Invicti Advisories / Invicti Web Application Security Scanner

Web Application Advisories by Invicti

The below is a list of advisories about vulnerabilities in web applications identified with Invicti’s scanning engine, which is used in desktop based scanner Invicti Standard and in the online web security service Invicti Enterprise.

Advisories Released in 2021

Name

NS-21-001

Cross-Site Scripting Vulnerability in Chamilo LMS 1.11.14

NS-21-001

Cross-Site Scripting Vulnerability in Chamilo LMS 1.11.14

NS-21-002

Cross-Site Scripting Vulnerability in Zen Cart 1.5.7

NS-21-002

Cross-Site Scripting Vulnerability in Zen Cart 1.5.7

NS-21-003

Cross-Site Scripting vulnerability in Ampache 4.4.2

NS-21-003

Cross-Site Scripting vulnerability in Ampache 4.4.2

NS-21-004

Cross-site Scripting vulnerability in Kajona CMS 6.2

NS-21-004

Cross-site Scripting vulnerability in Kajona CMS 6.2

Advisories Released in 2020

Name

NS-20-001

Cross-Site Scripting Vulnerability in Geeklog 2.2.1

NS-20-001

Cross-Site Scripting Vulnerability in Geeklog 2.2.1

NS-20-002

Blind SQL Injection Vulnerability in Geeklog 2.2.1

NS-20-002

Blind SQL Injection Vulnerability in Geeklog 2.2.1

NS-20-003

Cross-Site Scripting Vulnerabilities in IlchCMS 2.1.37

NS-20-003

Cross-Site Scripting Vulnerabilities in IlchCMS 2.1.37

NS-20-004

Cross-Site Scripting Vulnerabilities in BigtreeCMS 4.4.11

NS-20-004

Cross-Site Scripting Vulnerabilities in BigtreeCMS 4.4.11

NS-20-005

Cross-Site Scripting Vulnerabilities in SEOPanel 4.6.0

NS-20-005

Cross-Site Scripting Vulnerabilities in SEOPanel 4.6.0

NS-20-006

SQL Injection Vulnerability in SEOPanel 4.6.0

NS-20-006

SQL Injection Vulnerability in SEOPanel 4.6.0

Advisories Released in 2019

Name

NS-19-001

Reflected Cross-site Scripting Vulnerability in Kanboard 1.2.7

NS-19-001

Reflected Cross-site Scripting Vulnerability in Kanboard 1.2.7

NS-19-002

Multiple Reflected Cross-site Scripting Vulnerabilities in VFront 0.99.5

NS-19-002

Multiple Reflected Cross-site Scripting Vulnerabilities in VFront 0.99.5

NS-19-003

Stored Cross-site Scripting Vulnerability in VFront 0.99.5

NS-19-003

Stored Cross-site Scripting Vulnerability in VFront 0.99.5

NS-19-004

Multiple Cross-site Scripting Vulnerabilities in Shopware 5.5.6

NS-19-004

Multiple Cross-site Scripting Vulnerabilities in Shopware 5.5.6

NS-19-005

Reflected Cross-site Scripting Vulnerability in Ponzu CMS 0.9.4

NS-19-005

Reflected Cross-site Scripting Vulnerability in Ponzu CMS 0.9.4

NS-19-006

Multiple Reflected Cross-site Scripting Vulnerabilities in phpFK lite-version

NS-19-006

Multiple Reflected Cross-site Scripting Vulnerabilities in phpFK lite-version

NS-19-007

Code Evaluation Vulnerability in Zurmo 3.2.6

NS-19-007

Code Evaluation Vulnerability in Zurmo 3.2.6

NS-19-008

Reflected Cross-site Scripting Vulnerability in Zurmo 3.2.6

NS-19-008

Reflected Cross-site Scripting Vulnerability in Zurmo 3.2.6

NS-19-009

Out of Band Code Evaluation Vulnerability in Zurmo 3.2.6

NS-19-009

Out of Band Code Evaluation Vulnerability in Zurmo 3.2.6

NS-19-010

Stored Cross-site Scripting Vulnerability in Zurmo 3.2.6

NS-19-010

Stored Cross-site Scripting Vulnerability in Zurmo 3.2.6

NS-19-011

Frame Injection Vulnerability in Zurmo 3.2.6

NS-19-011

Frame Injection Vulnerability in Zurmo 3.2.6

NS-19-012

Open Redirection Vulnerability in Zurmo 3.2.6

NS-19-012

Open Redirection Vulnerability in Zurmo 3.2.6

NS-19-013

Multiple CSRF Vulnerabilities in Django CRM 0.2.1

NS-19-013

Multiple CSRF Vulnerabilities in Django CRM 0.2.1

NS-19-014

Multiple Reflected Cross-site Scripting Vulnerabilities in OpenEdx version Ironwood.1

NS-19-014

Multiple Reflected Cross-site Scripting Vulnerabilities in OpenEdx version Ironwood.1

