|
2018-06-05
|
|
Pagekit < 1.0.13 - Cross-Site Scripting Code Generator
|
36 |
WEB
|
DEEPIN2
|
|
2018-06-05
|
|
MyBB Recent Threads Plugin 1.0 - Cross-Site Scripting
|
35 |
WEB
|
0xB9
|
|
2018-06-04
|
|
EMS Master Calendar < 8.0.0.20180520 - Cross-Site Scripting
|
26 |
WEB
|
Chris Barretto
|
|
2018-06-04
|
|
SearchBlox 8.6.7 - XML External Entity Injection
|
30 |
WEB
|
Ahmet Gurel
|
|
2018-06-03
|
|
GreenCMS 2.3.0603 - Cross-Site Request Forgery (Add Admin)
|
27 |
WEB
|
xichao
|
|
2018-06-03
|
|
GreenCMS 2.3.0603 - Cross-Site Request Forgery / Remote Code Execution
|
28 |
WEB
|
xichao
|
|
2018-06-03
|
|
Smartshop 1 - Cross-Site Request Forgery
|
26 |
WEB
|
L0RD
|
|
2018-06-03
|
|
Smartshop 1 - 'id' SQL Injection
|
34 |
WEB
|
L0RD
|
|
2018-05-31
|
|
Grid Pro Big Data 1.0 - SQL Injection
|
28 |
WEB
|
Kağan Çapar
|
|
2018-05-31
|
|
CSV Import & Export 1.1.0 - SQL Injection / Cross-Site Scripting
|
32 |
WEB
|
Kağan Çapar
|
|
2018-05-31
|
|
PHP Dashboards NEW 5.5 - 'email' SQL Injection
|
33 |
WEB
|
Kağan Çapar
|
|
2018-05-31
|
|
New STAR 2.1 - SQL Injection / Cross-Site Scripting
|
30 |
WEB
|
Kağan Çapar
|
|
2018-05-31
|
|
TAC Xenta 511/911 - Directory Traversal
|
36 |
WEB
|
Marek Cybul
|
|
2018-05-30
|
|
Dolibarr ERP/CRM 7.0.0 - (Authenticated) SQL Injection
|
27 |
WEB
|
Sysdream
|
|
2018-05-30
|
|
MachForm < 4.2.3 - SQL Injection / Path Traversal / Upload Bypass
|
31 |
WEB
|
Amine Taouirsa
|
|
2018-05-30
|
|
Yosoro 1.0.4 - Remote Code Execution
|
27 |
WEB
|
Carlo Pelliccioni
|
|
2018-05-30
|
|
SearchBlox 8.6.6 - Cross-Site Request Forgery
|
27 |
WEB
|
Ahmet Gurel
|
|
2018-05-29
|
|
Facebook Clone Script 1.0.5 - Cross-Site Request Forgery
|
32 |
WEB
|
L0RD
|
|
2018-05-29
|
|
Facebook Clone Script 1.0.5 - 'search' SQL Injection
|
27 |
WEB
|
L0RD
|
|
2018-05-29
|
|
MyBB ChangUonDyU Plugin 1.0.2 - Cross-Site Scripting
|
30 |
WEB
|
0xB9
|
|
2018-05-29
|
|
NUUO NVRmini2 / NVRsolo - Arbitrary File Upload
|
28 |
WEB
|
M3@Pandas
|
|
2018-05-29
|
|
Sitemakin SLAC 1.0 - 'my_item_search' SQL Injection
|
31 |
WEB
|
Divya Jain
|
|
2018-05-29
|
|
IssueTrak 7.0 - SQL Injection
|
32 |
WEB
|
Chris Anastasio
|
|
2018-05-28
|
|
wityCMS 0.6.1 - Cross-Site Scripting
|
32 |
WEB
|
Nathu Nandwani
|
|
2018-05-28
|
|
Joomla! Component JoomOCShop 1.0 - Cross-Site Request Forgery
|
33 |
WEB
|
L0RD
|
|
2018-05-28
|
|
Joomla! Component jCart for OpenCart 2.3.0.2 - Cross-Site Request Forgery
