.x Variable Injection (1.5.0 - 1.5.6) CVE-2008-4105 CWE-20 High
1.6.0) 9 CWE-200
Joomla! Core 1.6.x Cross-Site Scripting (1.6.0 - 1.6.3) CVE-2011-4332 CWE-79 High
Joomla! Core 1.6.x Cross-Site Scripting (1.6.0 - 1.6.5) CVE-2011-2710 CWE-79 High
Joomla! Core 1.6.x Cross-Site Scripting (1.6.0 - 1.6.6) CVE-2012-0820 CWE-79 High
Joomla! Core 1.6.x Cross-Site Scripting (1.6.0 - 1.6.6) CVE-2012-0822 CWE-79 High
Joomla! Core 1.6.x Cross-Site Scripting (1.6.0 - 1.6.6) CVE-2011-3595 CWE-79 High
1.6.3)
1.6.6)
1.6.6)
Joomla! Core 1.6.x Security Bypass (1.6.0 - 1.6.6) CVE-2012-1562 CWE-264 High
Joomla! Core 1.6.x Security Bypass (1.6.0 - 1.6.6) CVE-2012-1563 CWE-264 High
Joomla! Core 1.7.0 Cross-Site Scripting (1.7.0 - 1.7.0) CVE-2011-3595 CWE-79 High
1.7.0)
Joomla! Core 1.7.x Cross-Site Scripting (1.7.0 - 1.7.3) CVE-2012-0822 CWE-79 High
Joomla! Core 1.7.x Cross-Site Scripting (1.7.0 - 1.7.3) CVE-2012-0820 CWE-79 High
1.7.1)
1.7.1)
1.7.3)
16
Vulnerability Name CVE CWE Severity
1.7.3)
1.7.4)
1.7.4)
1.7.4)
Joomla! Core 1.7.x SQL Injection (1.7.0 - 1.7.4) CVE-2012-1116 CWE-89 High
Joomla! Core 1.7.x Security Bypass (1.7.0 - 1.7.5) CVE-2012-1563 CWE-264 High
Joomla! Core 1.7.x Security Bypass (1.7.0 - 1.7.5) CVE-2012-1562 CWE-264 High
2.5.0)
2.5.0)
Joomla! Core 2.5.x Arbitrary File Upload (2.5.0 - CVE-2013-5576 CWE-434 High
2.5.13)
2.5.7)
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.1) CVE-2012-1117 CWE-79 High
2.5.14)
2.5.18)
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.3) CVE-2012-1612 CWE-79 High
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.6) CVE-2012-4532 CWE-79 High
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.6) CVE-2012-4531 CWE-79 High
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.9) CVE-2013-3267 CWE-79 High
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.9) CVE-2013-3058 CWE-79 High
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.9) CVE-2013-3059 CWE-79 High
Joomla! Core 2.5.x Denial of Service (2.5.0 - 2.5.9) CVE-2013-3242 CWE-400 High
Joomla! Core 2.5.x Denial of Service (2.5.4 - 2.5.25) CVE-2014-7229 CWE-400 High
2.5.3)
2.5.4)
2.5.8)
2.5.9)
Joomla! Core 2.5.x Remote File Inclusion (2.5.4 - CVE-2014-7228 CWE-94 High
2.5.25)
17
Vulnerability Name CVE CWE Severity
Joomla! Core 2.5.x SQL Injection (2.5.0 - 2.5.1) CVE-2012-1116 CWE-89 High
Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.18) CVE-2014-7984 CWE-264 High
Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.2) CVE-2012-1562 CWE-264 High
Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.2) CVE-2012-1563 CWE-264 High
Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.24) CVE-2014-6632 CWE-264 High
Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.4) CVE-2012-2747 CWE-264 High
Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.9) CVE-2013-3056 CWE-264 High
3.0.1)
Joomla! Core 3.0.x Cross-Site Scripting (3.0.0 - 3.0.3) CVE-2013-3059 CWE-79 High
Joomla! Core 3.0.x Cross-Site Scripting (3.0.0 - 3.0.3) CVE-2013-3058 CWE-79 High
Joomla! Core 3.0.x Cross-Site Scripting (3.0.0 - 3.0.3) CVE-2013-3267 CWE-79 High
Joomla! Core 3.0.x Denial of Service (3.0.0 - 3.0.3) CVE-2013-3242 CWE-400 High
3.0.2)
3.0.2)
3.0.2)
3.0.3)
Joomla! Core 3.0.x Security Bypass (3.0.0 - 3.0.3) CVE-2013-3056 CWE-264 High
Joomla! Core 3.2.x Cross-Site Scripting (3.2.0 - 3.2.4) CVE-2014-6631 CWE-79 High
Joomla! Core 3.3.x Cross-Site Scripting (3.3.0 - 3.3.3) CVE-2014-6631 CWE-79 High
Joomla! Core 3.3.x Denial of Service (3.3.0 - 3.3.4) CVE-2014-7229 CWE-400 High
Joomla! Core 3.3.x Remote File Inclusion (3.3.0 - CVE-2014-7228 CWE-94 High
3.3.4)
Joomla! Core 3.3.x Security Bypass (3.3.0 - 3.3.3) CVE-2014-6632 CWE-264 High
Joomla! Core 3.4.x Cross-Site Scripting (3.4.0 - 3.4.3) CVE-2015-6939 CWE-79 High
Joomla! Core 3.4.x Directory Traversal (3.4.0 - 3.4.5) CVE-2015-8564 CWE-22 High
Joomla! Core 3.x.x Arbitrary File Upload (3.0.0 - CVE-2013-5576 CWE-434 High
3.1.4)
Joomla! Core 3.x.x Cross-Site Request Forgery (3.2.0 CVE-2015-5397 CWE-352 High
- 3.4.1)
