|
2013-04-03
|
|
Aspen 0.8 Directory Traversal
|
85 |
WEB
|
Daniel Ricardo dos Santos
|
|
2013-04-03
|
|
Netgear WNR1000 Authentication Bypass
|
119 |
WEB
|
Roberto Paleari
|
|
2013-03-29
|
|
PsychoStats 3.2.2b Blind SQL Injection
|
75 |
WEB
|
Mohamed from ALG
|
|
2013-03-29
|
|
McAfee Virtual Technician (MVT) 6.5.0.2101 Unsafe Active-X
|
93 |
WEB
|
High-Tech Bridge SA
|
|
2013-03-29
|
|
AWS XMS 2.5 Path Traversal
|
92 |
WEB
|
High-Tech Bridge SA
|
|
2013-03-21
|
|
TP-Link TL-WR740N Wireless Router Remote Denial Of Service
|
110 |
WEB
|
LiquidWorm
|
|
2013-03-15
|
|
QuinStreet Database ID Spoofing
|
96 |
WEB
|
Henry Garrison
|
|
2013-03-14
|
|
LCG Disk Pool Manager SQL Injection
|
70 |
WEB
|
Adam Zabrocki
|
|
2013-03-14
|
|
Apache Rave User Exposure
|
73 |
WEB
|
Andreas Guth
|
|
2013-03-13
|
|
Web Cookbook SQL Injection
|
88 |
WEB
|
Saadat Ullah
|
|
2013-02-20
|
|
OpenEMR PHP File Upload
|
94 |
WEB
|
juan vazquez
|
|
2013-01-29
|
|
PHP Weby Directory Software 1.2 Multiple Vulnerabilities
|
153 |
WEB
|
AkaStep
|
|
2013-01-21
|
|
PHP-Charts 1.0 PHP Code Execution
|
73 |
WEB
|
Akastep
|
|
2013-01-18
|
|
PHP Chart 1.0 Code Execution
|
96 |
WEB
|
Akastep
|
|
2013-01-16
|
|
Oracle Application Framework Diagnostic Mode Bypass
|
122 |
WEB
|
David Byrne
|
|
2013-01-09
|
|
GetSimple 3.1.2 Code Execution
|
65 |
WEB
|
Jakub Galczyk
|
|
2013-01-05
|
|
Elastix 2.3 PHP Code Injection
|
91 |
WEB
|
Faris AKA i-Hmx
|
|
2013-01-05
|
|
Simple Webserver 2.3-rc1 Directory Traversal
|
93 |
WEB
|
CwG GeNiuS
|
|
2012-12-18
|
|
phpwcms 1.5.4.6 Remote Code Execution
|
112 |
WEB
|
aeon flux
|
|
2012-12-07
|
|
Kordil EDMS v2.2.60rc3 SQL Injection Vulnerability
|
97 |
WEB
|
Woody Hughes
|
|
2012-11-30
|
|
FCKEditor ASP Version 2.6.8 File Upload Protection Bypass
|
116 |
WEB
|
Soroush Dalili
|
|
2012-11-30
|
|
Oracle OpenSSO 8.0 Multiple XSS POST Injection Vulnerabilities
|
100 |
WEB
|
LiquidWorm
|
|
2012-11-14
|
|
Invision IP.Board 3.3.4 unserialize() PHP Code Execution
|
107 |
WEB
|
sinn3r
|
|
2012-11-08
|
|
Invision Power Board 3.3.4 Unserialize REGEX Bypass
|
75 |
WEB
|
webDEViL
|
|
2012-10-31
|
|
TP-LINK TL-WR841N Local File Inclusion Vulnerability
|
67 |
WEB
|
Matan Azugi
|
|
2012-10-30
|
|
OneForum Multiple Vulnerabilities
|
77 |
WEB
|
DaOne aka Mocking Bird
|
|
2012-10-30
|
|
Joomla Component com_jce remote Code Injecion / Execution Exploit (perl)
|
115 |
WEB
|
Caddy-Dz
|
|
2012-10-22
|
|
ManageEngine Security Manager Plus <= 5.5 build 5505 Path Traversal
|
120 |
WEB
|
xistence
|
|
2012-10-19
|
|
ModSecurity 2.6.8 Bypass
|
97 |
WEB
|
Bernhard Mueller
|
|
2012-10-18
|
|
Oracle WebCenter Sites (FatWire Content Server) Multiple Vulnerabilities
|
110 |
WEB
|
SEC Consult
|
|
2012-10-16
|
|
AjaXplorer checkInstall.php Remote Command Execution
|
92 |
WEB
|
sinn3r
|
|
2012-10-11
|
|
ServersCheck Monitoring Software v9.0.12 / 9.0.14 - Stored XSS
|
79 |
WEB
|
loneferret
|
|
2012-09-29
|
|
Wordpress phpBAK Red Config Vulnerability
