|
2016-07-11
|
|
Tiki Wiki 15.1 - File Upload (Metasploit)
|
30 |
WEB
|
Mehmet Ince
|
|
2016-07-11
|
|
IPS Community Suite 4.1.12.3 - PHP Code Injection
|
23 |
WEB
|
Egidio Romano
|
|
2016-07-11
|
|
WordPress Plugin Activity Log 2.3.1 - Persistent Cross-Site Scripting
|
22 |
WEB
|
Han Sahin
|
|
2016-07-11
|
|
WordPress Plugin All in One SEO Pack 2.3.6.1 - Persistent Cross-Site Scripting
|
26 |
WEB
|
David Vaartjes
|
|
2016-07-11
|
|
Belkin AC1200 Router Firmware 1.00.27 - Authentication Bypass
|
27 |
WEB
|
Gregory Smiley
|
|
2016-07-11
|
|
Tiki Wiki CMS 15.0 - Arbitrary File Download
|
27 |
WEB
|
Kacper Szurek
|
|
2016-07-08
|
|
Streamo Online Radio And TV Streaming CMS - SQL Injection
|
25 |
WEB
|
N4TuraL
|
|
2016-07-08
|
|
CyberPower Systems PowerPanel 3.1.2 - XML External Entity Out-Of-Band Data Retrieval
|
31 |
WEB
|
LiquidWorm
|
|
2016-07-08
|
|
PHP Real Estate Script 3 - Arbitrary File Disclosure
|
30 |
WEB
|
Meisam Monsef
|
|
2016-07-08
|
|
WordPress Plugin Lazy Content Slider 3.4 - Cross-Site Request Forgery (Add Catetory)
|
16 |
WEB
|
Persian Hack Team
|
|
2016-07-07
|
|
OPAC KpwinSQL - Multiple Vulnerabilities
|
23 |
WEB
|
Yakir Wizman
|
|
2016-07-06
|
|
OpenFire 3.10.2 < 4.0.1 - Multiple Vulnerabilities
|
29 |
WEB
|
Sysdream
|
|
2016-07-06
|
|
PaKnPost Pro 1.14 - Multiple Vulnerabilities
|
29 |
WEB
|
Edvin Rustemagic_ Grega Preseren
|
|
2016-07-06
|
|
Advanced Webhost Billing System (AWBS) 2.9.6 - Multiple Vulnerabilities
|
25 |
WEB
|
Bikramaditya Guha
|
|
2016-07-06
|
|
24online SMS_2500i 8.3.6 build 9.0 - SQL Injection
|
32 |
WEB
|
Rahul Raz
|
|
2016-07-06
|
|
CIMA DocuClass ECM - Multiple Vulnerabilities
|
31 |
WEB
|
Karn Ganeshen
|
|
2016-07-04
|
|
eCardMAX 10.5 - Multiple Vulnerabilities
|
27 |
WEB
|
Bikramaditya Guha
|
|
2016-07-04
|
|
WebCalendar 1.2.7 - Multiple Vulnerabilities
|
28 |
WEB
|
hyp3rlinx
|
|
2016-07-04
|
|
WordPress Plugin Real3D FlipBook - Multiple Vulnerabilities
|
27 |
WEB
|
Mukarram Khalid
|
|
2016-07-07
|
|
Tiki Wiki 15.1 - File Upload
|
25 |
WEB
|
Ivan Ivanovic
|
|
2016-07-04
|
|
Ktools Photostore 4.7.5 - Multiple Vulnerabilities
|
23 |
WEB
|
Yakir Wizman
|
|
2016-07-04
|
|
XpoLog Center 6 - Remote Command Execution / Cross-Site Request Forgery
|
21 |
WEB
|
LiquidWorm
|
|
2016-07-01
|
|
Phoenix Exploit Kit - Remote Code Execution
|
20 |
WEB
|
CrashBandicot
|
|
2016-06-30
|
|
Ktools Photostore 4.7.5 - Blind SQL Injection
|
18 |
WEB
|
Gal Goldshtein & Viktor Minin
|
|
2016-06-29
|
|
Concrete5 CMS 5.7.3.1 - 'Application::dispatch' Method Local File Inclusion
