|
2011-09-02
|
|
Mambo Component N-Myndir - SQL Injection
|
8 |
WEB
|
CoBRa_21
|
|
2011-09-02
|
|
Mambo Component N-Frettir - SQL Injection
|
8 |
WEB
|
CoBRa_21
|
|
2011-09-02
|
|
KaiBB 2.0.1 - SQL Injection / Arbitrary File Upload
|
8 |
WEB
|
KedAns-Dz
|
|
2011-09-02
|
|
Mambo Component N-Press - SQL Injection
|
6 |
WEB
|
CoBRa_21
|
|
2015-02-18
|
|
D-Link DSL-2640B ADSL Router - 'ddnsmngr' Remote DNS Change
|
8 |
WEB
|
Todor Donev
|
|
2011-09-02
|
|
Mambo Component Ahsshop - SQL Injection
|
6 |
WEB
|
CoBRa_21
|
|
2011-09-02
|
|
Mambo Component N-Gallery - SQL Injection
|
6 |
WEB
|
CoBRa_21
|
|
2015-02-17
|
|
GuppY CMS 5.0.9 < 5.00.10 - Multiple Cross-Site Request Forgery Vulnerabilities
|
7 |
WEB
|
Brandon Murphy
|
|
2015-02-17
|
|
Guppy CMS 5.0.9/5.00.10 - Authentication Bypass/Change Email
|
8 |
WEB
|
Brandon Murphy
|
|
2011-09-02
|
|
Mambo Component N-Skyrslur - Cross-Site Scripting
|
8 |
WEB
|
CoBRa_21
|
|
2011-08-31
|
|
Web Professional - 'default.php' SQL Injection
|
7 |
WEB
|
The_Exploited
|
|
2011-08-31
|
|
S9Y Serendipity 1.5.1 - 'research_display.php' SQL Injection
|
8 |
WEB
|
The_Exploited
|
|
2011-08-31
|
|
TinyWebGallery 1.8.4 - Local File Inclusion / SQL Injection
|
8 |
WEB
|
KedAns-Dz
|
|
2011-08-30
|
|
CS-Cart 2.2.1 - 'products.php' SQL Injection
|
9 |
WEB
|
Net.Edit0r
|
|
2011-08-30
|
|
IBM Open Admin Tool 2.71 - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
Sumit Kumar Soni
|
|
2011-08-29
|
|
ClickCMS - Denial of Service / CAPTCHA Bypass
|
9 |
WEB
|
MustLive
|
|
2015-02-16
|
|
eTouch SamePage 4.4.0.0.239 - Multiple Vulnerabilities
|
9 |
WEB
|
Brandon Perry
|
|
2015-02-16
|
|
WordPress Plugin Fancybox 3.0.2 - Persistent Cross-Site Scripting
|
8 |
WEB
|
NULLpOint7r
|
|
2015-02-16
|
|
WordPress Plugin WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting
|
9 |
WEB
|
Kacper Szurek
|
|
2011-08-27
|
|
phpWebSite 1.7.1 - 'mod.php' SQL Injection
|
8 |
WEB
|
Ehsan_Hp200
|
|
2011-08-26
|
|
Mambo 4.6.5 - 'index.php' Cross-Site Request Forgery
|
9 |
WEB
|
Caddy-Dz
|
|
2011-08-25
|
|
Simple Machines Forum (SMF) 1.1.14/2.0 - '[img]' BBCode Tag Cross-Site Request Forgery
|
9 |
WEB
|
Christian Yerena
|
|
2011-08-25
|
|
Zazavi 1.2.1 - '/FileManager/Controller.php' Arbitrary File Upload
|
9 |
WEB
|
KedAns-Dz
|
|
2011-08-24
|
|
VicBlog - 'tag' SQL Injection
|
9 |
WEB
|
Eyup CELIK
|
|
2011-08-24
|
|
Tourismscripts Hotel Portal - 'hotel_city' HTML Injection
|
9 |
WEB
|
Eyup CELIK
|
|
2011-08-24
|
|
CommodityRentals Real Estate Script - 'txtsearch' HTML Injection