|
33 |
WEB
|
L0RD
|
|
2018-05-28
|
|
Joomla! Component Full Social 1.1.0 - 'search_query' SQL Injection
|
33 |
WEB
|
L0RD
|
|
2018-05-28
|
|
WordPress Plugin Events Calendar - SQL Injection
|
33 |
WEB
|
AkkuS
|
|
2018-05-28
|
|
DomainMod 4.09.03 - 'sslpaid' Cross-Site Scripting
|
33 |
WEB
|
longer
|
|
2018-05-28
|
|
DomainMod 4.09.03 - 'oid' Cross-Site Scripting
|
33 |
WEB
|
longer
|
|
2018-05-28
|
|
TP-Link TL-WR840N/TL-WR841N - Authenticaton Bypass
|
33 |
WEB
|
BlackFog Team
|
|
2018-05-27
|
|
Baby Names Search Engine 1.0 - 'a' SQL Injection
|
35 |
WEB
|
AkkuS
|
|
2018-05-27
|
|
My Directory 2.0 - SQL Injection / Cross-Site Scripting
|
33 |
WEB
|
AkkuS
|
|
2018-05-27
|
|
ClipperCMS 1.3.3 - Cross-Site Scripting
|
27 |
WEB
|
Nathu Nandwani
|
|
2018-05-27
|
|
Listing Hub CMS 1.0 - SQL Injection
|
33 |
WEB
|
AkkuS
|
|
2018-05-27
|
|
BookingWizz Booking System 5.5 - 'id' SQL Injection
|
26 |
WEB
|
AkkuS
|
|
2018-05-27
|
|
Lyrist - 'id' SQL Injection
|
29 |
WEB
|
Meisam Monsef
|
|
2018-05-27
|
|
Sharetronix CMS 3.6.2 - Cross-Site Request Forgery / Cross-Site Scripting
|
25 |
WEB
|
Hesam Bazvand
|
|
2018-05-27
|
|
Ingenious School Management System - 'id' SQL Injection
|
24 |
WEB
|
Meisam Monsef
|
|
2018-05-27
|
|
WordPress Plugin Booking Calendar 3.0.0 - SQL Injection / Cross-Site Scripting
|
25 |
WEB
|
AkkuS
|
|
2018-05-26
|
|
easyLetters 1.0 - 'id' SQL Injection
|
28 |
WEB
|
AkkuS
|
|
2018-05-26
|
|
mySurvey 1.0 - 'id' SQL Injection
|
26 |
WEB
|
AkkuS
|
|
2018-05-26
|
|
EasyService Billing 1.0 - 'q' SQL Injection
|
23 |
WEB
|
Divya Jain
|
|
2018-05-26
|
|
EasyService Billing 1.0 - Cross-Site Scripting
|
24 |
WEB
|
Divya Jain
|
|
2018-05-26
|
|
EasyService Billing 1.0 - Cross-Site Request Forgery
|
23 |
WEB
|
Divya Jain
|
|
2018-05-26
|
|
Ajax Full Featured Calendar 2.0 - 'search' SQL Injection
|
31 |
WEB
|
AkkuS
|
|
2018-05-26
|
|
Employee Work Schedule 5.9 - 'cal_id' SQL Injection
|
30 |
WEB
|
AkkuS
|
|
2018-05-25
|
|
Oracle WebCenter FatWire Content Server < 7 - Improper Access Control
|
27 |
WEB
|
Sebastian Cornejo
|
|
2018-05-25
|
|
SAP Internet Transaction Server 6200.x - Session Fixation / Cross-Site Scripting
|
26 |
WEB
|
J. Carrillo Lencina
|
|
2018-05-25
|
|
MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Scripting
|
27 |
WEB
|
0xB9
|
|
2018-05-25
|
|
KomSeo Cart 1.3 - 'my_item_search' SQL Injection
|
25 |
WEB
|
AkkuS
|
