Application: Drupal
Affected Version: Drupal Token 4.x / 5.x
Vendor’s URL: Module download site
Bug Type: Cross Site Scripting.
Risk Level: Low
Solution:
Update to version 4.7.x-1.5 or 5.x-1.9 or latest version.
Application: Artmedic CMS
Affected Version: Artmedic CMS 3.x
Vendor’s URL: Application download site
Bug Type: Exposure of system and sensitive information.
Risk Level: Critical
Solution:
Edit the source code or contact the developer.
Application: RunCms
Affected Version: RunCms 1.5.2
Vendor’s URL: Application download site
Bug Type: Unknown error been detected.
Risk Level: Critical
Solution:
Update to version 1.5.3 or higher.
Application: LiveAlbum
Affected Version: LiveAlbum 0.9.1
Vendor’s URL: Application download site
Bug Type: Exposure of system and sensitive information.
Risk Level: Critical
Solution:
Edit the source code or contact to developer.
Application: Stuffed Tracker
Affected Version: Stuffed Tracker 2.x
Vendor’s URL: Application download site
Bug Type: Cross Site Scripting.
Risk Level: Low
Solution:
Edit the source code or contact to developer.
Application: Minki
Affected Version: Minki 1.x
Vendor’s URL: Application download site
Bug Type: Cross Site Scripting.
Risk Level: Low
Solution:
Edit the source code or contact to developer.
Application: DbList
Affected Version: DbList 8.x
Vendor’s URL: Application download site
Bug Type: Cross Site Scripting.
Risk Level: Critical
Solution:
Edit the source code or contact to developer.
Application: DRBGuestbook
Affected Version: DRBGuestbook 1.x
Vendor’s URL: Application download site
Bug Type: Cross Site Scripting.
Risk Level: Low
Solution:
Update to version 1.1.14 or higher version.
Application: Drupal
Affected Version: Drupal Project Issue Tracking Module 4.x / 5.x
Vendor’s URL: Module download site
Bug Type: Cross Site Scripting.
Risk Level: Low
Solution:
Update to version 4.7.x-1.5, 4.7.x-2.5, or 5.x-1.1.
Application: Original Photo Gallery
Affected Version: Original Photo Gallery 0.11.2 and prior version
Vendor’s URL: Application download site
Bug Type: System access bypass remotely.
Risk Level: Critical
Solution:
Update to version 0.11.3.
Application: PHP-Nuke
Affected Version: PHP-Nuke Dance Music Module
Vendor’s URL: Module download site
Bug Type: Exposure of system and sensitive information.
Risk Level: Critical
Solution:
Edit the source code or contact module developer.
Application: SimpGB
Affected Version: SimpGB 1.x
Vendor’s URL: Application download site
Bug Type: Cross Site Scripting, Security Bypass and Exposure of sensitive information.
Risk Level: High
Solution:
Update to latest version.
Application: Simple PHP Blog
Affected Version: Simple PHP Blog 0.x
Vendor’s URL: Application download site
Bug Type: Cross Site Scripting.
Risk Level: Critical
Solution:
Update to version 0.5.1.
Application: phpBB2
Affected Version: phpBB2 Plus 1.x
Vendor’s URL: Application download site
Bug Type: Exposure of system and sensitive information.
Risk Level: High
Solution:
Update to version 1.53a released.
Application: Wordsmith
Affected Version: Wordsmith 1.x
Vendor’s URL: Application download site
Bug Type: Exposure of system and sensitive information.
Risk Level: High
Solution:
Edit the source code or contact to developer.
Application: CMS Made Simple
Affected Version: CMS Made Simple 1.x
Vendor’s URL: Application download site
Bug Type: Exposure of system information and Cross Site Scripting
Risk Level: High
Solution:
Update to version 1.1.4.1 .
Application: Php-Nuke
Affected Version: PHP-Nuke Nuke Mobile Entertainment Module
Vendor’s URL: Module download site
Bug Type: Exposure system and sensitive information
Risk Level: Low
Solution:
Edit the source code or contact to developer.
Application: PhpGedView
Affected Version: PhpGedView 4.x
Vendor’s URL: Application download site
Bug Type: Cross Site Scripting
Risk Level: Low
Solution:
Edit the source code or contact to developer.
Application: Phormer
Affected Version: Phormer 3.x
Vendor’s URL: Application download site
Bug Type: Cross Site Scripting
Risk Level: Low
Solution:
Edit the source code or contact to developer.
Application: OneCMS
Affected Version: OneCMS 2.x
Vendor’s URL: Application download site
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Edit the source code or contact to developer.