|
2012-08-01
|
|
Joomla! Component com_niceajaxpoll 1.3.0 - SQL Injection
|
4 |
WEB
|
Patrick de Brouwer
|
|
2000-08-21
|
|
PHP-Nuke 1.0/2.5 - Administrative Privileges
|
5 |
WEB
|
bruj0
|
|
2012-07-31
|
|
Dr. Web Control Center 6.00.3.201111300 - Cross-Site Scripting
|
3 |
WEB
|
Oliver Karow
|
|
2012-07-30
|
|
Symantec Web Gateway 5.0.3.18 - 'deptUploads_data.php?groupid' Blind SQL Injection
|
4 |
WEB
|
Kc57
|
|
2012-07-27
|
|
CuteFlow 2.11.2 - Arbitrary File Upload (Metasploit)
|
5 |
WEB
|
Metasploit
|
|
2012-07-24
|
|
Zabbix 2.0.1 - Session Extractor
|
5 |
WEB
|
muts
|
|
2012-07-24
|
|
WordPress Plugin Front End Upload 0.5.4.4 - Arbitrary '.PHP' File Upload
|
6 |
WEB
|
Chris Kellum
|
|
2012-07-24
|
|
Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion / Remote Command Execution
|
4 |
WEB
|
muts
|
|
2012-07-23
|
|
SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / (Authenticated) SQL Injection
|
4 |
WEB
|
dookie
|
|
2012-07-23
|
|
Alienvault Open Source SIEM (OSSIM) 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection
|
3 |
WEB
|
muts
|
|
2012-07-23
|
|
MySQL Squid Access Report 2.1.4 - HTML Injection
|
4 |
WEB
|
Daniel Godoy
|
|
2012-07-23
|
|
Symantec Web Gateway 5.0.3.18 - Blind SQL Injection Backdoor via MySQL Triggers
|
4 |
WEB
|
muts
|
|
2012-07-23
|
|
Symantec Web Gateway 5.0.2 - 'blocked.php?id' Blind SQL Injection
|
5 |
WEB
|
muts
|
|
2012-07-23
|
|
Atmail WebAdmin and Webmail Control Panel - SQL Root Password Disclosure
|
4 |
WEB
|
Ciph3r
|
|
2012-07-22
|
|
ipswitch whatsup gold 15.02 - Persistent Cross-Site Scripting / Blind SQL Injection / Remote Code Ex
|
5 |
WEB
|
muts
|
|
2012-07-22
|
|
Dell SonicWALL Scrutinizer 9.0.1 - 'statusFilter.php?q' SQL Injection
|
4 |
WEB
|
muts
|
|
2012-07-23
|
|
EGallery - Arbitrary '.PHP' File Upload (Metasploit)
|
4 |
WEB
|
Metasploit
|
|
2012-07-21
|
|
SolarWinds Orion Network Performance Monitor 10.2.2 - Multiple Vulnerabilities
|
4 |
WEB
|
muts
|
|
2012-07-21
|
|
X-Cart Gold 4.5 - 'products_map.php?symb' Cross-Site Scripting
|
4 |
WEB
|
muts
|
|
2012-07-20
|
|
iBoutique 4.0 - 'key' SQL Injection
|
4 |
WEB
|
SecPod Research
|
|
2012-07-20
|
|
PHP-Nuke module (SPChat) - SQL Injection
|
4 |
WEB
|
Yakir Wizman
|
|
2012-07-18
|
|
Nwahy Articles 2.2 - Cross-Site Request Forgery (Add Admin)
|
4 |
WEB
|
DaOne
|
|
2012-07-17
|
|
Forum Oxalis 0.1.2 - SQL Injection
|
4 |
WEB
|
Jean Pascal Pereira
|
|
2012-07-16
|
|
PBBoard CMS 2.1.4 - Multiple Vulnerabilities
|
4 |
WEB
|
Vulnerability-Lab
|
|
2012-07-16
|
|
