|
2011-07-25
|
|
Online Grades 3.2.5 - Multiple Cross-Site Scripting Vulnerabilities
|
17 |
WEB
|
Gjoko Krstic
|
|
2011-07-25
|
|
Godly Forums - 'id' SQL Injection
|
22 |
WEB
|
3spi0n
|
|
2011-07-21
|
|
Synergy Software - 'id' SQL Injection
|
17 |
WEB
|
Ehsan_Hp200
|
|
2011-07-20
|
|
Cyberoam UTM - Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
Patrick Webster
|
|
2011-07-20
|
|
Tiki Wiki CMS Groupware 7.2 - 'snarf_ajax.php' Cross-Site Scripting
|
18 |
WEB
|
High-Tech Bridge SA
|
|
2011-07-20
|
|
Joomla! < 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities
|
20 |
WEB
|
YGN Ethical Hacker Group
|
|
2015-02-02
|
|
Sefrengo CMS 1.6.1 - Multiple SQL Injections
|
24 |
WEB
|
ITAS Team
|
|
2011-07-11
|
|
WordPress Plugin bSuite 4.0.7 - Multiple HTML Injection Vulnerabilities
|
18 |
WEB
|
IHTeam
|
|
2011-07-17
|
|
BlueSoft Social Networking CMS - SQL Injection
|
20 |
WEB
|
Lazmania61
|
|
2011-07-18
|
|
BlueSoft (Multiple Products) - Multiple SQL Injections
|
16 |
WEB
|
Lazmania61
|
|
2011-07-15
|
|
AJ Classifieds - 'listingid' SQL Injection
|
29 |
WEB
|
Lazmania61
|
|
2011-07-15
|
|
Joomla! Component com_newssearch - SQL Injection
|
18 |
WEB
|
Robert Cooper
|
|
2011-07-15
|
|
Joomla! Component Controller - 'Itemid' SQL Injection
|
21 |
WEB
|
SOLVER
|
|
2011-07-15
|
|
Joomla! Component com_hospital - SQL Injection
|
19 |
WEB
|
SOLVER
|
|
2011-07-15
|
|
Joomla! Component Juicy Gallery - 'picId' SQL Injection
|
18 |
WEB
|
SOLVER
|
|
2011-07-15
|
|
Joomla! Component Foto - 'id_categoria' SQL Injection
|
22 |
WEB
|
SOLVER
|
|
2011-07-15
|
|
Easy Estate Rental - 's_location' SQL Injection
|
19 |
WEB
|
Lazmania61
|
|
2011-07-15
|
|
Auto Web Toolbox - 'id' SQL Injection
|
18 |
WEB
|
Lazmania61
|
|
2015-01-24
|
|
NPDS CMS REvolution-13 - SQL Injection
|
18 |
WEB
|
Narendra Bhati
|
|
2011-07-29
|
|
Chyrp 2.x swfupload Extension - 'upload_handler.php' Arbitrary File Upload / Arbitrary PHP Code Exec
|
21 |
WEB
|
Wireghoul
|
|
2011-07-29
|
|
Chyrp 2.x - '/includes/lib/gz.php?File' Traversal Arbitrary File Access
|
18 |
WEB
|
Wireghoul
|
|
2011-07-29
|
|
Chyrp 2.x - 'action' Traversal Local File Inclusion
|
23 |
WEB
|
Wireghoul
|
|
2011-07-13
|
|
Chyrp 2.x - '/includes/JavaScript.php?action' Cross-Site Scripting
|
21 |
WEB
|
Wireghoul
|
|
2011-07-13
|
|
Chyrp 2.x - '/admin/help.php' Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
Wireghoul
|
|
2011-07-13
|
|
TCExam 11.2.x - Multiple Cross-Site Scripting Vulnerabilities
|
20 |
WEB
|
Gjoko Krstic
|
|
2011-07-12
|
|
