|
2017-12-11
|
|
Professional Service Script 1.0 - 'service-list?city' SQL Injection
|
27 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
PHP Multivendor Ecommerce 1.0 - 'sid' / 'searchcat' / 'chid1' SQL Injection
|
31 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Opensource Classified Ads Script 3.2 - SQL Injection
|
34 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Online Exam Test Application Script 1.6 - 'exams.php?sort' SQL Injection
|
29 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Multivendor Penny Auction Clone Script 1.0 - SQL Injection
|
32 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Lawyer Search Script 1.1 - 'lawyer-list?city' SQL Injection
|
39 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Laundry Booking Script 1.0 - 'list?city' SQL Injection
|
33 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Secure E-commerce Script 2.0.1 - 'searchcat' / 'searchmain' SQL Injection
|
31 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Kickstarter Clone Acript 2.0 - 'projid' SQL Injection
|
30 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Foodspotting Clone Script 1.0 - 'quicksearch.php?q' SQL Injection
|
28 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Hot Scripts Clone 3.1 - 'subctid' / 'mctid' SQL Injection
|
31 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Freelance Website Script 2.0.6 - 'pr_id' / 'catid' SQL Injection
|
28 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Yoga Class Script 1.0 - 'list?city' SQL Injection
|
36 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Food Order Script 1.0 - 'list?city' SQL Injection
|
32 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Facebook Clone Script 1.0 - 'id' / 'send' SQL Injection
|
32 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Event Calendar Category Script 1.0 - 'city' SQL Injection
|
32 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Entrepreneur Dating Script 2.0.1 - 'marital' / 'gender' / 'country' / 'profileid' SQL Injection
|
30 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
E-commerce MLM Software 1.0 - SQL Injection
|
27 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Doctor Search Script 1.0 - 'city' SQL Injection
|
28 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Entrepreneur Job Portal Script 2.0.6 - 'jobsearch_all.php?rid1' SQL Injection
|
31 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Consumer Complaints Clone Script 1.0 - 'id' SQL Injection
|
29 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Co-work Space Search Script 1.0 - 'city' SQL Injection
|
26 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
CMS Auditor Website 1.0 - SQL Injection
|
32 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Child Care Script 1.0 - 'city' SQL Injection
|
37 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Chartered Accountant Booking Script 1.0 - 'city' SQL Injection
|
32 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Cab Booking Script 1.0 - 'city' SQL Injection
|
28 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Nearbuy Clone Script 3.2 - 'search' SQL Injection
|
31 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
Beauty Parlour Booking Script 1.0 - 'gender' / 'city' SQL Injection
|
30 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
Basic B2B Script 2.0.8 - 'product_details.php?id' SQL Injection
|
28 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
Affiliate MLM Script 1.0 - 'product-category.php?key' SQL Injection
|
30 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
Advance Online Learning Management Script 3.1 - 'subcatid' / 'popcourseid' SQL Injection
|
30 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
Advance B2B Script 2.1.3 - 'show_id' / 'pid' SQL Injection
|
30 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Foodpanda Clone 1.0 - SQL Injection
|
28 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Expedia Clone 1.0 - 'fl_orig' / 'fl_dest' / 'id' SQL Injection
|
30 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Trademe Clone 1.0 - 'search' / 'id' SQL Injection
|
29 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Amazon Clone 1.0 - SQL Injection
|
31 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Care Clone 1.0 - 'jobFrequency' / 'jobType' SQL Injection
|
28 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Crowdfunding Script 1.0 - 'latest_news_details.php?id' SQL Injection
|
