|
2010-12-08
|
|
Drupal Module Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam - Multiple Vulnera
|
9 |
WEB
|
Justin Klein Keane
|
|
2010-12-08
|
|
WordPress Plugin Safe Search - 'v1' Cross-Site Scripting
|
9 |
WEB
|
John Leitch
|
|
2010-12-08
|
|
WordPress Plugin Processing Embed 0.5 - 'pluginurl' Cross-Site Scripting
|
9 |
WEB
|
John Leitch
|
|
2010-12-07
|
|
SolarWinds Orion Network Performance Monitor (NPM) 10.1 - Multiple Cross-Site Scripting Vulnerabilit
|
8 |
WEB
|
x0skel
|
|
2010-12-07
|
|
Zimplit CMS - 'English_manual_version_2.php?client' Cross-Site Scripting
|
9 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-07
|
|
Zimplit CMS - 'zimplit.php?File' Cross-Site Scripting
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-07
|
|
Aigaion 1.3.4 - 'ID' SQL Injection
|
8 |
WEB
|
KnocKout
|
|
2014-10-25
|
|
WordPress Plugin 0.9.7 / Joomla! Component 2.0.0 Creative Contact Form - Arbitrary File Upload
|
9 |
WEB
|
Claudio Viviani
|
|
2014-10-25
|
|
Dell EqualLogic Storage - Directory Traversal
|
9 |
WEB
|
XLabs Security
|
|
2014-10-25
|
|
Magento Server MAGMI Plugin 0.7.17a - Remote File Inclusion
|
9 |
WEB
|
Parvinder Bhasin
|
|
2010-12-06
|
|
Alguest 1.1 - 'start' SQL Injection
|
10 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-12-04
|
|
Techno Dreams FAQ Manager Package 1.0 - 'faqlist.asp' SQL Injection
|
8 |
WEB
|
R4dc0re
|
|
2010-12-04
|
|
Techno Dreams Articles & Papers Package 2.0 - 'ArticlesTablelist.asp' SQL Injection
|
7 |
WEB
|
R4dc0re
|
|
2014-10-23
|
|
Dell SonicWALL Gms 7.2.x - Code Injection
|
8 |
WEB
|
Vulnerability-Lab
|
|
2014-10-23
|
|
Axway Secure Transport 5.1 SP2 - Arbitrary File Upload (via Cross-Site Request Forgery)
|
8 |
WEB
|
Emmanuel Law
|
|
2010-12-03
|
|
DotNetNuke 5.5.1 - 'InstallWizard.aspx' Cross-Site Scripting
|
8 |
WEB
|
Richard Brain
|
|
2010-12-03
|
|
Alguest 1.1 - Multiple Cookie Authentication Bypass Vulnerabilities
|
8 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-12-02
|
|
Contenido CMS 4.8.12 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
High-Tech Bridge SA
|
|
2014-10-23
|
|
Feng Office 1.7.4 - Cross-Site Scripting
|
7 |
WEB
|
AutoSec Tools
|
|
2014-10-23
|
|
Feng Office 1.7.4 - Arbitrary File Upload
|
7 |
WEB
|
AutoSec Tools
|
|
2014-10-22
|
|
DotNetNuke DNNspot Store 3.0.0 - Arbitrary File Upload (Metasploit)
|
8 |
WEB
|
Glafkos Charalambous
|
|
2014-10-22
|
|
File Manager 4.2.10 iOS - Code Execution
|
7 |
WEB
|
Vulnerability-Lab
|
|
2014-10-22
|
|
iFunBox Free 1.1 iOS - Local File Inclusion
|
7 |
WEB
|
Vulnerability-Lab
|
|
2010-12-02
|
|
Joomla! Component Annuaire - 'index.php?id' SQL Injection
|
8 |
WEB
|
Ashiyane Digital Security Team
|
|
2010-11-30
|
|
AWStats 6.x - Apache Tomcat Configuration File Arbitrary Command Execution
|
7 |
WEB
|
StenoPlasma
|
|
2010-11-30
|
|
BugTracker.NET 3.4.4 - SQL Injection / Cross-Site Scripting
|
8 |
WEB
|
BugTracker.NET
|
|
2010-11-26
|
|
SmartBox - 'page_id' SQL Injection
|
6 |
WEB
|
KnocKout
|
|
2010-11-26
|
|
E-lokaler CMS 2 - Admin Login Multiple SQL Injections
|
8 |
WEB
|
ali_err0r
|
|
2010-11-30
|
|
Joomla! Component com_storedirectory - 'id' SQL Injection
|
7 |
WEB
|
XroGuE
|
|
2010-11-29
|
|
Car Portal 2.0 - 'car_make' Cross-Site Scripting
|
8 |
WEB
|
Underground Stockholm
|
|