|
2018-05-25
|
|
Oracle WebCenter Sites 11.1.1.8.0/12.2.1.x - Cross-Site Scripting
|
27 |
WEB
|
Richard Alviarez
|
|
2018-05-24
|
|
EU MRV Regulatory Complete Solution 1 - Authentication Bypass
|
29 |
WEB
|
Veyselxan
|
|
2018-05-24
|
|
Honeywell XL Web Controller - Cross-Site Scripting
|
26 |
WEB
|
t4rkd3vilz
|
|
2018-05-24
|
|
Timber 1.1 - Cross-Site Request Forgery
|
26 |
WEB
|
L0RD
|
|
2018-05-24
|
|
PaulNews 1.0 - 'keyword' SQL Injection / Cross-Site Scripting
|
28 |
WEB
|
AkkuS
|
|
2018-05-24
|
|
ASP.NET jVideo Kit - 'query' SQL Injection
|
35 |
WEB
|
AkkuS
|
|
2018-05-23
|
|
WordPress Plugin Peugeot Music - Arbitrary File Upload
|
33 |
WEB
|
Mr.7z
|
|
2018-05-23
|
|
SKT LTE Wi-Fi SDT-CW3B1 - Unauthorized Admin Credential Change
|
25 |
WEB
|
Safak Aslan
|
|
2018-05-23
|
|
Honeywell Scada System - Information Disclosure
|
26 |
WEB
|
t4rkd3vilz
|
|
2018-05-23
|
|
Mcard Mobile Card Selling Platform 1 - SQL Injection
|
26 |
WEB
|
L0RD
|
|
2018-05-23
|
|
eWallet Online Payment Gateway 2 - Cross-Site Request Forgery
|
27 |
WEB
|
L0RD
|
|
2018-05-23
|
|
Wecodex Restaurant CMS 1.0 - 'Login' SQL Injection
|
25 |
WEB
|
AkkuS
|
|
2018-05-23
|
|
Wecodex Hotel CMS 1.0 - 'Admin Login' SQL Injection
|
27 |
WEB
|
AkkuS
|
|
2018-05-23
|
|
Library CMS 1.0 - SQL Injection
|
25 |
WEB
|
AkkuS
|
|
2018-05-23
|
|
School Management System CMS 1.0 - 'username' SQL Injection
|
27 |
WEB
|
AkkuS
|
|
2018-05-23
|
|
SAT CFDI 3.3 - SQL Injection
|
25 |
WEB
|
AkkuS
|
|
2018-05-23
|
|
Wecodex Store Paypal 1.0 - SQL Injection
|
28 |
WEB
|
AkkuS
|
|
2018-05-23
|
|
Shipping System CMS 1.0 - SQL Injection
|
30 |
WEB
|
AkkuS
|
|
2018-05-23
|
|
GPSTracker 1.0 - 'id' SQL Injection
|
27 |
WEB
|
AkkuS
|
|
2018-05-23
|
|
Online Store System CMS 1.0 - SQL Injection
|
25 |
WEB
|
AkkuS
|
|
2018-05-23
|
|
Gigs 2.0 - 'username' SQL Injection
|
23 |
WEB
|
AkkuS
|
|
2018-05-23
|
|
Mobile Card Selling Platform 1 - Cross-Site Request Forgery
|
25 |
WEB
|
L0RD
|
|
2018-05-23
|
|
PHP Dashboards 4.5 - SQL Injection
|
28 |
WEB
|
AkkuS
|
|
2018-05-23
|
|
PHP Dashboards 4.5 - 'email' SQL Injection
|
31 |
WEB
|
AkkuS
|
|
2018-05-23
|
|
MySQL Blob Uploader 1.7 - 'home-filet-edit.php' SQL Injection
|
28 |
WEB
|
AkkuS
|
|
2018-05-23
|
|
MySQL Blob Uploader 1.7 - 'home-filet-edit.php' SQL Injection / Cross-Site Scripting
|
28 |
WEB
|
AkkuS
|
|
2018-05-23
|
|
MySQL Blob Uploader 1.7 - 'home-file-edit.php' SQL Injection / Cross-Site Scripting
