|
2011-08-06
|
|
ATutor 2.0.2 - Multiple Vulnerabilities
|
8 |
WEB
|
LiquidWorm
|
|
2011-08-06
|
|
AChecker 1.2 - Multiple Error-Based SQL Injection Vulnerabilities
|
7 |
WEB
|
LiquidWorm
|
|
2011-08-06
|
|
acontent 1.1 - Multiple Vulnerabilities
|
8 |
WEB
|
LiquidWorm
|
|
2011-08-06
|
|
WordPress Plugin Media Library Categories 1.0.6 - SQL Injection
|
9 |
WEB
|
Miroslav Stampar
|
|
2011-08-06
|
|
WordPress Plugin UPM Polls 1.0.3 - SQL Injection
|
8 |
WEB
|
Miroslav Stampar
|
|
2011-08-05
|
|
WordPress Plugin Social Slider 5.6.5 - SQL Injection
|
8 |
WEB
|
Miroslav Stampar
|
|
2011-08-05
|
|
WordPress Plugin ProPlayer 4.7.7 - SQL Injection
|
8 |
WEB
|
Miroslav Stampar
|
|
2011-08-05
|
|
Sun/Oracle GlassFish Server - (Authenticated) Code Execution (Metasploit)
|
8 |
WEB
|
Metasploit
|
|
2011-08-05
|
|
WordPress Plugin E-Commerce 3.8.4 - SQL Injection
|
8 |
WEB
|
IHTeam
|
|
2011-08-04
|
|
DZYGroup CMS Portal - Multiple SQL Injections
|
10 |
WEB
|
Netrondoank
|
|
2011-08-03
|
|
Joomla! Component com_jdirectory - SQL Injection
|
8 |
WEB
|
Caddy Dz
|
|
2011-08-03
|
|
WordPress Plugin TimThumb 1.32 - Remote Code Execution
|
9 |
WEB
|
MaXe
|
|
2011-08-02
|
|
SiteGenius - Blind SQL Injection
|
9 |
WEB
|
AutoRUN & dR.sqL
|
|
2011-08-02
|
|
MyBB MyTabs Plugin - SQL Injection
|
9 |
WEB
|
AutoRUN & dR.sqL
|
|
2011-08-01
|
|
CA Arcserve D2D GWT RPC - Credential Information Disclosure (Metasploit)
|
9 |
WEB
|
Metasploit
|
|
2011-08-01
|
|
ZoneMinder 1.24.3 - Remote File Inclusion
|
7 |
WEB
|
iye
|
|
2011-08-01
|
|
CMSPro! 2.08 - Cross-Site Request Forgery
|
8 |
WEB
|
Xadpritox
|
|
2011-07-31
|
|
Joomla! Component obSuggest - Local File Inclusion
|
8 |
WEB
|
v3n0m
|
|
2011-07-31
|
|
Digital Scribe 1.5 - register_form()' Multiple POST Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
LiquidWorm
|
|
2011-07-30
|
|
Link Station Pro - Multiple Vulnerabilities
|
9 |
WEB
|
$#4d0\/\/[r007k17]
|
|
2011-07-29
|
|
ManageEngine ServiceDesk Plus 8.0 Build 8013 - Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
Narendra Shinde
|
|
2011-07-29
|
|
cFTP 0.1 - 'r80' Arbitrary File Upload
|
8 |
WEB
|
leviathan
|
|
2011-07-28
|
|
Joomla! Component com_virtuemart 1.1.7/1.5 - Blind SQL Injection (Metasploit)
|
9 |
WEB
|
TecR0c
|
|
2011-07-27
|
|
SWAT Samba Web Administration Tool - Cross-Site Request Forgery
|
8 |
WEB
|
Narendra Shinde
|
|
2011-07-26
|
|
CA ARCserve D2D r15 GWT RPC - Multiple Vulnerabilities
|
7 |
WEB
|
rgod
|
|
2011-07-26
|
|
PHP-Barcode 0.3pl1 - Remote Code Execution
|
7 |
WEB
|
beford
|
|
2011-07-26
|
|
ManageEngine ServiceDesk Plus 8.0.0 Build 8013 - Improper User Privileges
|
7 |
WEB
|
Narendra Shinde
|
|
2011-07-26
|
|
OpenX Ad Server 2.8.7 - Cross-Site Request Forgery
|
6 |
WEB
|
Narendra Shinde
|
|
2011-07-25
|
|
MusicBox 3.7 - Multiple Vulnerabilities
|
7 |
WEB
|
R@1D3N
|
|
2011-07-23
|
|
ExtCalendar2 - Cookie Authentication Bypass / Backdoor Upload
|
9 |
WEB
|
Lagripe-Dz
|
|
