|
2016-09-27
|
|
TP-Link Archer CR-700 - Cross-Site Scripting
|
27 |
WEB
|
Ayushman Dutta
|
|
2016-09-26
|
|
Joomla! Component Event Booking 2.10.1 - SQL Injection
|
26 |
WEB
|
Persian Hack Team
|
|
2016-09-22
|
|
Matrimonial Website Script 1.0.2 - SQL Injection
|
32 |
WEB
|
N4TuraL
|
|
2016-09-22
|
|
Kerio Control Unified Threat Management 9.1.0 build 1087/9.1.1 build 1324 - Multiple Vulnerabilities
|
33 |
WEB
|
SEC Consult
|
|
2016-09-22
|
|
Joomla! Component com_videogallerylite 1.0.9 - SQL Injection
|
33 |
WEB
|
Larry W. Cashdollar
|
|
2016-09-22
|
|
Exponent CMS 2.3.9 - Blind SQL Injection
|
28 |
WEB
|
Manuel García Cárdenas
|
|
2016-09-22
|
|
Microix Timesheet Module - SQL Injection
|
32 |
WEB
|
Anthony Cole
|
|
2016-09-20
|
|
Dolphin 7.3.0 - Error-Based SQL Injection
|
28 |
WEB
|
Kacper Szurek
|
|
2016-09-20
|
|
VegaDNS 0.13.2 - Remote Command Injection
|
30 |
WEB
|
Wireghoul
|
|
2016-09-19
|
|
ZineBasic 1.1 - Arbitrary File Disclosure
|
28 |
WEB
|
bd0rk
|
|
2016-09-19
|
|
MuM MapEdit 3.2.6.0 - Multiple Vulnerabilities
|
31 |
WEB
|
Paul Baade & Sven Krewitt
|
|
2016-09-19
|
|
MyBB 1.8.6 - SQL Injection
|
27 |
WEB
|
Curesec Research Team
|
|
2016-09-19
|
|
Kajona 4.7 - Cross-Site Scripting / Directory Traversal
|
29 |
WEB
|
Curesec Research Team
|
|
2016-09-19
|
|
WordPress Plugin Order Export Import for WooCommerce - Order Information Disclosure
|
34 |
WEB
|
david-peltier
|
|
2016-09-19
|
|
BuilderEngine 3.5.0 - Arbitrary File Upload
|
30 |
WEB
|
metanubix
|
|
2016-09-16
|
|
AnoBBS 1.0.1 - Remote File Inclusion
|
27 |
WEB
|
bd0rk
|
|
2016-09-15
|
|
Cisco EPC 3925 - Multiple Vulnerabilities
|
30 |
WEB
|
Patryk Bogdan
|
|
2016-09-13
|
|
Open-Xchange App Suite 7.8.2 - Cross-Site Scripting
|
24 |
WEB
|
Jakub A>>oczek
|
|
2016-09-13
|
|
Open-Xchange Guard 2.4.2 - Multiple Cross-Site Scripting Vulnerabilities
|
28 |
WEB
|
Benjamin Daniel Mussler
|
|
2016-09-13
|
|
ASUS DSL-X11 ADSL Router - DNS Change
|
28 |
WEB
|
Todor Donev
|
|
2016-09-13
|
|
COMTREND ADSL Router CT-5367 C01_R12 / CT-5624 C01_R03 - DNS Change
|
29 |
WEB
|
Todor Donev
|
|
2016-09-13
|
|
Tenda ADSL2/2+ Modem 963281TAN - DNS Change
|
40 |
WEB
|
Todor Donev
|
|
2016-09-13
|
|
PLANET VDR-300NU ADSL Router - DNS Change
|
33 |
WEB
|
Todor Donev
|
|
2016-09-13
|
|
PIKATEL 96338WS_ 96338L-2M-8M - DNS Change
|
26 |
WEB
|
Todor Donev
|
|
2016-09-13
|
|
Inteno EG101R1 VoIP Router - DNS Change
|
27 |
WEB
|
Todor Donev
|
|
2016-09-13
|
|
Exper EWM-01 ADSL/MODEM - DNS Change
|
31 |
WEB
|
Todor Donev
|
|
2016-09-13
|
|
