|
2014-11-05
|
|
Mouse Media Script 1.6 - Persistent Cross-Site Scripting
|
21 |
WEB
|
Halil Dalabasmaz
|
|
2014-11-05
|
|
MODx CMS 2.2.14 - Cross-Site Request Forgery Bypass / Reflected Cross-Site Scripting / Persistent Cr
|
20 |
WEB
|
Narendra Bhati
|
|
2010-12-28
|
|
Coppermine Photo Gallery 1.5.10 - 'searchnew.php' Cross-Site Scripting
|
17 |
WEB
|
waraxe
|
|
2010-12-28
|
|
Coppermine Photo Gallery 1.5.10 - 'help.php' Cross-Site Scripting
|
21 |
WEB
|
waraxe
|
|
2010-12-26
|
|
CruxCMS 3.0 - Multiple Input Validation Vulnerabilities
|
21 |
WEB
|
ToXiC
|
|
2014-11-03
|
|
Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Remote Code Execution)
|
24 |
WEB
|
Stefan Horst
|
|
2010-12-27
|
|
LiveZilla 3.2.0.2 - 'Track' Module 'server.php' Cross-Site Scripting
|
19 |
WEB
|
Ulisses Castro
|
|
2014-11-03
|
|
PHP < 5.6.2 - 'Shellshock' Safe Mode / disable_functions Bypass / Command Injection
|
20 |
WEB
|
Ryan King (Starfall)
|
|
2010-12-27
|
|
Pligg CMS 1.1.3 - 'range' SQL Injection
|
21 |
WEB
|
Dr.NeT
|
|
2010-12-28
|
|
HotWeb Scripts HotWeb Rentals - 'PageId' SQL Injection
|
21 |
WEB
|
non customers
|
|
2010-12-23
|
|
Social Share - 'search' Cross-Site Scripting
|
26 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-12-23
|
|
MyBB 1.6 - 'private.php?keywords' SQL Injection
|
21 |
WEB
|
Aung Khant
|
|
2010-12-23
|
|
MyBB 1.6 - 'search.php?keywords' SQL Injection
|
19 |
WEB
|
Aung Khant
|
|
2014-11-02
|
|
Esotalk CMS 1.0.0g4 - Cross-Site Scripting
|
21 |
WEB
|
evi1m0
|
|
2010-12-10
|
|
Social Share - 'vote.php' HTTP Response Splitting
|
20 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-12-22
|
|
WordPress Plugin Accept Signups 0.1 - 'email' Cross-Site Scripting
|
24 |
WEB
|
clshack
|
|
2010-12-22
|
|
Joomla! Component Classified - SQL Injection
|
23 |
WEB
|
R4dc0re
|
|
2010-12-21
|
|
ImpressCMS 1.2.x - 'quicksearch_ContentContent' HTML Injection
|
20 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-21
|
|
WordPress Plugin Mediatricks Viva Thumbs - Multiple Information Disclosure Vulnerabilities
|
18 |
WEB
|
Richard Brain
|
|
2010-12-21
|
|
Social Share - 'Username' SQL Injection
|
19 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2014-10-31
|
|
Who's Who Script - Cross-Site Request Forgery (Add Admin)
|
21 |
WEB
|
ZoRLu Bugrahan
|
|
2014-10-31
|
|
ZTE Modem ZXDSL 531BIIV7.3.0f_D09_IN - Persistent Cross-Site Scripting
|
18 |
WEB
|
Ravi Rajput
|
|
2014-10-31
|
|
Progress OpenEdge 11.2 - Directory Traversal
|
22 |
WEB
|
XLabs Security
|
|
2010-12-21
|
|
Habari 0.6.5 - Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-21
|
|
OpenFiler - 'device' Cross-Site Scripting
|
25 |
WEB
|
db.pub.mail
|
|
2010-12-21
|
|
FreeNAS 0.7.2.5543 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
db.pub.mail
|
|
2010-12-20
|
|
Mafya Oyun Scrpti - 'profil.php' SQL Injection
|
20 |
WEB
|
DeadLy DeMon
|
|
2010-12-20
|
|
Social Share - 'postid' SQL Injection
|
18 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-12-17
|
|
Social Share - Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-12-17
|
|
Radius Manager 3.6 - Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
Rodrigo Rubira Branco
|
|
2010-12-16
|
|
PHPRS - 'model-kits.php' SQL Injection
|
19 |
WEB
|
KnocKout
|
|
2010-12-15
|
|
Blog:CMS 4.2.1 e - Multiple HTML Injections / Cross-Site Scripting
|