|
23 |
WEB
|
Egidio Romano
|
|
2016-06-29
|
|
Ubiquiti Administration Portal - Remote Command Execution (via Cross-Site Request Forgery)
|
26 |
WEB
|
KoreLogic
|
|
2016-06-29
|
|
WordPress Plugin Ultimate Membership Pro 3.3 - SQL Injection
|
27 |
WEB
|
wp0Day.com
|
|
2016-06-29
|
|
Symantec Endpoint Protection Manager 12.1 - Multiple Vulnerabilities
|
25 |
WEB
|
hyp3rlinx
|
|
2016-06-28
|
|
Untangle NGFW 12.1.0 Beta - 'execEvil()' Command Injection
|
22 |
WEB
|
Matt Bush
|
|
2016-06-27
|
|
Riverbed SteelCentral NetProfiler & NetExpress 10.8.7 - Multiple Vulnerabilities
|
27 |
WEB
|
Security-Assessment.com
|
|
2016-06-27
|
|
SugarCRM 6.5.18 - PHP Code Injection
|
26 |
WEB
|
Egidio Romano
|
|
2016-06-27
|
|
BigTree CMS 4.2.11 - SQL Injection
|
26 |
WEB
|
Mehmet Ince
|
|
2016-06-27
|
|
iBilling 3.7.0 - Persistent Cross-Site Scripting / Reflected Cross-Site Scripting
|
22 |
WEB
|
Bikramaditya Guha
|
|
2016-06-27
|
|
My Little Forum 2.3.5 - PHP Command Injection
|
24 |
WEB
|
hyp3rlinx
|
|
2016-06-27
|
|
Kagao 3.0 - Multiple Vulnerabilities
|
24 |
WEB
|
N4TuraL
|
|
2016-06-27
|
|
Option CloudGate CG0192-11897 - Multiple Vulnerabilities
|
23 |
WEB
|
LiquidWorm
|
|
2016-06-27
|
|
CodoForum 3.4 - Persistent Cross-Site Scripting
|
23 |
WEB
|
Ahmed Sherif
|
|
2016-06-27
|
|
OPAC KpwinSQL - SQL Injection
|
25 |
WEB
|
bRpsd
|
|
2016-06-27
|
|
WordPress Plugin Ultimate Product Catalog 3.8.6 - Arbitrary File Upload
|
24 |
WEB
|
i0akiN SEC-LABORATORY
|
|
2016-06-23
|
|
FinderView - Multiple Vulnerabilities
|
24 |
WEB
|
HaHwul
|
|
2016-06-23
|
|
XuezhuLi FileSharing - Cross-Site Request Forgery (Add User)
|
21 |
WEB
|
HaHwul
|
|
2016-06-23
|
|
XuezhuLi FileSharing - Directory Traversal
|
24 |
WEB
|
HaHwul
|
|
2016-06-23
|
|
Getsimple CMS 3.3.10 - Arbitrary File Upload
|
25 |
WEB
|
s0nk3y
|
|
2016-06-23
|
|
Alibaba Clone B2B Script - Arbitrary File Disclosure
|
25 |
WEB
|
Meisam Monsef
|
|
2016-06-21
|
|
YetiForce CRM < 3.1 - Persistent Cross-Site Scripting
|
22 |
WEB
|
David Silveiro
|
|
2016-06-21
|
|
Radiant CMS 1.1.3 - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
David Silveiro
|
|
2016-06-21
|
|
SAP NetWeaver AS JAVA 7.1 < 7.5 - Directory Traversal
|
22 |
WEB
|
ERPScan
|
|
2016-06-21
|
|
SAP NetWeaver AS JAVA 7.1 < 7.5 - 'ctcprotocol Servlet' XML External Entity
|
22 |
WEB
|
ERPScan
|
|
2016-06-21
|
|
Joomla! Component com_publisher - SQL Injection
|
20 |
WEB
|
s0nk3y
|
|
2016-06-21
|
|
Yona CMS - Cross-Site Request Forgery
|
19 |
WEB
|
s0nk3y
|
|
2016-06-21
|
|
