|
2011-10-07
|
|
Spreecommerce 0.60.1 - Arbitrary Command Execution (Metasploit)
|
17 |
WEB
|
Metasploit
|
|
2011-10-07
|
|
EFront 3.6.9 Community Edition - Multiple Vulnerabilities
|
19 |
WEB
|
IHTeam
|
|
2011-10-07
|
|
URL Shortener Script 1.0 - SQL Injection
|
24 |
WEB
|
M.Jock3R
|
|
2011-10-06
|
|
Tsmim Lessons Library - 'show.php' SQL Injection
|
21 |
WEB
|
M.Jock3R
|
|
2011-10-04
|
|
CF Image Hosting Script 1.3.82 - File Disclosure
|
18 |
WEB
|
bd0rk
|
|
2011-10-04
|
|
Easy Hosting Control Panel - Admin Authentication Bypass
|
17 |
WEB
|
Jasman
|
|
2011-10-04
|
|
Concrete5 CMS < 5.4.2.1 - Multiple Vulnerabilities
|
17 |
WEB
|
Ryan Dewhurst
|
|
2011-10-03
|
|
JBoss & JMX Console - Misconfigured Deployment Scanner
|
17 |
WEB
|
y0ug
|
|
2011-10-02
|
|
CA Total Defense Suite - reGenerateReports Stored procedure SQL Injection (Metasploit)
|
19 |
WEB
|
Metasploit
|
|
2011-10-03
|
|
GotoCode Online Bookstore - Multiple Vulnerabilities
|
19 |
WEB
|
Nathaniel Carew
|
|
2011-10-02
|
|
Vivvo CMS - Local File Inclusion
|
17 |
WEB
|
JaBrOtxHaCkEr
|
|
2011-10-02
|
|
Banana Dance CMS and Wiki - SQL Injection
|
21 |
WEB
|
Aodrulez
|
|
2011-09-30
|
|
Feed on Feeds 0.5 - Remote PHP Code Injection
|
17 |
WEB
|
EgiX
|
|
2011-09-30
|
|
Marinet CMS - 'room.php' Blind SQL Injection
|
16 |
WEB
|
BHG Security Center
|
|
2011-09-30
|
|
WordPress Plugin Bannerize 2.8.7 - SQL Injection
|
18 |
WEB
|
Miroslav Stampar
|
|
2011-09-29
|
|
Typo3 - File Disclosure
|
18 |
WEB
|
Number 7
|
|
2011-09-28
|
|
timelive time and expense tracking 4.1.1 - Multiple Vulnerabilities
|
18 |
WEB
|
Nathaniel Carew
|
|
2011-09-27
|
|
redmind Online-Shop / E-Commerce-System - SQL Injection
|
19 |
WEB
|
Indonesian BlackCoder
|
|
2011-09-27
|
|
Omnidocs - Multiple Vulnerabilities
|
20 |
WEB
|
Sohil Garg
|
|
2011-09-27
|
|
Jarida 1.0 - Multiple Vulnerabilities
|
22 |
WEB
|
Ptrace Security
|
|
2011-09-27
|
|
WordPress Plugin Mingle Forum 1.0.31 - SQL Injection
|
21 |
WEB
|
Miroslav Stampar
|
|
2011-09-26
|
|
WordPress Plugin CevherShare 2.0 - SQL Injection
|
21 |
WEB
|
bd0rk
|
|
2011-09-24
|
|
WordPress Plugin AdRotate 3.6.5 - SQL Injection
|
18 |
WEB
|
Miroslav Stampar
|
|
2011-09-24
|
|
WordPress Plugin Link Library 5.2.1 - SQL Injection
|
16 |
WEB
|
Miroslav Stampar
|
|
2011-09-22
|
|
JAKCMS PRO 2.2.5 - Arbitrary File Upload
|
19 |
WEB
|
EgiX
|
|
2011-09-20
|
|
Netgear Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery
|
19 |
WEB
|
Sense of Security
|
|
2011-09-20
|
|
