|
2011-08-20
|
|
WordPress Plugin Block-Spam-By-Math-Reloaded - Bypass
|
19 |
WEB
|
Tiago Ferreira & Heyder Andrade
|
|
2011-08-19
|
|
Oracle Secure Backup - Authentication Bypass/Command Injection (Metasploit)
|
18 |
WEB
|
Metasploit
|
|
2011-08-19
|
|
PHPMyRealty 1.0.7 - SQL Injection
|
19 |
WEB
|
H4T$A
|
|
2011-08-19
|
|
network tracker .95 - Persistent Cross-Site Scripting
|
19 |
WEB
|
G13
|
|
2011-08-18
|
|
WordPress Plugin Menu Creator 1.1.7 - SQL Injection
|
21 |
WEB
|
Miroslav Stampar
|
|
2011-08-18
|
|
WordPress Plugin Allow PHP in Posts and Pages 2.0.0.RC1 - SQL Injection
|
17 |
WEB
|
Miroslav Stampar
|
|
2011-08-18
|
|
WordPress Plugin Global Content Blocks 1.2 - SQL Injection
|
14 |
WEB
|
Miroslav Stampar
|
|
2011-08-18
|
|
WordPress Plugin Ajax Gallery 3.0 - SQL Injection
|
16 |
WEB
|
Miroslav Stampar
|
|
2011-08-18
|
|
Elgg 1.7.10 - Multiple Vulnerabilities
|
16 |
WEB
|
Aung Khant
|
|
2011-08-18
|
|
WordPress Plugin Forum 1.7.8 - SQL Injection
|
18 |
WEB
|
Miroslav Stampar
|
|
2011-08-18
|
|
WordPress Plugin DS FAQ 1.3.2 - SQL Injection
|
19 |
WEB
|
Miroslav Stampar
|
|
2011-08-17
|
|
Contrexx ShopSystem 2.2 SP3 - 'catId' Blind SQL Injection
|
21 |
WEB
|
Penguin
|
|
2011-08-17
|
|
WordPress Plugin OdiHost NewsLetter 1.0 - SQL Injection
|
22 |
WEB
|
Miroslav Stampar
|
|
2011-08-17
|
|
WordPress Plugin Easy Contact Form Lite 1.0.7 - SQL Injection
|
17 |
WEB
|
Miroslav Stampar
|
|
2011-08-17
|
|
WordPress Plugin Symposium 0.64 - SQL Injection
|
17 |
WEB
|
Miroslav Stampar
|
|
2011-08-17
|
|
WordPress Plugin Contus HD FLV Player 1.3 - SQL Injection
|
18 |
WEB
|
Miroslav Stampar
|
|
2011-08-17
|
|
WordPress Plugin File Groups 1.1.2 - SQL Injection
|
19 |
WEB
|
Miroslav Stampar
|
|
2011-08-17
|
|
SoftwareDEP Classified Script 2.5 - SQL Injection (1)
|
15 |
WEB
|
v3n0m
|
|
2011-08-17
|
|
Joomla! Component JoomTouch 1.0.2 - Local File Inclusion
|
15 |
WEB
|
NoGe
|
|
2011-08-16
|
|
WordPress Plugin IP-Logger 3.0 - SQL Injection
|
18 |
WEB
|
Miroslav Stampar
|
|
2011-08-14
|
|
Contrexx ShopSystem 2.2 SP3 - Blind SQL Injection
|
20 |
WEB
|
Penguin
|
|
2011-08-14
|
|
Prediction Football 2.51 - Cross-Site Request Forgery
|
20 |
WEB
|
Smith Falcon
|
|
2011-08-13
|
|
Mambo 4.6.x < 4.6.5 - SQL Injection
|
18 |
WEB
|
Aung Khant
|
|
2011-08-13
|
|
Kahf Poems 1.0 - Multiple Vulnerabilities
|
17 |
WEB
|
Yassin Aboukir
|
|
2011-08-13
|
|
VideoDB 3.1.0 - SQL Injection
|
18 |
WEB
|
seceurityoverun
|
|
2011-08-11
|
|
Adobe RoboHelp 9 - DOM Cross-Site Scripting
|
20 |
WEB
|
