|
2014-10-12
|
|
GetSimple CMS 3.3.1 - Cross-Site Scripting
|
19 |
WEB
|
Pedro Ribeiro
|
|
2014-10-12
|
|
Pimcore CMS 1.4.9 <2.1.0 - Multiple Vulnerabilities
|
14 |
WEB
|
Pedro Ribeiro
|
|
2015-06-10
|
|
SysAid Help Desk 14.4 - Multiple Vulnerabilities
|
18 |
WEB
|
Pedro Ribeiro
|
|
2017-01-31
|
|
Billion / TrueOnline / ZyXEL Routers - Multiple Vulnerabilities
|
10 |
WEB
|
Pedro Ribeiro
|
|
2015-09-28
|
|
BMC Track-It! 11.4 - Multiple Vulnerabilities
|
19 |
WEB
|
Pedro Ribeiro
|
|
2015-09-28
|
|
Kaseya Virtual System Administrator (VSA) 7.0 < 9.1 - (Authenticated) Arbitrary File Upload
|
20 |
WEB
|
Pedro Ribeiro
|
|
2018-01-24
|
|
Telerik UI for ASP.NET AJAX 2012.3.1308 < 2017.1.118 - Arbitrary File Upload
|
18 |
WEB
|
Paul Taylor
|
|
2018-01-24
|
|
Telerik UI for ASP.NET AJAX 2012.3.1308 < 2017.1.118 - Encryption Keys Disclosure
|
15 |
WEB
|
Paul Taylor
|
|
2018-01-24
|
|
WordPress Plugin Email Subscribers & Newsletters 3.4.7 - Information Disclosure
|
17 |
WEB
|
ThreatPress Security
|
|
2018-01-24
|
|
Professional Local Directory Script 1.0 - SQL Injection
|
18 |
WEB
|
Ihsan Sencan
|
|
2018-01-23
|
|
Flexible Poll 1.2 - SQL Injection
|
15 |
WEB
|
Ihsan Sencan
|
|
2018-01-23
|
|
Quickad 4.0 - SQL Injection
|
17 |
WEB
|
Ihsan Sencan
|
|
2018-01-23
|
|
Photography CMS 1.0 - Cross-Site Request Forgery (Add Admin)
|
16 |
WEB
|
Ihsan Sencan
|
|
2018-01-23
|
|
Tumder 2.1 - SQL Injection
|
15 |
WEB
|
Ihsan Sencan
|
|
2018-01-23
|
|
Zechat 1.5 - SQL Injection
|
19 |
WEB
|
Ihsan Sencan
|
|
2018-01-23
|
|
Wchat 1.5 - SQL Injection
|
18 |
WEB
|
Ihsan Sencan
|
|
2018-01-23
|
|
Easy Car Script 2014 - SQL Injection
|
19 |
WEB
|
Ihsan Sencan
|
|
2018-01-23
|
|
RSVP Invitation Online 1.0 - Cross-Site Request Forgery (Update Admin)
|
13 |
WEB
|
Ihsan Sencan
|
|
2018-01-23
|
|
Affiligator 2.1.0 - SQL Injection
|
14 |
WEB
|
Ihsan Sencan
|
|
2018-01-23
|
|
LiveCRM SaaS Cloud 1.0 - SQL Injection
|
16 |
WEB
|
Ihsan Sencan
|
|
2018-01-23
|
|
NEC Univerge SV9100/SV8100 WebPro 10.0 - Configuration Download
|
16 |
WEB
|
LiquidWorm
|
|
2018-01-23
|
|
CentOS Web Panel 0.9.8.12 - 'row_id' / 'domain' SQL Injection
|
17 |
WEB
|
Vulnerability-Lab
|
|
2018-01-21
|
|
OTRS 5.0.x/6.0.x - Remote Command Execution (1)
|
18 |
WEB
|
Bæln0rn
|
|
2018-01-21
|
|
CentOS Web Panel 0.9.8.12 - Multiple Vulnerabilities
|
18 |
WEB
|
Vulnerability-Lab
|
|
2018-01-21
|
|
Shopware 5.2.5/5.3 - Cross-Site Scripting
|
16 |
WEB
|
Vulnerability-Lab
|
|