Joomla! Core 3.x.x Cross-Site Request Forgery (3.2.0 CVE-2015-8563 CWE-352 High
- 3.4.5)
Joomla! Core 3.x.x Cross-Site Scripting (3.0.0 - 3.2.2) CVE-2014-7982 CWE-79 High
Joomla! Core 3.x.x Cross-Site Scripting (3.1.2 - 3.2.2) CVE-2014-7983 CWE-79 High
18
Vulnerability Name CVE CWE Severity
Joomla! Core 3.x.x Denial of Service (3.0.0 - 3.2.5) CVE-2014-7229 CWE-400 High
Joomla! Core 3.x.x Directory Traversal (3.2.0 - 3.4.5) CVE-2015-8565 CWE-22 High
Joomla! Core 3.x.x Open Redirect (3.0.0 - 3.4.1) CVE-2015-5608 CWE-601 High
Joomla! Core 3.x.x Remote File Inclusion (3.0.0 - CVE-2014-7228 CWE-94 High
3.2.5)
Joomla! Core 3.x.x SQL Injection (3.1.0 - 3.2.2) CVE-2014-7981 CWE-89 High
Joomla! Core 3.x.x SQL Injection (3.2.0 - 3.4.4) CVE-2015-7297 CVE-2015-7857CVE-2015-7858 CWE-89 High
Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.2.2) CVE-2014-7984 CWE-264 High
Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.2.4) CVE-2014-6632 CWE-264 High
Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.4.4) CVE-2015-7899 CWE-264 High
Joomla! Core 3.x.x Security Bypass (3.2.0 - 3.4.4) CVE-2015-7859 CWE-264 High
Joomla! Core Remote Code Execution (1.5.0 - 3.4.5) CVE-2015-8562 CWE-94 High
vulnerabilities
vulnerabilities
vulnerability
scripts
624CVE-2015-1042
19
Vulnerability Name CVE CWE Severity
bypass
vulnerability
execution vulnerabilities
command execution
and 5.4.28
wizard.php
Sitebuilder
vulnerabilities 781CVE-2007-3782
vulnerability
vulnerabilities 226CVE-2008-0227
vulnerabilities
20
Vulnerability Name CVE CWE Severity
376
NSS Library SSL v.2.0 remote command execution CVE-2007-0009 CWE-119 High
vulnerability
PHP 4.3.0 file disclosure and possible code CVE-2003-0097 CWE-20 Medium
execution
vulnerability
PHP HTTP POST incorrect MIME header parsing CVE-2002-0717 CWE-20 Medium
vulnerability
21
Vulnerability Name CVE CWE Severity
vulnerabilities
point number
PHP mail function ASCII control character header CVE-2002-0986 CWE-20 Medium
spoofing vulnerability
063CVE-2004-1064 CVE-2004-1065
bypass vulnerability
vulnerability
454
899CVE-2007-5900
22
Vulnerability Name CVE CWE Severity
384CVE-2008-2050 CVE-2008-2051
829CVE-2008-3658 CVE-2008-3659CVE-2008-3660
PHP.exe Windows CGI for Apache may let remote CVE-2002-2029 CWE-16 Low
Parallels Plesk SSO XML External Entity and Cross- CWE-611 High
site scripting
source edition
23
Vulnerability Name CVE CWE Severity
disclosure
Rails remote code execution using render :inline CVE-2016-2098 CWE-94 High
persistence
code execution
24
Vulnerability Name CVE CWE Severity
SSL certificate public key less than 2048 bit CWE-310 Medium
vulnerability
632
password.c
25
Vulnerability Name CVE CWE Severity
vulnerability
The FREAK attack (export cipher suites supported) CVE-2015-0204 CWE-310 Medium
vulnerability
site scripting
execution
26
Vulnerability Name CVE CWE Severity
1.3.34/2.0.57/2.2.1
ofc_upload_image.php
vulnerabilities
of privilege
27
Vulnerability Name CVE CWE Severity
WordPress 0.7 Posts SQL Injection Vulnerability (0.7 CVE-2003-1598 CWE-89 High
- 0.7)
28
Vulnerability Name CVE CWE Severity
(0.6.2 - 2.0.1 )
(0.6.2 - 2.0.5)
897 9 CWE-264
(2.1.1 - 2.1.1)
897 9 CWE-264
- 2.2)
9 CWE-434
9 CWE-264
- 2.3)
(0.6.2 - 2.3.3)
- 2.5)
29
Vulnerability Name CVE CWE Severity
(0.6.2 - 2.6.3)
(0.6.2 - 2.8.4)
3.0.4) 00
52 CWE-400
- 3.3)
402CVE-2012-2403 CVE-2012-2404CVE-2012-3414 64 CWE-352
00 CWE-264 CW
E-352
00 CWE-264 CW
E-352
64
18
30
Vulnerability Name CVE CWE Severity
201CVE-2013-2202 CVE-2013-2203CVE-2013-2204 CVE-201 00 CWE-264 CW
3-2205 E-400 CWE-611
CWE-918
738CVE-2013-5739 4 CWE-264
64 CWE-287
265CVE-2014-5266 52 CWE-399 CW
E-611
034CVE-2014-9035 CVE-2014-9036CVE-2014-9037 CVE-201 9 CWE-310 CWE
4-9038CVE-2014-9039 -352 CWE-918
3.7.12) 918
64 CWE-287
265CVE-2014-5266 52 CWE-399 CW
E-611
034CVE-2014-9035 CVE-2014-9036CVE-2014-9037 CVE-201 9 CWE-310 CWE
4-9038CVE-2014-9039 -352 CWE-918
(3.8 - 3.8.11)
3.8.12) 918
240CVE-2014-5265 CVE-2014-5266 4 CWE-352 CWE
-399 CWE-611
034CVE-2014-9035 CVE-2014-9036CVE-2014-9037 CVE-201 9 CWE-310 CWE
