|
2015-02-11
|
|
Achat 0.150 beta7 Buffer Overflow
|
86 |
WEB
|
Balazs Bucsay
|
|
2015-02-11
|
|
LG DVR LE6016D - Unauthenticated Remote Users/Passwords Disclosure Exploit
|
186 |
WEB
|
Todor Donev
|
|
2015-02-10
|
|
WordPress WP EasyCart Unrestricted File Upload
|
104 |
WEB
|
Kacper Szurek
|
|
2015-02-10
|
|
Redaxscript CMS 2.2.0 - SQL Injection Vulnerability
|
121 |
WEB
|
ITAS Team
|
|
2015-02-05
|
|
ManageEngine Desktop Central 9 Build 90087 - CSRF Vulnerability
|
95 |
WEB
|
Mohamed Idris
|
|
2015-02-04
|
|
WordPress Pixabay Images PHP Code Upload
|
105 |
WEB
|
h0ng10
|
|
2015-02-04
|
|
WordPress Platform Theme Remote Code Execution
|
107 |
WEB
|
Christian Mehlmauer
|
|
2015-02-03
|
|
Sefrengo CMS 1.6.1 SQL Injection
|
115 |
WEB
|
Nguyen Hung Tuan
|
|
2015-01-27
|
|
SWFupload 2.5.0 Cross Frame Scripting
|
120 |
WEB
|
MindCracker
|
|
2015-01-27
|
|
Symantec Data Center Security - Multiple Vulnerabilities
|
179 |
WEB
|
SEC Consult
|
|
2015-01-27
|
|
PHP Webquest 2.6 - SQL Injection
|
100 |
WEB
|
jordan root
|
|
2015-01-23
|
|
Arris VAP2500 tools_command.php Command Execution
|
159 |
WEB
|
HeadlessZeke
|
|
2015-01-21
|
|
WordPress Pixarbay Images 2.3 XSS / Bypass / Upload / Traversal
|
86 |
WEB
|
Hans-Martin Muench
|
|
2015-01-21
|
|
N-Central Remote Support Manager 14.2.7.171 File Read / Code Execution
|
74 |
WEB
|
Thomas Hibbert
|
|
2015-01-21
|
|
D-Link DSL-2730B Modem - XSS Injection Stored Exploit Lancfg2get.cgi
|
111 |
WEB
|
Mauricio Correa
|
|
2015-01-21
|
|
D-Link DSL-2730B Modem - XSS Injection Stored Exploit DnsProxy.cmd
|
119 |
WEB
|
Mauricio Correa
|
|
2015-01-15
|
|
Congstar Internet-Manager SEH Buffer Overflow
|
101 |
WEB
|
metacom
|
|
2015-01-15
|
|
T-Mobile Internet Manager SEH Buffer Overflow
|
86 |
WEB
|
metacom
|
|
2015-01-14
|
|
Wordpress Photo Gallery Unauthenticated SQL Injection User Enumeration
|
76 |
WEB
|
Brandon Perry
|
|
2015-01-14
|
|
Dell iDRAC IPMI 1.5 - Insufficient Session ID Randomness
|
88 |
WEB
|
Yong Chuan, Koh
|
|
2015-01-13
|
|
WordPress WP Symposium 14.11 Shell Upload
|
96 |
WEB
|
Claudio Viviani
|
|
2015-01-06
|
|
AdaptCMS 3.0.3 HTTP Referer Header Open Redirect
|
158 |
WEB
|
LiquidWorm
|
|
2015-01-06
|
|
WordPress Banner Effect Header 1.2.6 XSS / CSRF
|
162 |
WEB
|
Mahdi.Hidden
|
|
2015-01-06
|
|
Wordpress Infocus3 Theme Arbitrary File Download Vulnerability
|
177 |
WEB
|
killer~x
|
|
2015-01-06
|
