Pass Traq admincp/common.php authenticate() Function Authentication Bypass Remote Code Execution 12 Nov 2012 8.8 (v3) High Pass HP LoadRunner < 11.00 Patch 4 Code Execution (intrusive check) CVE-2011-4789 13 Nov 2012 10 (v2) Critical Pass Liferay Portal 6.1.0 / 6.1.10 Arbitrary File Deletion 15 Nov 2012 5.5 (v2) Medium Pass Freestyle Support Portal Component for Joomla! 'prodid' Parameter SQLi 16 Nov 2012 7.3 (v3) High Pass Freestyle Testimonials Component for Joomla! Unspecified SQLi 16 Nov 2012 7.3 (v3) High Pass Zenphoto Verisign_logon.php redirect Parameter XSS 28 Nov 2012 4.3 (v2) Medium Pass Piwik core/Loader.php Trojaned Distribution 28 Nov 2012 7.5 (v2) High Pass Narcissus backend.php release Parameter Remote Command Execution 30 Nov 2012 7.5 (v2) High Pass RWCards Component for Joomla! 'mosConfig_absolute_path' Parameter Remote File Include 10 Dec 2012 9.8 (v3) Critical Pass Ektron CMS XslCompiledTransform Class Request Parsing Remote Code Execution CVE-2012-5357 12 Dec 2012 9.8 (v3) Critical Pass HP Intelligent Management Center User Access Manager Datagram Parsing Code Execution CVE-2012-3274 14 Dec 2012 10 (v2) Critical Pass MDaemon < 6.5.2 Multiple Remote Buffer Overflows CVE-2004-1546 23 Sep 2004 7.5 (v2) High Pass Prado Framework sr Parameter Directory Traversal 11 Jan 2013 5 (v2) Medium Pass MoinMoin twikidraw.py Traversal File Upload Arbitrary File Overwrite CVE-2012-6081 CVE-2012-6495 21 Jan 2013 8.8 (v3) High Pass Horde IMP js/compose-dimp.js XSS CVE-2012-5565 21 Jan 2013 4.3 (v2) Medium Pass Movable Type mt-upgrade.cgi Remote Command Execution CVE-2013-0209 25 Jan 2013 8.8 (v3) High Pass Default Password (raspberry) for 'pi' Account CVE-1999-0502 28 Jan 2013 9.8 (v3) Critical Pass Default Password (openelec) for 'root' Account CVE-1999-0502 28 Jan 2013 9.8 (v3) Critical Pass Default Password (raspi) for 'root' Account CVE-1999-0502 28 Jan 2013 9.8 (v3) Critical Pass ViArt Shop sips_response.php DATA Parameter Request Parsing Remote Shell Command Execution 30 Jan 2013 8.8 (v3) High Pass Incapsula Component for Joomla! 'token' Parameter Multiple XSS 06 Feb 2013 4.7 (v3) Medium Pass LogAnalyzer userchange.php 'viewid' Parameter XSS 06 Feb 2013 4.3 (v2) Medium Pass MantisBT search.php match_type Parameter XSS CVE-2013-0197 07 Feb 2013 4.3 (v2) Medium Pass php-Charts url.php Remote PHP Code Execution 11 Feb 2013 8.8 (v3) High Pass Microsoft ASP.NET MS-DOS Device Name DoS (PCI-DSS check) CVE-2007-2897 13 Feb 2013 5 (v2) Medium Pass HP LeftHand Virtual SAN Appliance < 10.0 hydra Service Multiple RCE CVE-2012-3282 CVE-2012-3283 CVE-2012-3284 CVE-2012-3285 CVE-2013-2343 14 Feb 2013 10 (v2) Critical Pass PostgreSQL 8.3 < 8.3.23 / 8.4 < 8.4.16 / 9.0 < 9.0.12 / 9.1 < 9.1.8 / 9.2 < 9.2.3 Denial of Service CVE-2013-0255 18 Feb 2013 5.3 (v3) Medium Pass ImpressPages cm_group Parameter Remote PHP Code Execution CVE-2011-4932 19 Feb 2013 7.5 (v2) High Pass EMC Data Protection Advisor CXML Service Detection 20 Feb 2013 None Pass Bugzilla show_bug.cgi id Parameter XSS CVE-2013-0785 25 Feb 2013 4.3 (v2) Medium Pass Apache 2.4.x < 2.4.4 Multiple XSS Vulnerabilities CVE-2012-3499 CVE-2012-4558 