|
2011-04-16
|
|
Blue Hat - Sensitive Database Disclosure / SQL Injection
|
23 |
WEB
|
^Xecuti0N3r
|
|
2011-04-16
|
|
SoftXMLCMS - Arbitrary File Upload
|
22 |
WEB
|
Alexander
|
|
2011-04-15
|
|
SQL-Ledger 2.8.33 - (Authenticated) Local File Inclusion / Edit
|
24 |
WEB
|
bitform
|
|
2011-04-15
|
|
TextAds 2.08 Script - Cross-Site Scripting
|
23 |
WEB
|
Ashiyane Digital Security Team
|
|
2011-04-15
|
|
cPassMan 1.82 - Arbitrary File Download
|
22 |
WEB
|
Sense of Security
|
|
2011-04-14
|
|
EZ-Shop 1.02 - Lateral SQL Injection
|
19 |
WEB
|
Osirys
|
|
2011-04-13
|
|
TinyBB 1.4 - Blind SQL Injection / Full Path Disclosure
|
20 |
WEB
|
swami
|
|
2011-04-11
|
|
K-Links - Link Directory Script SQL Injection
|
23 |
WEB
|
R3d-D3V!L
|
|
2011-04-10
|
|
Point Market System 3.1x vBulletin plugin - SQL Injection
|
23 |
WEB
|
Net.Edit0r
|
|
2011-04-09
|
|
Nooms CMS 1.1.1 - Cross-Site Request Forgery
|
21 |
WEB
|
loneferret
|
|
2011-04-09
|
|
Joomla! Component joomlacontenteditor - Blind SQL Injection
|
21 |
WEB
|
eidelweiss
|
|
2011-04-08
|
|
viscacha 0.8.1 - Multiple Vulnerabilities
|
21 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-08
|
|
phpcollab 2.5 - Multiple Vulnerabilities
|
18 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-08
|
|
Joomla! Component com_virtuemart 1.1.7 - Blind SQL Injection
|
16 |
WEB
|
TecR0c & mr_me
|
|
2011-04-07
|
|
S40 CMS 0.4.2b - Local File Inclusion
|
18 |
WEB
|
Osirys
|
|
2011-04-06
|
|
greenpants 0.1.7 - Multiple Vulnerabilities
|
20 |
WEB
|
Ptrace Security
|
|
2011-04-06
|
|
eyeos 2.3 - Multiple Vulnerabilities
|
21 |
WEB
|
AutoSec Tools
|
|
2011-04-06
|
|
Graugon Forum 1.3 - SQL Injection
|
19 |
WEB
|
AutoSec Tools
|
|
2011-04-06
|
|
Dream Vision Technologies Web Portal - SQL Injection
|
20 |
WEB
|
eXeSoul
|
|
2011-04-05
|
|
Tutorialms 1.4 - 'show' SQL Injection
|
19 |
WEB
|
LiquidWorm
|
|
2011-04-05
|
|
WordPress Plugin Custom Pages 0.5.0.1 - Local File Inclusion
|
22 |
WEB
|
AutoSec Tools
|
|
2011-04-05
|
|
OpenEMR 4.0.0 - Multiple Vulnerabilities
|
18 |
WEB
|
AutoSec Tools
|
|
2011-04-04
|
|
Planet FPS-1101 - Cross-Site Scripting
|
19 |
WEB
|
b0telh0
|
|
2011-04-04
|
|
Longshine Multiple Print Servers - Cross-Site Scripting
|
20 |
WEB
|
b0telh0
|
|
2011-04-04
|
|
ZO Tech Multiple Print Servers - Cross-Site Scripting
|
21 |
WEB
|
b0telh0
|
|
2011-04-04
|
|
Planex Mini-300PU & Mini100s - Cross-Site Scripting
|
20 |
WEB
|
b0telh0
|
|
2011-04-04
|
|
TP-Link TL-PS110U / TL-PS110P - Cross-Site Scripting
|
19 |
WEB
|
b0telh0
|
|
2011-04-04
|
|
Encore ENPS-2012 - Cross-Site Scripting
|
18 |
WEB
|
b0telh0
|
|
2011-04-04
|
|
Yaws-Wiki 1.88-1 (Erlang) - Persistent / Reflective Cross-Site Scripting
|
24 |
WEB
|
Michael Brooks
|
|
2011-04-04
|
|
DoceboLms 4.0.4 - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
LiquidWorm
|
|
2011-04-03
|
|
OpenCart 1.4.9 - Multiple Local File Inclusions
|
20 |
WEB
|
KedAns-Dz
|
|
2011-04-03
|
|
Banner Ad Management Script - SQL Injection
|
21 |
WEB
|
Egyptian.H4x0rz
|
|
2011-04-03
|
|
Rash CMS - SQL Injection
|
19 |
WEB
|