|
Wordpress Infocus2 Theme Arbitrary File Download Vulnerability
|
197 |
WEB
|
killer~x
|
|
2015-01-06
|
|
Wordpress WP-EMail 2.64 Cross Site Scripting Vulnerability
|
73 |
WEB
|
Ashiyane
|
|
2015-01-06
|
|
Wordpress Email 1.1 Cross Site Scripting Vulnerability
|
86 |
WEB
|
Ashiyane
|
|
2015-01-06
|
|
Wordpress Email newsletter 20.9 Cross Site Scripting Vulnerability
|
91 |
WEB
|
Ashiyane
|
|
2015-01-06
|
|
Wordpress sumome 1.6 Cross Site Scripting Vulnerability
|
74 |
WEB
|
Ashiyane
|
|
2015-01-06
|
|
AdaptCMS 3.0.3 XSS / Remote Code Execute Vulnerabilities
|
73 |
WEB
|
LiquidWorm
|
|
2015-01-06
|
|
HikaShop 2.3.3 Local File Inclusion Vulnerability
|
108 |
WEB
|
HauntIT Blog
|
|
2015-01-04
|
|
WordPress RevSlider Local File Disclosure
|
91 |
WEB
|
FarbodEZRaeL
|
|
2015-01-04
|
|
PHPads <= 213607 - Authentication Bypass / Password Change Exploit
|
125 |
WEB
|
Shaker msallm
|
|
2014-12-30
|
|
ProjectSend Arbitrary File Upload
|
123 |
WEB
|
Fady Mohammed Osman
|
|
2014-12-30
|
|
WordPress Dmsguestbook Unauthenticated Data Injection
|
87 |
WEB
|
Evex
|
|
2014-12-25
|
|
WordPress Themes download.php File Disclosure
|
201 |
WEB
|
Cleiton Pinheiro
|
|
2014-12-25
|
|
AMSI 3.20.47 Build 37 File Disclosure
|
206 |
WEB
|
KnocKout
|
|
2014-12-24
|
|
Phase botnet blind SQL injection vulnerability
|
80 |
WEB
|
Xylitol
|
|
2014-12-22
|
|
Cacti Superlinks Plugin 1.4-2 RCE(LFI) via SQL Injection Exploit
|
94 |
WEB
|
Wireghoul
|
|
2014-12-17
|
|
ProjectSend r-561 - Arbitrary File Upload
|
101 |
WEB
|
Fady Mohammed Osman
|
|
2014-12-16
|
|
Wordpress Download Manager 2.7.4 - Remote Code Execution Vulnerability
|
97 |
WEB
|
Claudio Viviani
|
|
2014-12-15
|
|
Tuleap PHP Unserialize Code Execution
|
169 |
WEB
|
EgiX
|
|
2014-12-15
|
|
WordPress WP Symposium 14.11 Shell Upload
|
94 |
WEB
|
Claudio Viviani
|
|
2014-12-09
|
|
Flat Calendar 1.1 HTML Injection
|
134 |
WEB
|
ZoRLu
|
|
2014-11-27
|
|
Device42 Embedded Credentials
|
110 |
WEB
|
Brandon Perry
|
|
2014-11-27
|
|
Slider Revolution/Showbiz Pro Shell Upload Exploit
|
94 |
WEB
|
Simo Ben Youssef
|
|
2014-11-27
|
|
Device42 WAN Emulator 2.3 Ping Command Injection
|
71 |
WEB
|
Brandon Perry
|
|
2014-11-27
|
|
Device42 WAN Emulator 2.3 Traceroute Command Injection
|
88 |
WEB
|
Brandon Perry
|
|
2014-11-26
|
|
All-in-One WP Migration 2.0.2 Remote Code Execution Vulnerability
|
98 |
WEB
|
Kacper Szurek
|
|