33 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Ebay Clone 1.0 - 'id' / 'sub_category_id' / 'category_id' SQL Injection
|
31 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Freelancer Clone 1.0 - 'profile.php?u' SQL Injection
|
30 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Gigs Script 1.0 - 'cat' / 'sc' SQL Injection
|
32 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Groupon Clone 1.0 - 'id' SQL Injection
|
33 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Grubhub Clone 1.0 - 'keywords' SQL Injection
|
29 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS IMDB Clone 1.0 - 'f' / 's' / 'id' SQL Injection
|
28 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Indiamart Clone 1.0 - 'token' / 'id' / 'c' SQL Injection
|
30 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Linkedin Clone 1.0 - 'grid' / 'fid' / 'id' SQL Injection
|
32 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
FS Makemytrip Clone 1.0 - 'fl_orig' / 'fl_dest' SQL Injection
|
32 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
FS Monster Clone 1.0 - 'Employer_Details.php?id' SQL Injection
|
35 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
FS Olx Clone 1.0 - 'scat' / 'pid' SQL Injection
|
32 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
FS Quibids Clone 1.0 - SQL Injection
|
28 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
FS Shutterstock Clone 1.0 - 'keywords' SQL Injection
|
31 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
FS Stackoverflow Clone 1.0 - 'keywords' SQL Injection
|
32 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
FS Thumbtack Clone 1.0 - 'cat' / 'sc' SQL Injection
|
29 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Realestate Crowdfunding Script 2.7.2 - 'pid' SQL Injection
|
26 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Website Auction Marketplace 2.0.5 - 'cat_id' SQL Injection
|
28 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Simple Chatting System 1.0.0 - Arbitrary File Upload
|
26 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
DomainSale PHP Script 1.0 - 'id' SQL Injection
|
36 |
WEB
|
Ihsan Sencan
|
|
2017-12-07
|
|
OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting
|
39 |
WEB
|
SEC Consult
|
|
2017-12-07
|
|
OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting
|
31 |
WEB
|
SEC Consult
|
|
2017-12-07
|
|
FS Facebook Clone - 'token' SQL Injection
|
32 |
WEB
|
Dan°
|
|
2017-12-07
|
|
FS IMDB Clone - 'id' SQL Injection
|
28 |
WEB
|
Dan°
|
|
2017-12-06
|
|
FS Shaadi Clone - 'token' SQL Injection
|
37 |
WEB
|
Dan°
|
|
2017-12-06
|
|
WinduCMS 3.1 - Local File Disclosure
|
34 |
WEB
|
Maciek Krupa
|
|
2017-12-06
|
|
FS Makemytrip Clone - 'id' SQL Injection
|
30 |
WEB
|
Dan°
|
|
2017-12-05
|
|
Readymade Classifieds Script 1.0 - SQL Injection
|
33 |
WEB
|
Ihsan Sencan
|
|
2017-12-05
|
|
Techno Portfolio Management Panel - 'id' SQL Injection
|
33 |
WEB
|
Ihsan Sencan
|
|
2017-12-05
|
|
Perspective ICM Investigation & Case 5.1.1.16 - Privilege Escalation
|
30 |
WEB
|
Konstantinos Alexiou
|
|
2017-12-01
|
|
Artica Web Proxy 3.06 - Remote Code Execution
|
35 |
WEB
|
hyp3rlinx
|
|
2017-12-01
|
|
MistServer 2.12 - Cross-Site Scripting
|
31 |
WEB
|
hyp3rlinx
|
|
2017-11-30
|
|
Jobs2Careers / Coroflot Clone - SQL Injection
|
34 |
WEB
|
8bitsec
|
|
2017-11-28
|
|
WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal
|
39 |
WEB
|
Fu2x2000
|
|
2017-11-11
|
|
osCommerce 2.3.4.1 - Arbitrary File Upload
|
35 |
WEB
|
Simon Scannell
|
|
2017-11-28
|
|
Synology StorageManager 5.2 - Root Remote Command Execution
|
28 |
WEB
|
SecuriTeam
|
|
2017-11-27
|
|
ZTE ZXDSL 831CII - Improper Access Restrictions
|
30 |
WEB
|
Ibad Shah
|
|
2017-11-15
|
|
CommuniGatePro 6.1.16 - Cross-Site Scripting
|
31 |
WEB
|
Boumediene KADDOUR
|
|
2017-11-17
|
|
Icon Time Systems RTC-1000 Firmware 2.5.7458 - Cross-Site Scripting
|
26 |
WEB
|
Keith Thome
|
|
2017-11-16
|
|
Zeta Components Mail 1.8.1 - Remote Code Execution
|
36 |
WEB
|
MalwareBenchmark
|
|
2017-11-16
|
|
Vonage VDV23 - Cross-Site Scripting
|
33 |
WEB
|
Nu11By73
|
|
2017-11-16
|
|
LanSweeper 6.0.100.75 - Cross-Site Scripting
|
32 |
WEB
|
Miguel Mendez Z
|
|
2017-11-16
|
|
TP-Link TL-WR740N - Cross-Site Scripting
|
30 |
WEB
|
bl00dy
|
|
2017-03-26
|
|
D-Link DCS-936L Network Camera - Cross-Site Request Forgery
|
28 |
WEB
|
SlidingWindow
|
|
2017-11-13
|
|
Kirby CMS < 2.5.7 - Cross-Site Scripting
|
29 |
WEB
|
