|
2015-08-18
|
|
PHPfileNavigator 2.3.3 - Privilege Escalation
|
7 |
WEB
|
hyp3rlinx
|
|
2015-08-18
|
|
PHPfileNavigator 2.3.3 - Cross-Site Request Forgery
|
8 |
WEB
|
hyp3rlinx
|
|
2015-08-18
|
|
PHPfileNavigator 2.3.3 - Cross-Site Scripting
|
7 |
WEB
|
hyp3rlinx
|
|
2015-08-18
|
|
Cisco Unified Communications Manager - Multiple Vulnerabilities
|
8 |
WEB
|
Bernhard Mueller
|
|
2015-08-18
|
|
vBulletin < 4.2.2 - Memcache Remote Code Execution
|
7 |
WEB
|
Joshua Rogers
|
|
2015-08-18
|
|
Magento CE < 1.9.0.1 - (Authenticated) Remote Code Execution
|
8 |
WEB
|
Ebrietas0
|
|
2015-08-17
|
|
Nuts CMS - PHP Remote Code Injection / Execution
|
9 |
WEB
|
Yakir Wizman
|
|
2012-09-18
|
|
vBulletin 4.1.12 - 'blog_plugin_useradmin.php' SQL Injection
|
9 |
WEB
|
Am!r
|
|
2012-09-18
|
|
AxisInternet VoIP Manager - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Benjamin Kunz Mejri
|
|
2012-09-18
|
|
TAGWORX.CMS - 'cid' SQL Injection
|
7 |
WEB
|
Crim3R
|
|
2012-09-17
|
|
minimal Gallery - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
ayastar
|
|
2012-09-15
|
|
IFOBS - 'regclientprint.jsp' Multiple HTML Injection Vulnerabilities
|
9 |
WEB
|
MustLive
|
|
2015-08-17
|
|
Sagemcom F@ST 3864 V2 - Get Admin Password
|
10 |
WEB
|
Cade Bull
|
|
2012-09-12
|
|
Atlassian Confluence 3.4.x - Error Page Cross-Site Scripting
|
7 |
WEB
|
D. Niedermaier
|
|
2012-09-11
|
|
FBDj - 'id' SQL Injection
|
7 |
WEB
|
TUNISIAN CYBER
|
|
2012-09-06
|
|
OpenFiler 2.3 - Multiple Cross-Site Scripting / Information Disclosure Vulnerabilities
|
6 |
WEB
|
Brendan Coles
|
|
2012-08-30
|
|
WordPress Plugin Download Monitor - 'dlsearch' Cross-Site Scripting
|
6 |
WEB
|
Chris Cooper
|
|
2012-09-10
|
|
DELTAScripts PHP Links - Multiple SQL Injections
|
6 |
WEB
|
L0n3ly-H34rT
|
|
2012-09-10
|
|
VICIDIAL Call Center Suite - Multiple SQL Injections
|
7 |
WEB
|
Ertebat Gostar Co
|
|
2012-09-08
|
|
Pinterestclones - Security Bypass / HTML Injection
|
7 |
WEB
|
DaOne
|
|
2012-09-06
|
|
web@all - Local File Inclusion / Multiple Arbitrary File Upload Vulnerabilities
|
7 |
WEB
|
KedAns-Dz
|
|
2012-09-05
|
|
Extcalendar 2.0 - Multiple SQL Injections / HTML Injection Vulnerabilities
|
6 |
WEB
|
Ashiyane Digital Security Team
|
|
2012-09-05
|
|
Flogr - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
6 |
WEB
|
High-Tech Bridge
|
|
2015-08-15
|
|
Security IP Camera Star Vision DVR - Authentication Bypass
|
6 |
WEB
|
Meisam Monsef
|
|
2015-08-15
|
|
Joomla! Component com_informations - SQL Injection
|
6 |
WEB
|
Omar
|
|