Roberto Suggi Liverani
|
|
2011-08-09
|
|
Joomla! Component Search 3.0.0 - SQL Injection
|
18 |
WEB
|
NoGe
|
|
2011-08-09
|
|
FCKEditor Core - 'FileManager test.html' Arbitrary File Upload (2)
|
32 |
WEB
|
pentesters.ir
|
|
2011-08-09
|
|
BlogPHP 2.0 - Persistent Cross-Site Scripting
|
21 |
WEB
|
Paulzz
|
|
2011-08-08
|
|
XpressEngine 1.4.5.7 - Persistent Cross-Site Scripting
|
19 |
WEB
|
v0nSch3lling
|
|
2011-08-07
|
|
Simple Machines Forum (SMF) 2.0 - Session Hijacking
|
20 |
WEB
|
seth
|
|
2011-08-06
|
|
Cart Software - Multiple Vulnerabilities
|
21 |
WEB
|
hosinn
|
|
2011-08-06
|
|
ATutor 2.0.2 - Multiple Vulnerabilities
|
20 |
WEB
|
LiquidWorm
|
|
2011-08-06
|
|
AChecker 1.2 - Multiple Error-Based SQL Injection Vulnerabilities
|
17 |
WEB
|
LiquidWorm
|
|
2011-08-06
|
|
acontent 1.1 - Multiple Vulnerabilities
|
18 |
WEB
|
LiquidWorm
|
|
2011-08-06
|
|
WordPress Plugin Media Library Categories 1.0.6 - SQL Injection
|
17 |
WEB
|
Miroslav Stampar
|
|
2011-08-06
|
|
WordPress Plugin UPM Polls 1.0.3 - SQL Injection
|
16 |
WEB
|
Miroslav Stampar
|
|
2011-08-05
|
|
WordPress Plugin Social Slider 5.6.5 - SQL Injection
|
16 |
WEB
|
Miroslav Stampar
|
|
2011-08-05
|
|
WordPress Plugin ProPlayer 4.7.7 - SQL Injection
|
17 |
WEB
|
Miroslav Stampar
|
|
2011-08-05
|
|
Sun/Oracle GlassFish Server - (Authenticated) Code Execution (Metasploit)
|
21 |
WEB
|
Metasploit
|
|
2011-08-05
|
|
WordPress Plugin E-Commerce 3.8.4 - SQL Injection
|
16 |
WEB
|
IHTeam
|
|
2011-08-04
|
|
DZYGroup CMS Portal - Multiple SQL Injections
|
19 |
WEB
|
Netrondoank
|
|
2011-08-03
|
|
Joomla! Component com_jdirectory - SQL Injection
|
20 |
WEB
|
Caddy Dz
|
|
2011-08-03
|
|
WordPress Plugin TimThumb 1.32 - Remote Code Execution
|
21 |
WEB
|
MaXe
|
|
2011-08-02
|
|
SiteGenius - Blind SQL Injection
|
20 |
WEB
|
AutoRUN & dR.sqL
|
|
2011-08-02
|
|
MyBB MyTabs Plugin - SQL Injection
|
19 |
WEB
|
AutoRUN & dR.sqL
|
|
2011-08-01
|
|
CA Arcserve D2D GWT RPC - Credential Information Disclosure (Metasploit)
|
19 |
WEB
|
Metasploit
|
|
2011-08-01
|
|
ZoneMinder 1.24.3 - Remote File Inclusion
|
17 |
WEB
|
iye
|
|
2011-08-01
|
|
CMSPro! 2.08 - Cross-Site Request Forgery
|
16 |
WEB
|
Xadpritox
|
|
2011-07-31
|
|
Joomla! Component obSuggest - Local File Inclusion
|
19 |
WEB
|
v3n0m
|
|
2011-07-31
|
|
Digital Scribe 1.5 - register_form()' Multiple POST Cross-Site Scripting Vulnerabilities
|
20 |
WEB
|
LiquidWorm
|
|
2011-07-30
|
|
Link Station Pro - Multiple Vulnerabilities
|
19 |
WEB
|
$#4d0\/\/[r007k17]
|
|
2011-07-29
|
|
