Vulnerability Name CVE Severity
Apache Struts2 remote command execution (S2-045) CVE-2017-5638
Apache Struts2 Remote Command Execution (S2-048) CVE-2017-9791
Apache Struts2 Remote Command Execution (S2-052) CVE-2017-9805
Apache Struts2 Remote Command Execution (S2-053) CVE-2017-12611
Apache Tomcat examples directory vulnerabilities
CakePHP 1.3.5 / 1.2.8 unserialize() vulnerability CVE-2010-4335
CKEditor 4.0.1 cross-site scripting vulnerability
DotNetNuke multiple vulnerabilities CVE-2012-1030
Drupal 7 arbitrary PHP code execution and information disclosure CVE-2012-4553 CVE-2012-4554
Drupal Views module information disclosure vulnerability
Ektron CMS400.NET ContentRatingGraph.aspx SQL injection CVE-2008-5122
Ektron CMS multiple vulnerabilities
Ektron CMS unauthenticated code execution and Local File Read CVE-2012-5357 CVE-2012-5358
Gallery 3.0.4 remote code execution
Horde/IMP Plesk webmail exploit
IBM Lotus Domino web server Cross-Site Scripting vulnerabilities CVE-2012-3301 CVE-2012-3302
IBM Tivoli Access Manager directory traversal CVE-2010-4622 CVE-2011-0494
Invision Power Board version 3.3.4 unserialize PHP code execution CVE-2012-5692
Joomla! 1.6.0 SQL injection vulnerability CVE-2011-1151
Joomla! 1.7/2.5 SQL injection vulnerability CVE-2012-1116
jQuery cross site scripting CVE-2011-4969
Kayako Fusion v4.51.1891 - multiple web vulnerabilities
Liferay JSON service API authentication vulnerability
MediaWiki multiple remote vulnerabilities CVE-2012-4377 CVE-2012-4378
MoinMoin CVE-2012-6081 multiple arbitrary code execution vulnerabilities CVE-2012-6081
MongoDB injection
Moveable Type 4.x unauthenticated remote command execution CVE-2013-0209
Multiple critical vulnerabilities in Apache Struts2 CVE-2012-0393
Nginx PHP code execution via FastCGI
Nginx stack-based buffer overflow CVE-2013-2028
OpenX arbitrary file upload CVE-2009-4140
OpenX xajaxargs SQL injection vulnerability
Oracle Sun GlassFish/Java System Application Server Remote Authentication Bypass Vulnerability CVE-2011-0807
Parallels Plesk SQL injection vulnerability CVE-2012-1557
PHP-CGI remote code execution CVE-2012-1823 CVE-2012-2311
PHP-Fusion 6.00.109 SQL injection CVE-2005-4005
phpThumb() fltr[] parameter command injection vulnerability CVE-2010-1598
Plupload cross-site scripting vulnerability CVE-2013-0237
Rails mass assignment
Roundcube security updates 0.8.6 and 0.7.3 CVE-2013-1904
Ruby on Rails SQL injection CVE-2012-2695
Ruby on Rails XML processor YAML deserialization code execution CVE-2013-0156
Security update: Hotfix available for ColdFusion CVE-2013-0625 CVE-2013-0629 CVE-2013-0631 CVE-2013-0632
SQL Injection in Symphony CVE-2013-2559
Struts2/Xwork remote command execution CVE-2010-1870
Struts2/XWork remote command execution (S2-014) CVE-2013-1966 CVE-2013-2115
SWFUpload movieName cross site scripting vulnerability CVE-2012-3414
timthumb.php remote code execution CVE-2011-4106
TinyMCE ajax_create_folder remote code execution vulnerability
Umbraco CMS remote code execution
UnrealIRCd 3.2.8.1 backdoor CVE-2010-2075
Uploadify arbitrary file upload
vBSEO 3.6.0 PHP code injection CVE-2012-5223
vBulletin 4 (up to 4.1.2) search.php SQL injection
VMware directory traversal and privilege escalation vulnerabilities CVE-2009-2267 CVE-2009-3733
WooFramework shortcode exploit
WordPress 3.4.2 dashboard incoming links Cross-site Request Forgery CVE-2012-4448
WordPress caching plugins PHP code execution CVE-2013-2010
WordPress W3 Total Cache plugin predictable cache filenames CVE-2012-6077 CVE-2012-6078 CVE-2012-6079
Zend Framework local file disclosure via XXE injection CVE-2012-3363 CVE-2015-5161