|
2012-08-30
|
|
TomatoCart - 'example_form.ajax.php' Cross-Site Scripting
|
20 |
WEB
|
HauntIT
|
|
2015-07-24
|
|
Hawkeye-G 3.0.1.4912 - Cross-Site Request Forgery
|
18 |
WEB
|
hyp3rlinx
|
|
2012-08-29
|
|
PrestaShop 1.4.7 - Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
High-Tech Bridge
|
|
2012-08-29
|
|
Phorum 5.2.18 - Multiple Cross-Site Scripting Vulnerabilities
|
18 |
WEB
|
High-Tech Bridge
|
|
2012-08-28
|
|
WordPress Plugin Simple:Press Forum - Arbitrary File Upload
|
20 |
WEB
|
Iranian Dark Coders
|
|
2012-08-28
|
|
WordPress Plugin Cloudsafe365 - 'file' Remote File Disclosure
|
19 |
WEB
|
Jan Van Niekerk
|
|
2012-08-25
|
|
Mihalism Multi Host - 'users.php' Cross-Site Scripting
|
14 |
WEB
|
Explo!ter
|
|
2012-08-25
|
|
LibGuides - Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
Crim3R
|
|
2012-08-25
|
|
Web Wiz Forums - Multiple Cross-Site Scripting Vulnerabilities
|
18 |
WEB
|
Crim3R
|
|
2012-08-25
|
|
WordPress Plugin Finder - 'order' Cross-Site Scripting
|
19 |
WEB
|
Crim3R
|
|
2012-08-25
|
|
Power-eCommerce - Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
Crim3R
|
|
2012-08-27
|
|
Joomla! Component Komento - 'cid' SQL Injection
|
20 |
WEB
|
Crim3R
|
|
2012-08-24
|
|
PHP Web Scripts Text Exchange Pro - 'page' Local File Inclusion
|
16 |
WEB
|
Yakir Wizman
|
|
2012-08-29
|
|
JW Player - 'logo.link' Cross-Site Scripting
|
16 |
WEB
|
MustLive
|
|
2015-07-21
|
|
Joomla! Component Helpdesk Pro < 1.4.0 - Multiple Vulnerabilities
|
25 |
WEB
|
Simon Rawet
|
|
2015-07-20
|
|
AirDroid iOS / Android / Win 3.1.3 - Persistent
|
25 |
WEB
|
Vulnerability-Lab
|
|
2015-07-20
|
|
phpVibe < 4.20 - Persistent Cross-Site Scripting
|
24 |
WEB
|
Filippos Mastrogiannis
|
|
2012-08-23
|
|
PHP Web Scripts Ad Manager Pro - 'page' Local File Inclusion
|
19 |
WEB
|
Corrado Liotta
|
|
2012-08-22
|
|
WordPress Plugin Monsters Editor for WP Super Edit - Arbitrary File Upload
|
19 |
WEB
|
Crim3R
|
|
2012-08-22
|
|
WordPress Plugin Rich Widget - Arbitrary File Upload
|
23 |
WEB
|
Crim3R
|
|
2012-08-23
|
|
KindEditor - 'name' Cross-Site Scripting
|
19 |
WEB
|
LiquidWorm
|
|
2012-08-23
|
|
Monstra CMS 1.2.1 - Multiple HTML Injection Vulnerabilities
|
17 |
WEB
|
LiquidWorm
|
|
2012-08-22
|
|
1024 CMS 2.1.1 - 'p' SQL Injection
|
20 |
WEB
|
kallimero
|
|
2012-08-23
|
|
SiNG cms - 'Password.php' Cross-Site Scripting
|
18 |
WEB
|
LiquidWorm
|
|
2012-08-22
|
|
Joomla! Component CiviCRM - Multiple Arbitrary File Upload Vulnerabilities
|
18 |
WEB
|
Crim3R
|
|
2012-08-22
|
|
Banana Dance - Cross-Site Scripting / SQL Injection