keracker
|
|
2011-04-03
|
|
Advanced Image Hosting 2.2 - 'index.php' SQL Injection
|
19 |
WEB
|
keracker
|
|
2011-04-02
|
|
Anzeigenmarkt 2011 - 'index.php' SQL Injection
|
20 |
WEB
|
Easy Laster
|
|
2011-04-02
|
|
ilchClan 1.0.5 - 'regist.php' SQL Injection
|
20 |
WEB
|
Easy Laster
|
|
2011-04-02
|
|
spidaNews 1.0 - 'news.php?id' SQL Injection
|
18 |
WEB
|
Easy Laster
|
|
2011-04-01
|
|
Feng Office 1.7.3.3 - Cross-Site Request Forgery
|
18 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-01
|
|
InTerra Blog Machine 1.84 - Cross-Site Scripting
|
18 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-01
|
|
Allomani Super MultiMedia Library 2.5.0 - Cross-Site Request Forgery (Add Admin)
|
17 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-04-01
|
|
Allomani Audio and Video Library 2.7.0 - Cross-Site Request Forgery (Add Admin)
|
16 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-04-01
|
|
Allomani Web Links 1.0 - Cross-Site Request Forgery (Add Admin)
|
18 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-04-01
|
|
Allomani Movies Library 2.0 - Cross-Site Request Forgery (Add Admin)
|
21 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-04-01
|
|
Allomani News 1.0 - Cross-Site Request Forgery (Add Admin)
|
20 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-04-01
|
|
Allomani E-Store 1.0 - Cross-Site Request Forgery (Add Admin) (2)
|
18 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-03-31
|
|
PHPBoost 3.0 - Remote Download Backup
|
18 |
WEB
|
KedAns-Dz
|
|
2011-03-30
|
|
Andy's PHP KnowledgeBase 0.95.2 - 'viewusers.php' SQL Injection
|
22 |
WEB
|
Mark Stanislav
|
|
2011-03-30
|
|
CosmoQuest - Authentication Bypass
|
17 |
WEB
|
Net.Edit0r
|
|
2011-03-30
|
|
BigACE 2.7.5 - Arbitrary File Upload
|
18 |
WEB
|
Net.Edit0r
|
|
2011-03-30
|
|
IrIran Shoping Script - SQL Injection
|
19 |
WEB
|
Net.Edit0r
|
|
2011-03-30
|
|
Pligg CMS 1.1.3 - Multiple Vulnerabilities
|
17 |
WEB
|
Jelmer de Hen
|
|
2011-03-30
|
|
YaCOMAS 0.3.6 Alpha - Multiple Vulnerabilities
|
17 |
WEB
|
Pr@fesOr X
|
|
2011-03-29
|
|
oscss2 2.1.0 rc12 - Multiple Vulnerabilities
|
18 |
WEB
|
AutoSec Tools
|
|
2011-03-29
|
|
Claroline 1.10 - Persistent Cross-Site Scripting
|
18 |
WEB
|
AutoSec Tools
|
|
2011-03-29
|
|
Andy's PHP KnowledgeBase 0.95.4 - SQL Injection
|
18 |
WEB
|
AutoSec Tools
|
|
2011-03-28
|
|
webEdition CMS - Local File Inclusion
|
20 |
WEB
|
eidelweiss
|
|
2011-03-28
|
|
WordPress Plugin BackWPup - Remote Code Execution / Local Code Execution
|
20 |
WEB
|
Sense of Security
|
|
2011-03-28
|
|
Honey Soft Web Solution - Multiple Vulnerabilities
|
21 |
WEB
|
**RoAd_KiLlEr**
|
|
2011-03-27
|
|
webEdition CMS 6.1.0.2 - Multiple Vulnerabilities
|
20 |
WEB
|
AutoSec Tools
|
|
2011-03-27
|
|
SimplisCMS 1.0.3.0 - Multiple Vulnerabilities
|
19 |
WEB
|
NassRawI
|
|
2011-03-26
|
|
Family Connections CMS 2.3.2 - Persistent Cross-Site Scripting / XML Injection
|
20 |
WEB
|
LiquidWorm
|
|
2011-03-24
|
|
SyndeoCMS 2.8.02 - Multiple Vulnerabilities (2)
|
18 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-23