Flowplayer 3.2.7 - 'linkUrl' Cross-Site Scripting
|
19 |
WEB
|
Szymon Gruszecki
|
|
2011-07-12
|
|
Sphider 1.3.x - Admin Panel Multiple SQL Injections
|
18 |
WEB
|
Karthik R
|
|
2015-01-29
|
|
ManageEngine Firewall Analyzer 8.0 - Directory Traversal / Cross-Site Scripting
|
23 |
WEB
|
Ertebat Gostar Co
|
|
2011-07-11
|
|
ICMusic 1.2 - 'music_id' SQL Injection
|
22 |
WEB
|
kaMtiEz
|
|
2011-07-11
|
|
Prontus CMS - 'page' Cross-Site Scripting
|
17 |
WEB
|
Zerial
|
|
2011-07-08
|
|
Joomla! Component com_voj - SQL Injection
|
19 |
WEB
|
CoBRa_21
|
|
2011-07-05
|
|
Classified Script - c-BrowseClassified Cross-Site Scripting
|
17 |
WEB
|
Raghavendra Karthik D
|
|
2011-07-03
|
|
eTAWASOL - 'id' SQL Injection
|
17 |
WEB
|
Bl4ck.Viper
|
|
2011-07-02
|
|
Paliz Portal - Cross-Site Scripting / Multiple SQL Injections
|
22 |
WEB
|
Net.Edit0r
|
|
2011-07-05
|
|
Joomla! Component com_jr_tfb - 'Controller' Local File Inclusion
|
18 |
WEB
|
FL0RiX
|
|
2014-11-11
|
|
WordPress Plugin Photo Gallery 1.2.5 - Unrestricted Arbitrary File Upload
|
19 |
WEB
|
Kacper Szurek
|
|
2015-01-26
|
|
Symantec Data Center Security - Multiple Vulnerabilities
|
18 |
WEB
|
SEC Consult
|
|
2015-01-26
|
|
ferretCMS 1.0.4-alpha - Multiple Vulnerabilities
|
23 |
WEB
|
Steffen Rösemann
|
|
2015-01-26
|
|
jclassifiedsmanager - Multiple Vulnerabilities
|
21 |
WEB
|
Sarath Nair
|
|
2015-01-26
|
|
ManageEngine EventLog Analyzer 9.0 - Directory Traversal / Cross-Site Scripting
|
27 |
WEB
|
Ertebat Gostar Co
|
|
2015-01-26
|
|
SWFupload 2.5.0 - Cross Frame Scripting (XFS)
|
19 |
WEB
|
MindCracker
|
|
2015-01-26
|
|
PHP Webquest 2.6 - SQL Injection
|
18 |
WEB
|
jordan root
|
|
2015-01-26
|
|
ManageEngine ServiceDesk Plus 9.0 < Build 9031 - User Privileges Management
|
20 |
WEB
|
Rewterz - Research Group
|
|
2015-01-26
|
|
Barracuda Networks Cloud Series - Filter Bypass
|
24 |
WEB
|
Vulnerability-Lab
|
|
2015-01-26
|
|
Mangallam CMS - SQL Injection
|
21 |
WEB
|
Vulnerability-Lab
|
|
2011-06-28
|
|
Flatpress 0.1010.1 - Multiple Cross-Site Scripting Vulnerabilities
|
20 |
WEB
|
High-Tech Bridge SA
|
|
2011-06-28
|
|
Joomla! 1.6.3 - Multiple Cross-Site Scripting Vulnerabilities
|
17 |
WEB
|
Aung Khant
|
|
2011-06-27
|
|
WordPress Plugin Pretty Link Lite 1.4.56 - Multiple SQL Injections
|
19 |
WEB
|
MaKyOtOx
|
|
2015-01-22
|
|
ManageEngine ServiceDesk Plus 9.0 - User Enumeration
|
22 |
WEB
|
Muhammad Ahmed Siddiqui
|
|
2015-01-22
|
|
ManageEngine ServiceDesk Plus 9.0 - SQL Injection
|
18 |
WEB
|
Muhammad Ahmed Siddiqui
|
|
2011-06-27
|
|
