|
2012-08-22
|
|
Symantec Web Gateway <= 5.0.3.18 Arbitrary Password Change (MSF)
|
66 |
WEB
|
Kc57
|
|
2012-08-22
|
|
Symantec Web Gateway <= 5.0.3.18 Arbitrary Password Change
|
68 |
WEB
|
Kc57
|
|
2012-08-15
|
|
MaxForum v1.0.0 Local File Inclusion Vulnerability
|
97 |
WEB
|
ahwak2000
|
|
2012-08-14
|
|
Cyclope Employee Surveillance Solution 6 SQL Injection
|
84 |
WEB
|
sinn3r
|
|
2012-08-14
|
|
TestLink 1.9.3 Arbitrary File Upload
|
162 |
WEB
|
Brendan Coles
|
|
2012-08-10
|
|
Cyclope Employee Surveillance Solution 6.0 SQL Injection
|
59 |
WEB
|
loneferret
|
|
2012-08-09
|
|
IBM Proventia Network Mail Security System 2.5 POST File Read
|
98 |
WEB
|
muts
|
|
2012-08-07
|
|
Power Bulletin Board Bypass
|
64 |
WEB
|
i-Hmx
|
|
2012-08-06
|
|
am4ss Support System 1.2 PHP Code Injection Exploit
|
107 |
WEB
|
i-Hmx
|
|
2012-08-01
|
|
WebPageTest Arbitrary PHP File Upload
|
69 |
WEB
|
sinn3r
|
|
2012-07-31
|
|
Scrutinizer NetFlow / sFlow Analyzer 9.0.1 XSS / Bypass / File Upload
|
71 |
WEB
|
Plixer International
|
|
2012-07-31
|
|
Symantec Web Gateway 5.0.3.18 (deptUploads_data.php groupid parameter) Blind SQLi
|
112 |
WEB
|
@_Kc57
|
|
2012-07-30
|
|
CuteFlow 2.11.2 Arbitrary File Upload
|
115 |
WEB
|
Brendan Coles
|
|
2012-07-27
|
|
Redaxo 4.4 Cross Site Scripting Vulnerability
|
91 |
WEB
|
High-Tech Bridge Security Research Lab
|
|
2012-07-27
|
|
PHP UnZIP v0.1 - Full Disclosure
|
89 |
WEB
|
TAURUS OMAR
|
|
2012-07-27
|
|
Develoweb - Blind SQL Injection Vulnerability
|
52 |
WEB
|
TAURUS OMAR
|
|
2012-07-27
|
|
Thelia 1.5.1 Cross Site Scripting
|
68 |
WEB
|
HTTPCS
|
|
2012-07-26
|
|
Joomla com_odudeprofile V2.x Exploit
|
103 |
WEB
|
Daniel Barragan "D4NB4R"
|
|
2012-07-25
|
|
Zabbix 2.0.1 and Earlier Session Extractor 0day
|
104 |
WEB
|
muts
|
|
2012-07-25
|
|
WordPress Front End Upload v0.5.4.4 Arbitrary PHP File Upload
|
69 |
WEB
|
Chris Kellum
|
|
2012-07-25
|
|
phpProfiles 4.5.4 Beta XSS / RFI / SQL Injection
|
88 |
WEB
|
L0n3ly-H34rT
|
|
2012-07-24
|
|
AlienVault OSSIM 3.1 Reflected XSS and Blind SQL Injection
|
70 |
WEB
|
muts
|
|
2012-07-24
|
|
Symantec Web Gateway 5.0.3.18 Blind SQLi Backdoor via MySQL Triggers
|
79 |
WEB
|
muts
|
|
2012-07-24
|
|
Symantec Web Gateway 5.0.2 (blocked.php id parameter) Blind SQL Injection
|
75 |
WEB
|
muts
|
|
2012-07-24
|
|
EGallery PHP File Upload Vulnerability
|
135 |
WEB
|
juan
|
|
2012-07-23
|
|
Ipswitch WhatsUp Gold 15.02 Stored XSS - Blind SQLi - RCE
