|
2012-10-23
|
|
SMF - 'view' Cross-Site Scripting
|
17 |
WEB
|
Am!r
|
|
2012-10-22
|
|
WHMCompleteSolution (WHMCS) 4.5.2 - 'googlecheckout.php' SQL Injection
|
20 |
WEB
|
Starware Security Team
|
|
2012-10-18
|
|
WordPress Plugin Wordfence Security - Cross-Site Scripting
|
22 |
WEB
|
MustLive
|
|
2012-10-19
|
|
CMS Mini 0.2.2 - 'index.php' Script Cross-Site Scripting
|
21 |
WEB
|
Netsparker
|
|
2015-08-25
|
|
Keeper IP Camera 3.2.2.10 - Authentication Bypass
|
23 |
WEB
|
RAT - ThiefKing
|
|
2012-10-18
|
|
Amateur Photographer's Image Gallery - 'fullscreen.php?albumid' SQL Injection
|
18 |
WEB
|
cr4wl3r
|
|
2012-10-18
|
|
Amateur Photographer's Image Gallery - 'plist.php?albumid' Cross-Site Scripting
|
19 |
WEB
|
cr4wl3r
|
|
2012-10-18
|
|
Amateur Photographer's Image Gallery - 'plist.php?albumid' SQL Injection
|
15 |
WEB
|
cr4wl3r
|
|
2012-10-18
|
|
Amateur Photographer's Image Gallery - 'force-download.php?File' Information Disclosure
|
17 |
WEB
|
cr4wl3r
|
|
2012-10-18
|
|
BSW Gallery - 'uploadpic.php' Arbitrary File Upload
|
20 |
WEB
|
cr4wl3r
|
|
2015-08-24
|
|
WordPress Theme GeoPlaces3 - Arbitrary File Upload
|
18 |
WEB
|
Mdn_Newbie
|
|
2015-08-24
|
|
Pligg CMS 2.0.2 - Cross-Site Request Forgery (Add Admin)
|
19 |
WEB
|
Arash Khazaei
|
|
2012-10-17
|
|
jCore - '/admin/index.php?path' Cross-Site Scripting
|
22 |
WEB
|
High-Tech Bridge
|
|
2012-10-17
|
|
WordPress Plugin Slideshow - Multiple Cross-Site Scripting Vulnerabilities
|
20 |
WEB
|
waraxe
|
|
2012-10-15
|
|
WordPress Plugin Crayon Syntax Highlighter - 'wp_load' Remote File Inclusion
|
16 |
WEB
|
Charlie Eriksen
|
|
2012-10-15
|
|
SilverStripe CMS 2.4.x - 'BackURL' Open Redirection
|
20 |
WEB
|
Aung Khant
|
|
2012-06-16
|
|
vBSEO - 'u' Cross-Site Scripting
|
16 |
WEB
|
MegaMan
|
|
2012-10-20
|
|
WebTitan - 'logs-x.php' Directory Traversal
|
17 |
WEB
|
Richard Conner
|
|
2012-01-06
|
|
SenseSites CommonSense CMS - 'article.php?id' SQL Injection
|
17 |
WEB
|
H4ckCity Security Team
|
|
2012-01-06
|
|
SenseSites CommonSense CMS - 'special.php?id' SQL Injection
|
22 |
WEB
|
H4ckCity Security Team
|
|
2012-01-06
|
|
SenseSites CommonSense CMS - 'id' SQL Injection
|
17 |
WEB
|
H4ckCity Security Team
|
|
2012-08-11
|
|
FileContral - Local File Inclusion / Local File Disclosure
|
21 |
WEB
|
Ashiyane Digital Security Team
|
|
2012-10-10
|
|
OpenX 2.8.10 - 'plugin-index.php' Cross-Site Scripting
|
18 |
WEB
|
High-Tech Bridge
|
|
2012-10-06
|
|
Open Realty - 'select_users_lang' Local File Inclusion
|
19 |
WEB
|
L0n3ly-H34rT
|
|
2012-10-08
|
|
