Invicti Advisories / Invicti Web Application Security Scanner

ID	Name
NS-21-004	Cross-site Scripting vulnerability in Kajona CMS 6.2
NS-21-003	Cross-Site Scripting vulnerability in Ampache 4.4.2
NS-21-002	Cross-Site Scripting Vulnerability in Zen Cart 1.5.7
NS-21-001	Cross-Site Scripting Vulnerability in Chamilo LMS 1.11.14

ID	Name
NS-20-006	SQL Injection Vulnerability in SEOPanel 4.6.0
NS-20-005	Cross-Site Scripting Vulnerabilities in SEOPanel 4.6.0
NS-20-004	Cross-Site Scripting Vulnerabilities in BigtreeCMS 4.4.11
NS-20-003	Cross-Site Scripting Vulnerabilities in IlchCMS 2.1.37
NS-20-002	Blind SQL Injection Vulnerability in Geeklog 2.2.1
NS-20-001	Cross-Site Scripting Vulnerability in Geeklog 2.2.1

ID	Name
NS-19-018	Frame Injection Vulnerability in ERPNext 11.1.47
NS-19-017	Multiple Reflected Cross-site Scripting Vulnerabilities in ERPNext 11.1.47
NS-19-016	Multiple Cross-site Scripting Vulnerabilities in ilchCMS 2.1.23
NS-19-015	Multiple Cross-site Scripting Vulnerabilities in Openfire 4.4.1
NS-19-014	Multiple Reflected Cross-site Scripting Vulnerabilities in OpenEdx version Ironwood.1
NS-19-013	Multiple CSRF Vulnerabilities in Django CRM 0.2.1
NS-19-012	Open Redirection Vulnerability in Zurmo 3.2.6
NS-19-011	Frame Injection Vulnerability in Zurmo 3.2.6
NS-19-010	Stored Cross-site Scripting Vulnerability in Zurmo 3.2.6
NS-19-009	Out of Band Code Evaluation Vulnerability in Zurmo 3.2.6
NS-19-008	Reflected Cross-site Scripting Vulnerability in Zurmo 3.2.6
NS-19-007	Code Evaluation Vulnerability in Zurmo 3.2.6
NS-19-006	Multiple Reflected Cross-site Scripting Vulnerabilities in phpFK lite-version
NS-19-005	Reflected Cross-site Scripting Vulnerability in Ponzu CMS 0.9.4
NS-19-004	Multiple Cross-site Scripting Vulnerabilities in Shopware 5.5.6
NS-19-003	Stored Cross-site Scripting Vulnerability in VFront 0.99.5
NS-19-002	Multiple Reflected Cross-site Scripting Vulnerabilities in VFront 0.99.5
NS-19-001	Reflected Cross-site Scripting Vulnerability in Kanboard 1.2.7

