|
2011-03-24
|
|
MC Content Manager 10.1.1 - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
MustLive
|
|
2014-12-08
|
|
WordPress Plugin Ajax Store Locator 1.2 - Arbitrary File Download
|
10 |
WEB
|
Claudio Viviani
|
|
2014-12-08
|
|
Free Article Submissions 1.0 - SQL Injection
|
9 |
WEB
|
BarrabravaZ
|
|
2014-12-08
|
|
PBBoard CMS - Persistent Cross-Site Scripting
|
9 |
WEB
|
Manish Tanwar
|
|
2014-12-08
|
|
IceHrm 7.1 - Multiple Vulnerabilities
|
8 |
WEB
|
LiquidWorm
|
|
2011-03-21
|
|
PluggedOut Blog 1.9.9 - 'year' Cross-Site Scripting
|
9 |
WEB
|
kurdish hackers team
|
|
2011-03-21
|
|
Newsportal 0.37 - 'post.php' Cross-Site Scripting
|
10 |
WEB
|
kurdish hackers team
|
|
2011-03-21
|
|
Online store PHP script - Multiple Cross-Site Scripting / SQL Injections
|
10 |
WEB
|
kurdish hackers team
|
|
2011-03-19
|
|
Web Poll Pro 1.0.3 - 'error' HTML Injection
|
11 |
WEB
|
Hector.x90
|
|
2011-03-18
|
|
XOOPS 2.x - Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
Aung Khant
|
|
2011-03-17
|
|
WordPress Plugin Rating-Widget 1.3.1 - Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
Todor Donev
|
|
2011-03-17
|
|
WordPress Plugin Sodahead Polls 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
High-Tech Bridge SA
|
|
2014-12-05
|
|
PBBoard CMS 3.0.1 - SQL Injection
|
10 |
WEB
|
Tran Dinh Tien
|
|
2011-03-16
|
|
AplikaMedia CMS - 'page_info.php' SQL Injection
|
9 |
WEB
|
H3X
|
|
2011-03-10
|
|
Wikiwig 5.01 - Cross-Site Scripting / HTML Injection
|
11 |
WEB
|
AutoSec Tools
|
|
2011-03-15
|
|
SugarCRM 6.1.1 - Information Disclosure
|
10 |
WEB
|
RedTeam Pentesting GmbH
|
|
2014-12-04
|
|
Advertise With Pleasure! (AWP) 6.6 - SQL Injection
|
10 |
WEB
|
Robert Cooper
|
|
2014-12-04
|
|
Technicolor DT5130 2.05.C29GV - Multiple Vulnerabilities
|
11 |
WEB
|
Crash
|
|
2014-12-03
|
|
WordPress Plugin CodeArt Google MP3 Player - File Disclosure Download
|
9 |
WEB
|
QK14 Team
|
|
2014-12-03
|
|
WordPress Plugin Cart66 Lite eCommerce 1.5.1.17 - Blind SQL Injection
|
11 |
WEB
|
Kacper Szurek
|
|
2011-03-14
|
|
BoutikOne - 'rss_top10.php?lang' SQL Injection
|
9 |
WEB
|
cdx.security
|
|
2011-03-14
|
|
BoutikOne - 'rss_promo.php?lang' SQL Injection
|
9 |
WEB
|
cdx.security
|
|
2011-03-14
|
|
BoutikOne - 'rss_flash.php?lang' SQL Injection
|
8 |
WEB
|
cdx.security
|
|
2011-03-14
|
|
BoutikOne - 'rss_news.php?lang' SQL Injection
|
10 |
WEB
|
cdx.security
|
|
2011-03-14
|
|
BoutikOne - 'search.php' Multiple SQL Injections
|
9 |
WEB
|
cdx.security
|
|
2011-03-14
|
|
BoutikOne - 'list.php?path' SQL Injection
|
8 |
WEB
|
cdx.security
|
|
2011-03-14
|
|
BoutikOne - 'categorie.php?path' SQL Injection
|
6 |
WEB
|
cdx.security
|
|
2014-12-03
|
|
WordPress Plugin Google Document Embedder 2.5.16 - 'mysql_real_escpae_string' Bypass SQL Injection
|
10 |
WEB
|
Securely (Yoo Hee man)
|
|
2011-03-04
|
|
Lms Web Ensino - Multiple Input Validation Vulnerabilities
|
10 |
WEB
|
waKKu
|
|
2014-12-02
|
|
TYPO3 Extension ke DomPDF - Remote Code Execution
|
10 |
WEB
|
RedTeam Pentesting
|
|
2014-12-02
|
|
EntryPass N5200 - Credentials Exposure
|
10 |
WEB
|
RedTeam Pentesting
|
|
2014-12-02
|
|
WordPress Plugin Nextend Facebook Connect 1.4.59 - Cross-Site Scripting
|
10 |
WEB
|
Kacper Szurek
|
|
2011-03-10
|
|
