|
2011-09-08
|
|
WordPress Plugin 1 Flash Gallery 1.30 < 1.5.7a - Arbitrary File Upload (Metasploit)
|
5 |
WEB
|
Ben Schmidt
|
|
2011-09-08
|
|
AM4SS 1.2 - Cross-Site Request Forgery (Add Admin)
|
4 |
WEB
|
red virus
|
|
2011-09-08
|
|
WordPress Plugin Community Events 1.2.1 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-09-08
|
|
WordPress Plugin Paid Downloads 2.01 - SQL Injection
|
5 |
WEB
|
Miroslav Stampar
|
|
2011-09-07
|
|
WordPress Plugin Eventify - Simple Events 1.7.f SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-09-07
|
|
WordPress Plugin SCORM Cloud 1.0.6.6 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-09-06
|
|
PlaySms 0.9.5.2 - Remote File Inclusion
|
5 |
WEB
|
NoGe
|
|
2011-09-06
|
|
WordPress Plugin KNR Author List Widget 2.0.0 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-09-06
|
|
WordPress Plugin post highlights 2.2 - SQL Injection
|
3 |
WEB
|
Miroslav Stampar
|
|
2011-09-06
|
|
WordPress Plugin Tweet Old Post 3.2.5 - SQL Injection
|
5 |
WEB
|
sherl0ck_
|
|
2011-09-05
|
|
Webmobo WB News System - Blind SQL Injection
|
4 |
WEB
|
Eyup CELIK
|
|
2011-09-05
|
|
Elite Gaming Ladders 3.6 - SQL Injection
|
4 |
WEB
|
J.O
|
|
2011-09-05
|
|
WordPress Plugin oQey Gallery 0.4.8 - SQL Injection
|
5 |
WEB
|
Miroslav Stampar
|
|
2011-09-04
|
|
WordPress Plugin Zotpress 4.4 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-09-03
|
|
openads-2.0.11 - Remote File Inclusion
|
5 |
WEB
|
HaCkErS eV!L
|
|
2011-09-03
|
|
WordPress Plugin Facebook Opengraph Meta 1.0 - SQL Injection
|
6 |
WEB
|
Miroslav Stampar
|
|
2011-09-02
|
|
WordPress Plugin VideoWhisper Video Presentation 1.1 - SQL Injection
|
5 |
WEB
|
Miroslav Stampar
|
|
2011-09-01
|
|
WordPress Plugin SearchAutocomplete 1.0.8 - SQL Injection
|
5 |
WEB
|
Miroslav Stampar
|
|
2011-09-01
|
|
NetSaro Enterprise Messenger 2.0 - Multiple Vulnerabilities
|
4 |
WEB
|
Narendra Shinde
|
|
2011-09-01
|
|
WordPress Plugin Bannerize 2.8.6 - SQL Injection
|
3 |
WEB
|
Miroslav Stampar
|
|
2011-09-01
|
|
WordPress Plugin Donation 1.0 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-31
|
|
WordPress Plugin image Gallery with Slideshow 1.5 - Multiple Vulnerabilities
|
4 |
WEB
|
Hrvoje Spoljar
|
|
2011-08-31
|
|
WordPress Plugin grapefile 1.1 - Arbitrary File Upload
|
4 |
WEB
|
Hrvoje Spoljar
|
|
2011-08-30
|
|
WordPress Plugin Couponer 1.2 - SQL Injection
|
3 |
WEB
|
Miroslav Stampar
|
|
2011-08-30
|
|
WordPress Plugin PureHTML 1.0.0 - SQL Injection
|
3 |
WEB
|
Miroslav Stampar
|
|
2011-08-30
|
|
WordPress Plugin yolink Search 1.1.4 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-30
|
|
WordPress Plugin Audio Gallery Playlist 0.12 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-30
|
|
WordPress Plugin Crawl Rate Tracker 2.0.2 - SQL Injection
|
5 |
WEB
|
Miroslav Stampar
|
|
2011-08-30
|
|
FileBox File Hosting & Sharing Script 1.5 - SQL Injection
|
4 |
WEB
|
SubhashDasyam
|
|
2011-08-30
|
|
vAuthenticate 3.0.1 - Authentication Bypass
|
5 |
WEB
|
bd0rk
|
|
2011-08-30
|
|
WordPress Plugin Event Registration 5.4.3 - SQL Injection