Contrexx CMS egov Module 1.0.0 - SQL Injection
|
32 |
WEB
|
hamidreza borghei
|
|
2016-09-13
|
|
wdCalendar 2 - SQL Injection
|
37 |
WEB
|
Alfonso Castillo Angel
|
|
2016-09-13
|
|
Cherry Music 0.35.1 - Arbitrary File Disclosure
|
37 |
WEB
|
feedersec
|
|
2016-09-09
|
|
Airmail 3.0.2 - Cross-Site Scripting
|
30 |
WEB
|
redrain
|
|
2016-09-09
|
|
Vodafone Mobile Wifi - Reset Admin Password
|
30 |
WEB
|
Daniele Linguaglossa
|
|
2016-09-08
|
|
Zabbix 2.0 < 3.0.3 - SQL Injection
|
30 |
WEB
|
Zzzians
|
|
2016-09-08
|
|
Jobberbase 2.0 - Multiple Vulnerabilities
|
33 |
WEB
|
Ross Marks
|
|
2016-09-07
|
|
Adobe ColdFusion < 11 Update 10 - XML External Entity Injection
|
29 |
WEB
|
Dawid Golunski
|
|
2016-09-07
|
|
FreePBX 13.0.x < 13.0.154 - Remote Command Execution
|
29 |
WEB
|
i-Hmx
|
|
2016-09-07
|
|
CumulusClips 2.4.1 - Multiple Vulnerabilities
|
29 |
WEB
|
kor3k
|
|
2016-09-06
|
|
PHPIPAM 1.2.1 - Multiple Vulnerabilities
|
24 |
WEB
|
Saeed reza Zamanian
|
|
2016-09-05
|
|
WordPress Plugin RB Agency 2.4.7 - Local File Disclosure
|
34 |
WEB
|
Persian Hack Team
|
|
2016-09-04
|
|
Belkin F9K1122v1 1.00.30 - Buffer Overflow (via Cross-Site Request Forgery)
|
29 |
WEB
|
b1ack0wl
|
|
2016-08-31
|
|
ZKTeco ZKAccess Security System 5.3.1 - Persistent Cross-Site Scripting
|
31 |
WEB
|
LiquidWorm
|
|
2016-08-31
|
|
ZKTeco ZKBioSecurity 3.0 - 'visLogin.jsp' Local Authentication Bypass
|
29 |
WEB
|
LiquidWorm
|
|
2016-08-31
|
|
ZKTeco ZKBioSecurity 3.0 - Directory Traversal
|
33 |
WEB
|
LiquidWorm
|
|
2016-08-31
|
|
ZKTeco ZKBioSecurity 3.0 - Cross-Site Request Forgery (Add Superadmin)
|
36 |
WEB
|
LiquidWorm
|
|
2016-08-31
|
|
ZKTeco ZKBioSecurity 3.0 - Hard-Coded Credentials SYSTEM Remote Code Execution
|
37 |
WEB
|
LiquidWorm
|
|
2016-08-29
|
|
FreePBX 13.0.35 - SQL Injection
|
38 |
WEB
|
i-Hmx
|
|
2016-08-29
|
|
PLC Wireless Router GPN2.4P21-C-CN - Arbitrary File Disclosure
|
32 |
WEB
|
Rahul Raz
|
|
2016-08-29
|
|
Intellinet IP Camera INT-L100M20N - Unauthorized Admin Credential Change
|
28 |
WEB
|
Todor Donev
|
|
2016-08-29
|
|
HelpDeskZ 1.0.2 - Arbitrary File Upload
|
26 |
WEB
|
Lars Morgenroth
|
|
2016-08-29
|
|
FreePBX 13.0.35 - Remote Command Execution
|
30 |
WEB
|
0x4148
|
|
2016-08-24
|
|
WordPress Plugin CYSTEME Finder 1.3 - Arbitrary File Disclosure/Arbitrary File Upload
|
29 |
WEB
|
T0w3ntum
|
|
2016-08-23
|
|
chatNow - Multiple Vulnerabilities
|
29 |
WEB
|
HaHwul
|
|
2016-08-23
|
|
SimplePHPQuiz - Blind SQL Injection
|
28 |
WEB
|
HaHwul
|
|
2016-08-23
|
|
WordPress Plugin Mail Masta 1.0 - Local File Inclusion