Interspire Email Marketer - Cross-Site Scripting / HTML Injection / SQL Injection
|
18 |
WEB
|
Ibrahim El-Sayed
|
|
2012-10-05
|
|
WordPress Plugin Shopp - Multiple Vulnerabilities
|
17 |
WEB
|
T0x!c
|
|
2015-08-21
|
|
Netsweeper 4.0.8 - Authentication Bypass (via New Profile Creation)
|
15 |
WEB
|
Anastasios Monachos
|
|
2015-08-21
|
|
Netsweeper 4.0.8 - Arbitrary File Upload / Execution
|
20 |
WEB
|
Anastasios Monachos
|
|
2015-08-21
|
|
Netsweeper 3.0.6 - Authentication Bypass
|
17 |
WEB
|
Anastasios Monachos
|
|
2015-08-21
|
|
Netsweeper 4.0.9 - Arbitrary File Upload / Execution
|
17 |
WEB
|
Anastasios Monachos
|
|
2015-08-21
|
|
Netsweeper 4.0.8 - Authentication Bypass (via Disabling of IP Quarantine)
|
17 |
WEB
|
Anastasios Monachos
|
|
2015-08-21
|
|
Netsweeper 4.0.8 - SQL Injection / Authentication Bypass
|
19 |
WEB
|
Anastasios Monachos
|
|
2015-08-21
|
|
Netsweeper 4.0.4 - SQL Injection
|
18 |
WEB
|
Anastasios Monachos
|
|
2015-08-21
|
|
Netsweeper 2.6.29.8 - SQL Injection
|
18 |
WEB
|
Anastasios Monachos
|
|
2015-08-21
|
|
WordPress Plugin MDC Private Message 1.0.0 - Persistent Cross-Site Scripting
|
21 |
WEB
|
Chris Kellum
|
|
2015-08-21
|
|
WordPress Plugin Googmonify 0.8.1 - Cross-Site Scripting / Cross-Site Request Forgery
|
20 |
WEB
|
Ehsan Hosseini
|
|
2012-10-01
|
|
Omnistar Mailer - Multiple SQL Injections / HTML Injection Vulnerabilities
|
23 |
WEB
|
Vulnerability Laboratory
|
|
2012-10-02
|
|
ZenPhoto - 'admin-news-articles.php' Cross-Site Scripting
|
20 |
WEB
|
Scott Herbert
|
|
2012-10-01
|
|
WordPress Plugin Akismet - Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
Tapco Security
|
|
2012-09-30
|
|
AlamFifa CMS - 'user_name_cookie' SQL Injection
|
23 |
WEB
|
L0n3ly-H34rT
|
|
2012-10-02
|
|
Switchvox - Multiple HTML Injection Vulnerabilities
|
20 |
WEB
|
Ibrahim El-Sayed
|
|
2012-09-26
|
|
WordPress Plugin ABC Test - 'id' Cross-Site Scripting
|
21 |
WEB
|
Scott Herbert
|
|
2015-08-20
|
|
Pligg CMS 2.0.2 - Arbitrary Code Execution
|
23 |
WEB
|
Arash Khazaei
|
|
2015-08-20
|
|
Vifi Radio 1.0 - Cross-Site Request Forgery
|
21 |
WEB
|
KnocKout
|
|
2015-08-20
|
|
Aruba Mobility Controller 6.4.2.8 - Multiple Vulnerabilities
|
22 |
WEB
|
Itzik Chen
|
|
2015-08-19
|
|
up.time 7.5.0 - Upload and Execute
|
18 |
WEB
|
LiquidWorm
|
|
2015-08-19
|
|
up.time 7.5.0 - Arbitrary File Disclose and Delete
|
19 |
WEB
|
LiquidWorm
|
|
2015-08-19
|
|
up.time 7.5.0 - Cross-Site Scripting / Cross-Site Request Forgery (Add Admin)
|
22 |
WEB
|
LiquidWorm
|
|
2015-08-19
|
|
up.time 7.5.0 - Superadmin Privilege Escalation
|
16 |
WEB
|
LiquidWorm
|
|
