|
2017-01-26
|
|
KB Login Authentication Script 1.1 - Authentication Bypass
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-26
|
|
KB Affiliate Referral Script 1.0 - Authentication Bypass
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-26
|
|
PHP PEAR HTTP_Upload 1.0.0b3 - Arbitrary File Upload
|
10 |
WEB
|
hyp3rlinx
|
|
2017-01-20
|
|
Joomla! < 3.6.4 - Admin Takeover
|
8 |
WEB
|
Charles Fol
|
|
2017-01-20
|
|
Joomla! < 2.5.2 - Admin Creation
|
8 |
WEB
|
Charles Fol
|
|
2017-01-25
|
|
Movie Portal Script 7.36 - Multiple Vulnerabilities
|
8 |
WEB
|
Marc Castejon
|
|
2017-01-20
|
|
MyBB < 1.8.3 (with PHP 5.6 < 5.6.11) - Remote Code Execution
|
8 |
WEB
|
Taoguang Chen
|
|
2017-01-24
|
|
WD My Cloud Mirror 2.11.153 - Authentication Bypass / Remote Code Execution
|
8 |
WEB
|
Kacper Szurek
|
|
2017-01-21
|
|
PageKit 1.0.10 - Password Reset
|
10 |
WEB
|
Saurabh Banawar
|
|
2017-01-22
|
|
NTOPNG 2.4 Web Interface - Cross-Site Request Forgery
|
9 |
WEB
|
hyp3rlinx
|
|
2017-01-20
|
|
B2B Alibaba Clone Script - 'IndustryID' SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-20
|
|
Mini CMS 1.1 - Authentication Bypass
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-20
|
|
Affiliate Tracking Script 1.1 - Authentication Bypass
|
6 |
WEB
|
Ihsan Sencan
|
|
2017-01-20
|
|
Music Site Script 1.2 - Authentication Bypass
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-20
|
|
Job Site PHP Script 1.1 - Authentication Bypass
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-20
|
|
Mini Blog 1.1 - Authentication Bypass
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-20
|
|
ICTutors Tutoring Site Script 1.1 - Authentication Bypass
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-20
|
|
Domains Marketplace Script 1.1 - Authentication Bypass
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-20
|
|
ICGames-Games Site Script 1.2 - Authentication Bypass
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-20
|
|
Complain Management System - SQL injection
|
10 |
WEB
|
Sibusiso Sishi
|
|
2017-01-19
|
|
Classifieds Script - 'term' SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-01-19
|
|
Video Site Creator Script - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-19
|
|
Home of Viral Images_ Videos and Articles Script - SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-19
|
|
Job Vacancy Script - SQL Injection
|
5 |
WEB
|
Ihsan Sencan
|
|
2017-01-19
|
|
Vine VideoSite Creator Script - SQL Injection
|
6 |
WEB
|
Ihsan Sencan
|
|
2017-01-19
|
|
Viral Image Sharing Script - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-19
|
|
Social News and Bookmarking Script - SQL Injection
|
6 |
WEB
|
Ihsan Sencan
|
|
2017-01-19
|
|
Image and Video Script - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-19
|
|
Viral Image & Video Sharing GagZone Script - SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-19
|
|
Pirelli DRG A115 v3 ADSL Router - DNS Change
|
7 |
WEB
|
Todor Donev
|
|
2017-01-19
|
|
Tenda ADSL2/2+ Modem D820R - DNS Change
|
8 |
WEB
|
Todor Donev
|
|
2017-01-18
|
|
B2B Script 4.27 - SQL Injection
|
8 |
WEB
|
Dawid Morawski
|
|
2017-01-18
|
|
Flippa Website Script - SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-17
|
|
Courier Management System - SQL Injection
|
9 |
WEB
|
Sibusiso Sishi
|
|
2017-01-18
|
|
Study Abroad Educational Website Script - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Shiksha Educational Website Script - SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Online Tshirt Design Script - SQL Injection
|
10 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Online Printing Business Clone Script - SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Clone of Oddee Script 1.1.3 - SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Online Mobile Recharge Script - SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Questions and Answers Script 1.1.3 - 'id' SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
NGO Website Script - SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Yoga and Fitness Website Script - SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