26 Feb 2013 5.9 (v3) Medium Pass MoinMoin rsslink() Function page_name Parameter XSS CVE-2012-6082 28 Feb 2013 4.3 (v2) Medium Pass PHP 5.4.x < 5.4.12 Information Disclosure CVE-2013-1824 04 Mar 2013 5.3 (v3) Medium Pass Jenkins < 1.498 / 1.480.2 and Jenkins Enterprise 1.447.x / 1.466.x < 1.447.6.1 / 1.466.12.1 Unspecified Master Cryptographic Key Information DisclosurCVE-2013-0158 e 06 Mar 2013 5.3 (v3) Medium Pass Jenkins < 1.502 / 1.480.3 and Jenkins Enterprise 1.447.x / 1.466.x / 1.480.x < 1.447.7.1 / 1.466.13.1 / 1.480.3.1 Multiple VCVE-2013-0327 CVE-2013-0328 CVE-2013-0329 CVE-2013-0330 CVE-2013-0331ulnerabilities 06 Mar 2013 7.5 (v2) High Pass CoDeSys Gateway Service < 2.3.9.27 Multiple Vulnerabilities CVE-2012-4704 CVE-2012-4705 CVE-2012-4706 CVE-2012-4707 CVE-2012-4708 11 Mar 2013 10 (v2) Critical Pass HP Intelligent Management Center < 5.2 E401 Multiple Vulnerabilities CVE-2012-5200 CVE-2012-5201 CVE-2012-5202 CVE-2012-5203 CVE-2012-5204 CVE-2012-5205 CVE-2012-5206 CVE-2012-5207 CVE-2012-5208 CVE-2012-5209 CVE-2012-5212 CVE-2012-521313 Mar 2013 10 (v2) Critical Pass PHP-Fusion Authenticate.class.php Multiple Cookie SQL Injection CVE-2013-7375 19 Mar 2013 7.5 (v2) High Pass PHP-Fusion forum/viewthread.php highlight Parameter XSS 19 Mar 2013 4.3 (v2) Medium Pass CKEditor sample_posteddata.php XSS 28 Mar 2013 4.3 (v2) Medium Pass NConf delete_attr.php id Parameter SQL Injection 28 Mar 2013 7.5 (v2) High Pass Piwigo install.php dl Parameter Traversal Arbitrary File Access CVE-2013-1469 02 Apr 2013 6.5 (v3) Medium Pass Default Password (facepunch) for 'chronos' Account CVE-1999-0502 03 Apr 2013 9.8 (v3) Critical Pass Git Protocol Detection 05 Apr 2013 None Pass Webman I-Mall i-mall.cgi Arbitrary Command Execution CVE-2004-2275 18 Nov 2004 10 (v2) Critical Pass PostgreSQL 8.4 < 8.4.17 / 9.0 < 9.0.13 / 9.1 < 9.1.9 / 9.2 < 9.2.4 Multiple Vulnerabilities CVE-2013-1902 CVE-2013-1903 08 Apr 2013 9.8 (v3) Critical Pass PostgreSQL 9.1 < 9.1.9 / 9.2 < 9.2.4 Denial of Service CVE-2013-1901 08 Apr 2013 4.3 (v3) Medium Pass MediaWiki mwdoc-filter.php Arbitrary File Access CVE-2013-1818 10 Apr 2013 5 (v2) Medium Pass mnoGoSearch search.cgi QUERY_STRING Parameter Parsing Arbitrary File Access 10 Apr 2013 5 (v2) Medium Pass IBM Lotus Domino 8.5.x Multiple Vulnerabilities CVE-2012-2159 CVE-2012-2161 CVE-2013-0488 CVE-2013-0489 26 Apr 2013 6 (v2) Medium Pass Android Emulator ADB Port on Remote Host 11 May 2013 7.5 (v2) High Pass Default Password (nsroot) for 'nsroot' Account CVE-1999-0502 13 May 2013 9.8 (v3) Critical Pass Citrix NetScaler Web Management Interface Default Administrator Credentials 13 May 2013 7.5 (v2) High Pass e107 content_preset.php URI XSS CVE-2013-2750 13 May 2013 4.3 (v2) Medium Pass Mutiny < 5.0-1.11 Multiple Directory Traversals CVE-2013-0136 17 May 2013 8.5 (v2) High Pass Securimage example_form.php XSS 22 May 2013 4.3 (v2) Medium Pass YaBB 1 Gold < 1.3.2 Multiple Input Validation Vulnerabilities CVE-2004-2139 CVE-2004-2140 23 Sep 2004 4.3 (v2) Medium Pass PHP 5.3.x < 5.3.23 Multiple Vulnerabilities CVE-2013-1635 CVE-2013-1643 CVE-2013-1824 24 May 2013 7.3 (v3) High Pass PHP 5.4.x < 5.4.13 Information Disclosure CVE-2013-1635 CVE-2013-1643 CVE-2013-1824 24 May 2013 7.3 (v3) High Pass Alt-N MDaemon < 13.0.4 Multiple Vulnerabilities 28 May 2013 9 (v2) High Pass nginx ngx_http_proxy_module.c Multiple Vulnerabilities CVE-2013-2028 CVE-2013-2070 29 May 2013 9.8 (v3) Critical Pass Default Password (openvpnas) for 'root' Account CVE-1999-0502 30 May 2013 9.8 (v3) Critical Pass Greenstone Password File Disclosure 31 May 2013 5 (v2) Medium Pass DNN (DotNetNuke) 7.0.x < 7.0.6 Unspecified Modal Window XSS 03 Jun 2013 4.3 (v2) Medium Pass CoDeSys Gateway Service < 2.3.9.28 Use-After-Free CVE-2013-2781 05 Jun 2013 10 (v2) Critical Pass PHP 5.3.x < 5.3.26 Multiple Vulnerabilities CVE-2013-2110 CVE-2013-4635 07 Jun 2013 5 (v2) Medium Pass HP Data Protector Multiple RCE Vulnerabilities CVE-2013-2324 CVE-2013-2325 CVE-2013-2326 CVE-2013-2327 CVE-2013-2328 CVE-2013-2329 CVE-2013-2330 CVE-2013-2331 CVE-2013-2332 CVE-2013-2333 CVE-2013-2334 CVE-2013-233510 Jun 2013 10 (v2) Critical Pass Plone PloneFormGen Unspecified Arbitrary Code Execution 11 Jun 2013 8.8 (v3) High Pass Apache Struts 2 OGNL Expression Handling Double Evaluation Error Remote Command Execution CVE-2013-2134 CVE-2013-2135 19 Jun 2013 8.1 (v3) High Pass Apache Struts 2 Crafted Parameter Arbitrary OGNL Expression Remote Command Execution CVE-2013-1965 CVE-2013-1966 CVE-2013-2115 19 Jun 2013 8.1 (v3) High Pass FreePBX Backup Module page.backup.php 'dir' Parameter RCE 26 Jun 2013 7.5 (v2) High Pass Default Password (badg3r5) for 'HPSupport' Account CVE-1999-0502 CVE-2013-2342 27 Jun 2013 9.8 (v3) Critical Pass Atlassian Crowd XML External Entity Request Handling Arbitrary File Disclosure CVE-2013-3925 03 Jul 2013 5.8 (v2) Medium Pass IBM Lotus Domino 8.5.x < 8.5.3 FP 4 Multiple Vulnerabilities CVE-2012-6277 CVE-2013-0486 CVE-2013-0487 05 Jul 2013 8.5 (v2) High Pass Citrix AGEE Logon Portal Unspecified XSS 06 Jul 2013 4.3 (v2) Medium Pass Plone spamProtect mailaddress Parameter XSS CVE-2013-4190 08 Jul 2013 4.3 (v2) Medium Pass PHP 5.3.x < 5.3.27 Multiple Vulnerabilities CVE-2013-4113 12 Jul 2013 6.8 (v2) Medium Pass PHP 5.4.x < 5.4.17 Buffer Overflow 12 Jul 2013 9.3 (v2) High Pass Dell iDRAC6 Multiple Vulnerabilities CVE-2013-4785 16 Jul 2013 10 (v2) Critical Pass Default password (dasdec1) for 'root' account CVE-1999-0502 CVE-2013-4735 18 Jul 2013 9.8 (v3) Critical Pass Apache 2.4.x < 2.4.5 Multiple Vulnerabilities CVE-2013-1896 CVE-2013-2249 23 Jul 2013 9.8 (v3) Critical Pass HP System Management Homepage < 7.2.1.0 Multiple Vulnerabilities (BEAST) CVE-2011-3389 CVE-2012-0883 CVE-2012-2110 CVE-2012-2311 CVE-2012-2329 CVE-2012-2335 CVE-2012-2336 CVE-2012-5217 CVE-2013-2355 CVE-2013-2356 CVE-2013-2357 CVE-2013-2358 CVE-2013-2359 CVE-2013-2360 CVE-2013-2361 CVE-2013-2362 CVE-2013-2363 CVE-2013-2364 CVE-2013-482123 Jul 2013 7.5 (v2) High Pass Virtualizor < 2.3.2 PDNS Domain Deletion Security Bypass 24 Jul 2013 4 (v2) Medium Pass Apache OFBiz Nested Expression Arbitrary UEL Function Execution CVE-2013-2250 29 Jul 2013 10 (v2) Critical Pass OpenNetAdmin dcm.php options[desc] Parameter Arbitrary Remote PHP Code Execution 31 Jul 2013 8.8 (v3) High Pass PineApp Mail-SeCure Default Credentials 01 Aug 2013 7.5 (v2) High Pass PineApp Mail-SeCure test_li_connection.php Remote Command Injection 01 Aug 2013 8.8 (v3) High Pass Joomla! 