4-9038CVE-2014-9039 -352 CWE-918
(3.9 - 3.9.9)
3.9.10) 918
035CVE-2014-9036 CVE-2014-9037CVE-2014-9038 CVE-201 9 CWE-310 CWE
4-9039 -352 CWE-918
(4.0 - 4.0.8)
918
(4.1 - 4.1.8)
918
31
Vulnerability Name CVE CWE Severity
64
716CVE-2015-5730 CVE-2015-5731CVE-2015-5732 CVE-201 9 CWE-264
5-5733CVE-2015-5734
(4.2 - 4.2.5)
918
64
(4.3 - 4.3.1)
918
- 4.4)
918
2.3.1)
3.7.11)
4.1.1)
3.6.1)
4.1.1)
4.2)
3.6.1)
32
Vulnerability Name CVE CWE Severity
918
Scripting (2.5.1)
33
Vulnerability Name CVE CWE Severity
Scripting (3.25)
Scripting (2.00)
WordPress Plugin Acobot Live Chat & Contact Form CVE-2015-2039 CWE-79 CWE-3 High
Disclosure (1.0.4)
Vulnerabilities (2.3.1) 52
(1.5.5)
Vulnerabilities (1.5.2) 52
(1.1.2)
(0.6)
Scripting (1.1.33)
Injection (3.6.6)
Injection (3.6.5)
34
Vulnerability Name CVE CWE Severity
Injection (0.2)
Inclusion (1.0)
Scripting (2.2.7)
Scripting (1.8)
(1.4.2)
Vulnerabilities (1.0) 52
Scripting (0.3)
Traversal (1.2)
Vulnerability (2.4.0)
35
Vulnerability Name CVE CWE Severity
Injection (1.0)
Scripting (1.6)
Injection (3.0)
Upload (2.8.1.1)
(3.1)
(3.5)
Traversal (1.2.0)
(1.2.0)
(3.1.4)
WordPress Plugin Alert Before Your Post Cross-Site CVE-2011-5107 CWE-79 High
Scripting (0.1.1)
(1.1.1)
WordPress Plugin All In One WP Security & Firewall CVE-2015-0895 CWE-352 High
36
Vulnerability Name CVE CWE Severity
WordPress Plugin All In One WP Security & Firewall CVE-2014-6242 CWE-89 High
WordPress Plugin All In One WP Security & Firewall CVE-2015-0894 CWE-89 High
WordPress Plugin All Video Gallery 'vid' Parameter CVE-2012-6653 CWE-89 High
WordPress Plugin All Video Gallery SQL Injection CVE-2014-5186 CWE-89 High
(1.2)
Scripting (2.0.3)
Scripting (2.2.2)
Scripting (2.2.6.1)
WordPress Plugin All in One SEO Pack Information CVE-2015-0902 CWE-200 High
Disclosure (2.2.5.1)
Vulnerabilities (2.1.5) 87
Bypass (2.0.4)
WordPress Plugin Allow PHP in Posts and Pages 'id' CWE-89 High
Scripting (1.3.0)
37
Vulnerability Name CVE CWE Severity
Injection (3.5.2)
Scripting (1.6.2)
Scripting (3.60)
(4.1)
(2.2.3)
38
Vulnerability Name CVE CWE Severity
Forgery (1.0.0)
(2.0.4.5)
(1.1.13)
Vulnerabilities (1.0) 52
Scripting (1.9)
Injection (2.0.3)
WordPress Plugin Aviary Image Editor Add-on For CVE-2015-4455 CWE-434 High
Scripting (1.0)
39
Vulnerability Name CVE CWE Severity
Execution (0.7.5)
Scripting (2.0)
WordPress Plugin BSK PDF Manager Multiple SQL CVE-2014-4944 CWE-89 High
Inclusion (0.4.2b)
Scripting (3.0.12)
Scripting (1.0)
Upload (1.0.2)
Disclosure (2.2.28)
Scripting (1.2.7)
(0.2.4)
(1.0)
40
Vulnerability Name CVE CWE Severity
Scripting (2.1.1)
Vulnerabilities (1.2.3) 52
Scripting (1.0)
Bypass (1.1)
WordPress Plugin Blue Wrench Video Widget Cross- CVE-2013-6797 CWE-352 High
WordPress Plugin BookX Local File Inclusion (1.7) CVE-2014-4937 CWE-22 High
(1.8.2)
Vulnerabilities (2.9.2) 52
(2.0.4)
Scripting (1.2.7.33)
(1.2.7.30)
41
Vulnerability Name CVE CWE Severity
Scripting (1.10.1)
Scripting (1.10.4)
Scripting (1.10.5)
Scripting (1.10.8)
Vulnerability (1.10.7)
Scripting (0.5.5)
Vulnerabilities (0.4.5) 9
Inclusion (2.10)
(0.1.9.2)
(1.2.2)
Vulnerabilities (1.6.1) 52
(2.2.2.1)
Vulnerabilities (1.9.1) 64
(2.0.2)
(2.3.4)
(5.5.3)
42
Vulnerability Name CVE CWE Severity
Scripting (.47)
Scripting (.50.9)
Scripting (.52.4)
Scripting (1.2.1)
Injection (2.0.3)
Vulnerabilities (2.0.6) 52
Scripting (3.3.4)
Scripting (1.2.31)
43
Vulnerability Name CVE CWE Severity
(1.0.8) 52
Injection (1.1.6)
Vulnerabilities (1.3.1)
(1.0)
Scripting (1.0.81)
Forgery (1.3.2)
Scripting (1.0.6)
Injection (4.1.4)
Injection (4.1.7)
Bypass (3.8.7)
Bypass (4.0.6)
(3.0)
44
Vulnerability Name CVE CWE Severity
Disclosure (1.5.3)
Vulnerabilities (0.9.1) 34
Vulnerability (1.5.3)
(3.0)
Vulnerabilities (3.7.1) 52
Service (2.6.3)
(1.0)
(1.1)
WordPress Plugin Click to Copy Grab Box Multiple CVE-2013-1808 CWE-79 High
45
Vulnerability Name CVE CWE Severity
Vulnerabilities (1.7) 52
(1.48)
Scripting (1.0)
Vulnerabilities (1.1.6)
WordPress Plugin Code Insert Manager (Q2W3 Inc CVE-2013-1808 CWE-79 High
Scripting (1.6.8)
Scripting (1.5.5)
