- Serendipity 1.6.2 - Cross-site Scripting
- glFusion 1.3.0 - Blind SQL Injection
- Flat Nuke 3.1.2 - Cross-site Scripting
- Openbiz Cubi - Multiple XSS
- Openbiz Cubi - Multiple SQL Injection
- TWiki 6.0.1 - XSS (QUERYSTRING)
- The Bug Genie 3.2.7.1 - Cross-site Scripting
- OsClass 3.4.1 - Local File Inclusion (LFI)
- TWiki 6.0.1 - XSS (WebSearch)
- Pragyan CMS 3.0 - Blind SQL Injection
- Subrion CMS 3.2.2 - Cross-site Scripting
- e107 2.0 - XSS + SQL Injection
- FlatPress 1.0.2 - Cross-site Scripting
- Blubrry PowerPress 6.0 (WP Plugin) - XSS
- Booked Scheduler 2.5.15 - CSRF
- phpMemAdmin - Cross-site Scripting
- TestLink 1.9.13 - Cross-site Scripting
- phpMoAdmin - Cross-site Scripting
- WordPress Twenty Fifteen Theme - DOM XSS
- Google Analyticator (WP Plugin) - Multiple XSS
- TestLink 1.9.13 - SQL Injection
- Concrete5 5.7.3.1 - Multiple XSS
- miniBB 3.1 - Cross-site Scripting
- WP Flash Player 1.3 - Multiple Cross-site Scripting
- Storytlr 1.2.0 - Multiple Reflected XSS
- MailPoet Newsletters 2.6.19 - Cross-site Scripting
- BulletProof Security 0.53.3 - Multiple Cross-site Scripting
- Clicky by Yoast 1.4.3 - Multiple Stored Cross-site Scripting
- WP-Polls 2.73 - Reflected Cross-site Scripting
- Cockpit CMS 0.13.0 - Remote Code Execution
- Cockpit CMS 0.13.0 - Multiple Reflected XSS
- SpiderFoot 2.7.1 - Multiple Reflected XSS
- Yii Framework 2.0.9 - Reflected XSS
- MyLittleForum 2.3.5 - Multiple Reflected XSS
- HTMLy - Cross-site Scripting
- FreshRSS 1.11.1 - Multiple XSS
- SOPlanning 1.41 - SQL Injection
- Plikli CMS 4.0.0 - Blind SQL Injection
- Eventum 3.3.4 - Open Redirection
- Microweber 1.0.8 - Reflected XSS
- ImpressCMS 1.3.10 - Reflected and Stored XSS
- Plikli CMS 4.0.0 - Cross-site Scripting
- ElkArte 1.1.0 - Cross-site Scripting
- OrangeForum 1.4.0 - Open Redirection
- TikiWiki 17.1 - Cross-site Scripting
- Gibbon v14.0.01 - Frame Injection Vulnerabilities
- Geeklog 2.2.1 - Cross-site Scripting
- Geeklog 2.2.1 - Blind SQL Injection
- IlchCMS 2.1.37 - Cross-site Scripting
- Seclog - #12
- Seclog - #13
- Seclog - #14
- Seclog - #15
- Seclog - #16
- Seclog - #17
- Seclog - #18
- Seclog - #19
- Seclog - #20
- Seclog - #21
- Seclog - #22
- Seclog - #23
- Seclog - #24
- Seclog - #25
- Seclog - #26
- Seclog - #27
- Seclog - #28
- Seclog - #29
- Seclog - #30
- Seclog - #31
- Seclog - #32
- Seclog - #33
- Seclog - #34
- Seclog - #35
- Seclog - #36
- Seclog - #37
- Seclog - #38
- Seclog - #39
- Seclog - #40
- Seclog - #41
- Seclog - #42
- Seclog - #43
- Seclog - #44
- Seclog - #45
- Seclog - #46
- Seclog - #47
- Seclog - #48
- Seclog - #49
- Seclog - #50
- Seclog - #51
- Seclog - #52
- Seclog - #53
- Seclog - #54
- Seclog - #55
- Seclog - #56
- Seclog - #57
- Seclog - #58
- Seclog - #59
- Seclog - #60
- Seclog - #61
- Seclog - #62
- Seclog - #63
- Seclog - #64
- Seclog - #65
- Seclog - #66
- Seclog - #67
- Seclog - #68
- Seclog - #69
- Seclog - #70
- Seclog - #71
- Seclog - #72
- Seclog - #73
- Seclog - #74
- Seclog - #75
- Seclog - #76
- Seclog - #77
- Seclog - #78
- Seclog - #79
- Seclog - #80
- Seclog - #81
- Seclog - #82
- Seclog - #83
- Seclog - #84
- Seclog - #85
- Seclog - #86
- Seclog - #87
- Seclog - #88
- Seclog - #89
- Seclog - #90
- Seclog - #91
- Seclog - #92
- Seclog - #93
- Seclog - #94
- Seclog - #95
- Seclog - #96
- Seclog - #97
- Seclog - #98
- Seclog - #99
- Seclog - #100
- Seclog - #101
- Seclog - #102
- Seclog - #103
- Seclog - #104
- Seclog - #105
- Seclog - #106
- Seclog - #107
- Seclog - #108
- Seclog - #109
- Seclog - #110
- Seclog - #111
- Seclog - #112
- Seclog - #113
- Seclog - #114
- Seclog - #115
- Seclog - #116
- Seclog - #117
- Seclog - #118
- Seclog - #119
- Seclog - #120
- Seclog - #121
- Seclog - #122
- Seclog - #123
- Seclog - #124
- Seclog - #125
- Seclog - #126
- Seclog - #127
- Seclog - #128
- Seclog - #129
- Seclog - #130
- Seclog - #131
- Seclog - #132
- Seclog - #133
- Seclog - #134
- Seclog - #135
- Seclog - #136
- Seclog - #137
- Seclog - #138
- Seclog - #139
- Seclog - #140
- Seclog - #141
- Seclog - #142
- Seclog - #143
- Seclog - #144
- Seclog - #145
- Seclog - #146
- Seclog - #147
- Seclog - #148
- Seclog - #149
- Seclog - #150
- Seclog - #151
- Seclog - #152
- Seclog - #153
- Seclog - #154
- Seclog - #155
- Seclog - #156
- Seclog - #157
- Seclog - #158
- What includes in this blog
- Hello 1337
- Seclog - #159
- Mailpit - Server-Side Request Forgery (SSRF)
- Mailpit - Cross-Site WebSocket Hijacking (CSWSH)
- Two CVEs, Zero Ego: A Mailpit Story
- Seclog - #160
- feedyour.email - SQL Injection via Search Parameter
- Mailpit - SMTP CRLF Injection via Regex Bypass
- Seclog - #161
- Seclog - #162
- Gakido - CRLF Injection
- Seclog - #163
- Seclog - #164
- Seclog - #165
- Seclog - #166
See all tags.