|
20 |
WEB
|
Canberk BOLAT
|
|
2012-08-22
|
|
OrderSys 1.6.4 - Multiple SQL Injections / Multiple Cross-Site Scripting Vulnerabilities
|
17 |
WEB
|
Canberk BOLAT
|
|
2012-08-22
|
|
Jara 1.6 - Multiple SQL Injections / Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
Canberk BOLAT
|
|
2012-08-27
|
|
IBM Rational ClearQuest 8.0 - Multiple Vulnerabilities
|
17 |
WEB
|
anonymous
|
|
2012-08-18
|
|
SaltOS - 'download.php' Cross-Site Scripting
|
19 |
WEB
|
Stefan Schurtz
|
|
2012-08-21
|
|
JPM Article Blog Script 6 - 'tid' Cross-Site Scripting
|
16 |
WEB
|
Mr.0c3aN
|
|
2012-08-17
|
|
LISTSERV 16 - 'SHOWTPL' Cross-Site Scripting
|
19 |
WEB
|
Jose Carlos de Arriba
|
|
2012-08-17
|
|
Elastix 2.2.0 - 'graph.php' Local File Inclusion
|
18 |
WEB
|
cheki
|
|
2012-08-02
|
|
WordPress Theme ShopperPress - SQL Injection / Cross-Site Scripting
|
17 |
WEB
|
Benjamin Kunz Mejri
|
|
2012-08-10
|
|
GalaxyScripts Mini File Host and DaddyScripts Daddy's File Host - Local File Inclusion
|
18 |
WEB
|
L0n3ly-H34rT
|
|
2012-08-11
|
|
MindTouch DekiWiki - Multiple Local/Remote File Inclusions
|
16 |
WEB
|
L0n3ly-H34rT
|
|
2012-08-10
|
|
mIRC - 'projects.php' Cross-Site Scripting
|
16 |
WEB
|
TayfunBasoglu
|
|
2012-08-13
|
|
Total Shop UK eCommerce CodeIgniter - Multiple Cross-Site Scripting Vulnerabilities
|
18 |
WEB
|
Chris Cooper
|
|
2012-08-09
|
|
Hotel Booking Portal 0.1 - Multiple SQL Injections / Cross-Site Scripting
|
15 |
WEB
|
Yakir Wizman
|
|
2015-07-17
|
|
WordPress Plugin BuddyPress Activity Plus 1.5 - Cross-Site Request Forgery
|
22 |
WEB
|
Tom Adams
|
|
2015-07-16
|
|
8 TOTOLINK Router Models - Backdoor Access / Remote Code Execution
|
21 |
WEB
|
Pierre Kim
|
|
2015-07-16
|
|
4 TOTOLINK Router Models - Backdoor Credentials
|
21 |
WEB
|
Pierre Kim
|
|
2015-07-16
|
|
4 TOTOLINK Router Models - Cross-Site Request Forgery / Cross-Site Scripting
|
20 |
WEB
|
Pierre Kim
|
|
2015-07-16
|
|
15 TOTOLINK Router Models - Multiple Remote Code Execution Vulnerabilities
|
22 |
WEB
|
Pierre Kim
|
|
2015-07-16
|
|
WordPress Plugin Download Manager Free 2.7.94 & Pro 4 - (Authenticated) Persistent Cross-Site Script
|
19 |
WEB
|
Filippos Mastrogiannis
|
|
2015-07-15
|
|
Kaseya Virtual System Administrator (VSA) - Multiple Vulnerabilities (1)
|
20 |
WEB
|
Pedro Ribeiro
|
|
2015-07-15
|
|
Joomla! Component com_docman - Multiple Vulnerabilities
|
20 |
WEB
|
Hugo Santiago
|
|
2012-08-08
|
|
dirLIST 0.3.0 - Local File Inclusion
|
20 |
WEB
|
L0n3ly-H34rT
|
|
2012-08-08
|
|
PBBoard - 'admin.php?xml_name' Arbitrary PHP Code Execution