|
79 |
WEB
|
muts
|
|
2012-07-23
|
|
Dell SonicWALL Scrutinizer 9.0.1 (statusFilter.php q parameter) SQL Injection
|
81 |
WEB
|
muts
|
|
2012-07-23
|
|
SolarWinds Orion Network Performance Monitor 10.2.2 Multiple Vulnerabilities
|
156 |
WEB
|
muts
|
|
2012-07-20
|
|
Maian Survey 1.1 Local File Inclusion / Open Redirection
|
55 |
WEB
|
PuN!Sh3r
|
|
2012-07-20
|
|
Joomla Hello Local File Inclusion
|
217 |
WEB
|
Ajax Security Team
|
|
2012-07-18
|
|
MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities
|
391 |
WEB
|
Stefan Schurtz
|
|
2012-07-18
|
|
WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities
|
63 |
WEB
|
Stefan Schurtz
|
|
2012-07-18
|
|
Forum Oxalis <= 0.1.2 SQL Injection Vulnerability
|
52 |
WEB
|
Jean Pascal Pereira
|
|
2012-07-17
|
|
Wordpress Diary/Notebook Site5 Theme Email Spoofing
|
68 |
WEB
|
bwallHatesTwits
|
|
2012-07-16
|
|
Shopware 3.5 SQL Injection
|
84 |
WEB
|
Kataklysmos
|
|
2012-07-13
|
|
WordPress Generic plugins Arbitrary File Upload (Metasploit)
|
126 |
WEB
|
KedAns-Dz
|
|
2012-07-13
|
|
Hastymail 2.1.1 RC1 Command Injection
|
162 |
WEB
|
juan vazquez
|
|
2012-07-12
|
|
IE9, SharePoint, Lync toStaticHTML HTML Sanitizing Bypass
|
96 |
WEB
|
Adi Cohen
|
|
2012-07-11
|
|
Joomla (makedown.php) Local File Inclusion/download
|
83 |
WEB
|
Th3 Bl4Ck H4Ck3R
|
|
2012-07-11
|
|
BookNux 0.2 Cross Site Scripting / SQL Injection
|
79 |
WEB
|
Jean Pascal Pereira
|
|
2012-07-11
|
|
Simrik Solutions Sql Injection Vulnerablity
|
93 |
WEB
|
gilang
|
|
2012-07-11
|
|
Wordpress Plugins - leaflet maps marker Blind SQL Injection Vulnerability
|
89 |
WEB
|
KinG Of PiraTeS
|
|
2012-07-11
|
|
Vivotek Full Data Source CONFIG
|
73 |
WEB
|
Alejandro Leon Morales
|
|
2012-07-11
|
|
WordPress WP-Predict Plugin v1.0 Blind SQL Injection
|
144 |
WEB
|
Chris Kellum
|
|
2012-07-11
|
|
Netsweeper WebAdmin Portal Multiple Vulnerabilities
|
211 |
WEB
|
Jacob Holcomb
|
|
2012-07-10
|
|
Eclydre Web Manager Arbitrary File Upload Vulnerability
|
196 |
WEB
|
Sammy FORGIT
|
|
2012-07-09
|
|
WebsitePanel CMS Open Redirect
|
67 |
WEB
|
Anastasios Monachos
|
|
2012-07-09
|
|
Umbraco CMS Remote Command Execution
|
91 |
WEB
|
Toby Clarke
|
|
2012-07-09
|
|
Tiki Wiki <= 8.3 unserialize() PHP Code Execution
|
78 |
WEB
|
EgiX
|
|
2012-07-09
|
|
Basilic 1.5.14 diff.php Arbitrary Command Execution
|
72 |
WEB
|
sinn3r
|
|
2012-07-09
|
|
Elfchat 5.1.2 Pro Cross Site Scripting
|
91 |
WEB
|