SharePoint 2007/2010 and DotNetNuke < 6 - File Disclosure (via XEE)
|
19 |
WEB
|
Nicolas Gregoire
|
|
2011-09-19
|
|
Multiple WordPress Plugins - 'timthumb.php' File Upload
|
16 |
WEB
|
Ben Schmidt
|
|
2011-09-19
|
|
Cisco TelePresence SOS-11-010 - Multiple Vulnerabilities
|
16 |
WEB
|
Sense of Security
|
|
2011-09-19
|
|
WordPress Plugin Relocate Upload 0.14 - Remote File Inclusion
|
19 |
WEB
|
Ben Schmidt
|
|
2011-09-19
|
|
WordPress Plugin Mini Mail Dashboard Widget 1.36 - Remote File Inclusion
|
17 |
WEB
|
Ben Schmidt
|
|
2011-09-19
|
|
WordPress Plugin Zingiri Web Shop 2.2.0 - Remote File Inclusion
|
17 |
WEB
|
Ben Schmidt
|
|
2011-09-19
|
|
WordPress Plugin Mailing List 1.3.2 - Remote File Inclusion
|
16 |
WEB
|
Ben Schmidt
|
|
2011-09-19
|
|
WordPress Plugin Disclosure Policy 1.0 - Remote File Inclusion
|
14 |
WEB
|
Ben Schmidt
|
|
2011-09-19
|
|
WordPress Plugin Livesig 0.4 - Remote File Inclusion
|
21 |
WEB
|
Ben Schmidt
|
|
2011-09-19
|
|
WordPress Plugin Annonces 1.2.0.0 - Remote File Inclusion
|
20 |
WEB
|
Ben Schmidt
|
|
2011-09-19
|
|
WordPress Plugin WPEasyStats 1.8 - Remote File Inclusion
|
17 |
WEB
|
Ben Schmidt
|
|
2011-09-19
|
|
WordPress Plugin AllWebMenus 1.1.3 - Remote File Inclusion
|
18 |
WEB
|
Ben Schmidt
|
|
2011-09-19
|
|
WordPress Plugin TheCartPress 1.1.1 - Remote File Inclusion
|
16 |
WEB
|
Ben Schmidt
|
|
2011-09-19
|
|
Toko Lite CMS 1.5.2 - 'edit.php' HTTP Response Splitting
|
18 |
WEB
|
LiquidWorm
|
|
2011-09-19
|
|
WordPress Plugin Filedownload 0.1 - 'download.php' Remote File Disclosure
|
18 |
WEB
|
Septemb0x
|
|
2011-09-18
|
|
WordPress Plugin Count per Day 2.17 - SQL Injection
|
14 |
WEB
|
Miroslav Stampar
|
|
2011-09-17
|
|
iManager Plugin 1.2.8 - 'd' Arbitrary File Deletion
|
18 |
WEB
|
LiquidWorm
|
|
2011-09-17
|
|
iManager Plugin 1.2.8 - 'lang' Local File Inclusion
|
18 |
WEB
|
LiquidWorm
|
|
2011-09-17
|
|
iBrowser Plugin 1.4.1 - 'lang' Local File Inclusion
|
19 |
WEB
|
LiquidWorm
|
|
2011-09-15
|
|
Nortel Contact Recording Centralized Archive 6.5.1 - SQL Injection
|
21 |
WEB
|
rgod
|
|
2011-09-14
|
|
Cogent DataHub 7.1.1.63 - Source Disclosure
|
19 |
WEB
|
Luigi Auriemma
|
|
2011-09-14
|
|
WordPress Plugin E-Commerce 3.8.6 - SQL Injection
|
21 |
WEB
|
Miroslav Stampar
|
|
2011-09-13
|
|
dotProject 2.1.5 - SQL Injection
|
19 |
WEB
|
sherl0ck_
|
|
2011-09-13
|
|
WordPress Plugin Forum Server 1.7 - SQL Injection
|
17 |
WEB
|
Miroslav Stampar
|
|
2011-09-12
|
|
AstroCMS - Multiple Vulnerabilities
|
18 |