|
3 |
WEB
|
Miroslav Stampar
|
|
2011-08-30
|
|
WordPress Plugin Advertizer 1.0 - SQL Injection
|
2 |
WEB
|
Miroslav Stampar
|
|
2011-08-29
|
|
WordPress Plugin iCopyright(R) Article Tools 1.1.4 - SQL Injection
|
5 |
WEB
|
Miroslav Stampar
|
|
2011-08-29
|
|
WordPress Plugin SH Slideshow 3.1.4 - SQL Injection
|
5 |
WEB
|
Miroslav Stampar
|
|
2011-08-28
|
|
LifeSize Room - Command Injection (Metasploit)
|
5 |
WEB
|
Spencer McIntyre
|
|
2011-08-28
|
|
Omnistar Mailer - Multiple Vulnerabilities
|
4 |
WEB
|
Sid3^effects
|
|
2011-08-28
|
|
WordPress Plugin mySTAT 2.6 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-28
|
|
WordPress Plugin Profiles 2.0 RC1 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-28
|
|
WordPress Plugin Evarisk 5.1.3.6 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-28
|
|
WordPress Plugin Facebook Promotions 1.3.3 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-28
|
|
Joomla! Component mod_simpleFileLister 1.0 - Directory Traversal
|
5 |
WEB
|
evilsocket
|
|
2011-08-28
|
|
Joomla! Component joomlacontenteditor 2.0.10 - Multiple Vulnerabilities
|
6 |
WEB
|
AmnPardaz
|
|
2011-08-28
|
|
Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities
|
5 |
WEB
|
AmnPardaz
|
|
2011-08-27
|
|
WordPress Plugin Photoracer 1.0 - Multiple Vulnerabilities
|
5 |
WEB
|
Yakir Wizman
|
|
2011-08-27
|
|
WordPress Plugin oQey Headers 0.3 - SQL Injection
|
5 |
WEB
|
Miroslav Stampar
|
|
2011-08-27
|
|
WordPress Plugin Collision Testimonials 3.0 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-27
|
|
WordPress Plugin Super CAPTCHA 2.2.4 - SQL Injection
|
5 |
WEB
|
Miroslav Stampar
|
|
2011-08-27
|
|
WordPress Plugin MM Forms Community 1.2.3 - SQL Injection
|
5 |
WEB
|
Miroslav Stampar
|
|
2011-08-27
|
|
WordPress Plugin Js-appointment 1.5 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-26
|
|
Jcow Social Networking Script 4.2 < 5.2 - Arbitrary Code Execution (Metasploit)
|
4 |
WEB
|
Aung Khant
|
|
2011-08-26
|
|
WordPress Plugin Photoracer 1.0 - SQL Injection
|
4 |
WEB
|
evilsocket
|
|
2011-08-25
|
|
WordPress Plugin SendIt 1.5.9 - Blind SQL Injection
|
5 |
WEB
|
evilsocket
|
|
2011-08-24
|
|
Help Desk Software 1.1g - Cross-Site Request Forgery (Add Admin)
|
4 |
WEB
|
G13
|
|
2011-08-23
|
|
ManageEngine ServiceDesk Plus 8.0 - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
LiquidWorm
|
|
2011-08-22
|
|
Redlab CMS - Multiple SQL Injections
|
4 |
WEB
|
tempe_mendoan
|
|
2011-08-22
|
|
DV Cart Shopping Cart software - SQL Injection
|
4 |
WEB
|
Eyup CELIK
|
|
2011-08-22
|
|
Bonza Digital Cart Script - SQL Injection
|
4 |
WEB
|
Eyup CELIK
|
|
2011-08-22
|
|
Web Solutions Wcs2u - SQL Injection
|
4 |
WEB
|
tempe_mendoan
|
|
2011-08-22
|
|
WordPress Plugin MM Duplicate 1.2 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-21
|
|
OneFileCMS 1.1.1 - Multiple Vulnerabilities
|
4 |
WEB
|
mr.pr0n
|
|
2011-08-21
|
|
EasySiteEdit - Remote File Inclusion
|
4 |
WEB
|
koskesh jakesh
|
|
2011-08-20
|
|
WordPress Plugin UnGallery 1.5.8 - Local File Disclosure