NGO Directory Script - SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
My Private Tutor Website Builder Script - SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Micro Blog Script - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Manufacturer Website Design Script - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Dentist Website Script - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Buy and Sell Market Place Software - SQL Injection
|
6 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Business Directory Script - SQL Injection
|
5 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Justdial Clone Script - Authentication Bypass
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Finance Website Script - SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Wetransfer Clone Script - Authentication Bypass
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Auction Website Script - SQL Injection
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Fileserve Clone Script - Authentication Bypass
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Medical Clinic Website Script - SQL Injection
|
10 |
WEB
|
Ihsan Sencan
|
|
2017-01-17
|
|
Openexpert 0.5.17 - 'area_id' SQL Injection
|
13 |
WEB
|
Nassim Asrir
|
|
2017-01-17
|
|
Check Box 2016 Q2 Survey - Multiple Vulnerabilities
|
10 |
WEB
|
Fady Mohammed Osman
|
|
2017-01-17
|
|
BoZoN 2.4 - Remote Code Execution
|
12 |
WEB
|
hyp3rlinx
|
|
2017-01-17
|
|
dirLIST 0.3.0 - Arbitrary File Upload
|
10 |
WEB
|
hyp3rlinx
|
|
2017-01-08
|
|
ManagEnegine ADManager Plus 6.5.40 - Multiple Vulnerabilities
|
10 |
WEB
|
Mehmet Ince
|
|
2017-01-16
|
|
Million Pixels 3 - Authentication Bypass
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-16
|
|
Image Sharing Script 4.13 - Multiple Vulnerabilities
|
10 |
WEB
|
Hasan Emre Ozer
|
|
2017-01-16
|
|
Tenda ADSL2/2+ Modem D840R - DNS Change
|
10 |
WEB
|
Todor Donev
|
|
2017-01-16
|
|
Pirelli DRG A115 ADSL Router - DNS Change
|
8 |
WEB
|
Todor Donev
|
|
2017-01-16
|
|
Business Networking Script 8.11 - SQL Injection / Cross-Site Scripting
|
8 |
WEB
|
Ahmet Gurel
|
|
2017-01-12
|
|
Huawei Flybox B660 - Cross-Site Request Forgery (2)
|
11 |
WEB
|
Vulnerability-Lab
|
|
2017-01-15
|
|
MC Documentation Creator Script - SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
MC Coming Soon Script - Arbitrary File Upload / Improper Access Restrictions
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
MC Inventory Manager Script - Multiple Vulnerabilities
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
MC Hosting Coupons Script - Cross-Site Request Forgery
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
MC Real Estate Pro Script - Improper Access Restrictions
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
MC Yellow Pages Script - SQL Injection
|
10 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
MC Buy and Sell Cars Script 1.1 - SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
MC Smart Shop Script - SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
e-Soft24 Jokes Portal Script Seo 1.3 - Authentication Bypass
|
10 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
Article Directory Script Seo 3.2 - Improper Access Restrictions
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
9 Network Linkedin Clone Script - Improper Access Restrictions
|
10 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Courier Business Website Script - Authentication Bypass
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Professional Service Booking Script - SQL Injection
|
11 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Education Website Script - Authentication Bypass
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Inout Celebrities 1.0 Script - Improper Access Restrictions
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Inout SocialTiles 2.0 Script - Improper Access Restrictions
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Inout CareerLamp 1.0 Script - Improper Access Restrictions
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Inout QuerySpace 1.0 Script - Improper Access Restrictions