NS-19-015

Multiple Cross-site Scripting Vulnerabilities in Openfire 4.4.1

NS-19-015

Multiple Cross-site Scripting Vulnerabilities in Openfire 4.4.1

NS-19-016

Multiple Cross-site Scripting Vulnerabilities in ilchCMS 2.1.23

NS-19-016

Multiple Cross-site Scripting Vulnerabilities in ilchCMS 2.1.23

NS-19-017

Multiple Reflected Cross-site Scripting Vulnerabilities in ERPNext 11.1.47

NS-19-017

Multiple Reflected Cross-site Scripting Vulnerabilities in ERPNext 11.1.47

NS-19-018

Frame Injection Vulnerability in ERPNext 11.1.47

NS-19-018

Frame Injection Vulnerability in ERPNext 11.1.47

Advisories Released in 2018

Name

NS-18-001

Multiple XSS Vulnerabilities in Gibbon v14.0.01

NS-18-001

Multiple XSS Vulnerabilities in Gibbon v14.0.01

NS-18-002

Frame Injection Vulnerabilities in Gibbon v14.0.01

NS-18-002

Frame Injection Vulnerabilities in Gibbon v14.0.01

NS-18-003

Multiple Reflected XSS Vulnerabilities in TCexam 14.0.3

NS-18-003

Multiple Reflected XSS Vulnerabilities in TCexam 14.0.3

NS-18-004

Stored XSS Vulnerability in Omeka 2.6

NS-18-004

Stored XSS Vulnerability in Omeka 2.6

NS-18-005

Stored XSS Vulnerability in BigTreeCMS 4.2.19

NS-18-005

Stored XSS Vulnerability in BigTreeCMS 4.2.19

NS-18-006

Multiple Reflected Cross-site Scripting Vulnerabilities in Dotclear 2.13.1

NS-18-006

Multiple Reflected Cross-site Scripting Vulnerabilities in Dotclear 2.13.1

NS-18-007

Multiple Cross-site Scripting Vulnerabilities in TangoBB 1.5.1

NS-18-007

Multiple Cross-site Scripting Vulnerabilities in TangoBB 1.5.1

NS-18-008

Multiple Cross-site Scripting Vulnerabilities in ClipperCMS 1.3.3

NS-18-008

Multiple Cross-site Scripting Vulnerabilities in ClipperCMS 1.3.3

NS-18-009

Frame Injection Vulnerabilities in TikiWiki 17.1

NS-18-009

Frame Injection Vulnerabilities in TikiWiki 17.1

NS-18-010

Multiple Cross-site Scripting Vulnerabilities in TikiWiki 17.1

NS-18-010

Multiple Cross-site Scripting Vulnerabilities in TikiWiki 17.1

NS-18-011

Stored Cross-site Scripting in inoERP 0.6.1

NS-18-011

Stored Cross-site Scripting in inoERP 0.6.1

NS-18-012

Stored Cross-site Scripting Vulnerability in Platformus 1.0.0-alpha21

NS-18-012

Stored Cross-site Scripting Vulnerability in Platformus 1.0.0-alpha21

NS-18-013

Cross Site Request Forgery Vulnerability in Platformus 1.0.0-alpha21

NS-18-013

Cross Site Request Forgery Vulnerability in Platformus 1.0.0-alpha21

NS-18-014

PHP Code Evaluation Vulnerability in Wolf CMS 0.8.3.1

NS-18-014

PHP Code Evaluation Vulnerability in Wolf CMS 0.8.3.1

NS-18-015

Multiple Cross-site Scripting Vulnerabilities in Dolibarr 7.0.3

NS-18-015

Multiple Cross-site Scripting Vulnerabilities in Dolibarr 7.0.3

NS-18-016

Reflected Cross-site Scripting Vulnerability in BigTree CMS 4.2.23

NS-18-016

Reflected Cross-site Scripting Vulnerability in BigTree CMS 4.2.23

NS-18-017

Cross-site Request Forgery Vulnerabilities in Serenity 3.0.5

NS-18-017

Cross-site Request Forgery Vulnerabilities in Serenity 3.0.5

NS-18-018

SQL Injection Vulnerabilities in FuelCMS 1.4.1

NS-18-018

SQL Injection Vulnerabilities in FuelCMS 1.4.1

NS-18-019

Code Evaluations in FuelCMS 1.4.1

NS-18-019

Code Evaluations in FuelCMS 1.4.1

NS-18-020

Cross-site Scripting Vulnerabilities in Carbon Forum 5.9.0

NS-18-020

Cross-site Scripting Vulnerabilities in Carbon Forum 5.9.0

NS-18-021

Open Redirection Vulnerabilities in Eventum v3.3.4

NS-18-021

Open Redirection Vulnerabilities in Eventum v3.3.4

NS-18-022

Multiple Reflected Cross-site Scripting Vulnerabilities in Seopanel 3.13.0

NS-18-022

Multiple Reflected Cross-site Scripting Vulnerabilities in Seopanel 3.13.0

NS-18-023

SQL Injection and Blind SQL Injection Vulnerabilities in SOPlanning 1.41