ID	Name
NS-18-061	Multiple Cross-site Scripting Vulnerabilities in ProjectSend r1053
NS-18-060	Cross-site Scripting Vulnerability in ElkArte 1.1.0
NS-18-059	Multiple Cross-Site Scripting Vulnerabilities in HTMLy 2.7.4
NS-18-058	SQL Injection Vulnerabilities in inoERP 0.6.1
NS-18-057	Multiple Cross-site Scripting Vulnerabilities in Zencart 1.5.5f
NS-18-056	Open Redirection Vulnerability in GetSimpleCMS 3.3.13
NS-18-055	Boolean SQL Injection Vulnerability in Monica 1.8.2
NS-18-054	Multiple Cross-site Scripting Vulnerabilities in PluXml 5.7
NS-18-053	Multiple Reflected Cross-site Scripting Vulnerabilities in WeBid 1.2.2
NS-18-052	Reflected Cross-site Scripting Vulnerability in Collabtive 3.1
NS-18-051	Stored Cross-site Scripting Vulnerability in Podcast Generator 2.7
NS-18-050	Multiple Reflected Cross-site Scripting Vulnerabilities in Coppermine 1.5.46
NS-18-049	Cross-site Scripting Vulnerability in Abantecart 1.2.12
NS-18-048	Cross-site Scripting via XML Vulnerability in DNN 9.1
NS-18-047	Multiple Cross-site Scripting Vulnerabilities in FluxBB 1.5.10
NS-18-046	Multiple Reflected Cross-site Scripting Vulnerabilities in Ampache 3.9.0
NS-18-045	XML External Entity Injection Vulnerability in BlogEngine 3.3
NS-18-044	Open Redirection Vulnerabilities in OrangeForum 1.4.0
NS-18-043	Multiple Cross-site Scripting Vulnerabilities in ZenPhoto 1.4.14
NS-18-042	Reflected Cross-site Scripting in Mantis 2.11.1
NS-18-041	DOM Based Cross-site Scripting Vulnerability in Sharrre 2.0.1
NS-18-040	Multiple Cross-site Scripting Vulnerabilities in Family Connections 3.7.0
NS-18-039	Multiple Cross-site Scripting Vulnerabilities in GeniXCMS 1.1.5
NS-18-038	Reflected Cross-site Scripting Vulnerability in Microweber 1.0.8
NS-18-037	Open Redirection Vulnerability in ForkCMS 5.0.6
NS-18-036	SQL injection Vulnerability in Zurmo 2.3.4
NS-18-035	Multiple Cross-site Scripting Vulnerabilities in Zurmo 2.3.4
NS-18-034	Code Evolution (PHP) Vulnerability in Zurmo 2.3.4
NS-18-033	Multiple Cross-site Scripting Vulnerabilities in ImpressCMS 1.3.10
NS-18-032	Stored Cross-site Scripting Vulnerability in ForkCMS 5.0.6
NS-18-031	Blind SQL Injection Vulnerabilities in Plikli 4.0.0
NS-18-030	Multiple Cross-site Scripting Vulnerabilities in Plikli 4.0.0
NS-18-029	Multiple Cross-site Scripting Vulnerabilities in OSclass 3.7.4
NS-18-028	SQL Injection Vulnerabilities in Chamilo 1.11.6
NS-18-027	Multiple Cross-site Scripting Vulnerabilities in Chamilo 1.11.6
NS-18-026	Reflected Cross-site Scripting Vulnerability in Typesetter 5.1
NS-18-025	Reflected Cross-site Scripting Vulnerability in CubeCart 6.2.2
NS-18-024	Multiple Cross-Site Scripting Vulnerabilities in FreshRSS 1.11.1
NS-18-023	SQL Injection and Blind SQL Injection Vulnerabilities in SOPlanning 1.41
NS-18-022	Multiple Reflected Cross-site Scripting Vulnerabilities in Seopanel 3.13.0
NS-18-021	Open Redirection Vulnerabilities in Eventum v3.3.4
NS-18-020	Cross-site Scripting Vulnerabilities in Carbon Forum 5.9.0
NS-18-019	Code Evaluations in FuelCMS 1.4.1
NS-18-018	SQL Injection Vulnerabilities in FuelCMS 1.4.1
NS-18-017	Cross-site Request Forgery Vulnerabilities in Serenity 3.0.5
NS-18-016	Reflected Cross-site Scripting Vulnerability in BigTree CMS 4.2.23
NS-18-015	Multiple Cross-site Scripting Vulnerabilities in Dolibarr 7.0.3
NS-18-014	PHP Code Evaluation Vulnerability in Wolf CMS 0.8.3.1
NS-18-013	Cross Site Request Forgery Vulnerability in Platformus 1.0.0-alpha21
NS-18-012	Stored Cross-site Scripting Vulnerability in Platformus 1.0.0-alpha21
NS-18-011	Stored Cross-site Scripting in inoERP 0.6.1
NS-18-010	Multiple Cross-site Scripting Vulnerabilities in TikiWiki 17.1
NS-18-009	Frame Injection Vulnerabilities in TikiWiki 17.1
NS-18-008	Multiple Cross-site Scripting Vulnerabilities in ClipperCMS 1.3.3
NS-18-007	Multiple Cross-site Scripting Vulnerabilities in TangoBB 1.5.1
NS-18-006	Multiple Reflected Cross-site Scripting Vulnerabilities in Dotclear 2.13.1
NS-18-005	Stored XSS Vulnerability in BigTreeCMS 4.2.19
NS-18-004	Stored XSS Vulnerability in Omeka 2.6
NS-18-003	Multiple Reflected XSS Vulnerabilities in TCexam 14.0.3
NS-18-002	Frame Injection Vulnerabilities in Gibbon v14.0.01
NS-18-001	Multiple XSS Vulnerabilities in Gibbon v14.0.01