2014-11-26
|
|
Arris VAP2500 Authentication Bypass
|
113 |
WEB
|
HeadlessZeke
|
|
2014-11-26
|
|
phpMyRecipes 1.2.2 (dosearch.php, words_exact param) - SQL Injection
|
155 |
WEB
|
bard
|
|
2014-11-25
|
|
WordPress WP-DB-Backup 2.2.4 Backup Theft
|
125 |
WEB
|
Larry W. Cashdollar
|
|
2014-11-25
|
|
FluxBB 1.5.6 SQL Injection
|
102 |
WEB
|
secthrowaway
|
|
2014-11-25
|
|
Atrax Botnet Shell Upload Vulnerability
|
97 |
WEB
|
Xylitol
|
|
2014-11-24
|
|
Wordpress wpDataTables 1.5.3 shell Upload Exploit
|
86 |
WEB
|
Claudio Viviani
|
|
2014-11-18
|
|
MantisBT XmlImportExport Plugin PHP Code Injection
|
73 |
WEB
|
EgiX
|
|
2014-11-18
|
|
Joomla HD FLV 2.1.0.1 Arbitrary File Download
|
112 |
WEB
|
Claudio Viviani
|
|
2014-11-18
|
|
PHP 5.x - Bypass Disable Functions Vulnerability
|
163 |
WEB
|
Ryan King
|
|
2014-11-18
|
|
Proticaret E-Commerce Script 3.0 - SQL Injection Vulnerability
|
80 |
WEB
|
Onur Alanbel
|
|
2014-11-18
|
|
ZTE ZXHN H108L - Authentication Bypass
|
219 |
WEB
|
Project Zero Labs
|
|
2014-11-18
|
|
ZTE ZXHN H108L - Authentication Bypass
|
68 |
WEB
|
Project Zero Labs
|
|
2014-11-14
|
|
Who's Who Script Cross Site Request Forgery
|
95 |
WEB
|
ZoRLu
|
|
2014-11-14
|
|
Joomla HD FLV 2.1.0.1 SQL Injection
|
103 |
WEB
|
Claudio Viviani
|
|
2014-11-11
|
|
IP.Board 3.4.7 SQL Injection
|
98 |
WEB
|
secthrowaway
|
|
2014-11-05
|
|
Drupal < 7.32 Pre Auth SQL Injection
|
166 |
WEB
|
Stefan Horst
|
|
2014-10-31
|
|
Joomla RD Download SQL Injection
|
144 |
WEB
|
Claudio Viviani
|
|
2014-10-30
|
|
MAARCH 1.4 - Arbitrary File Upload
|
91 |
WEB
|
Adrien Thierry
|
|
2014-10-29
|
|
vBulletin Tapatalk - Blind SQL Injection
|
201 |
WEB
|
tintinweb
|
|
2014-10-28
|
|
vBulletin 4.x Tapatalk Blind SQL Injection
|
114 |
WEB
|
tintinweb
|
|
2014-10-28
|
|
Incredible PBX 2.0.6.5.0 - Remote Command Execution Exploit
|
96 |
WEB
|
Simo Ben Youssef
|
|
2014-10-28
|
|
HP Operations Agent Remote XSS iFrame Injection
|
111 |
WEB
|
Matt Schmidt
|
|
2014-10-28
|
|
Creative Contact Form (Wordpress 0.9.7 and Joomla 2.0.0) - Shell Upload Vulnerability
|
100 |
WEB
|
Claudio Viviani
|
|
2014-10-24
|
|
Centreon SQL / Command Injection
|
109 |
WEB
|
MaZ
|
|
2014-10-24
|
|
WordPress / Joomla Creative Contact Form 0.9.7 Shell Upload
|
109 |
WEB
|
Claudio Viviani
|
|
2014-10-24
|
|
Feng Office 1.7.4 - Arbitrary File Upload
|
82 |
WEB
|
AutoSec Tools
|
|
2014-10-23
|
|