Ishaq Mohammed
|
|
2017-11-13
|
|
Web Viewer 1.0.0.193 (Samsung SRN-1670D) - Unrestricted File Upload
|
27 |
WEB
|
0xFFFFFF
|
|
2017-11-11
|
|
MyBB 1.8.13 - Cross-Site Scripting
|
25 |
WEB
|
Pabstersac
|
|
2017-11-11
|
|
MyBB 1.8.13 - Remote Code Execution
|
29 |
WEB
|
Pabstersac
|
|
2017-11-07
|
|
ManageEngine Applications Manager 13 - SQL Injection
|
33 |
WEB
|
Cody Sixteen
|
|
2017-11-07
|
|
pfSense 2.3.1_1 - Command Execution
|
29 |
WEB
|
s4squatch
|
|
2017-11-03
|
|
Logitech Media Server 7.9.0 - 'Radio URL' Cross-Site Scripting
|
31 |
WEB
|
Dewank Pant
|
|
2017-11-03
|
|
Logitech Media Server 7.9.0 - 'favorites' Cross-Site Scripting
|
30 |
WEB
|
Dewank Pant
|
|
2017-11-04
|
|
WordPress Plugin Userpro < 4.9.17.1 - Authentication Bypass
|
30 |
WEB
|
Colette Chamberland
|
|
2017-05-17
|
|
Oracle PeopleSoft Enterprise PeopleTools < 8.55 - Remote Code Execution Via Blind XML External Entit
|
32 |
WEB
|
Charles Fol
|
|
2017-11-03
|
|
Ladon Framework for Python 0.9.40 - XML External Entity Expansion
|
27 |
WEB
|
RedTeam Pentesting
|
|
2017-11-03
|
|
WordPress Plugin JTRT Responsive Tables 4.1 - SQL Injection
|
30 |
WEB
|
Lenon Leite
|
|
2017-11-01
|
|
Ingenious School Management System 2.3.0 - 'friend_index' SQL injection
|
30 |
WEB
|
Giulio Comi
|
|
2017-11-01
|
|
OctoberCMS 1.0.426 (Build 426) - Cross-Site Request Forgery
|
30 |
WEB
|
Zain Sabahat
|
|
2017-10-30
|
|
Oracle Java SE - Web Start jnlp XML External Entity Processing Information Disclosure
|
30 |
WEB
|
mr_me
|
|
2017-10-30
|
|
Ingenious 2.3.0 - Arbitrary File Upload
|
25 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
D-Park Pro 1.0 - SQL Injection
|
31 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Adult Script Pro 2.2.4 - SQL Injection
|
31 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Article Directory Script 3.0 - 'id' SQL Injection
|
30 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
iProject Management System 1.0 - 'ID' SQL Injection
|
25 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
iStock Management System 1.0 - Arbitrary File Upload
|
32 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
iTech Gigs Script 1.21 - SQL Injection
|
26 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Job Board Script - 'nice_theme' SQL Injection
|
29 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Joomla! Component NS Download Shop 2.2.6 - 'id' SQL Injection
|
31 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Joomla! Component Zh YandexMap 6.1.1.0 - 'placemarklistid' SQL Injection
|
29 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Mailing List Manager Pro 3.0 - SQL Injection
|
26 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
MyBuilder Clone 1.0 - 'subcategory' SQL Injection
|
29 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
PG All Share Video 1.0 - SQL Injection
|
25 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
PHP CityPortal 2.0 - SQL Injection
|
28 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Same Sex Dating Software Pro 1.0 - SQL Injection
|
24 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
SoftDatepro Dating Social Network 1.3 - SQL Injection
|
29 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Sokial Social Network Script 1.0 - SQL Injection
|
27 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
tPanel 2009 - Authentication Bypass
|
24 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Vastal I-Tech Dating Zone 0.9.9 - 'product_id' SQL Injection
|
26 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
ZeeBuddy 2x - 'groupid' SQL Injection
|
27 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Protected Links - SQL Injection
|
28 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
AROX School ERP PHP Script - 'id' SQL Injection
|
27 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Shareet - 'photo' SQL Injection
|
22 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
US Zip Codes Database - 'state' SQL Injection
|
24 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Newspaper 1.0 - SQL Injection
|
24 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
News 1.0 - SQL Injection
|
22 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
MyMagazine 1.0 - 'id' SQL Injection
|
27 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
CmsLite 1.4 - 'S' SQL Injection
|
25 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Basic B2B Script - SQL Injection
|
24 |
WEB
|
Ihsan Sencan
|
