|
2012-03-23
|
|
FreePBX 2.10.0, 2.9.0 Multiple Vulnerabilities
|
77 |
WEB
|
Martin Tschirsich
|
|
2012-03-23
|
|
phpMoneyBooks 1.0.2 Local File Inclusion
|
85 |
WEB
|
Mark Stanislav
|
|
2012-03-23
|
|
PHP Grade Book 1.9.4 Unauthenticated SQL Database Export
|
82 |
WEB
|
Mark Stanislav
|
|
2012-03-23
|
|
Cyberoam UTM Multiiple Vulnerabilities
|
80 |
WEB
|
Saurabh Harit
|
|
2012-03-23
|
|
vBShout Persistent XSS
|
116 |
WEB
|
ToiL
|
|
2012-03-22
|
|
phpList 2.10.17 Remote SQL Injection and XSS Vulnerability
|
78 |
WEB
|
LiquidWorm
|
|
2012-03-22
|
|
D-Link DIR-605 CSRF Vulnerability
|
67 |
WEB
|
iqzer0
|
|
2012-03-22
|
|
Vtiger 5.1.0 LFI
|
97 |
WEB
|
Pi3rrot
|
|
2012-03-22
|
|
SEO PHP Directory Software CSRF
|
50 |
WEB
|
Jonturk75
|
|
2012-03-21
|
|
nine10 Blind Sql Injection Vulnerability
|
72 |
WEB
|
Angel Injection
|
|
2012-03-21
|
|
Hermesconcept - SQL Injection Vulnerability
|
74 |
WEB
|
TheCyberNuxbie
|
|
2012-03-21
|
|
NasthonSystems - SQL Injection Vulnerability
|
66 |
WEB
|
TheCyberNuxbie
|
|
2012-03-21
|
|
OneFileCMS - Failure to Restrict URL Access
|
124 |
WEB
|
Abhi M Balakrishnan
|
|
2012-03-21
|
|
OneForum (topic.php) SQL Injection Vulnerability
|
126 |
WEB
|
Red Security TEAM
|
|
2012-03-20
|
|
Excode - SQL Injection Vulnerability
|
107 |
WEB
|
TheCyberNuxbie
|
|
2012-03-20
|
|
FastWeb2 - SQL Injection Vulnerability
|
108 |
WEB
|
TheCyberNuxbie
|
|
2012-03-20
|
|
gnuboard <= 4.34.20 XSS vulnerability via arbitrary file name
|
80 |
WEB
|
wh1ant
|
|
2012-03-20
|
|
ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Direct
|
83 |
WEB
|
rgod
|
|
2012-03-20
|
|
OneForum SQL Injection Vulnerability
|
90 |
WEB
|
Cyber-sec
|
|
2012-03-20
|
|
Joomla 2.5.0-2.5.1 Time Based SQL Injection Exploit
|
62 |
WEB
|
A. Ramos
|
|
2012-03-14
|
|
SEO classified Ads Script CSRF
|
92 |
WEB
|
Jonturk75
|
|
2012-03-14
|
|
Dating Pro CSRF (change e-mail address)
|
51 |
WEB
|
Jonturk75
|
|
2012-03-14
|
|
Php-lance CSRF (add admin)
|
80 |
WEB
|
Jonturk75
|
|
2012-03-14
|
|
GOLD CLASSIFIEDS CSRF (add admin)
|
64 |
WEB
|
Jonturk75
|
|
2012-03-14
|
|
iLister Multi-Purpose Listing CSRF
|
90 |
WEB
|
Jonturk75
|
|
2012-03-14
|
|
BPowerItaliano CSRF
|
62 |
WEB
|
Jonturk75
|
|
2012-03-14
|
|
Ajax PHP Penny Auction CSRF
|
57 |
WEB
|
Jonturk75
|
|
2012-03-14
|
|
Lowest Unique Bid Auction Scripts CSRF
|
82 |
WEB
|
Jonturk75
|
|
2012-03-14
|
|
EbayAssist CSRF
|
70 |
WEB
|
Jonturk75
|
|
2012-03-14
|
|
BlueSoft Auction CSRF
|
79 |
WEB
|
Jonturk75
|
|
2012-03-14
|
|
OneFileCMS - Failure to Restrict URL Access
|
75 |
WEB
|
Abhi M Balakrishnan
|
|
2012-03-14
|
|
4images - Image Gallery Management System - [CSRF] Change mail user or admin
|
72 |
WEB
|
Dmar al3noOoz
|
|
2012-03-14
|
|
Cycade Gallery SQL Injection Exploit