|
7 |
WEB
|
Eyup CELIK
|
|
2011-08-23
|
|
Open Classifieds 1.7.2 - Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Yassin Aboukir
|
|
2011-08-22
|
|
Concrete 5.4.1 1 - 'rcID' Cross-Site Scripting
|
7 |
WEB
|
Aung Khant
|
|
2011-08-22
|
|
TotalShopUK 1.7.2 - 'index.php' SQL Injection
|
8 |
WEB
|
Eyup CELIK
|
|
2011-08-22
|
|
Pandora FMS 3.x - 'index.php' Cross-Site Scripting
|
8 |
WEB
|
mehdi boukazoula
|
|
2011-08-21
|
|
OneFileCMS 1.1.1 - 'onefilecms.php' Cross-Site Scripting
|
8 |
WEB
|
mr.pr0n
|
|
2011-08-18
|
|
Mantis Bug Tracker 1.1.8 - Cross-Site Scripting / SQL Injection
|
9 |
WEB
|
Net.Edit0r
|
|
2011-08-18
|
|
Adobe ColdFusion - 'probe.cfm' Cross-Site Scripting
|
7 |
WEB
|
G.R0b1n
|
|
2011-08-17
|
|
Code Widgets Multiple Question - Multiple Choice Online Questionnaire SQL Injections
|
7 |
WEB
|
L0rd CrusAd3r
|
|
2011-08-17
|
|
Code Widgets DataBound Collapsible Menu - 'main.asp' SQL Injection
|
7 |
WEB
|
Inj3ct0r
|
|
2011-08-17
|
|
Code Widgets DataBound Index Style Menu - 'category.asp' SQL Injection
|
8 |
WEB
|
Inj3ct0r
|
|
2011-08-17
|
|
Code Widgets Online Job Application - 'admin.asp' Multiple SQL Injections
|
6 |
WEB
|
L0rd CrusAd3r
|
|
2015-02-13
|
|
WordPress Plugin Webdorado Spider Event Calendar 1.4.9 - SQL Injection
|
6 |
WEB
|
Mateusz Lach
|
|
2015-02-12
|
|
Exponent CMS 2.3.1 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Mayuresh Dani
|
|
2015-02-12
|
|
WordPress Plugin Video Gallery 2.7.0 - SQL Injection
|
9 |
WEB
|
Claudio Viviani
|
|
2015-02-11
|
|
IBM Endpoint Manager - Persistent Cross-Site Scripting
|
7 |
WEB
|
RedTeam Pentesting
|
|
2015-02-11
|
|
Pandora FMS 5.1 SP1 - SQL Injection
|
7 |
WEB
|
Vulnerability-Lab
|
|
2015-02-11
|
|
WordPress Plugin Survey and Poll 1.1 - Blind SQL Injection
|
7 |
WEB
|
Securely (Yoo Hee man)
|
|
2011-08-17
|
|
WordPress Plugin WP-Stats-Dashboard 2.6.5.1 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
High-Tech Bridge SA
|
|
2011-08-17
|
|
WordPress Plugin Fast Secure Contact Form 3.0.3.1 - 'index.php' Cross-Site Scripting
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2011-08-15
|
|
phpList 2.10.x - Security Bypass / Information Disclosure
|
8 |
WEB
|
Davide Canali
|
|
2011-08-15
|
|
awiki 20100125 - Multiple Local File Inclusions
|
7 |
WEB
|
muuratsalo
|
|
2011-08-17
|
|
phpWebSite - 'page_id' Cross-Site Scripting
|
8 |
WEB
|
Ehsan_Hp200
|
|
2011-08-11
|
|
PHP Flat File Guestbook 1.0 - 'ffgb_admin.php' Remote File Inclusion
|
8 |
WEB
|
RiRes Walid
|
|