|
|
Web Wiz Forum - Injection
|
19 |
WEB
|
eXeSoul
|
|
2011-03-23
|
|
Constructr CMS 3.03 - Arbitrary File Upload
|
20 |
WEB
|
plucky
|
|
2011-03-23
|
|
Symantec LiveUpdate Administrator Management GUI - HTML Injection
|
20 |
WEB
|
Nikolas Sotiriu
|
|
2011-03-21
|
|
Shimbi CMS - Multiple SQL Injections
|
17 |
WEB
|
p0pc0rn
|
|
2011-03-21
|
|
EAFlashUpload 2.5 - Arbitrary File Upload
|
20 |
WEB
|
Daniel Godoy
|
|
2011-03-21
|
|
Element-IT PowUpload 1.3 - Arbitrary File Upload
|
20 |
WEB
|
Daniel Godoy
|
|
2011-03-21
|
|
CMS Lokomedia 1.5 - Arbitrary File Upload
|
18 |
WEB
|
eidelweiss
|
|
2011-03-20
|
|
Douran 3.9.7.8 - File Download/Source Code Disclosure
|
20 |
WEB
|
AJAX Security Team
|
|
2011-03-19
|
|
CMS Balitbang 3.3 - Arbitrary File Upload
|
21 |
WEB
|
eidelweiss
|
|
2011-03-19
|
|
Phpbuddies - Arbitrary File Upload
|
22 |
WEB
|
Xr0b0t
|
|
2011-03-19
|
|
Balitbang CMS 3.3 - Multiple Vulnerabilities
|
18 |
WEB
|
Xr0b0t
|
|
2011-03-19
|
|
Kleophatra 0.1.4 - Arbitrary File Upload
|
18 |
WEB
|
Xr0b0t
|
|
2011-03-18
|
|
iCMS 1.1 - Admin SQL Injection / Brute Force
|
21 |
WEB
|
TecR0c
|
|
2011-03-18
|
|
CMS Loko Media - Local File Download
|
20 |
WEB
|
Xr0b0t
|
|
2011-03-18
|
|
Tugux CMS - 'nid' Blind SQL Injection
|
18 |
WEB
|
eidelweiss
|
|
2011-03-17
|
|
Tugux CMS 1.0_final - Multiple Vulnerabilities
|
22 |
WEB
|
Aodrulez
|
|
2011-03-17
|
|
Joomla! Component com_booklibrary - SQL Injection
|
17 |
WEB
|
Marc Doudiet
|
|
2011-03-17
|
|
Joomla! 1.6 - Multiple SQL Injections
|
20 |
WEB
|
Aung Khant
|
|
2011-03-16
|
|
b2evolution 4.0.3 - Persistent Cross-Site Scripting
|
18 |
WEB
|
AutoSec Tools
|
|
2011-03-16
|
|
WikiWig 5.01 - Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
AutoSec Tools
|
|
2011-03-16
|
|
pointter PHP content management system 1.2 - Multiple Vulnerabilities
|
22 |
WEB
|
LiquidWorm
|
|
2011-03-16
|
|
LotusCMS 3.0.3 - Multiple Vulnerabilities
|
19 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-15
|
|
IF-CMS 2.07 - Local File Inclusion (1)
|
21 |
WEB
|
TecR0c
|
|
2011-03-14
|
|
SmarterMail 8.0 - Multiple Cross-Site Scripting Vulnerabilities
|
24 |
WEB
|
Hoyt LLC Research
|
|
2011-03-14
|
|
Log1 CMS 2.0 - Multiple Vulnerabilities
|
21 |
WEB
|
Aodrulez
|
|
2011-03-13
|
|
Cover Vision - SQL Injection
|
18 |
WEB
|
Egyptian.H4x0rz
|
|
2011-03-11
|
|
Constructr CMS 3.03 - Multiple Remote Vulnerabilities
|
20 |
WEB
|
LiquidWorm
|
|
2011-03-11
|
|
SmarterStats 6.0 - Multiple Vulnerabilities
|
18 |
WEB
|
Hoyt LLC Research
|
|
2011-03-11
|
|
N_CMS 1.1E - Local File Inclusion / Remote Code
|
17 |
WEB
|
TecR0c
|
|
2011-03-11
|
|
Oracle WebLogic - POST Session Fixation
|
20 |
WEB
|
Roberto Suggi Liverani
|
|
2011-03-10
|
|
SmarterMail 7.3/7.4 - Multiple Vulnerabilities
|
17 |
WEB
|
Hoyt LLC Research
|
|
2011-03-10
|
|
Keynect eCommerce - SQL Injection
|
22 |
WEB
|
Arturo Zamora
|
|
2011-03-10
|
|
Luch Web Designer - Multiple SQL Injections
|
18 |
WEB
|
p0pc0rn
|
|
2011-03-09
|
|
recordpress 0.3.1 - Multiple Vulnerabilities
|
20 |
WEB
|
Khashayar Fereidani
|
|
