|
2017-09-12
|
|
D-Link DIR-8xx Routers - Root Remote Code Execution
|
18 |
WEB
|
embedi
|
|
2017-09-12
|
|
D-Link DIR-8xx Routers - Leak Credentials
|
24 |
WEB
|
embedi
|
|
2017-09-12
|
|
Consumer Review Script 1.0 - SQL Injection
|
19 |
WEB
|
8bitsec
|
|
2017-09-12
|
|
XYZ Auto Classifieds 1.0 - SQL Injection
|
25 |
WEB
|
8bitsec
|
|
2017-09-14
|
|
Justdial Clone Script - 'fid' SQL Injection
|
21 |
WEB
|
Ihsan Sencan
|
|
2017-09-14
|
|
Theater Management Script - SQL Injection
|
21 |
WEB
|
Ihsan Sencan
|
|
2017-09-14
|
|
PTC KSV1 Script 1.7 - 'type' SQL Injection
|
19 |
WEB
|
Ihsan Sencan
|
|
2017-09-14
|
|
Adserver Script 5.6 - SQL Injection
|
22 |
WEB
|
Ihsan Sencan
|
|
2017-09-14
|
|
Enterprise Edition Payment Processor Script 3.7 - SQL Injection
|
20 |
WEB
|
Ihsan Sencan
|
|
2011-09-13
|
|
Carel PlantVisor 2.4.4 - Directory Traversal
|
24 |
WEB
|
Luigi Auriemma
|
|
2017-09-13
|
|
Carel PlantVisor 2.4.4 - Directory Traversal Information Disclosure (Metasploit)
|
24 |
WEB
|
James Fitts
|
|
2017-09-13
|
|
Carlo Gavazzi Powersoft 2.1.1.1 - Directory Traversal File Disclosure (Metasploit)
|
22 |
WEB
|
James Fitts
|
|
2017-09-13
|
|
Indusoft Web Studio - Directory Traversal Information Disclosure (Metasploit)
|
21 |
WEB
|
James Fitts
|
|
2017-09-13
|
|
ICAffiliateTracking 1.1 - Authentication Bypass
|
23 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICSiteBuilder 1.1 - SQL Injection
|
22 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICHelpDesk 1.1 - 'pk' SQL Injection
|
22 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICEstate 1.1 - 'id' SQL Injection
|
23 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICDental Clinic 1.2 - 'key' SQL Injection
|
17 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICProjectBidding 1.1 - SQL Injection
|
18 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICCallLimousine 1.1 - 'key' SQL Injection
|
24 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICGrocery 1.1 - 'key' SQL Injection
|
24 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICProductConfigurator 1.1 - 'key' SQL Injection
|
27 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
IC-T-Shirt 1.2 - 'key' SQL Injection
|
22 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICJewelry 1.1 - 'key' SQL Injection
|
22 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICSurvey 1.1 - SQL Injection
|
24 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICStudents 1.2 - 'key' SQL Injection
|
23 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICClassifieds 1.1 - SQL Injection
|
21 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICTraveling 2.2 - Authentication Bypass
|
27 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICAutosales 2.2 - SQL Injection
|
26 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICDutchAuction 1.2 - SQL Injection
|
25 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICRestaurant software 1.4 - 'key' SQL Injection
|