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Inout SmartDeal 1.0 Script - Improper Access Restrictions
|
10 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Inout Webmail Ultimate Edition 4.0 Script - Improper Access Restrictions
|
11 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Inout Search Engine Ultimate Edition 7.0/8.0 Script - Improper Access Restrictions
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Inout StickBoard 1.0 Script - Improper Access Restrictions
|
10 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Open Source Real-Estate Script - SQL Injection
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Entrepreneur Matrimonial Script - Authentication Bypass
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Just Dial Marketplace - Authentication Bypass
|
10 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Hindu Matrimonial Script - Authentication Bypass
|
11 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
My Private Tutor Website Script - Authentication Bypass
|
10 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Zeroshell 3.6.0/3.7.0 Net Services - Remote Code Execution
|
9 |
WEB
|
Ozer Goker
|
|
2017-01-11
|
|
ECommerce-Multi-Vendor Software - Arbitrary File Upload
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-01-11
|
|
ECommerce-TIBSECART - Arbitrary File Upload
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-11
|
|
Penny Auction Script - Arbitrary File Upload
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-11
|
|
Airbnb Clone Script - Arbitrary File Upload
|
8 |
WEB
|
Ihsan Sencan
|
|
2017-01-11
|
|
School Management Software 2.75 - SQL Injection
|
6 |
WEB
|
Ihsan Sencan
|
|
2017-01-10
|
|
D-Link DIR-615 - Multiple Vulnerabilities
|
8 |
WEB
|
Osanda Malith Jayathissa
|
|
2017-01-11
|
|
iTechscripts Freelancer Script 5.11 - 'sk' SQL Injection
|
9 |
WEB
|
v3n0m
|
|
2017-01-12
|
|
Online Food Delivery 2.04 - Authentication Bypass
|
8 |
WEB
|
Dawid Morawski
|
|
2017-01-12
|
|
Itech Job Portal Script 9.11 - Authentication Bypass
|
7 |
WEB
|
Dawid Morawski
|
|
2017-01-11
|
|
Dating Script 3.25 - SQL Injection
|
8 |
WEB
|
Dawid Morawski
|
|
2017-01-11
|
|
Itech Movie Portal Script 7.35 - SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-11
|
|
Itech Travel Portal Script 9.33 - SQL Injection
|
10 |
WEB
|
Ihsan Sencan
|
|
2017-01-10
|
|
Huawei Flybox B660 - Cross-Site Request Forgery (1)
|
8 |
WEB
|
Vulnerability-Lab
|
|
2017-01-09
|
|
Blackboard LMS 9.1 SP14 - Cross-Site Scripting
|
8 |
WEB
|
Vulnerability-Lab
|
|
2016-12-29
|
|
b2evolution 6.8.2 - Arbitrary File Upload
|
9 |
WEB
|
Li Fei
|
|
2017-01-11
|
|
My Link Trader 1.1 - 'id' SQL Injection
|
7 |
WEB
|
Dawid Morawski
|
|
2017-01-11
|
|
Starting Page 1.3 - 'category' SQL Injection
|
7 |
WEB
|
Ben Lee
|
|
2017-01-10
|
|
FMyLife Clone Script (Pro Edition) 1.1 - Cross-Site Request Forgery (Add Admin)
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-01-10
|
|
WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 - Privilege Escalation
|
8 |
WEB
|
Kacper Szurek
|
|
2016-12-23
|
|
Freepbx < 2.11.1.5 - Remote Code Execution
|
7 |
WEB
|
inj3ctor3
|
|
2017-01-10
|
|
Starting Page 1.3 - 'linkid' SQL Injection
|
6 |
WEB
|
JaMbA
|
|
2017-01-09
|
|
Friends in War Make or Break 1.7 - 'imgid' SQL Injection
|
9 |
WEB
|
v3n0m
|
|
2017-01-09
|
|
My PHP Dating 2.0 - 'id' SQL Injection
|
7 |
WEB
|
Sniper Pex
|
|
2017-01-09
|
|
My PHP Dating 2.0 - 'path' SQL Injection
|
7 |
WEB
|
Ihsan Sencan
|
|
2017-01-07
|
|
My Link Trader 1.1 - Authentication Bypass
|
9 |
WEB
|
Ihsan Sencan
|
|
2017-01-07
|
|
Splunk 6.1.1 - 'Referer' Header Cross-Site Scripting
|
10 |
WEB
|
justpentest
|
|
2017-01-04
|
|
Atlassian Confluence < 5.10.6 - Persistent Cross-Site Scripting
|
9 |
WEB
|
Jodson Santos
|
|
2017-01-03
|
|
My Click Counter 1.0 - Authentication Bypass
|
10 |
WEB
|
Adam
|
|
2017-01-02
|
|
PHPMailer < 5.2.20 / SwiftMailer < 5.4.5-DEV / Zend Framework / zend-mail < 2.4.11 - 'AIO' 'PwnScrip
|
8 |
WEB
|
Dawid Golunski
|
|
2016-12-09
|
|
D-Link DI-524 - Cross-Site Request Forgery
|
12 |
WEB
|
Felipe Soares de Souza
|