|
76 |
WEB
|
DownFall
|
|
2012-03-14
|
|
PBLang local file include vulnerability
|
81 |
WEB
|
Number 7
|
|
2012-03-13
|
|
OpenShop - SQL Injection Vulnerability
|
185 |
WEB
|
TheCyberNuxbie
|
|
2012-03-13
|
|
DotFlorence - SQL Injection Vulnerability
|
67 |
WEB
|
TheCyberNuxbie
|
|
2012-03-13
|
|
LEDZ - SQL Injection Vulnerability
|
75 |
WEB
|
TheCyberNuxbie
|
|
2012-03-13
|
|
E-Bay Clone Script -SEO CSRF
|
63 |
WEB
|
Jonturk75
|
|
2012-03-13
|
|
Kubelance CSRF (add new admin)
|
78 |
WEB
|
Jonturk75
|
|
2012-03-13
|
|
Softbiz Quick Ad Manager CSRF
|
78 |
WEB
|
Jonturk75
|
|
2012-03-13
|
|
psPopper 3.0 CSRF (change password)
|
85 |
WEB
|
Jonturk75
|
|
2012-03-13
|
|
idev-TextAds 3.0 CSRF (change e-mail address)
|
110 |
WEB
|
Jonturk75
|
|
2012-03-13
|
|
Barracuda CSRF (change e-mail address)
|
90 |
WEB
|
Jonturk75
|
|
2012-03-13
|
|
InfoExtreme - SQL Injection Vulnerability
|
93 |
WEB
|
TheCyberNuxbie
|
|
2012-03-13
|
|
Saman Portal Local File Inclusion Vulnerability
|
74 |
WEB
|
TMT
|
|
2012-03-13
|
|
Bintech Systems LLC Admin Auth Bypass Exploit
|
80 |
WEB
|
BLACK BURN
|
|
2012-03-13
|
|
Paypal Affiliate Script CSRF
|
64 |
WEB
|
Jonturk75
|
|
2012-03-13
|
|
JROX.COM Affiliate Manager CBFront CSRF
|
83 |
WEB
|
Jonturk75
|
|
2012-03-13
|
|
CBFront CSRF
|
77 |
WEB
|
Jonturk75
|
|
2012-03-13
|
|
Paid to Click Script CSRF
|
63 |
WEB
|
Jonturk75
|
|
2012-03-13
|
|
Affiliate Pro CSRF (change e-mail address)
|
76 |
WEB
|
Jonturk75
|
|
2012-03-12
|
|
Clic Page XSS and SQL Injection Vulnerability
|
81 |
WEB
|
OruçReis
|
|
2012-03-12
|
|
dotBanner Banner Management System CSRF
|
51 |
WEB
|
Jonturk75
|
|
2012-03-12
|
|
Inout PPC Engine XSRF (change e-mail address)
|
81 |
WEB
|
Jonturk75
|
|
2012-03-12
|
|
Ad Manager Pro CSRF Vuln (add admin)
|
77 |
WEB
|
Jonturk75
|
|
2012-03-12
|
|
A.M.Y CSRF (change admin password)
|
72 |
WEB
|
Jonturk75
|
|
2012-03-12
|
|
Easy Banner Manager Pro [CSRF] / (change admin password)
|
62 |
WEB
|
Jonturk75
|
|
2012-03-12
|
|
Acal calendar Multiple Vulns
|
68 |
WEB
|
Number 7
|
|
2012-03-12
|
|
MTDCMS - SQL Injection Vulnerability
|
85 |
WEB
|
the_cyber_nuxbie
|
|
2012-03-12
|
|
WFYCMS - SQL Injection Vulnerability
|
74 |
WEB
|
the_cyber_nuxbie
|
|
2012-03-12
|
|
AlegroCart FredCK-Editor (ASPELL for WinSRV) Remote Command Exec p0c
|
157 |
WEB
|
KedAns-Dz
|
|
2012-03-12
|
|
Cometik Catalogue - SQL Injection Vulnerability
|
195 |
WEB
|
the_cyber_nuxbie
|
|
2012-03-12
|
|
PHP Address Book 6.2.12 Multiple security vulnerabilities
|
65 |
WEB
|
Stefan Schurtz
|
|
2012-03-12
|
|
Zend Server 5.6.0 Multiple Remote Script Insertion Vulnerabilities
|
88 |
WEB
|
LiquidWorm
|
|
2012-03-12
|
|
Aztek Forum 4.01 - SQL Injection Vulnerability
|
84 |
WEB
|
the_cyber_nuxbie
|
|
2012-03-12