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-20
|
|
Axis Commerce (E-Commerce System) - Persistent Cross-Site Scripting
|
4 |
WEB
|
Eyup CELIK
|
|
2011-08-20
|
|
WordPress Plugin Block-Spam-By-Math-Reloaded - Bypass
|
4 |
WEB
|
Tiago Ferreira & Heyder Andrade
|
|
2011-08-19
|
|
Oracle Secure Backup - Authentication Bypass/Command Injection (Metasploit)
|
4 |
WEB
|
Metasploit
|
|
2011-08-19
|
|
PHPMyRealty 1.0.7 - SQL Injection
|
4 |
WEB
|
H4T$A
|
|
2011-08-19
|
|
network tracker .95 - Persistent Cross-Site Scripting
|
3 |
WEB
|
G13
|
|
2011-08-18
|
|
WordPress Plugin Menu Creator 1.1.7 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-18
|
|
WordPress Plugin Allow PHP in Posts and Pages 2.0.0.RC1 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-18
|
|
WordPress Plugin Global Content Blocks 1.2 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-18
|
|
WordPress Plugin Ajax Gallery 3.0 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-18
|
|
Elgg 1.7.10 - Multiple Vulnerabilities
|
4 |
WEB
|
Aung Khant
|
|
2011-08-18
|
|
WordPress Plugin Forum 1.7.8 - SQL Injection
|
3 |
WEB
|
Miroslav Stampar
|
|
2011-08-18
|
|
WordPress Plugin DS FAQ 1.3.2 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-17
|
|
Contrexx ShopSystem 2.2 SP3 - 'catId' Blind SQL Injection
|
4 |
WEB
|
Penguin
|
|
2011-08-17
|
|
WordPress Plugin OdiHost NewsLetter 1.0 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-17
|
|
WordPress Plugin Easy Contact Form Lite 1.0.7 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-17
|
|
WordPress Plugin Symposium 0.64 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-17
|
|
WordPress Plugin Contus HD FLV Player 1.3 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-17
|
|
WordPress Plugin File Groups 1.1.2 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-17
|
|
SoftwareDEP Classified Script 2.5 - SQL Injection (1)
|
4 |
WEB
|
v3n0m
|
|
2011-08-17
|
|
Joomla! Component JoomTouch 1.0.2 - Local File Inclusion
|
4 |
WEB
|
NoGe
|
|
2011-08-16
|
|
WordPress Plugin IP-Logger 3.0 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-14
|
|
Contrexx ShopSystem 2.2 SP3 - Blind SQL Injection
|
4 |
WEB
|
Penguin
|
|
2011-08-14
|
|
Prediction Football 2.51 - Cross-Site Request Forgery
|
5 |
WEB
|
Smith Falcon
|
|
2011-08-13
|
|
Mambo 4.6.x < 4.6.5 - SQL Injection
|
4 |
WEB
|
Aung Khant
|
|
2011-08-13
|
|
Kahf Poems 1.0 - Multiple Vulnerabilities
|
4 |
WEB
|
Yassin Aboukir
|
|
2011-08-13
|
|
VideoDB 3.1.0 - SQL Injection
|
5 |
WEB
|
seceurityoverun
|
|
2011-08-11
|
|
Adobe RoboHelp 9 - DOM Cross-Site Scripting
|
5 |
WEB
|
Roberto Suggi Liverani
|
|
2011-08-09
|
|
Joomla! Component Search 3.0.0 - SQL Injection
|
5 |
WEB
|
NoGe
|
|
2011-08-09
|
|
FCKEditor Core - 'FileManager test.html' Arbitrary File Upload (2)
|
4 |
WEB
|
pentesters.ir
|
|
2011-08-09
|
|
BlogPHP 2.0 - Persistent Cross-Site Scripting
|
3 |
WEB
|
Paulzz
|
|
2011-08-08
|
|
XpressEngine 1.4.5.7 - Persistent Cross-Site Scripting
|
4 |
WEB
|
v0nSch3lling
|
|
2011-08-07
|
|