2010-11-30
|
|
Joomla! Component Catalogue - SQL Injection / Local File Inclusion
|
7 |
WEB
|
XroGuE
|
|
2010-11-29
|
|
Wernhart Guestbook 2001.03.28 - Multiple SQL Injections
|
7 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-11-29
|
|
4homepages 4Images 1.7.x - 'categories.php' SQL Injection
|
7 |
WEB
|
Ahmed Atif
|
|
2010-11-26
|
|
Easy Banner 2009.05.18 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-11-26
|
|
Easy Banner 2009.05.18 - '/member.php' Multiple SQL Injection / Authentication Bypass
|
9 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-11-24
|
|
SimpLISTic SQL 2.0 - 'email.cgi' Cross-Site Scripting
|
9 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-11-23
|
|
ZYXEL P-660R-T1 V2 - 'HomeCurrent_Date' Cross-Site Scripting
|
8 |
WEB
|
Usman Saeed
|
|
2010-11-22
|
|
Hot Links SQL 3.2 - 'report.cgi' SQL Injection
|
9 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-11-18
|
|
CompactCMS 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities (1)
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-16
|
|
Raised Eyebrow CMS - 'venue.php' SQL Injection
|
8 |
WEB
|
Cru3l.b0y
|
|
2010-11-16
|
|
Simea CMS - 'index.php' SQL Injection
|
8 |
WEB
|
Cru3l.b0y
|
|
2010-11-13
|
|
OpenWrt 10.03 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
dave b
|
|
2014-10-17
|
|
Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (PoC) (Reset Password) (2)
|
8 |
WEB
|
Dustin Dörr
|
|
2014-10-17
|
|
Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Add Admin User)
|
8 |
WEB
|
Claudio Viviani
|
|
2010-11-09
|
|
Ricoh Web Image Monitor 2.03 - Cross-Site Scripting
|
8 |
WEB
|
thelightcosine
|
|
2010-11-10
|
|
WeBid 0.85P1 - Multiple Input Validation Vulnerabilities
|
9 |
WEB
|
John Leitch
|
|
2010-11-10
|
|
PHPShop 2.1 EE - 'name_new' Cross-Site Scripting
|
7 |
WEB
|
MustLive
|
|
2014-10-16
|
|
Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (PoC) (Reset Password) (1)
|
8 |
WEB
|
stopstene
|
|
2014-10-15
|
|
Indeed Job Search 2.5 iOS API - Multiple Vulnerabilities
|
9 |
WEB
|
Vulnerability-Lab
|
|
2010-11-08
|
|
WordPress Plugin jRSS Widget 1.1.1 - 'url' Information Disclosure
|
7 |
WEB
|
John Leitch
|
|
2010-11-08
|
|
WordPress Plugin Vodpod Video Gallery 3.1.5 - 'vodpod_gallery_thumbs.php' Cross-Site Scripting
|
7 |
WEB
|
John Leitch
|
|
2010-11-08
|
|
WordPress Plugin SEO Tools 3.0 - 'file' Directory Traversal
|
7 |
WEB
|
John Leitch
|
|
2010-11-08
|
|
WordPress Plugin WP Survey And Quiz Tool 1.2.1 - Cross-Site Scripting
|
7 |
WEB
|
John Leitch
|
|
2010-11-08
|
|
WordPress Plugin FeedList 2.61.01 - 'handler_image.php' Cross-Site Scripting
|
7 |
WEB
|
John Leitch
|
|
2010-11-05
|
|
Joomla! Component AutoArticles 3000 - SQL Injection
|
7 |
WEB
|
jos_ali_joe
|
|
2010-11-05
|
|
Angel Learning Management System 7.3 - 'pdaview.asp' Cross-Site Scripting
|
7 |
WEB
|
Wesley Kerfoot
|
|
2014-10-14
|
|
SEO Control Panel 3.6.0 - (Authenticated) SQL Injection
|
7 |
WEB
|
Tiago Carvalho
|
|
2014-10-14
|
|
Tenda A32 Router - Cross-Site Request Forgery
|
7 |
WEB
|
zixian
|
|
2014-10-14
|
|
YourMembers Plugin - Blind SQL Injection
|
7 |
WEB
|
TranDinhTien
|
|
2014-10-14
|
|
Change CMS 3.6.8 - Multiple Cross-Site Request Forgery Vulnerabilities
|
6 |
WEB
|
Krusty Hack
|
|
2014-10-14
|
|