Cosmoshop 10.05.00 - Multiple Cross-Site Scripting / SQL Injections
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-10
|
|
Xinha 0.96 - 'spell-check-savedicts.php' Multiple HTML Injection Vulnerabilities
|
10 |
WEB
|
John Leitch
|
|
2011-03-10
|
|
WordPress Plugin Lazyest Gallery 1.0.26 - 'image' Cross-Site Scripting
|
12 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-08
|
|
Ruubikcms 1.0.3 - 'head.php' Cross-Site Scripting
|
10 |
WEB
|
Khashayar Fereidani
|
|
2011-03-08
|
|
WordPress Plugin 1 Flash Gallery 0.2.5 - Cross-Site Scripting / SQL Injection
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-08
|
|
WordPress Plugin PhotoSmash Galleries 1.0.x - 'action' Cross-Site Scripting
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2014-12-02
|
|
SQL Buddy 1.3.3 - Remote Code Execution
|
10 |
WEB
|
Fady Mohammed Osman
|
|
2014-12-02
|
|
ProjectSend r-561 - Arbitrary File Upload
|
10 |
WEB
|
Fady Mohammed Osman
|
|
2014-12-02
|
|
Prolink PRN2001 - Multiple Vulnerabilities
|
11 |
WEB
|
Herman Groeneveld
|
|
2011-03-08
|
|
WordPress Plugin Inline Gallery 0.3.9 - 'do' Cross-Site Scripting
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-08
|
|
WS Interactive Automne 4.1 - '/admin/upload-controler.php' Arbitrary File Upload
|
9 |
WEB
|
AutoSec Tools
|
|
2011-03-03
|
|
Interleave 5.5.0.2 - 'basicstats.php' Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
AutoSec Tools
|
|
2011-03-07
|
|
Kodak InSite 5.5.2 - '/Pages/login.aspx?Language' Cross-Site Scripting
|
10 |
WEB
|
Dionach
|
|
2011-03-07
|
|
Kodak InSite 5.5.2 - '/Troubleshooting/DiagnosticReport.asp?HeaderWarning' Cross-Site Scripting
|
9 |
WEB
|
Dionach
|
|
2011-03-04
|
|
InterPhoto Image Gallery 2.4.2 - 'IPLANG' Local File Inclusion
|
9 |
WEB
|
AutoSec Tools
|
|
2011-03-03
|
|
Pragyan CMS 3.0 Beta - Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-03
|
|
xtcModified 1.05 - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-03
|
|
phpWebSite 1.7.1 - 'local' Cross-Site Scripting
|
9 |
WEB
|
AutoSec Tools
|
|
2011-03-03
|
|
Support Incident Tracker (SiT!) 3.62 - Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
AutoSec Tools
|
|
2011-03-02
|
|
VidiScript - 'vp' Cross-Site Scripting
|
12 |
WEB
|
NassRawI
|
|
2011-03-02
|
|
Forritun - Multiple SQL Injections
|
11 |
WEB
|
eXeSoul
|
|
2011-02-28
|
|
SnapProof - 'retPageID' Cross-Site Scripting
|
11 |
WEB
|
difficult 511
|
|
2011-02-28
|
|
WordPress Plugin BackWPup 1.4 - Multiple Information Disclosure Vulnerabilities
|
11 |
WEB
|
Danilo Massa
|
|
2011-02-23
|
|
Drupal Module Cumulus 5.x-1.1/6.x-1.4 - 'tagcloud' Cross-Site Scripting
|
10 |
WEB
|
MustLive
|
|
2014-11-28
|
|
xEpan 1.0.4 - Multiple Vulnerabilities
|
9 |
WEB
|
Parikesit _ Kurawa
|
|
2011-02-23
|
|
WordPress Plugin YT-Audio 1.7 - 'v' Cross-Site Scripting
|
11 |
WEB
|
AutoSec Tools
|
|
2011-02-23
|
|
WordPress Plugin ComicPress Manager 1.4.9 - 'lang' Cross-Site Scripting
|
9 |
WEB
|
AutoSec Tools
|
|
2011-02-23
|
|
WordPress Plugin IGIT Posts Slider Widget 1.0 - 'src' Cross-Site Scripting
|
9 |
WEB
|
AutoSec Tools
|
|
2011-02-25
|
|
glFusion 1.1.x/1.2.1 - 'users.php' SQL Injection
|
10 |
WEB
|
H3X
|
|
2011-02-25
|
|
phpShop 0.8.1 - 'page' Cross-Site Scripting
|
9 |
WEB
|
Aung Khant
|
|