2011-12-30
|
|
Neturf eCommerce Shopping Cart - 'searchFor' Cross-Site Scripting
|
18 |
WEB
|
farbodmahini
|
|
2012-09-22
|
|
WordPress Plugin Sexy Add Template - Cross-Site Request Forgery
|
17 |
WEB
|
the_cyber_nuxbie
|
|
2012-09-25
|
|
WordPress Plugin Token Manager - 'tid' Cross-Site Scripting
|
19 |
WEB
|
TheCyberNuxbie
|
|
2012-09-22
|
|
WordPress Core 3.4.2 - Cross-Site Request Forgery
|
19 |
WEB
|
AkaStep
|
|
2012-09-21
|
|
YCommerce - Multiple SQL Injections
|
20 |
WEB
|
Ricardo Almeida
|
|
2012-09-24
|
|
ZEN Load Balancer - Multiple Vulnerabilities
|
18 |
WEB
|
Brendan Coles
|
|
2012-09-20
|
|
WordPress Plugin MF Gig Calendar - Cross-Site Scripting
|
16 |
WEB
|
Chris Cooper
|
|
2012-09-20
|
|
Poweradmin - 'index.php' Cross-Site Scripting
|
14 |
WEB
|
Siavash
|
|
2012-09-07
|
|
WordPress Theme Purity - Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
Matan Azugi
|
|
2012-09-18
|
|
WordPress Core 3.4.2 - Multiple Path Disclosure Vulnerabilities
|
14 |
WEB
|
AkaStep
|
|
2015-08-18
|
|
WordPress Plugin WP Symposium 15.1 - 'get_album_item.php' SQL Injection
|
16 |
WEB
|
PizzaHatHacker
|
|
2015-08-18
|
|
WordPress Plugin WP Symposium 15.1 - Blind SQL Injection
|
17 |
WEB
|
dxw
|
|
2015-08-18
|
|
BigTree CMS 4.2.3 - (Authenticated) SQL Injection
|
21 |
WEB
|
Curesec Research Team
|
|
2015-08-18
|
|
CodoForum 3.3.1 - Multiple SQL Injections
|
19 |
WEB
|
Curesec Research Team
|
|
2015-08-18
|
|
PHPfileNavigator 2.3.3 - Privilege Escalation
|
20 |
WEB
|
hyp3rlinx
|
|
2015-08-18
|
|
PHPfileNavigator 2.3.3 - Cross-Site Request Forgery
|
20 |
WEB
|
hyp3rlinx
|
|
2015-08-18
|
|
PHPfileNavigator 2.3.3 - Cross-Site Scripting
|
18 |
WEB
|
hyp3rlinx
|
|
2015-08-18
|
|
Cisco Unified Communications Manager - Multiple Vulnerabilities
|
21 |
WEB
|
Bernhard Mueller
|
|
2015-08-18
|
|
vBulletin < 4.2.2 - Memcache Remote Code Execution
|
19 |
WEB
|
Joshua Rogers
|
|
2015-08-18
|
|
Magento CE < 1.9.0.1 - (Authenticated) Remote Code Execution
|
21 |
WEB
|
Ebrietas0
|
|
2015-08-17
|
|
Nuts CMS - PHP Remote Code Injection / Execution
|
22 |
WEB
|
Yakir Wizman
|
|
2012-09-18
|
|
vBulletin 4.1.12 - 'blog_plugin_useradmin.php' SQL Injection
|
22 |
WEB
|
Am!r
|
|
2012-09-18
|
|
AxisInternet VoIP Manager - Multiple Cross-Site Scripting Vulnerabilities
|
24 |
WEB
|
Benjamin Kunz Mejri
|
|
2012-09-18
|
|
TAGWORX.CMS - 'cid' SQL Injection
|
20 |
WEB
|
Crim3R
|
|
2012-09-17
|
|
minimal Gallery - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
ayastar
|
|
2012-09-15
|
|
IFOBS - 'regclientprint.jsp' Multiple HTML Injection Vulnerabilities
|
20 |
