|
2013-10-08
|
|
WordPress Woopra Remote Code Execution
|
98 |
WEB
|
wantexz
|
|
2013-10-08
|
|
WordPress Slimstat Ex Code Execution
|
65 |
WEB
|
wantexz
|
|
2013-10-08
|
|
WordPress SEO Watcher Remote Code Execution
|
79 |
WEB
|
wantexz
|
|
2013-09-27
|
|
Astium Remote Code Execution
|
137 |
WEB
|
xistence
|
|
2013-09-26
|
|
Nodejs js-yaml load() Code Execution
|
117 |
WEB
|
joev
|
|
2013-09-24
|
|
Raidsonic NAS Devices Unauthenticated Remote Command Execution
|
115 |
WEB
|
juan vazquez
|
|
2013-08-29
|
|
SPIP Connect Parameter PHP Injection
|
82 |
WEB
|
Frederic Cikala
|
|
2013-08-15
|
|
Struts2 2.3.15 Open Redirect
|
79 |
WEB
|
Takeshi Terada
|
|
2013-08-15
|
|
Struts2 2.3.15 OGNL Injection
|
351 |
WEB
|
Takeshi Terada
|
|
2013-08-12
|
|
Sybase EAServer XXE Injection
|
66 |
WEB
|
MustLive
|
|
2013-08-08
|
|
MyBB 1.6.10 Open Redirection
|
58 |
WEB
|
LiquidWorm
|
|
2013-07-30
|
|
PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution
|
66 |
WEB
|
Dave Weinstein
|
|
2013-07-30
|
|
PineApp Mail-SeCure ldapsyncnow.php Arbitrary Command Execution
|
73 |
WEB
|
Dave Weinstein
|
|
2013-07-30
|
|
PineApp Mail-SeCure livelog.html Arbitrary Command Execution
|
84 |
WEB
|
temp66
|
|
2013-07-26
|
|
Powershell Payload Web Delivery
|
69 |
WEB
|
Chris Campbell
|
|
2013-06-24
|
|
HP System Management Homepage JustGetSNMPQueue Command Injection
|
87 |
WEB
|
sinn3r
|
|
2013-06-24
|
|
LibrettoCMS File Manager Arbitrary File Upload
|
109 |
WEB
|
sinn3r
|
|
2013-06-19
|
|
MoinMoin twikidraw Action Traversal File Upload
|
76 |
WEB
|
HTP
|
|
2013-06-09
|
|
Resin Application Server 4.0.36 Cross Site Scripting
|
67 |
WEB
|
LiquidWorm
|
|
2013-06-09
|
|
Resin Application Server 4.0.36 Source Code Disclosure
|
66 |
WEB
|
LiquidWorm
|
|
2013-06-08
|
|
JBoss AS Administrative Console Password Disclosure
|
235 |
WEB
|
amroot
|
|
2013-06-04
|
|
Seowonintech Routers Remote Root File Dumper
|
56 |
WEB
|
Todor Donev
|
|
2013-06-03
|
|
PhpTax 0.8 - File Manipulation(newvalue,field) Remote Code Execution
|
102 |
WEB
|
CWH Underground
|
|
2013-05-31
|
|
HP LaserJet Pro P1606dn Password Reset
|
90 |
WEB
|
m3tamantra
|
|
2013-05-29
|
|
Matterdaddy Market 1.4.2 Cross Site Request Forgery / Arbitrary File Upload
|
71 |
WEB
|
KedAns-Dz
|
|
2013-05-20
|
|
D-Link DIR615h OS Command Injection
|
195 |
WEB
|
juan vazquez
|
|
2013-04-26
|
|
phpMyAdmin 3.5.8 and 4.0.0-RC2 - Multiple Vulnerabilities
|
75 |
WEB
|
waraxe
|
|
2013-04-26
|
|
Hornbill Supportworks ITSM 1.0.0 - SQL Injection Vulnerability
|
75 |
WEB
|
Joseph Sheridan
|
|
2013-04-25
|
|
CiviCRM for Joomla 4.2.2 - Remote Code Injection
|
83 |
WEB
|
iskorpitx
|
|
2013-04-25
|
|
SMF 2.0.4 PHP Code Injection
|
182 |
WEB
|
Jakub Galczyk
|
|
2013-04-23
|
|
Janissaries Joomla Civicrm Shell Upload
|
67 |
WEB
|
miyachung
|
|
2013-04-22
|
|
nginx 0.6.x Arbitrary Code Execution NullByte Injection
|
81 |
WEB
|
Neal Poole
|
|
2013-04-22