2011-07-21
|
|
Joomla! Component mod_spo - SQL Injection
|
10 |
WEB
|
SeguridadBlanca
|
|
2011-07-21
|
|
Joomla! Component JE Story Submit - Local File Inclusion
|
9 |
WEB
|
v3n0m
|
|
2011-07-21
|
|
vBulletin 4.0.x 4.1.3 - 'messagegroupid' SQL Injection
|
8 |
WEB
|
fb1h2s
|
|
2011-07-21
|
|
Mevin Basic PHP Events Lister 2.03 - Cross-Site Request Forgery
|
7 |
WEB
|
Crazy_Hacker
|
|
2011-07-20
|
|
Joomla! Component com_rsappt_pro2 - Local File Inclusion
|
7 |
WEB
|
Don Tukulesto
|
|
2011-07-20
|
|
Oracle Sun GlassFish Enterprise Server - Persistent Cross-Site Scripting
|
8 |
WEB
|
Sense of Security
|
|
2011-07-14
|
|
Inscribe Webmedia - SQL Injection
|
8 |
WEB
|
Netrondoank
|
|
2011-07-14
|
|
PG eLms Pro vDEC_2007_01 - Multiple Blind SQL Injections
|
7 |
WEB
|
LiquidWorm
|
|
2011-07-14
|
|
PG eLms Pro vDEC_2007_01 - 'contact_us.php' Multiple POST Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
LiquidWorm
|
|
2011-07-14
|
|
Joomla! Component com_sobi2 2.9.3.2 - Blind SQL Injections
|
8 |
WEB
|
jdc
|
|
2011-07-13
|
|
TCExam 11.2.011 - Multiple SQL Injections
|
8 |
WEB
|
LiquidWorm
|
|
2011-07-13
|
|
LiteRadius 3.2 - Multiple Blind SQL Injections
|
8 |
WEB
|
Robert Cooper
|
|
2011-07-12
|
|
Joomla! Component com_xmap 1.2.11 - Blind SQL Injection
|
8 |
WEB
|
jdc
|
|
2011-07-12
|
|
Pandora Fms 3.2.1 - Cross-Site Request Forgery
|
8 |
WEB
|
mehdi boukazoula
|
|
2011-07-12
|
|
Tradingeye E-Commerce Shopping Cart - Multiple Vulnerabilities
|
9 |
WEB
|
$#4d0\/\/[r007k17]
|
|
2011-07-12
|
|
Fire Soft Board 2.0.1 - Persistent Cross-Site Scripting (Admin Panel)
|
7 |
WEB
|
_jill for A-S
|
|
2011-07-10
|
|
Tugux CMS 1.2 - 'pid' Arbitrary File Deletion
|
8 |
WEB
|
LiquidWorm
|
|
2011-07-09
|
|
Portix-CMS 1.5.0. rc5 - Local File Inclusion
|
8 |
WEB
|
Or4nG.M4N
|
|
2011-07-09
|
|
phpMyAdmin 3.x - Swekey Remote Code Injection
|
8 |
WEB
|
Mango
|
|
2011-07-08
|
|
phpMyAdmin3 (pma3) - Remote Code Execution
|
8 |
WEB
|
wofeiwo
|
|
2011-07-08
|
|
appRain Quick Start Edition Core Edition Multiple 0.1.4-Alpha - Cross-Site Scripting
|
9 |
WEB
|
SecPod Research
|
|
2011-07-07
|
|
ManageEngine ServiceDesk 8.0.0.12 - Database Disclosure
|
8 |
WEB
|
@ygoltsev
|
|
2011-07-07
|
|
LuxCal Web Calendar 2.4.2/2.5.0 - SQL Injection
|
8 |
WEB
|
kaMtiEz
|
|
2011-07-06
|
|
Joomla! 1.6.3 - Cross-Site Request Forgery
|
8 |
WEB
|
Luis Santana
|
|
2011-07-06
|
|
BbZL.php - Remote File Inclusion
|
9 |
WEB
|
Number 7
|
|
2011-07-05
|
|
DmxReady Secure Document Library 1.2 - SQL Injection
|
8 |
WEB
|
Bellatrix
|
|
2011-07-04
|
|
WeBid 1.0.2 - 'converter.php' Remote Code Execution
|
9 |
WEB
|
EgiX
|
|
2011-07-04
|
|
PhpFood CMS 2.00 - SQL Injection
|
9 |
WEB
|
kaMtiEz
|
|
2011-07-04
|
|
DmxReady Links Manager 1.2 - SQL Injection
|
8 |
WEB
|
Bellatrix
|
|
2011-07-04
|
|
DMXReady Account List Manager 1.2 - SQL Injection
|
7 |
WEB
|
Bellatrix
|
|
2011-07-03
|
|
DmxReady Document Library Manager 1.2 - SQL Injection
|
