|
2013-06-25
|
|
Barnraiser Prairie - 'get_file.php' Directory Traversal
|
15 |
WEB
|
prairie
|
|
2013-06-24
|
|
FtpLocate - HTML Injection
|
14 |
WEB
|
Chako
|
|
2013-06-19
|
|
Joomla! Component com_rokdownloads - Arbitrary File Upload
|
17 |
WEB
|
Am!r
|
|
2013-06-18
|
|
et-chat - Privilege Escalation / Arbitrary File Upload
|
15 |
WEB
|
MR.XpR
|
|
2013-06-17
|
|
BloofoxCMS - 'index.php' Arbitrary File Upload
|
19 |
WEB
|
CWH Underground
|
|
2013-06-12
|
|
WordPress Plugin NextGEN Gallery - 'upload.php' Arbitrary File Upload
|
17 |
WEB
|
Marcos Garcia
|
|
2015-10-30
|
|
Oxwall 1.7.4 - Cross-Site Request Forgery
|
16 |
WEB
|
High-Tech Bridge SA
|
|
2015-10-30
|
|
Pligg CMS 2.0.2 - Cross-Site Request Forgery / Code Execution
|
13 |
WEB
|
Curesec Research Team
|
|
2015-10-30
|
|
Pligg CMS 2.0.2 - Directory Traversal
|
16 |
WEB
|
Curesec Research Team
|
|
2015-10-30
|
|
Pligg CMS 2.0.2 - Multiple SQL Injections
|
15 |
WEB
|
Curesec Research Team
|
|
2015-10-30
|
|
Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution
|
16 |
WEB
|
Dolev Farhi
|
|
2015-10-30
|
|
PHP Server Monitor 3.1.1 - Cross-Site Request Forgery / Privilege Escalation
|
15 |
WEB
|
hyp3rlinx
|
|
2015-10-30
|
|
eBay Magento 1.9.2.1 - PHP FPM XML eXternal Entity Injection
|
11 |
WEB
|
Dawid Golunski
|
|
2015-10-30
|
|
PHP Server Monitor 3.1.1 - Multiple Cross-Site Request Forgery Vulnerabilities
|
15 |
WEB
|
hyp3rlinx
|
|
2013-06-11
|
|
mkCMS - 'index.php' Arbitrary PHP Code Execution
|
16 |
WEB
|
CWH Underground
|
|
2013-06-10
|
|
ScriptCase - 'scelta_categoria.php' SQL Injection
|
13 |
WEB
|
Hossein Hezami
|
|
2013-06-10
|
|
Lokboard - 'index_4.php' PHP Code Injection
|
12 |
WEB
|
CWH Underground
|
|
2013-06-09
|
|
WordPress Theme Ambience - 'src' Cross-Site Scripting
|
15 |
WEB
|
Darksnipper
|
|
2013-06-09
|
|
Max Forum - Multiple Vulnerabilities
|
12 |
WEB
|
CWH Underground
|
|
2015-10-29
|
|
Joomla! Component com_jnews 8.5.1 - SQL Injection
|
16 |
WEB
|
Omer Ramić
|
|
2013-06-10
|
|
HP Insight Diagnostics 9.4.0.4710 - Local File Inclusion
|
15 |
WEB
|
Markus Wulftange
|
|
2013-06-10
|
|
HP Insight Diagnostics - Remote Code Injection
|
15 |
WEB
|
Markus Wulftange
|
|
2013-06-07
|
|
Caucho Resin - 'index.php?logout' Cross-Site Scripting
|
12 |
WEB
|
Gjoko Krstic
|
|
2013-06-07
|
|
Caucho Resin - '/resin-admin/' URI Cross-Site Scripting
|
10 |
WEB
|
Gjoko Krstic
|
|
2015-10-28
|
|
Sagem FAST3304-V2 - Authentication Bypass (2)
|
16 |
WEB
|
Soufiane Alami Hassani
|
|
2015-10-28
|
|
JIRA and HipChat for JIRA Plugin - Velocity Template Injection
|
18 |
WEB
|
Chris Wood
|
|
2013-06-05
|
|
QNAP VioStor NVR / QNAP NAS - Remote Code Execution