|
|
Netgear DGN2200B pppoe.cgi Remote Command Execution
|
189 |
WEB
|
juan vazquez
|
|
2013-04-18
|
|
Java Web Start Launcher Memory Corruption
|
179 |
WEB
|
A. Antukh
|
|
2013-04-03
|
|
Aspen 0.8 Directory Traversal
|
73 |
WEB
|
Daniel Ricardo dos Santos
|
|
2013-04-03
|
|
Netgear WNR1000 Authentication Bypass
|
103 |
WEB
|
Roberto Paleari
|
|
2013-03-29
|
|
PsychoStats 3.2.2b Blind SQL Injection
|
64 |
WEB
|
Mohamed from ALG
|
|
2013-03-29
|
|
McAfee Virtual Technician (MVT) 6.5.0.2101 Unsafe Active-X
|
82 |
WEB
|
High-Tech Bridge SA
|
|
2013-03-29
|
|
AWS XMS 2.5 Path Traversal
|
81 |
WEB
|
High-Tech Bridge SA
|
|
2013-03-21
|
|
TP-Link TL-WR740N Wireless Router Remote Denial Of Service
|
100 |
WEB
|
LiquidWorm
|
|
2013-03-15
|
|
QuinStreet Database ID Spoofing
|
80 |
WEB
|
Henry Garrison
|
|
2013-03-14
|
|
LCG Disk Pool Manager SQL Injection
|
60 |
WEB
|
Adam Zabrocki
|
|
2013-03-14
|
|
Apache Rave User Exposure
|
61 |
WEB
|
Andreas Guth
|
|
2013-03-13
|
|
Web Cookbook SQL Injection
|
75 |
WEB
|
Saadat Ullah
|
|
2013-02-20
|
|
OpenEMR PHP File Upload
|
77 |
WEB
|
juan vazquez
|
|
2013-01-29
|
|
PHP Weby Directory Software 1.2 Multiple Vulnerabilities
|
138 |
WEB
|
AkaStep
|
|
2013-01-21
|
|
PHP-Charts 1.0 PHP Code Execution
|
61 |
WEB
|
Akastep
|
|
2013-01-18
|
|
PHP Chart 1.0 Code Execution
|
85 |
WEB
|
Akastep
|
|
2013-01-16
|
|
Oracle Application Framework Diagnostic Mode Bypass
|
105 |
WEB
|
David Byrne
|
|
2013-01-09
|
|
GetSimple 3.1.2 Code Execution
|
52 |
WEB
|
Jakub Galczyk
|
|
2013-01-05
|
|
Elastix 2.3 PHP Code Injection
|
81 |
WEB
|
Faris AKA i-Hmx
|
|
2013-01-05
|
|
Simple Webserver 2.3-rc1 Directory Traversal
|
80 |
WEB
|
CwG GeNiuS
|
|
2012-12-18
|
|
phpwcms 1.5.4.6 Remote Code Execution
|
100 |
WEB
|
aeon flux
|
|
2012-12-07
|
|
Kordil EDMS v2.2.60rc3 SQL Injection Vulnerability
|
79 |
WEB
|
Woody Hughes
|
|
2012-11-30
|
|
FCKEditor ASP Version 2.6.8 File Upload Protection Bypass
|
103 |
WEB
|
Soroush Dalili
|
|
2012-11-30
|
|
Oracle OpenSSO 8.0 Multiple XSS POST Injection Vulnerabilities
|
88 |
WEB
|
LiquidWorm
|
|
2012-11-14
|
|
Invision IP.Board 3.3.4 unserialize() PHP Code Execution
|
92 |
WEB
|
sinn3r
|
|
2012-11-08
|
|
Invision Power Board 3.3.4 Unserialize REGEX Bypass
|
60 |
WEB
|
webDEViL
|
|
2012-10-31
|
|
TP-LINK TL-WR841N Local File Inclusion Vulnerability
|
49 |
WEB
|
Matan Azugi
|
|
2012-10-30
|
|
OneForum Multiple Vulnerabilities
|
60 |
WEB
|
DaOne aka Mocking Bird
|
|
2012-10-30
|
|
Joomla Component com_jce remote Code Injecion / Execution Exploit (perl)
|
96 |
WEB
|
Caddy-Dz
|
|
2012-10-22
|
|
ManageEngine Security Manager Plus <= 5.5 build 5505 Path Traversal
|
107 |
WEB
|
xistence
|
|
2012-10-19
|
|
ModSecurity 2.6.8 Bypass
|
81 |
WEB
|
Bernhard Mueller
|
|
2012-10-18
|
|
Oracle WebCenter Sites (FatWire Content Server) Multiple Vulnerabilities
|
95 |
WEB
|
SEC Consult
|
|
2012-10-16
|
|