VamCart CMS 0.9 - Multiple Vulnerabilities
|
4 |
WEB
|
Vulnerability-Lab
|
|
2012-07-16
|
|
CakePHP 2.x < 2.2.0-RC2 - XML External Entity Injection
|
4 |
WEB
|
Pawel Wylecial
|
|
2012-07-16
|
|
WordPress Theme Diary/Notebook Site5 - Email Spoofing
|
3 |
WEB
|
bwall
|
|
2012-07-16
|
|
Vivotek Cameras - Sensitive Information Disclosure
|
4 |
WEB
|
GothicX
|
|
2012-07-14
|
|
Joomla! Component com_osproperty 2.0.2 - Unrestricted Arbitrary File Upload
|
4 |
WEB
|
D4NB4R
|
|
2012-07-14
|
|
Shopware 3.5 - SQL Injection
|
4 |
WEB
|
Kataklysmos
|
|
2012-07-13
|
|
Magento eCommerce - Local File Disclosure
|
5 |
WEB
|
SEC Consult
|
|
2012-07-13
|
|
Joomla! Component com_ksadvertiser - Remote File / Bypass Upload
|
4 |
WEB
|
D4NB4R
|
|
2012-07-13
|
|
WordPress Plugin Resume Submissions & Job Postings 2.5.1 - Unrestricted Arbitrary File Upload
|
3 |
WEB
|
Chris Kellum
|
|
2012-07-13
|
|
webpagetest 2.6 - Multiple Vulnerabilities
|
6 |
WEB
|
dun
|
|
2012-07-12
|
|
Reserve Logic 1.2 Booking CMS - Multiple Vulnerabilities
|
5 |
WEB
|
Vulnerability-Lab
|
|
2012-07-12
|
|
TP-Link Gateway 3.12.4 - Multiple Vulnerabilities
|
5 |
WEB
|
Vulnerability-Lab
|
|
2012-07-12
|
|
Lc Flickr Carousel 1.0 - Local File Disclosure
|
4 |
WEB
|
GoLd_M
|
|
2012-07-12
|
|
eCan 0.1 - Local File Disclosure
|
4 |
WEB
|
GoLd_M
|
|
2012-07-12
|
|
House Style 0.1.2 - 'readfile()' Local File Disclosure
|
3 |
WEB
|
GoLd_M
|
|
2012-07-12
|
|
Hastymail 2.1.1 RC1 - Command Injection (Metasploit)
|
4 |
WEB
|
Metasploit
|
|
2012-07-10
|
|
WordPress Plugin WP-Predict 1.0 - Blind SQL Injection
|
4 |
WEB
|
Chris Kellum
|
|
2012-07-09
|
|
Umbraco CMS - Remote Command Execution (Metasploit)
|
3 |
WEB
|
Metasploit
|
|
2012-07-09
|
|
Basilic 1.5.14 - 'diff.php' Arbitrary Command Execution (Metasploit)
|
5 |
WEB
|
Metasploit
|
|
2012-07-09
|
|
Tiki Wiki CMS Groupware 8.3 - 'Unserialize()' PHP Code Execution (Metasploit)
|
4 |
WEB
|
Metasploit
|
|
2012-07-06
|
|
Webmatic 3.1.1 - Blind SQL Injection
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2012-07-06
|
|
Event Script PHP 1.1 CMS - Multiple Vulnerabilities
|
4 |
WEB
|
Vulnerability-Lab
|
|
2012-07-06
|
|
sflog! 1.00 - Multiple Vulnerabilities
|
4 |
WEB
|
dun
|
|
2012-07-05
|
|
CLscript CMS 3.0 - Multiple Vulnerabilities
|
4 |
WEB
|
Vulnerability-Lab
|
|
2012-07-05
|
|
Freeside SelfService CGI/API 2.3.3 - Multiple Vulnerabilities
|
4 |
WEB
|
Vulnerability-Lab
|
|
2012-07-05
|
|
Guestbook Scripts PHP 1.5 - Multiple Vulnerabilities
|
4 |
WEB
|
Vulnerability-Lab
|
|
2012-07-04