NS-18-023

SQL Injection and Blind SQL Injection Vulnerabilities in SOPlanning 1.41

NS-18-024

Multiple Cross-Site Scripting Vulnerabilities in FreshRSS 1.11.1

NS-18-024

Multiple Cross-Site Scripting Vulnerabilities in FreshRSS 1.11.1

NS-18-025

Reflected Cross-site Scripting Vulnerability in CubeCart 6.2.2

NS-18-025

Reflected Cross-site Scripting Vulnerability in CubeCart 6.2.2

NS-18-026

Reflected Cross-site Scripting Vulnerability in Typesetter 5.1

NS-18-026

Reflected Cross-site Scripting Vulnerability in Typesetter 5.1

NS-18-027

Multiple Cross-site Scripting Vulnerabilities in Chamilo 1.11.6

NS-18-027

Multiple Cross-site Scripting Vulnerabilities in Chamilo 1.11.6

NS-18-028

SQL Injection Vulnerabilities in Chamilo 1.11.6

NS-18-028

SQL Injection Vulnerabilities in Chamilo 1.11.6

NS-18-029

Multiple Cross-site Scripting Vulnerabilities in OSclass 3.7.4

NS-18-029

Multiple Cross-site Scripting Vulnerabilities in OSclass 3.7.4

NS-18-030

Multiple Cross-site Scripting Vulnerabilities in Plikli 4.0.0

NS-18-030

Multiple Cross-site Scripting Vulnerabilities in Plikli 4.0.0

NS-18-031

Blind SQL Injection Vulnerabilities in Plikli 4.0.0

NS-18-031

Blind SQL Injection Vulnerabilities in Plikli 4.0.0

NS-18-032

Stored Cross-site Scripting Vulnerability in ForkCMS 5.0.6

NS-18-032

Stored Cross-site Scripting Vulnerability in ForkCMS 5.0.6

NS-18-033

Multiple Cross-site Scripting Vulnerabilities in ImpressCMS 1.3.10

NS-18-033

Multiple Cross-site Scripting Vulnerabilities in ImpressCMS 1.3.10

NS-18-034

Code Evolution (PHP) Vulnerability in Zurmo 2.3.4

NS-18-034

Code Evolution (PHP) Vulnerability in Zurmo 2.3.4

NS-18-035

Multiple Cross-site Scripting Vulnerabilities in Zurmo 2.3.4

NS-18-035

Multiple Cross-site Scripting Vulnerabilities in Zurmo 2.3.4

NS-18-036

SQL injection Vulnerability in Zurmo 2.3.4

NS-18-036

SQL injection Vulnerability in Zurmo 2.3.4

NS-18-037

Open Redirection Vulnerability in ForkCMS 5.0.6

NS-18-037

Open Redirection Vulnerability in ForkCMS 5.0.6

NS-18-038

Reflected Cross-site Scripting Vulnerability in Microweber 1.0.8

NS-18-038

Reflected Cross-site Scripting Vulnerability in Microweber 1.0.8

NS-18-039

Multiple Cross-site Scripting Vulnerabilities in GeniXCMS 1.1.5

NS-18-039

Multiple Cross-site Scripting Vulnerabilities in GeniXCMS 1.1.5

NS-18-040

Multiple Cross-site Scripting Vulnerabilities in Family Connections 3.7.0

NS-18-040

Multiple Cross-site Scripting Vulnerabilities in Family Connections 3.7.0

NS-18-041

DOM Based Cross-site Scripting Vulnerability in Sharrre 2.0.1

NS-18-041

DOM Based Cross-site Scripting Vulnerability in Sharrre 2.0.1

NS-18-042

Reflected Cross-site Scripting in Mantis 2.11.1

NS-18-042

Reflected Cross-site Scripting in Mantis 2.11.1

NS-18-043

Multiple Cross-site Scripting Vulnerabilities in ZenPhoto 1.4.14

NS-18-043

Multiple Cross-site Scripting Vulnerabilities in ZenPhoto 1.4.14

NS-18-044

Open Redirection Vulnerabilities in OrangeForum 1.4.0

NS-18-044

Open Redirection Vulnerabilities in OrangeForum 1.4.0

NS-18-045

XML External Entity Injection Vulnerability in BlogEngine 3.3

NS-18-045

XML External Entity Injection Vulnerability in BlogEngine 3.3

NS-18-046

Multiple Reflected Cross-site Scripting Vulnerabilities in Ampache 3.9.0

NS-18-046

Multiple Reflected Cross-site Scripting Vulnerabilities in Ampache 3.9.0

NS-18-047

Multiple Cross-site Scripting Vulnerabilities in FluxBB 1.5.10

NS-18-047

Multiple Cross-site Scripting Vulnerabilities in FluxBB 1.5.10

NS-18-048

Cross-site Scripting via XML Vulnerability in DNN 9.1

NS-18-048

Cross-site Scripting via XML Vulnerability in DNN 9.1

NS-18-049