Mambo 4.6.x - Multiple Cross-Site Scripting Vulnerabilities
|
24 |
WEB
|
Aung Khant
|
|
2011-06-27
|
|
Joomla! Component com_morfeoshow - 'idm' SQL Injection
|
19 |
WEB
|
Th3.xin0x
|
|
2011-06-23
|
|
Nodesforum - '_nodesforum_node' SQL Injection
|
19 |
WEB
|
Andrea Bocchetti
|
|
2015-01-19
|
|
WordPress Plugin Cforms 14.7 - Remote Code Execution
|
20 |
WEB
|
Zakhar
|
|
2015-01-22
|
|
ecommerceMajor - SQL Injection / Authentication Bypass
|
20 |
WEB
|
Manish Tanwar
|
|
2011-06-23
|
|
Sitemagic CMS - 'SMTpl' Directory Traversal
|
16 |
WEB
|
Andrea Bocchetti
|
|
2011-06-22
|
|
FanUpdate 3.0 - 'pageTitle' Cross-Site Scripting
|
22 |
WEB
|
High-Tech Bridge SA
|
|
2011-06-22
|
|
Eshop Manager - Multiple SQL Injections
|
19 |
WEB
|
Number 7
|
|
2011-06-22
|
|
H3C ER5100 - Authentication Bypass
|
20 |
WEB
|
128bit
|
|
2011-06-21
|
|
Sitemagic CMS 2010.04.17 - 'SMExt' Cross-Site Scripting
|
19 |
WEB
|
Gjoko Krstic
|
|
2011-06-18
|
|
Taha Portal 3.2 - 'sitemap.php' Cross-Site Scripting
|
22 |
WEB
|
Bl4ck.Viper
|
|
2011-06-18
|
|
Immophp 1.1.1 - Cross-Site Scripting / SQL Injection
|
19 |
WEB
|
KedAns-Dz
|
|
2011-06-19
|
|
Nibbleblog 3 - Multiple SQL Injections
|
18 |
WEB
|
KedAns-Dz
|
|
2011-06-15
|
|
MyBloggie 2.1.6 - HTML Injection / SQL Injection
|
18 |
WEB
|
Robin Verton
|
|
2011-06-15
|
|
miniblog 1.0 - Multiple Cross-Site Scripting Vulnerabilities
|
17 |
WEB
|
High-Tech Bridge SA
|
|
2011-06-14
|
|
vBTube 1.2.9 - 'vBTube.php' Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
Mr.ThieF
|
|
2015-01-20
|
|
vBulletin vBSSO Single Sign-On 1.4.14 - SQL Injection
|
17 |
WEB
|
Technidev
|
|
2015-01-21
|
|
ArticleFR CMS 3.0.5 - Arbitrary File Upload
|
18 |
WEB
|
TranDinhTien
|
|
2015-01-21
|
|
ArticleFR CMS 3.0.5 - SQL Injection
|
16 |
WEB
|
TranDinhTien
|
|
2011-06-13
|
|
PHP-Nuke 8.3 - 'upload.php' Arbitrary File Upload (2)
|
15 |
WEB
|
pentesters.ir
|
|
2011-06-13
|
|
PHP-Nuke 8.3 - 'upload.php' Arbitrary File Upload (1)
|
18 |
WEB
|
pentesters.ir
|
|
2011-06-13
|
|
Microsoft Lync Server 2010 - 'ReachJoin.aspx' Remote Command Injection
|
19 |
WEB
|
Mark Lachniet
|
|
2011-06-13
|
|
WebFileExplorer 3.6 - 'user' / 'pass' SQL Injection
|
15 |
WEB
|
pentesters.ir
|
|
2015-01-20
|
|
WordPress Plugin Pixarbay Images 2.3 - Multiple Vulnerabilities
|
18 |
WEB
|
Hans-Martin Muench
|
|
2015-01-20
|
|
RedaxScript 2.1.0 - Privilege Escalation
|
17 |
WEB
|
shyamkumar somana
|
|
2011-06-13
|
|
Joomla! Component Minitek FAQ Book 1.3 - 'id' SQL Injection
|
21 |
WEB
|
kaMtiEz
|
|
2011-06-10
|
|
Tolinet Agencia - 'id' SQL Injection
