|
2017-02-13
|
|
Joomla! Component JE Video Rate 1.0 - SQL Injection
|
6 |
WEB
|
Ihsan Sencan
|
|
2017-02-13
|
|
Joomla! Component JE Tour 2.0 - SQL Injection
|
6 |
WEB
|
Ihsan Sencan
|
|
2017-02-13
|
|
Joomla! Component JE Property Finder 1.6.3 - SQL Injection
|
6 |
WEB
|
Ihsan Sencan
|
|
2017-02-13
|
|
Joomla! Component JE QuoteForm - 'Itemid' SQL Injection
|
6 |
WEB
|
Ihsan Sencan
|
|
2017-02-13
|
|
Joomla! Component JE Directory 1.7 - 'ditemid' SQL Injection
|
6 |
WEB
|
Ihsan Sencan
|
|
2017-02-13
|
|
Joomla! Component JE Gallery 1.3 - 'photo_id' SQL Injection
|
6 |
WEB
|
Ihsan Sencan
|
|
2017-02-13
|
|
Joomla! Component JE Classify Ads 1.2 - 'pro_id' SQL Injection
|
6 |
WEB
|
Ihsan Sencan
|
|
2017-02-13
|
|
PHP Marketplace Script - SQL Injection
|
7 |
WEB
|
Th3GundY
|
|
2017-02-12
|
|
Joomla! Component Soccer Bet 4.1.5 - 'userid' SQL Injection
|
6 |
WEB
|
Ihsan Sencan
|
|
2017-02-11
|
|
Joomla! Component Soccer Bet 4.1.5 - 'cat' SQL Injection
|
7 |
WEB
|
Persian Hack Team
|
|
2017-02-11
|
|
Joomla! Component Vik Booking 1.7 - SQL Injection
|
7 |
WEB
|
Persian Hack Team
|
|
2017-02-11
|
|
Joomla! Component Sponsor Wall 7.0 - 'wallid' SQL Injection
|
7 |
WEB
|
Persian Hack Team
|
|
2017-02-11
|
|
Joomla! Component onisMusic 2 - 'tag' SQL Injection
|
7 |
WEB
|
Persian Hack Team
|
|
2017-02-11
|
|
Joomla! Component onisQuotes 2.5 - 'tag' SQL Injection
|
7 |
WEB
|
Persian Hack Team
|
|
2017-02-11
|
|
Joomla! Component onisPetitions 2.5 - 'tag' SQL Injection
|
7 |
WEB
|
Persian Hack Team
|
|
2017-02-12
|
|
Domains & Hostings Manager PRO 3.0 - 'entries' SQL Injection
|
6 |
WEB
|
Ihsan Sencan
|
|
2017-02-12
|
|
Quadz School Management System 3.1 - 'uisd' SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-12
|
|
Viavi Product Review - 'id' SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-12
|
|
Viavi Movie Review - 'id' SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-12
|
|
Viavi Real Estate - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-12
|
|
TI Online Examination System 2.0 - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-12
|
|
WhizBiz 1.9 - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-12
|
|
Kodi 17.1 - Arbitrary File Disclosure
|
7 |
WEB
|
Eric Flokstra
|
|
2017-02-11
|
|
SonicDICOM PACS 2.3.2 - Privilege Escalation
|
7 |
WEB
|
LiquidWorm
|
|
2017-02-11
|
|
SonicDICOM PACS 2.3.2 - Cross-Site Request Forgery (Add Admin)
|
7 |
WEB
|
LiquidWorm
|
|
2017-02-11
|
|
SonicDICOM PACS 2.3.2 - Cross-Site Scripting
|
7 |
WEB
|
LiquidWorm
|
|
2017-02-09
|
|
WordPress Plugin Insert PHP 3.3.1 - PHP Code Injection
|
7 |
WEB
|
CrashBandicot
|
|
2017-02-10
|
|
HotelCMS with Booking Engine - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
Video Subscription - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
CodePaul ClipMass - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
Uploadr - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
CLUB-8 EMS - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
Automated Job Portal Script - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
QWIKIA 1.1.1 - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
Multilanguage Estate Agency Pro 1.2 - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
D-Link DIR-600M - Cross-Site Request Forgery
|
7 |
WEB
|
Ajay S. Kulal
|
|
2017-02-10
|
|
Zigaform - SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
Takas Classified 1.1 - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
Collabo - Arbitrary File Download
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
Youtube Analytics Multi Channel 3.0 - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
Gram Post 1.0 - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
Tiger Post 3.0.1 - SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
CMS Lite 1.3.1 - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-09
|
|
EXAMPLO - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-09
|
|
Client Expert 1.0.1 - SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-02-09