Avatar Fearless
|
|
2012-07-06
|
|
CLscript CMS 3.0 SQL Injection / Cross Site Scripting
|
84 |
WEB
|
vulnerability-lab.com
|
|
2012-07-06
|
|
Freeside SelfService CGI|API 2.3.3 Cross Site Scripting / SQL Injection
|
58 |
WEB
|
Ibrahim El-Sayed
|
|
2012-07-06
|
|
Classifieds Ads Script PHP 1.1 SQL Injection
|
81 |
WEB
|
snup
|
|
2012-07-06
|
|
GuestBook Scripts PHP 1.5 Cross Site Scripting / SQL Injection
|
158 |
WEB
|
snup
|
|
2012-07-06
|
|
Event Script PHP CMS 1.1 SQL Injection
|
83 |
WEB
|
snup
|
|
2012-07-06
|
|
Tiki Wiki CMS Groupware 8.3 Code Execution
|
75 |
WEB
|
EgiX
|
|
2012-07-04
|
|
Sava’s Simple Upload Script / Delete Arbitrary File
|
94 |
WEB
|
Daniel Godoy
|
|
2012-07-04
|
|
Sava’s Simple Upload Script / Arbitrary File Upload
|
148 |
WEB
|
Daniel Godoy
|
|
2012-07-04
|
|
phpMyBackupPro <= 2.2 Local File Inclusion Vulnerability
|
69 |
WEB
|
dun
|
|
2012-07-04
|
|
CLscript Classified Script 3.0 SQL Injection
|
107 |
WEB
|
Daniel Godoy
|
|
2012-07-04
|
|
gp easy CMS Minishop 1.5 Plugin Persistent XSS
|
66 |
WEB
|
Carlos Mario Penagos Hollmann
|
|
2012-07-03
|
|
WordPress yet-another-photoblog plugin Full path disclosure Vulnerability
|
122 |
WEB
|
KinG Of PiraTeS
|
|
2012-07-03
|
|
Geswebs - SQL Injection Vulnerability
|
91 |
WEB
|
TheCyberNuxbie
|
|
2012-07-03
|
|
Global Pixel - SQL Injection Vulnerability
|
89 |
WEB
|
TAURUS OMAR
|
|
2012-07-03
|
|
vBulletin 3.x.x full path disclosure Vulnerability
|
98 |
WEB
|
Angel Injection
|
|
2012-07-03
|
|
BoutikOne CSRF Add User Vulnerability
|
96 |
WEB
|
GarA
|
|
2012-07-03
|
|
BoutikOne ByPass & Download Backup Vulnerability
|
85 |
WEB
|
GarA
|
|
2012-07-03
|
|
WANGKONGBAO CNS-1000 UTM IPS-FW Directory Traversal
|
62 |
WEB
|
Dillon Beresford
|
|
2012-07-03
|
|
IIS Short File/Folder Name Disclosure
|
93 |
WEB
|
Soroush Dalili
|
|
2012-06-20
|
|
iBoutique eCommerce v4.0 Multiple Web Vulnerabilites
|
283 |
WEB
|
Vulnerability-Lab
|
|
2012-06-20
|
|
CMS Balitbang - CSRF/XSS Vulnerability
|
84 |
WEB
|
TheCyberNuxbie
|
|
2012-06-19
|
|
e107 Plugins - Image Gallery Remote File Disclosure Vulnerability
|
67 |
WEB
|
Sammy FORGIT
|
|
2012-06-19
|
|
e107 Plugins - Hupsi fancybox Arbitrary File Upload Vulnerability
|
64 |
WEB
|
Sammy FORGIT
|
|
2012-06-19
|
|
e107 Plugins - Filemanager Arbitrary File Upload Vulnerability
|
51 |
WEB
|
Sammy FORGIT
|
|
2012-06-19
|
|
e107 Plugins - Radio Plan Arbitrary File Upload Vulnerability
|
107 |
WEB
|