2018-01-21
|
|
Oracle JDeveloper 11.1.x/12.x - Directory Traversal
|
17 |
WEB
|
hyp3rlinx
|
|
2018-01-15
|
|
DarkComet (C2 Server) - File Upload
|
16 |
WEB
|
Pseudo Laboratories
|
|
2018-01-15
|
|
D-Link DNS-325 ShareCenter < 1.05B03 - Multiple Vulnerabilities
|
13 |
WEB
|
GulfTech Security
|
|
2018-01-15
|
|
D-Link DNS-343 ShareCenter < 1.05 - Command Injection
|
16 |
WEB
|
GulfTech Security
|
|
2018-01-08
|
|
Synology Photostation < 6.7.2-3429 - Multiple Vulnerabilities
|
17 |
WEB
|
GulfTech Security
|
|
2016-10-04
|
|
Mambo < 4.5.4 - SQL Injection
|
23 |
WEB
|
GulfTech Security
|
|
2016-08-18
|
|
X-Cart < 4.1.3 - Arbitrary Variable Overwrite
|
16 |
WEB
|
GulfTech Security
|
|
2016-08-14
|
|
Claroline < 1.7.7 - Arbitrary File Inclusion
|
16 |
WEB
|
GulfTech Security
|
|
2016-08-28
|
|
CubeCart < 3.0.12 - Multiple Vulnerabilities
|
15 |
WEB
|
GulfTech Security
|
|
2016-08-11
|
|
SquirrelMail < 1.4.7 - Arbitrary Variable Overwrite
|
18 |
WEB
|
GulfTech Security
|
|
2016-03-05
|
|
PHPLib < 7.4 - SQL Injection
|
17 |
WEB
|
GulfTech Security
|
|
2016-03-02
|
|
Gallery 2 < 2.0.2 - Multiple Vulnerabilities
|
25 |
WEB
|
GulfTech Security
|
|
2016-02-26
|
|
phpRPC < 0.7 - Remote Code Execution
|
17 |
WEB
|
GulfTech Security
|
|
2016-02-24
|
|
Mambo < 4.5.3h - Multiple Vulnerabilities
|
13 |
WEB
|
GulfTech Security
|
|
2016-02-21
|
|
PEAR LiveUser < 0.16.8 - Arbitrary File Access
|
15 |
WEB
|
GulfTech Security
|
|
2016-02-19
|
|
Geeklog < 1.4.0 - Multiple Vulnerabilities
|
14 |
WEB
|
GulfTech Security
|
|
2016-02-18
|
|
ADOdb < 4.71 - Cross Site Scripting
|
12 |
WEB
|
GulfTech Security
|
|
2015-07-21
|
|
XPCOM - Race Condition
|
13 |
WEB
|
GulfTech Security
|
|
2015-07-14
|
|
SquirrelMail < 1.4.5-RC1 - Arbitrary Variable Overwrite
|
15 |
WEB
|
GulfTech Security
|
|
2015-07-02
|
|
PHPXMLRPC < 1.1 - Remote Code Execution
|
15 |
WEB
|
GulfTech Security
|
|
2015-07-01
|
|
PEAR XML_RPC < 1.3.0 - Remote Code Execution
|
18 |
WEB
|
GulfTech Security
|
|
2015-06-29
|
|
XOOPS < 2.0.11 - Multiple Vulnerabilities
|
21 |
WEB
|
GulfTech Security
|
|
2015-05-16
|
|
Burning Board < 2.3.1 - SQL Injection
|
15 |
WEB
|
GulfTech Security
|
|
2015-05-05
|
|
Invision Power Board (IP.Board) < 2.0.3 - Multiple Vulnerabilities
|
22 |
WEB
|
GulfTech Security
|
|
2015-04-19
|
|
AZBB < 1.0.07d - Multiple Vulnerabilities
|
19 |
WEB
|
GulfTech Security
|
|
2015-01-03
|
|
PhotoPost < 4.85 - Multiple Vulnerabilities
|
15 |
WEB
|
GulfTech Security