19 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-15
|
|
HP Insight Diagnostics Online Edition 8.4 - 'search.php' Cross-Site Scripting
|
23 |
WEB
|
Richard Brain
|
|
2014-10-29
|
|
MAARCH 1.4 - SQL Injection
|
20 |
WEB
|
Adrien Thierry
|
|
2014-10-29
|
|
MAARCH 1.4 - Arbitrary File Upload
|
20 |
WEB
|
Adrien Thierry
|
|
2010-12-15
|
|
slickMsg - Cross-Site Scripting / HTML Injection
|
22 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-12-14
|
|
BlogCFC 5.9.6.001 - Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
Richard Brain
|
|
2010-12-13
|
|
PHP TopSites 2.1 - '/rate.php' Cross-Site Scripting / SQL Injection
|
24 |
WEB
|
c0de Hunters
|
|
2010-12-12
|
|
MyBB 1.4.10 - 'tags.php' Cross-Site Scripting
|
19 |
WEB
|
TEAMELITE
|
|
2010-12-13
|
|
Mura CMS - Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
Richard Brain
|
|
2010-12-11
|
|
Cetera eCommerce - 'banner.php' Cross-Site Scripting
|
17 |
WEB
|
MustLive
|
|
2014-10-28
|
|
Tapatalk for vBulletin 4.x - Blind SQL Injection
|
21 |
WEB
|
tintinweb
|
|
2014-10-28
|
|
Enalean Tuleap 7.4.99.5 - Remote Command Execution
|
21 |
WEB
|
Portcullis
|
|
2014-10-28
|
|
Enalean Tuleap 7.2 - XML External Entity File Disclosure
|
20 |
WEB
|
Portcullis
|
|
2014-10-28
|
|
Enalean Tuleap 7.4.99.5 - Blind SQL Injection
|
24 |
WEB
|
Portcullis
|
|
2010-12-13
|
|
Joomla! Component com_redirect 1.5.19 - Local File Inclusion
|
20 |
WEB
|
jos_ali_joe
|
|
2010-12-10
|
|
Joomla! Component com_mailto - Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
MustLive
|
|
2010-12-10
|
|
slickMsg 0.7-alpha - 'top.php' Cross-Site Scripting
|
23 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-12-10
|
|
BizDir 05.10 - 'f_srch' Cross-Site Scripting
|
20 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-12-10
|
|
ManageEngine EventLog Analyzer 6.1 - Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
Rob Kraus
|
|
2010-12-10
|
|
Joomla! Component JExtensions Property Finder - 'sf_id' SQL Injection
|
21 |
WEB
|
FL0RiX
|
|
2010-12-09
|
|
Joomla! Component Jeformcr - 'id' SQL Injection
|
21 |
WEB
|
FL0RiX
|
|
2010-12-09
|
|
PHP State - 'id' SQL Injection
|
24 |
WEB
|
jos_ali_joe
|
|
2010-12-09
|
|
net2ftp 0.98 (stable) - '/admin1.template.php' Local/Remote File Inclusion
|
21 |
WEB
|
Marcin Ressel
|
|
2010-12-09
|
|
WWWThread 5.0.8 Pro - 'showflat.pl' Cross-Site Scripting
|
22 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-12-07
|
|
WordPress Plugin Twitter Feed - 'url' Cross-Site Scripting
|
27 |
WEB
|
John Leitch
|
|
2014-10-27
|
|
Folder Plus 2.5.1 iOS - Persistent Cross-Site Scripting
|
25 |
WEB
|
Vulnerability-Lab
|
|
2014-10-27
|
|
WebDisk+ 2.1 iOS - Code Execution
|
25 |
WEB
|
Vulnerability-Lab
|
|
2014-10-27
|
|
Incredible PBX 2.0.6.5.0 - Remote Command Execution
|
20 |
WEB
|
Simo Ben Youssef
|
|
2014-10-27
|
|
Mulesoft ESB Runtime 3.5.1 - Privilege Escalation
|
20 |
WEB
|
Brandon Perry
|
|
2014-10-27
|
|
HP Operations Agent - Cross-Site Scripting iFrame Injection
|
21 |
WEB
|
Matt Schmidt
|
|
2014-10-27
|
|
CBN CH6640E/CG6640E Wireless Gateway Series - Multiple Vulnerabilities
|
19 |
WEB
|
LiquidWorm
|
|
2014-10-27
|
|
WordPress Plugin CP Multi View Event Calendar 1.01 - SQL Injection
|
20 |
WEB
|
Claudio Viviani
|
|
2010-12-08
|
|
Drupal Module Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam - Multiple Vulnera
|
24 |
WEB
|
Justin Klein Keane