|
26 |
WEB
|
AkkuS
|
|
2018-05-23
|
|
MySQL Blob Uploader 1.7 - 'download.php' SQL Injection / Cross-Site Scripting
|
26 |
WEB
|
AkkuS
|
|
2018-05-23
|
|
MySQL Smart Reports 1.0 - 'id' SQL Injection / Cross-Site Scripting
|
29 |
WEB
|
AkkuS
|
|
2018-05-23
|
|
EasyService Billing 1.0 - 'p1' SQL Injection
|
23 |
WEB
|
AkkuS
|
|
2018-05-23
|
|
EasyService Billing 1.0 - SQL Injection / Cross-Site Scripting
|
26 |
WEB
|
AkkuS
|
|
2018-05-22
|
|
Easy File Uploader 1.7 - SQL Injection / Cross-Site Scripting
|
24 |
WEB
|
AkkuS
|
|
2018-05-22
|
|
NewsBee CMS 1.4 - 'download.php' SQL Injection
|
28 |
WEB
|
AkkuS
|
|
2018-05-22
|
|
Feedy RSS News Ticker 2.0 - 'cat' SQL Injection
|
29 |
WEB
|
AkkuS
|
|
2018-05-22
|
|
NewsBee CMS 1.4 - 'home-text-edit.php' SQL Injection
|
32 |
WEB
|
AkkuS
|
|
2018-05-22
|
|
Auto Car 1.2 - 'car_title' SQL Injection / Cross-Site Scripting
|
27 |
WEB
|
L0RD
|
|
2018-05-22
|
|
NewsBee CMS 1.4 - 'home-text-edit.php' SQL Injection
|
27 |
WEB
|
AkkuS
|
|
2018-05-22
|
|
iSocial 1.2.0 - Cross-Site Scripting / Cross-Site Request Forgery
|
29 |
WEB
|
L0RD
|
|
2018-05-22
|
|
ERPnext 11 - Cross-Site Scripting
|
29 |
WEB
|
Veerababu Penugonda
|
|
2018-05-22
|
|
PaulPrinting CMS Printing 1.0 - SQL Injection
|
24 |
WEB
|
Mehmet Onder
|
|
2018-05-22
|
|
Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting
|
29 |
WEB
|
t4rkd3vilz
|
|
2018-05-22
|
|
WebSocket Live Chat - Cross-Site Scripting
|
29 |
WEB
|
Alireza Norkazemi
|
|
2018-05-22
|
|
Zechat 1.5 - SQL Injection / Cross-Site Request Forgery
|
25 |
WEB
|
L0RD
|
|
2018-05-22
|
|
Nordex N149/4.0-4.5 - SQL Injection
|
28 |
WEB
|
t4rkd3vilz
|
|
2018-05-21
|
|
Wchat PHP AJAX Chat Script 1.5 - Cross-Site Scripting
|
26 |
WEB
|
L0RD
|
|
2018-05-21
|
|
Model Agency Media House & Model Gallery 1.0 - Multiple Vulnerabilities
|
26 |
WEB
|
L0RD
|
|
2018-05-21
|
|
Merge PACS 7.0 - Cross-Site Request Forgery
|
26 |
WEB
|
Safak Aslan
|
|
2018-05-21
|
|
Auto Dealership & Vehicle Showroom WebSys 1.0 - Multiple Vulnerabilities
|
28 |
WEB
|
L0RD
|
|
2018-05-21
|
|
Schneider Electric PLCs - Cross-Site Request Forgery
|
29 |
WEB
|
t4rkd3vilz
|
|
2018-05-21
|
|
Teradek Slice 7.3.15 - Cross-Site Request Forgery
|
32 |
WEB
|
LiquidWorm
|
|
2018-05-21
|
|
Teradek Cube 7.3.6 - Cross-Site Request Forgery
|
24 |
WEB
|
LiquidWorm
|
|
2018-05-21
|
|
Teradek VidiU Pro 3.0.3 - Server-Side Request Forgery