|
|
2015-01-02
|
|
ReviewPost < 2.84 - Multiple Vulnerabilities
|
16 |
WEB
|
GulfTech Security
|
|
2015-01-01
|
|
PhotoPost Classifieds < 2.01 - Multiple Vulnerabilities
|
15 |
WEB
|
GulfTech Security
|
|
2014-12-29
|
|
PHP-Calendar < 0.10.1 - Arbitrary File Inclusion
|
17 |
WEB
|
GulfTech Security
|
|
2014-12-27
|
|
WHM.AutoPilot < 2.4.6.5 - Multiple Vulnerabilities
|
15 |
WEB
|
GulfTech Security
|
|
2014-08-23
|
|
LiveWorld Multiple Products - Cross Site Scripting
|
17 |
WEB
|
GulfTech Security
|
|
2004-05-17
|
|
HelpCenter Live! < 1.2.7 - Multiple Vulnerabilities
|
17 |
WEB
|
GulfTech Security
|
|
2004-05-04
|
|
Invision Power Board (IP.Board) < 1.3.1 - Design Error
|
15 |
WEB
|
GulfTech Security
|
|
2004-05-04
|
|
PHPX < 3.26 - Multiple Vulnerabilities
|
15 |
WEB
|
GulfTech Security
|
|
2004-04-24
|
|
OpenBB < 1.0.6 - Multiple Vulnerabilities
|
14 |
WEB
|
GulfTech Security
|
|
2004-04-14
|
|
phpBugTracker < 0.9.1 - Multiple Vulnerabilities
|
14 |
WEB
|
GulfTech Security
|
|
2004-04-11
|
|
TikiWiki < 1.8.1 - Multiple Vulnerabilities
|
17 |
WEB
|
GulfTech Security
|
|
2004-03-28
|
|
PhotoPost < 4.6 - Multiple Vulnerabilities
|
17 |
WEB
|
GulfTech Security
|
|
2004-03-21
|
|
Invision Gallery < 1.0.1 - SQL Injection
|
14 |
WEB
|
GulfTech Security
|
|
2004-03-21
|
|
Invision Power Top Site List < 1.1 RC 2 - SQL Injection
|
17 |
WEB
|
GulfTech Security
|
|
2004-03-20
|
|
phpBB < 2.0.7a - Multiple Vulnerabilities
|
19 |
WEB
|
GulfTech Security
|
|
2004-03-15
|
|
Mambo < 4.5 - Multiple Vulnerabilities
|
16 |
WEB
|
GulfTech Security
|
|
2004-03-15
|
|
vBulletin < 3.0.0 RC4 - Cross Site Scripting
|
16 |
WEB
|
GulfTech Security
|
|
2004-03-15
|
|
Phorum < 5.0.3 Beta - Cross Site Scripting
|
15 |
WEB
|
GulfTech Security
|
|
2004-03-12
|
|
phpBB < 2.0.6d - Cross Site Scripting
|
17 |
WEB
|
GulfTech Security
|
|
2004-03-02
|
|
Invision Power Board (IP.Board) < 1.3 - SQL Injection
|
16 |
WEB
|
GulfTech Security
|
|
2004-01-13
|
|
phpShop < 0.6.1-b - Multiple Vulnerabilities
|
19 |
WEB
|
GulfTech Security
|
|
2004-01-13
|
|
phpGedView < 2.65 beta 5 - Multiple Vulnerabilities
|
17 |
WEB
|
GulfTech Security
|
|
2004-01-12
|
|
MetaDot < 5.6.5.4b5 - Multiple Vulnerabilities
|
18 |
WEB
|
GulfTech Security
|
|
2004-01-03
|
|
PostNuke < 0.726 Phoenix - Multiple Vulnerabilities
|
14 |
WEB
|
GulfTech Security
|
|
2003-12-22
|
|
osCommerce < 2.2-MS2 - Multiple Vulnerabilities
|
18 |
WEB
|
GulfTech Security
|
|
2003-12-18