2011-03-09
|
|
Maian Weblog 4.0 - Blind SQL Injection
|
17 |
WEB
|
mr_me
|
|
2011-03-09
|
|
Esselbach Storyteller CMS System 1.8 - SQL Injection
|
20 |
WEB
|
Shamus
|
|
2011-03-08
|
|
WordPress Plugin GRAND Flash Album Gallery 0.55 - Multiple Vulnerabilities
|
19 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-08
|
|
Ruubikcms 1.0.3 - Multiple Vulnerabilities
|
18 |
WEB
|
Khashayar Fereidani
|
|
2011-03-08
|
|
EzPub Simple Classic ASP CMS - SQL Injection
|
20 |
WEB
|
p0pc0rn
|
|
2011-03-07
|
|
BMForum Myna 6.0 - SQL Injection
|
15 |
WEB
|
Stephan Sattler
|
|
2011-03-07
|
|
EggAvatar 2.3.2 for vBulletin 3.8.x - Local File Read
|
18 |
WEB
|
DSecurity
|
|
2011-03-07
|
|
Bacula-Web 1.3.x < 5.0.3 - Multiple Vulnerabilities
|
19 |
WEB
|
b0telh0
|
|
2011-03-06
|
|
EggAvatar for vBulletin 3.8.x - SQL Injection
|
23 |
WEB
|
DSecurity
|
|
2011-03-06
|
|
Quick Polls - Local File Inclusion / Deletion
|
21 |
WEB
|
Mark Stanislav
|
|
2011-03-06
|
|
N-13 News 4.0 - Cross-Site Request Forgery (Add Admin)
|
18 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2010-10-09
|
|
ContentKeeper Web - Remote Command Execution (Metasploit)
|
16 |
WEB
|
Metasploit
|
|
2010-07-03
|
|
Dogfood CRM - 'spell.php' Remote Command Execution (Metasploit)
|
20 |
WEB
|
Metasploit
|
|
2010-07-03
|
|
The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
|
22 |
WEB
|
Metasploit
|
|
2010-07-03
|
|
phpMyAdmin - Config File Code Injection (Metasploit)
|
24 |
WEB
|
Metasploit
|
|
2010-11-24
|
|
Mambo - Cache_Lite Class MosConfig_absolute_path Remote File Inclusion (Metasploit)
|
19 |
WEB
|
Metasploit
|
|
2010-09-20
|
|
TikiWiki tiki-graph_formula - PHP Remote Code Execution (Metasploit)
|
21 |
WEB
|
Metasploit
|
|
2010-07-03
|
|
Coppermine Photo Gallery 1.4.14 - 'picEditor.php' Command Execution (Metasploit)
|
19 |
WEB
|
Metasploit
|
|
2010-07-14
|
|
Nagios3 - 'statuswml.cgi' 'Ping' Command Execution (Metasploit)
|
19 |
WEB
|
Metasploit
|
|
2010-07-01
|
|
Google Appliance ProxyStyleSheet - Command Execution (Metasploit)
|
21 |
WEB
|
Metasploit
|
|
2010-06-15
|
|
Joomla! Plugin tinybrowser 1.5.12 - Arbitrary File Upload / Code Execution (Metasploit)
|
21 |
WEB
|
Metasploit
|
|
2009-12-26
|
|
AWStats 6.1 < 6.2 - 'configdir' Remote Command Execution (Metasploit)
|
25 |
WEB
|
Metasploit
|
|
2011-01-08
|
|
Fonality trixbox CE 2.6.1 - 'langChoice' Local File Inclusion (Metasploit)
|
22 |
WEB
|
Metasploit
|
|
2011-01-14
|
|
CakePHP 1.3.5/1.2.8 - Cache Corruption (Metasploit)
|
20 |
WEB
|
Metasploit
|
|
2010-04-30
|
|
PAJAX - Remote Command Execution (Metasploit)
|
21 |
WEB
|
Metasploit
|
|
2010-07-03
|
|
osCommerce 2.2 - Arbitrary PHP Code Execution (Metasploit)
|
18 |
WEB
|
Metasploit
|
|
2010-11-24
|
|
BASE - 'base_qry_common' Remote File Inclusion (Metasploit)
|
19 |
WEB
|
Metasploit
|
|
2010-07-25
|
|
vBulletin - 'misc.php' Template Name Arbitrary Code Execution (Metasploit)
|
22 |
WEB
|
Metasploit
|
|
2010-07-03
|
|
WordPress Core 1.5.1.3 - 'cache_lastpostdate' Arbitrary Code Execution (Metasploit)
|
23 |
WEB
|
Metasploit
|