|
|
SRISMS - SQL Injection Vulnerability
|
75 |
WEB
|
the_cyber_nuxbie
|
|
2012-03-12
|
|
Nor-Rec WebBasic - SQL Injection Vulnerability
|
80 |
WEB
|
the_cyber_nuxbie
|
|
2012-03-12
|
|
CATSHOP Cart - SQL Injection Vulnerability
|
80 |
WEB
|
the_cyber_nuxbie
|
|
2012-03-12
|
|
Pobol WebBasic - SQL Injection Vulnerability
|
69 |
WEB
|
the_cyber_nuxbie
|
|
2012-03-12
|
|
ActivaDigital- SQL Injection Vulnerability
|
94 |
WEB
|
the_cyber_nuxbie
|
|
2012-03-12
|
|
UEBBI - SQL Injection Vulnerability
|
69 |
WEB
|
the_cyber_nuxbie
|
|
2012-03-12
|
|
LY Network Cart - SQL Injection Vulnerability
|
83 |
WEB
|
the_cyber_nuxbie
|
|
2012-03-09
|
|
RazorCMS <= 1.2.1 STABLE CSRF (Delete Web Pages)
|
89 |
WEB
|
Ivano Binetti
|
|
2012-03-09
|
|
RazorCMS <= 1.2.1 STABLE File Upload Vulnerability
|
123 |
WEB
|
i2sec_Hyo jun Oh
|
|
2012-03-09
|
|
Toenda CMS 1.6.2 Osaka Stable Local File Inclusion
|
87 |
WEB
|
AkaStep
|
|
2012-03-08
|
|
SQLI Online Shop LeKommerce
|
89 |
WEB
|
Mazt0r
|
|
2012-03-08
|
|
Iciniti Store SQL Injection - Security Advisory - SOS-12-003
|
88 |
WEB
|
Lists
|
|
2012-03-08
|
|
Promise WebPAM v2.2.0.13 Multiple Remote Vulnerabilities
|
81 |
WEB
|
LiquidWorm
|
|
2012-03-08
|
|
WebfolioCMS <= 1.1.4 Multiple XSS
|
175 |
WEB
|
Ivano Binetti
|
|
2012-03-08
|
|
Symfony 2 Unauthenticated Information Disclosure
|
100 |
WEB
|
Phil Taylor
|
|
2012-03-08
|
|
Log1cms v2.1 Multiple XSRF File (Upload/Download) Vulnerabilities
|
102 |
WEB
|
KedAns-Dz
|
|
2012-03-08
|
|
Zen Cart v.1.5.0 Remote Shell Upload
|
206 |
WEB
|
Mr.ExiT
|
|
2012-03-06
|
|
Drupal CMS 7.12 (latest stable release) Multiple Vulnerabilities
|
84 |
WEB
|
Ivano Binetti
|
|
2012-03-06
|
|
ForkCMS 3.2.5 Multiple Vulnerabilities
|
68 |
WEB
|
Ivano Binetti
|
|
2012-03-06
|
|
lizard cart SQLi (search.php)
|
73 |
WEB
|
Number 7
|
|
2012-03-06
|
|
Symfony2 Local File Disclosure - Security Advisory - SOS-12-002
|
86 |
WEB
|
Lists
|
|
2012-03-06
|
|
EbizCare => SQL Injection Vulnerability
|
91 |
WEB
|
dbx
|
|
2012-03-06
|
|
Open-Realty 2.5.8 Local File Inclusion
|
84 |
WEB
|
Transparent
|
|
2012-03-06
|
|
BigDump Importer v0.32b RFU
|
127 |
WEB
|
TeaM MosTa
|
|
2012-03-06
|
|
piwigo <== SQL Injector
|
75 |
WEB
|
TeaM MosTa
|
|
2012-03-06
|
|
Multiple SQL injections in rivettracker <=1.03
|
74 |
WEB
|
Ali Raheem
|
|
2012-03-06
|
|
CnnCMS 1.x SQL Injection Vulnerability
|
85 |
WEB
|
X-Cisadane
|
|
2012-03-05
|
|
AneCMS v.2e2c583 LFI exploit
|
78 |
WEB
|
I2sec-PJH
|
|
2012-03-05
|
|
deV!L`z Clanportal Witze Addon Versions 0.9 SQL Injection Vulnerability
|
103 |
WEB
|
Easy Laster
|
|
2012-03-04
|
|
Timesheet Next Gen 1.5.2 Multiple SQLi
|
60 |
WEB
|
G13
|
|
2012-03-04
|
|
Multiple SQL injection rivettracker <=1.03
|
92 |
WEB
|
Ali Raheem
|
|