ID	Name
NS-17-032	Server-Side Template Injection Vulnerability in CMS Made Simple
NS-17-031	Reflected XSS Vulnerability in CMS Made Simple
NS-17-030	Multiple Reflected XSS Vulnerabilities in phpfk Lite
NS-17-029	Reflected XSS Vulnerability in Wirawan Test 10okt2016
NS-17-028	Multiple Blind SQL Injection Vulnerabilities in Chronosite 5.1.2
NS-17-027	Multiple Reflected XSS Vulnerabilities in Chronosite 5.1.2
NS-17-026	Reflected XSS Vulnerability in PluXML 5.5
NS-17-025	Multiple Reflected XSS Vulnerabilities in PHFTP 4.2
NS-17-024	Reflected XSS Vulnerability in PHProxy 0.5b2
NS-17-023	Multiple Reflected XSS Vulnerabilities in Vfront 0.99.4
NS-17-022	XSS, CSRF and Multiple Other Vulnerabilities in CubeCart
NS-17-021	Reflected XSS Vulnerability in Online Inventory Manager
NS-17-020	Multiple Reflected XSS Vulnerabilities in Free CMMS 0.04
NS-17-019	Reflected XSS Vulnerability in infoERP
NS-17-018	Reflected XSS Vulnerability in PHuPload
NS-17-017	Reflected XSS Vulnerability in MaxForum
NS-17-016	SQL Injection Vulnerability in Content2
NS-17-015	Multiple Reflected XSS Vulnerabilities in Content2
NS-17-014	Multiple Reflected XSS Vulnerabilities in PHPBB template test suite 2.0.11 (beta)
NS-17-013	Reflected XSS Vulnerability in Simple Picture Gallery Manager
NS-17-012	Reflected XSS Vulnerability in phpRFT
NS-17-011	Reflected XSS Vulnerability in dirLIST
NS-17-010	Reflected XSS Vulnerability in Upload Script for Images and Audio files
NS-17-009	Reflected XSS Vulnerability in OTP
NS-17-008	Reflected XSS Vulnerability in Hexjector
NS-17-007	Multiple Reflected XSS Vulnerabilities in Powebform 1.0.3
NS-17-006	Reflected XSS Vulnerability in Yii Framework
NS-17-005	Blind SQL Injection Vulnerability in SweetRice
NS-17-004	Multiple Reflected XSS Vulnerabilities in NodCMS 1.0
NS-17-003	Multiple Reflected XSS Vulnerabilities in SpiderFoot
NS-17-002	Multiple Reflected XSS Vulnerabilities in MyLittleForum
NS-17-001	Multiple Reflected XSS Vulnerabilities in Collabtive

ID	Name
NS-16-021	Reflected and Stored XSS Vulnerabilities in Typesetter CMS
NS-16-020	Reflected XSS Vulnerability in Storytlr
NS-16-019	Multiple Reflected XSS Vulnerabilities in eggBlog 4.1.2
NS-16-018	Blind SQL Injection Vulnerability in eggBlog 4.1.2
NS-16-017	Multiple Reflected XSS Vulnerabilities in Dotclear 2.9.1
NS-16-016	Remote Code Evaluation (RCE) Vulnerabilities in Cockpit 0.13.0
NS-16-015	Multiple Reflected XSS Vulnerabilities in Cockpit 0.13.0
NS-16-014	Reflected XSS Vulnerability in Ovidentia 8.4.1
NS-16-013	Multiple Reflected XSS Vulnerabilities in Beehive Forum 1.4.7
NS-16-012	Reflected XSS vulnerability in HESK help desk software
NS-16-011	Multiple XSS Vulnerabilities in Kajona v5
NS-16-010	Reflected XSS Vulnerability in PageKit 1.0.5
NS-16-009	Reflected XSS Vulnerability in WP-Polls 2.73
NS-16-008	Stored Multiple XSS Vulnerabilities in Clicky by Yoast 1.4.3
NS-16-007	Self XSS Vulnerability in Yoast SEO 3.3.2
NS-16-006	Multiple XSS Vulnerabilities in Saurus CMS 4.7 FINAL
NS-16-005	Open Redirection Vulnerability in SmartStore
NS-16-004	XSS vulnerability in BulletProof Security WordPress plugin
NS-16-003	Multiple XSS Vulnerabilities in CubeCart
NS-16-002	XSS vulnerability in Mailpoet Newsletters WordPress plugin
NS-16-001	HTTP Header Injection in LiteSpeed Web Server