Simple Machines Forum (SMF) 2.0 - Session Hijacking
|
4 |
WEB
|
seth
|
|
2011-08-06
|
|
Cart Software - Multiple Vulnerabilities
|
6 |
WEB
|
hosinn
|
|
2011-08-06
|
|
ATutor 2.0.2 - Multiple Vulnerabilities
|
4 |
WEB
|
LiquidWorm
|
|
2011-08-06
|
|
AChecker 1.2 - Multiple Error-Based SQL Injection Vulnerabilities
|
4 |
WEB
|
LiquidWorm
|
|
2011-08-06
|
|
acontent 1.1 - Multiple Vulnerabilities
|
4 |
WEB
|
LiquidWorm
|
|
2011-08-06
|
|
WordPress Plugin Media Library Categories 1.0.6 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-06
|
|
WordPress Plugin UPM Polls 1.0.3 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-05
|
|
WordPress Plugin Social Slider 5.6.5 - SQL Injection
|
4 |
WEB
|
Miroslav Stampar
|
|
2011-08-05
|
|
WordPress Plugin ProPlayer 4.7.7 - SQL Injection
|
3 |
WEB
|
Miroslav Stampar
|
|
2011-08-05
|
|
Sun/Oracle GlassFish Server - (Authenticated) Code Execution (Metasploit)
|
4 |
WEB
|
Metasploit
|
|
2011-08-05
|
|
WordPress Plugin E-Commerce 3.8.4 - SQL Injection
|
4 |
WEB
|
IHTeam
|
|
2011-08-04
|
|
DZYGroup CMS Portal - Multiple SQL Injections
|
5 |
WEB
|
Netrondoank
|
|
2011-08-03
|
|
Joomla! Component com_jdirectory - SQL Injection
|
4 |
WEB
|
Caddy Dz
|
|
2011-08-03
|
|
WordPress Plugin TimThumb 1.32 - Remote Code Execution
|
5 |
WEB
|
MaXe
|
|
2011-08-02
|
|
SiteGenius - Blind SQL Injection
|
5 |
WEB
|
AutoRUN & dR.sqL
|
|
2011-08-02
|
|
MyBB MyTabs Plugin - SQL Injection
|
5 |
WEB
|
AutoRUN & dR.sqL
|
|
2011-08-01
|
|
CA Arcserve D2D GWT RPC - Credential Information Disclosure (Metasploit)
|
5 |
WEB
|
Metasploit
|
|
2011-08-01
|
|
ZoneMinder 1.24.3 - Remote File Inclusion
|
3 |
WEB
|
iye
|
|
2011-08-01
|
|
CMSPro! 2.08 - Cross-Site Request Forgery
|
4 |
WEB
|
Xadpritox
|
|
2011-07-31
|
|
Joomla! Component obSuggest - Local File Inclusion
|
3 |
WEB
|
v3n0m
|
|
2011-07-31
|
|
Digital Scribe 1.5 - register_form()' Multiple POST Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
LiquidWorm
|
|
2011-07-30
|
|
Link Station Pro - Multiple Vulnerabilities
|
4 |
WEB
|
$#4d0\/\/[r007k17]
|
|
2011-07-29
|
|
ManageEngine ServiceDesk Plus 8.0 Build 8013 - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Narendra Shinde
|
|
2011-07-29
|
|
cFTP 0.1 - 'r80' Arbitrary File Upload
|
4 |
WEB
|
leviathan
|
|
2011-07-28
|
|
Joomla! Component com_virtuemart 1.1.7/1.5 - Blind SQL Injection (Metasploit)
|
4 |
WEB
|
TecR0c
|
|
2011-07-27
|
|
SWAT Samba Web Administration Tool - Cross-Site Request Forgery
|
4 |
WEB
|
Narendra Shinde
|
|
2011-07-26
|
|
CA ARCserve D2D r15 GWT RPC - Multiple Vulnerabilities
|
3 |
WEB
|
rgod
|
|
2011-07-26
|
|
PHP-Barcode 0.3pl1 - Remote Code Execution
|
4 |
WEB
|
beford
|
|
2011-07-26
|
|
ManageEngine ServiceDesk Plus 8.0.0 Build 8013 - Improper User Privileges
|
4 |
WEB
|
Narendra Shinde
|
|
2011-07-26
|
|
OpenX Ad Server 2.8.7 - Cross-Site Request Forgery
|
3 |
WEB
|
Narendra Shinde
|
|
2011-07-25
|
|
MusicBox 3.7 - Multiple Vulnerabilities
|
4 |
WEB
|
R@1D3N
|
|
2011-07-23
|
|
ExtCalendar2 - Cookie Authentication Bypass / Backdoor Upload
|
5 |
WEB
|
Lagripe-Dz
|