|
|
Webify Link Directory - SQL Injection
|
4 |
WEB
|
Daniel Godoy
|
|
2012-07-04
|
|
Tiki Wiki CMS Groupware 8.3 - 'Unserialize()' PHP Code Execution
|
4 |
WEB
|
EgiX
|
|
2012-07-04
|
|
WordPress Plugin MoodThingy Widget 0.8.7 - Blind SQL Injection
|
4 |
WEB
|
Chris Kellum
|
|
2012-07-03
|
|
phpMyBackupPro 2.2 - Local File Inclusion
|
4 |
WEB
|
dun
|
|
2012-07-03
|
|
CLscript Classified Script 3.0 - SQL Injection
|
4 |
WEB
|
Daniel Godoy
|
|
2012-07-03
|
|
gpEasy CMS Minishop 1.5 Plugin - Persistent Cross-Site Scripting
|
5 |
WEB
|
Carlos Mario Penagos Hollmann
|
|
2012-07-02
|
|
WANGKONGBAO CNS-1000 UTM IPS-FW - Directory Traversal (Metasploit)
|
5 |
WEB
|
Dillon Beresford
|
|
2012-07-02
|
|
Microsoft IIS - Short File/Folder Name Disclosure
|
3 |
WEB
|
Soroush Dalili
|
|
2012-07-02
|
|
WordPress Plugin Backup 2.0.1 - Information Disclosure
|
5 |
WEB
|
Stephan Knauss
|
|
2012-06-30
|
|
WordPress Plugin Paid Business Listings 1.0.2 - Blind SQL Injection
|
4 |
WEB
|
Chris Kellum
|
|
2012-06-29
|
|
specview 2.5 build 853 - Directory Traversal
|
4 |
WEB
|
Luigi Auriemma
|
|
2012-06-29
|
|
phpmoneybooks 1.03 - Persistent Cross-Site Scripting
|
4 |
WEB
|
chap0
|
|
2012-06-28
|
|
Openfire Server 3.6.0a - Admin Console Authentication Bypass (Metasploit)
|
4 |
WEB
|
Metasploit
|
|
2012-06-28
|
|
webERP 4.08.1 - Local/Remote File Inclusion
|
4 |
WEB
|
dun
|
|
2012-06-27
|
|
Zend Framework < 2.0.0 beta4 < 1.12 RC1 < 1.11.11 - Local File Disclosure
|
5 |
WEB
|
SEC Consult
|
|
2012-06-27
|
|
symantec Web gateway 5.0.2.8 - Multiple Vulnerabilities
|
4 |
WEB
|
S2 Crew
|
|
2012-06-26
|
|
SugarCRM CE 6.3.1 - 'Unserialize()' PHP Code Execution (Metasploit)
|
4 |
WEB
|
Metasploit
|
|
2012-06-26
|
|
WordPress Plugin Website FAQ 1.0 - SQL Injection
|
4 |
WEB
|
Chris Kellum
|
|
2012-06-25
|
|
WordPress Plugin Fancy Gallery 1.2.4 - Arbitrary File Upload
|
4 |
WEB
|
Sammy FORGIT
|
|
2012-06-25
|
|
Parodia 6.8 - 'employer-profile.asp' SQL Injection
|
3 |
WEB
|
Carlos Mario Penagos Hollmann
|
|
2012-06-24
|
|
UCCASS 1.8.1 - Blind SQL Injection
|
4 |
WEB
|
dun
|
|
2012-06-23
|
|
SugarCRM CE 6.3.1 - 'Unserialize()' PHP Code Execution
|
3 |
WEB
|
EgiX
|
|
2012-06-22
|
|
SoftPerfect Bandwidth Manager 2.9.10 - Authentication Bypass
|
4 |
WEB
|
Gitsnik
|
|
2012-06-22
|
|
LimeSurvey 1.92+ build120620 - Multiple Vulnerabilities
|
4 |
WEB
|
dun
|
|
2012-06-22
|
|
agora project 2.13.1 - Multiple Vulnerabilities
|
4 |
WEB
|
Chris Russell
|
|
2012-06-21
|
|
Commentics 2.0 - Multiple Vulnerabilities
|
