|
2010-07-11
|
|
CMS Made Simple 1.8 - 'default_cms_lang' Local File Inclusion
|
8 |
WEB
|
John Leitch
|
|
2010-07-11
|
|
CMS Made Simple Module Download Manager 1.4.1 - Arbitrary File Upload
|
8 |
WEB
|
John Leitch
|
|
2010-07-11
|
|
CSSTidy 1.3 - 'css_optimiser.php' Cross-Site Scripting
|
9 |
WEB
|
John Leitch
|
|
2010-07-11
|
|
RunCMS 2.1 - 'magpie_debug.php' Cross-Site Scripting
|
11 |
WEB
|
John Leitch
|
|
2010-07-09
|
|
WordPress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
Jelmer de Hen
|
|
2010-07-12
|
|
dotDefender 4.02 - 'clave' Cross-Site Scripting
|
9 |
WEB
|
David K
|
|
2010-07-10
|
|
eliteCMS 1.01 - Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
10n1z3d
|
|
2010-07-10
|
|
Joomla! Component Rapid-Recipe - HTML Injection
|
10 |
WEB
|
Sid3^effects
|
|
2010-07-11
|
|
Mac's CMS 1.1.4 - 'SearchString' Cross-Site Scripting
|
9 |
WEB
|
10n1z3d
|
|
2009-12-21
|
|
Web Cocoon simpleCMS - 'show.php' SQL Injection
|
9 |
WEB
|
anonymous
|
|
2009-12-22
|
|
pragmaMX 0.1.11 - 'modules.php' Multiple SQL Injections
|
9 |
WEB
|
Hadi Kiamarsi
|
|
2010-07-09
|
|
Yappa 3.1.2 - 'yappa.php' Multiple Remote Command Execution Vulnerabilities
|
10 |
WEB
|
Sn!pEr.S!Te Hacker
|
|
2010-07-09
|
|
SimpNews 2.47.3 - Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
MustLive
|
|
2010-12-13
|
|
Articlems 2.0 - 'c[]' Cross-Site Scripting
|
10 |
WEB
|
Packetdeath
|
|
2010-07-08
|
|
osCSS 1.2.2 - 'page' Cross-Site Scripting
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2009-12-13
|
|
Model Agency Manager - 'search_process.php' Cross-Site Scripting
|
8 |
WEB
|
bi0
|
|
2010-07-09
|
|
Real Estate Manager 1.0.1 - 'index.php' Cross-Site Scripting
|
9 |
WEB
|
bi0
|
|
2010-07-04
|
|
phpFaber CMS 2.0.5 - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
prodigy
|
|
2014-08-06
|
|
Feng Office - Persistent Cross-Site Scripting
|
9 |
WEB
|
Juan Sacco
|
|
2014-08-06
|
|
Pro Chat Rooms 8.2.0 - Multiple Vulnerabilities
|
10 |
WEB
|
Mike Manzotti
|
|
2014-08-06
|
|
HybridAuth 2.2.2 - Remote Code Execution
|
7 |
WEB
|
@u0x
|
|
2010-07-07
|
|
Worxware DCP-Portal 7.0 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Andrei Rimsa Alvares
|
|
2010-07-07
|
|
RunCMS 2.1 - 'check.php' Cross-Site Scripting
|
9 |
WEB
|
Andrei Rimsa Alvares
|
|
2010-07-07
|
|
Exponent CMS 0.97 - 'Slideshow.js.php' Cross-Site Scripting
|
9 |
WEB
|
Andrei Rimsa Alvares
|
|
2014-08-04
|
|
FreeDisk 1.01 iOS - Multiple Vulnerabilities
|
12 |
WEB
|
Vulnerability-Lab
|
|
2014-08-04
|
|
Video WiFi Transfer 1.01 - Directory Traversal
|
11 |
WEB
|
Vulnerability-Lab
|
|
2010-07-05
|
|
odCMS 1.07 - 'archive.php' Cross-Site Scripting
|
11 |
WEB
|
John Leitch
|
|
2010-07-05
|
|
Bitweaver 2.7 - 'fImg' Cross-Site Scripting
|
9 |
WEB
|
John Leitch
|
|
2010-07-05
|
|
NewsOffice 2.0.18 - 'news_show.php' Cross-Site Scripting
|
12 |
WEB
|
John Leitch
|
|
2010-07-06
|
|
NTSOFT BBS E-Market Professional - Multiple Cross-Site Scripting Vulnerabilities (2)
|
9 |
WEB
|
Ivan Sanchez