2015-02-10
|
|
WordPress Plugin WP EasyCart - Unrestricted Arbitrary File Upload (Metasploit)
|
7 |
WEB
|
Metasploit
|
|
2015-02-10
|
|
LG DVR LE6016D - Remote File Disclosure
|
8 |
WEB
|
Yakir Wizman
|
|
2015-02-09
|
|
Fork CMS 3.8.5 - SQL Injection
|
8 |
WEB
|
Sven Schleier
|
|
2015-02-09
|
|
Chamilo LMS 1.9.8 - Blind SQL Injection
|
9 |
WEB
|
Kacper Szurek
|
|
2011-08-10
|
|
WordPress Plugin eShop 6.2.8 - Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2011-08-08
|
|
BlueSoft Rate My Photo Site - 'ty' SQL Injection
|
9 |
WEB
|
darkTR
|
|
2011-08-08
|
|
BlueSoft Banner Exchange - 'referer_id' SQL Injection
|
8 |
WEB
|
darkTR
|
|
2011-08-09
|
|
OpenEMR 4.0 - Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Houssam Sahli
|
|
2011-08-08
|
|
Search Network 2.0 - 'query' Cross-Site Scripting
|
9 |
WEB
|
darkTR
|
|
2011-08-05
|
|
Softbiz Recipes Portal Script - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
Net.Edit0r
|
|
2015-02-09
|
|
StaMPi - Local File Inclusion
|
9 |
WEB
|
e . V . E . L
|
|
2015-02-09
|
|
u5CMS 3.9.3 - Multiple Persistent Cross-Site Scripting / Reflected Cross-Site Scripting Vulnerabilit
|
8 |
WEB
|
LiquidWorm
|
|
2015-02-09
|
|
u5CMS 3.9.3 - 'thumb.php' Local File Inclusion
|
9 |
WEB
|
LiquidWorm
|
|
2015-02-09
|
|
u5CMS 3.9.3 - Multiple SQL Injections
|
7 |
WEB
|
LiquidWorm
|
|
2015-02-09
|
|
u5CMS 3.9.3 - 'deletefile.php' Arbitrary File Deletion
|
9 |
WEB
|
LiquidWorm
|
|
2015-02-09
|
|
RedaxScript CMS 2.2.0 - SQL Injection
|
8 |
WEB
|
ITAS Team
|
|
2011-08-04
|
|
Community Server 2007/2008 - 'TagSelector.aspx' Cross-Site Scripting
|
8 |
WEB
|
PontoSec
|
|
2011-08-04
|
|
WordPress Plugin WP E-Commerce 3.8.6 - 'cart_messages[]' Cross-Site Scripting
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2011-08-03
|
|
HESK 2.2 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
High-Tech Bridge SA
|
|
2011-08-03
|
|
Joomla! Component com_community - 'userid' SQL Injection
|
8 |
WEB
|
Ne0 H4ck3R
|
|
2011-08-03
|
|
Joomla! Component com_xeslidegalfx - 'id' SQL Injection
|
8 |
WEB
|
Ne0 H4ck3R
|
|
2011-08-03
|
|
Ataccan E-Ticaret Scripti - 'id' SQL Injection
|
7 |
WEB
|
Err0R
|
|
2011-08-03
|
|
BESNI OKUL PORTAL - 'sayfa.asp' Cross-Site Scripting
|
9 |
WEB
|
Err0R
|
|
2011-08-03
|
|
mt LinkDatenbank - 'b' Cross-Site Scripting
|
8 |
WEB
|
Err0R
|
|
2011-07-11
|
|
Gilnet News - 'read_more.php' SQL Injection
|
8 |
WEB
|
Err0R
|
|
2011-08-02
|
|
MyBB MyTabs Plugin - 'tab' SQL Injection
|
8 |
WEB
|
AutoRUN & dR.sqL
|
|
2011-08-01
|
|