DotNetNuke DNNspot Store 3.0.0 Arbitary File Upload
|
175 |
WEB
|
Glafkos Charalambous
|
|
2014-10-21
|
|
ZTE ZXDSL-931VII - Unauthenticated Configuration Dump
|
262 |
WEB
|
L0ukanik0-s S0kniaku0l
|
|
2014-10-20
|
|
Fonality Trixbox CE 2.8.0.4 Command Execution Vulnerability
|
97 |
WEB
|
Simo Ben
|
|
2014-10-20
|
|
NETIS DL4322D Multiple Vulnerabilities
|
91 |
WEB
|
AkaStep
|
|
2014-10-20
|
|
Wordpress Theme Dazzling Shell Upload Vulnerability
|
112 |
WEB
|
king_cobra
|
|
2014-10-20
|
|
Drupal Core <= 7.32 - SQL Injection (PHP)
|
101 |
WEB
|
Dustin Dörr
|
|
2014-10-20
|
|
Drupal Core <= 7.32 - SQL Injection
|
91 |
WEB
|
fyukyuk
|
|
2014-10-17
|
|
Drupal 7.X SQL Injection
|
205 |
WEB
|
Claudio Viviani
|
|
2014-10-15
|
|
SEO Control Panel 3.6.0 - Authenticated SQL Injection
|
91 |
WEB
|
Tiago Carvalho
|
|
2014-10-14
|
|
Croogo 2.0.0 Arbitrary PHP Code Execution / Cross Site Scripting Vulnerabilities
|
95 |
WEB
|
LiquidWorm
|
|
2014-10-09
|
|
Nessus Web UI 2.3.3 Cross Site Scripting Vulnerability
|
77 |
WEB
|
Frank Lycops
|
|
2014-10-09
|
|
Wordpress InfusionSoft Upload
|
132 |
WEB
|
us3r777
|
|
2014-10-08
|
|
Toast Forums Database Disclosure
|
107 |
WEB
|
indoushka
|
|
2014-10-08
|
|
Snitz Forums 2000 3.4.07 Database Disclosure
|
97 |
WEB
|
indoushka
|
|
2014-10-08
|
|
AutoWeb 3.0 SQL Injection
|
269 |
WEB
|
ZoRLu
|
|
2014-10-08
|
|
Wordpress Slideshow Gallery 1.4.6 - Shell Upload (Python Exploit)
|
82 |
WEB
|
Claudio Viviani
|
|
2014-10-08
|
|
IPFire Cgi Web Interface Authenticated Bash Environment Variable Code Injection exploit
|
105 |
WEB
|
Claudio Viviani
|
|
2014-09-30
|
|
Microsoft Exchange IIS HTTP Internal IP Address Disclosure
|
87 |
WEB
|
Nate Power
|
|
2014-09-30
|
|
OpenFiler 2.99.1 - CSRF Vulnerability
|
98 |
WEB
|
Dolev Farhi
|
|
2014-09-28
|
|
Comersus Sophisticated Cart Database Disclosure
|
94 |
WEB
|
indoushka
|
|
2014-09-26
|
|
Nucom ADSL ADSLR5000UN ISP Credentials Disclosure
|
84 |
WEB
|
Sebastián Magof
|
|
2014-09-25
|
|
ZyXEL Prestig P-660HNU-T1 ISP Credentials Disclosure Exploit
|
99 |
WEB
|
Sebastián Magof
|
|
2014-09-23
|
|
Joomla Face Gallery 1.0 Multiple Vulnerabilities
|
105 |
WEB
|
Claudio Viviani
|
|
2014-09-23
|
|
Joomla Mac Gallery <= 1.5 Arbitrary File Download Exploit
|
95 |
WEB
|
Claudio Viviani
|
|
2014-09-22
|
|
GetSimpleCMS PHP File Upload
|
85 |
WEB
|
Ahmed Elhady Mohamed
|
|
2014-09-19
|
|