WEB
|
MustLive
|
|
2015-08-17
|
|
Sagemcom F@ST 3864 V2 - Get Admin Password
|
20 |
WEB
|
Cade Bull
|
|
2012-09-12
|
|
Atlassian Confluence 3.4.x - Error Page Cross-Site Scripting
|
20 |
WEB
|
D. Niedermaier
|
|
2012-09-11
|
|
FBDj - 'id' SQL Injection
|
21 |
WEB
|
TUNISIAN CYBER
|
|
2012-09-06
|
|
OpenFiler 2.3 - Multiple Cross-Site Scripting / Information Disclosure Vulnerabilities
|
21 |
WEB
|
Brendan Coles
|
|
2012-08-30
|
|
WordPress Plugin Download Monitor - 'dlsearch' Cross-Site Scripting
|
19 |
WEB
|
Chris Cooper
|
|
2012-09-10
|
|
DELTAScripts PHP Links - Multiple SQL Injections
|
21 |
WEB
|
L0n3ly-H34rT
|
|
2012-09-10
|
|
VICIDIAL Call Center Suite - Multiple SQL Injections
|
21 |
WEB
|
Ertebat Gostar Co
|
|
2012-09-08
|
|
Pinterestclones - Security Bypass / HTML Injection
|
18 |
WEB
|
DaOne
|
|
2012-09-06
|
|
web@all - Local File Inclusion / Multiple Arbitrary File Upload Vulnerabilities
|
17 |
WEB
|
KedAns-Dz
|
|
2012-09-05
|
|
Extcalendar 2.0 - Multiple SQL Injections / HTML Injection Vulnerabilities
|
17 |
WEB
|
Ashiyane Digital Security Team
|
|
2012-09-05
|
|
Flogr - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
High-Tech Bridge
|
|
2015-08-15
|
|
Security IP Camera Star Vision DVR - Authentication Bypass
|
16 |
WEB
|
Meisam Monsef
|
|
2015-08-15
|
|
Joomla! Component com_informations - SQL Injection
|
21 |
WEB
|
Omar
|
|
2015-08-15
|
|
Joomla! Component com_memorix - SQL Injection
|
21 |
WEB
|
Omar
|
|
2015-08-15
|
|
TOTOLINK Routers - Backdoor / Remote Code Execution
|
22 |
WEB
|
MadMouse
|
|
2015-08-15
|
|
Gkplugins Picasaweb - Download File
|
19 |
WEB
|
TMT zno
|
|
2015-08-13
|
|
Joomla! Component com_jem 2.1.4 - Multiple Vulnerabilities
|
17 |
WEB
|
Martino Sani
|
|
2015-08-13
|
|
Zend Framework 2.4.2 - PHP FPM XML eXternal Entity Injection
|
18 |
WEB
|
Dawid Golunski
|
|
2015-08-12
|
|
Printer Pro 5.4.3 IOS - Persistent Cross-Site Scripting
|
24 |
WEB
|
Taurus Omar
|
|
2015-08-12
|
|
Geoserver < 2.7.1.1 / < 2.6.4 / < 2.5.5.1 - XML External Entity
|
19 |
WEB
|
David Bloom
|
|
2015-08-10
|
|
WordPress Plugin Candidate Application Form 1.0 - Arbitrary File Download
|
21 |
WEB
|
Larry W. Cashdollar
|
|
2015-08-10
|
|
WordPress Plugin Simple Image Manipulator 1.0 - Arbitrary File Download
|
25 |
WEB
|
Larry W. Cashdollar
|
|
2015-08-10
|
|
WordPress Plugin Recent Backups 0.7 - Arbitrary File Download
|
21 |
WEB
|
Larry W. Cashdollar
|
|
2015-08-10
|
|
WordPress Plugin WPTF Image Gallery 1.03 - Arbitrary File Download
|
25 |
WEB
|
Larry W. Cashdollar
|
|
2015-08-10
|
|
WDS CMS - SQL Injection
|
22 |