|
19 |
WEB
|
Andrea Bocchetti
|
|
2011-06-07
|
|
The Pacer Edition CMS 2.1 - 'email' Cross-Site Scripting
|
20 |
WEB
|
LiquidWorm
|
|
2011-06-08
|
|
WordPress Plugin GD Star Rating - 'votes' SQL Injection
|
19 |
WEB
|
anonymous
|
|
2011-06-07
|
|
Blog:CMS 4.2 - Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
Stefan Schurtz
|
|
2011-06-07
|
|
Xataface 1.x - 'action' Local File Inclusion
|
17 |
WEB
|
ITSecTeam
|
|
2011-06-06
|
|
Squiz Matrix 4 - 'colour_picker.php' Cross-Site Scripting
|
19 |
WEB
|
Patrick Webster
|
|
2011-06-06
|
|
PopScript - 'index.php' Multiple Input Validation Vulnerabilities
|
20 |
WEB
|
NassRawI
|
|
2011-06-06
|
|
Multiple WordPress WooThemes Themes - 'test.php' Cross-Site Scripting
|
15 |
WEB
|
MustLive
|
|
2011-06-06
|
|
Nakid CMS 1.0.2 - 'CKEditorFuncNum' Cross-Site Scripting
|
18 |
WEB
|
AutoSec Tools
|
|
2011-06-06
|
|
Joomla! Component CCBoard - SQL Injection / Arbitrary File Upload
|
21 |
WEB
|
KedAns-Dz
|
|
2011-06-06
|
|
vBulletin vBExperience 3 - 'sortorder' Cross-Site Scripting
|
18 |
WEB
|
Mr.ThieF
|
|
2015-01-16
|
|
WordPress Plugin Pie Register 2.0.13 - Privilege Escalation
|
19 |
WEB
|
Kacper Szurek
|
|
2011-06-02
|
|
Ushahidi 2.0.1 - 'range' SQL Injection
|
20 |
WEB
|
Gjoko Krstic
|
|
2011-06-01
|
|
ARSC Really Simple Chat 3.3-rc2 - Cross-Site Scripting / Multiple SQL Injections
|
18 |
WEB
|
High-Tech Bridge SA
|
|
2011-06-01
|
|
PikaCMS - Multiple Local File Disclosure Vulnerabilities
|
18 |
WEB
|
KnocKout
|
|
2011-06-01
|
|
TEDE Simplificado 1.01/S2.04 - Multiple SQL Injections
|
21 |
WEB
|
KnocKout
|
|
2011-05-31
|
|
S9Y Serendipity Freetag-plugin 3.21 - 'index.php' Cross-Site Scripting
|
21 |
WEB
|
Stefan Schurtz
|
|
2011-05-31
|
|
Kentico CMS 5.5R2.23 - 'userContextMenu_Parameter' Cross-Site Scripting
|
21 |
WEB
|
LiquidWorm
|
|
2011-05-30
|
|
Cotonti 0.9.2 - Multiple SQL Injections
|
24 |
WEB
|
KedAns-Dz
|
|
2011-05-25
|
|
BlackBoard Learn 8.0 - 'keywordraw' Cross-Site Scripting
|
26 |
WEB
|
Matt Jezorek
|
|
2011-05-25
|
|
Kryn.cms 0.9 - '_kurl' Cross-Site Scripting
|
21 |
WEB
|
AutoSec Tools
|
|
2011-05-25
|
|
Joomla! Component com_shop - SQL Injection
|
18 |
WEB
|
ThunDEr HeaD
|
|
2011-05-25
|
|
MidiCMS Website Builder - Local File Inclusion / Arbitrary File Upload
|
16 |
WEB
|
KedAns-Dz
|
|
2011-05-24
|
|
Ajax Chat 1.0 - 'ajax-chat.php' Cross-Site Scripting
|
19 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-24
|
|
phpScheduleIt 1.2.12 - Multiple Cross-Site Scripting Vulnerabilities
|