AjaXplorer checkInstall.php Remote Command Execution
|
79 |
WEB
|
sinn3r
|
|
2012-10-11
|
|
ServersCheck Monitoring Software v9.0.12 / 9.0.14 - Stored XSS
|
63 |
WEB
|
loneferret
|
|
2012-09-29
|
|
Wordpress phpBAK Red Config Vulnerability
|
63 |
WEB
|
Angel Injection
|
|
2012-09-26
|
|
Auxilium RateMyPet Arbitrary File Upload
|
99 |
WEB
|
sinn3r
|
|
2012-09-24
|
|
ZEN Load Balancer Filelog Command Execution
|
88 |
WEB
|
Brendan Coles
|
|
2012-09-24
|
|
NTR ActiveX Control Check() Method Buffer Overflow
|
103 |
WEB
|
juan vazquez
|
|
2012-09-24
|
|
NTR ActiveX Control StopModule() Remote Code Execution
|
118 |
WEB
|
juan vazquez
|
|
2012-09-17
|
|
Sitecom MD-253 and MD-254 Network Storage Reverse Shell Exploit
|
179 |
WEB
|
Mattijs van Ommeren
|
|
2012-09-05
|
|
JBoss DeploymentFileRepository WAR Deployment
|
96 |
WEB
|
h0ng10
|
|
2012-09-05
|
|
MobileCartly 1.0 Arbitrary File Creation
|
164 |
WEB
|
sinn3r
|
|
2012-09-04
|
|
Android Mobile 2.6.xx Bypass Security Vulnerability
|
100 |
WEB
|
Taurus Omar
|
|
2012-08-31
|
|
AP NetWeaver HostControl Command Injection
|
47 |
WEB
|
juan vazquez
|
|
2012-08-27
|
|
BusinessWiki 2.5RC3 Stored XSS & Arbitrary File Upload
|
52 |
WEB
|
Shai rod
|
|
2012-08-27
|
|
WebPA <= 1.1.0.1 Multiple Vulnerabilities
|
82 |
WEB
|
dun
|
|
2012-08-24
|
|
XODA 0.4.5 Arbitrary PHP File Upload
|
77 |
WEB
|
Shai rod
|
|
2012-08-24
|
|
Apache Struts2 Remote Code Execution
|
109 |
WEB
|
kxlzx
|
|
2012-08-24
|
|
op5 Monitoring v5.4.2 (VM Applicance) Multiple Vulnerabilities
|
78 |
WEB
|
loneferret
|
|
2012-08-23
|
|
E-Mail Security Virtual Appliance learn-msg.cgi Command Injection
|
70 |
WEB
|
iJoo
|
|
2012-08-22
|
|
Symantec Web Gateway <= 5.0.3.18 Arbitrary Password Change (MSF)
|
64 |
WEB
|
Kc57
|
|
2012-08-22
|
|
Symantec Web Gateway <= 5.0.3.18 Arbitrary Password Change
|
66 |
WEB
|
Kc57
|
|
2012-08-15
|
|
MaxForum v1.0.0 Local File Inclusion Vulnerability
|
95 |
WEB
|
ahwak2000
|
|
2012-08-14
|
|
Cyclope Employee Surveillance Solution 6 SQL Injection
|
81 |
WEB
|
sinn3r
|
|
2012-08-14
|
|
TestLink 1.9.3 Arbitrary File Upload
|
160 |
WEB
|
Brendan Coles
|
|
2012-08-10
|
|
Cyclope Employee Surveillance Solution 6.0 SQL Injection
|
55 |
WEB
|
loneferret
|
|
2012-08-09
|
|
IBM Proventia Network Mail Security System 2.5 POST File Read
|
94 |
WEB
|
muts
|
|
2012-08-07
|
|
Power Bulletin Board Bypass
|
63 |
WEB
|
i-Hmx
|
|
2012-08-06
|
|
am4ss Support System 1.2 PHP Code Injection Exploit
|
103 |
WEB
|
i-Hmx
|
|
2012-08-01
|
|
WebPageTest Arbitrary PHP File Upload
|
67 |
WEB
|
sinn3r
|
|
2012-07-31
|
|
Scrutinizer NetFlow / sFlow Analyzer 9.0.1 XSS / Bypass / File Upload
|
67 |
WEB
|
Plixer International
|
|
2012-07-31
|
|
Symantec Web Gateway 5.0.3.18 (deptUploads_data.php groupid parameter) Blind SQLi
|
108 |
WEB
|
@_Kc57
|
|
2012-07-30
|
|
CuteFlow 2.11.2 Arbitrary File Upload
|
113 |
WEB
|
Brendan Coles
|
|
2012-07-27
|
|