|
14 |
WEB
|
Tim Herres
|
|
2013-06-03
|
|
Telaen - Information Disclosure
|
14 |
WEB
|
Manuel García Cárdenas
|
|
2013-06-04
|
|
CMS Gratis Indonesia - 'config.php' PHP Code Injection
|
16 |
WEB
|
CWH Underground
|
|
2013-06-04
|
|
Telaen 2.7.x - Open Redirection
|
13 |
WEB
|
Manuel García Cárdenas
|
|
2013-06-04
|
|
Telaen 2.7.x - Cross-Site Scripting
|
12 |
WEB
|
Manuel García Cárdenas
|
|
2013-05-28
|
|
Elastix - Multiple Cross-Site Scripting Vulnerabilities
|
14 |
WEB
|
cheki
|
|
2012-05-31
|
|
PHP4dvd - 'config.php' PHP Code Injection
|
17 |
WEB
|
CWH Underground
|
|
2013-05-27
|
|
WordPress Plugin ADIF Log Search Widget - 'logbook_search.php' Cross-Site Scripting
|
17 |
WEB
|
k3170makan
|
|
2015-10-26
|
|
Joomla! 3.2.x < 3.4.4 - SQL Injection
|
14 |
WEB
|
Manish Tanwar
|
|
2015-10-23
|
|
Joomla! Component Realtyna RPL 8.9.2 - Persistent Cross-Site Scripting / Cross-Site Request Forgery
|
15 |
WEB
|
Bikramaditya Guha
|
|
2015-10-23
|
|
Joomla! Component Realtyna RPL 8.9.2 - Multiple SQL Injections
|
16 |
WEB
|
Bikramaditya Guha
|
|
2015-10-23
|
|
Subrion 3.x - Multiple Vulnerabilities
|
15 |
WEB
|
bRpsd
|
|
2013-05-24
|
|
Matterdaddy Market - Multiple Vulnerabilities
|
16 |
WEB
|
KedAns-Dz
|
|
2013-05-23
|
|
Weyal CMS - Multiple SQL Injections
|
14 |
WEB
|
XroGuE
|
|
2013-05-16
|
|
WordPress Plugin WP Cleanfix - Cross-Site Request Forgery
|
17 |
WEB
|
Enigma Ideas
|
|
2013-05-15
|
|
Jojo CMS - 'x-forwarded-for' HTTP header SQL Injection
|
14 |
WEB
|
High-Tech Bridge SA
|
|
2013-05-15
|
|
Jojo CMS - 'search' Cross-Site Scripting
|
14 |
WEB
|
High-Tech Bridge SA
|
|
2013-05-16
|
|
WordPress Plugin Mail On Update - Cross-Site Request Forgery
|
12 |
WEB
|
Henri Salo
|
|
2013-05-14
|
|
Open Flash Chart - 'get-data' Cross-Site Scripting
|
15 |
WEB
|
Deepankar Arora
|
|
2013-05-15
|
|
WordPress Plugin wp-FileManager - 'path' Arbitrary File Download
|
13 |
WEB
|
ByEge
|
|
2015-10-22
|
|
Beckhoff CX9020 CPU Module - Remote Code Execution
|
14 |
WEB
|
Photubias
|
|
2013-05-14
|
|
Gallery Server Pro - Arbitrary File Upload
|
20 |
WEB
|
Drew Calcott
|
|
2013-05-11
|
|
WordPress Plugin Securimage-WP - 'siwp_test.php' Cross-Site Scripting
|
16 |
WEB
|
Gjoko Krstic
|
|
2013-05-10
|
|
Securimage - 'example_form.php' Cross-Site Scripting
|
17 |
WEB
|
Gjoko Krstic
|
|
2013-05-07
|
|
MyBB Game Section Plugin - 'games.php' Multiple Cross-Site Scripting Vulnerabilities
|
16 |
WEB
|
anonymous
|
|
2013-05-07
|
|
NetApp OnCommand System Manager - '/zapiServlet' User Management Interface Multiple Cross-Site Scrip
|
18 |
WEB
|
M. Heinzl
|
|
2013-05-07
|
|