IonizeCMS 1.0.8 - Cross-Site Request Forgery (Add Admin)
|
24 |
WEB
|
s0nk3y
|
|
2016-06-20
|
|
Symphony CMS 2.6.7 - Session Fixation
|
20 |
WEB
|
hyp3rlinx
|
|
2016-06-20
|
|
Airia - Arbitrary File Upload
|
18 |
WEB
|
HaHwul
|
|
2016-06-20
|
|
Airia - Cross-Site Request Forgery (Add Content)
|
24 |
WEB
|
HaHwul
|
|
2016-06-20
|
|
WordPress Plugin Premium SEO Pack 1.9.1.3 - wp_options Overwrite
|
29 |
WEB
|
wp0Day.com
|
|
2016-06-20
|
|
Joomla! Component com_bt_media 1.0 - SQL Injection
|
17 |
WEB
|
Persian Hack Team
|
|
2016-06-20
|
|
sNews CMS 1.7.1 - Multiple Vulnerabilities
|
25 |
WEB
|
hyp3rlinx
|
|
2016-06-20
|
|
WordPress Plugin Ultimate Product Catalog 3.8.1 - Privilege Escalation
|
22 |
WEB
|
i0akiN SEC-LABORATORY
|
|
2016-06-17
|
|
phpATM 1.32 - Multiple Vulnerabilities
|
23 |
WEB
|
Paolo Massenio
|
|
2016-06-17
|
|
phpATM 1.32 (Windows) - Arbitrary File Upload / Remote Command Execution
|
24 |
WEB
|
Paolo Massenio
|
|
2016-06-17
|
|
Vicidial 2.11 - Scripts Persistent Cross-Site Scripting
|
26 |
WEB
|
David Silveiro
|
|
2016-06-17
|
|
WordPress Plugin Gravity Forms 1.8.19 - Arbitrary File Upload
|
22 |
WEB
|
Abk Khan
|
|
2016-06-16
|
|
Gemalto Sentinel License Manager 18.0.1.55505 - Directory Traversal
|
20 |
WEB
|
LiquidWorm
|
|
2016-06-16
|
|
Tiki Wiki CMS Calendar 6.15/9.11 LTS/12.5 LTS/14.2 - Remote Code Execution
|
21 |
WEB
|
Dany Ouellet
|
|
2016-06-16
|
|
SlimCMS 0.1 - Cross-Site Request Forgery (Change Admin Password)
|
25 |
WEB
|
Avinash Thapa
|
|
2016-06-16
|
|
Roxy Fileman 1.4.4 - Arbitrary File Upload
|
22 |
WEB
|
Tyrell Sassen
|
|
2016-06-16
|
|
ATCOM PBX IP01 / IP08 / IP4 / IP2G4A - Authentication Bypass
|
22 |
WEB
|
i-Hmx
|
|
2016-06-15
|
|
PHPLive 4.4.8 < 4.5.4 - Password Recovery SQL Injection
|
24 |
WEB
|
Tiago Carvalho
|
|
2016-06-15
|
|
jbFileManager - Directory Traversal
|
23 |
WEB
|
HaHwul
|
|
2016-06-15
|
|
BookingWizz Booking System < 5.5 - Multiple Vulnerabilities
|
18 |
WEB
|
Mehmet Ince
|
|
2016-06-15
|
|
Joomla! Component com_enmasse 5.1 < 6.4 - SQL Injection
|
20 |
WEB
|
Hamed Izadi
|
|
2016-06-15
|
|
Dokeos 2.2.1 - Blind SQL Injection
|
20 |
WEB
|
Mormoroth
|
|
2016-06-15
|
|
Hyperoptic (Tilgin) Router HG23xx - Multiple Vulnerabilities
|
21 |
WEB
|
LiquidWorm
|
|
2016-06-15
|
|
w2wiki - Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
HaHwul
|
|
2016-06-15
|
|
Ultrabenosaurus ChatBoard - Cross-Site Request Forgery (Send Message)
|
19 |
WEB
|
HaHwul
|
|
2016-06-15
|
|
Ultrabenosaurus ChatBoard - Persistent Cross-Site Scripting
|
20 |
WEB
|
HaHwul