Croogo 2.0.0 - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
6 |
WEB
|
LiquidWorm
|
|
2014-10-14
|
|
Croogo 2.0.0 - Arbitrary PHP Code Execution
|
6 |
WEB
|
LiquidWorm
|
|
2014-10-14
|
|
PayPal Inc BB #85 MB iOS 4.6 - Authentication Bypass
|
6 |
WEB
|
Vulnerability-Lab
|
|
2014-10-14
|
|
Bosch Security Systems DVR 630/650/670 Series - Multiple Vulnerabilities
|
6 |
WEB
|
dun
|
|
2010-11-05
|
|
Joomla! 1.5.x - SQL Error Information Disclosure
|
6 |
WEB
|
YGN Ethical Hacker Group
|
|
2010-11-02
|
|
Online Work Order Suite - Login SQL Injection
|
6 |
WEB
|
VSN
|
|
2010-11-01
|
|
Douran Portal 3.9.7.55 - Arbitrary File Upload / Cross-Site Scripting
|
6 |
WEB
|
ITSecTeam
|
|
2010-10-30
|
|
CMS WebManager-Pro 7.4.3 - Cross-Site Scripting / SQL Injection
|
6 |
WEB
|
MustLive
|
|
2010-11-01
|
|
WordPress Plugin cformsII 11.5/13.1 - 'lib_ajax.php' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Wagner Elias
|
|
2010-11-01
|
|
SmartOptimizer - Null Character Remote Information Disclosure
|
7 |
WEB
|
Francois Harvey
|
|
2010-11-01
|
|
Elastix 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
dave b
|
|
2009-05-25
|
|
Intergo Arcade Trade Script 1.0 - 'q' Cross-Site Scripting
|
7 |
WEB
|
SmOk3
|
|
2009-05-29
|
|
212Cafe WebBoard 2.90 Beta - 'view.php' Directory Traversal
|
7 |
WEB
|
MrDoug
|
|
2010-10-27
|
|
W-Agora 4.1.5 - Local File Inclusion / Cross-Site Scripting
|
7 |
WEB
|
MustLive
|
|
2010-10-28
|
|
Feindura CMS Groupware - Multiple Local File Inclusion / Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Justanotherhacker.com
|
|
2009-06-03
|
|
i-Gallery 3.4/4.1 - 'streamfile.asp' Multiple Directory Traversal Vulnerabilities
|
7 |
WEB
|
Stefano Angaran
|
|
2010-10-27
|
|
LES PACKS - 'ID' SQL Injection
|
7 |
WEB
|
Cru3l.b0y
|
|
2010-10-27
|
|
Joomla! Component Projects 'com_projects' - SQL Injection / Local File Inclusion
|
7 |
WEB
|
jos_ali_joe
|
|
2009-06-03
|
|
Flatnux 2009-03-27 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
intern0t
|
|
2009-06-03
|
|
Sitecore CMS 6.0.0 rev. 090120 - 'default.aspx' Cross-Site Scripting
|
7 |
WEB
|
intern0t
|
|
2014-10-09
|
|
Nessus Web UI 2.3.3 - Persistent Cross-Site Scripting
|
8 |
WEB
|
Frank Lycops
|
|
2014-10-09
|
|
DrayTek VigorACS SI 1.3.0 - Multiple Vulnerabilities
|
9 |
WEB
|
Digital Misfits
|
|
2014-10-09
|
|
BMC Track-It! - Multiple Vulnerabilities
|
8 |
WEB
|
Pedro Ribeiro
|
|
2014-10-08
|
|
WordPress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload
|
8 |
WEB
|
Gianni Angelozzi
|
|
2014-10-07
|
|
HttpCombiner ASP.NET - Remote File Disclosure
|
6 |
WEB
|
Le Ngoc Son
|
|
2009-07-16
|
|
Skybluecanvas 1.1 r237 - 'admin.php' Directory Traversal
|
8 |
WEB
|
MaXe
|
|
2014-10-06
|
|
Ultra Electronics 7.2.0.19/7.4.0.7 - Multiple Vulnerabilities
|
8 |
WEB
|
OSI Security
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/webseal?method' Cross-Site Scripting
|
8 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/user?method' Cross-Site Scripting
|
8 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/rule?method' Cross-Site Scripting
|
7 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/pop?method' Cross-Site Scripting
|
8 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/os?method' Cross-Site Scripting
|