|
78 |
WEB
|
Angel Injection
|
|
2012-09-26
|
|
Auxilium RateMyPet Arbitrary File Upload
|
117 |
WEB
|
sinn3r
|
|
2012-09-24
|
|
ZEN Load Balancer Filelog Command Execution
|
109 |
WEB
|
Brendan Coles
|
|
2012-09-24
|
|
NTR ActiveX Control Check() Method Buffer Overflow
|
123 |
WEB
|
juan vazquez
|
|
2012-09-24
|
|
NTR ActiveX Control StopModule() Remote Code Execution
|
134 |
WEB
|
juan vazquez
|
|
2012-09-17
|
|
Sitecom MD-253 and MD-254 Network Storage Reverse Shell Exploit
|
194 |
WEB
|
Mattijs van Ommeren
|
|
2012-09-05
|
|
JBoss DeploymentFileRepository WAR Deployment
|
111 |
WEB
|
h0ng10
|
|
2012-09-05
|
|
MobileCartly 1.0 Arbitrary File Creation
|
178 |
WEB
|
sinn3r
|
|
2012-09-04
|
|
Android Mobile 2.6.xx Bypass Security Vulnerability
|
114 |
WEB
|
Taurus Omar
|
|
2012-08-31
|
|
AP NetWeaver HostControl Command Injection
|
60 |
WEB
|
juan vazquez
|
|
2012-08-27
|
|
BusinessWiki 2.5RC3 Stored XSS & Arbitrary File Upload
|
69 |
WEB
|
Shai rod
|
|
2012-08-27
|
|
WebPA <= 1.1.0.1 Multiple Vulnerabilities
|
97 |
WEB
|
dun
|
|
2012-08-24
|
|
XODA 0.4.5 Arbitrary PHP File Upload
|
96 |
WEB
|
Shai rod
|
|
2012-08-24
|
|
Apache Struts2 Remote Code Execution
|
123 |
WEB
|
kxlzx
|
|
2012-08-24
|
|
op5 Monitoring v5.4.2 (VM Applicance) Multiple Vulnerabilities
|
93 |
WEB
|
loneferret
|
|
2012-08-23
|
|
E-Mail Security Virtual Appliance learn-msg.cgi Command Injection
|
87 |
WEB
|
iJoo
|
|
2012-08-22
|
|
Symantec Web Gateway <= 5.0.3.18 Arbitrary Password Change (MSF)
|
77 |
WEB
|
Kc57
|
|
2012-08-22
|
|
Symantec Web Gateway <= 5.0.3.18 Arbitrary Password Change
|
80 |
WEB
|
Kc57
|
|
2012-08-15
|
|
MaxForum v1.0.0 Local File Inclusion Vulnerability
|
110 |
WEB
|
ahwak2000
|
|
2012-08-14
|
|
Cyclope Employee Surveillance Solution 6 SQL Injection
|
93 |
WEB
|
sinn3r
|
|
2012-08-14
|
|
TestLink 1.9.3 Arbitrary File Upload
|
173 |
WEB
|
Brendan Coles
|
|
2012-08-10
|
|
Cyclope Employee Surveillance Solution 6.0 SQL Injection
|
71 |
WEB
|
loneferret
|
|
2012-08-09
|
|
IBM Proventia Network Mail Security System 2.5 POST File Read
|
109 |
WEB
|
muts
|
|
2012-08-07
|
|
Power Bulletin Board Bypass
|
75 |
WEB
|
i-Hmx
|
|
2012-08-06
|
|
am4ss Support System 1.2 PHP Code Injection Exploit
|
115 |
WEB
|
i-Hmx
|
|
2012-08-01
|
|
WebPageTest Arbitrary PHP File Upload
|
80 |
WEB
|
sinn3r
|
|
2012-07-31
|
|
Scrutinizer NetFlow / sFlow Analyzer 9.0.1 XSS / Bypass / File Upload
|
80 |
WEB
|
Plixer International
|
|
2012-07-31
|
|
Symantec Web Gateway 5.0.3.18 (deptUploads_data.php groupid parameter) Blind SQLi
|
122 |
WEB
|
@_Kc57
|
|
2012-07-30
|
|
CuteFlow 2.11.2 Arbitrary File Upload
|
126 |
WEB
|
Brendan Coles
|
|
2012-07-27
|
|
Redaxo 4.4 Cross Site Scripting Vulnerability
|
101 |
WEB
|
High-Tech Bridge Security Research Lab
|
|
2012-07-27
|
|
PHP UnZIP v0.1 - Full Disclosure
|
99 |
WEB
|
TAURUS OMAR
|
|
2012-07-27
|
|
Develoweb - Blind SQL Injection Vulnerability
|
63 |
WEB
|
TAURUS OMAR
|
|