ManageEngine ServiceDesk Plus 8.0 Build 8013 - Multiple Cross-Site Scripting Vulnerabilities
|
20 |
WEB
|
Narendra Shinde
|
|
2011-07-29
|
|
cFTP 0.1 - 'r80' Arbitrary File Upload
|
20 |
WEB
|
leviathan
|
|
2011-07-28
|
|
Joomla! Component com_virtuemart 1.1.7/1.5 - Blind SQL Injection (Metasploit)
|
19 |
WEB
|
TecR0c
|
|
2011-07-27
|
|
SWAT Samba Web Administration Tool - Cross-Site Request Forgery
|
20 |
WEB
|
Narendra Shinde
|
|
2011-07-26
|
|
CA ARCserve D2D r15 GWT RPC - Multiple Vulnerabilities
|
20 |
WEB
|
rgod
|
|
2011-07-26
|
|
PHP-Barcode 0.3pl1 - Remote Code Execution
|
18 |
WEB
|
beford
|
|
2011-07-26
|
|
ManageEngine ServiceDesk Plus 8.0.0 Build 8013 - Improper User Privileges
|
18 |
WEB
|
Narendra Shinde
|
|
2011-07-26
|
|
OpenX Ad Server 2.8.7 - Cross-Site Request Forgery
|
17 |
WEB
|
Narendra Shinde
|
|
2011-07-25
|
|
MusicBox 3.7 - Multiple Vulnerabilities
|
17 |
WEB
|
R@1D3N
|
|
2011-07-23
|
|
ExtCalendar2 - Cookie Authentication Bypass / Backdoor Upload
|
19 |
WEB
|
Lagripe-Dz
|
|
2011-07-21
|
|
Joomla! Component mod_spo - SQL Injection
|
22 |
WEB
|
SeguridadBlanca
|
|
2011-07-21
|
|
Joomla! Component JE Story Submit - Local File Inclusion
|
20 |
WEB
|
v3n0m
|
|
2011-07-21
|
|
vBulletin 4.0.x 4.1.3 - 'messagegroupid' SQL Injection
|
19 |
WEB
|
fb1h2s
|
|
2011-07-21
|
|
Mevin Basic PHP Events Lister 2.03 - Cross-Site Request Forgery
|
17 |
WEB
|
Crazy_Hacker
|
|
2011-07-20
|
|
Joomla! Component com_rsappt_pro2 - Local File Inclusion
|
15 |
WEB
|
Don Tukulesto
|
|
2011-07-20
|
|
Oracle Sun GlassFish Enterprise Server - Persistent Cross-Site Scripting
|
17 |
WEB
|
Sense of Security
|
|
2011-07-14
|
|
Inscribe Webmedia - SQL Injection
|
26 |
WEB
|
Netrondoank
|
|
2011-07-14
|
|
PG eLms Pro vDEC_2007_01 - Multiple Blind SQL Injections
|
23 |
WEB
|
LiquidWorm
|
|
2011-07-14
|
|
PG eLms Pro vDEC_2007_01 - 'contact_us.php' Multiple POST Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
LiquidWorm
|
|
2011-07-14
|
|
Joomla! Component com_sobi2 2.9.3.2 - Blind SQL Injections
|
21 |
WEB
|
jdc
|
|
2011-07-13
|
|
TCExam 11.2.011 - Multiple SQL Injections
|
17 |
WEB
|
LiquidWorm
|
|
2011-07-13
|
|
LiteRadius 3.2 - Multiple Blind SQL Injections
|
21 |
WEB
|
Robert Cooper
|
|
2011-07-12
|
|
Joomla! Component com_xmap 1.2.11 - Blind SQL Injection
|
16 |
WEB
|
jdc
|
|
2011-07-12
|
|
Pandora Fms 3.2.1 - Cross-Site Request Forgery
|
18 |
WEB
|
mehdi boukazoula
|
|
2011-07-12
|
|
Tradingeye E-Commerce Shopping Cart - Multiple Vulnerabilities
|
18 |
WEB
|
$#4d0\/\/[r007k17]
|
|