|
|
2010-07-05
|
|
SocialABC NetworX 1.0.3 - Arbitrary File Upload / Cross-Site Scripting
|
9 |
WEB
|
John Leitch
|
|
2010-07-03
|
|
cPanel 11.25 - Cross-Site Request Forgery
|
12 |
WEB
|
G0D-F4Th3r
|
|
2014-08-03
|
|
TP-Link TL-WR740N v4 Router (FW-Ver. 3.16.6 Build 130529 Rel.47286n) - Command Execution
|
11 |
WEB
|
Christoph Kuhl
|
|
2010-07-05
|
|
Orbis CMS 1.0.2 - 'editor-body.php' Cross-Site Scripting
|
11 |
WEB
|
John Leitch
|
|
2010-07-06
|
|
i-Net Solution Matrimonial Script 2.0.3 - 'alert.php' Cross-Site Scripting
|
9 |
WEB
|
Andrea Bocchetti
|
|
2010-07-05
|
|
Joomla! Component Canteen 1.0 - Local File Inclusion
|
11 |
WEB
|
Drosophila
|
|
2009-12-25
|
|
AL-Caricatier 2.5 - 'comment.php' Cross-Site Scripting
|
12 |
WEB
|
indoushka
|
|
2014-08-02
|
|
ArticleFR 11.06.2014 - 'data.php' Privilege Escalation
|
13 |
WEB
|
High-Tech Bridge SA
|
|
2014-08-02
|
|
Photo WiFi Transfer 1.01 - Directory Traversal
|
11 |
WEB
|
Vulnerability-Lab
|
|
2014-08-02
|
|
ISPConfig 3.0.54p1 - (Authenticated) Admin Privilege Escalation
|
10 |
WEB
|
mra
|
|
2014-08-02
|
|
TigerCom iFolder+ 1.2 iOS - Multiple Vulnerabilities
|
10 |
WEB
|
Vulnerability-Lab
|
|
2014-08-02
|
|
Status2k Server Monitoring Software - Multiple Vulnerabilities
|
10 |
WEB
|
Shayan S
|
|
2014-08-02
|
|
Sphider Search Engine - Multiple Vulnerabilities
|
11 |
WEB
|
Shayan S
|
|
2010-07-02
|
|
Xplico 0.5.7 - 'add.ctp' Cross-Site Scripting (2)
|
12 |
WEB
|
Marcos Garcia & Maximiliano Soler
|
|
2010-07-01
|
|
ReCMS - 'users_lang' Directory Traversal
|
11 |
WEB
|
Locu
|
|
2010-07-01
|
|
Wiki Web Help 0.2.7 - Cross-Site Scripting / HTML Injection
|
10 |
WEB
|
John Leitch
|
|
2010-07-01
|
|
Flatnux 2010-06.09 - 'find' Cross-Site Scripting
|
11 |
WEB
|
ITSecTeam
|
|
2010-07-01
|
|
DPScms - 'q' SQL Injection / Cross-Site Scripting
|
12 |
WEB
|
Ariko-Security
|
|
2009-12-30
|
|
LiveZilla 3.1.8.3 - Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
MaXe
|
|
2010-06-29
|
|
ArcademSX 2.904 - 'cat' Cross-Site Scripting
|
9 |
WEB
|
Th3 RDX
|
|
2010-06-30
|
|
System CMS Contentia - 'news.php' SQL Injection
|
8 |
WEB
|
GlaDiaT0R
|
|
2010-06-29
|
|
TornadoStore 1.4.3 - SQL Injection / HTML Injection
|
11 |
WEB
|
Lucas Apa
|
|
2010-06-29
|
|
Kryn.cms 6.0 - Cross-Site Request Forgery / HTML Injection
|
8 |
WEB
|
TurboBorland
|
|
2010-06-29
|
|
Miyabi CGI Tools 1.02 - 'index.pl' Remote Command Execution
|
11 |
WEB
|
Marshall Whittaker
|
|
2010-06-29
|
|
Grafik CMS - '/admin.php' SQL Injection / Cross-Site Scripting
|
11 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-29
|
|
Iatek PortalApp 3.3/4.0 - 'login.asp' Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-29
|
|
CANDID - '/image/view.php?image_id' Cross-Site Scripting
|
10 |
WEB
|
L0rd CrusAd3r
|
|
2010-06-29
|
|
CANDID - '/image/view.php?image_id' SQL Injection
|
11 |
WEB
|
L0rd CrusAd3r
|
|
2010-06-28
|
|
V-EVA Classified Script 5.1 - 'classified_img.php' SQL Injection
|
10 |
WEB
|
Sid3^effects
|
|
2010-06-28
|
|