|
|
2016-06-14
|
|
WordPress Plugin Social Stream 1.5.15 - wp_options Overwrite
|
35 |
WEB
|
wp0Day.com
|
|
2016-06-13
|
|
Zabbix 2.2 < 3.0.3 - API JSON-RPC Remote Code Execution
|
21 |
WEB
|
Alexander Gurin
|
|
2016-06-13
|
|
Joomla! Component com_payplans 3.3.6 - SQL Injection
|
19 |
WEB
|
Persian Hack Team
|
|
2016-06-13
|
|
Grid Gallery 1.0 - Admin Panel Authentication Bypass
|
21 |
WEB
|
Ali BawazeEer
|
|
2016-06-13
|
|
Dream Gallery 2.0 - Admin Panel Authentication Bypass
|
20 |
WEB
|
Ali BawazeEer
|
|
2016-06-13
|
|
Viart Shopping Cart 5.0 - Cross-Site Request Forgery / Arbitrary File Upload
|
18 |
WEB
|
Ali Ghanbari
|
|
2016-06-13
|
|
FRticket Ticket System - Persistent Cross-Site Scripting
|
22 |
WEB
|
Hamit Abis
|
|
2016-06-10
|
|
phpMyFAQ 2.9.0 - Persistent Cross-Site Scripting
|
26 |
WEB
|
Kacper Szurek
|
|
2016-06-10
|
|
miniMySQLAdmin 1.1.3 - Cross-Site Request Forgery (SQL Execution)
|
29 |
WEB
|
HaHwul
|
|
2016-06-10
|
|
Mobiketa 1.0 - Cross-Site Request Forgery (Add Admin)
|
23 |
WEB
|
Murat Yilmazlar
|
|
2016-06-10
|
|
Dell OpenManage Server Administrator 8.3 - XML External Entity
|
21 |
WEB
|
hantwister
|
|
2016-06-08
|
|
Drale DBTableViewer 100123 - Blind SQL Injection
|
23 |
WEB
|
HaHwul
|
|
2016-06-07
|
|
Cisco EPC 3928 - Multiple Vulnerabilities
|
18 |
WEB
|
Patryk Bogdan
|
|
2016-06-06
|
|
Nagios XI 5.2.7 - Multiple Vulnerabilities
|
21 |
WEB
|
Security-Assessment.com
|
|
2016-06-06
|
|
rConfig 3.1.1 - Local File Inclusion
|
23 |
WEB
|
Gregory Pickett
|
|
2016-06-06
|
|
Notilus Travel Solution Software 2012 R3 - SQL Injection
|
23 |
WEB
|
Alex Haynes
|
|
2016-06-06
|
|
WordPress Plugin Double Opt-In for Download 2.0.9 - SQL Injection
|
23 |
WEB
|
Kacper Szurek
|
|
2016-06-06
|
|
WordPress Theme Uncode 1.3.1 - Arbitrary File Upload
|
21 |
WEB
|
wp0Day.com
|
|
2016-06-06
|
|
WordPress Theme Newspaper 6.7.1 - Privilege Escalation
|
21 |
WEB
|
wp0Day.com
|
|
2016-06-06
|
|
WordPress Plugin WP PRO Advertising System 4.6.18 - SQL Injection
|
19 |
WEB
|
wp0Day.com
|
|
2016-06-06
|
|
WordPress Theme Creative Multi-Purpose 9.1.3 - Persistent Cross-Site Scripting
|
21 |
WEB
|
wp0Day.com
|
|
2016-06-06
|
|
WordPress Plugin WP Mobile Detector 3.5 - Arbitrary File Upload
|
20 |
WEB
|
Aaditya Purani
|
|
2016-06-06
|
|
Electroweb Online Examination System 1.0 - SQL Injection
|
18 |
WEB
|
Ali Ghanbari
|
|
2016-06-06
|
|
ArticleSetup 1.00 - Cross-Site Request Forgery (Change Admin Password)
|
19 |
WEB
|
Ali Ghanbari
|
|
2016-06-06
|
|
Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Command Injection (Shellshock)
|
20 |
WEB
|
lastc0de
|
|
2016-06-06
|
|
Apache Continuum 1.4.2 - Multiple Vulnerabilities
|
19 |
WEB
|
David Shanahan
|
|
2016-06-06
|
|
Dream Gallery 1.0 - Cross-Site Request Forgery (Add Admin)
|
22 |
WEB
|
Ali Ghanbari
|
|
2016-06-06
|
|
WordPress Plugin Simple Backup 2.7.11 - Multiple Vulnerabilities
|
24 |
WEB
|
PizzaHatHacker
|
|
2016-06-02
|
|
Relay Ajax Directory Manager relayb01-071706/1.5.1/1.5.3 - Arbitrary File Upload
|
22 |
WEB
|
RedTeam Pentesting GmbH
|
|
2016-06-02
|
|
Liferay CE < 6.2 CE GA6 - Persistent Cross-Site Scripting
|
18 |
WEB
|
Fernando Câmara
|
|
2016-06-02
|
|
Joomla! Component SecurityCheck 2.8.9 - Multiple Vulnerabilities
|
23 |
WEB
|
ADEO Security
|
|
2016-06-01
|
|
AjaxExplorer 1.10.3.2 - Multiple Vulnerabilities
|
23 |
WEB
|
hyp3rlinx
|
|
2016-05-31
|
|
ProcessMaker 3.0.1.7 - Multiple Vulnerabilities
|
22 |
WEB
|
Mickael Dorigny
|
|
2016-05-31
|
|
AirOS NanoStation M2 5.6-beta - Multiple Vulnerabilities
|
20 |
WEB
|
Pablo Rebolini
|
|
2016-05-31
|
|
Flatpress 1.0.3 - Cross-Site Request Forgery / Arbitrary File Upload
|
23 |
WEB
|
LiquidWorm
|
|
2016-05-30
|
|
Open Source Real Estate Script 3.6.0 - SQL Injection
|
32 |
WEB
|
Meisam Monsef
|
|
2016-05-27
|
|
PHP Realestate Script Script 4.9.0 - SQL Injection
|
25 |
WEB
|
Meisam Monsef
|
|
2016-05-26
|
|
EduSec 4.2.5 - SQL Injection
|
24 |
WEB
|
Bikramaditya Guha
|
|
2016-05-26
|
|
Real Estate Portal 4.1 - Multiple Vulnerabilities
|
22 |
WEB
|
Bikramaditya Guha
|
|
2016-05-24
|
|
AfterLogic WebMail Pro ASP.NET 6.2.6 - Administrator Account Disclosure via XML External Entity Inje
|
29 |
WEB
|
Mehmet Ince
|
|
2016-05-23
|
|
XenAPI 1.4.1 for XenForo - Multiple SQL Injections
|
23 |
WEB
|
Julien Ahrens
|
|
2016-05-23
|
|
WordPress Plugin Job Script by Scubez - Remote Code Execution
|
25 |
WEB
|
Bikramaditya Guha
|
|
2016-05-19
|
|
SAP NetWeaver AS JAVA 7.1 < 7.5 - Information Disclosure
|
24 |
WEB
|
ERPScan
|
|
2016-05-19
|
|
SAP NetWeaver AS JAVA 7.1 < 7.5 - SQL Injection
|
27 |
WEB
|
ERPScan
|
|
2016-05-18
|
|
Magento < 2.0.6 - Arbitrary Unserialize / Arbitrary Write File
|
28 |
WEB
|
agix
|
|
2016-05-17
|
|
SAP xMII 15.0 - Directory Traversal
|
33 |
WEB
|
ERPScan
|
|
2016-05-17
|
|
Meteocontrol WEB’log - Admin Password Disclosure (Metasploit)
|
24 |
WEB
|
Karn Ganeshen
|
|
2016-05-16
|
|
Web2py 2.14.5 - Multiple Vulnerabilities
|
21 |
WEB
|
Narendra Bhati
|
|
2016-05-16
|
|
Web Interface for DNSmasq / Mikrotik - SQL Injection
|
23 |
WEB
|
hyp3rlinx
|