46
Vulnerability Name CVE CWE Severity
(2.92.3)
Scripting (2.5.2)
(1.3.5)
(1.4)
Upload (3.5.2)
Upload (3.5.3)
Scripting (4.0.1)
(3.7.1)
(4.1)
Bypass (1.0.7)
47
Vulnerability Name CVE CWE Severity
WordPress Plugin Contact Form Clean and Simple CVE-2014-8955 CWE-79 High
Scripting (2.8.19)
Scripting (2.8.27)
Scripting (1.7.18)
Injection (1.7.30)
Bypass (1.7.14)
Vulnerability (1.2)
Scripting (1.0)
Vulnerabilities (1.1.4) 52
WordPress Plugin Content Audit Blind SQL Injection CVE-2014-5389 CWE-89 High
(1.6)
Vulnerabilities (1.0) 52
48
Vulnerability Name CVE CWE Severity
Scripting (1.1)
(2.61)
Injection (1.9)
WordPress Plugin Count per Day Arbitrary File CVE-2012-0896 CWE-22 CWE-7 High
Disclosure (3.2.5)
WordPress Plugin Count per Day SQL Injection (3.4) CVE-2015-5533 CWE-89 High
WordPress Plugin Count per Day Search Bar Cross- CWE-79 High
49
Vulnerability Name CVE CWE Severity
(0.5.6)
Vulnerabilities (0.4.4) 52
(1.7)
Vulnerabilities (2.0.5) 52
Upload (1.1)
Scripting (1.2.2.2)
Bypass (5.1.0.3)
Backdoor (0.9.8.8)
Bypass (2.4)
Scripting (3.2)
Scripting (1.5.1)
Vulnerability (0.7.15)
Scripting (1.0.6)
Scripting (1.1.1)
Scripting (2.1.0.1)
Scripting (1.0)
50
Vulnerability Name CVE CWE Severity
(4.5)
Vulnerabilities (2.1)
Scripting (1.0)
Manipulation (1.17.4)
Bypass (1.2.9)
Disclosure (3.1.3)
WordPress Plugin DZS Video Gallery Multiple Cross- CVE-2014-3923 CVE-2014-9094 CWE-79 High
Redirect (2.0)
Scripting (0.4)
51
Vulnerability Name CVE CWE Severity
Vulnerability (0.8)
Scripting (1.0.1)
Forgery (5.3.4)
Scripting (1.3)
Vulnerability (1.4)
Scripting (2.03)
Vulnerability (1.5.1)
(1.2.3)
52
Vulnerability Name CVE CWE Severity
WordPress Plugin Double Opt-In for Download SQL CVE-2015-7517 CWE-89 High
Injection (2.0.8)
Scripting (1.7.0)
Scripting (3.3.6.1)
Disclosure (1.6.3)
Inclusion (0.2.3)
WordPress Plugin Drag & Drop File Uploader 'dnd- CWE-434 High
(2.5.2)
Vulnerabilities (2.4.1) 9
Vulnerability (0.1.4)
Disclosure (0.3.0)
Forgery (1.1.2)
(0.4.4)
(0.5.26)
53
Vulnerability Name CVE CWE Severity
Scripting (1.0.6)
Scripting (3.3.0)
(1.0.1)
Scripting (4.1.06)
WordPress Plugin EZPZ One Click Backup Remote CVE-2014-3114 CWE-78 High
Disclosure (1.5)
(1.4)
Scripting (0.4)
Scripting (1.6.2)
Scripting (1.8.1)
54
Vulnerability Name CVE CWE Severity
Vulnerability (1.3.4.9)
Scripting (1.3.6)
Scripting (1.1.1)
Scripting (5.0.6)
WordPress Plugin Easy Plugin for AdSense Cross- CVE-2013-2702 CWE-352 High
Vulnerabilities (1.2.2) 52
Vulnerabilities (1.2.3.1) 9
(1.5.2)
Vulnerabilities (1.2.4)
Vulnerabilities (1.2.9) 9
Vulnerabilities (1.0.9) 9
Scripting (1.0.5.1)
55
Vulnerability Name CVE CWE Severity
Upload (2.5)
Vulnerabilities (2.9) 9
(4.7.5)
Scripting (20.13.6)
Vulnerabilities (7.0.3) 52
Vulnerabilities (0.0.6.2) 01
Vulnerabilities (1.0.4) 52
Disclosure (0.1)
(5.1.3.6)
Scripting (2.12.4)
56
Vulnerability Name CVE CWE Severity
Vulnerabilities (1.5.49) 52
Vulnerabilities (5.5.7.1) 4
Vulnerability (5.5.5)
Escalation (0.4.2)
Vulnerabilities (1.0.14)
Injection (1.0)
57
Vulnerability Name CVE CWE Severity
Vulnerabilities (1.0) 9
(1.5.12)
Bypass (3.0.2)
(1.0)
Upload (1.1)
58
Vulnerability Name CVE CWE Severity
(3.0)
Scripting (2014.0805)
Vulnerabilities (2015.0426) 9
(1.8.8)
(2.4)
Vulnerability (3.0.10)
Vulnerability (3.0.7)
Execution (1.7.9)
Injection (1.1.2)
Upload (1.1)
(1.6.5)
(1.6.4)
59
Vulnerability Name CVE CWE Severity
Scripting (1.3.1)
Scripting (0.7)
WordPress Plugin Flexible Custom Post Type Cross- CVE-2011-5106 CWE-79 High
Scripting (3.3.6)
Upload (1.0)
Scripting (1.1.5)
Scripting (1.1.6)
Vulnerabilities (1.0.1) 9
(1.0beta3)
Scripting (2.6.8.4)
(1.2.0)
(1.7.14)
Vulnerability (1.6.5)
Vulnerability (1.7.56)
60
Vulnerability Name CVE CWE Severity
(0.90)
Upload (1.06.02)
Disclosure (2.0.07)
(1.07.12)
Bypass (2.0.21)
(1.11)
Scripting (1.2.31)
(4.6)
(1.1)
Upload (0.5.4.4)
WordPress Plugin Front end file upload and CVE-2014-5324 CWE-94 High
61
Vulnerability Name CVE CWE Severity
Scripting (0.9.2)
(1.3.2)
Injection (1.0)
Disclosure (1.0.5)
Forgery (1.0)
Injection (1.2)