NetApp OnCommand System Manager - '/zapiServlet' CIFS Configuration Management Interface Multiple Cr
|
15 |
WEB
|
M. Heinzl
|
|
2013-04-27
|
|
PHPValley Micro Jobs Site Script - Spoofing
|
14 |
WEB
|
Jason Whelan
|
|
2015-10-19
|
|
RealtyScript 4.0.2 - Multiple Blind SQL Injections
|
13 |
WEB
|
LiquidWorm
|
|
2015-10-19
|
|
RealtyScript 4.0.2 - Multiple Cross-Site Request Forgery / Persistent Cross-Site Scripting Vulnerabi
|
18 |
WEB
|
LiquidWorm
|
|
2013-04-24
|
|
WordPress Plugin WP Super Cache - PHP Remote Code Execution
|
14 |
WEB
|
anonymous
|
|
2013-04-23
|
|
SMF - '/index.php' HTML Injection / Multiple PHP Code Injection Vulnerabilities
|
14 |
WEB
|
Jakub Galczyk
|
|
2015-10-19
|
|
Belkin N150 Router 1.00.08/1.00.09 - Directory Traversal
|
14 |
WEB
|
Rahul Pratap Singh
|
|
2013-04-21
|
|
WordPress Theme Colormix - Multiple Vulnerabilities
|
13 |
WEB
|
MustLive
|
|
2015-10-18
|
|
WordPress Plugin Ajax Load More < 2.8.2 - Arbitrary File Upload
|
13 |
WEB
|
PizzaHatHacker
|
|
2013-04-19
|
|
Crafty Syntax Live Help 3.1.2 - Remote File Inclusion / Full Path Disclosure
|
14 |
WEB
|
ITTIHACK
|
|
2013-04-18
|
|
Fork CMS - 'js.php' Local File Inclusion
|
15 |
WEB
|
Rafay Baloch
|
|
2013-03-06
|
|
Matrix42 Service Store - 'default.aspx' Cross-Site Scripting
|
16 |
WEB
|
43zsec
|
|
2013-04-17
|
|
Sosci Survey - Multiple Vulnerabilities
|
15 |
WEB
|
T. Lazauninkas
|
|
2013-04-14
|
|
Todoo Forum 2.0 - 'todooforum.php' Multiple SQL Injections
|
16 |
WEB
|
Chiekh Bouchenafa
|
|
2013-04-14
|
|
Todoo Forum 2.0 - 'todooforum.php' Multiple Cross-Site Scripting Vulnerabilities
|
17 |
WEB
|
Chiekh Bouchenafa
|
|
2015-10-15
|
|
PROLiNK H5004NK ADSL Wireless Modem - Multiple Vulnerabilities
|
17 |
WEB
|
Karn Ganeshen
|
|
2015-10-15
|
|
netis RealTek Wireless Router / ADSL Modem - Multiple Vulnerabilities
|
16 |
WEB
|
Karn Ganeshen
|
|
2013-04-13
|
|
Aibolit - Information Disclosure
|
14 |
WEB
|
MustLive
|
|
2013-04-10
|
|
Hero Framework - '/users/forgot_password?error' Cross-Site Scripting
|
13 |
WEB
|
High-Tech Bridge
|
|
2013-04-10
|
|
Hero Framework - '/users/login?Username' Cross-Site Scripting
|
14 |
WEB
|
High-Tech Bridge
|
|
2013-03-29
|
|
jPlayer - 'Jplayer.swf' Script Cross-Site Scripting
|
9 |
WEB
|
Malte Batram
|
|
2013-04-11
|
|
Request Tracker - 'ShowPending' SQL Injection
|
14 |
WEB
|
cheki
|
|
2013-04-11
|
|
WordPress Plugin Spider Video Player - 'theme' SQL Injection
|
11 |
WEB
|
Ashiyane Digital Security Team
|
|
2015-10-14
|
|
ZYXEL PMG5318-B20A - OS Command Injection
|
15 |
WEB
|
Karn Ganeshen
|
|
2015-10-13
|
|
Kerio Control 8.6.1 - Multiple Vulnerabilities
|
12 |
WEB
|
Raschin Tavakoli
|
|
2015-10-13
|
|