|
|
SOA School Management - 'view' SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-02-09
|
|
Fome SMS Portal 2.0 - SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-02-09
|
|
Sendroid 5.2 - SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-02-09
|
|
Mobiketa 3.5 - SQL Injection
|
11 |
WEB
|
Ihsan Sencan
|
|
2017-02-08
|
|
Multi Outlets POS 3.1 - 'id' SQL Injection
|
11 |
WEB
|
Ihsan Sencan
|
|
2017-02-08
|
|
Muviko Video CMS - SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-02-07
|
|
Responsive Filemanger <= 9.11.0 - Arbitrary File Disclosure
|
11 |
WEB
|
Wiswat Aswamenakul
|
|
2017-02-07
|
|
Easy File Uploader 1.2 - Arbitrary File Download
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-07
|
|
FTP Made Easy PRO 1.2 - Arbitrary File Download
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-02-07
|
|
Easy Web Search 3 - 'id' SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-02-07
|
|
Easy Support Tools 1.0 - 'stt' SQL Injection
|
11 |
WEB
|
Ihsan Sencan
|
|
2017-02-07
|
|
MySQL File Uploader 1.0 - 'id' SQL Injection
|
13 |
WEB
|
Ihsan Sencan
|
|
2017-02-07
|
|
Fully Featured News CMS 1.0 - 'id' SQL Injection
|
10 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
Questions and Answers Script 2.0.0 - 'cid' SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
Viral Fun Facts Sharing Script 1.1.0 - 'id' SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
Web Inspiration Gallery Script 1.0.0 - 'id' SQL Injection
|
11 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
NewsBee CMS - SQL Injection
|
10 |
WEB
|
Kaan KAMIS
|
|
2017-02-06
|
|
Viral Pictures and Video Script 2.0.0 - 'id' SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
Clone Script Directory Script 1.1.0 - 'cid' SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
Funny Image and Video Script 2.0.0 - 'id' SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
Visual Link Sharing Websites Builder Script 2.1.0 - SQL Injection
|
11 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
Ultimate Viral Media Script 1.0 - 'id' SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
Upworthy Clone Script 1.1.0 - 'id' SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
ThisIsWhyImBroke Clone Script 4.0 - 'id' SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
iScripts EasyCreate 3.2 - 'siteid' SQL Injection
|
11 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
iScripts AutoHoster 3.0 - 'siteid' SQL Injection
|
11 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
Itech Job Portal Script 9.13 - Multiple Vulnerabilities
|
9 |
WEB
|
Th3GundY
|
|
2017-02-04
|
|
Alstrasoft Template Seller Pro 3.25e - 'tempid' SQL Injection
|
11 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
Alstrasoft Forum Pay Per Post Exchange Script 2.01 - SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
Alstrasoft FMyLife Pro 1.02 - Cross-Site Request Forgery (Add Admin)
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
Alstrasoft Flippa Clone MarketPlace Script 4.10 - Cross-Site Request Forgery (Add Admin)
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
Alstrasoft Video Share Enterprise 4.72 - SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
Alstrasoft e-Friends 5.12 - SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
Alstrasoft ProTaxi Enterprise 3.5 - Arbitrary File Upload
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
Alstrasoft EPay Enterprise 5.17 - SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-02-03
|
|
Zoneminder 1.29/1.30 - Cross-Site Scripting / SQL Injection / Session Fixation / Cross-Site Request
|
10 |
WEB
|
Tim Herres
|
|
2017-02-03
|
|
Itech Multi Vendor Script 6.49 - SQL Injection
|
8 |
WEB
|
Th3GundY
|
|
2017-02-03
|
|
SlimarUSER Management 1.0 - 'id' SQL Injection
|
11 |
WEB
|
Kaan KAMIS
|
|
2017-02-02
|
|
Itech Travel Portal Script 9.35 - SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-02-02
|
|