Scripting (1.5.1)
Vulnerabilities (1.9.22) 52
Scripting (1.0.1)
Upload (3.06)
(3.8.3)
62
Vulnerability Name CVE CWE Severity
(0.4)
(1.2.41)
(0.4.0)
Scripting (4.1.5)
(1.2.2)
Redirect (2.0)
Scripting (0.13)
Scripting (1.0.6)
(1.8.2)
Injection (2.1.10)
63
Vulnerability Name CVE CWE Severity
Vulnerabilities (2.3.8)
(2.3.10) 9
Scripting (0.13.4)
(1.3.5) 9
Vulnerabilities (3.1.5) 9
Injection (2.0.4)
64
Vulnerability Name CVE CWE Severity
Scripting (2.5.18)
Injection (2.5.14)
Injection (2.5.16)
Scripting (2.30)
Scripting (1.5.3)
Scripting (4.0.8)
65
Vulnerability Name CVE CWE Severity
Vulnerabilities (0.5.1) 52
Upload (1.8.19)
Scripting (1.9.15.11)
Scripting (1.9.5)
(1.9.3.5)
WordPress Plugin Gravity Upload Ajax Arbitrary File CVE-2014-4972 CWE-434 High
Upload (1.1)
Inclusion (1.5.3)
WordPress Plugin HDW Player (Video Player & CVE-2014-5180 CWE-89 High
(1.11)
66
Vulnerability Name CVE CWE Severity
WordPress Plugin HTML5 MP3 Player with Playlist CVE-2014-9177 CWE-200 High
WordPress Plugin HTML5 Video Player with Playlist CVE-2014-4534 CWE-79 High
(1.0)
Scripting (2.1.0)
(4.51.1)
(4.53)
Download (1.1.1)
Scripting (3.0.5)
(3.7.2)
Download (0.6)
WordPress Plugin IGIT Related Posts With Thumb CVE-2011-4106 CWE-20 High
67
Vulnerability Name CVE CWE Severity
Inclusion (1.0.8)
Scripting (2.0.1)
Forgery (1.2.3)
Disclosure (3.42)
Injection (3.0)
(1.1.6)
Download (1.1.0)
Scripting (1.4.0)
Scripting (1.5.1)
Scripting (1.7.0)
(1.0.6)
(1.1.5)
Vulnerability (4.1.2)
(0.0.4)
(1.0)
Scripting (0.1)
68
Vulnerability Name CVE CWE Severity
Scripting (1.0.1)
Vulnerability (2.3.3)
Scripting (1.3.1)
(1.3.7)
Vulnerability (1.3.14)
Inclusion (1.6)
Scripting (1.0)
(2.5)
69
Vulnerability Name CVE CWE Severity
Disclosure (6.1)
(2.2.1)
Vulnerabilities (2.2.1) 00
(2.1.14)
WordPress Plugin JW Player for Flash & HTML5 CVE-2014-4030 CWE-352 High
(1.17.9)
Vulnerability (1.10.5)
Escalation (1.3.7)
Escalation (1.3.8)
(0.7.22)
(0.7.24)
(0.7.25)
(3.3) 9
70
Vulnerability Name CVE CWE Severity
Vulnerability (2.2.1)
Scripting (1.7.1)
Inclusion (1.0)
WordPress Plugin Lazy SEO Arbitrary File Upload CVE-2013-5961 CWE-434 High
(1.3.2)
WordPress Plugin Lazyest Gallery EXIF Code Cross- CVE-2014-2333 CWE-79 High
Scripting (0.0.1)
71
Vulnerability Name CVE CWE Severity
(3.8)
Injection (1.2.3)
Bypass (1.7.0)
(5.8.10.6)
(5.9.5.5)
Scripting (2.0.2)
Scripting (4.1.4)
72
Vulnerability Name CVE CWE Severity
Scripting (1.0)
Scripting (3.0.4)
(3.1.2)
(1.2)
Scripting (1.0.0)
Injection (1.2)
(1.8.3)
Disclosure (2.3.2)
(2.3)
73
Vulnerability Name CVE CWE Severity
Scripting (4.2.5)
Scripting (1.7.1)
Vulnerability (2.3.2.2)
Vulnerability (2.0.9)
(1.99)
Scripting (2.6.11)
Scripting (2.6.19)
Download (1.4.1)
Scripting (2.0.12)
(2.0.9.1)
Vulnerability (2.0.27)
Vulnerability (2.0.22)
Vulnerability (1.3.3)
Scripting (1.1)
74
Vulnerability Name CVE CWE Severity
Vulnerability (4.1.7)
Scripting (1.10)
Scripting (0.9.1)
Scripting (1.7.0)
Vulnerability (4.0.0.2)
(2.6.2)
75
Vulnerability Name CVE CWE Severity
Disclosure (3.3.1)
(1.6.0)
(1.6.1)
Scripting (1.0.28 )
Vulnerabilities (1.0.33.3) 9
Vulnerabilities (1.5.2) 52
76
Vulnerability Name CVE CWE Severity
Bypass (1.2.6)
(1.03) 52
Forgery (2.1)
Vulnerabilities (3.2.1)
(1.0.41)
(1.0.14)
Vulnerability (1.0.20)
(2.3.28)
Vulnerabilities (2.3.29) 9
Scripting (4.3)
77
Vulnerability Name CVE CWE Severity
Scripting (4.3)
Scripting (4.3)
(1.4.1)
(0.0.7)
Injection (2.1)
Vulnerability (1.0)
Scripting (0.1)
(2.0)
Scripting (1.1.9)
Scripting (1.0.3)
Scripting (1.0.5)
Vulnerabilities (0.9.8) 9
Vulnerabilities (1.0.4) 9
78
Vulnerability Name CVE CWE Severity
(3.2.6)
(2.6.4.4)
Upload (1.9.12)
Upload (2.1.10)
Traversal (2.0.0)
Traversal (2.1.9)
Disclosure (1.9.11)
Inclusion (2.1.7)
79
Vulnerability Name CVE CWE Severity
Vulnerability (2.0.77.3)
(1.8.9)
Forgery (2.7.7)
(2.8.6)
(2.9.10)
(2.9.18)
(2.9.28)
(2.9.31)
(2.9.29)
Vulnerability (2.8.9)
Vulnerability (2.9.24)
80
Vulnerability Name CVE CWE Severity
WordPress Plugin Nokia Maps & Places Cross-Site CVE-2014-1750 CWE-79 High
Scripting (1.6.6)
Forgery (5.0)