WEB
|
brain[pillow]
|
|
2011-09-12
|
|
Slaed CMS - Code Execution
|
21 |
WEB
|
brain[pillow]
|
|
2011-09-12
|
|
NetCat CMS - Multiple Vulnerabilities
|
16 |
WEB
|
brain[pillow]
|
|
2011-09-12
|
|
PHP Support Tickets 2.2 - Code Execution
|
16 |
WEB
|
brain[pillow]
|
|
2011-09-12
|
|
TomatoCart 1.1 - (Authenticated) Local File Inclusion
|
19 |
WEB
|
brain[pillow]
|
|
2011-09-10
|
|
WordPress Plugin Tune Library 2.17 - SQL Injection
|
20 |
WEB
|
Miroslav Stampar
|
|
2011-09-09
|
|
WordPress Plugin Event Registration 5.44 - SQL Injection
|
20 |
WEB
|
serk
|
|
2011-09-09
|
|
Xataface WebAuction and Xataface Librarian DB - Multiple Vulnerabilities
|
20 |
WEB
|
SecPod Research
|
|
2011-09-09
|
|
MYRE Real Estate Software - Multiple Vulnerabilities
|
20 |
WEB
|
SecPod Research
|
|
2011-09-09
|
|
WordPress Plugin A to Z Category Listing 1.3 - SQL Injection
|
19 |
WEB
|
Miroslav Stampar
|
|
2011-09-09
|
|
WordPress Plugin WP-Filebase Download Manager 0.2.9 - SQL Injection
|
16 |
WEB
|
Miroslav Stampar
|
|
2011-09-08
|
|
OpenCart 1.5.1.2 - Blind SQL Injection
|
17 |
WEB
|
RiRes Walid
|
|
2011-09-08
|
|
WordPress Plugin 1 Flash Gallery 1.30 < 1.5.7a - Arbitrary File Upload (Metasploit)
|
20 |
WEB
|
Ben Schmidt
|
|
2011-09-08
|
|
AM4SS 1.2 - Cross-Site Request Forgery (Add Admin)
|
17 |
WEB
|
red virus
|
|
2011-09-08
|
|
WordPress Plugin Community Events 1.2.1 - SQL Injection
|
20 |
WEB
|
Miroslav Stampar
|
|
2011-09-08
|
|
WordPress Plugin Paid Downloads 2.01 - SQL Injection
|
18 |
WEB
|
Miroslav Stampar
|
|
2011-09-07
|
|
WordPress Plugin Eventify - Simple Events 1.7.f SQL Injection
|
20 |
WEB
|
Miroslav Stampar
|
|
2011-09-07
|
|
WordPress Plugin SCORM Cloud 1.0.6.6 - SQL Injection
|
16 |
WEB
|
Miroslav Stampar
|
|
2011-09-06
|
|
PlaySms 0.9.5.2 - Remote File Inclusion
|
20 |
WEB
|
NoGe
|
|
2011-09-06
|
|
WordPress Plugin KNR Author List Widget 2.0.0 - SQL Injection
|
18 |
WEB
|
Miroslav Stampar
|
|
2011-09-06
|
|
WordPress Plugin post highlights 2.2 - SQL Injection
|
18 |
WEB
|
Miroslav Stampar
|
|
2011-09-06
|
|
WordPress Plugin Tweet Old Post 3.2.5 - SQL Injection
|
17 |
WEB
|
sherl0ck_
|
|
2011-09-05
|
|
Webmobo WB News System - Blind SQL Injection
|
18 |
WEB
|
Eyup CELIK
|
|
2011-09-05
|
|
Elite Gaming Ladders 3.6 - SQL Injection
|
18 |
WEB
|
J.O
|
|
2011-09-05
|
|
WordPress Plugin oQey Gallery 0.4.8 - SQL Injection
|
23 |
WEB
|
Miroslav Stampar
|
|
2011-09-04
|
|
WordPress Plugin Zotpress 4.4 - SQL Injection
|
20 |
WEB
|
Miroslav Stampar