2012-07-27
|
|
Thelia 1.5.1 Cross Site Scripting
|
79 |
WEB
|
HTTPCS
|
|
2012-07-26
|
|
Joomla com_odudeprofile V2.x Exploit
|
115 |
WEB
|
Daniel Barragan "D4NB4R"
|
|
2012-07-25
|
|
Zabbix 2.0.1 and Earlier Session Extractor 0day
|
115 |
WEB
|
muts
|
|
2012-07-25
|
|
WordPress Front End Upload v0.5.4.4 Arbitrary PHP File Upload
|
81 |
WEB
|
Chris Kellum
|
|
2012-07-25
|
|
phpProfiles 4.5.4 Beta XSS / RFI / SQL Injection
|
98 |
WEB
|
L0n3ly-H34rT
|
|
2012-07-24
|
|
AlienVault OSSIM 3.1 Reflected XSS and Blind SQL Injection
|
80 |
WEB
|
muts
|
|
2012-07-24
|
|
Symantec Web Gateway 5.0.3.18 Blind SQLi Backdoor via MySQL Triggers
|
88 |
WEB
|
muts
|
|
2012-07-24
|
|
Symantec Web Gateway 5.0.2 (blocked.php id parameter) Blind SQL Injection
|
85 |
WEB
|
muts
|
|
2012-07-24
|
|
EGallery PHP File Upload Vulnerability
|
147 |
WEB
|
juan
|
|
2012-07-23
|
|
Ipswitch WhatsUp Gold 15.02 Stored XSS - Blind SQLi - RCE
|
88 |
WEB
|
muts
|
|
2012-07-23
|
|
Dell SonicWALL Scrutinizer 9.0.1 (statusFilter.php q parameter) SQL Injection
|
93 |
WEB
|
muts
|
|
2012-07-23
|
|
SolarWinds Orion Network Performance Monitor 10.2.2 Multiple Vulnerabilities
|
163 |
WEB
|
muts
|
|
2012-07-20
|
|
Maian Survey 1.1 Local File Inclusion / Open Redirection
|
66 |
WEB
|
PuN!Sh3r
|
|
2012-07-20
|
|
Joomla Hello Local File Inclusion
|
228 |
WEB
|
Ajax Security Team
|
|
2012-07-18
|
|
MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities
|
402 |
WEB
|
Stefan Schurtz
|
|
2012-07-18
|
|
WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities
|
74 |
WEB
|
Stefan Schurtz
|
|
2012-07-18
|
|
Forum Oxalis <= 0.1.2 SQL Injection Vulnerability
|
65 |
WEB
|
Jean Pascal Pereira
|
|
2012-07-17
|
|
Wordpress Diary/Notebook Site5 Theme Email Spoofing
|
79 |
WEB
|
bwallHatesTwits
|
|
2012-07-16
|
|
Shopware 3.5 SQL Injection
|
93 |
WEB
|
Kataklysmos
|
|
2012-07-13
|
|
WordPress Generic plugins Arbitrary File Upload (Metasploit)
|
139 |
WEB
|
KedAns-Dz
|
|
2012-07-13
|
|
Hastymail 2.1.1 RC1 Command Injection
|
173 |
WEB
|
juan vazquez
|
|
2012-07-12
|
|
IE9, SharePoint, Lync toStaticHTML HTML Sanitizing Bypass
|
106 |
WEB
|
Adi Cohen
|
|
2012-07-11
|
|
Joomla (makedown.php) Local File Inclusion/download
|
96 |
WEB
|
Th3 Bl4Ck H4Ck3R
|
|
2012-07-11
|
|
BookNux 0.2 Cross Site Scripting / SQL Injection
|
89 |
WEB
|
Jean Pascal Pereira
|
|
2012-07-11
|
|
Simrik Solutions Sql Injection Vulnerablity
|
103 |
WEB
|
gilang
|
|
2012-07-11
|
|
Wordpress Plugins - leaflet maps marker Blind SQL Injection Vulnerability
|
103 |
WEB
|
KinG Of PiraTeS
|
|
2012-07-11
|
|
Vivotek Full Data Source CONFIG
|
83 |
WEB
|
Alejandro Leon Morales
|
|
2012-07-11
|
|
WordPress WP-Predict Plugin v1.0 Blind SQL Injection
|
153 |
WEB
|
Chris Kellum
|
|
2012-07-11
|
|
Netsweeper WebAdmin Portal Multiple Vulnerabilities
|
222 |
WEB
|
Jacob Holcomb
|
|
2012-07-10
|
|
Eclydre Web Manager Arbitrary File Upload Vulnerability
|
208 |
WEB
|
Sammy FORGIT
|
|
2012-07-09
|
|