7 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/gsogroup?method' Cross-Site Scripting
|
8 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/gso?method' Cross-Site Scripting
|
7 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/group?method' Cross-Site Scripting
|
7 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/domain?method' Cross-Site Scripting
|
9 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/acl?method' Cross-Site Scripting
|
9 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ivt/ivtserver?parm1' Cross-Site Scripting
|
8 |
WEB
|
IBM
|
|
2010-10-22
|
|
W-Agora 4.2.1 - 'search.php?bn' Cross-Site Scripting
|
8 |
WEB
|
MustLive
|
|
2010-10-22
|
|
W-Agora 4.2.1 - 'search.php3?bn' Traversal Local File Inclusion
|
9 |
WEB
|
MustLive
|
|
2009-08-24
|
|
Radvision Scopia - '/entry/index.jsp' Cross-Site Scripting
|
8 |
WEB
|
Francesco Bianchino
|
|
2009-08-20
|
|
PHP Scripts Now Riddles - '/riddles/list.php?catid' SQL Injection
|
8 |
WEB
|
Moudi
|
|
2009-08-20
|
|
PHP Scripts Now Riddles - '/riddles/results.php?searchQuery' Cross-Site Scripting
|
8 |
WEB
|
Moudi
|
|
2014-10-06
|
|
Bash CGI - 'Shellshock' Remote Command Injection (Metasploit)
|
9 |
WEB
|
Fady Mohammed Osman
|
|
2009-07-20
|
|
PHP Scripts Now (Multiple Products) - 'bios.php?rank' SQL Injection
|
9 |
WEB
|
599eme Man
|
|
2009-07-20
|
|
PHP Scripts Now (Multiple Products) - 'bios.php?rank' Cross-Site Scripting
|
10 |
WEB
|
599eme Man
|
|
2010-10-21
|
|
pecio CMS 2.0.5 - 'target' Cross-Site Scripting
|
8 |
WEB
|
Antu Sanadi
|
|
2010-10-21
|
|
Micro CMS 1.0 - 'name' HTML Injection (2)
|
9 |
WEB
|
SecPod Research
|
|
2010-10-21
|
|
Wiccle Web Builder 2.0 - Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Veerendra G.G
|
|
2009-08-19
|
|
UloKI PHP Forum 2.1 - 'search.php' Cross-Site Scripting
|
8 |
WEB
|
Moudi
|
|
2009-08-26
|
|
JCE-Tech PHP Video Script - 'index.php' Cross-Site Scripting
|
9 |
WEB
|
Moudi
|
|
2009-08-26
|
|
Auction RSS Content Script - 'search.php?id' Cross-Site Scripting
|
8 |
WEB
|
Moudi
|
|
2009-08-26
|
|
Auction RSS Content Script - 'rss.php?id' Cross-Site Scripting
|
7 |
WEB
|
Moudi
|
|
2009-08-26
|
|
JCE-Tech SearchFeed Script - 'index.php' Cross-Site Scripting
|
8 |
WEB
|
Moudi
|
|
2010-10-19
|
|
4Site CMS 2.6 - 'cat' SQL Injection
|
9 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-19
|
|
sNews 1.7 - 'snews.php' Cross-Site Scripting / HTML Injection
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2009-08-27
|
|
StandAloneArcade 1.1 - 'gamelist.php' Cross-Site Scripting
|
8 |
WEB
|
Moudi
|
|
2009-08-26
|
|
DigiOz Guestbook 1.7.2 - 'search.php' Cross-Site Scripting
|
8 |
WEB
|
Moudi
|
|
2009-08-27
|
|
E-Gold Game Series: Pirates of The Caribbean - Multiple SQL Injections
|
9 |
WEB
|
Moudi
|
|
2009-08-28
|
|
QuarkMail - 'tf' Directory Traversal
|
8 |
WEB
|
Securitylab.ir
|
|
2009-10-15
|
|
Skybluecanvas 1.1 r237 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
MaXe
|
|
2009-08-27
|
|
Wap-motor - 'image' Directory Traversal
|
7 |
WEB
|
Inj3ct0r
|
|
2009-07-15
|
|
eCardMAX FormXP - 'survey_result.php' Cross-Site Scripting
|
8 |
WEB
|
Moudi
|
|
2014-10-02
|
|
Moab < 7.2.9 - Authentication Bypass
|
6 |
WEB
|
MWR InfoSecurity
|
|
2014-10-02
|
|
Epicor Enterprise 7.4 - Multiple Vulnerabilities
|
7 |
WEB
|
Fara Rustein
|