|
|
2011-09-03
|
|
openads-2.0.11 - Remote File Inclusion
|
20 |
WEB
|
HaCkErS eV!L
|
|
2011-09-03
|
|
WordPress Plugin Facebook Opengraph Meta 1.0 - SQL Injection
|
20 |
WEB
|
Miroslav Stampar
|
|
2011-09-02
|
|
WordPress Plugin VideoWhisper Video Presentation 1.1 - SQL Injection
|
19 |
WEB
|
Miroslav Stampar
|
|
2011-09-01
|
|
WordPress Plugin SearchAutocomplete 1.0.8 - SQL Injection
|
17 |
WEB
|
Miroslav Stampar
|
|
2011-09-01
|
|
NetSaro Enterprise Messenger 2.0 - Multiple Vulnerabilities
|
19 |
WEB
|
Narendra Shinde
|
|
2011-09-01
|
|
WordPress Plugin Bannerize 2.8.6 - SQL Injection
|
16 |
WEB
|
Miroslav Stampar
|
|
2011-09-01
|
|
WordPress Plugin Donation 1.0 - SQL Injection
|
20 |
WEB
|
Miroslav Stampar
|
|
2011-08-31
|
|
WordPress Plugin image Gallery with Slideshow 1.5 - Multiple Vulnerabilities
|
20 |
WEB
|
Hrvoje Spoljar
|
|
2011-08-31
|
|
WordPress Plugin grapefile 1.1 - Arbitrary File Upload
|
19 |
WEB
|
Hrvoje Spoljar
|
|
2011-08-30
|
|
WordPress Plugin Couponer 1.2 - SQL Injection
|
20 |
WEB
|
Miroslav Stampar
|
|
2011-08-30
|
|
WordPress Plugin PureHTML 1.0.0 - SQL Injection
|
16 |
WEB
|
Miroslav Stampar
|
|
2011-08-30
|
|
WordPress Plugin yolink Search 1.1.4 - SQL Injection
|
20 |
WEB
|
Miroslav Stampar
|
|
2011-08-30
|
|
WordPress Plugin Audio Gallery Playlist 0.12 - SQL Injection
|
17 |
WEB
|
Miroslav Stampar
|
|
2011-08-30
|
|
WordPress Plugin Crawl Rate Tracker 2.0.2 - SQL Injection
|
20 |
WEB
|
Miroslav Stampar
|
|
2011-08-30
|
|
FileBox File Hosting & Sharing Script 1.5 - SQL Injection
|
21 |
WEB
|
SubhashDasyam
|
|
2011-08-30
|
|
vAuthenticate 3.0.1 - Authentication Bypass
|
19 |
WEB
|
bd0rk
|
|
2011-08-30
|
|
WordPress Plugin Event Registration 5.4.3 - SQL Injection
|
15 |
WEB
|
Miroslav Stampar
|
|
2011-08-30
|
|
WordPress Plugin Advertizer 1.0 - SQL Injection
|
18 |
WEB
|
Miroslav Stampar
|
|
2011-08-29
|
|
WordPress Plugin iCopyright(R) Article Tools 1.1.4 - SQL Injection
|
22 |
WEB
|
Miroslav Stampar
|
|
2011-08-29
|
|
WordPress Plugin SH Slideshow 3.1.4 - SQL Injection
|
21 |
WEB
|
Miroslav Stampar
|
|
2011-08-28
|
|
LifeSize Room - Command Injection (Metasploit)
|
20 |
WEB
|
Spencer McIntyre
|
|
2011-08-28
|
|
Omnistar Mailer - Multiple Vulnerabilities
|
16 |
WEB
|
Sid3^effects
|
|
2011-08-28
|
|
WordPress Plugin mySTAT 2.6 - SQL Injection
|
20 |
WEB
|
Miroslav Stampar
|
|
2011-08-28
|
|
WordPress Plugin Profiles 2.0 RC1 - SQL Injection
|
16 |
WEB
|
Miroslav Stampar
|
|
2011-08-28
|
|