|
|
ASPapp Multiple Products - Multiple Vulnerabilities
|
13 |
WEB
|
GulfTech Security
|
|
2003-12-18
|
|
AutoRank PHP < 2.0.4 - SQL Injection (PoC)
|
14 |
WEB
|
GulfTech Security
|
|
2003-12-16
|
|
Aardvark Topsites < 4.1.0 - Multiple Vulnerabilities
|
29 |
WEB
|
GulfTech Security
|
|
2003-12-16
|
|
Invision Power Board (IP.Board) < 2.0 Alpha 3 - SQL Injection (PoC)
|
14 |
WEB
|
GulfTech Security
|
|
2003-12-15
|
|
Invision Power Top Site List < 2.0 Alpha 3 - SQL Injection (PoC)
|
14 |
WEB
|
GulfTech Security
|
|
2003-12-15
|
|
DUWare Multiple Products - Multiple Vulnerabilities
|
19 |
WEB
|
GulfTech Security
|
|
2018-01-18
|
|
GitStack 2.3.10 - Remote Code Execution
|
16 |
WEB
|
Kacper Szurek
|
|
2018-01-18
|
|
Primefaces 5.x - Remote Code Execution (Metasploit)
|
19 |
WEB
|
Bjoern Schuette
|
|
2018-01-17
|
|
SugarCRM 3.5.1 - Cross-Site Scripting
|
17 |
WEB
|
Guilherme Assmann
|
|
2018-01-17
|
|
Belkin N600DB Wireless Router - Multiple Vulnerabilities
|
13 |
WEB
|
Wadeek
|
|
2018-01-17
|
|
D-Link DSL-2640R - DNS Change
|
19 |
WEB
|
Todor Donev
|
|
2018-01-17
|
|
Reservo Image Hosting Script 1.5 - Cross-Site Scripting
|
14 |
WEB
|
Dennis Veninga
|
|
2018-01-17
|
|
Zomato Clone Script - Arbitrary File Upload
|
13 |
WEB
|
Tauco
|
|
2018-01-15
|
|
Flash Operator Panel 2.31.03 - Command Execution
|
18 |
WEB
|
Vulnerability-Lab
|
|
2018-01-15
|
|
ILIAS < 5.2.4 - Cross-Site Scripting
|
19 |
WEB
|
Florian Kunushevci
|
|
2018-01-15
|
|
Oracle PeopleSoft 8.5x - Remote Code Execution
|
14 |
WEB
|
Vahagn Vardanyan
|
|
2018-01-15
|
|
Adminer 4.3.1 - Server-Side Request Forgery
|
14 |
WEB
|
hyp3rlinx
|
|
2018-01-15
|
|
Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect
|
13 |
WEB
|
Andrew Gill
|
|
2018-01-15
|
|
RISE 1.9 - 'search' SQL Injection
|
14 |
WEB
|
Ahmad Mahfouz
|
|
2018-01-15
|
|
PerfexCRM 1.9.7 - Arbitrary File Upload
|
15 |
WEB
|
Ahmad Mahfouz
|
|
2018-01-15
|
|
Domains & Hostings Manager PRO 3.0 - Authentication Bypass
|
17 |
WEB
|
Tauco
|
|
2018-01-15
|
|
ImgHosting 1.5 - Cross-Site Scripting
|
18 |
WEB
|
Dennis Veninga
|
|
2018-01-15
|
|
pfSense < 2.1.4 - 'status_rrd_graph_img.php' Command Injection
|
22 |
WEB
|
absolomb
|
|
2018-01-12
|
|
Taxi Booking Script 1.0 - Cross-site Scripting
|
22 |
WEB
|
Tauco
|
|
2018-01-12
|
|
Xnami 1.0 - Cross-Site Scripting
|
22 |
WEB
|
Dennis Veninga
|
|
2018-01-10
|
|
D-Link Routers 110/412/615/815 < 1.03 - 'service.cgi' Arbitrary Code Execution
|
20 |
WEB