2012-03-03
|
|
Infoserve SQL Vulnerability
|
73 |
WEB
|
Optimiz3r
|
|
2012-03-03
|
|
Endian UTM Firewall v2.4.x & v2.5.0 - Multiple Web Vulnerabilities
|
86 |
WEB
|
expku
|
|
2012-03-03
|
|
Wpmanager version wpm 2.2.0 (FCKeditor) Remote File Upload
|
116 |
WEB
|
T0x!c
|
|
2012-03-03
|
|
phxEventManager 2.0 beta 5 search.php search_terms SQL Injection
|
96 |
WEB
|
skysbsb
|
|
2012-03-01
|
|
Wolf CMS v0.7.5 Multiple Vulnerabilities
|
86 |
WEB
|
longrifle0x
|
|
2012-03-01
|
|
ImgPals Photo Host Version 1.0 Admin Account Disactivation
|
92 |
WEB
|
CorryL
|
|
2012-03-01
|
|
Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability
|
100 |
WEB
|
Narendra Shinde
|
|
2012-03-01
|
|
Topics Viewer CSRF Add Admin
|
87 |
WEB
|
Green Hornet
|
|
2012-03-01
|
|
BrewBlogger v2.3.2 Multiple (XSRF/ShellUpload/SQLi) Vulnerabilities
|
80 |
WEB
|
KedAns-Dz
|
|
2012-02-29
|
|
WebfolioCMS <= 1.1.4 CSRF (Add Admin/Modify Pages)
|
79 |
WEB
|
Ivano Binetti
|
|
2012-02-28
|
|
Bitweaver v2.81 Local File Inclusion Vulnerability
|
81 |
WEB
|
I2sec-PJH
|
|
2012-02-28
|
|
Dotclear 2.4.2 Arbitrary File Upload Vulnerability
|
73 |
WEB
|
T0x!c
|
|
2012-02-28
|
|
ContaoCMS (aka TYPOlight) <= 2.11 CSRF (Delete Admin - Delete Article)
|
86 |
WEB
|
Ivano Binetti
|
|
2012-02-27
|
|
YVS Image Gallery Sql Injection
|
84 |
WEB
|
CorryL
|
|
2012-02-27
|
|
CreateVision CMS Database injection.
|
142 |
WEB
|
Zwierzchowski Oskar
|
|
2012-02-27
|
|
webgrind 1.0 (file param) Local File Inclusion Vulnerability
|
152 |
WEB
|
LiquidWorm
|
|
2012-02-27
|
|
cPassMan v1.82 Remote Command Execution Exploit
|
67 |
WEB
|
ls
|
|
2012-02-27
|
|
PHP Gift Registry 1.5.5 SQL Injection
|
82 |
WEB
|
G13
|
|
2012-02-24
|
|
Snom IP Phone Privilege Escalation - Security Advisory - SOS-12-001
|
74 |
WEB
|
Lists
|
|
2012-02-24
|
|
phpDenora <= 1.4.6 Multiple SQL Injection Vulnerabilities
|
116 |
WEB
|
KnickLighter
|
|
2012-02-24
|
|
The Uploader 2.0.4 (Eng/Ita) Remote File Upload Remote Code Execution
|
93 |
WEB
|
Danny Moules
|
|
2012-02-23
|
|
DFLabs PTK <= 1.0.5 Multiple Vulnerabilities (Steal Authentication Credentials)
|
83 |
WEB
|
Ivano Binetti
|
|
2012-02-23
|
|
D-Link DSL-2640B Authentication Bypass
|
64 |
WEB
|
Ivano Binetti
|
|
2012-02-23
|
|
WebcamXP and Webcam 7 Directory Traversal Vulnerability
|
95 |
WEB
|
Silent Dream
|
|
2012-02-23
|
|
Dlink DCS series CSRF Change Admin Password
|
88 |
WEB
|
rigan
|
|
2012-02-23
|
|
BRIM < 2.0.0 SQL Injection
|
80 |
WEB
|
ifnull
|
|
2012-02-23
|
|
ForkCMS 3.2.5 Multiple Vulnerabilities
|
86 |
WEB
|
Ivano Binetti
|
|
2012-02-23
|
|
Sagem F@ST 2604 CSRF Vulnerability (ADSL Router)
|
91 |
WEB
|
KinG Of PiraTeS
|
|
2012-02-23
|
|
Limesurvey (PHPSurveyor v.1.91+ stable) Blind SQL Injection
|
77 |
WEB
|
TorTukiTu
|