Netgear Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities
|
13 |
WEB
|
Karn Ganeshen
|
|
2015-10-13
|
|
F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - Directory Traversal
|
14 |
WEB
|
Karn Ganeshen
|
|
2015-10-11
|
|
Dream CMS 2.3.0 - Cross-Site Request Forgery (Add Extension) / Arbitrary File Upload / PHP Code Exec
|
14 |
WEB
|
LiquidWorm
|
|
2015-10-11
|
|
Joomla! Component com_realestatemanager 3.7 - SQL Injection
|
15 |
WEB
|
Omer Ramić
|
|
2015-10-11
|
|
Liferay 6.1.0 CE - Privilege Escalation
|
12 |
WEB
|
Massimo De Luca
|
|
2013-04-10
|
|
WordPress Plugin Spiffy XSPF Player - 'playlist_id' SQL Injection
|
17 |
WEB
|
Ashiyane Digital Security Team
|
|
2013-04-09
|
|
phpMyAdmin - 'tbl_gis_visualization.php' Multiple Cross-Site Scripting Vulnerabilities
|
12 |
WEB
|
waraxe
|
|
2013-04-09
|
|
WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting
|
15 |
WEB
|
Beni_Vanda
|
|
2013-04-09
|
|
EasyPHP - '/index.php' Authentication Bypass / Remote PHP Code Injection
|
11 |
WEB
|
KedAns-Dz
|
|
2013-04-05
|
|
Zimbra - 'aspell.php' Cross-Site Scripting
|
12 |
WEB
|
Michael Scherer
|
|
2013-04-05
|
|
PHP Address Book - '/addressbook/register/admin_index.php?q' SQL Injection
|
12 |
WEB
|
Jurgen Voorneveld
|
|
2013-04-05
|
|
PHP Address Book - '/addressbook/register/checklogin.php?Username' SQL Injection
|
9 |
WEB
|
Jurgen Voorneveld
|
|
2013-04-05
|
|
PHP Address Book - '/addressbook/register/user_add_save.php?email' SQL Injection
|
10 |
WEB
|
Jurgen Voorneveld
|
|
2013-04-05
|
|
PHP Address Book - '/addressbook/register/traffic.php?var' SQL Injection
|
11 |
WEB
|
Jurgen Voorneveld
|
|
2013-04-05
|
|
PHP Address Book - '/addressbook/register/router.php?BasicLogin' Cookie SQL Injection
|
9 |
WEB
|
Jurgen Voorneveld
|
|
2013-04-05
|
|
PHP Address Book - '/addressbook/register/reset_password_save.php' Multiple SQL Injections
|
9 |
WEB
|
Jurgen Voorneveld
|
|
2013-04-05
|
|
PHP Address Book - '/addressbook/register/reset_password.php' Multiple SQL Injections
|
9 |
WEB
|
Jurgen Voorneveld
|
|
2013-04-05
|
|
PHP Address Book - '/addressbook/register/linktick.php?site' SQL Injection
|
10 |
WEB
|
Jurgen Voorneveld
|
|
2013-04-05
|
|
PHP Address Book - '/addressbook/register/edit_user_save.php' Multiple SQL Injections
|
11 |
WEB
|
Jurgen Voorneveld
|
|
2013-04-05
|
|
PHP Address Book - '/addressbook/register/edit_user.php?id' SQL Injection
|
11 |
WEB
|
Jurgen Voorneveld
|
|
2013-04-05
|
|
PHP Address Book - '/addressbook/register/delete_user.php?id' SQL Injection
|
13 |
WEB
|
Jurgen Voorneveld
|
|
2015-10-08
|
|
Kallithea 0.2.9 - 'came_from' HTTP Response Splitting
|
8 |
WEB
|