25 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICDoctor Appointment 1.3 - 'key' SQL Injection
|
24 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICAuction 2.2 - 'id' SQL Injection
|
23 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICHotelReservation 3.3 - 'key' SQL Injection
|
26 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICMLM 2.1 - 'key' SQL Injection
|
24 |
WEB
|
Ihsan Sencan
|
|
2017-09-13
|
|
ICLowBidAuction 3.3 - SQL Injection
|
29 |
WEB
|
Ihsan Sencan
|
|
2017-09-12
|
|
inClick Cloud Server 5.0 - SQL Injection
|
26 |
WEB
|
Ihsan Sencan
|
|
2017-09-12
|
|
Gr8 Multiple Search Engine Script 1.0 - SQL Injection
|
25 |
WEB
|
Ihsan Sencan
|
|
2017-09-12
|
|
FoodStar 1.0 - SQL Injection
|
21 |
WEB
|
Ihsan Sencan
|
|
2017-09-12
|
|
osTicket 1.10 - SQL Injection (PoC)
|
24 |
WEB
|
Mehmet Ince
|
|
2017-09-11
|
|
AirStar Airbnb Clone Script 1.0 - SQL Injection
|
23 |
WEB
|
8bitsec
|
|
2017-09-11
|
|
EduStar Udemy Clone Script 1.0 - SQL Injection
|
36 |
WEB
|
8bitsec
|
|
2017-09-11
|
|
iTech StockPhoto Script 2.02 - SQL Injection
|
22 |
WEB
|
8bitsec
|
|
2017-09-11
|
|
iTech Book Store Script 2.02 - SQL Injection
|
28 |
WEB
|
8bitsec
|
|
2017-09-11
|
|
JobStar Monster Clone Script 1.0 - SQL Injection
|
20 |
WEB
|
8bitsec
|
|
2017-09-11
|
|
PHP Dashboards NEW 4.4 - SQL Injection
|
22 |
WEB
|
Ihsan Sencan
|
|
2017-09-11
|
|
PHP Dashboards NEW 4.4 - Arbitrary File Read
|
26 |
WEB
|
Ihsan Sencan
|
|
2017-09-11
|
|
WiseGiga NAS - Multiple Vulnerabilities
|
27 |
WEB
|
Pierre Kim
|
|
2017-09-05
|
|
FiberHome ADSL AN1020-25 - Improper Access Restrictions
|
23 |
WEB
|
Ibad Shah
|
|
2017-09-11
|
|
Nimble Professional 1.0 - Cross-Site Request Forgery (Update Admin)
|
22 |
WEB
|
Ihsan Sencan
|
|
2017-09-09
|
|
My Builder Marketplace 1.0 - SQL Injection
|
22 |
WEB
|
Ihsan Sencan
|
|
2017-09-09
|
|
Topsites Script 1.0 - Cross-Site Request Forgery / PHP Code Injection
|
28 |
WEB
|
Ihsan Sencan
|
|
2017-09-09
|
|
Law Firm 1.0 - SQL Injection
|
22 |
WEB
|
Ihsan Sencan
|
|
2017-09-09
|
|
Restaurant Website Script 1.0 - SQL Injection
|
20 |
WEB
|
Ihsan Sencan
|
|
2017-09-09
|
|
Professional Service Booking 1.0 - SQL Injection
|
22 |
WEB
|
Ihsan Sencan
|
|
2017-09-09
|
|
Online Print Business 1.0 - SQL Injection
|
23 |
WEB
|
Ihsan Sencan
|
|
2017-09-09
|
|
Just Dial Marketplace 1.0 - SQL Injection
|
21 |
WEB
|
Ihsan Sencan
|
|
2017-08-16
|
|
RPi Cam Control < 6.3.14 - Multiple Vulnerabilities
|
22 |
WEB
|
Alexander Korznikov
|
|
2017-09-09
|
|
Job Board Software 1.0 - SQL Injection
|
20 |
WEB
|
Ihsan Sencan
|
|
2017-09-09
|
|
Babysitter Website Script 1.0 - SQL Injection
|
18 |
WEB
|
Ihsan Sencan
|
|
2017-09-09
|
|
Escort Marketplace 1.0 - SQL Injection
|
24 |
WEB
|
Ihsan Sencan
|
|
2017-09-07
|
|
Huawei HG255s - Directory Traversal
|
17 |
WEB
|
Ahmet Mersin
|
|
2017-09-07
|
|
Roteador Wireless Intelbras WRN150 - Cross-Site Scripting
|
22 |
WEB
|
Elber Tavares
|
|
2017-09-07
|
|
EzInvoice 6.02 - SQL Injection
|
18 |
WEB
|
Ihsan Sencan
|
|