2015-08-15
|
|
Joomla! Component com_memorix - SQL Injection
|
5 |
WEB
|
Omar
|
|
2015-08-15
|
|
TOTOLINK Routers - Backdoor / Remote Code Execution
|
5 |
WEB
|
MadMouse
|
|
2015-08-15
|
|
Gkplugins Picasaweb - Download File
|
5 |
WEB
|
TMT zno
|
|
2015-08-13
|
|
Joomla! Component com_jem 2.1.4 - Multiple Vulnerabilities
|
5 |
WEB
|
Martino Sani
|
|
2015-08-13
|
|
Zend Framework 2.4.2 - PHP FPM XML eXternal Entity Injection
|
7 |
WEB
|
Dawid Golunski
|
|
2015-08-12
|
|
Printer Pro 5.4.3 IOS - Persistent Cross-Site Scripting
|
10 |
WEB
|
Taurus Omar
|
|
2015-08-12
|
|
Geoserver < 2.7.1.1 / < 2.6.4 / < 2.5.5.1 - XML External Entity
|
9 |
WEB
|
David Bloom
|
|
2015-08-10
|
|
WordPress Plugin Candidate Application Form 1.0 - Arbitrary File Download
|
9 |
WEB
|
Larry W. Cashdollar
|
|
2015-08-10
|
|
WordPress Plugin Simple Image Manipulator 1.0 - Arbitrary File Download
|
8 |
WEB
|
Larry W. Cashdollar
|
|
2015-08-10
|
|
WordPress Plugin Recent Backups 0.7 - Arbitrary File Download
|
7 |
WEB
|
Larry W. Cashdollar
|
|
2015-08-10
|
|
WordPress Plugin WPTF Image Gallery 1.03 - Arbitrary File Download
|
9 |
WEB
|
Larry W. Cashdollar
|
|
2015-08-10
|
|
WDS CMS - SQL Injection
|
9 |
WEB
|
Ismail Marzouk
|
|
2015-08-09
|
|
WordPress Plugin Video Gallery 2.7 - SQL Injection
|
10 |
WEB
|
Kacper Szurek
|
|
2015-08-07
|
|
WordPress Plugin Job Manager 0.7.22 - Persistent Cross-Site Scripting
|
6 |
WEB
|
Owais Mehtab
|
|
2015-08-07
|
|
Microweber 1.0.3 - Arbitrary File Upload / Filter Bypass / PHP Remote Code Execution
|
6 |
WEB
|
LiquidWorm
|
|
2015-08-07
|
|
Microweber 1.0.3 - Persistent Cross-Site Scripting / Cross-Site Request Forgery (Add Admin)
|
7 |
WEB
|
LiquidWorm
|
|
2015-08-07
|
|
PHP News Script 4.0.0 - SQL Injection
|
7 |
WEB
|
Meisam Monsef
|
|
2015-08-07
|
|
Froxlor Server Management Panel 0.9.33.1 - MySQL Login Information Disclosure
|
7 |
WEB
|
Dustin Dörr
|
|
2015-07-31
|
|
Netgear ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure
|
5 |
WEB
|
St0rn
|
|
2015-07-29
|
|
Tendoo CMS 1.3 - Cross-Site Scripting
|
5 |
WEB
|
Arash Khazaei
|
|
2015-07-29
|
|
JoomShopping - Blind SQL Injection
|
7 |
WEB
|
Mormoroth
|
|
2015-07-29
|
|
2Moons - Multiple Vulnerabilities
|
6 |
WEB
|
bRpsd
|
|
2015-07-29
|
|
phpFileManager 0.9.8 - Cross-Site Request Forgery
|
6 |
WEB
|
hyp3rlinx
|
|
2015-07-28
|
|
phpFileManager 0.9.8 - Remote Command Execution
|
4 |
WEB
|
hyp3rlinx
|
|
2015-07-27
|
|
Xceedium Xsuite - Multiple Vulnerabilities
|
6 |
WEB
|
modzero
|
|
2015-07-27
|
|