6 |
WEB
|
Bellatrix
|
|
2011-07-03
|
|
DmxReady Bilboard 1.2 - SQL Injection
|
7 |
WEB
|
Bellatrix
|
|
2011-07-03
|
|
DmxReady Faqs Manager 1.2 - SQL Injection
|
8 |
WEB
|
Bellatrix
|
|
2011-07-03
|
|
DmxReady Contact Us Manager 1.2 - SQL Injection
|
7 |
WEB
|
Bellatrix
|
|
2011-07-03
|
|
DMXReady Registration Manager 1.2 - SQL Injection
|
7 |
WEB
|
Bellatrix
|
|
2011-07-03
|
|
phpDealerLocator - Multiple SQL Injections
|
8 |
WEB
|
Robert Cooper
|
|
2011-07-03
|
|
DmxReady News Manager 1.2 - SQL Injection
|
10 |
WEB
|
Bellatrix
|
|
2011-07-03
|
|
DmxReady Catalog Manager 1.2 - SQL Injection
|
9 |
WEB
|
Bellatrix
|
|
2011-07-01
|
|
Ollance Member Login Script - Multiple Vulnerabilities
|
8 |
WEB
|
$#4d0\/\/[r007k17]
|
|
2011-07-01
|
|
WordPress Core 3.1.3 - SQL Injection
|
8 |
WEB
|
SEC Consult
|
|
2011-07-01
|
|
Joomla! Component mDigg 2.2.8 - SQL Injection
|
8 |
WEB
|
Caddy Dz
|
|
2011-06-28
|
|
rgboard 4.2.1 - SQL Injection
|
8 |
WEB
|
hamt0ry
|
|
2011-06-26
|
|
WordPress Plugin Beer Recipes 1.0 - Cross-Site Scripting
|
9 |
WEB
|
TheUzuki.'
|
|
2011-06-26
|
|
Joomla! Component JoomlaXi - Persistent Cross-Site Scripting
|
7 |
WEB
|
Karthik R
|
|
2011-06-23
|
|
nodesforum 1.059 - Remote File Inclusion
|
8 |
WEB
|
bd0rk
|
|
2011-06-23
|
|
2Point Solutions - 'cmspages.php' SQL Injection
|
8 |
WEB
|
Newbie Campuz
|
|
2011-06-23
|
|
Webcat - Multiple Blind SQL Injections
|
7 |
WEB
|
w0rd
|
|
2011-06-23
|
|
ActivDesk 3.0 - Multiple Vulnerabilities
|
8 |
WEB
|
Brendan Coles
|
|
2011-06-23
|
|
ManageEngine Support Center Plus 7.8 Build 7801 - Directory Traversal
|
7 |
WEB
|
xistence
|
|
2011-06-23
|
|
ManageEngine ServiceDesk Plus 8.0 - Directory Traversal
|
8 |
WEB
|
Keith Lee
|
|
2011-06-23
|
|
iSupport 1.8 - SQL Injection
|
7 |
WEB
|
Brendan Coles
|
|
2011-06-23
|
|
BrewBlogger 2.3.2 - Multiple Vulnerabilities
|
7 |
WEB
|
Brendan Coles
|
|
2011-06-22
|
|
Same Team E-shop manager - SQL Injection
|
8 |
WEB
|
Number 7
|
|
2011-06-22
|
|
Cachelogic Expired Domains Script 1.0 - Multiple Vulnerabilities
|
8 |
WEB
|
Brendan Coles
|
|
2011-06-21
|
|
iGiveTest 2.1.0 - SQL Injection
|
8 |
WEB
|
Brendan Coles
|
|
2011-06-21
|
|
WordPress Plugin WPtouch 1.9.27 - URL redirection
|
9 |
WEB
|
MaKyOtOx
|
|
2011-06-20
|
|
IF-CMS 2.07 - Local File Inclusion (Metasploit) (2)
|
9 |
WEB
|
TecR0c
|
|
2011-06-19
|
|
Joomla! Component com_calcbuilder - 'id' Blind SQL Injection
|
8 |
WEB
|
Chip d3 bi0s
|
|
2011-06-19
|
|
Burning Board 3.1.5 - Full Path Disclosure
|
9 |
WEB
|
linc0ln.dll
|
|
2011-06-19
|
|
Joomla! Component com_team - SQL Injection
|
9 |
WEB
|
CoBRa_21
|
|
2011-06-18
|
|
Joomla! Component A Cool Debate 1.0.3 - Local File Inclusion
|
9 |
WEB
|
Chip d3 bi0s
|
|
2011-06-18
|
|
AiCart 2.0 - Multiple Vulnerabilities
|
9 |
WEB
|
takeshix
|
|
2011-06-17
|
|
WeBid 1.0.2 - Persistent Cross-Site Scripting (via SQL Injection)
|
10 |
WEB
|
Saif
|
|
2011-06-16
|
|
Catalog Builder eCommerce Software - Blind SQL Injection