Curverider Elgg 1.7.9 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Aung Khant
|
|
2014-12-12
|
|
IBM Tivoli Service Automation Manager 7.2.4 - Remote Code Execution
|
7 |
WEB
|
Jakub Palaczynski
|
|
2011-07-28
|
|
Sitecore CMS 6.4.1 - 'url' Open Redirection
|
8 |
WEB
|
Tom Neaves
|
|
2011-07-28
|
|
HP Network Automation 9.10 - SQL Injection
|
7 |
WEB
|
anonymous
|
|
2011-07-25
|
|
CobraScripts Trading Marketplace Script - 'cid' SQL Injection
|
6 |
WEB
|
Ehsan_Hp200
|
|
2015-02-05
|
|
Magento Server MAGMI Plugin - Multiple Vulnerabilities
|
8 |
WEB
|
SECUPENT
|
|
2015-02-04
|
|
Pragyan CMS 3.0 - SQL Injection
|
7 |
WEB
|
Steffen Rösemann
|
|
2011-07-27
|
|
PHPJunkYard GBook 1.6/1.7 - Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2011-07-27
|
|
MBoard 1.3 - 'url' Open Redirection
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2011-07-26
|
|
Support Incident Tracker (SiT!) 3.63 p1 - 'tasks.php?selected[]' SQL Injection
|
7 |
WEB
|
Yuri Goltsev
|
|
2011-07-26
|
|
Support Incident Tracker (SiT!) 3.63 p1 - 'search.php?search_string' SQL Injection
|
7 |
WEB
|
Yuri Goltsev
|
|
2011-07-26
|
|
Support Incident Tracker (SiT!) 3.63 p1 - 'billable_incidents.php?sites[]' SQL Injection
|
7 |
WEB
|
Yuri Goltsev
|
|
2011-07-26
|
|
Support Incident Tracker (SiT!) 3.63 p1 - 'report_marketing.php?exc[]' SQL Injection
|
8 |
WEB
|
Yuri Goltsev
|
|
2011-07-25
|
|
Joomla! Component com_virtualmoney 1.5 - SQL Injection
|
7 |
WEB
|
FL0RiX
|
|
2015-02-03
|
|
Hewlett-Packard (HP) UCMDB - JMX-Console Authentication Bypass
|
9 |
WEB
|
Hans-Martin Muench
|
|
2015-02-03
|
|
ManageEngine Desktop Central 9 Build 90087 - Cross-Site Request Forgery
|
8 |
WEB
|
Mohamed Idris
|
|
2011-07-25
|
|
Willscript Recipes Website Script Silver Edition - 'viewRecipe.php' SQL Injection
|
7 |
WEB
|
Lazmania61
|
|
2011-07-25
|
|
Online Grades 3.2.5 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Gjoko Krstic
|
|
2011-07-25
|
|
Godly Forums - 'id' SQL Injection
|
8 |
WEB
|
3spi0n
|
|
2011-07-21
|
|
Synergy Software - 'id' SQL Injection
|
7 |
WEB
|
Ehsan_Hp200
|
|
2011-07-20
|
|
Cyberoam UTM - Multiple Cross-Site Scripting Vulnerabilities
|
6 |
WEB
|
Patrick Webster
|
|
2011-07-20
|
|
Tiki Wiki CMS Groupware 7.2 - 'snarf_ajax.php' Cross-Site Scripting
|
7 |
WEB
|
High-Tech Bridge SA
|
|
2011-07-20
|
|
Joomla! < 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
YGN Ethical Hacker Group
|
|
2015-02-02
|
|
Sefrengo CMS 1.6.1 - Multiple SQL Injections
|
8 |
WEB
|
ITAS Team
|
|