WordPress Plugin Count Per Day 3.4 - SQL Injection
|
6 |
WEB
|
High-Tech Bridge SA
|
|
2015-07-27
|
|
WordPress Plugin Unite Gallery Lite 1.4.6 - Multiple Vulnerabilities
|
8 |
WEB
|
Nitin Venkatesh
|
|
2015-07-27
|
|
Hawkeye-G 3.0.1.4912 - Persistent Cross-Site Scripting / Information Leakage
|
5 |
WEB
|
hyp3rlinx
|
|
2012-09-05
|
|
Kayako Fusion - 'download.php' Cross-Site Scripting
|
6 |
WEB
|
High-Tech Bridge
|
|
2012-09-04
|
|
PHPFox 3.0.1 - 'ajax.php' Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Crim3R
|
|
2012-09-05
|
|
Cm3 CMS - 'search.asp' Multiple Cross-Site Scripting Vulnerabilities
|
6 |
WEB
|
Crim3R
|
|
2012-09-04
|
|
Sciretech (Multiple Products) - Multiple SQL Injections
|
6 |
WEB
|
AkaStep
|
|
2012-08-04
|
|
Wiki Web Help - 'configpath' Remote File Inclusion
|
6 |
WEB
|
L0n3ly-H34rT
|
|
2012-09-03
|
|
Sitemax Maestro - SQL Injection / Local File Inclusion
|
6 |
WEB
|
AkaStep
|
|
2012-08-31
|
|
SugarCRM Community Edition - Multiple Information Disclosure Vulnerabilities
|
6 |
WEB
|
Brendan Coles
|
|
2012-08-30
|
|
Crowbar - 'file' Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
Matthias Weckbecker
|
|
2012-08-30
|
|
XM Forum - 'search.asp' SQL Injection
|
7 |
WEB
|
Crim3R
|
|
2012-08-30
|
|
TomatoCart - 'example_form.ajax.php' Cross-Site Scripting
|
7 |
WEB
|
HauntIT
|
|
2015-07-24
|
|
Hawkeye-G 3.0.1.4912 - Cross-Site Request Forgery
|
6 |
WEB
|
hyp3rlinx
|
|
2012-08-29
|
|
PrestaShop 1.4.7 - Multiple Cross-Site Scripting Vulnerabilities
|
6 |
WEB
|
High-Tech Bridge
|
|
2012-08-29
|
|
Phorum 5.2.18 - Multiple Cross-Site Scripting Vulnerabilities
|
6 |
WEB
|
High-Tech Bridge
|
|
2012-08-28
|
|
WordPress Plugin Simple:Press Forum - Arbitrary File Upload
|
7 |
WEB
|
Iranian Dark Coders
|
|
2012-08-28
|
|
WordPress Plugin Cloudsafe365 - 'file' Remote File Disclosure
|
6 |
WEB
|
Jan Van Niekerk
|
|
2012-08-25
|
|
Mihalism Multi Host - 'users.php' Cross-Site Scripting
|
6 |
WEB
|
Explo!ter
|
|
2012-08-25
|
|
LibGuides - Multiple Cross-Site Scripting Vulnerabilities
|
6 |
WEB
|
Crim3R
|
|
2012-08-25
|
|
Web Wiz Forums - Multiple Cross-Site Scripting Vulnerabilities
|
6 |
WEB
|
Crim3R
|
|
2012-08-25
|
|
WordPress Plugin Finder - 'order' Cross-Site Scripting
|
6 |
WEB
|
Crim3R
|
|
2012-08-25
|
|
Power-eCommerce - Multiple Cross-Site Scripting Vulnerabilities
|
6 |
WEB
|
Crim3R
|
|
2012-08-27
|
|
Joomla! Component Komento - 'cid' SQL Injection
|
7 |
WEB
|
Crim3R
|
|
2012-08-24
|
|
PHP Web Scripts Text Exchange Pro - 'page' Local File Inclusion
|
6 |
WEB
|
Yakir Wizman