Cross-site Scripting Vulnerability in Abantecart 1.2.12

NS-18-049

Cross-site Scripting Vulnerability in Abantecart 1.2.12

NS-18-050

Multiple Reflected Cross-site Scripting Vulnerabilities in Coppermine 1.5.46

NS-18-050

Multiple Reflected Cross-site Scripting Vulnerabilities in Coppermine 1.5.46

NS-18-051

Stored Cross-site Scripting Vulnerability in Podcast Generator 2.7

NS-18-051

Stored Cross-site Scripting Vulnerability in Podcast Generator 2.7

NS-18-052

Reflected Cross-site Scripting Vulnerability in Collabtive 3.1

NS-18-052

Reflected Cross-site Scripting Vulnerability in Collabtive 3.1

NS-18-053

Multiple Reflected Cross-site Scripting Vulnerabilities in WeBid 1.2.2

NS-18-053

Multiple Reflected Cross-site Scripting Vulnerabilities in WeBid 1.2.2

NS-18-054

Multiple Cross-site Scripting Vulnerabilities in PluXml 5.7

NS-18-054

Multiple Cross-site Scripting Vulnerabilities in PluXml 5.7

NS-18-055

Boolean SQL Injection Vulnerability in Monica 1.8.2

NS-18-055

Boolean SQL Injection Vulnerability in Monica 1.8.2

NS-18-056

Open Redirection Vulnerability in GetSimpleCMS 3.3.13

NS-18-056

Open Redirection Vulnerability in GetSimpleCMS 3.3.13

NS-18-057

Multiple Cross-site Scripting Vulnerabilities in Zencart 1.5.5f

NS-18-057

Multiple Cross-site Scripting Vulnerabilities in Zencart 1.5.5f

NS-18-058

SQL Injection Vulnerabilities in inoERP 0.6.1

NS-18-058

SQL Injection Vulnerabilities in inoERP 0.6.1

NS-18-059

Multiple Cross-Site Scripting Vulnerabilities in HTMLy 2.7.4

NS-18-059

Multiple Cross-Site Scripting Vulnerabilities in HTMLy 2.7.4

NS-18-060

Cross-site Scripting Vulnerability in ElkArte 1.1.0

NS-18-060

Cross-site Scripting Vulnerability in ElkArte 1.1.0

NS-18-061

Multiple Cross-site Scripting Vulnerabilities in ProjectSend r1053

NS-18-061

Multiple Cross-site Scripting Vulnerabilities in ProjectSend r1053

Advisories Released in 2017

Name

NS-17-001

Multiple Reflected XSS Vulnerabilities in Collabtive

NS-17-001

Multiple Reflected XSS Vulnerabilities in Collabtive

NS-17-002

Multiple Reflected XSS Vulnerabilities in MyLittleForum

NS-17-002

Multiple Reflected XSS Vulnerabilities in MyLittleForum

NS-17-003

Multiple Reflected XSS Vulnerabilities in SpiderFoot

NS-17-003

Multiple Reflected XSS Vulnerabilities in SpiderFoot

NS-17-004

Multiple Reflected XSS Vulnerabilities in NodCMS 1.0

NS-17-004

Multiple Reflected XSS Vulnerabilities in NodCMS 1.0

NS-17-005

Blind SQL Injection Vulnerability in SweetRice

NS-17-005

Blind SQL Injection Vulnerability in SweetRice

NS-17-006

Reflected XSS Vulnerability in Yii Framework

NS-17-006

Reflected XSS Vulnerability in Yii Framework

NS-17-007

Multiple Reflected XSS Vulnerabilities in Powebform 1.0.3

NS-17-007

Multiple Reflected XSS Vulnerabilities in Powebform 1.0.3

NS-17-008

Reflected XSS Vulnerability in Hexjector

NS-17-008

Reflected XSS Vulnerability in Hexjector

NS-17-009

Reflected XSS Vulnerability in OTP

NS-17-009

Reflected XSS Vulnerability in OTP

NS-17-010

Reflected XSS Vulnerability in Upload Script for Images and Audio files

NS-17-010

Reflected XSS Vulnerability in Upload Script for Images and Audio files

NS-17-011

Reflected XSS Vulnerability in dirLIST

NS-17-011

Reflected XSS Vulnerability in dirLIST

NS-17-012

Reflected XSS Vulnerability in phpRFT

NS-17-012

Reflected XSS Vulnerability in phpRFT

NS-17-013

Reflected XSS Vulnerability in Simple Picture Gallery Manager

NS-17-013

Reflected XSS Vulnerability in Simple Picture Gallery Manager

NS-17-014

Multiple Reflected XSS Vulnerabilities in PHPBB template test suite 2.0.11 (beta)

NS-17-014

Multiple Reflected XSS Vulnerabilities in PHPBB template test suite 2.0.11 (beta)