Sammy FORGIT
|
|
2012-06-19
|
|
e107 Plugins - Tap Arbitrary File Upload Vulnerability
|
50 |
WEB
|
Sammy FORGIT
|
|
2012-06-19
|
|
e107 Plugins - Hupsis Media Gallery Arbitrary File Upload Vulnerability
|
62 |
WEB
|
Sammy FORGIT
|
|
2012-06-19
|
|
e107 Plugins - Hupsi Share Arbitrary File Upload Vulnerability
|
69 |
WEB
|
Sammy FORGIT
|
|
2012-06-19
|
|
e107 Plugins - FilleDownload Plugin Multiple Vulnerability
|
93 |
WEB
|
Sammy FORGIT
|
|
2012-06-19
|
|
proservice cms Sql Injection Vulnerablity
|
92 |
WEB
|
cheki
|
|
2012-06-19
|
|
MyTickets 1 to 2.0.8 Blind SQL Injection
|
73 |
WEB
|
al-swisre
|
|
2012-06-19
|
|
Nuked Klan SP CMS v4.5 SQL Injection Vulnerability
|
88 |
WEB
|
Vulnerability-Lab
|
|
2012-06-15
|
|
qdPM v.7 Arbitrary File upload
|
94 |
WEB
|
loneferret
|
|
2012-06-14
|
|
Wordpress Plugins - Invit0r Arbitrary File Upload Vulnerability
|
83 |
WEB
|
Sammy FORGIT
|
|
2012-06-14
|
|
Wordpress Plugins - Evarisk Arbitrary File Upload Vulnerability
|
80 |
WEB
|
Sammy FORGIT
|
|
2012-06-14
|
|
RevolutionTechnologies - SQL Injection Vulnerability
|
57 |
WEB
|
TheCyberNuxbie
|
|
2012-06-14
|
|
PHP 5.4.3 (cli) code read vulnerability
|
72 |
WEB
|
cheki
|
|
2012-06-14
|
|
seoPLUSteam SQL Injection Vulnerability
|
57 |
WEB
|
Iranian_Dark_Coders_Team
|
|
2012-06-14
|
|
XAMPP Windows 1.7.7 multiple XSS/Blind SQL Injection Vulnerabilities
|
75 |
WEB
|
Sangteamtham
|
|
2012-06-14
|
|
WordPress plugin Foxypress uploadify.php Arbitrary Code Execution
|
66 |
WEB
|
patrick
|
|
2012-06-13
|
|
Edimax IC-3030iWn Authentication Bypass
|
68 |
WEB
|
y3dips
|
|
2012-06-13
|
|
Wordpress Plugins - Annonces Arbitrary File Upload Vulnerability
|
74 |
WEB
|
Sammy FORGIT
|
|
2012-06-13
|
|
Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection
|
65 |
WEB
|
juan vazquez
|
|
2012-06-12
|
|
[Spanish] Remote Command Execution through Local File Inclusion
|
95 |
WEB
|
JosS
|
|
2012-06-12
|
|
TheBlog <= 2.0 Multiple Vulnerabilities
|
88 |
WEB
|
WhiteCollarGroup
|
|
2012-06-12
|
|
Agora-Project 2.12.11 Arbitrary File Upload Vulnerability
|
80 |
WEB
|
Misa3l
|
|
2012-06-12
|
|
ClanSuite 2.9 Arbitrary File Upload Vulnerability
|
71 |
WEB
|
Adrien Thierry
|
|
2012-06-11
|
|
Symantec Web Gateway 5.0.2.8 Arbitrary PHP File Upload Vulnerability
|
100 |
WEB
|
juan vazquez
|
|
2012-06-11
|
|
phpAcounts v.0.5.3 SQL Injection
|
81 |
WEB
|
loneferret
|
|
2012-06-11
|
|
Wordpress wpStoreCart Plugin 2.5.27-2.5.29 Arbitrary File Upload