Forgery (0.0.4)
Scripting (1.1.26)
Forgery (1.0.4)
Scripting (0.2.6)
Scripting (1.1.8)
Scripting (6.5)
(2.5.3)
(2.5.5)
81
Vulnerability Name CVE CWE Severity
Scripting (4.1.1)
(1.0)
Forgery (1.11)
WordPress Plugin Page Flip Image Gallery 'book_id' CVE-2008-5752 CWE-22 High
(2.2.1)
(2.2.3)
Scripting (1.1)
Injection (1.0.2)
Traversal (1.7.14.2)
Injection (1.5.4.8)
Redirect (1.4)
82
Vulnerability Name CVE CWE Severity
Vulnerability (2.0)
WordPress Plugin Pay Per Media Player Multiple CVE-2014-4543 CWE-79 High
WordPress Plugin Pay With Tweet SQL Injection CVE-2012-5349 CVE-2012-5350 CWE-89 High
Injection (0.1.1)
WordPress Plugin Payment Form for PayPal Pro CVE-2015-7666 CWE-79 High
Upload (1.2.5)
(1.2.12)
Vulnerabilities (1.2.9) 9
(1.2.7)
Inclusion (1.6)
Injection (1.0)
Forgery (0.3.1)
(2.0.14)
83
Vulnerability Name CVE CWE Severity
Vulnerabilities (2.0.15) 87
Vulnerabilities (2.0.18) 9
(2.0.13)
Scripting (1.3.7)
Scripting (0.20)
WordPress Plugin Polldaddy Polls & Ratings Cross- CVE-2014-4856 CWE-79 High
(1.5.1)
Scripting (1.1)
84
Vulnerability Name CVE CWE Severity
Forgery (1.0)
Scripting (1.5.7)
Scripting (1.0.3)
Vulnerabilities (2.1.1) 52
Scripting (1.4.3)
Vulnerabilities (3.3) 34
WordPress Plugin Pretty Link Lite 'slug' Parameter CVE-2011-5192 CWE-79 High
Scripting (1.6.0)
Scripting (1.6.2)
85
Vulnerability Name CVE CWE Severity
(1.6.7)
Vulnerabilities (3.5.1) 52
Injection (2.0RC1)
Injection (1.0.0)
Scripting (0.1)
Vulnerability (1.1.16)
(1.1)
86
Vulnerability Name CVE CWE Severity
Scripting (6.0)
Redirect (5.1.5)
Scripting (2.2.1)
(2.5.4)
Scripting (1.1.2.1)
Upload (3.1.3)
Scripting (3.1.4)
87
Vulnerability Name CVE CWE Severity
Vulnerability (4.3.6)
Download (0.7)
Scripting (1.0.4)
Vulnerabilities (1.2) 52
Forgery (2.7.1)
Bypass (1.1)
88
Vulnerability Name CVE CWE Severity
Injection (3.2)
Scripting (1.8.6)
(1.1.5)
(0.2.4)
(1.2.1)
Vulnerabilities (1.8) 34
Vulnerabilities (1.5) 34
89
Vulnerability Name CVE CWE Severity
Vulnerabilities (1.17) 34
Vulnerabilities (1.25) 34
(1.3.64)
(1.3.66)
(2.0)
(3.2.4)
(3.2.6)
(1.1)
(0.97)
(0.982)
(0.983)
Upload (3.2)
Upload (4.1)
Scripting (3.0.4)
Vulnerabilities (1.1.8-free ) 52
90
Vulnerability Name CVE CWE Severity
Scripting (2.2.2)
(7.6.5.2)
Injection (3.1.4)
Scripting (2.7.5)
Disclosure (0.2.4)
Forgery (1.4.1)
Vulnerabilities (1.12)
Scripting (1.2.0)
91
Vulnerability Name CVE CWE Severity
Injection (1.7.7)
(7.0.2)
Scripting (0.9.3)
Scripting (3.2.4)
Disclosure (1.0.1)
Disclosure (1.0.17)
Vulnerabilities (1.1.7.21) 9
Bypass (1.2.10.20)
Vulnerabilities (0.7) 52
Backdoor (2.1.2)
92
Vulnerability Name CVE CWE Severity
Disclosure (1.6.1)
(1.2.5) 52
Scripting (1.0.7)
(1.0.17) 00 CWE-434
Scripting (1.4)
Vulnerabilities (4.9.3) 52
Scripting (2.3.6)
Vulnerabilities (2.2.1)
Scripting (3.5.2)
Service (2.9.3.114)
Vulnerabilities (2.6.96) 00
Injection (2.9.4.116)
Download (2.7.10)
93
Vulnerability Name CVE CWE Severity
(1.4.10)
Scripting (1.7)
WordPress Plugin Simple Gmail Login Stack Trace CVE-2012-6313 CWE-200 High
Disclosure (1.0.7)
Vulnerability (2.2.4)
Vulnerabilities (0.9.3) 9
Scripting (2.2.1)
Injection (1.7.9)
Injection (4.0.1)
Vulnerability (1.53)
Scripting (1.0)
94
Vulnerability Name CVE CWE Severity
Forgery (3.0.3)
Forgery (1.2)
Scripting (1.0.0)
Scripting (1.2.6)
(1.0.1)
(2.7.5) 9 CWE-352
Vulnerability (1.1.9)
Disclosure (2.2.21)
(2.1.0)
95
Vulnerability Name CVE CWE Severity
(2.6.5)
Scripting (1.7.1)
Scripting (1.0.4)
Scripting (3.0.2)
Scripting (3.0.0)
Vulnerability (1.4)
Spam (4.0)
Scripting (2.1)
Scripting (2.1.1)
WordPress Plugin Social Slider 'rA[]' Parameter SQL CVE-2011-5286 CWE-89 High
Injection (5.6.5)
96
Vulnerability Name CVE CWE Severity
Scripting (2.3.1)
Bypass (1.9.2)
Upload (5.1.90)
(1.0.0)
Scripting (1.1.0)
WordPress Plugin Spiffy XSPF Player SQL Injection CVE-2013-3530 CWE-89 High
(0.1)
(4.7)
Scripting (0.62)
Injection (0.62)
(2.0)
(1.2.9.1)
Vulnerabilities (1.4.1)
Vulnerability (1.1.3)
97
Vulnerability Name CVE CWE Severity
Enumeration (1.2.4)
Relay (4.2.25)
(10.15)
Vulnerability (10.20.5)