2017-09-07
|
|
EzBan 5.3 - 'id' SQL Injection
|
19 |
WEB
|
Ihsan Sencan
|
|
2017-09-07
|
|
Online Invoice System 3.0 - SQL Injection
|
22 |
WEB
|
Ihsan Sencan
|
|
2017-09-05
|
|
Ultimate HR System < 1.2 - Directory Traversal / Cross-Site Scripting
|
22 |
WEB
|
8bitsec
|
|
2017-09-06
|
|
Pay Banner Text Link Ad 1.0.6.1 - SQL Injection
|
16 |
WEB
|
Ihsan Sencan
|
|
2017-09-06
|
|
Pay Banner Text Link Ad 1.0.6.1 - Cross-Site Request Forgery (Update Admin)
|
20 |
WEB
|
Ihsan Sencan
|
|
2017-09-06
|
|
Advertiz PHP Script 0.2 - Cross-Site Request Forgery (Update Admin)
|
21 |
WEB
|
Ihsan Sencan
|
|
2017-09-06
|
|
Cory Support - 'pr' SQL Injection
|
23 |
WEB
|
v3n0m
|
|
2017-09-05
|
|
The Car Project 1.0 - SQL Injection
|
26 |
WEB
|
Ihsan Sencan
|
|
2017-09-01
|
|
WordPress Plugin Participants Database < 1.7.5.10 - Cross-Site Scripting
|
21 |
WEB
|
Benjamin Lim
|
|
2017-09-04
|
|
iGreeting Cards 1.0 - SQL Injection
|
22 |
WEB
|
Ihsan Sencan
|
|
2017-09-04
|
|
A2billing 2.x - Backup File Download / Remote Code Execution
|
21 |
WEB
|
0x4148
|
|
2017-09-05
|
|
A2billing 2.x - SQL Injection
|
22 |
WEB
|
0x4148
|
|
2017-08-09
|
|
Symantec Messaging Gateway < 10.6.3-267 - Cross-Site Request Forgery
|
21 |
WEB
|
Dhiraj Mishra
|
|
2017-09-04
|
|
CodeMeter 6.50 - Cross-Site Scripting
|
18 |
WEB
|
Vulnerability-Lab
|
|
2017-09-04
|
|
Wireless Repeater BE126 - Remote Code Execution
|
23 |
WEB
|
Hay Mizrachi
|
|
2017-09-03
|
|
Joomla! Component CheckList 1.1.0 - SQL Injection
|
17 |
WEB
|
Ihsan Sencan
|
|
2017-09-03
|
|
Joomla! Component Survey Force Deluxe 3.2.4 - 'invite' SQL Injection
|
20 |
WEB
|
Ihsan Sencan
|
|
2017-08-29
|
|
FineCMS 1.0 - Multiple Vulnerabilities
|
23 |
WEB
|
sohaip-hackerDZ
|
|
2017-08-31
|
|
Joomla! Component Huge-IT Portfolio Gallery Plugin 1.0.7 - SQL Injection
|
24 |
WEB
|
Larry W. Cashdollar
|
|
2017-08-31
|
|
Joomla! Component Huge-IT Portfolio Gallery Plugin 1.0.6 - SQL Injection
|
25 |
WEB
|
Larry W. Cashdollar
|
|
2017-08-31
|
|
Joomla! Component Huge-IT Video Gallery 1.0.9 - SQL Injection
|
27 |
WEB
|
Larry W. Cashdollar
|
|
2017-08-30
|
|
PHP-SecureArea < 2.7 - Multiple Vulnerabilities
|
26 |
WEB
|
Cryo
|
|
2017-08-30
|
|
Invoice Manager 3.1 - Cross-Site Request Forgery (Add Admin)
|
30 |
WEB
|
Ali BawazeEer
|
|
2017-03-07
|
|
iBall Baton 150M Wireless Router - Authentication Bypass
|
23 |
WEB
|
Indrajith.A.N
|
|
2017-08-30
|
|
Joomla! Component Joomanager 2.0.0 - 'com_Joomanager' Arbitrary File Download (PoC)
|
22 |
WEB
|
Ihsan Sencan
|
|
2017-08-30
|
|
Joomla! Component Quiz Deluxe 3.7.4 - SQL Injection
|
21 |
WEB
|
Ihsan Sencan
|
|
2017-08-29
|
|
Brickcom IP Camera - Credentials Disclosure
|
21 |
WEB
|
Emiliano Ipar
|
|
2017-08-28
|
|
PHP Video Battle Script 1.0 - SQL Injection
|
18 |
WEB
|
Ihsan Sencan
|
|
2017-08-29
|
|
User Login and Management - Multiple Vulnerabilities
|
21 |
WEB
|
Ali BawazeEer
|
|
2017-08-28
|
|
PHP Appointment Booking Script - Authentication Bypass
|
23 |
WEB
|
Ali BawazeEer
|
|