|
|
2012-08-29
|
|
JW Player - 'logo.link' Cross-Site Scripting
|
8 |
WEB
|
MustLive
|
|
2015-07-21
|
|
Joomla! Component Helpdesk Pro < 1.4.0 - Multiple Vulnerabilities
|
10 |
WEB
|
Simon Rawet
|
|
2015-07-20
|
|
AirDroid iOS / Android / Win 3.1.3 - Persistent
|
11 |
WEB
|
Vulnerability-Lab
|
|
2015-07-20
|
|
phpVibe < 4.20 - Persistent Cross-Site Scripting
|
7 |
WEB
|
Filippos Mastrogiannis
|
|
2012-08-23
|
|
PHP Web Scripts Ad Manager Pro - 'page' Local File Inclusion
|
7 |
WEB
|
Corrado Liotta
|
|
2012-08-22
|
|
WordPress Plugin Monsters Editor for WP Super Edit - Arbitrary File Upload
|
6 |
WEB
|
Crim3R
|
|
2012-08-22
|
|
WordPress Plugin Rich Widget - Arbitrary File Upload
|
6 |
WEB
|
Crim3R
|
|
2012-08-23
|
|
KindEditor - 'name' Cross-Site Scripting
|
6 |
WEB
|
LiquidWorm
|
|
2012-08-23
|
|
Monstra CMS 1.2.1 - Multiple HTML Injection Vulnerabilities
|
6 |
WEB
|
LiquidWorm
|
|
2012-08-22
|
|
1024 CMS 2.1.1 - 'p' SQL Injection
|
6 |
WEB
|
kallimero
|
|
2012-08-23
|
|
SiNG cms - 'Password.php' Cross-Site Scripting
|
6 |
WEB
|
LiquidWorm
|
|
2012-08-22
|
|
Joomla! Component CiviCRM - Multiple Arbitrary File Upload Vulnerabilities
|
6 |
WEB
|
Crim3R
|
|
2012-08-22
|
|
Banana Dance - Cross-Site Scripting / SQL Injection
|
6 |
WEB
|
Canberk BOLAT
|
|
2012-08-22
|
|
OrderSys 1.6.4 - Multiple SQL Injections / Multiple Cross-Site Scripting Vulnerabilities
|
6 |
WEB
|
Canberk BOLAT
|
|
2012-08-22
|
|
Jara 1.6 - Multiple SQL Injections / Multiple Cross-Site Scripting Vulnerabilities
|
6 |
WEB
|
Canberk BOLAT
|
|
2012-08-27
|
|
IBM Rational ClearQuest 8.0 - Multiple Vulnerabilities
|
6 |
WEB
|
anonymous
|
|
2012-08-18
|
|
SaltOS - 'download.php' Cross-Site Scripting
|
6 |
WEB
|
Stefan Schurtz
|
|
2012-08-21
|
|
JPM Article Blog Script 6 - 'tid' Cross-Site Scripting
|
6 |
WEB
|
Mr.0c3aN
|
|
2012-08-17
|
|
LISTSERV 16 - 'SHOWTPL' Cross-Site Scripting
|
6 |
WEB
|
Jose Carlos de Arriba
|
|
2012-08-17
|
|
Elastix 2.2.0 - 'graph.php' Local File Inclusion
|
6 |
WEB
|
cheki
|
|
2012-08-02
|
|
WordPress Theme ShopperPress - SQL Injection / Cross-Site Scripting
|
5 |
WEB
|
Benjamin Kunz Mejri
|
|
2012-08-10
|
|
GalaxyScripts Mini File Host and DaddyScripts Daddy's File Host - Local File Inclusion
|
6 |
WEB
|
L0n3ly-H34rT
|
|
2012-08-11
|
|
MindTouch DekiWiki - Multiple Local/Remote File Inclusions
|
6 |
WEB
|
L0n3ly-H34rT
|
|
2012-08-10
|
|
mIRC - 'projects.php' Cross-Site Scripting
|
6 |
WEB
|
TayfunBasoglu
|
|
2012-08-13
|
|
Total Shop UK eCommerce CodeIgniter - Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