WEB
|
Ismail Marzouk
|
|
2015-08-09
|
|
WordPress Plugin Video Gallery 2.7 - SQL Injection
|
24 |
WEB
|
Kacper Szurek
|
|
2015-08-07
|
|
WordPress Plugin Job Manager 0.7.22 - Persistent Cross-Site Scripting
|
22 |
WEB
|
Owais Mehtab
|
|
2015-08-07
|
|
Microweber 1.0.3 - Arbitrary File Upload / Filter Bypass / PHP Remote Code Execution
|
17 |
WEB
|
LiquidWorm
|
|
2015-08-07
|
|
Microweber 1.0.3 - Persistent Cross-Site Scripting / Cross-Site Request Forgery (Add Admin)
|
21 |
WEB
|
LiquidWorm
|
|
2015-08-07
|
|
PHP News Script 4.0.0 - SQL Injection
|
17 |
WEB
|
Meisam Monsef
|
|
2015-08-07
|
|
Froxlor Server Management Panel 0.9.33.1 - MySQL Login Information Disclosure
|
19 |
WEB
|
Dustin Dörr
|
|
2015-07-31
|
|
Netgear ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure
|
15 |
WEB
|
St0rn
|
|
2015-07-29
|
|
Tendoo CMS 1.3 - Cross-Site Scripting
|
22 |
WEB
|
Arash Khazaei
|
|
2015-07-29
|
|
JoomShopping - Blind SQL Injection
|
16 |
WEB
|
Mormoroth
|
|
2015-07-29
|
|
2Moons - Multiple Vulnerabilities
|
19 |
WEB
|
bRpsd
|
|
2015-07-29
|
|
phpFileManager 0.9.8 - Cross-Site Request Forgery
|
16 |
WEB
|
hyp3rlinx
|
|
2015-07-28
|
|
phpFileManager 0.9.8 - Remote Command Execution
|
16 |
WEB
|
hyp3rlinx
|
|
2015-07-27
|
|
Xceedium Xsuite - Multiple Vulnerabilities
|
20 |
WEB
|
modzero
|
|
2015-07-27
|
|
WordPress Plugin Count Per Day 3.4 - SQL Injection
|
17 |
WEB
|
High-Tech Bridge SA
|
|
2015-07-27
|
|
WordPress Plugin Unite Gallery Lite 1.4.6 - Multiple Vulnerabilities
|
19 |
WEB
|
Nitin Venkatesh
|
|
2015-07-27
|
|
Hawkeye-G 3.0.1.4912 - Persistent Cross-Site Scripting / Information Leakage
|
19 |
WEB
|
hyp3rlinx
|
|
2012-09-05
|
|
Kayako Fusion - 'download.php' Cross-Site Scripting
|
22 |
WEB
|
High-Tech Bridge
|
|
2012-09-04
|
|
PHPFox 3.0.1 - 'ajax.php' Multiple Cross-Site Scripting Vulnerabilities
|
16 |
WEB
|
Crim3R
|
|
2012-09-05
|
|
Cm3 CMS - 'search.asp' Multiple Cross-Site Scripting Vulnerabilities
|
20 |
WEB
|
Crim3R
|
|
2012-09-04
|
|
Sciretech (Multiple Products) - Multiple SQL Injections
|
19 |
WEB
|
AkaStep
|
|
2012-08-04
|
|
Wiki Web Help - 'configpath' Remote File Inclusion
|
16 |
WEB
|
L0n3ly-H34rT
|
|
2012-09-03
|
|
Sitemax Maestro - SQL Injection / Local File Inclusion
|
18 |
WEB
|
AkaStep
|
|
2012-08-31
|
|
SugarCRM Community Edition - Multiple Information Disclosure Vulnerabilities
|
17 |
WEB
|
Brendan Coles
|
|
2012-08-30
|
|
Crowbar - 'file' Multiple Cross-Site Scripting Vulnerabilities
|
18 |
WEB
|
Matthias Weckbecker
|
|
2012-08-30
|
|
XM Forum - 'search.asp' SQL Injection
|
22 |
WEB
|
Crim3R
|