LiquidWorm
|
|
2013-04-03
|
|
FUDforum - Multiple Remote PHP Code Injection Vulnerabilities
|
10 |
WEB
|
High-Tech Bridge
|
|
2013-04-03
|
|
Symphony - 'sort' SQL Injection
|
9 |
WEB
|
High-Tech Bridge
|
|
2013-04-03
|
|
e107 - 'content_preset.php' Cross-Site Scripting
|
11 |
WEB
|
Simon Bieber
|
|
2013-04-03
|
|
C2 WebResource - 'File' Cross-Site Scripting
|
10 |
WEB
|
anonymous
|
|
2013-03-30
|
|
WordPress Plugin Feedweb - 'wp_post_id' Cross-Site Scripting
|
11 |
WEB
|
Stefan Schurtz
|
|
2013-03-27
|
|
OrionDB Web Directory - Multiple Cross-Site Scripting Vulnerabilities
|
16 |
WEB
|
3spi0n
|
|
2015-10-07
|
|
Zope Management Interface 4.3.7 - Cross-Site Request Forgery
|
14 |
WEB
|
hyp3rlinx
|
|
2013-03-25
|
|
WordPress Plugin Banners Lite - 'wpbanners_show.php' HTML Injection
|
12 |
WEB
|
Fernando A. Lagos B
|
|
2015-10-06
|
|
ZTE ZXHN H108N Router - Configuration Disclosure
|
13 |
WEB
|
Todor Donev
|
|
2013-03-23
|
|
Jaow CMS - 'add_ons' Cross-Site Scripting
|
13 |
WEB
|
Metropolis
|
|
2015-10-06
|
|
GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution
|
17 |
WEB
|
Raffaele Forte
|
|
2015-10-06
|
|
PHP-Fusion 7.02.07 - Blind SQL Injection
|
11 |
WEB
|
Manuel García Cárdenas
|
|
2015-10-05
|
|
Alienvault Open Source SIEM (OSSIM) 4.3 - Cross-Site Request Forgery
|
13 |
WEB
|
MohamadReza Mohajerani
|
|
2015-10-05
|
|
ManageEngine ServiceDesk Plus 9.1 build 9110 - Directory Traversal
|
14 |
WEB
|
xistence
|
|
2013-03-19
|
|
WordPress Plugin Occasions - Cross-Site Request Forgery
|
13 |
WEB
|
m3tamantra
|
|
2013-03-14
|
|
Petite Annonce - Cross-Site Scripting
|
13 |
WEB
|
Metropolis
|
|
2013-03-11
|
|
PHPBoost - Arbitrary File Upload / Information Disclosure
|
14 |
WEB
|
KedAns-Dz
|
|
2013-03-11
|
|
KindEditor - Multiple Arbitrary File Upload Vulnerabilities
|
13 |
WEB
|
KedAns-Dz
|
|
2015-10-02
|
|
ElasticSearch 1.6.0 - Arbitrary File Download
|
14 |
WEB
|
Pedro Andujar
|
|
2015-10-02
|
|
FTGate 7 - Cross-Site Request Forgery
|
12 |
WEB
|
hyp3rlinx
|
|
2015-10-02
|
|
FTGate 2009 Build 6.4.00 - Multiple Vulnerabilities
|
10 |
WEB
|
hyp3rlinx
|
|
2013-03-11
|
|
Privoxy Proxy - Authentication Information Disclosure
|
11 |
WEB
|
Chris John Riley
|
|
2013-03-11
|
|
WordPress Plugin podPress - 'playerID' Cross-Site Scripting
|
14 |
WEB
|
hiphop
|
|
2013-03-10
|
|
Asteriskguru Queue Statistics - 'warning' Cross-Site Scripting
|
9 |
WEB
|
Manuel García Cárdenas
|
|
2013-03-10
|
|
SWFupload - Multiple Content Spoofing / Cross-Site Scripting Vulnerabilities
|
13 |
WEB
|
MustLive
|
|
2013-03-08
|
|
WordPress Plugin Terillion Reviews - Profile Id HTML Injection
|
14 |
WEB
|
Aditya Balapure
|