|
|
2010-12-08
|
|
WordPress Plugin Safe Search - 'v1' Cross-Site Scripting
|
21 |
WEB
|
John Leitch
|
|
2010-12-08
|
|
WordPress Plugin Processing Embed 0.5 - 'pluginurl' Cross-Site Scripting
|
24 |
WEB
|
John Leitch
|
|
2010-12-07
|
|
SolarWinds Orion Network Performance Monitor (NPM) 10.1 - Multiple Cross-Site Scripting Vulnerabilit
|
26 |
WEB
|
x0skel
|
|
2010-12-07
|
|
Zimplit CMS - 'English_manual_version_2.php?client' Cross-Site Scripting
|
23 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-07
|
|
Zimplit CMS - 'zimplit.php?File' Cross-Site Scripting
|
26 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-07
|
|
Aigaion 1.3.4 - 'ID' SQL Injection
|
20 |
WEB
|
KnocKout
|
|
2014-10-25
|
|
WordPress Plugin 0.9.7 / Joomla! Component 2.0.0 Creative Contact Form - Arbitrary File Upload
|
21 |
WEB
|
Claudio Viviani
|
|
2014-10-25
|
|
Dell EqualLogic Storage - Directory Traversal
|
20 |
WEB
|
XLabs Security
|
|
2014-10-25
|
|
Magento Server MAGMI Plugin 0.7.17a - Remote File Inclusion
|
24 |
WEB
|
Parvinder Bhasin
|
|
2010-12-06
|
|
Alguest 1.1 - 'start' SQL Injection
|
27 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-12-04
|
|
Techno Dreams FAQ Manager Package 1.0 - 'faqlist.asp' SQL Injection
|
23 |
WEB
|
R4dc0re
|
|
2010-12-04
|
|
Techno Dreams Articles & Papers Package 2.0 - 'ArticlesTablelist.asp' SQL Injection
|
22 |
WEB
|
R4dc0re
|
|
2014-10-23
|
|
Dell SonicWALL Gms 7.2.x - Code Injection
|
24 |
WEB
|
Vulnerability-Lab
|
|
2014-10-23
|
|
Axway Secure Transport 5.1 SP2 - Arbitrary File Upload (via Cross-Site Request Forgery)
|
22 |
WEB
|
Emmanuel Law
|
|
2010-12-03
|
|
DotNetNuke 5.5.1 - 'InstallWizard.aspx' Cross-Site Scripting
|
21 |
WEB
|
Richard Brain
|
|
2010-12-03
|
|
Alguest 1.1 - Multiple Cookie Authentication Bypass Vulnerabilities
|
20 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-12-02
|
|
Contenido CMS 4.8.12 - Multiple Cross-Site Scripting Vulnerabilities
|
20 |
WEB
|
High-Tech Bridge SA
|
|
2014-10-23
|
|
Feng Office 1.7.4 - Cross-Site Scripting
|
21 |
WEB
|
AutoSec Tools
|
|
2014-10-23
|
|
Feng Office 1.7.4 - Arbitrary File Upload
|
19 |
WEB
|
AutoSec Tools
|
|
2014-10-22
|
|
DotNetNuke DNNspot Store 3.0.0 - Arbitrary File Upload (Metasploit)
|
23 |
WEB
|
Glafkos Charalambous
|
|
2014-10-22
|
|
File Manager 4.2.10 iOS - Code Execution
|
23 |
WEB
|
Vulnerability-Lab
|
|
2014-10-22
|
|
iFunBox Free 1.1 iOS - Local File Inclusion
|
20 |
WEB
|
Vulnerability-Lab
|
|
2010-12-02
|
|
Joomla! Component Annuaire - 'index.php?id' SQL Injection
|
21 |
WEB
|
Ashiyane Digital Security Team
|
|
2010-11-30
|
|
AWStats 6.x - Apache Tomcat Configuration File Arbitrary Command Execution
|
23 |
WEB
|
StenoPlasma
|
|
2010-11-30
|
|
BugTracker.NET 3.4.4 - SQL Injection / Cross-Site Scripting
|
21 |
WEB
|
BugTracker.NET
|
|
2010-11-26
|
|
SmartBox - 'page_id' SQL Injection
|
17 |
WEB
|
KnocKout
|
|
2010-11-26
|
|
E-lokaler CMS 2 - Admin Login Multiple SQL Injections
|
21 |
WEB
|
ali_err0r
|
|
2010-11-30
|
|
Joomla! Component com_storedirectory - 'id' SQL Injection
|
19 |
WEB
|
XroGuE
|
|
2010-11-29
|
|
Car Portal 2.0 - 'car_make' Cross-Site Scripting
|
22 |
WEB
|
Underground Stockholm
|
|
2010-11-30
|
|
Joomla! Component Catalogue - SQL Injection / Local File Inclusion
|
26 |
WEB
|
XroGuE
|
|
2010-11-29
|
|
Wernhart Guestbook 2001.03.28 - Multiple SQL Injections