Clix'N'Cash Clone 2010 - 'index.php' SQL Injection
|
11 |
WEB
|
L0rd CrusAd3r
|
|
2010-06-28
|
|
eBay Clone Script 2010 - 'showcategory.php' SQL Injection
|
11 |
WEB
|
L0rd CrusAd3r
|
|
2010-06-28
|
|
MySpace Clone 2010 - SQL Injection / Cross-Site Scripting
|
10 |
WEB
|
L0rd CrusAd3r
|
|
2010-06-29
|
|
PHP Bible Search - 'bible.php?chapter' Cross-Site Scripting
|
11 |
WEB
|
L0rd CrusAd3r
|
|
2010-06-29
|
|
PHP Bible Search - 'bible.php?chapter' SQL Injection
|
10 |
WEB
|
L0rd CrusAd3r
|
|
2010-06-24
|
|
OneCMS 2.6.1 - 'short1' Cross-Site Scripting
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-24
|
|
OneCMS 2.6.1 - 'search' SQL Injection
|
11 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-24
|
|
OneCMS 2.6.1 - 'cat' Cross-Site Scripting
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-28
|
|
BlaherTech Placeto CMS - 'Username' SQL Injection
|
11 |
WEB
|
S.W.T
|
|
2010-06-28
|
|
Customer Paradigm PageDirector - 'id' SQL Injection
|
11 |
WEB
|
Tr0y-x
|
|
2014-07-30
|
|
D-Link AP 3200 - Multiple Vulnerabilities
|
10 |
WEB
|
pws
|
|
2014-07-30
|
|
SkaDate Lite 2.0 - Remote Code Execution
|
10 |
WEB
|
LiquidWorm
|
|
2014-07-30
|
|
SkaDate Lite 2.0 - Multiple Cross-Site Request Forgery / Persistent Cross-Site Scripting Vulnerabili
|
10 |
WEB
|
LiquidWorm
|
|
2010-06-24
|
|
Limny 2.1 - 'q' Cross-Site Scripting
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-25
|
|
AbleSpace 1.0 - 'news.php' SQL Injection
|
7 |
WEB
|
JaMbA
|
|
2014-07-29
|
|
WiFi HD 7.3.0 iOS - Multiple Vulnerabilities
|
8 |
WEB
|
Vulnerability-Lab
|
|
2010-05-05
|
|
WordPress Plugin Cimy Counter 0.9.4 - HTTP Response Splitting / Cross-Site Scripting
|
9 |
WEB
|
MustLive
|
|
2010-06-24
|
|
Lois Software WebDB 2.0A Script - Multiple SQL Injections
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2014-07-28
|
|
Oxwall 1.7.0 - Multiple Cross-Site Request Forgery / HTML Injection Vulnerabilities
|
8 |
WEB
|
LiquidWorm
|
|
2014-07-28
|
|
Sphider Search Engine 1.3.6 - Multiple Vulnerabilities
|
7 |
WEB
|
Mike Manzotti
|
|
2014-07-28
|
|
Ubiquiti UbiFi / mFi / AirVision - Cross-Site Request Forgery
|
8 |
WEB
|
Seth Art
|
|
2010-06-23
|
|
PreProject Multi-Vendor Shopping Malls - 'products.php' SQL Injection
|
8 |
WEB
|
CoBRa_21
|
|
2010-06-21
|
|
Jamroom 4.0.2/4.1.x - 'forum.php' Cross-Site Scripting
|
9 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-22
|
|
SoftComplex PHP Event Calendar 1.5 - Multiple Remote Vulnerabilities
|
9 |
WEB
|
cp77fk4r
|
|
2010-06-22
|
|
webConductor - 'default.asp' SQL Injection
|
8 |
WEB
|
Th3 RDX
|
|
2010-06-21
|
|
IBM Websphere ILOG JRules 6.7 - Cross-Site Scripting
|
9 |
WEB
|
IBM
|
|
2010-06-21
|
|
Sigmer Technologies Scribe CMS - 'copy_folder.php' Cross-Site Scripting
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-21
|
|
osCMax 2.0 - 'articles.php' Cross-Site Scripting
|
9 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-21
|
|
SaffaTunes CMS - 'news.php' Multiple SQL Injections
|
9 |