2011-07-12
|
|
Fire Soft Board 2.0.1 - Persistent Cross-Site Scripting (Admin Panel)
|
21 |
WEB
|
_jill for A-S
|
|
2011-07-10
|
|
Tugux CMS 1.2 - 'pid' Arbitrary File Deletion
|
17 |
WEB
|
LiquidWorm
|
|
2011-07-09
|
|
Portix-CMS 1.5.0. rc5 - Local File Inclusion
|
19 |
WEB
|
Or4nG.M4N
|
|
2011-07-09
|
|
phpMyAdmin 3.x - Swekey Remote Code Injection
|
21 |
WEB
|
Mango
|
|
2011-07-08
|
|
phpMyAdmin3 (pma3) - Remote Code Execution
|
17 |
WEB
|
wofeiwo
|
|
2011-07-08
|
|
appRain Quick Start Edition Core Edition Multiple 0.1.4-Alpha - Cross-Site Scripting
|
18 |
WEB
|
SecPod Research
|
|
2011-07-07
|
|
ManageEngine ServiceDesk 8.0.0.12 - Database Disclosure
|
18 |
WEB
|
@ygoltsev
|
|
2011-07-07
|
|
LuxCal Web Calendar 2.4.2/2.5.0 - SQL Injection
|
21 |
WEB
|
kaMtiEz
|
|
2011-07-06
|
|
Joomla! 1.6.3 - Cross-Site Request Forgery
|
18 |
WEB
|
Luis Santana
|
|
2011-07-06
|
|
BbZL.php - Remote File Inclusion
|
20 |
WEB
|
Number 7
|
|
2011-07-05
|
|
DmxReady Secure Document Library 1.2 - SQL Injection
|
17 |
WEB
|
Bellatrix
|
|
2011-07-04
|
|
WeBid 1.0.2 - 'converter.php' Remote Code Execution
|
18 |
WEB
|
EgiX
|
|
2011-07-04
|
|
PhpFood CMS 2.00 - SQL Injection
|
18 |
WEB
|
kaMtiEz
|
|
2011-07-04
|
|
DmxReady Links Manager 1.2 - SQL Injection
|
23 |
WEB
|
Bellatrix
|
|
2011-07-04
|
|
DMXReady Account List Manager 1.2 - SQL Injection
|
17 |
WEB
|
Bellatrix
|
|
2011-07-03
|
|
DmxReady Document Library Manager 1.2 - SQL Injection
|
16 |
WEB
|
Bellatrix
|
|
2011-07-03
|
|
DmxReady Bilboard 1.2 - SQL Injection
|
21 |
WEB
|
Bellatrix
|
|
2011-07-03
|
|
DmxReady Faqs Manager 1.2 - SQL Injection
|
20 |
WEB
|
Bellatrix
|
|
2011-07-03
|
|
DmxReady Contact Us Manager 1.2 - SQL Injection
|
20 |
WEB
|
Bellatrix
|
|
2011-07-03
|
|
DMXReady Registration Manager 1.2 - SQL Injection
|
17 |
WEB
|
Bellatrix
|
|
2011-07-03
|
|
phpDealerLocator - Multiple SQL Injections
|
18 |
WEB
|
Robert Cooper
|
|
2011-07-03
|
|
DmxReady News Manager 1.2 - SQL Injection
|
21 |
WEB
|
Bellatrix
|
|
2011-07-03
|
|
DmxReady Catalog Manager 1.2 - SQL Injection
|
21 |
WEB
|
Bellatrix
|
|
2011-07-01
|
|
Ollance Member Login Script - Multiple Vulnerabilities
|
17 |
WEB
|
$#4d0\/\/[r007k17]
|
|
2011-07-01
|
|
WordPress Core 3.1.3 - SQL Injection
|
17 |
WEB
|
SEC Consult
|
|
2011-07-01
|
|
Joomla! Component mDigg 2.2.8 - SQL Injection
|
16 |
WEB
|
Caddy Dz
|
|
2011-06-28
|
|
rgboard 4.2.1 - SQL Injection
|
21 |
WEB
|
hamt0ry
|
|
2011-06-26
|
|
WordPress Plugin Beer Recipes 1.0 - Cross-Site Scripting
|
18 |
WEB
|
TheUzuki.'