Itech Movie Portal Script 7.37 - SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-02-02
|
|
Itech Auction Script 6.49 - 'pid' SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-02-02
|
|
Itech News Portal Script 6.28 - 'sc' SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-02-02
|
|
Itech Inventory Management Software 3.77 - SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-02-02
|
|
Property Listing Script - 'propid' Blind SQL Injection
|
8 |
WEB
|
Kaan KAMIS
|
|
2017-02-02
|
|
WordPress Core 4.7.0/4.7.1 - Content Injection (Ruby)
|
7 |
WEB
|
Harsh Jaiswal
|
|
2017-02-02
|
|
WordPress Core 4.7.0/4.7.1 - Content Injection
|
8 |
WEB
|
leonjza
|
|
2017-02-01
|
|
LogoStore - 'query' SQL Injection
|
7 |
WEB
|
Kaan KAMIS
|
|
2017-01-28
|
|
Joomla! Component JTAG Calendar 6.2.4 - 'search' SQL Injection
|
6 |
WEB
|
Persian Hack Team
|
|
2017-01-31
|
|
Netman 204 - Backdoor Account / Password Reset
|
7 |
WEB
|
Simon Gurney
|
|
2017-01-30
|
|
Netgear Routers - Password Disclosure
|
7 |
WEB
|
Trustwave's SpiderLabs
|
|
2017-01-30
|
|
Itech Video Sharing Script 4.94 - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-30
|
|
Itech Real Estate Script 3.12 - 'id' SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-30
|
|
Itech Dating Script 3.26 - 'send_gift.php' SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-30
|
|
Itech Classifieds Script 7.27 - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-30
|
|
HelpDeskZ < 1.0.2 - (Authenticated) SQL Injection / Unauthorized File Download
|
7 |
WEB
|
Mariusz Poplawski
|
|
2017-01-30
|
|
Itech Video Sharing Script 4.94 - 'v' SQL Injection
|
7 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
PHP Logo Designer Script - Arbitrary File Upload
|
6 |
WEB
|
Ihsan Sencan
|
|
2017-01-30
|
|
PHP Product Designer Script - Arbitrary File Upload
|
6 |
WEB
|
Ihsan Sencan
|
|
2017-01-30
|
|
Itech Real Estate Script 3.12 - SQL Injection
|
6 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
Itech News Portal Script 6.28 - 'inf' SQL Injection
|
7 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
Itech Multi Vendor Script 6.49 - 'pl' SQL Injection
|
8 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
Itech Freelancer Script 5.13 - SQL Injection
|
7 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
Itech Dating Script 3.26 - SQL Injection
|
7 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
Itech Classifieds Script 7.27 - 'scat' SQL Injection
|
7 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
Itech B2B Script 4.28 - SQL Injection
|
7 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
Itech Auction Script 6.49 - 'mcid' SQL Injection
|
6 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
Caregiver Script 2.57 - SQL Injection
|
6 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
PHP PEAR 1.10.1 - Arbitrary File Download
|
9 |
WEB
|
hyp3rlinx
|
|
2017-01-29
|
|
TrueConf Server 4.3.7 - Multiple Vulnerabilities
|
10 |
WEB
|
LiquidWorm
|
|
2017-01-27
|
|
WordPress Plugin Online Hotel Booking System Pro 1.0 - SQL Injection
|
10 |
WEB
|
Ihsan Sencan
|
|
2017-01-27
|
|
Online Hotel Booking System Pro 1.2 - SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-27
|
|
WordPress Plugin WP Private Messages 1.0.1 - SQL Injection (2)
|
8 |
WEB
|
Lenon Leite
|
|
2017-01-27
|
|
Radisys MRF - Command Injection
|
7 |
WEB
|
Filippos Mastrogiannis
|
|
2017-01-27
|
|
Maian Weblog 4.0 - SQL Injection
|
7 |
WEB
|
Kaan KAMIS
|
|
2017-01-27
|
|
My Photo Gallery 1.0 - SQL Injection
|
9 |
WEB
|
Kaan KAMIS
|
|
2017-01-26
|
|
Polycom VVX Web Interface - Change Admin Password
|
13 |
WEB
|
Mike Brown
|
|
2017-01-26
|
|
PHPBack < 1.3.1 - SQL Injection / Cross-Site Scripting
|
10 |
WEB
|
Manish Tanwar
|
|
2017-01-26
|
|
TM RG4332 Wireless Router - Arbitrary File Disclosure
|
11 |
WEB
|
Saeid Atabaki
|
|
2017-01-26
|
|
Web Based TimeSheet Script - Authentication Bypass
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-26
|
|
KB Messages PHP Script 1.0 - Authentication Bypass
|
7 |
WEB
|
Ihsan Sencan
|