NS-17-015

Multiple Reflected XSS Vulnerabilities in Content2

NS-17-015

Multiple Reflected XSS Vulnerabilities in Content2

NS-17-016

SQL Injection Vulnerability in Content2

NS-17-016

SQL Injection Vulnerability in Content2

NS-17-017

Reflected XSS Vulnerability in MaxForum

NS-17-017

Reflected XSS Vulnerability in MaxForum

NS-17-018

Reflected XSS Vulnerability in PHuPload

NS-17-018

Reflected XSS Vulnerability in PHuPload

NS-17-019

Reflected XSS Vulnerability in infoERP

NS-17-019

Reflected XSS Vulnerability in infoERP

NS-17-020

Multiple Reflected XSS Vulnerabilities in Free CMMS 0.04

NS-17-020

Multiple Reflected XSS Vulnerabilities in Free CMMS 0.04

NS-17-021

Reflected XSS Vulnerability in Online Inventory Manager

NS-17-021

Reflected XSS Vulnerability in Online Inventory Manager

NS-17-022

XSS, CSRF and Multiple Other Vulnerabilities in CubeCart

NS-17-022

XSS, CSRF and Multiple Other Vulnerabilities in CubeCart

NS-17-023

Multiple Reflected XSS Vulnerabilities in Vfront 0.99.4

NS-17-023

Multiple Reflected XSS Vulnerabilities in Vfront 0.99.4

NS-17-024

Reflected XSS Vulnerability in PHProxy 0.5b2

NS-17-024

Reflected XSS Vulnerability in PHProxy 0.5b2

NS-17-025

Multiple Reflected XSS Vulnerabilities in PHFTP 4.2

NS-17-025

Multiple Reflected XSS Vulnerabilities in PHFTP 4.2

NS-17-026

Reflected XSS Vulnerability in PluXML 5.5

NS-17-026

Reflected XSS Vulnerability in PluXML 5.5

NS-17-027

Multiple Reflected XSS Vulnerabilities in Chronosite 5.1.2

NS-17-027

Multiple Reflected XSS Vulnerabilities in Chronosite 5.1.2

NS-17-028

Multiple Blind SQL Injection Vulnerabilities in Chronosite 5.1.2

NS-17-028

Multiple Blind SQL Injection Vulnerabilities in Chronosite 5.1.2

NS-17-029

Reflected XSS Vulnerability in Wirawan Test 10okt2016

NS-17-029

Reflected XSS Vulnerability in Wirawan Test 10okt2016

NS-17-030

Multiple Reflected XSS Vulnerabilities in phpfk Lite

NS-17-030

Multiple Reflected XSS Vulnerabilities in phpfk Lite

NS-17-031

Reflected XSS Vulnerability in CMS Made Simple

NS-17-031

Reflected XSS Vulnerability in CMS Made Simple

NS-17-032

Server-Side Template Injection Vulnerability in CMS Made Simple

NS-17-032

Server-Side Template Injection Vulnerability in CMS Made Simple

Advisories Released in 2016

Name

NS-16-001

HTTP Header Injection in LiteSpeed Web Server

NS-16-001

HTTP Header Injection in LiteSpeed Web Server

NS-16-002

XSS vulnerability in Mailpoet Newsletters WordPress plugin

NS-16-002

XSS vulnerability in Mailpoet Newsletters WordPress plugin

NS-16-003

Multiple XSS Vulnerabilities in CubeCart

NS-16-003

Multiple XSS Vulnerabilities in CubeCart

NS-16-004

XSS vulnerability in BulletProof Security WordPress plugin

NS-16-004

XSS vulnerability in BulletProof Security WordPress plugin

NS-16-005

Open Redirection Vulnerability in SmartStore

NS-16-005

Open Redirection Vulnerability in SmartStore

NS-16-006

Multiple XSS Vulnerabilities in Saurus CMS 4.7 FINAL

NS-16-006

Multiple XSS Vulnerabilities in Saurus CMS 4.7 FINAL

NS-16-007

Self XSS Vulnerability in Yoast SEO 3.3.2

NS-16-007

Self XSS Vulnerability in Yoast SEO 3.3.2

NS-16-008

Stored Multiple XSS Vulnerabilities in Clicky by Yoast 1.4.3

NS-16-008

Stored Multiple XSS Vulnerabilities in Clicky by Yoast 1.4.3

NS-16-009

Reflected XSS Vulnerability in WP-Polls 2.73

NS-16-009

Reflected XSS Vulnerability in WP-Polls 2.73

NS-16-010

Reflected XSS Vulnerability in PageKit 1.0.5

NS-16-010

Reflected XSS Vulnerability in PageKit 1.0.5

NS-16-011

Multiple XSS Vulnerabilities in Kajona v5

NS-16-011

Multiple XSS Vulnerabilities in Kajona v5

NS-16-012

Reflected XSS vulnerability in HESK help desk software

NS-16-012

Reflected XSS vulnerability in HESK help desk software

NS-16-013

Multiple Reflected XSS Vulnerabilities in Beehive Forum 1.4.7

NS-16-013