|
22 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-11-29
|
|
4homepages 4Images 1.7.x - 'categories.php' SQL Injection
|
20 |
WEB
|
Ahmed Atif
|
|
2010-11-26
|
|
Easy Banner 2009.05.18 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
24 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-11-26
|
|
Easy Banner 2009.05.18 - '/member.php' Multiple SQL Injection / Authentication Bypass
|
22 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-11-24
|
|
SimpLISTic SQL 2.0 - 'email.cgi' Cross-Site Scripting
|
23 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-11-23
|
|
ZYXEL P-660R-T1 V2 - 'HomeCurrent_Date' Cross-Site Scripting
|
21 |
WEB
|
Usman Saeed
|
|
2010-11-22
|
|
Hot Links SQL 3.2 - 'report.cgi' SQL Injection
|
22 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-11-18
|
|
CompactCMS 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities (1)
|
21 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-16
|
|
Raised Eyebrow CMS - 'venue.php' SQL Injection
|
20 |
WEB
|
Cru3l.b0y
|
|
2010-11-16
|
|
Simea CMS - 'index.php' SQL Injection
|
22 |
WEB
|
Cru3l.b0y
|
|
2010-11-13
|
|
OpenWrt 10.03 - Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
dave b
|
|
2014-10-17
|
|
Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (PoC) (Reset Password) (2)
|
21 |
WEB
|
Dustin Dörr
|
|
2014-10-17
|
|
Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Add Admin User)
|
25 |
WEB
|
Claudio Viviani
|
|
2010-11-09
|
|
Ricoh Web Image Monitor 2.03 - Cross-Site Scripting
|
21 |
WEB
|
thelightcosine
|
|
2010-11-10
|
|
WeBid 0.85P1 - Multiple Input Validation Vulnerabilities
|
31 |
WEB
|
John Leitch
|
|
2010-11-10
|
|
PHPShop 2.1 EE - 'name_new' Cross-Site Scripting
|
22 |
WEB
|
MustLive
|
|
2014-10-16
|
|
Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (PoC) (Reset Password) (1)
|
25 |
WEB
|
stopstene
|
|
2014-10-15
|
|
Indeed Job Search 2.5 iOS API - Multiple Vulnerabilities
|
21 |
WEB
|
Vulnerability-Lab
|
|
2010-11-08
|
|
WordPress Plugin jRSS Widget 1.1.1 - 'url' Information Disclosure
|
15 |
WEB
|
John Leitch
|
|
2010-11-08
|
|
WordPress Plugin Vodpod Video Gallery 3.1.5 - 'vodpod_gallery_thumbs.php' Cross-Site Scripting
|
22 |
WEB
|
John Leitch
|
|
2010-11-08
|
|
WordPress Plugin SEO Tools 3.0 - 'file' Directory Traversal
|
22 |
WEB
|
John Leitch
|
|
2010-11-08
|
|
WordPress Plugin WP Survey And Quiz Tool 1.2.1 - Cross-Site Scripting
|
21 |
WEB
|
John Leitch
|
|
2010-11-08
|
|
WordPress Plugin FeedList 2.61.01 - 'handler_image.php' Cross-Site Scripting
|
19 |
WEB
|
John Leitch
|
|
2010-11-05
|
|
Joomla! Component AutoArticles 3000 - SQL Injection
|
22 |
WEB
|
jos_ali_joe
|
|
2010-11-05
|
|
Angel Learning Management System 7.3 - 'pdaview.asp' Cross-Site Scripting
|
20 |
WEB
|
Wesley Kerfoot
|
|
2014-10-14
|
|
SEO Control Panel 3.6.0 - (Authenticated) SQL Injection
|
21 |
WEB
|
Tiago Carvalho
|
|
2014-10-14
|
|
Tenda A32 Router - Cross-Site Request Forgery
|
19 |
WEB
|
zixian
|
|
2014-10-14
|
|
YourMembers Plugin - Blind SQL Injection
|
22 |
WEB
|
TranDinhTien
|
|
2014-10-14
|
|
Change CMS 3.6.8 - Multiple Cross-Site Request Forgery Vulnerabilities
|
23 |
WEB
|
Krusty Hack
|
|
2014-10-14
|
|
Croogo 2.0.0 - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
LiquidWorm
|
|
2014-10-14
|
|
Croogo 2.0.0 - Arbitrary PHP Code Execution
|
20 |
WEB
|
LiquidWorm
|