|
30 |
WEB
|
Guillermo Garcia Marcos
|
|
2016-08-22
|
|
WordPress Core 4.5.3 - Directory Traversal / Denial of Service
|
31 |
WEB
|
Yorick Koster
|
|
2016-08-22
|
|
Sakai 10.7 - Multiple Vulnerabilities
|
27 |
WEB
|
LiquidWorm
|
|
2016-08-22
|
|
Ocomon 2.0 - SQL Injection
|
28 |
WEB
|
Jonatas Fil
|
|
2016-08-22
|
|
VideoIQ Camera - Local File Disclosure
|
31 |
WEB
|
Yakir Wizman
|
|
2016-08-22
|
|
Honeywell IP-Camera HICC-1100PT - Local File Disclosure
|
23 |
WEB
|
Yakir Wizman
|
|
2016-08-22
|
|
JVC IP-Camera VN-T216VPRU - Local File Disclosure
|
24 |
WEB
|
Yakir Wizman
|
|
2016-08-22
|
|
Vanderbilt IP-Camera CCPW3025-IR / CVMW3025-IR - Local File Disclosure
|
26 |
WEB
|
Yakir Wizman
|
|
2016-08-19
|
|
tcPbX - 'tcpbx_lang' Local File Inclusion
|
28 |
WEB
|
0x4148
|
|
2016-08-19
|
|
MESSOA IP Cameras (Multiple Models) - Password Change
|
26 |
WEB
|
Todor Donev
|
|
2016-08-19
|
|
Fortigate Firewalls - 'EGREGIOUSBLUNDER' Remote Code Execution
|
26 |
WEB
|
Shadow Brokers
|
|
2016-08-19
|
|
TOPSEC Firewalls - 'ELIGIBLEBOMBSHELL' Remote Code Execution
|
25 |
WEB
|
Shadow Brokers
|
|
2016-08-19
|
|
TOPSEC Firewalls - 'ELIGIBLECANDIDATE' Remote Code Execution
|
29 |
WEB
|
Shadow Brokers
|
|
2016-08-19
|
|
TOPSEC Firewalls - 'ELIGIBLECONTESTANT' Remote Code Execution
|
27 |
WEB
|
Shadow Brokers
|
|
2016-08-19
|
|
ZYCOO IP Phone System - Remote Command Execution
|
29 |
WEB
|
0x4148
|
|
2016-08-19
|
|
MESSOA IP-Camera NIC990 - Authentication Bypass / Configuration Download
|
26 |
WEB
|
Todor Donev
|
|
2016-08-19
|
|
TOSHIBA IP-Camera IK-WP41A - Authentication Bypass / Configuration Download
|
27 |
WEB
|
Todor Donev
|
|
2016-08-19
|
|
C2S DVR Management IRDOME-II-C2S / IRBOX-II-C2S / DVR - Credentials Disclosure / Authentication Bypa
|
26 |
WEB
|
Yakir Wizman
|
|
2016-08-19
|
|
JVC IP-Camera VN-T216VPRU - Credentials Disclosure
|
25 |
WEB
|
Yakir Wizman
|
|
2016-08-19
|
|
Vanderbilt IP-Camera CCPW3025-IR / CVMW3025-IR - Credentials Disclosure
|
28 |
WEB
|
Yakir Wizman
|
|
2016-08-19
|
|
SIEMENS IP Cameras (Multiple Models) - Credential Disclosure / Configuration Download
|
26 |
WEB
|
Todor Donev
|
|
2016-08-18
|
|
Honeywell IP-Camera HICC-1100PT - Credentials Disclosure
|
33 |
WEB
|
Yakir Wizman
|
|
2016-08-18
|
|
SIEMENS IP Camera CCMW1025 x.2.2.1798 - Remote Admin Credentials Change
|
31 |
WEB
|
Todor Donev
|
|
2016-08-17
|
|
SIEMENS IP-Camera CVMS2025-IR / CCMS2025 - Credentials Disclosure
|
29 |
WEB
|
Yakir Wizman
|
|
2016-08-16
|
|
Nagios Incident Manager 2.0.0 - Multiple Vulnerabilities
|
31 |