|
28 |
WEB
|
LiquidWorm
|
|
2018-05-21
|
|
Teradek VidiU Pro 3.0.3 - Cross-Site Request Forgery
|
27 |
WEB
|
LiquidWorm
|
|
2018-05-21
|
|
GitBucket 4.23.1 - Remote Code Execution
|
26 |
WEB
|
Kacper Szurek
|
|
2018-05-21
|
|
Siemens SIMATIC S7-1200 CPU - Cross-Site Request Forgery
|
24 |
WEB
|
t4rkd3vilz
|
|
2018-05-21
|
|
ManageEngine Recovery Manager Plus 5.3 - Cross-Site Scripting
|
28 |
WEB
|
Ahmet Gurel
|
|
2018-05-21
|
|
Zenar Content Management System - Cross-Site Scripting
|
28 |
WEB
|
Berk Dusunur
|
|
2018-05-21
|
|
Flippy DamnFacts - Viral Fun Facts Sharing Script 1.1.0 - Cross-Site Scripting / Cross-Site Request
|
28 |
WEB
|
L0RD
|
|
2018-05-21
|
|
Flippy DamnFacts - Viral Fun Facts Sharing Script 1.1.0 - Cross-Site Scripting / Cross-Site Request
|
28 |
WEB
|
L0RD
|
|
2018-05-21
|
|
Private Message PHP Script 2.0 - Cross-Site Scripting
|
27 |
WEB
|
L0RD
|
|
2018-05-21
|
|
Superfood 1.0 - Multiple Vulnerabilities
|
28 |
WEB
|
L0RD
|
|
2018-05-20
|
|
Joomla! Component EkRishta 2.10 - Cross-Site Scripting / SQL Injection
|
23 |
WEB
|
Sina Kheirkhah
|
|
2018-05-20
|
|
D-Link DSL-3782 - Authentication Bypass
|
32 |
WEB
|
Giulio Comi
|
|
2018-05-18
|
|
SAP B2B / B2C CRM 2.x < 4.x - Local File Inclusion
|
29 |
WEB
|
Richard Alviarez
|
|
2018-05-18
|
|
Infinity Market Classified Ads Script 1.6.2 - Cross-Site Request Forgery
|
27 |
WEB
|
L0RD
|
|
2018-05-18
|
|
Cisco SA520W Security Appliance - Path Traversal
|
30 |
WEB
|
Nassim Asrir
|
|
2018-05-18
|
|
SAP NetWeaver Web Dynpro 6.4 < 7.5 - Information Disclosure
|
31 |
WEB
|
Richard Alviarez
|
|
2018-05-18
|
|
Monstra CMS < 3.0.4 - Cross-Site Scripting (2)
|
28 |
WEB
|
Berk Dusunur
|
|
2018-05-18
|
|
Healwire Online Pharmacy 3.0 - Cross-Site Scripting / Cross-Site Request Forgery
|
32 |
WEB
|
L0RD
|
|
2018-05-17
|
|
Powerlogic/Schneider Electric IONXXXX Series - Cross-Site Request Forgery
|
31 |
WEB
|
t4rkd3vilz
|
|
2018-05-17
|
|
SuperCom Online Shopping Ecommerce Cart 1 - Persistent Cross-Site scripting / Cross site request for
|
34 |
WEB
|
L0RD
|
|
2018-05-17
|
|
SuperCom Online Shopping Ecommerce Cart 1 - Persistent Cross-Site scripting / Cross site request for
|
32 |
WEB
|
L0RD
|
|
2018-05-17
|
|
Intelbras NCLOUD 300 1.0 - Authentication bypass
|
30 |
WEB
|
Pedro Aguiar
|
|
2018-05-17
|
|
NodAPS 4.0 - SQL injection / Cross-Site Request Forgery
|
34 |
WEB
|
L0RD
|