'lang' Parameter XSS CVE-2013-5583 09 Aug 2013 4.7 (v3) Medium Pass Mac OS X Directory Service Buffer Overflow CVE-2013-0984 13 Aug 2013 9.3 (v2) High Pass Poison Ivy Detection 13 Aug 2013 None Pass PHP 5.5.x < 5.5.1 xml.c Buffer Overflow CVE-2013-4113 14 Aug 2013 6.8 (v2) Medium Pass OpenX flowplayer-3.1.1.min.js Backdoor Remote Code Execution CVE-2013-4211 15 Aug 2013 8.8 (v3) High Pass DNN (DotNetNuke) __dnnVariable Parameter XSS CVE-2013-4649 16 Aug 2013 4.3 (v2) Medium Pass PHP 5.4.x < 5.4.19 Multiple Vulnerabilities CVE-2013-4113 CVE-2013-4248 21 Aug 2013 7.3 (v3) High Pass DNN (DotNetNuke) DNNArticle Module categoryid Parameter SQL Injection CVE-2013-5117 16 Aug 2013 7.5 (v2) High Pass Default Password (arcsight) for 'root' Account CVE-1999-0502 05 Aug 2013 9.8 (v3) Critical Pass HP LaserJet PJL Interface Directory Traversal (HPSBPI02575) CVE-2010-4107 20 Aug 2013 7.5 (v3) High Pass Microsoft SQL Server STARTTLS Support 04 Jul 2013 None Pass IBM DB2 10.5 < Fix Pack 1 Security Bypass CVE-2013-4033 06 Sep 2013 5 (v3) Medium Pass Juniper NSM Servers < 2012.1 Multiple Vulnerabilities CVE-2004-0230 CVE-2005-2798 CVE-2006-0225 CVE-2006-4924 CVE-2006-5051 CVE-2010-1169 CVE-2010-1170 CVE-2010-1447 CVE-2010-3433 CVE-2010-401513 Sep 2013 9.3 (v2) High Pass Juniper NSM Linux Kernel TCP Sequence Number Generation Issue (PSN-2012-08-688) CVE-2011-3188 13 Sep 2013 6.8 (v2) Medium Pass Juniper NSM Servers Multiple Java JDK/JRE Vulnerabilities (PSN-2012-08-689) CVE-2008-3103 CVE-2008-3104 CVE-2008-3105 CVE-2008-3106 CVE-2008-3107 CVE-2008-3108 CVE-2008-3109 CVE-2008-3110 CVE-2008-3111 CVE-2008-3112 CVE-2008-3113 CVE-2008-3114 CVE-2008-3115 CVE-2011-0786 CVE-2011-0802 CVE-2011-0814 CVE-2011-0815 CVE-2011-0817 CVE-2011-0862 CVE-2011-0863 CVE-2011-0864 CVE-2011-0865 CVE-2011-0866 CVE-2011-0867 CVE-2011-0868 CVE-2011-0869 CVE-2011-0871 CVE-2011-0872 CVE-2011-087313 Sep 2013 10 (v2) Critical Pass Atlassian Fisheye for Windows < 4.4.6, 4.5.x < 4.5.3 Remote Code Execution Vulnerability CVE-2018-5223 04 Apr 2019 7.2 (v3) High Pass Ubuntu Drupal Theme - Brown images/layout/gradient.php File Disclosure 22 Oct 2010 5 (v2) Medium Pass Artica Default Credentials 25 Oct 2010 7.5 (v2) High Pass CGI Generic Padding Oracle CVE-2010-3332 29 Oct 2010 5 (v2) Medium Pass Symantec IM Manager whereClause Parameter SQL Injection (SYM10-010) CVE-2010-0112 01 Nov 2010 10 (v2) Critical Pass Atlassian FishEye Code Metrics Report Plugin XSS 02 Nov 2010 4.3 (v2) Medium Pass IBM DB2 9.7 < Fix Pack 3 Multiple Vulnerabilities CVE-2010-3474 CVE-2010-3475 CVE-2010-3731 CVE-2011-0731 02 Nov 2010 5.3 (v3) Medium Pass YUI charts.swf / swfstore.swf / uploader.swf XSS CVE-2010-4207 CVE-2010-4208 CVE-2010-4209 05 Nov 2010 4.3 (v2) Medium Pass Skype Extras Manager (skypePM.exe) skype-plugin: URI Arbitrary XML File Deletion (uncredentialed check) 15 Nov 2010 4.3 (v2) Medium Pass Bugzilla Response Splitting CVE-2010-3172 15 Nov 2010 5 (v2) Medium 54