OctoberCMS is a CMS similar to WordPress, but with much less "fluff". The SECURELI.com team identified the latest version of OctoberCMS relying on Bootstrap 3.3.7, jQuery 1.11.1, and jQuery 3.3.1. All of these dependencies are vulnerable.
f681fa16535fadc7191cd66f822dffa7d216f8af2a34f5deedc5787f586eef6a
Google Chrome suffers from an issue where it will leak all passwords for a given domain.
33a0fcd84f7d28b117dfeeff9b4d5a05b73aa52f8f1ca18f372566a831eda0ac
RetireJS was scanned with itself and found to contain multiple vulnerabilities.
4e8b916c17b0c91c44cbc6d5b8acbfe29f91cc8033f1c166b9f6c738157025a2
dotCMS version 5.1.1 suffers from cross site scripting and open redirection vulnerabilities.
4c91f2941dc39193335aef9be0f18ffdb761fd3326b97a09f147222f47804ba3
dotCMS version 5.1.1 suffers from cross site scripting and various other vulnerabilities due to various open source dependencies.
807354717454bcddf23878f723cf0673fbb451acfadadb8aeb6ae4f5faa523c1
WordPress versions 4.4 and below leak whether or not a username exists in their login flow.
1fcd8c4fe8a6f66633988433b2ccfbe5217d776751625c4284b08e7c7dd51fe0
WordPress versions 4.0 and below suffer from a denial of service vulnerability.
db06a68758cd9dad1d5395c990fc04dd3f23911c44cbcde51be81bd708299ba0
openAcunetic is an open source java-based web application vulnerability scanner.
0f54c34b400f277378cf94969b4343cb6d90574f229786adbbf0ec2258d03503
It appears that the Vonage VoIP telephone adapter comes with an embedded login of user with a password of user.
8fa0bcdf0449b90a1155919f3af5b775eb05b38ec790226c77fb954515bad07b
ClonusWiki version 0.5 suffers from a cross site scripting vulnerability.
289d9544c7f43f9c4c6fa455f0685062750af0d98e316537030a2a0c7b60ad38
CubeCart version 3.0.16 suffers from a SQL injection vulnerability.
b67323882e8c104f606a9d286fda07f3a0630e85ae7c8a3881213f91648023f5
RM EasyMail Plus suffers from a cross site scripting vulnerability.
af3bbf3808809cc93d0f9b0ec689028f0111cfe61ecbb1b7644e955733e69fb7
PsychoStats version 3.0.6b suffers from multiple cross site scripting vulnerabilities.
88ad6e7e1f5a4cf83d4e74ee1b64a060a2154b3f0351442fa38bf056c27a108f
HLstats version 1.35 suffers from a cross site scripting vulnerability. Second version.
2e33e129c421a01bd2c831dae1c20c685eedcbb77a71062a204fa1d74e4be9e7
HLstats version 1.35 suffers from a cross site scripting vulnerability.
f003331dc20cb468a0a744d3e6e8f268171785452b05ea1c7583b53cd7b2a256
Redoable version 1.2 suffers from a cross site scripting vulnerability.
7d0dd4340c9b0f1d1ef16a94a5377aa35e45b904f488be9ab6c10246c83ca5be
VP-ASP Shopping Cart version 6.50 suffers from a cross site scripting vulnerability.
3e9cb216e7e75a78b428045471d464e3821ad630614ddd91e379bfbc7b2492df
Drake CMS version 0.4.0 suffers from a CRLF injection vulnerability.
4eb665e684ba69f5947c585c36420635d04b563e0e41a249a320faf92c12810e
CubeCart version 3.0.15 suffers from a CRLF injection vulnerability.
ccc2c9eff2be86c3cf5e212c278a15bee192a0e413da14463054cc98baaeb1a4
SunShop version 4 suffers from cookie manipulation, cross site scripting, and SQL injection vulnerabilities.
304b3750a50eb4d0ac9ce9d5a7db92756044d4ebddbf1b996aa1ab3777da6fa8
Podium CMS suffers from a cookie manipulation vulnerability.
a75f1591308fc2a359322a945adc472de83f2cb33437d4cf3e24de44dfedf144
ACP3 suffers from cookie manipulation, cross site scripting, and SQL injection vulnerabilities.
0320ab472c4b7bb1752a2e07b168cbc0be4e5d9fe0d1f048231a6de5e3aee119
phpMySpace Gold version 8.10 suffers from a blind SQL injection vulnerability.
89dc9b946f4c351bf1b066f7e308857dcb3ca2ec6ce120560a1d9e3a42b81314
Ripe Website Manager versions 0.8.4 and below suffer from a cross site scripting vulnerability.
977ecfcaf20a5a72669e5f5cd307b061392a16d6c52492e26512d2db4b49f696
Galix version 2.0 is susceptible to a cross site scripting vulnerability.
ea37257ee871870d8689cf712d58ce07955c7f84d75ad80001399a5b45f19f66