WEB
|
Security-Assessment.com
|
|
2016-08-16
|
|
Nagios Network Analyzer 2.2.0 - Multiple Vulnerabilities
|
27 |
WEB
|
Security-Assessment.com
|
|
2016-08-16
|
|
Nagios Log Server 1.4.1 - Multiple Vulnerabilities
|
24 |
WEB
|
Security-Assessment.com
|
|
2016-08-16
|
|
Pi-Hole Web Interface 2.8.1 - Persistent Cross-Site Scripting in Whitelist/Blacklist
|
25 |
WEB
|
loneferret
|
|
2016-08-16
|
|
Lepton CMS 2.2.0/2.2.1 - PHP Code Injection
|
29 |
WEB
|
hyp3rlinx
|
|
2016-08-16
|
|
Lepton CMS 2.2.0/2.2.1 - Directory Traversal
|
30 |
WEB
|
hyp3rlinx
|
|
2016-08-16
|
|
WSO2 Carbon 4.4.5 - Denial of Service / Cross-Site Request Forgery
|
28 |
WEB
|
hyp3rlinx
|
|
2016-08-16
|
|
WSO2 Carbon 4.4.5 - Persistent Cross-Site Scripting
|
30 |
WEB
|
hyp3rlinx
|
|
2016-08-16
|
|
WSO2 Carbon 4.4.5 - Local File Inclusion
|
27 |
WEB
|
hyp3rlinx
|
|
2016-08-16
|
|
WSO2 Identity Server 5.1.0 - Multiple Vulnerabilities
|
28 |
WEB
|
hyp3rlinx
|
|
2016-08-15
|
|
Zabbix 2.2.x/3.0.x - SQL Injection
|
28 |
WEB
|
1n3
|
|
2016-08-15
|
|
GitLab - 'impersonate' Feature Privilege Escalation
|
29 |
WEB
|
Kaimi
|
|
2016-08-11
|
|
ColoradoFTP 1.3 Prime Edition (Build 8) - Directory Traversal
|
30 |
WEB
|
Rv3Laboratory
|
|
2016-08-10
|
|
WebNMS Framework Server 5.2/5.2 SP1 - Multiple Vulnerabilities
|
35 |
WEB
|
Pedro Ribeiro
|
|
2016-08-10
|
|
EyeLock nano NXT 3.5 - Remote Code Execution
|
30 |
WEB
|
LiquidWorm
|
|
2016-08-10
|
|
EyeLock nano NXT 3.5 - Local File Disclosure
|
30 |
WEB
|
LiquidWorm
|
|
2016-08-10
|
|
vBulletin 5.2.2 - Server-Side Request Forgery
|
32 |
WEB
|
Dawid Golunski
|
|
2016-08-10
|
|
Nagios Network Analyzer 2.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities
|
30 |
WEB
|
hyp3rlinx
|
|
2016-08-08
|
|
WordPress Plugin Add From Server < 3.3.2 - Cross-Site Request Forgery (Arbitrary File Upload)
|
25 |
WEB
|
Edwin Molenaar
|
|
2016-08-08
|
|
PHPCollab CMS 2.5 - 'emailusers.php' SQL Injection
|
31 |
WEB
|
Vulnerability-Lab
|
|
2016-08-08
|
|
Navis Webaccess - SQL Injection
|
27 |
WEB
|
bRpsd
|
|
2016-08-06
|
|
NUUO NVRmini 2 3.0.8 - 'strong_user.php' Backdoor Remote Shell Access
|
29 |
WEB
|
LiquidWorm
|
|
2016-08-06
|
|
NUUO NVRmini 2 3.0.8 - Arbitrary File Deletion
|
25 |
WEB
|
LiquidWorm
|
|
2016-08-06
|
|
NUUO NVRmini 2 3.0.8 - Remote Command Injection (Shellshock)
|
23 |
WEB
|
LiquidWorm
|
|
2016-08-06
|
|
NUUO NVRmini 2 3.0.8 - Multiple OS Command Injections
|
27 |
WEB
|
LiquidWorm
|
|
2016-08-06
|
|
NUUO NVRmini 2 3.0.8 - Local File Disclosure
|
25 |
WEB
|
LiquidWorm
|
|
2016-08-06
|
|