Injection (2.2.4)
Disclosure (1.0)
Download (1.44.1077)
98
Vulnerability Name CVE CWE Severity
WordPress Plugin Swipe Checkout for eShop Cross- CVE-2014-4556 CWE-79 High
Scripting (1.0.2)
Upload (0.13.9)
(1.0)
WordPress Plugin Tera Charts Multiple Local File CVE-2014-4940 CWE-22 High
Scripting (1.2.1)
Scripting (3.0)
Redirect (4.1.1)
Bypass (3.11.2)
Vulnerability (4.0.4)
Scripting (1.11.2)
99
Vulnerability Name CVE CWE Severity
Scripting (1.0.0)
Inclusion (6.3.9)
Vulnerabilities (2.9) 34
Scripting (1)
Vulnerabilities (1.1) 34
Injection (1.14)
Forgery (1.3)
(1.3.2)
100
Vulnerability Name CVE CWE Severity
Scripting (1.5.2)
Scripting (1.7.5)
(1.5.3)
(1.6.1)
Scripting (3.3.2)
(3.4.2)
WordPress Plugin Tune Library SQL Injection (1.5.4) CVE-2015-3314 CWE-89 High
Scripting (4.0.1)
101
Vulnerability Name CVE CWE Severity
Forgery (1.1)
Forgery (3.3.2)
(1.8.7.2)
Forgery (1.1)
Injection (1.0.4)
Injection (1.0.3)
WordPress Plugin URL Cloak & Encrypt Cross-Site CVE-2014-4563 CWE-79 High
Scripting (2.0)
Deletion (1.0.78)
Upload (1.0.83)
Scripting (1.2.3)
Scripting (1.2.995)
Scripting (1.3.28)
Disclosure (1.2.5)
102
Vulnerability Name CVE CWE Severity
Injection (3.1.2)
(1.2.3)
Vulnerabilities (1.4.6) 52
Scripting (1.3.0)
(1.0)
Vulnerability (4.3.6)
Vulnerability (1.4.6)
103
Vulnerability Name CVE CWE Severity
Vulnerabilities (1.4) 52
Disclosure (3.4.7)
Vulnerabilities (3.4.6) 64
(0.9.5.1)
(1.1)
Scripting (20151113)
(2.33)
Vulnerabilities (1.4) 64
Vulnerabilities (1.5.62) 9
WordPress Plugin Users Ultra SQL Injection (1.5.15) CVE-2015-4109 CWE-89 High
Forgery (1.4.5)
Scripting (2.7)
(1.0.2)
(1.7.7)
104
Vulnerability Name CVE CWE Severity
Vulnerability (1.7.1)
(1.2.4)
Scripting (1.1)
105
Vulnerability Name CVE CWE Severity
Scripting (2.8.4)
Vulnerabilities (2.8.2) 9
(0.9.2.2)
Disclosure (0.9.2.4)
Vulnerabilities (0.9.4) 52
Injection (0.9.2.8)
Vulnerability (2.1.2)
106
Vulnerability Name CVE CWE Severity
Vulnerabilities (1.2) 52
Scripting (1.0.16.4)
Forgery (1.6.7)
Scripting (1.40)
Scripting (1.0.5)
107
Vulnerability Name CVE CWE Severity
Forgery (2.4.4)
Scripting (1.0)
(1.2.3)
Injection (1.3.2)
Scripting (3.3)
Scripting (4.1)
Scripting (4.1.3)
Scripting (4.1.4)
Vulnerabilities (1.1.3) 52
Scripting (1.4.3)
108
Vulnerability Name CVE CWE Severity
(3.0)
Vulnerabilities (1.4) 52
(0.8.4.8)
Scripting (1.6.5)
Injection (1.6.5)
Injection (0.1)
Scripting (3.1.3)
Vulnerability (6.2.1)
109
Vulnerability Name CVE CWE Severity
Scripting (2.1.1)
Scripting (1.23.7)
Redirect (1.21)
Scripting (3.0.0)
Scripting (1.0.1)
Injection (2.0.0)
Scripting (4.0.2)
Vulnerabilities (4.3.5) 9
Vulnerability (0.9.4)
(2.45)
110
Vulnerability Name CVE CWE Severity
Vulnerabilities (1.2.3) 64
Scripting (3.2)
Vulnerability (2.1)
Disclosure (2.2.7)
Vulnerabilities (2.4) 9
Bypass (3.1.4)
Disclosure (1.0.2)
Scripting (2.7)
Scripting (4.9.2)
Scripting (5.0.10)
Scripting (5.0.2)
Scripting (5.4.17)
Scripting (5.4.7)
Scripting (6.1.2)
(0.1)
Scripting (1.0.0)
111
Vulnerability Name CVE CWE Severity
Scripting (2.3.1)
Scripting (0.6)
(0.5.2)
Injection (1.0.1)
Scripting (1.2.2)
Bypass (1.2.1)
Bypass (4.6.3)
Vulnerabilities (3.15) 9
Vulnerabilities (2.0)
Vulnerabilities (1.2.2) 52
(1.0.0)
Vulnerabilities (3.4.3.15)
(3.4.3.18) 52
112
Vulnerability Name CVE CWE Severity
(2.8.4)
(0.9.2)
(3.5.5)
(3.9.1)
(4.1.5.2)
Scripting (0.2)
Vulnerabilities (1.4.1) 52
Scripting (1.4.4.2)
Traversal (3.0.0)
(8.3)
(9.1.2)
(9.5.1)
Scripting (1.0.2)
Scripting (1.3)
Scripting (1.4)
Scripting (1.4.2)
Injection (1.2)
113
Vulnerability Name CVE CWE Severity
WordPress Plugin WP Survey And Quiz Tool 'action' CVE-2010-4630 CWE-79 High
Upload (14.11)
Scripting (11.11.26)
Scripting (13.02)
Scripting (15.8.1)
Vulnerabilities (14.05.02) 52
Vulnerabilities (14.10) 9
(13.04)
(13.12)
(15.1)
(15.5.1)
Scripting (1.0)
114
Vulnerability Name CVE CWE Severity
Injection (1.1)
Scripting (1.9.18)
Upload (2.3.10)
Scripting (1.7.4)
Scripting (0.26)
Scripting (3.9.2)
(3.8.7.1)
Vulnerabilities (3.9.1) 52
(3.8.14.3)
115
Vulnerability Name CVE CWE Severity
(0.1)
Bypass (2.9.3)