WebsitePanel CMS Open Redirect
|
79 |
WEB
|
Anastasios Monachos
|
|
2012-07-09
|
|
Umbraco CMS Remote Command Execution
|
103 |
WEB
|
Toby Clarke
|
|
2012-07-09
|
|
Tiki Wiki <= 8.3 unserialize() PHP Code Execution
|
88 |
WEB
|
EgiX
|
|
2012-07-09
|
|
Basilic 1.5.14 diff.php Arbitrary Command Execution
|
80 |
WEB
|
sinn3r
|
|
2012-07-09
|
|
Elfchat 5.1.2 Pro Cross Site Scripting
|
101 |
WEB
|
Avatar Fearless
|
|
2012-07-06
|
|
CLscript CMS 3.0 SQL Injection / Cross Site Scripting
|
98 |
WEB
|
vulnerability-lab.com
|
|
2012-07-06
|
|
Freeside SelfService CGI|API 2.3.3 Cross Site Scripting / SQL Injection
|
71 |
WEB
|
Ibrahim El-Sayed
|
|
2012-07-06
|
|
Classifieds Ads Script PHP 1.1 SQL Injection
|
95 |
WEB
|
snup
|
|
2012-07-06
|
|
GuestBook Scripts PHP 1.5 Cross Site Scripting / SQL Injection
|
171 |
WEB
|
snup
|
|
2012-07-06
|
|
Event Script PHP CMS 1.1 SQL Injection
|
92 |
WEB
|
snup
|
|
2012-07-06
|
|
Tiki Wiki CMS Groupware 8.3 Code Execution
|
86 |
WEB
|
EgiX
|
|
2012-07-04
|
|
Sava’s Simple Upload Script / Delete Arbitrary File
|
106 |
WEB
|
Daniel Godoy
|
|
2012-07-04
|
|
Sava’s Simple Upload Script / Arbitrary File Upload
|
160 |
WEB
|
Daniel Godoy
|
|
2012-07-04
|
|
phpMyBackupPro <= 2.2 Local File Inclusion Vulnerability
|
80 |
WEB
|
dun
|
|
2012-07-04
|
|
CLscript Classified Script 3.0 SQL Injection
|
117 |
WEB
|
Daniel Godoy
|
|
2012-07-04
|
|
gp easy CMS Minishop 1.5 Plugin Persistent XSS
|
76 |
WEB
|
Carlos Mario Penagos Hollmann
|
|
2012-07-03
|
|
WordPress yet-another-photoblog plugin Full path disclosure Vulnerability
|
131 |
WEB
|
KinG Of PiraTeS
|
|
2012-07-03
|
|
Geswebs - SQL Injection Vulnerability
|
102 |
WEB
|
TheCyberNuxbie
|
|
2012-07-03
|
|
Global Pixel - SQL Injection Vulnerability
|
100 |
WEB
|
TAURUS OMAR
|
|
2012-07-03
|
|
vBulletin 3.x.x full path disclosure Vulnerability
|
108 |
WEB
|
Angel Injection
|
|
2012-07-03
|
|
BoutikOne CSRF Add User Vulnerability
|
108 |
WEB
|
GarA
|
|
2012-07-03
|
|
BoutikOne ByPass & Download Backup Vulnerability
|
95 |
WEB
|
GarA
|
|
2012-07-03
|
|
WANGKONGBAO CNS-1000 UTM IPS-FW Directory Traversal
|
73 |
WEB
|
Dillon Beresford
|
|
2012-07-03
|
|
IIS Short File/Folder Name Disclosure
|
104 |
WEB
|
Soroush Dalili
|
|
2012-06-20
|
|
iBoutique eCommerce v4.0 Multiple Web Vulnerabilites
|
296 |
WEB
|
Vulnerability-Lab
|
|
2012-06-20
|
|
CMS Balitbang - CSRF/XSS Vulnerability
|
94 |
WEB
|
TheCyberNuxbie
|
|
2012-06-19
|
|
e107 Plugins - Image Gallery Remote File Disclosure Vulnerability
|
76 |
WEB
|
Sammy FORGIT
|
|
2012-06-19
|
|
e107 Plugins - Hupsi fancybox Arbitrary File Upload Vulnerability
|
76 |
WEB
|
Sammy FORGIT
|
|
2012-06-19
|
|
e107 Plugins - Filemanager Arbitrary File Upload Vulnerability
|
62 |
WEB
|
Sammy FORGIT
|
|
2012-06-19
|
|
e107 Plugins - Radio Plan Arbitrary File Upload Vulnerability
|
118 |
WEB
|
Sammy FORGIT
|
|
2012-06-19
|
|
e107 Plugins - Tap Arbitrary File Upload Vulnerability
|
65 |
WEB
|
Sammy FORGIT
|