2014-11-26
|
|
WordPress Plugin Slider REvolution 3.0.95 / Showbiz Pro 1.7.1 - Arbitrary File Upload
|
10 |
WEB
|
Simo Ben Youssef
|
|
2014-11-26
|
|
Device42 WAN Emulator 2.3 - Ping Command Injection (Metasploit)
|
9 |
WEB
|
Brandon Perry
|
|
2014-11-26
|
|
Device42 WAN Emulator 2.3 - Traceroute Command Injection (Metasploit)
|
11 |
WEB
|
Brandon Perry
|
|
2014-11-26
|
|
xEpan 1.0.1 - Cross-Site Request Forgery
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2014-11-26
|
|
WordPress Plugin DB Backup - Arbitrary File Download
|
16 |
WEB
|
Ashiyane Digital Security Team
|
|
2011-02-16
|
|
mySeatXT 0.164 - 'lang' Local File Inclusion
|
9 |
WEB
|
AutoSec Tools
|
|
2011-02-22
|
|
Vanilla Forums 2.0.17.x - 'p' Cross-Site Scripting
|
9 |
WEB
|
Aung Khant
|
|
2011-02-22
|
|
IBM Lotus Sametime Server 8.0 - 'stcenter.nsf' Cross-Site Scripting
|
10 |
WEB
|
andrew
|
|
2011-02-22
|
|
WordPress Plugin GD Star Rating 1.9.7 - 'wpfn' Cross-Site Scripting
|
9 |
WEB
|
High-Tech Bridge SA
|
|
2014-11-25
|
|
Arris VAP2500 - Authentication Bypass
|
9 |
WEB
|
HeadlessZeke
|
|
2014-11-25
|
|
WordPress Plugin Google Document Embedder 2.5.14 - SQL Injection
|
8 |
WEB
|
Kacper Szurek
|
|
2014-11-25
|
|
Crea8Social 1.3 - Persistent Cross-Site Scripting
|
10 |
WEB
|
Halil Dalabasmaz
|
|
2014-11-25
|
|
PHPMyRecipes 1.2.2 - 'dosearch.php?words_exact' SQL Injection
|
10 |
WEB
|
bard
|
|
2011-02-21
|
|
Batavi 1.0 - Multiple Local File Inclusion / Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
AutoSec Tools
|
|
2011-02-18
|
|
WSN Guest 1.24 - 'wsnuser' Cookie SQL Injection
|
10 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2014-11-24
|
|
Advantech EKI-6340 - Command Injection
|
12 |
WEB
|
Core Security
|
|
2011-02-15
|
|
Getsimple CMS 2.03 - 'upload-ajax.php' Arbitrary File Upload
|
9 |
WEB
|
s3rg3770 & Chuzz
|
|
2011-02-15
|
|
Photopad 1.2 - Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-15
|
|
Wikipad 1.6.0 - Cross-Site Scripting / HTML Injection / Information Disclosure
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-15
|
|
Gollos 2.8 - Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-15
|
|
MG2 0.5.1 - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
LiquidWorm
|
|
2011-02-12
|
|
Dokeos 1.8.6 2 - 'style' Cross-Site Scripting
|
8 |
WEB
|
AutoSec Tools
|
|
2014-11-24
|
|
WordPress Plugin DukaPress 2.5.2 - Directory Traversal
|
10 |
WEB
|
Kacper Szurek
|
|
2014-11-24
|
|
RobotStats 1.0 - 'robot' SQL Injection
|
7 |
WEB
|
ZoRLu Bugrahan
|
|
2011-02-09
|
|
Smarty Template Engine 2.6.9 - '$smarty.template' PHP Code Injection
|
9 |
WEB
|
jonieske
|
|
2014-11-24
|
|
WordPress Plugin wpDataTables 1.5.3 - Arbitrary File Upload
|
7 |
WEB
|
Claudio Viviani
|
|
2014-11-24
|
|
WordPress Plugin wpDataTables 1.5.3 - SQL Injection
|
7 |
WEB
|
Claudio Viviani
|
|
2011-02-12
|
|
TaskFreak! 0.6.4 - 'rss.php' HTTP Referer Header Cross-Site Scripting
|
8 |
WEB
|
LiquidWorm
|
|
2011-02-12
|
|
TaskFreak! 0.6.4 - 'print_list.php' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
LiquidWorm
|
|
2011-02-12
|
|
TaskFreak! 0.6.4 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
LiquidWorm
|
|
2011-02-11
|
|
Drupal Module CAPTCHA - Security Bypass
|
8 |
WEB
|
anonymous
|
|
2011-02-10
|
|