Multiple Reflected XSS Vulnerabilities in Beehive Forum 1.4.7

NS-16-014

Reflected XSS Vulnerability in Ovidentia 8.4.1

NS-16-014

Reflected XSS Vulnerability in Ovidentia 8.4.1

NS-16-015

Multiple Reflected XSS Vulnerabilities in Cockpit 0.13.0

NS-16-015

Multiple Reflected XSS Vulnerabilities in Cockpit 0.13.0

NS-16-016

Remote Code Evaluation (RCE) Vulnerabilities in Cockpit 0.13.0

NS-16-016

Remote Code Evaluation (RCE) Vulnerabilities in Cockpit 0.13.0

NS-16-017

Multiple Reflected XSS Vulnerabilities in Dotclear 2.9.1

NS-16-017

Multiple Reflected XSS Vulnerabilities in Dotclear 2.9.1

NS-16-018

Blind SQL Injection Vulnerability in eggBlog 4.1.2

NS-16-018

Blind SQL Injection Vulnerability in eggBlog 4.1.2

NS-16-019

Multiple Reflected XSS Vulnerabilities in eggBlog 4.1.2

NS-16-019

Multiple Reflected XSS Vulnerabilities in eggBlog 4.1.2

NS-16-020

Reflected XSS Vulnerability in Storytlr

NS-16-020

Reflected XSS Vulnerability in Storytlr

NS-16-021

Reflected and Stored XSS Vulnerabilities in Typesetter CMS

NS-16-021

Reflected and Stored XSS Vulnerabilities in Typesetter CMS

Advisories Released in 2015

Name

NS-15-001

XSS Vulnerability in Blubbry PowerPress WordPress Plugin

NS-15-001

XSS Vulnerability in Blubbry PowerPress WordPress Plugin

NS-15-002

XSS Vulnerability in Banner Effect Header WordPress Plugin

NS-15-002

XSS Vulnerability in Banner Effect Header WordPress Plugin

NS-15-003

Multiple XSS Vulnerabilities in ArticleFR

NS-15-003

Multiple XSS Vulnerabilities in ArticleFR

NS-15-004

Local File Inclusion Vulnerability in ArticleFR

NS-15-004

Local File Inclusion Vulnerability in ArticleFR

NS-15-005

SQL Injection Vulnerability in miniBB

NS-15-005

SQL Injection Vulnerability in miniBB

NS-15-006

XSS Vulnerability in miniBB

NS-15-006

XSS Vulnerability in miniBB

NS-15-007

DOM XSS vulnerability in Twenty Fifteen WordPress Theme

NS-15-007

DOM XSS vulnerability in Twenty Fifteen WordPress Theme

NS-15-008

Multiple XSS vulnerabilities in Concrete5

NS-15-008

Multiple XSS vulnerabilities in Concrete5

NS-15-009

Multiple XSS Vulnerabilities in WP Flash Player 1.3

NS-15-009

Multiple XSS Vulnerabilities in WP Flash Player 1.3

NS-15-010

XSS Vulnerability in phpMoAdmin

NS-15-010

XSS Vulnerability in phpMoAdmin

NS-15-011

XSS Vulnerability in Pligg CMS

NS-15-011

XSS Vulnerability in Pligg CMS

NS-15-012

XSS Vulnerability in phpMemAdmin

NS-15-012

XSS Vulnerability in phpMemAdmin

NS-15-013

Multiple XSS Vulnerabilities in Google Analyticator WordPress Plugin

NS-15-013

Multiple XSS Vulnerabilities in Google Analyticator WordPress Plugin

NS-15-014

XSS Vulnerability in DataTables

NS-15-014

XSS Vulnerability in DataTables

NS-15-015

SQL Injection Vulnerability in TestLink 1.9.13

NS-15-015

SQL Injection Vulnerability in TestLink 1.9.13

NS-15-016

Multiple XSS Vulnerabilities in TestLink 1.9.13

NS-15-016

Multiple XSS Vulnerabilities in TestLink 1.9.13

NS-15-017

Multiple XSS Vulnerabilities in Booked Scheduler 2.5.15

NS-15-017

Multiple XSS Vulnerabilities in Booked Scheduler 2.5.15

NS-15-018

CSRF Vulnerability in Booked Scheduler 2.5.15

NS-15-018

CSRF Vulnerability in Booked Scheduler 2.5.15

NS-15-019

Multiple XSS Vulnerabilities in zTree v3

NS-15-019

Multiple XSS Vulnerabilities in zTree v3

NS-15-020

DOM XSS Vulnerability in iCheck

NS-15-020

DOM XSS Vulnerability in iCheck

NS-15-021

Multiple DOM XSS Vulnerabilities in ScrollMagic

NS-15-021

Multiple DOM XSS Vulnerabilities in ScrollMagic

NS-15-022

Multiple XSS Vulnerabilities in BootstrapValidator

NS-15-022

Multiple XSS Vulnerabilities in BootstrapValidator

NS-15-023

XSS Vulnerability in OpenCart

NS-15-023

XSS Vulnerability in OpenCart

NS-15-024

XSS Vulnerability in Serendipity

NS-15-024

XSS Vulnerability in Serendipity

Advisories Released in 2014

Name

NS-14-001