3 |
WEB
|
Jean Pascal Pereira
|
|
2012-06-21
|
|
traq 2.3.5 - Multiple Vulnerabilities
|
4 |
WEB
|
AkaStep
|
|
2012-06-21
|
|
IBM System Storage DS Storage Manager Profiler - Multiple Vulnerabilities
|
5 |
WEB
|
LiquidWorm
|
|
2012-06-20
|
|
WordPress Plugin Schreikasten 0.14.13 - Cross-Site Scripting
|
5 |
WEB
|
Henry Hoggard
|
|
2012-06-19
|
|
iBoutique eCommerce 4.0 - Multiple Web Vulnerabilities
|
5 |
WEB
|
Vulnerability-Lab
|
|
2012-06-18
|
|
MyTickets 1.x < 2.0.8 - Blind SQL Injection
|
4 |
WEB
|
al-swisre
|
|
2012-06-18
|
|
QNAP Turbo NAS 3.6.1 Build 0302T - Multiple Vulnerabilities
|
4 |
WEB
|
Sense of Security
|
|
2012-06-16
|
|
iScripts EasyCreate 2.0 - Multiple Vulnerabilities
|
4 |
WEB
|
Vulnerability-Lab
|
|
2012-06-16
|
|
Nuked Klan SP CMS 4.5 - SQL Injection
|
4 |
WEB
|
Vulnerability-Lab
|
|
2012-06-16
|
|
WordPress Plugin Automatic 2.0.3 - SQL Injection
|
4 |
WEB
|
nick58
|
|
2012-06-16
|
|
Huawei HG866 - Authentication Bypass
|
3 |
WEB
|
hkm
|
|
2012-06-16
|
|
News Script PHP 1.2 - Multiple Vulnerabilities
|
4 |
WEB
|
Vulnerability-Lab
|
|
2012-06-16
|
|
PHP Decoda 3.3.1 - Local File Inclusion
|
4 |
WEB
|
Number 7
|
|
2012-06-16
|
|
webo site speedup 1.6.1 - Multiple Vulnerabilities
|
4 |
WEB
|
dun
|
|
2012-06-15
|
|
Useresponse 1.0.2 - Privilege Escalation / Remote Code Execution
|
3 |
WEB
|
mr_me
|
|
2012-06-14
|
|
qdPM 7 - Arbitrary File upload
|
4 |
WEB
|
loneferret
|
|
2012-06-14
|
|
Squirrelcart Cart Shop 3.3.4 - Multiple Web Vulnerabilities
|
4 |
WEB
|
Vulnerability-Lab
|
|
2012-06-14
|
|
Swoopo Gold Shop CMS 8.4.56 - Multiple Web Vulnerabilities
|
4 |
WEB
|
Vulnerability-Lab
|
|
2012-06-14
|
|
Cells Blog CMS 1.1 - Multiple Web Vulnerabilities
|
5 |
WEB
|
Vulnerability-Lab
|
|
2012-06-14
|
|
Myre Real Estate Mobile 2012 - Multiple Vulnerabilities
|
4 |
WEB
|
Vulnerability-Lab
|
|
2012-06-13
|
|
WordPress Plugin Foxypress - 'Uploadify.php' Arbitrary Code Execution (Metasploit)
|
4 |
WEB
|
Metasploit
|
|
2012-06-13
|
|
WordPress Plugin Foxypress - 'Uploadify.php' Arbitrary Code Execution (Metasploit)
|
4 |
WEB
|
Metasploit
|
|
2012-06-12
|
|
Symantec Web Gateway 5.0.2.8 - 'ipchange.php' Command Injection (Metasploit)
|
5 |
WEB
|
Metasploit
|
|
2012-06-11
|
|
TheBlog 2.0 - Multiple Vulnerabilities
|
4 |
WEB
|
WhiteCollarGroup
|
|
2012-06-11
|
|
Agora-Project 2.12.11 - Arbitrary File Upload
|
4 |
WEB
|
Misa3l
|
|
2012-06-11
|
|
WordPress Plugin Custom Content Type Manager 0.9.5.13-pl - Arbitrary File Upload
|
4 |
WEB
|
Adrien Thierry
|
|
2012-06-11