2017-08-28
|
|
Car or Cab Booking Script - Authentication Bypass
|
19 |
WEB
|
Ali BawazeEer
|
|
2017-08-29
|
|
D-Link DIR-600 - Authentication Bypass
|
19 |
WEB
|
Jithin D Kurup
|
|
2017-08-28
|
|
NethServer 7.3.1611 - Cross-Site Request Forgery (Create User / Enable SSH Access)
|
19 |
WEB
|
LiquidWorm
|
|
2017-08-28
|
|
NethServer 7.3.1611 - Cross-Site Request Forgery / Cross-Site Scripting
|
23 |
WEB
|
LiquidWorm
|
|
2017-08-28
|
|
Schools Alert Management Script - Authentication Bypass
|
22 |
WEB
|
Ali BawazeEer
|
|
2017-06-01
|
|
CMS Web-Gooroo < 1.141 - Multiple Vulnerabilities
|
17 |
WEB
|
Kaimi
|
|
2017-08-28
|
|
Login-Reg Members Management PHP 1.0 - Arbitrary File Upload
|
18 |
WEB
|
Ihsan Sencan
|
|
2017-08-28
|
|
Flash Poker 2.0 - 'game' SQL Injection
|
22 |
WEB
|
Ihsan Sencan
|
|
2017-08-28
|
|
PHP Search Engine 1.0 - SQL Injection
|
19 |
WEB
|
Ihsan Sencan
|
|
2017-08-28
|
|
Easy Web Search 4.0 - SQL Injection
|
20 |
WEB
|
Ihsan Sencan
|
|
2017-08-28
|
|
WYSIWYG HTML Editor PRO 1.0 - Arbitrary File Download
|
19 |
WEB
|
Ihsan Sencan
|
|
2017-08-28
|
|
FTP Made Easy PRO 1.2 - SQL Injection
|
21 |
WEB
|
Ihsan Sencan
|
|
2017-08-28
|
|
Smart Chat 1.0.0 - SQL Injection
|
21 |
WEB
|
Ihsan Sencan
|
|
2017-08-27
|
|
Matrimonial Script 2.7 - Authentication Bypass
|
23 |
WEB
|
Ali BawazeEer
|
|
2017-08-25
|
|
Joomla! Component Responsive Portfolio 1.6.1 - SQL Injection
|
20 |
WEB
|
Ihsan Sencan
|
|
2017-08-25
|
|
Joomla! Component Photo Contest 1.0.2 - SQL Injection
|
21 |
WEB
|
Ihsan Sencan
|
|
2017-08-25
|
|
AutoCar 1.1 - 'category' SQL Injection
|
20 |
WEB
|
Bora Bozdogan
|
|
2017-08-25
|
|
Joomla! Component OSDownloads 1.7.4 - SQL Injection
|
23 |
WEB
|
Ihsan Sencan
|
|
2017-08-24
|
|
Joomla! Component Price Alert 3.0.2 - 'product_id' SQL Injection
|
23 |
WEB
|
Ihsan Sencan
|
|
2017-08-24
|
|
Joomla! Component Bargain Product VM3 1.0 - 'product_id' SQL Injection
|
19 |
WEB
|
Ihsan Sencan
|
|
2017-08-23
|
|
Wireless Repeater BE126 - Local File Inclusion
|
22 |
WEB
|
Hay Mizrachi
|
|
2017-08-22
|
|
Matrimonial Script - SQL Injection
|
25 |
WEB
|
Ihsan Sencan
|
|
2017-08-22
|
|
Automated Logic WebCTRL 6.5 - Unrestricted File Upload / Remote Code Execution
|
25 |
WEB
|
LiquidWorm
|
|
2017-08-22
|
|
Automated Logic WebCTRL 6.1 - Path Traversal / Arbitrary File Write
|
26 |
WEB
|
LiquidWorm
|
|
2017-08-21
|
|
PHPMyWind 5.3 - Cross-Site Scripting
|
27 |
WEB
|
小雨
|
|
2017-08-21
|
|
PHP Jokesite 2.0 - 'joke_id' SQL Injection
|
20 |
WEB
|
Ihsan Sencan
|
|
2017-08-21
|
|
PHP-Lance 1.52 - 'subcat' SQL Injection
|
21 |
WEB
|
Ihsan Sencan
|
|
2017-08-21
|
|
Joomla! Component Ajax Quiz 1.8 - SQL Injection
|
19 |
WEB
|
Ihsan Sencan
|
|
2017-08-21
|
|
(Bitcoin / Dogecoin) PHP Cloud Mining Script - Authentication Bypass
|
23 |
WEB
|
Ihsan Sencan
|
|
2017-08-21
|
|
Joomla! Component FocalPoint 1.2.3 - SQL Injection
|
19 |
WEB
|
Ihsan Sencan
|
|
2017-08-21
|
|
iTech Social Networking Script 3.08 - SQL Injection
|
19 |
WEB
|
Ihsan Sencan
|