NUUO NVRmini 2 3.0.8 - Cross-Site Request Forgery (Add Admin)
|
28 |
WEB
|
LiquidWorm
|
|
2016-08-06
|
|
NUUO NVRmini 2 3.0.8 - Remote Code Execution
|
30 |
WEB
|
LiquidWorm
|
|
2016-08-05
|
|
NASdeluxe NDL-2400r 2.01.09 - OS Command Injection
|
28 |
WEB
|
SySS GmbH
|
|
2016-08-05
|
|
WordPress Plugin Count Per Day 3.5.4 - Persistent Cross-Site Scripting
|
26 |
WEB
|
Julien Rentrop
|
|
2016-08-05
|
|
Davolink DV-2051 - Multiple Vulnerabilities
|
24 |
WEB
|
Eric Flokstra
|
|
2016-08-05
|
|
PHP Power Browse 1.2 - Directory Traversal
|
29 |
WEB
|
Manuel Mancera
|
|
2016-08-05
|
|
Subrion CMS 4.0.5 - SQL Injection
|
28 |
WEB
|
Vulnerability-Lab
|
|
2016-08-02
|
|
Open Upload 0.4.2 - Cross-Site Request Forgery (Add Admin)
|
31 |
WEB
|
Vinesh Redkar
|
|
2016-08-01
|
|
WordPress Plugin ALO EasyMail NewsLetter 2.9.2 - Cross-Site Request Forgery (Add/Import Arbitrary Su
|
28 |
WEB
|
Yorick Koster
|
|
2016-08-01
|
|
WordPress Plugin WP Live Chat Support 6.2.03 - Persistent Cross-Site Scripting
|
32 |
WEB
|
Dennis Kerdijk & Erwin Kievith
|
|
2016-08-01
|
|
WordPress Plugin Booking Calendar 6.2 - SQL Injection
|
26 |
WEB
|
Edwin Molenaar
|
|
2016-07-29
|
|
phpMyAdmin 4.6.2 - (Authenticated) Remote Code Execution
|
25 |
WEB
|
@iamsecurity
|
|
2016-07-29
|
|
Trend Micro Deep Discovery 3.7/3.8 SP1 (3.81)/3.8 SP2 (3.82) - 'hotfix_upload.cgi' Filename Remote C
|
34 |
WEB
|
korpritzombie
|
|
2016-07-29
|
|
WordPress Plugin Ultimate Product Catalog 3.9.8 - do_shortcode via ajax Blind SQL Injection
|
32 |
WEB
|
i0akiN SEC-LABORATORY
|
|
2016-07-29
|
|
AXIS (Multiple Products) - 'devtools ' (Authenticated) Remote Command Execution
|
30 |
WEB
|
Orwelllabs
|
|
2016-07-26
|
|
Iris ID IrisAccess ICU 7000-2 - Remote Command Execution
|
31 |
WEB
|
LiquidWorm
|
|
2016-07-26
|
|
Iris ID IrisAccess ICU 7000-2 - Multiple Vulnerabilities
|
27 |
WEB
|
LiquidWorm
|
|
2016-07-26
|
|
PHP File Vault 0.9 - Directory Traversal
|
28 |
WEB
|
N_A
|
|
2016-07-25
|
|
Micro Focus Filr 2 2.0.0.421/1.2 1.2.0.846 - Multiple Vulnerabilities
|
30 |
WEB
|
SEC Consult
|
|
2016-07-25
|
|
Bellini/Supercook Wi-Fi Yumi SC200 - Multiple Vulnerabilities
|
29 |
WEB
|
James McLean
|
|
2016-07-25
|
|
Compal CH7465LG-LC Modem/Router CH7465LG-NCIP-4.50.18.13-NOSH - Multiple Vulnerabilities
|
27 |
WEB
|
Gergely Eberhardt
|
|
2016-07-25
|
|
Hitron CGNV4 Modem/Router 4.3.9.9-SIP-UPC - Multiple Vulnerabilities
|
26 |
WEB
|
Gergely Eberhardt
|
|
2016-07-25
|
|
Technicolor TC7200 Modem/Router STD6.02.11 - Multiple Vulnerabilities
|
25 |
WEB
|
Gergely Eberhardt
|