Critical Blind SQL Injection Vulnerability in Pragyan CMS

NS-14-001

Critical Blind SQL Injection Vulnerability in Pragyan CMS

NS-14-002

XSS Vulnerabilities in Maian Weblog

NS-14-002

XSS Vulnerabilities in Maian Weblog

NS-14-003

XSS Vulnerabilities in Flat Nuke

NS-14-003

XSS Vulnerabilities in Flat Nuke

NS-14-004

XSS Vulnerabilities in UseBB

NS-14-004

XSS Vulnerabilities in UseBB

NS-14-005

XSS and SQL Injection Vulnerabilities in SamNews

NS-14-005

XSS and SQL Injection Vulnerabilities in SamNews

NS-14-006

XSS Vulnerabilities in Dokeos

NS-14-006

XSS Vulnerabilities in Dokeos

NS-14-007

XSS and SQL Vulnerabilities in e107

NS-14-007

XSS and SQL Vulnerabilities in e107

NS-14-008

XSS Vulnerabilities in phpAlbum

NS-14-008

XSS Vulnerabilities in phpAlbum

NS-14-009

XSS Vulnerabilities in MySeatXT

NS-14-009

XSS Vulnerabilities in MySeatXT

NS-14-010

XSS Vulnerabilities in Storytlr

NS-14-010

XSS Vulnerabilities in Storytlr

NS-14-011

XSS Vulnerabilities in Claroline

NS-14-011

XSS Vulnerabilities in Claroline

NS-14-012

XSS Vulnerabilities in PyroCMS

NS-14-012

XSS Vulnerabilities in PyroCMS

NS-14-013

XSS Vulnerabilities in TeamCity

NS-14-013

XSS Vulnerabilities in TeamCity

NS-14-014

XSS Vulnerabilities in Tiki Wiki CMS

NS-14-014

XSS Vulnerabilities in Tiki Wiki CMS

NS-14-015

XSS Vulnerabilities in FlatPress

NS-14-015

XSS Vulnerabilities in FlatPress

NS-14-016

XSS Vulnerabilities in Pragyan

NS-14-016

XSS Vulnerabilities in Pragyan

NS-14-017

XSS Vulnerabilities in Responsive File Manager v9.3.4

NS-14-017

XSS Vulnerabilities in Responsive File Manager v9.3.4

NS-14-018

XSS Vulnerabilities in FishEye

NS-14-018

XSS Vulnerabilities in FishEye

NS-14-019

XSS Vulnerability in SQL Buddy

NS-14-019

XSS Vulnerability in SQL Buddy

NS-14-020

XSS Vulnerabilities in Ajenti

NS-14-020

XSS Vulnerabilities in Ajenti

NS-14-021

XSS Vulnerabilities in osTicket

NS-14-021

XSS Vulnerabilities in osTicket

NS-14-022

XSS Vulnerabilities in Booked Scheduler

NS-14-022

XSS Vulnerabilities in Booked Scheduler

NS-14-023

XSS Vulnerability in KajonaCMS

NS-14-023

XSS Vulnerability in KajonaCMS

NS-14-024

XSS Vulnerability in October CMS

NS-14-024

XSS Vulnerability in October CMS

NS-14-025

XSS Vulnerability in Storytlr

NS-14-025

XSS Vulnerability in Storytlr

NS-14-026

XSS Vulnerability in PageCookery Microblog

NS-14-026

XSS Vulnerability in PageCookery Microblog

NS-14-027

XSS Vulnerability in SiteCake

NS-14-027

XSS Vulnerability in SiteCake

NS-14-028

XSS Vulnerability in PeoplePods

NS-14-028

XSS Vulnerability in PeoplePods

NS-14-029

LFI & XSS Vulnerability in Codiad

NS-14-029

LFI & XSS Vulnerability in Codiad

NS-14-030

XSS Vulnerabilities in osClass

NS-14-030

XSS Vulnerabilities in osClass

NS-14-031

LFI Vulnerability in osClass

NS-14-031

LFI Vulnerability in osClass

NS-14-032

Multiple XSS Vulnerabilities in LiteCart

NS-14-032

Multiple XSS Vulnerabilities in LiteCart

NS-14-033

XSS Vulnerability in Little Poll

NS-14-033

XSS Vulnerability in Little Poll

NS-14-034

XSS Vulnerability in Oxwall

NS-14-034

XSS Vulnerability in Oxwall

NS-14-035

XSS Vulnerability in The Bug Genie

NS-14-035

XSS Vulnerability in The Bug Genie

NS-14-036

XSS Vulnerability in Sharetronix

NS-14-036

XSS Vulnerability in Sharetronix

NS-14-037

XSS Vulnerability in ProjectSend

NS-14-037

XSS Vulnerability in ProjectSend

NS-14-038

XSS Vulnerabilities in Zikula

NS-14-038

XSS Vulnerabilities in Zikula

NS-14-039

XSS Vulnerability in Subrion CMS

NS-14-039

XSS Vulnerability in Subrion CMS

NS-14-040

Multiple XSS Vulnerabilities in KoolPHP

NS-14-040

Multiple XSS Vulnerabilities in KoolPHP

NS-14-041

XSS Vulnerability in Twiki (QUERYSTRING and QUERYPARAMSTRING)

NS-14-041

XSS Vulnerability in Twiki (QUERYSTRING and QUERYPARAMSTRING)