|
Cr0n1c
|
|
2018-01-10
|
|
SAP NetWeaver J2EE Engine 7.40 - SQL Injection
|
18 |
WEB
|
Vahagn Vardanyan
|
|
2018-01-10
|
|
Joomla! Component Easydiscuss < 4.0.21 - Cross-Site Scripting
|
18 |
WEB
|
Mattia Furlani
|
|
2018-01-10
|
|
WordPress Plugin WordPress Download Manager 2.9.60 - Cross-Site Request Forgery
|
19 |
WEB
|
Panagiotis Vagenas
|
|
2018-01-10
|
|
WordPress Plugin Admin Menu Tree Page View 2.6.9 - Cross-Site Request Forgery / Privilege Escalation
|
14 |
WEB
|
Panagiotis Vagenas
|
|
2018-01-10
|
|
WordPress Plugin CMS Tree Page View 1.4 - Cross-Site Request Forgery / Privilege Escalation
|
18 |
WEB
|
Panagiotis Vagenas
|
|
2018-01-10
|
|
WordPress Plugin Social Media Widget by Acurax 3.2.5 - Cross-Site Request Forgery
|
17 |
WEB
|
Panagiotis Vagenas
|
|
2018-01-10
|
|
WordPress Plugin Events Calendar - 'event_id' SQL Injection
|
20 |
WEB
|
Dennis Veninga
|
|
2018-01-10
|
|
Muviko 1.1 - SQL Injection
|
16 |
WEB
|
Ahmad Mahfouz
|
|
2018-01-10
|
|
WordPress Plugin Service Finder Booking < 3.2 - Local File Disclosure
|
17 |
WEB
|
telahdihapus
|
|
2018-01-10
|
|
Synology Photostation 6.7.2-3429 - Remote Code Execution (Metasploit)
|
19 |
WEB
|
James Bercegay
|
|
2018-01-08
|
|
Vanilla < 2.1.5 - Cross-Site Request Forgery
|
16 |
WEB
|
Anand Meyyappan
|
|
2018-01-08
|
|
WordPress Plugin LearnDash 2.5.3 - Arbitrary File Upload
|
18 |
WEB
|
NinTechNet
|
|
2018-01-08
|
|
FiberHome LM53Q1 - Multiple Vulnerabilities
|
14 |
WEB
|
Ibad Shah
|
|
2018-01-08
|
|
SonicWall NSA 6600/5600/4600/3600/2600/250M - Multiple Vulnerabilities
|
14 |
WEB
|
Vulnerability-Lab
|
|
2018-01-08
|
|
Photos in Wifi 1.0.1 - Path Traversal
|
16 |
WEB
|
Vulnerability-Lab
|
|
2018-01-08
|
|
Synology DiskStation Manager (DSM) < 6.1.3-15152 - 'forget_passwd.cgi' User Enumeration
|
23 |
WEB
|
Steve Kaun
|
|
2018-01-05
|
|
Gespage 7.4.8 - SQL Injection
|
18 |
WEB
|
Sysdream
|
|
2003-06-16
|
|
Snitz Forums 2000 < 3.4.0.3 - Multiple Vulnerabilities
|
17 |
WEB
|
GulfTech Security
|
|
2003-06-06
|
|
Max Web Portal < 1.30 - Multiple Vulnerabilities
|
14 |
WEB
|
GulfTech Security
|
|
2003-06-04
|
|
MegaBrowser < 0.71b - Multiple Vulnerabilities
|
14 |
WEB
|
GulfTech Security
|
|
2003-06-03
|
|
FTP Service < 1.2 - Multiple Vulnerabilities
|
15 |
WEB
|
GulfTech Security
|
|
2003-06-02
|
|
WinMX < 2.6 - Design Error
|
18 |
WEB
|
GulfTech Security
|
|
2003-05-30
|
|
P-Synch < 6.2.5 - Multiple Vulnerabilities
|
14 |
WEB
|
GulfTech Security
|