|
56 |
WEB
|
Sammy FORGIT
|
|
2012-06-11
|
|
Wordpress RBX Gallery Plugin 2.1 Arbitrary File Upload
|
82 |
WEB
|
Sammy FORGIT
|
|
2012-06-08
|
|
Wordpress Omni Secure Files Plugin 0.1.13 Arbitrary File Upload
|
96 |
WEB
|
Adrien Thierry
|
|
2012-06-08
|
|
Wordpress Front End Upload 0.5.3 Arbitrary File Upload
|
78 |
WEB
|
Adrien Thierry
|
|
2012-06-08
|
|
PHPNet <= 1.8 (ler.php) SQL Injection
|
77 |
WEB
|
WhiteCollarGroup
|
|
2012-06-08
|
|
SN News <= 1.2 (/admin/loger.php) Admin Bypass SQL Injection
|
131 |
WEB
|
Pr0T3cT10n
|
|
2012-06-07
|
|
Vanilla kPoll Plugin 1.2 Stored XSS
|
76 |
WEB
|
Henry Hoggard
|
|
2012-06-07
|
|
SN News (visualiza.php) <= 1.2 SQL Injection
|
102 |
WEB
|
WhiteCollarGroup
|
|
2012-06-07
|
|
Wordpress Gallery Plugin 3.06 Arbitrary File Upload
|
87 |
WEB
|
Sammy FORGIT
|
|
2012-06-07
|
|
Wordpress MM Forms Community Plugin 2.2.6 Arbitrary File Upload
|
88 |
WEB
|
Sammy FORGIT
|
|
2012-06-07
|
|
Wordpress VideoWhisper Video Presentation Plugin 3.17 Arbitrary File Upload
|
78 |
WEB
|
Sammy FORGIT
|
|
2012-06-07
|
|
Wordpress FCChat Widget 2.2.12.4 Arbitrary File Upload
|
90 |
WEB
|
Sammy FORGIT
|
|
2012-06-07
|
|
Wordpress Font Uploader Plugin 1.2.4 Arbitrary File Upload
|
60 |
WEB
|
Sammy FORGIT
|
|
2012-06-07
|
|
Evolutia Design - SQL Injection Vulnerability
|
86 |
WEB
|
D0m12
|
|
2012-06-07
|
|
Bigware Shop SQL Injection Vulnerability
|
89 |
WEB
|
expku
|
|
2012-06-06
|
|
Wordpress Asset Manager Plugin 0.2 Arbitrary File Upload
|
74 |
WEB
|
Sammy FORGIT
|
|
2012-06-06
|
|
Wordpress Foxypress Plugin 0.4.1.1 - 0.4.2.1 Arbitrary File Upload
|
74 |
WEB
|
Sammy FORGIT
|
|
2012-06-06
|
|
Wordpress HTML5 AV Manager Plugin 0.2.7 Arbitrary File Upload
|
89 |
WEB
|
Sammy FORGIT
|
|
2012-06-06
|
|
Wordpress Google Maps via Store Locator Plugin Multiple Vulnerabilities
|
74 |
WEB
|
Sammy FORGIT
|
|
2012-06-06
|
|
Wordpress WP Marketplace Plugin 1.5.0 - 1.6.1 Arbitrary File Upload
|
80 |
WEB
|
Sammy FORGIT
|
|
2012-06-06
|
|
Wordpress WP-Property Plugin 1.35.0 Arbitrary File Upload
|
97 |
WEB
|
Sammy FORGIT
|
|
2012-06-06
|
|
Mnews <= 1.1 (view.php) SQL Injection
|
66 |
WEB
|
WhiteCollarGroup
|
|
2012-06-06
|
|
Hexamail Server <= 4.4.5 Persistent XSS Vulnerability
|
91 |
WEB
|
modpr0be
|
|
2012-06-04
|
|
Log1 CMS writeInfo() PHP Code Injection
|
90 |
WEB
|
sinn3r
|
|
2012-06-01
|
|
Supernews <= 2.6.1 (noticias.php cat) SQL Injection
|
56 |
WEB
|
Pr0T3cT10n
|