NS-14-042

XSS Vulnerability in Twiki WebSearch

NS-14-042

XSS Vulnerability in Twiki WebSearch

NS-14-043

Multiple SQL Injection Vulnerabilities in Openbiz Cubi

NS-14-043

Multiple SQL Injection Vulnerabilities in Openbiz Cubi

NS-14-044

Multiple XSS Vulnerabilities in Openbiz Cubi

NS-14-044

Multiple XSS Vulnerabilities in Openbiz Cubi

NS-14-045

Remote Code Evaluation Openbiz Cubi

NS-14-045

Remote Code Evaluation Openbiz Cubi

Advisories Released in 2013

Name

NS-13-001

XSS Vulnerabilities in MintBoard

NS-13-001

XSS Vulnerabilities in MintBoard

NS-13-002

XSS and SQL Injection Vulnerabilities in MiniBB

NS-13-002

XSS and SQL Injection Vulnerabilities in MiniBB

NS-13-003

XSS Vulnerabilities in Serendipity

NS-13-003

XSS Vulnerabilities in Serendipity

NS-13-004

XSS Vulnerabilities in ImpressCMS Content Module

NS-13-004

XSS Vulnerabilities in ImpressCMS Content Module

NS-13-005

Open Redirection Vulnerability in OpalCMS

NS-13-005

Open Redirection Vulnerability in OpalCMS

NS-13-006

XSS and SQL Injection Vulnerabilities in DBHcms

NS-13-006

XSS and SQL Injection Vulnerabilities in DBHcms

NS-13-007

XSS Vulnerabilities in Xoda

NS-13-007

XSS Vulnerabilities in Xoda

NS-13-008

SQL Injection Vulnerabilities in MyMarket

NS-13-008

SQL Injection Vulnerabilities in MyMarket

NS-13-009

SQL Injection Vulnerability in glFusion

NS-13-009

SQL Injection Vulnerability in glFusion

NS-13-010

XSS & CSRF Vulnerabilities in Gutuma

NS-13-010

XSS & CSRF Vulnerabilities in Gutuma

NS-13-011

XSS Vulnerability in Gazie

NS-13-011

XSS Vulnerability in Gazie

NS-13-012

XSS and SQL Injection Vulnerabilities in Bilboplanet

NS-13-012

XSS and SQL Injection Vulnerabilities in Bilboplanet

NS-13-013

XSS and SQL Injection Vulnerabilities in CourseMS

NS-13-013

XSS and SQL Injection Vulnerabilities in CourseMS

NS-13-014

XSS and SQL Injection Vulnerabilities in BoastMachine

NS-13-014

XSS and SQL Injection Vulnerabilities in BoastMachine

NS-13-015

XSS Vulnerabilities in RuubikCMS

NS-13-015

XSS Vulnerabilities in RuubikCMS

NS-13-016

XSS and SQL Injection Vulnerabilities in Gnew

NS-13-016

XSS and SQL Injection Vulnerabilities in Gnew

NS-13-017

XSS Vulnerabilities in Andy's PHP Knowledgebase

NS-13-017

XSS Vulnerabilities in Andy's PHP Knowledgebase

Advisories Released in 2012

Name

NS-12-001

SQL Injection Vulnerability in OpenEMR < 4.1.0

NS-12-001

SQL Injection Vulnerability in OpenEMR < 4.1.0

NS-12-002

Open Redirection Vulnerability in Orchard 1.3.9

NS-12-002

Open Redirection Vulnerability in Orchard 1.3.9

NS-12-003

SQL Injection Vulnerability in Batavi E-Commerce < 1.1.2

NS-12-003

SQL Injection Vulnerability in Batavi E-Commerce < 1.1.2

NS-12-004

Local File Inclusion Vulnerability in TomatoCart

NS-12-004

Local File Inclusion Vulnerability in TomatoCart

NS-12-005

XSS vulnerability in Invision Power Board version 3.2.3

NS-12-005

XSS vulnerability in Invision Power Board version 3.2.3

NS-12-006

XSS and Blind SQL Injection Vulnerabilities in ExponentCMS

NS-12-006

XSS and Blind SQL Injection Vulnerabilities in ExponentCMS

NS-12-007

XSS and SQL Injection Vulnerabilities in OrderSys

NS-12-007

XSS and SQL Injection Vulnerabilities in OrderSys

NS-12-008

XSS Vulnerabilities in LabWiki

NS-12-008

XSS Vulnerabilities in LabWiki

NS-12-009

XSS and SQL Injection Vulnerabilities in Jara

NS-12-009

XSS and SQL Injection Vulnerabilities in Jara

NS-12-010

XSS Vulnerabilities in phpFreeChat

NS-12-010

XSS Vulnerabilities in phpFreeChat

NS-12-011

XSS Vulnerabilities in TaskFreak

NS-12-011

XSS Vulnerabilities in TaskFreak

NS-12-012

XSS Vulnerabilities in CMSMini

NS-12-012

XSS Vulnerabilities in CMSMini

NS-12-013

XSS Vulnerabilities in ClipBucket

NS-12-013

XSS Vulnerabilities in ClipBucket

NS-12-014

XSS and SQL Injection Vulnerabilities in DotProject

NS-12-014

XSS and SQL Injection Vulnerabilities in DotProject

NS-12-015

XSS Vulnerabilities in bloofoxCMS

NS-12-015

XSS Vulnerabilities in bloofoxCMS

NS-12-016

XSS, LFI and SQL Injection Vulnerabilities in Achievo

NS-12-016

XSS, LFI and SQL Injection Vulnerabilities in Achievo

Advisories Released in 2011

Name

NS-11-001

XSS Vulnerability Joomla < 1.5.20

NS-11-001

XSS Vulnerability Joomla < 1.5.20

NS-11-002

XSS Vulnerability in EnanoCms 1.1.7 & 1.1.6

NS-11-002

XSS Vulnerability in EnanoCms 1.1.7 & 1.1.6

NS-11-003

XSS Vulnerability in Tracks < 1.7.2

NS-11-003

XSS Vulnerability in Tracks < 1.7.2

NS-11-004

XSS Vulnerability in Redmine 1.0.1 to 1.1.1

NS-11-004

XSS Vulnerability in Redmine 1.0.1 to 1.1.1

NS-11-005

XSS Vulnerability in TWiki < 5.0.2

NS-11-005

XSS Vulnerability in TWiki < 5.0.2

NS-11-006

XSS Vulnerability in TWiki < 5.1.0

NS-11-006

XSS Vulnerability in TWiki < 5.1.0

NS-11-007

XSS Vulnerability in eFront < 3.6.10 build 11944

NS-11-007

XSS Vulnerability in eFront < 3.6.10 build 11944

NS-11-008

XSS and SQL Injection in Symphony CMS < 2.2.3

NS-11-008

XSS and SQL Injection in Symphony CMS < 2.2.3

NS-11-009

XSS Vulnerability in Joomla 1.6.3

NS-11-009

XSS Vulnerability in Joomla 1.6.3

NS-11-010

XSS and Blind SQL Injection Vulnerabilities in Banana Dance CMS

NS-11-010

XSS and Blind SQL Injection Vulnerabilities in Banana Dance CMS