|
17 |
WEB
|
High-Tech Bridge
|
|
2012-08-08
|
|
PBBoard - 'member_id' Validation Password Manipulation
|
17 |
WEB
|
High-Tech Bridge
|
|
2012-08-08
|
|
PBBoard - 'index.php' Multiple SQL Injections
|
21 |
WEB
|
High-Tech Bridge
|
|
2012-08-08
|
|
phpList 2.10.18 - 'index.php' SQL Injection
|
16 |
WEB
|
High-Tech Bridge SA
|
|
2015-07-14
|
|
sysPass 1.0.9 - SQL Injection
|
16 |
WEB
|
SySS GmbH
|
|
2015-07-14
|
|
Pimcore CMS Build 3450 - Directory Traversal
|
23 |
WEB
|
Portcullis
|
|
2015-07-13
|
|
SO Planning 1.32 - Multiple Vulnerabilities
|
18 |
WEB
|
Huy-Ngoc DAU
|
|
2015-07-13
|
|
WordPress Plugin CP Contact Form with Paypal 1.1.5 - Multiple Vulnerabilities
|
16 |
WEB
|
Nitin Venkatesh
|
|
2015-07-13
|
|
ZenPhoto 1.4.8 - Multiple Vulnerabilities
|
18 |
WEB
|
Tim Coen
|
|
2015-07-13
|
|
WordPress Plugin Swim Team 1.44.10777 - Arbitrary File Download
|
19 |
WEB
|
Larry W. Cashdollar
|
|
2015-07-13
|
|
ArticleFR 3.0.6 - Multiple Vulnerabilities
|
16 |
WEB
|
LiquidWorm
|
|
2015-07-13
|
|
phpVibe - Arbitrary File Disclosure
|
17 |
WEB
|
ali ahmady
|
|
2015-07-13
|
|
Arab Portal 3 - SQL Injection
|
19 |
WEB
|
ali ahmady
|
|
2015-07-13
|
|
FreiChat 9.6 - SQL Injection
|
19 |
WEB
|
Kacper Szurek
|
|
2012-08-08
|
|
AraDown - 'id' SQL Injection
|
16 |
WEB
|
G-B
|
|
2012-08-08
|
|
phpList 2.10.18 - 'unconfirmed' Cross-Site Scripting
|
19 |
WEB
|
High-Tech Bridge SA
|
|
2012-08-08
|
|
ConcourseSuite - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities
|
22 |
WEB
|
Matthew Joyce
|
|
2015-07-13
|
|
phpSQLiteCMS - Multiple Vulnerabilities
|
20 |
WEB
|
hyp3rlinx
|
|
2012-08-07
|
|
Getsimple CMS 3.1.2 - 'path' Local File Inclusion
|
18 |
WEB
|
PuN!Sh3r
|
|
2012-08-07
|
|
PBBoard - Authentication Bypass
|
18 |
WEB
|
i-Hmx
|
|
2012-08-07
|
|
TCExam 11.2.x - '/admin/code/tce_edit_question.php?subject_module_id' SQL Injection
|
17 |
WEB
|
Chris Cooper
|
|
2012-08-07
|
|
TCExam 11.2.x - '/admin/code/tce_edit_answer.php' Multiple SQL Injections
|
19 |
WEB
|
Chris Cooper
|
|
2012-08-06
|
|
YT-Videos Script - 'id' SQL Injection
|
16 |
WEB
|
3spi0n
|
|
2012-08-05
|
|
Mibew Messenger 1.6.4 - 'threadid' SQL Injection
|
20 |
WEB
|
Ucha Gobejishvili
|
|
2012-08-07
|
|
Dir2web - '/system/src/dispatcher.php?oid' SQL Injection
|
16 |
WEB
|
Daniel Correa
|
|
2012-08-04
|
|
Open Constructor - 'confirm.php?q' Cross-Site Scripting
|
21 |
WEB
|
Lorenzo Cantoni
|
|
2012-08-04
|
|
Open Constructor - '/data/file/edit.php?result' Cross-Site Scripting
|
17 |
WEB
|
Lorenzo Cantoni
|
|
2012-08-04
|
|
Open Constructor - '/users/users.php?keyword' Cross-Site Scripting
|
16 |
WEB
|
Lorenzo Cantoni
|
|
2012-08-05
|
|
PolarisCMS - 'WebForm_OnSubmit()' Cross-Site Scripting
|
18 |
WEB
|
Gjoko Krstic
|
|
2012-08-06
|
|
Joomla! Component com_photo - Multiple SQL Injections
|
21 |
WEB
|
Chokri Ben Achor
|
|
2012-08-06
|
|
Worksforweb iAuto - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
|
15 |
WEB
|
Benjamin Kunz Mejri
|
|
2012-08-03
|
|
Elefant CMS - 'id' Cross-Site Scripting
|
18 |
WEB
|
PuN!Sh3r
|
|
2012-07-30
|
|
Zenoss 3.2.1 - Multiple Vulnerabilities
|
18 |
WEB
|
Brendan Coles
|
|
2012-07-30
|
|
Zenoss 3.2.1 - (Authenticated) Remote Command Execution
|
21 |
WEB
|
Brendan Coles
|
|
2012-08-03
|
|
ntop - 'arbfile' Cross-Site Scripting
|
24 |
WEB
|
Marcos Garcia
|
|
2012-08-01
|
|
tekno.Portal 0.1b - 'link.php' SQL Injection
|
16 |
WEB
|
Socket_0x03
|
|
2012-08-02
|
|
Mahara 1.4.1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
|
21 |
WEB
|
anonymous
|
|
2012-08-01
|
|
WordPress Plugin G-Lock Double Opt-in Manager - SQL Injection
|
18 |
WEB
|
BEASTIAN
|
|
2015-07-10
|
|
WordPress Plugin CP Multi View Event Calendar 1.1.7 - SQL Injection
|
14 |
WEB
|
i0akiN SEC-LABORATORY
|
|
2015-07-10
|
|
WordPress Plugin CP Image Store with Slideshow 1.0.5 - Arbitrary File Download
|
19 |
WEB
|
i0akiN SEC-LABORATORY
|
|
2012-08-01
|
|
ManageEngine Applications Manager - Multiple Cross-Site Scripting / SQL Injections
|
18 |
WEB
|
Ibrahim El-Sayed
|
|
2012-08-01
|
|
Distimo Monitor - Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
Benjamin Kunz Mejri
|
|
2012-08-01
|
|
ManageEngine Applications Manager - Multiple SQL Injections
|
17 |
WEB
|
Ibrahim El-Sayed
|
|
2012-07-31
|
|
Limny - 'index.php' Multiple SQL Injections
|
18 |
WEB
|
L0n3ly-H34rT
|
|
2012-07-29
|
|
eNdonesia - 'cid' SQL Injection
|
20 |
WEB
|
Crim3R
|
|
2012-07-29
|
|
JW Player - 'playerready' Cross-Site Scripting
|
17 |
WEB
|
MustLive
|
|
2012-07-28
|
|
phpBB - Multiple SQL Injections
|
19 |
WEB
|
HauntIT
|
|
2012-07-31
|
|
DataWatch Monarch Business Intelligence - Multiple Input Validation Vulnerabilities
|
17 |
WEB
|
Raymond Rizk
|
|
2012-07-30
|
|
Scrutinizer 9.0.1.19899 - HTTP Authentication Bypass
|
18 |
WEB
|
Mario Ceballos
|
|
2012-07-30
|
|
Scrutinizer 9.0.1.19899 - Arbitrary File Upload
|
19 |
WEB
|
Mario Ceballos
|
|
2012-07-30
|
|
Scrutinizer 9.0.1.19899 - Multiple Cross-Site Scripting Vulnerabilities
|
15 |
WEB
|
Mario Ceballos
|
|
2012-07-29
|
|
ocPortal 7.1.5 - 'redirect' Open Redirection
|
18 |
WEB
|
Aung Khant
|
|
2012-07-25
|
|
tekno.Portal 0.1b - 'anket.php' SQL Injection
|
20 |
WEB
|
Socket_0x03
|
|
2012-07-25
|
|
Joomla! Component Odudeprofile 2.8 - 'profession' SQL Injection
|
16 |
WEB
|
Daniel Barragan
|
|
2012-07-24
|
|
phpProfiles - Multiple Vulnerabilities
|
15 |
WEB
|
L0n3ly-H34rT
|
|
2015-07-08
|
|
WordPress Plugin Easy2Map 1.24 - SQL Injection
|
19 |
WEB
|
Larry W. Cashdollar
|
|
2015-07-08
|
|
Orchard CMS 1.7.3/1.8.2/1.9.0 - Persistent Cross-Site Scripting
|
18 |
WEB
|
Paris Zoumpouloglou
|
|
2015-07-08
|
|
AirLive (Multiple Products) - OS Command Injection
|
19 |
WEB
|
Core Security
|
|
2015-07-08
|
|
Grandstream GXV3275 < 1.0.3.30 - Multiple Vulnerabilities
|
20 |
WEB
|
David Jorm
|
|
2015-07-08
|
|
WordPress Plugin WP E-Commerce Shop Styling 2.5 - Arbitrary File Download
|
20 |
WEB
|
Larry W. Cashdollar
|
|
2015-07-08
|
|
Centreon 2.5.4 - Multiple Vulnerabilities
|
17 |
WEB
|
Huy-Ngoc DAU
|
|
2015-07-08
|
|
AirLink101 SkyIPCam1620W - OS Command Injection
|
18 |
WEB
|
Core Security
|
|
2015-07-08
|
|
Cradlepoint MBR1400 and MBR1200 - Local File Inclusion
|
16 |
WEB
|
Doc_Hak
|
|
2012-07-21
|
|
WordPress Plugin chenpress - Arbitrary File Upload
|
16 |
WEB
|
Am!r
|
|
2012-07-19
|
|
CodeIgniter 2.1 - 'xss_clean()' Filter Security Bypass
|
17 |
WEB
|
Krzysztof Kotowicz
|
|
2012-07-20
|
|
Maian Survey - '/index.php' URI redirection / Local File Inclusion
|
21 |
WEB
|
PuN!Sh3r
|
|
2012-07-19
|
|
Joomla! Component com_hello - 'Controller' Local File Inclusion
|
18 |
WEB
|
AJAX Security Team
|
|
2015-07-07
|
|
D-Link DSL-2750u / DSL-2730u - (Authenticated) Local File Disclosure
|
16 |
WEB
|
SATHISH ARTHAR
|
|
2015-07-07
|
|
phpLiteAdmin 1.1 - Multiple Vulnerabilities
|
18 |
WEB
|
hyp3rlinx
|
|
2015-07-07
|
|
WordPress Plugin ACF Frontend Display 2.0.5 - Arbitrary File Upload
|
17 |
WEB
|
TUNISIAN CYBER
|
|
2012-07-17
|
|
AVA VoIP - Multiple Vulnerabilities
|
20 |
WEB
|
Ibrahim El-Sayed
|
|
2012-07-16
|
|
EmbryoCore CMS 1.03 - 'loadcss.php' Multiple Directory Traversal Vulnerabilities
|
23 |
WEB
|
Sammy FORGIT
|
|
2012-07-16
|
|
Rama Zeiten CMS - 'download.php' Remote File Disclosure
|
28 |
WEB
|
Sammy FORGIT
|
|
2012-07-16
|
|
web@all - 'name' Cross-Site Scripting
|
21 |
WEB
|
Sammy FORGIT
|
|
2012-07-16
|
|
WordPress Plugin Post Recommendations - 'abspath' Remote File Inclusion
|
25 |
WEB
|
Sammy FORGIT
|
|
2012-07-16
|
|
Simple Machines 2.0.2 - Multiple HTML Injection Vulnerabilities
|
21 |
WEB
|
Benjamin Kunz Mejri
|
|
2015-07-06
|
|
AirDroid - Arbitrary File Upload
|
21 |
WEB
|
Parsa Adib
|