WordPress Plugin Evarisk 5.1.3.6 - SQL Injection
|
20 |
WEB
|
Miroslav Stampar
|
|
2011-08-28
|
|
WordPress Plugin Facebook Promotions 1.3.3 - SQL Injection
|
19 |
WEB
|
Miroslav Stampar
|
|
2011-08-28
|
|
Joomla! Component mod_simpleFileLister 1.0 - Directory Traversal
|
22 |
WEB
|
evilsocket
|
|
2011-08-28
|
|
Joomla! Component joomlacontenteditor 2.0.10 - Multiple Vulnerabilities
|
20 |
WEB
|
AmnPardaz
|
|
2011-08-28
|
|
Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities
|
19 |
WEB
|
AmnPardaz
|
|
2011-08-27
|
|
WordPress Plugin Photoracer 1.0 - Multiple Vulnerabilities
|
19 |
WEB
|
Yakir Wizman
|
|
2011-08-27
|
|
WordPress Plugin oQey Headers 0.3 - SQL Injection
|
18 |
WEB
|
Miroslav Stampar
|
|
2011-08-27
|
|
WordPress Plugin Collision Testimonials 3.0 - SQL Injection
|
18 |
WEB
|
Miroslav Stampar
|
|
2011-08-27
|
|
WordPress Plugin Super CAPTCHA 2.2.4 - SQL Injection
|
18 |
WEB
|
Miroslav Stampar
|
|
2011-08-27
|
|
WordPress Plugin MM Forms Community 1.2.3 - SQL Injection
|
16 |
WEB
|
Miroslav Stampar
|
|
2011-08-27
|
|
WordPress Plugin Js-appointment 1.5 - SQL Injection
|
18 |
WEB
|
Miroslav Stampar
|
|
2011-08-26
|
|
Jcow Social Networking Script 4.2 < 5.2 - Arbitrary Code Execution (Metasploit)
|
21 |
WEB
|
Aung Khant
|
|
2011-08-26
|
|
WordPress Plugin Photoracer 1.0 - SQL Injection
|
20 |
WEB
|
evilsocket
|
|
2011-08-25
|
|
WordPress Plugin SendIt 1.5.9 - Blind SQL Injection
|
21 |
WEB
|
evilsocket
|
|
2011-08-24
|
|
Help Desk Software 1.1g - Cross-Site Request Forgery (Add Admin)
|
22 |
WEB
|
G13
|
|
2011-08-23
|
|
ManageEngine ServiceDesk Plus 8.0 - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
17 |
WEB
|
LiquidWorm
|
|
2011-08-22
|
|
Redlab CMS - Multiple SQL Injections
|
17 |
WEB
|
tempe_mendoan
|
|
2011-08-22
|
|
DV Cart Shopping Cart software - SQL Injection
|
19 |
WEB
|
Eyup CELIK
|
|
2011-08-22
|
|
Bonza Digital Cart Script - SQL Injection
|
17 |
WEB
|
Eyup CELIK
|
|
2011-08-22
|
|
Web Solutions Wcs2u - SQL Injection
|
21 |
WEB
|
tempe_mendoan
|
|
2011-08-22
|
|
WordPress Plugin MM Duplicate 1.2 - SQL Injection
|
17 |
WEB
|
Miroslav Stampar
|
|
2011-08-21
|
|
OneFileCMS 1.1.1 - Multiple Vulnerabilities
|
20 |
WEB
|
mr.pr0n
|
|
2011-08-21
|
|
EasySiteEdit - Remote File Inclusion
|
19 |
WEB
|
koskesh jakesh
|
|
2011-08-20
|
|
WordPress Plugin UnGallery 1.5.8 - Local File Disclosure
|
19 |
WEB
|
Miroslav Stampar
|
|
2011-08-20
|
|
Axis Commerce (E-Commerce System) - Persistent Cross-Site Scripting
|
20 |
WEB
|
Eyup CELIK
|