ID	Name
NS-15-024	XSS Vulnerability in Serendipity
NS-15-023	XSS Vulnerability in OpenCart
NS-15-022	Multiple XSS Vulnerabilities in BootstrapValidator
NS-15-021	Multiple DOM XSS Vulnerabilities in ScrollMagic
NS-15-020	DOM XSS Vulnerability in iCheck
NS-15-019	Multiple XSS Vulnerabilities in zTree v3
NS-15-018	CSRF Vulnerability in Booked Scheduler 2.5.15
NS-15-017	Multiple XSS Vulnerabilities in Booked Scheduler 2.5.15
NS-15-016	Multiple XSS Vulnerabilities in TestLink 1.9.13
NS-15-015	SQL Injection Vulnerability in TestLink 1.9.13
NS-15-014	XSS Vulnerability in DataTables
NS-15-013	Multiple XSS Vulnerabilities in Google Analyticator WordPress Plugin
NS-15-012	XSS Vulnerability in phpMemAdmin
NS-15-011	XSS Vulnerability in Pligg CMS
NS-15-010	XSS Vulnerability in phpMoAdmin
NS-15-009	Multiple XSS Vulnerabilities in WP Flash Player 1.3
NS-15-008	Multiple XSS vulnerabilities in Concrete5
NS-15-007	DOM XSS vulnerability in Twenty Fifteen WordPress Theme
NS-15-006	XSS Vulnerability in miniBB
NS-15-005	SQL Injection Vulnerability in miniBB
NS-15-004	Local File Inclusion Vulnerability in ArticleFR
NS-15-003	Multiple XSS Vulnerabilities in ArticleFR
NS-15-002	XSS Vulnerability in Banner Effect Header WordPress Plugin
NS-15-001	XSS Vulnerability in Blubbry PowerPress WordPress Plugin

ID	Name
NS-14-045	Remote Code Evaluation Openbiz Cubi
NS-14-044	Multiple XSS Vulnerabilities in Openbiz Cubi
NS-14-043	Multiple SQL Injection Vulnerabilities in Openbiz Cubi
NS-14-042	XSS Vulnerability in Twiki WebSearch
NS-14-041	XSS Vulnerability in Twiki (QUERYSTRING and QUERYPARAMSTRING)
NS-14-040	Multiple XSS Vulnerabilities in KoolPHP
NS-14-039	XSS Vulnerability in Subrion CMS
NS-14-038	XSS Vulnerabilities in Zikula
NS-14-037	XSS Vulnerability in ProjectSend
NS-14-036	XSS Vulnerability in Sharetronix
NS-14-035	XSS Vulnerability in The Bug Genie
NS-14-034	XSS Vulnerability in Oxwall
NS-14-033	XSS Vulnerability in Little Poll
NS-14-032	Multiple XSS Vulnerabilities in LiteCart
NS-14-031	LFI Vulnerability in osClass
NS-14-030	XSS Vulnerabilities in osClass
NS-14-029	LFI & XSS Vulnerability in Codiad
NS-14-028	XSS Vulnerability in PeoplePods
NS-14-027	XSS Vulnerability in SiteCake
NS-14-026	XSS Vulnerability in PageCookery Microblog
NS-14-025	XSS Vulnerability in Storytlr
NS-14-024	XSS Vulnerability in October CMS
NS-14-023	XSS Vulnerability in KajonaCMS
NS-14-022	XSS Vulnerabilities in Booked Scheduler
NS-14-021	XSS Vulnerabilities in osTicket
NS-14-020	XSS Vulnerabilities in Ajenti
NS-14-019	XSS Vulnerability in SQL Buddy
NS-14-018	XSS Vulnerabilities in FishEye
NS-14-017	XSS Vulnerabilities in Responsive File Manager v9.3.4
NS-14-016	XSS Vulnerabilities in Pragyan
NS-14-015	XSS Vulnerabilities in FlatPress
NS-14-014	XSS Vulnerabilities in Tiki Wiki CMS
NS-14-013	XSS Vulnerabilities in TeamCity
NS-14-012	XSS Vulnerabilities in PyroCMS
NS-14-011	XSS Vulnerabilities in Claroline
NS-14-010	XSS Vulnerabilities in Storytlr
NS-14-009	XSS Vulnerabilities in MySeatXT
NS-14-008	XSS Vulnerabilities in phpAlbum
NS-14-007	XSS and SQL Vulnerabilities in e107
NS-14-006	XSS Vulnerabilities in Dokeos
NS-14-005	XSS and SQL Injection Vulnerabilities in SamNews
NS-14-004	XSS Vulnerabilities in UseBB
NS-14-003	XSS Vulnerabilities in Flat Nuke
NS-14-002	XSS Vulnerabilities in Maian Weblog
NS-14-001	Critical Blind SQL Injection Vulnerability in Pragyan CMS