Briefcase 4.0 iOS - Code Execution & File Include Vulnerability
|
107 |
WEB
|
Vulnerability-Lab
|
|
2014-09-18
|
|
ZTE ZXDSL-931VII Unauthenticated Configuration Dump
|
355 |
WEB
|
L0ukanik0s
|
|
2014-09-17
|
|
WordPress Slideshow Gallery 1.4.6 Shell Upload
|
87 |
WEB
|
Claudio Viviani
|
|
2014-09-16
|
|
ALCASAR <= 2.8.1 - Remote Root Code Execution Vulnerability
|
140 |
WEB
|
eF
|
|
2014-09-15
|
|
EGYWEB (Mantrac) <= Remote File Disclosure Exploit
|
118 |
WEB
|
KnocKout
|
|
2014-09-12
|
|
Onlineon E-Ticaret Database Disclosure
|
99 |
WEB
|
ZoRLu
|
|
2014-09-12
|
|
Joomla Spider Contacts 1.3.6 (index.php, contacts_id param) - SQL Injection
|
102 |
WEB
|
Claudio Viviani
|
|
2014-08-29
|
|
DomainTrader Domain Parking / Auction Script 2.5.3 CSRF / XSS
|
86 |
WEB
|
Haider Mahmood
|
|
2014-08-29
|
|
XRMS - Blind SQL Injection and Command Execution
|
121 |
WEB
|
Benjamin Harris
|
|
2014-08-29
|
|
PhpWiki - Remote Command Execution
|
67 |
WEB
|
Benjamin Harris
|
|
2014-08-29
|
|
ActualAnalyzer Lite 2.81 - Unauthenticated Command Execution
|
88 |
WEB
|
Benjamin Harris
|
|
2014-08-29
|
|
Plogger 1.0-RC1 - Authenticated Arbitrary File Upload
|
86 |
WEB
|
b0z
|
|
2014-08-20
|
|
HybridAuth install.php PHP Code Execution
|
99 |
WEB
|
Pichaya Morimoto
|
|
2014-08-14
|
|
WordPress Disqus 2.7.5 CSRF / Cross Site Scripting Vulnerabilities
|
129 |
WEB
|
Nik Cubrilovic
|
|
2014-08-13
|
|
CS-Cart 4.2.0 Session Hijacking
|
79 |
WEB
|
Nik Cubrilovic
|
|
2014-08-04
|
|
TigerCom iFolder+ v1.2 iOS - Multiple Vulnerabilities
|
106 |
WEB
|
Vulnerability-Lab
|
|
2014-07-31
|
|
D-Link AP 3200 Multiple Vulnerabilities
|
114 |
WEB
|
pws
|
|
2014-07-31
|
|
SkaDate Lite 2.0 - Remote Code Execution Exploit
|
196 |
WEB
|
LiquidWorm
|
|
2014-07-29
|
|
Oxwall 1.7.0 - Remote Code Execution Exploit
|
147 |
WEB
|
LiquidWorm
|
|
2014-07-29
|
|
Oxwall 1.7.0 - Multiple CSRF And HTML Injection Vulnerabilities
|
101 |
WEB
|
LiquidWorm
|
|
2014-07-28
|
|
Pligg 2.0.1 - Multiple Vulnerabilities
|
94 |
WEB
|
BlackHawk
|
|
2014-07-25
|
|
NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure vulnerability
|
99 |
WEB
|
Dolev Farhi
|
|
2014-07-22
|
|
vBulletin 5.1.2 SQL Injection
|
103 |
WEB
|
Nytro
|
|
2014-07-22
|
|
MTS MBlaze Ultra Wi-Fi / ZTE AC3633 - Multiple Vulnerabilities
|
90 |
WEB
|
Ajin Abraham
|
|
2014-07-16
|
|
Wordpress WPTouch Authenticated File Upload
|
79 |
WEB
|
Marc-Alexandre Montpas
|