|
|
WordPress Plugin drag and drop file upload 0.1 - Arbitrary File Upload
|
4 |
WEB
|
Adrien Thierry
|
|
2012-06-11
|
|
WordPress Plugin Mac Photo Gallery 2.7 - Arbitrary File Upload
|
4 |
WEB
|
Adrien Thierry
|
|
2012-06-11
|
|
WordPress Plugin Pica Photo Gallery 1.0 - Arbitrary File Upload
|
4 |
WEB
|
Adrien Thierry
|
|
2012-06-11
|
|
WordPress Plugin SfBrowser 1.4.5 - Arbitrary File Upload
|
4 |
WEB
|
Adrien Thierry
|
|
2012-06-11
|
|
WordPress Plugin Top Quark Architecture 2.10 - Arbitrary File Upload
|
4 |
WEB
|
Adrien Thierry
|
|
2012-06-11
|
|
WordPress Plugin User Meta 1.1.1 - Arbitrary File Upload
|
4 |
WEB
|
Adrien Thierry
|
|
2012-06-11
|
|
ClanSuite 2.9 - Arbitrary File Upload
|
4 |
WEB
|
Adrien Thierry
|
|
2012-06-11
|
|
WordPress Plugin wp-gpx-map 1.1.21 - Arbitrary File Upload
|
4 |
WEB
|
Adrien Thierry
|
|
2012-06-10
|
|
Symantec Web Gateway 5.0.2.8 - Arbitrary '.PHP' File Upload (Metasploit)
|
4 |
WEB
|
Metasploit
|
|
2012-06-10
|
|
WordPress Plugin Content Flow 3D 1.0.0 - Arbitrary File Upload
|
5 |
WEB
|
g11tch
|
|
2012-06-10
|
|
freepost 0.1 r1 - Multiple Vulnerabilities
|
4 |
WEB
|
ThE g0bL!N
|
|
2012-06-10
|
|
Webspell dailyinput Movie Addon 4.2.x - SQL Injection
|
4 |
WEB
|
Easy Laster
|
|
2012-06-08
|
|
phpAcounts 0.5.3 - SQL Injection
|
4 |
WEB
|
loneferret
|
|
2012-06-08
|
|
WordPress Plugin wpStoreCart 2.5.27-2.5.29 - Arbitrary File Upload
|
4 |
WEB
|
Sammy FORGIT
|
|
2012-06-08
|
|
WordPress Plugin TinyMCE Thumbnail Gallery 1.0.7 - Remote File Disclosure
|
4 |
WEB
|
Sammy FORGIT
|
|
2012-06-08
|
|
WordPress Plugin Thinkun Remind 1.1.3 - Remote File Disclosure
|
4 |
WEB
|
Sammy FORGIT
|
|
2012-06-08
|
|
WordPress Plugin Simple Download Button ShortCode 1.0 - Remote File Disclosure
|
4 |
WEB
|
Sammy FORGIT
|
|
2012-06-08
|
|
WordPress Plugin RBX Gallery 2.1 - Arbitrary File Upload
|
4 |
WEB
|
Sammy FORGIT
|
|
2012-06-08
|
|
WordPress Plugin NewsLetter 1.5 - Remote File Disclosure
|
4 |
WEB
|
Sammy FORGIT
|
|
2012-06-08
|
|
WordPress Plugin PICA Photo Gallery 1.0 - Remote File Disclosure
|
4 |
WEB
|
Sammy FORGIT
|
|
2012-06-08
|
|
WordPress Plugin Easy Contact Forms Export 1.1.0 - Information Disclosure
|
4 |
WEB
|
Sammy FORGIT
|
|
2012-06-08
|
|
WordPress Plugin Front File Manager 0.1 - Arbitrary File Upload
|
4 |
WEB
|
Adrien Thierry
|
|
2012-06-08
|
|
Webspell FIRSTBORN Movie-Addon - Blind SQL Injection
|
4 |
WEB
|
Easy Laster
|
|
2012-06-07
|
|
WordPress Plugin Omni Secure Files 0.1.13 - Arbitrary File Upload
|
4 |
WEB
|
Adrien Thierry
|