2011-07-11
|
|
WordPress Plugin bSuite 4.0.7 - Multiple HTML Injection Vulnerabilities
|
7 |
WEB
|
IHTeam
|
|
2011-07-17
|
|
BlueSoft Social Networking CMS - SQL Injection
|
7 |
WEB
|
Lazmania61
|
|
2011-07-18
|
|
BlueSoft (Multiple Products) - Multiple SQL Injections
|
6 |
WEB
|
Lazmania61
|
|
2011-07-15
|
|
AJ Classifieds - 'listingid' SQL Injection
|
8 |
WEB
|
Lazmania61
|
|
2011-07-15
|
|
Joomla! Component com_newssearch - SQL Injection
|
6 |
WEB
|
Robert Cooper
|
|
2011-07-15
|
|
Joomla! Component Controller - 'Itemid' SQL Injection
|
7 |
WEB
|
SOLVER
|
|
2011-07-15
|
|
Joomla! Component com_hospital - SQL Injection
|
8 |
WEB
|
SOLVER
|
|
2011-07-15
|
|
Joomla! Component Juicy Gallery - 'picId' SQL Injection
|
8 |
WEB
|
SOLVER
|
|
2011-07-15
|
|
Joomla! Component Foto - 'id_categoria' SQL Injection
|
9 |
WEB
|
SOLVER
|
|
2011-07-15
|
|
Easy Estate Rental - 's_location' SQL Injection
|
8 |
WEB
|
Lazmania61
|
|
2011-07-15
|
|
Auto Web Toolbox - 'id' SQL Injection
|
7 |
WEB
|
Lazmania61
|
|
2015-01-24
|
|
NPDS CMS REvolution-13 - SQL Injection
|
8 |
WEB
|
Narendra Bhati
|
|
2011-07-29
|
|
Chyrp 2.x swfupload Extension - 'upload_handler.php' Arbitrary File Upload / Arbitrary PHP Code Exec
|
7 |
WEB
|
Wireghoul
|
|
2011-07-29
|
|
Chyrp 2.x - '/includes/lib/gz.php?File' Traversal Arbitrary File Access
|
8 |
WEB
|
Wireghoul
|
|
2011-07-29
|
|
Chyrp 2.x - 'action' Traversal Local File Inclusion
|
8 |
WEB
|
Wireghoul
|
|
2011-07-13
|
|
Chyrp 2.x - '/includes/JavaScript.php?action' Cross-Site Scripting
|
7 |
WEB
|
Wireghoul
|
|
2011-07-13
|
|
Chyrp 2.x - '/admin/help.php' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Wireghoul
|
|
2011-07-13
|
|
TCExam 11.2.x - Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Gjoko Krstic
|
|
2011-07-12
|
|
Flowplayer 3.2.7 - 'linkUrl' Cross-Site Scripting
|
7 |
WEB
|
Szymon Gruszecki
|
|
2011-07-12
|
|
Sphider 1.3.x - Admin Panel Multiple SQL Injections
|
7 |
WEB
|
Karthik R
|
|
2015-01-29
|
|
ManageEngine Firewall Analyzer 8.0 - Directory Traversal / Cross-Site Scripting
|
7 |
WEB
|
Ertebat Gostar Co
|
|
2011-07-11
|
|
ICMusic 1.2 - 'music_id' SQL Injection
|
9 |
WEB
|
kaMtiEz
|
|
2011-07-11
|
|
Prontus CMS - 'page' Cross-Site Scripting
|
7 |
WEB
|
Zerial
|
|
2011-07-08
|
|
Joomla! Component com_voj - SQL Injection
|
8 |
WEB
|
CoBRa_21
|
|
2011-07-05
|
|
Classified Script - c-BrowseClassified Cross-Site Scripting
|
8 |
WEB
|
Raghavendra Karthik D
|
|
2011-07-03
|
|
eTAWASOL - 'id' SQL Injection
|
6 |
WEB
|
Bl4ck.Viper
|