15 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-23
|
|
Joomla! Component Map Locator - 'cid' SQL Injection
|
19 |
WEB
|
FL0RiX
|
|
2011-05-19
|
|
LimeSurvey 1.85+ - 'admin.php' Cross-Site Scripting
|
17 |
WEB
|
Juan Manuel Garcia
|
|
2015-01-14
|
|
Ansible Tower 2.0.2 - Multiple Vulnerabilities
|
28 |
WEB
|
SEC Consult
|
|
2011-05-19
|
|
Andy's PHP KnowledgeBase 0.95.4 - 'step5.php' PHP Remote Code Execution
|
24 |
WEB
|
AutoSec Tools
|
|
2011-05-19
|
|
Room Juice 0.3.3 - 'display.php' Cross-Site Scripting
|
19 |
WEB
|
AutoSec Tools
|
|
2011-05-18
|
|
CiscoWorks Common Services 3.1.1 - Auditing Directory Traversal
|
20 |
WEB
|
Sense of Security
|
|
2015-01-13
|
|
Foxit MobilePDF 4.4.0 iOS - Multiple Vulnerabilities
|
22 |
WEB
|
Vulnerability-Lab
|
|
2015-01-13
|
|
Dell iDRAC IPMI 1.5 - Insufficient Session ID Randomness
|
20 |
WEB
|
Yong Chuan_ Koh
|
|
2015-01-13
|
|
Gecko CMS 2.3 - Multiple Vulnerabilities
|
21 |
WEB
|
LiquidWorm
|
|
2011-05-18
|
|
TWiki 5.0.1 - 'origurl' Cross-Site Scripting
|
21 |
WEB
|
Mesut Timur
|
|
2011-05-17
|
|
PHP Calendar Basic 2.3 - Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-16
|
|
eFront 3.6.9 - 'submitScore.php' Cross-Site Scripting
|
19 |
WEB
|
John Leitch
|
|
2011-05-16
|
|
Mitel Audio and Web Conferencing 4.4.3.0 - Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
Richard Brain
|
|
2011-05-16
|
|
eFront 3.6.9 - 'scripts.php' Local File Inclusion
|
25 |
WEB
|
AutoSec Tools
|
|
2011-05-16
|
|
openQRM 4.8 - 'source_tab' Cross-Site Scripting
|
21 |
WEB
|
AutoSec Tools
|
|
2011-05-12
|
|
DocMGR 1.1.2 - 'history.php' Cross-Site Scripting
|
25 |
WEB
|
AutoSec Tools
|
|
2011-05-16
|
|
allocPSA 1.7.4 - '/login/login.php' Cross-Site Scripting
|
22 |
WEB
|
AutoSec Tools
|
|
2011-05-16
|
|
Mambo Component Docman 1.3.0 - Multiple SQL Injections
|
24 |
WEB
|
KedAns-Dz
|
|
2015-01-11
|
|
D-Link DSL-2730B Modem - 'Lancfg2get.cgi Persistent Cross-Site Scripting
|
20 |
WEB
|
XLabs Security
|
|
2015-01-11
|
|
D-Link DSL-2730B Modem - Cross-Site Scripting Injection Stored DnsProxy.cmd
|
22 |
WEB
|
XLabs Security
|
|
2015-01-11
|
|
D-Link DSL-2730B Modem - Cross-Site Scripting Injection Stored Wlsecrefresh.wl & Wlsecurity.wl
|
21 |
WEB
|
XLabs Security
|
|
2011-05-16
|
|
Joomla! Component com_cbcontact - 'contact_id' SQL Injection
|
22 |
WEB
|
KedAns-Dz
|
|
2011-05-13
|
|
Flash Tag Cloud And MT-Cumulus Plugin - 'tagcloud' Cross-Site Scripting
|
20 |
WEB
|
MustLive
|
|
2011-05-12
|
|
Argyle Social - Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
High-Tech Bridge SA
|