(3.0.5)
(3.0.9)
Injection (0.3)
Scripting (1.1.5)
Vulnerabilities (2.71) 00
Scripting (1.0)
(2.3)
116
Vulnerability Name CVE CWE Severity
Injection (1.7.8)
Injection (1.7.8)
Vulnerabilities (1.7.8)
Vulnerabilities (2.3)
(0.5.1)
Vulnerabilities (1.8.9.9) 52
(1.2.1)
(1.0.4)
(2.60)
(2.69)
Scripting (1.50)
(1.83.1)
Forgery (1.62)
Forgery (2.51)
117
Vulnerability Name CVE CWE Severity
Injection (2.0.7)
Forgery (1.0)
Injection (2.0)
(2.51) 52
Injection (2.9.4)
Execution (0.9.9)
Scripting (1.9.3)
Injection (2.62)
Forgery (1.3.10)
Scripting (3.1.3)
Forgery (1.4.9)
118
Vulnerability Name CVE CWE Severity
Forgery (2.7)
(2.11.8.17)
(1.5.2)
Upload (3.4.6)
(1.9.28)
Scripting (3.7.5.3)
(3.4.9)
(3.4.2)
(1.1.9)
(1.4.2)
119
Vulnerability Name CVE CWE Severity
(4.8.8.4) 52
Scripting (1.3.4)
Vulnerabilities (1.3.12) 9
Vulnerabilities (1.4.17) 9
Scripting (1.5.2)
120
Vulnerability Name CVE CWE Severity
(1.4.1)
Upload (1.4.3.1)
Vulnerabilities (1.10.2) 9
Vulnerabilities (1.7.0) 52
Bypass (1.3.0)
121
Vulnerability Name CVE CWE Severity
Vulnerability (1.6.8)
Scripting (2.0.3)
Injection (1.4.9)
Injection (1.0.8)
Scripting (1.0)
122
Vulnerability Name CVE CWE Severity
Injection (1.2.1)
Scripting (1.6.2)
Vulnerability (1.6.8)
Injection (2.1)
Scripting (4.7.0.5)
Injection (1.7.3.3)
123
Vulnerability Name CVE CWE Severity
Bypass (1.4.6)
Injection (3.11)
Injection (3.33.1)
WordPress Plugin WordPress Survey & Poll SQL CVE-2015-2090 CWE-89 High
Injection (1.1.91)
Vulnerabilities (1.5.4) 52
Scripting (3.3.5)
Scripting (3.8.1)
Scripting (3.8.6)
Scripting (5.1.2)
Scripting (5.1.4)
124
Vulnerability Name CVE CWE Severity
Scripting (5.2.2)
Scripting (6.0.21)
Vulnerabilities (5.2.3) 93
Vulnerabilities (5.2.4) 64
Vulnerability (5.3.2)
Injection (1.16)
Redirect (1.1.1.1)
Injection (1.0.0)
(1.0.7)
(1.0 12319)
(2.2)
125
Vulnerability Name CVE CWE Severity
WordPress Plugin Xorbin Analog Flash Clock Cross- CVE-2013-4692 CWE-79 High
WordPress Plugin Xorbin Digital Flash Clock Cross- CVE-2013-4693 CWE-79 High
(5.7.3)
Vulnerability (5.7.7)
126
Vulnerability Name CVE CWE Severity
Scripting (3.3.2)
Scripting (0.3.0)
Injection (1.1)
(2.0.1)
(1.0.1)
Scripting (2.4.2)
WordPress Plugin Zingiri Web Shop Multiple Cross- CVE-2012-6506 CWE-79 High
Vulnerability (2.6.5)
Download (1.4)
WordPress Plugin ZooEffect for Video player Photo CVE-2011-5180 CWE-79 High
Scripting (1.2.5)
Vulnerability (1.3.9)
Injection (4.4)
127
Vulnerability Name CVE CWE Severity
Vulnerabilities (1.0) 52
(2.5.6)
(0.9.3)
Scripting (0.800)
Scripting (2.1.0)
WordPress Plugin eBay Feeds for WordPress Cross- CVE-2014-4525 CWE-79 High
Traversal (1.1)
Scripting (2.1.2)
Scripting (2.1.6)
(6.3.13) 52
(6.3.14) 9
Injection (2.1)
Forgery (0.1)
128
Vulnerability Name CVE CWE Severity
Scripting (1.1.19)
Upload (2.7)
(0.04) 52
Forgery (1.2)
(2.3.1)
(3.6.1)
129
Vulnerability Name CVE CWE Severity
(2.5.0) 52
Vulnerabilities (3.0.6) 9
Vulnerabilities (3.1.2) 52
Scripting (1.0)
(1.10)
(1.4b4)
Injection (2.6)
(2.4.10)
Scripting (1.1)
(8.8.10.13)
Scripting (2.6)
(2.6.1.1)
130
Vulnerability Name CVE CWE Severity
Forgery (2.5.34)
(2.5.39)
(3.4.3)
Scripting (0.1.3)
Forgery (2.1)
131
Vulnerability Name CVE CWE Severity
Disclosure (1.3.0)
(5.8)
Scripting (1.0.3)
Scripting (0.4.0)
Scripting (1.0)
Scripting (1.5b)
Upload (1.5.3)
(1.5.3)
Download (1.0.3)
Vulnerabilities (2.2) 52
Forgery (1.4)
WordPress Plugin zM Ajax Login & Register Multiple CVE-2015-4153 CVE-2015-4465 CWE-22 CWE-7 High
Vulnerabilities (1.0.9) 9
Scripting (0.5.11.07)
(1.5.2 - 1.5.2)
cache filenames
authentication
132
Vulnerability Name CVE CWE Severity
escalation vulnerabilities
vulnerability
disclosure
generation
XSS on Apache HTTP Server 413 error pages via CVE-2007-6203 CWE-79 Medium
Zabbix 1.8.x-2.2.x Local File Inclusion via XXE Attack CWE-611 High
Zend Framework local file disclosure via XXE CVE-2012-3363 CWE-611 High
injection
disclosure
lighttpd v1.4.34 SQL injection and path traversal CVE-2014-2323 CVE-2014-2324 CWE-89 High
133
Vulnerability Name CVE CWE Severity
vulnerability
134