RO
SECURIFY
P
osts
A
dvisories
S
eclog
→
Advisories
Status:
All
(54)
With CVE
(18)
Without CVE
(36)
Year:
All
2026
2020
2018
2017
2016
2015
2014
2013
Showing all 54 advisories
RO-26-005:
Gakido - CRLF Injection
CVE-2026-24489
RO-26-004:
Mailpit - SMTP CRLF Injection via Regex Bypass
CVE-2026-23829
RO-26-003:
feedyour.email - SQL Injection via Search Parameter
CVE-2025-XXXX (Pending)
RO-26-002:
Mailpit - Cross-Site WebSocket Hijacking (CSWSH)
CVE-2026-22689
RO-26-001:
Mailpit - Server-Side Request Forgery (SSRF)
CVE-2026-21859
RO-20-001:
Geeklog 2.2.1 - Cross-site Scripting
RO-20-002:
Geeklog 2.2.1 - Blind SQL Injection
RO-20-003:
IlchCMS 2.1.37 - Cross-site Scripting
RO-18-012:
Gibbon v14.0.01 - Frame Injection Vulnerabilities
RO-18-001:
TikiWiki 17.1 - Cross-site Scripting
RO-18-002:
ImpressCMS 1.3.10 - Reflected and Stored XSS
RO-18-003:
OrangeForum 1.4.0 - Open Redirection
RO-18-004:
ElkArte 1.1.0 - Cross-site Scripting
RO-18-005:
Plikli CMS 4.0.0 - Cross-site Scripting
RO-18-006:
Plikli CMS 4.0.0 - Blind SQL Injection
RO-18-007:
FreshRSS 1.11.1 - Multiple XSS
RO-18-008:
Microweber 1.0.8 - Reflected XSS
RO-18-009:
Eventum 3.3.4 - Open Redirection
RO-18-010:
SOPlanning 1.41 - SQL Injection
RO-18-011:
HTMLy - Cross-site Scripting
RO-17-001:
MyLittleForum 2.3.5 - Multiple Reflected XSS
RO-17-002:
SpiderFoot 2.7.1 - Multiple Reflected XSS
RO-17-003:
Yii Framework 2.0.9 - Reflected XSS
CVE-2018-6010
RO-16-003:
Cockpit CMS 0.13.0 - Multiple Reflected XSS
RO-16-004:
Cockpit CMS 0.13.0 - Remote Code Execution
RO-16-005:
WP-Polls 2.73 - Reflected Cross-site Scripting
CVE-2016-10936
RO-16-006:
Clicky by Yoast 1.4.3 - Multiple Stored Cross-site Scripting
RO-16-007:
BulletProof Security 0.53.3 - Multiple Cross-site Scripting
RO-16-001:
MailPoet Newsletters 2.6.19 - Cross-site Scripting
CVE-2015-7784
RO-16-002:
Storytlr 1.2.0 - Multiple Reflected XSS
RO-15-011:
WP Flash Player 1.3 - Multiple Cross-site Scripting
RO-15-001:
Blubrry PowerPress 6.0 (WP Plugin) - XSS
CVE-2015-1385
RO-15-002:
Concrete5 5.7.3.1 - Multiple XSS
CVE-2015-2250
RO-15-003:
miniBB 3.1 - Cross-site Scripting
CVE-2015-2262
RO-15-004:
WordPress Twenty Fifteen Theme - DOM XSS
CVE-2015-3429
RO-15-005:
Google Analyticator (WP Plugin) - Multiple XSS
CVE-2015-6238
RO-15-006:
TestLink 1.9.13 - SQL Injection
CVE-2015-7390
RO-15-007:
phpMoAdmin - Cross-site Scripting
RO-15-008:
phpMemAdmin - Cross-site Scripting
RO-15-009:
TestLink 1.9.13 - Cross-site Scripting
RO-15-010:
Booked Scheduler 2.5.15 - CSRF
RO-14-011:
FlatPress 1.0.2 - Cross-site Scripting
RO-14-001:
Pragyan CMS 3.0 - Blind SQL Injection
RO-14-002:
Flat Nuke 3.1.2 - Cross-site Scripting
RO-14-003:
OsClass 3.4.1 - Local File Inclusion (LFI)
CVE-2014-6308
RO-14-004:
e107 2.0 - XSS + SQL Injection
RO-14-005:
Subrion CMS 3.2.2 - Cross-site Scripting
CVE-2014-9120
RO-14-006:
TWiki 6.0.1 - XSS (QUERYSTRING)
CVE-2014-9325
RO-14-007:
TWiki 6.0.1 - XSS (WebSearch)
CVE-2014-9367
RO-14-008:
The Bug Genie 3.2.7.1 - Cross-site Scripting
RO-14-009:
Openbiz Cubi - Multiple SQL Injection
RO-14-010:
Openbiz Cubi - Multiple XSS
RO-13-001:
glFusion 1.3.0 - Blind SQL Injection
RO-13-002:
Serendipity 1.6.2 - Cross-site Scripting
Press
/
to search,
Esc
to close