Redaxo 4.4 Cross Site Scripting Vulnerability
|
87 |
WEB
|
High-Tech Bridge Security Research Lab
|
|
2012-07-27
|
|
PHP UnZIP v0.1 - Full Disclosure
|
85 |
WEB
|
TAURUS OMAR
|
|
2012-07-27
|
|
Develoweb - Blind SQL Injection Vulnerability
|
48 |
WEB
|
TAURUS OMAR
|
|
2012-07-27
|
|
Thelia 1.5.1 Cross Site Scripting
|
65 |
WEB
|
HTTPCS
|
|
2012-07-26
|
|
Joomla com_odudeprofile V2.x Exploit
|
101 |
WEB
|
Daniel Barragan "D4NB4R"
|
|
2012-07-25
|
|
Zabbix 2.0.1 and Earlier Session Extractor 0day
|
100 |
WEB
|
muts
|
|
2012-07-25
|
|
WordPress Front End Upload v0.5.4.4 Arbitrary PHP File Upload
|
66 |
WEB
|
Chris Kellum
|
|
2012-07-25
|
|
phpProfiles 4.5.4 Beta XSS / RFI / SQL Injection
|
86 |
WEB
|
L0n3ly-H34rT
|
|
2012-07-24
|
|
AlienVault OSSIM 3.1 Reflected XSS and Blind SQL Injection
|
68 |
WEB
|
muts
|
|
2012-07-24
|
|
Symantec Web Gateway 5.0.3.18 Blind SQLi Backdoor via MySQL Triggers
|
76 |
WEB
|
muts
|
|
2012-07-24
|
|
Symantec Web Gateway 5.0.2 (blocked.php id parameter) Blind SQL Injection
|
71 |
WEB
|
muts
|
|
2012-07-24
|
|
EGallery PHP File Upload Vulnerability
|
132 |
WEB
|
juan
|
|
2012-07-23
|
|
Ipswitch WhatsUp Gold 15.02 Stored XSS - Blind SQLi - RCE
|
75 |
WEB
|
muts
|
|
2012-07-23
|
|
Dell SonicWALL Scrutinizer 9.0.1 (statusFilter.php q parameter) SQL Injection
|
76 |
WEB
|
muts
|
|
2012-07-23
|
|
SolarWinds Orion Network Performance Monitor 10.2.2 Multiple Vulnerabilities
|
151 |
WEB
|
muts
|
|
2012-07-20
|
|
Maian Survey 1.1 Local File Inclusion / Open Redirection
|
52 |
WEB
|
PuN!Sh3r
|
|
2012-07-20
|
|
Joomla Hello Local File Inclusion
|
213 |
WEB
|
Ajax Security Team
|
|
2012-07-18
|
|
MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities
|
387 |
WEB
|
Stefan Schurtz
|
|
2012-07-18
|
|
WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities
|
60 |
WEB
|
Stefan Schurtz
|
|
2012-07-18
|
|
Forum Oxalis <= 0.1.2 SQL Injection Vulnerability
|
49 |
WEB
|
Jean Pascal Pereira
|
|
2012-07-17
|
|
Wordpress Diary/Notebook Site5 Theme Email Spoofing
|
66 |
WEB
|
bwallHatesTwits
|
|
2012-07-16
|
|
Shopware 3.5 SQL Injection
|
82 |
WEB
|
Kataklysmos
|
|
2012-07-13
|
|
WordPress Generic plugins Arbitrary File Upload (Metasploit)
|
122 |
WEB
|
KedAns-Dz
|
|
2012-07-13
|
|
Hastymail 2.1.1 RC1 Command Injection
|
159 |
WEB
|
juan vazquez
|
|
2012-07-12
|
|
IE9, SharePoint, Lync toStaticHTML HTML Sanitizing Bypass
|
93 |
WEB
|
Adi Cohen
|
|
2012-07-11
|
|
Joomla (makedown.php) Local File Inclusion/download
|
79 |
WEB
|
Th3 Bl4Ck H4Ck3R
|
|
2012-07-11
|
|
BookNux 0.2 Cross Site Scripting / SQL Injection
|
75 |
WEB
|
Jean Pascal Pereira
|
|
2012-07-11
|
|
Simrik Solutions Sql Injection Vulnerablity
|
90 |
WEB
|
gilang
|
|
2012-07-11
|
|
Wordpress Plugins - leaflet maps marker Blind SQL Injection Vulnerability
|
88 |
WEB
|
KinG Of PiraTeS
|
|
2012-07-11
|
|
Vivotek Full Data Source CONFIG
|
70 |
WEB
|
Alejandro Leon Morales
|