Chris Cooper
|
|
2012-08-09
|
|
Hotel Booking Portal 0.1 - Multiple SQL Injections / Cross-Site Scripting
|
5 |
WEB
|
Yakir Wizman
|
|
2015-07-17
|
|
WordPress Plugin BuddyPress Activity Plus 1.5 - Cross-Site Request Forgery
|
7 |
WEB
|
Tom Adams
|
|
2015-07-16
|
|
8 TOTOLINK Router Models - Backdoor Access / Remote Code Execution
|
6 |
WEB
|
Pierre Kim
|
|
2015-07-16
|
|
4 TOTOLINK Router Models - Backdoor Credentials
|
6 |
WEB
|
Pierre Kim
|
|
2015-07-16
|
|
4 TOTOLINK Router Models - Cross-Site Request Forgery / Cross-Site Scripting
|
6 |
WEB
|
Pierre Kim
|
|
2015-07-16
|
|
15 TOTOLINK Router Models - Multiple Remote Code Execution Vulnerabilities
|
6 |
WEB
|
Pierre Kim
|
|
2015-07-16
|
|
WordPress Plugin Download Manager Free 2.7.94 & Pro 4 - (Authenticated) Persistent Cross-Site Script
|
6 |
WEB
|
Filippos Mastrogiannis
|
|
2015-07-15
|
|
Kaseya Virtual System Administrator (VSA) - Multiple Vulnerabilities (1)
|
6 |
WEB
|
Pedro Ribeiro
|
|
2015-07-15
|
|
Joomla! Component com_docman - Multiple Vulnerabilities
|
6 |
WEB
|
Hugo Santiago
|
|
2012-08-08
|
|
dirLIST 0.3.0 - Local File Inclusion
|
6 |
WEB
|
L0n3ly-H34rT
|
|
2012-08-08
|
|
PBBoard - 'admin.php?xml_name' Arbitrary PHP Code Execution
|
6 |
WEB
|
High-Tech Bridge
|
|
2012-08-08
|
|
PBBoard - 'member_id' Validation Password Manipulation
|
5 |
WEB
|
High-Tech Bridge
|
|
2012-08-08
|
|
PBBoard - 'index.php' Multiple SQL Injections
|
6 |
WEB
|
High-Tech Bridge
|
|
2012-08-08
|
|
phpList 2.10.18 - 'index.php' SQL Injection
|
6 |
WEB
|
High-Tech Bridge SA
|
|
2015-07-14
|
|
sysPass 1.0.9 - SQL Injection
|
5 |
WEB
|
SySS GmbH
|
|
2015-07-14
|
|
Pimcore CMS Build 3450 - Directory Traversal
|
6 |
WEB
|
Portcullis
|
|
2015-07-13
|
|
SO Planning 1.32 - Multiple Vulnerabilities
|
6 |
WEB
|
Huy-Ngoc DAU
|
|
2015-07-13
|
|
WordPress Plugin CP Contact Form with Paypal 1.1.5 - Multiple Vulnerabilities
|
6 |
WEB
|
Nitin Venkatesh
|
|
2015-07-13
|
|
ZenPhoto 1.4.8 - Multiple Vulnerabilities
|
7 |
WEB
|
Tim Coen
|
|
2015-07-13
|
|
WordPress Plugin Swim Team 1.44.10777 - Arbitrary File Download
|
6 |
WEB
|
Larry W. Cashdollar
|
|
2015-07-13
|
|
ArticleFR 3.0.6 - Multiple Vulnerabilities
|
6 |
WEB
|
LiquidWorm
|
|
2015-07-13
|
|
phpVibe - Arbitrary File Disclosure
|
6 |
WEB
|
ali ahmady
|
|
2015-07-13
|
|
Arab Portal 3 - SQL Injection
|
6 |
WEB
|
ali ahmady
|
|
2015-07-13
|
|
FreiChat 9.6 - SQL Injection
|
6 |
WEB
|
Kacper Szurek
|
|
2012-08-08
|
|
AraDown - 'id' SQL Injection
|
6 |
WEB
|
G-B
|
