OctoberCMS is a CMS similar to WordPress, but with much less "fluff". The SECURELI.com team identified the latest version of OctoberCMS relying on Bootstrap 3.3.7, jQuery 1.11.1, and jQuery 3.3.1. All of these dependencies are vulnerable.
f681fa16535fadc7191cd66f822dffa7d216f8af2a34f5deedc5787f586eef6aGoogle Chrome suffers from an issue where it will leak all passwords for a given domain.
33a0fcd84f7d28b117dfeeff9b4d5a05b73aa52f8f1ca18f372566a831eda0acRetireJS was scanned with itself and found to contain multiple vulnerabilities.
4e8b916c17b0c91c44cbc6d5b8acbfe29f91cc8033f1c166b9f6c738157025a2dotCMS version 5.1.1 suffers from cross site scripting and open redirection vulnerabilities.
4c91f2941dc39193335aef9be0f18ffdb761fd3326b97a09f147222f47804ba3dotCMS version 5.1.1 suffers from cross site scripting and various other vulnerabilities due to various open source dependencies.
807354717454bcddf23878f723cf0673fbb451acfadadb8aeb6ae4f5faa523c1WordPress versions 4.4 and below leak whether or not a username exists in their login flow.
1fcd8c4fe8a6f66633988433b2ccfbe5217d776751625c4284b08e7c7dd51fe0WordPress versions 4.0 and below suffer from a denial of service vulnerability.
db06a68758cd9dad1d5395c990fc04dd3f23911c44cbcde51be81bd708299ba0openAcunetic is an open source java-based web application vulnerability scanner.
0f54c34b400f277378cf94969b4343cb6d90574f229786adbbf0ec2258d03503It appears that the Vonage VoIP telephone adapter comes with an embedded login of user with a password of user.
8fa0bcdf0449b90a1155919f3af5b775eb05b38ec790226c77fb954515bad07bClonusWiki version 0.5 suffers from a cross site scripting vulnerability.
289d9544c7f43f9c4c6fa455f0685062750af0d98e316537030a2a0c7b60ad38CubeCart version 3.0.16 suffers from a SQL injection vulnerability.
b67323882e8c104f606a9d286fda07f3a0630e85ae7c8a3881213f91648023f5RM EasyMail Plus suffers from a cross site scripting vulnerability.
af3bbf3808809cc93d0f9b0ec689028f0111cfe61ecbb1b7644e955733e69fb7PsychoStats version 3.0.6b suffers from multiple cross site scripting vulnerabilities.
88ad6e7e1f5a4cf83d4e74ee1b64a060a2154b3f0351442fa38bf056c27a108fHLstats version 1.35 suffers from a cross site scripting vulnerability. Second version.
2e33e129c421a01bd2c831dae1c20c685eedcbb77a71062a204fa1d74e4be9e7HLstats version 1.35 suffers from a cross site scripting vulnerability.
f003331dc20cb468a0a744d3e6e8f268171785452b05ea1c7583b53cd7b2a256Redoable version 1.2 suffers from a cross site scripting vulnerability.
7d0dd4340c9b0f1d1ef16a94a5377aa35e45b904f488be9ab6c10246c83ca5beVP-ASP Shopping Cart version 6.50 suffers from a cross site scripting vulnerability.
3e9cb216e7e75a78b428045471d464e3821ad630614ddd91e379bfbc7b2492dfDrake CMS version 0.4.0 suffers from a CRLF injection vulnerability.
4eb665e684ba69f5947c585c36420635d04b563e0e41a249a320faf92c12810eCubeCart version 3.0.15 suffers from a CRLF injection vulnerability.
ccc2c9eff2be86c3cf5e212c278a15bee192a0e413da14463054cc98baaeb1a4SunShop version 4 suffers from cookie manipulation, cross site scripting, and SQL injection vulnerabilities.
304b3750a50eb4d0ac9ce9d5a7db92756044d4ebddbf1b996aa1ab3777da6fa8Podium CMS suffers from a cookie manipulation vulnerability.
a75f1591308fc2a359322a945adc472de83f2cb33437d4cf3e24de44dfedf144ACP3 suffers from cookie manipulation, cross site scripting, and SQL injection vulnerabilities.
0320ab472c4b7bb1752a2e07b168cbc0be4e5d9fe0d1f048231a6de5e3aee119phpMySpace Gold version 8.10 suffers from a blind SQL injection vulnerability.
89dc9b946f4c351bf1b066f7e308857dcb3ca2ec6ce120560a1d9e3a42b81314Ripe Website Manager versions 0.8.4 and below suffer from a cross site scripting vulnerability.
977ecfcaf20a5a72669e5f5cd307b061392a16d6c52492e26512d2db4b49f696Galix version 2.0 is susceptible to a cross site scripting vulnerability.
ea37257ee871870d8689cf712d58ce07955c7f84d75ad80001399a5b45f19f66
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed