Blog RSSExploits RSSFacebook

WEB

Date D   Description Plat. Author
2012-08-07   Dir2web - '/system/src/dispatcher.php?oid' SQL Injection 27 WEB Daniel Correa
2012-08-04   Open Constructor - 'confirm.php?q' Cross-Site Scripting 29 WEB Lorenzo Cantoni
2012-08-04   Open Constructor - '/data/file/edit.php?result' Cross-Site Scripting 28 WEB Lorenzo Cantoni
2012-08-04   Open Constructor - '/users/users.php?keyword' Cross-Site Scripting 28 WEB Lorenzo Cantoni
2012-08-05   PolarisCMS - 'WebForm_OnSubmit()' Cross-Site Scripting 27 WEB Gjoko Krstic
2012-08-06   Joomla! Component com_photo - Multiple SQL Injections 30 WEB Chokri Ben Achor
2012-08-06   Worksforweb iAuto - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities 24 WEB Benjamin Kunz Mejri
2012-08-03   Elefant CMS - 'id' Cross-Site Scripting 26 WEB PuN!Sh3r
2012-07-30   Zenoss 3.2.1 - Multiple Vulnerabilities 29 WEB Brendan Coles
2012-07-30   Zenoss 3.2.1 - (Authenticated) Remote Command Execution 30 WEB Brendan Coles
2012-08-03   ntop - 'arbfile' Cross-Site Scripting 33 WEB Marcos Garcia
2012-08-01   tekno.Portal 0.1b - 'link.php' SQL Injection 26 WEB Socket_0x03
2012-08-02   Mahara 1.4.1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities 29 WEB anonymous
2012-08-01   WordPress Plugin G-Lock Double Opt-in Manager - SQL Injection 27 WEB BEASTIAN
2015-07-10   WordPress Plugin CP Multi View Event Calendar 1.1.7 - SQL Injection 23 WEB i0akiN SEC-LABORATORY
2015-07-10   WordPress Plugin CP Image Store with Slideshow 1.0.5 - Arbitrary File Download 29 WEB i0akiN SEC-LABORATORY
2012-08-01   ManageEngine Applications Manager - Multiple Cross-Site Scripting / SQL Injections 26 WEB Ibrahim El-Sayed
2012-08-01   Distimo Monitor - Multiple Cross-Site Scripting Vulnerabilities 29 WEB Benjamin Kunz Mejri
2012-08-01   ManageEngine Applications Manager - Multiple SQL Injections 26 WEB Ibrahim El-Sayed
2012-07-31   Limny - 'index.php' Multiple SQL Injections 27 WEB L0n3ly-H34rT
2012-07-29   eNdonesia - 'cid' SQL Injection 31 WEB Crim3R
2012-07-29   JW Player - 'playerready' Cross-Site Scripting 25 WEB MustLive
2012-07-28   phpBB - Multiple SQL Injections 27 WEB HauntIT
2012-07-31   DataWatch Monarch Business Intelligence - Multiple Input Validation Vulnerabilities 25 WEB Raymond Rizk
2012-07-30   Scrutinizer 9.0.1.19899 - HTTP Authentication Bypass 27 WEB Mario Ceballos
2012-07-30   Scrutinizer 9.0.1.19899 - Arbitrary File Upload 27 WEB Mario Ceballos
2012-07-30   Scrutinizer 9.0.1.19899 - Multiple Cross-Site Scripting Vulnerabilities 26 WEB Mario Ceballos
2012-07-29   ocPortal 7.1.5 - 'redirect' Open Redirection 28 WEB Aung Khant
2012-07-25   tekno.Portal 0.1b - 'anket.php' SQL Injection 29 WEB Socket_0x03
2012-07-25   Joomla! Component Odudeprofile 2.8 - 'profession' SQL Injection 25 WEB Daniel Barragan
2012-07-24   phpProfiles - Multiple Vulnerabilities 25 WEB L0n3ly-H34rT
2015-07-08   WordPress Plugin Easy2Map 1.24 - SQL Injection 28 WEB Larry W. Cashdollar
2015-07-08   Orchard CMS 1.7.3/1.8.2/1.9.0 - Persistent Cross-Site Scripting 27 WEB Paris Zoumpouloglou
2015-07-08   AirLive (Multiple Products) - OS Command Injection 30 WEB Core Security
2015-07-08   Grandstream GXV3275 < 1.0.3.30 - Multiple Vulnerabilities 28 WEB David Jorm
2015-07-08   WordPress Plugin WP E-Commerce Shop Styling 2.5 - Arbitrary File Download 30 WEB Larry W. Cashdollar
2015-07-08   Centreon 2.5.4 - Multiple Vulnerabilities 25 WEB Huy-Ngoc DAU
2015-07-08   AirLink101 SkyIPCam1620W - OS Command Injection 28 WEB Core Security
2015-07-08   Cradlepoint MBR1400 and MBR1200 - Local File Inclusion 25 WEB Doc_Hak
2012-07-21   WordPress Plugin chenpress - Arbitrary File Upload 27 WEB Am!r
2012-07-19   CodeIgniter 2.1 - 'xss_clean()' Filter Security Bypass 27 WEB Krzysztof Kotowicz
2012-07-20   Maian Survey - '/index.php' URI redirection / Local File Inclusion 28 WEB PuN!Sh3r
2012-07-19   Joomla! Component com_hello - 'Controller' Local File Inclusion 28 WEB AJAX Security Team
2015-07-07   D-Link DSL-2750u / DSL-2730u - (Authenticated) Local File Disclosure 28 WEB SATHISH ARTHAR
2015-07-07   phpLiteAdmin 1.1 - Multiple Vulnerabilities 26 WEB hyp3rlinx
2015-07-07   WordPress Plugin ACF Frontend Display 2.0.5 - Arbitrary File Upload 26 WEB TUNISIAN CYBER
2012-07-17   AVA VoIP - Multiple Vulnerabilities 27 WEB Ibrahim El-Sayed
2012-07-16   EmbryoCore CMS 1.03 - 'loadcss.php' Multiple Directory Traversal Vulnerabilities 31 WEB Sammy FORGIT
2012-07-16   Rama Zeiten CMS - 'download.php' Remote File Disclosure 36 WEB Sammy FORGIT
2012-07-16   web@all - 'name' Cross-Site Scripting 30 WEB Sammy FORGIT
2012-07-16   WordPress Plugin Post Recommendations - 'abspath' Remote File Inclusion 35 WEB Sammy FORGIT
2012-07-16   Simple Machines 2.0.2 - Multiple HTML Injection Vulnerabilities 30 WEB Benjamin Kunz Mejri
2015-07-06   AirDroid - Arbitrary File Upload 30 WEB Parsa Adib
2012-07-16   Event Calender PHP - Multiple Input Validation Vulnerabilities 33 WEB snup
2012-07-15   Elite Bulletin Board - Multiple SQL Injections 29 WEB ToXiC
2012-07-13   WordPress Plugin Generic - Arbitrary File Upload 29 WEB KedAns-Dz
2012-06-17   Funeral Script PHP - Cross-Site Scripting / SQL Injection 27 WEB snup
2012-07-12   Phonalisa - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities 30 WEB Benjamin Kunz Mejri
2012-07-11   Kajona - 'getAllPassedParams()' Multiple Cross-Site Scripting Vulnerabilities 32 WEB High-Tech Bridge SA
2012-07-09   Flogr - 'tag' Multiple Cross-Site Scripting Vulnerabilities 33 WEB Nafsh
2015-07-05   WordPress Plugin S3Bubble Cloud Video With Adverts & Analytics 0.7 - Arbitrary File Download 34 WEB CrashBandicot
2015-07-05   WK UDID 1.0.1 iOS - Command Injection 38 WEB Vulnerability-Lab
2012-07-09   MGB - Multiple Cross-Site Scripting / SQL Injections 33 WEB Stefan Schurtz
2012-07-09   WebsitePanel - 'ReturnUrl' Open Redirection 34 WEB Anastasios Monachos
2012-07-06   sflog! - 'section' Local File Inclusion 35 WEB dun
2012-07-05   WordPress Plugin PHPFreeChat - 'url' Cross-Site Scripting 29 WEB Sammy FORGIT
2012-07-06   WordPress Plugin Knews Multilingual Newsletters - Cross-Site Scripting 35 WEB Sammy FORGIT
2012-07-06   WordPress Plugin church_admin - 'id' Cross-Site Scripting 35 WEB Sammy FORGIT
2012-07-03   WordPress Plugin custom tables - 'key' Cross-Site Scripting 30 WEB Sammy FORGIT
2012-07-06   WordPress Plugin SocialFit - 'msg' Cross-Site Scripting 29 WEB Sammy FORGIT
2012-07-04   Classified Ads Script PHP - 'admin.php' Multiple SQL Injections 29 WEB snup
2012-07-03   PHP MBB - Cross-Site Scripting / SQL Injection 27 WEB TheCyberNuxbie
2015-07-03   CuteNews 2.0.3 - Arbitrary File Upload 29 WEB T0x!c
2012-07-02   Getsimple CMS Items Manager Plugin - 'PHP.php' Arbitrary File Upload 26 WEB Sammy FORGIT
2012-06-29   SWFupload - 'movieName' Cross-Site Scripting 30 WEB Nathan Partlan
2012-06-29   LIOOSYS CMS - SQL Injection / Information Disclosure 30 WEB MustLive
2012-06-29   JAKCMS PRO 2.2.6 - 'uploader.php' Arbitrary File Upload 30 WEB Sammy FORGIT
2012-06-28   TEMENOS T24 - Multiple Cross-Site Scripting Vulnerabilities 27 WEB Rehan Ahmed
2012-06-28   PHP-Fusion Advanced MP3 Player Infusion - 'upload.php' Arbitrary File Upload 33 WEB Sammy FORGIT
2015-07-02   WordPress Plugin Albo Pretorio Online 3.2 - Multiple Vulnerabilities 28 WEB Alessandro Cingolani
2012-06-26   DigPHP - 'dig.php' Script Remote File Disclosure 28 WEB Ryuzaki Lawlet
2012-06-27   Schoolhos CMS - HTML Injection 29 WEB the_cyber_nuxbie
2012-06-25   Umapresence - Local File Inclusion / Arbitrary File Deletion 30 WEB Sammy FORGIT
2012-06-25   FCKEditor Core - 'Editor 'spellchecker.php' Cross-Site Scripting 28 WEB Emilio Pinna
2015-07-01   D-Link DSP-W w110 v1.05b01 - Multiple Vulnerabilities 26 WEB DNO
2012-06-25   Drupal Module Drag & Drop Gallery 6.x-1.5 - 'upload.php' Arbitrary File Upload 29 WEB Sammy FORGIT
2012-06-23   WordPress Plugin Flip Book - 'PHP.php' Arbitrary File Upload 30 WEB Sammy FORGIT
2012-06-23   SilverStripe CMS Pixlr Image Editor - 'upload.php' Arbitrary File Upload 25 WEB Sammy FORGIT
2012-06-23   Amazon S3 Uploadify Script - 'Uploadify.php' Arbitrary File Upload 25 WEB Sammy FORGIT
2015-06-30   Polycom RealPresence Resource Manager < 8.4 - Multiple Vulnerabilities 31 WEB SEC Consult
2015-06-30   C2Box 4.0.0(r19171) - Cross-Site Request Forgery 28 WEB Wissam Bashour
2015-06-30   Fiyo CMS 2.0_1.9.1 - SQL Injection 30 WEB cfreer
2012-06-22   CMS Lokomedia - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities 30 WEB the_cyber_nuxbie
2012-06-22   Cotonti - 'admin.php' SQL Injection 32 WEB AkaStep
2012-06-21   Joomla! Component com_szallasok - 'id' SQL Injection 27 WEB CoBRa_21
2015-06-30   CollabNet Subversion Edge Management 4.0.11 - Local File Inclusion 31 WEB otr
2015-06-30   WedgeOS 4.0.4 - Multiple Vulnerabilities 25 WEB Security-Assessment.com
2015-06-30   Watchguard XCS 10.0 - Multiple Vulnerabilities 34 WEB Security-Assessment.com
2015-06-30   Novius 5.0.1 - Multiple Vulnerabilities 31 WEB hyp3rlinx
2012-06-21   Adiscan LogAnalyzer 3.4.3 - Cross-Site Scripting 26 WEB Sooraj K.S
2012-06-20   Coppermine Photo Gallery - 'index.php' Script SQL Injection 26 WEB Taurus Omar
2012-06-20   Commentics - 'index.php' Cross-Site Scripting 27 WEB Jean Pascal Pereira
2012-06-20   web@all - Cross-Site Scripting 29 WEB High-Tech Bridge
2012-06-19   e107 Filedownload Plugin - Arbitrary File Upload / Remote File Disclosure 30 WEB Sammy FORGIT
2012-06-19   AdaptCMS 2.0.2 - 'index.php' Script Cross-Site Scripting 27 WEB indoushka
2012-06-19   e107 Image Gallery Plugin - 'name' Remote File Disclosure 28 WEB Sammy FORGIT
2012-06-19   e107 Hupsi_fancybox Plugin - 'Uploadify.php' Arbitrary File Upload 31 WEB Sammy FORGIT
2012-06-19   CMS Balitbang - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities 29 WEB TheCyberNuxbie
2015-06-29   Huawei Home Gateway UPnP/1.0 IGD/1.00 - Password Change 30 WEB Fady Mohammed Osman
2015-06-29   Huawei Home Gateway UPnP/1.0 IGD/1.00 - Password Disclosure 28 WEB Fady Mohammed Osman
2015-06-29   DeDeCMS < 5.7-sp1 - Remote File Inclusion 32 WEB zise
2012-06-18   VANA CMS - 'index.php' Script SQL Injection 29 WEB Black Hat Group
2012-06-18   WordPress Plugin Wp-ImageZoom - 'file' Remote File Disclosure 29 WEB Sammy FORGIT
2012-06-18   WordPress Plugin LB Mixed Slideshow - 'upload.php' Arbitrary File Upload 28 WEB Sammy FORGIT
2012-06-18   Multiple WordPress Themes - 'upload.php' Arbitrary File Upload 29 WEB Sammy FORGIT
2012-06-14   Squiz CMS - Multiple Cross-Site Scripting / XML External Entity Injection Vulnerabilities 26 WEB Nadeem Salim
2012-06-16   Webify (Multiple Products) - Multiple HTML Injection / Local File Inclusions 29 WEB snup
2012-06-16   Simple Document Management System 1.1.5 - Multiple SQL Injections 27 WEB JosS
2012-06-15   Joomla! Component JCal Pro Calendar - SQL Injection 28 WEB Taurus Omar
2012-06-16   Joomla! Component Maian Media - 'uploadhandler.php' Arbitrary File Upload 27 WEB Sammy FORGIT
2012-06-15   WordPress Plugin ORGanizer - Multiple Vulnerabilities 31 WEB MustLive
2012-06-17   Joomla! Component hwdVideoShare - 'flash_upload.php' Arbitrary File Upload 30 WEB Sammy FORGIT
2012-06-14   NetArt Media Jobs Portal - SQL Injection 26 WEB Ibrahim El-Sayed
2012-06-14   Simple Forum PHP - Multiple SQL Injections 28 WEB Vulnerability Research Laboratory
2012-06-15   ADICO - 'index.php' Script SQL Injection 28 WEB Ibrahim El-Sayed