|
8 |
WEB
|
takeshix
|
|
2011-06-15
|
|
IBM Websphere Application Server 7.0.0.13 - Cross-Site Request Forgery
|
10 |
WEB
|
Core Security
|
|
2011-06-15
|
|
Free Simple CMS 1.0 - Multiple Vulnerabilities
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2011-06-15
|
|
AMHSHOP 3.7.0 - SQL Injection
|
9 |
WEB
|
Yassin Aboukir
|
|
2011-06-14
|
|
cubecart 2.0.7 - Multiple Vulnerabilities
|
9 |
WEB
|
Shamus
|
|
2011-06-13
|
|
Joomla! Component Scriptegrator 1.5 - Local File Inclusion
|
11 |
WEB
|
jdc
|
|
2011-06-13
|
|
Oracle HTTP Server - Cross-Site Scripting Header Injection
|
9 |
WEB
|
Yasser ABOUKIR
|
|
2011-06-11
|
|
SUBRION CMS - Multiple Vulnerabilities
|
10 |
WEB
|
Karthik R
|
|
2011-06-11
|
|
Technote 7.2 - Blind SQL Injection
|
9 |
WEB
|
BlueH4G
|
|
2011-06-11
|
|
Trend Micro Data Loss Prevention Virtual Appliance 5.5 - Directory Traversal
|
10 |
WEB
|
White Hat Consultores
|
|
2011-06-10
|
|
Tele Data Contact Management Server - Directory Traversal
|
10 |
WEB
|
AutoSec Tools
|
|
2011-06-10
|
|
Angora Guestbook 1.5 - Local File Inclusion
|
8 |
WEB
|
AutoSec Tools
|
|
2011-06-10
|
|
Pacer Edition CMS 2.1 - 'l' Local File Inclusion
|
8 |
WEB
|
LiquidWorm
|
|
2011-06-10
|
|
Pacer Edition CMS 2.1 - 'rm' Arbitrary File Deletion
|
9 |
WEB
|
LiquidWorm
|
|
2011-06-09
|
|
Polycom IP Phone - Web Interface Data Disclosure
|
10 |
WEB
|
Yakir Wizman
|
|
2011-06-09
|
|
Aastra IP Phone 9480i - Web Interface Data Disclosure
|
8 |
WEB
|
Yakir Wizman
|
|
2011-06-09
|
|
EquiPCS - SQL Injection
|
10 |
WEB
|
Sideswipe
|
|
2011-06-07
|
|
Dataface - Local File Inclusion
|
10 |
WEB
|
ITSecTeam
|
|
2011-06-04
|
|
WebSVN 2.3.2 - Unproper Metacharacters Escaping 'exec()' Remote Command Injection
|
8 |
WEB
|
rgod
|
|
2011-05-30
|
|
Guru JustAnswer Professional 1.25 - Multiple SQL Injections
|
8 |
WEB
|
v3n0m
|
|
2011-05-30
|
|
Belkin F5D7234-4 v5 G Wireless Router - Remote Hash Exposed
|
8 |
WEB
|
Aodrulez
|
|
2011-05-30
|
|
Easy Media Script - SQL Injection
|
8 |
WEB
|
Lagripe-Dz
|
|
2011-05-30
|
|
w-Agora Forum 4.2.1 - Arbitrary File Upload
|
7 |
WEB
|
Treasure Priyamal
|
|
2011-05-29
|
|
Invisionix Roaming System Remote metasys 0.2 - Local File Inclusion
|
8 |
WEB
|
Treasure Priyamal
|
|
2011-05-29
|
|
Puzzle Apps CMS 3.2 - Local File Inclusion
|
8 |
WEB
|
Treasure Priyamal
|
|
2011-05-29
|
|
Joomla! Component com_joomnik - SQL Injection
|
8 |
WEB
|
SOLVER
|
|
2011-05-28
|
|
Joomla! Component com_jmsfileseller - Local File Inclusion
|
8 |
WEB
|
Valentin
|
|
2011-05-28
|
|
Guru Penny Auction Pro 3.0 - Blind SQL Injection
|
8 |
WEB
|
v3n0m
|
|
2011-05-28
|
|
Duhok Forum 1.1 - SQL Injection
|
7 |
WEB
|
M.Jock3R
|
|
2011-05-27
|
|
cPanel < 11.25 - Cross-Site Request Forgery (Add User PHP Script)
|
8 |
WEB
|
ninjashell
|
|
2011-05-27
|
|
HB eCommerce - SQL Injection
|
10 |
WEB
|
takeshix
|
|
2011-05-26
|
|
Clipbucket 2.4 RC2 645 - SQL Injection
|
7 |
WEB
|
AutoSec Tools
|