|
|
2011-06-26
|
|
Joomla! Component JoomlaXi - Persistent Cross-Site Scripting
|
15 |
WEB
|
Karthik R
|
|
2011-06-23
|
|
nodesforum 1.059 - Remote File Inclusion
|
19 |
WEB
|
bd0rk
|
|
2011-06-23
|
|
2Point Solutions - 'cmspages.php' SQL Injection
|
18 |
WEB
|
Newbie Campuz
|
|
2011-06-23
|
|
Webcat - Multiple Blind SQL Injections
|
16 |
WEB
|
w0rd
|
|
2011-06-23
|
|
ActivDesk 3.0 - Multiple Vulnerabilities
|
18 |
WEB
|
Brendan Coles
|
|
2011-06-23
|
|
ManageEngine Support Center Plus 7.8 Build 7801 - Directory Traversal
|
19 |
WEB
|
xistence
|
|
2011-06-23
|
|
ManageEngine ServiceDesk Plus 8.0 - Directory Traversal
|
18 |
WEB
|
Keith Lee
|
|
2011-06-23
|
|
iSupport 1.8 - SQL Injection
|
18 |
WEB
|
Brendan Coles
|
|
2011-06-23
|
|
BrewBlogger 2.3.2 - Multiple Vulnerabilities
|
18 |
WEB
|
Brendan Coles
|
|
2011-06-22
|
|
Same Team E-shop manager - SQL Injection
|
18 |
WEB
|
Number 7
|
|
2011-06-22
|
|
Cachelogic Expired Domains Script 1.0 - Multiple Vulnerabilities
|
21 |
WEB
|
Brendan Coles
|
|
2011-06-21
|
|
iGiveTest 2.1.0 - SQL Injection
|
26 |
WEB
|
Brendan Coles
|
|
2011-06-21
|
|
WordPress Plugin WPtouch 1.9.27 - URL redirection
|
22 |
WEB
|
MaKyOtOx
|
|
2011-06-20
|
|
IF-CMS 2.07 - Local File Inclusion (Metasploit) (2)
|
17 |
WEB
|
TecR0c
|
|
2011-06-19
|
|
Joomla! Component com_calcbuilder - 'id' Blind SQL Injection
|
18 |
WEB
|
Chip d3 bi0s
|
|
2011-06-19
|
|
Burning Board 3.1.5 - Full Path Disclosure
|
20 |
WEB
|
linc0ln.dll
|
|
2011-06-19
|
|
Joomla! Component com_team - SQL Injection
|
20 |
WEB
|
CoBRa_21
|
|
2011-06-18
|
|
Joomla! Component A Cool Debate 1.0.3 - Local File Inclusion
|
21 |
WEB
|
Chip d3 bi0s
|
|
2011-06-18
|
|
AiCart 2.0 - Multiple Vulnerabilities
|
18 |
WEB
|
takeshix
|
|
2011-06-17
|
|
WeBid 1.0.2 - Persistent Cross-Site Scripting (via SQL Injection)
|
19 |
WEB
|
Saif
|