RunCMS 2.2.2 - 'register.php' SQL Injection
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-10
|
|
webERP 4.0.1 - 'InputSerialItemsFile.php' Arbitrary File Upload
|
7 |
WEB
|
AutoSec Tools
|
|
2011-02-10
|
|
Dolphin 7.0.4 - Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
AutoSec Tools
|
|
2011-02-10
|
|
ManageEngine ADSelfService Plus 4.4 - 'EmployeeSearch.cc' Multiple Cross-Site Scripting Vulnerabilit
|
8 |
WEB
|
Core Security
|
|
2011-02-10
|
|
ManageEngine ADSelfService Plus 4.4 - POST Manipulation Security Question
|
8 |
WEB
|
Core Security
|
|
2011-02-09
|
|
PHPXref 0.7 - 'nav.html' Cross-Site Scripting
|
7 |
WEB
|
MustLive
|
|
2011-02-08
|
|
UMI CMS 2.8.1.2 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-08
|
|
CiviCRM 3.3.3 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
AutoSec Tools
|
|
2014-11-22
|
|
Netgear WNR500 Wireless Router - 'webproc?getpage' Traversal Arbitrary File Access
|
7 |
WEB
|
LiquidWorm
|
|
2014-11-22
|
|
WordPress Plugin CM Download Manager 2.0.0 - Code Injection
|
8 |
WEB
|
Phi Ngoc Le
|
|
2014-11-22
|
|
MyBB 1.8.2 - 'unset_globals()' Function Bypass / Remote Code Execution
|
6 |
WEB
|
Taoguang Chen
|
|
2011-02-08
|
|
ViArt Shop 4.0.5 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-08
|
|
WebAsyst Shop-Script - Cross-Site Scripting / HTML Injection
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-07
|
|
Escortservice 1.0 - 'custid' SQL Injection
|
8 |
WEB
|
NoNameMT
|
|
2014-11-21
|
|
WordPress Plugin SP Client Document Manager 2.4.1 - SQL Injection
|
8 |
WEB
|
ITAS Team
|
|
2011-02-03
|
|
Firebook - 'index.html' Cross-Site Scripting
|
7 |
WEB
|
MustLive
|
|
2011-02-03
|
|
Octeth Oempro 3.6.4 - SQL Injection / Information Disclosure
|
7 |
WEB
|
Ignacio Garrido
|
|
2011-03-23
|
|
Web Wiz Forums 9.5 - Multiple SQL Injections
|
7 |
WEB
|
eXeSoul
|
|
2011-02-02
|
|
Betsy 4.0 - 'page' Local File Inclusion
|
9 |
WEB
|
MizoZ
|
|
2011-01-31
|
|
All In One Control Panel 1.4.1 - 'cp_menu_data_file.php' SQL Injection
|
8 |
WEB
|
AutoSec Tools
|
|
2011-02-02
|
|
TCExam 11.1.16 - 'user_password' Cross-Site Scripting
|
7 |
WEB
|
AutoSec Tools
|
|
2011-02-01
|
|
ACollab - 't' SQL Injection
|
7 |
WEB
|
AutoSec Tools
|
|
2014-11-19
|
|
WordPress Plugin Paid Memberships Pro 1.7.14.2 - Directory Traversal
|
8 |
WEB
|
Kacper Szurek
|
|
2014-11-19
|
|
Snowfox CMS 1.0 - Cross-Site Request Forgery (Add Admin)
|
8 |
WEB
|
LiquidWorm
|
|
2011-02-01
|
|
WordPress Plugin TagNinja 1.0 - 'id' Cross-Site Scripting
|
8 |
WEB
|
AutoSec Tools
|
|
2011-02-01
|
|
TinyWebGallery 1.8.3 - Cross-Site Scripting / Local File Inclusion
|
7 |
WEB
|
Yam Mesicka
|
|
2011-02-01
|
|
Moodle 2.0.1 - 'PHPCOVERAGE_HOME' Cross-Site Scripting
|
6 |
WEB
|
AutoSec Tools
|
|
2011-01-30
|
|
eSyndiCat Directory Software 2.2/2.3 - 'preview' Cross-Site Scripting
|
6 |
WEB
|
Avram Marius
|
|
2011-02-01
|
|
Joomla! Component com_frontenduseraccess - Local File Inclusion
|
5 |
WEB
|
wishnusakti
|
|
2011-02-01
|
|
Joomla! Component com_clan_members - 'id' SQL Injection
|
7 |
WEB
|
FL0RiX
|
|
2011-01-31
|
|
Joomla! Component com_virtuemart 1.1.6 - SQL Injection
|
8 |
WEB
|
Andrea Fabrizi
|
|
2011-01-30
|
|
vBSEO 3.2.2/3.5.2 - Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
MaXe
|