ID	Name
NS-13-017	XSS Vulnerabilities in Andy's PHP Knowledgebase
NS-13-016	XSS and SQL Injection Vulnerabilities in Gnew
NS-13-015	XSS Vulnerabilities in RuubikCMS
NS-13-014	XSS and SQL Injection Vulnerabilities in BoastMachine
NS-13-013	XSS and SQL Injection Vulnerabilities in CourseMS
NS-13-012	XSS and SQL Injection Vulnerabilities in Bilboplanet
NS-13-011	XSS Vulnerability in Gazie
NS-13-010	XSS & CSRF Vulnerabilities in Gutuma
NS-13-009	SQL Injection Vulnerability in glFusion
NS-13-008	SQL Injection Vulnerabilities in MyMarket
NS-13-007	XSS Vulnerabilities in Xoda
NS-13-006	XSS and SQL Injection Vulnerabilities in DBHcms
NS-13-005	Open Redirection Vulnerability in OpalCMS
NS-13-004	XSS Vulnerabilities in ImpressCMS Content Module
NS-13-003	XSS Vulnerabilities in Serendipity
NS-13-002	XSS and SQL Injection Vulnerabilities in MiniBB
NS-13-001	XSS Vulnerabilities in MintBoard

ID	Name
NS-12-016	XSS, LFI and SQL Injection Vulnerabilities in Achievo
NS-12-015	XSS Vulnerabilities in bloofoxCMS
NS-12-014	XSS and SQL Injection Vulnerabilities in DotProject
NS-12-013	XSS Vulnerabilities in ClipBucket
NS-12-012	XSS Vulnerabilities in CMSMini
NS-12-011	XSS Vulnerabilities in TaskFreak
NS-12-010	XSS Vulnerabilities in phpFreeChat
NS-12-009	XSS and SQL Injection Vulnerabilities in Jara
NS-12-008	XSS Vulnerabilities in LabWiki
NS-12-007	XSS and SQL Injection Vulnerabilities in OrderSys
NS-12-006	XSS and Blind SQL Injection Vulnerabilities in ExponentCMS
NS-12-005	XSS vulnerability in Invision Power Board version 3.2.3
NS-12-004	Local File Inclusion Vulnerability in TomatoCart
NS-12-003	SQL Injection Vulnerability in Batavi E-Commerce < 1.1.2
NS-12-002	Open Redirection Vulnerability in Orchard 1.3.9
NS-12-001	SQL Injection Vulnerability in OpenEMR < 4.1.0

ID	Name
NS-11-010	XSS and Blind SQL Injection Vulnerabilities in Banana Dance CMS
NS-11-009	XSS Vulnerability in Joomla 1.6.3
NS-11-008	XSS and SQL Injection in Symphony CMS < 2.2.3
NS-11-007	XSS Vulnerability in eFront < 3.6.10 build 11944
NS-11-006	XSS Vulnerability in TWiki < 5.1.0
NS-11-005	XSS Vulnerability in TWiki < 5.0.2
NS-11-004	XSS Vulnerability in Redmine 1.0.1 to 1.1.1
NS-11-003	XSS Vulnerability in Tracks < 1.7.2
NS-11-002	XSS Vulnerability in EnanoCms 1.1.7 & 1.1.6
NS-11-001	XSS Vulnerability Joomla < 1.5.20

Web Application Advisories by Invicti

Advisories Released in 2021

Advisories Released in 2020

Advisories Released in 2019

Advisories Released in 2018

Advisories Released in 2017

Advisories Released in 2016

Advisories Released in 2015

Advisories Released in 2014

Advisories Released in 2013

Advisories Released in 2012

Advisories Released in 2011