WEB
|
Th3 RDX
|
|
2014-07-27
|
|
DirPHP 1.0 - Local File Inclusion
|
8 |
WEB
|
black hat
|
|
2014-07-27
|
|
ZeroCMS 1.0 - Persistent Cross-Site Scripting
|
7 |
WEB
|
Mayuresh Dani
|
|
2014-07-27
|
|
Moodle 2.7 - Persistent Cross-Site Scripting
|
9 |
WEB
|
Osanda Malith Jayathissa
|
|
2014-07-25
|
|
Pligg CMS 2.0.1 - Multiple Vulnerabilities
|
9 |
WEB
|
BlackHawk
|
|
2010-06-18
|
|
KubeSupport - 'lang' SQL Injection
|
8 |
WEB
|
L0rd CrusAd3r
|
|
2014-07-25
|
|
Zenoss Monitoring System 4.2.5-2108 (x64) - Persistent Cross-Site Scripting
|
9 |
WEB
|
Dolev Farhi
|
|
2014-07-24
|
|
Lian Li NAS - Multiple Vulnerabilities
|
8 |
WEB
|
pws
|
|
2014-07-24
|
|
WordPress Plugin Video Gallery 2.5 - Multiple Vulnerabilities
|
9 |
WEB
|
Claudio Viviani
|
|
2010-06-18
|
|
Joomla! Component Gallery XML 1.1 - SQL Injection / Local File Inclusion
|
8 |
WEB
|
jdc
|
|
2010-06-17
|
|
Firebook - Multiple Cross-Site Scripting / Directory Traversal Vulnerabilities
|
9 |
WEB
|
MustLive
|
|
2010-06-27
|
|
Ceica-GW - 'login.php' Cross-Site Scripting
|
8 |
WEB
|
indoushka
|
|
2010-06-16
|
|
2DayBiz ybiz Network Community Script - SQL Injection / Cross-Site Scripting
|
9 |
WEB
|
Sid3^effects
|
|
2014-07-23
|
|
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure
|
11 |
WEB
|
Dolev Farhi
|
|
2014-07-23
|
|
Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass / Persistent
|
9 |
WEB
|
Vulnerability-Lab
|
|
2010-06-06
|
|
JForum 2.1.8 - 'Username' Cross-Site Scripting
|
8 |
WEB
|
Adam Baldwin
|
|
2010-06-15
|
|
Sell@Site PHP Online Jobs Login - Multiple SQL Injections
|
7 |
WEB
|
L0rd CrusAd3r
|
|
2010-06-14
|
|
MODx 1.0.3 - 'index.php' Multiple SQL Injections
|
9 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-11
|
|
AneCMS 1.x - '/modules/blog/index.php' SQL Injection
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-11
|
|
AneCMS 1.x - '/modules/blog/index.php' HTML Injection
|
9 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-14
|
|
VideoWhisper PHP 2 Way Video Chat - 'r' Cross-Site Scripting
|
9 |
WEB
|
Sid3^effects
|
|
2010-06-21
|
|
Plesk Server Administrator (PSA) - 'locale' Local File Inclusion
|
7 |
WEB
|
Pouya Daneshmand
|
|
2014-07-21
|
|
Raritan PowerIQ 4.1.0 - SQL Injection (Metasploit)
|
10 |
WEB
|
Brandon Perry
|
|
2014-07-21
|
|
MTS MBlaze Ultra Wi-Fi / ZTE AC3633 - Multiple Vulnerabilities
|
10 |
WEB
|
Ajin Abraham
|
|
2010-06-10
|
|
Arab Portal 2.2 - 'members.php' SQL Injection
|
8 |
WEB
|
SwEET-DeViL
|
|
2014-07-20
|
|
WordPress Plugin WP BackupPlus - Database and Files Backup Download
|
7 |
WEB
|
pSyCh0_3D
|
|
2010-01-18
|
|
Bits Video Script 2.04/2.05 - 'search.php' Cross-Site Scripting
|
8 |
WEB
|
indoushka
|
|
2010-01-18
|
|
Bits Video Script 2.04/2.05 - '/register.php' Arbitrary File Upload / Arbitrary PHP Code Execution
|
9 |
WEB
|
indoushka
|
|
2010-01-18
|
|
Bits Video Script 2.04/2.05 - '/addvideo.php' Arbitrary File Upload / Arbitrary PHP Code Execution
|
8 |
WEB
|
indoushka
|
|
2010-01-18
|
|
Hitmaaan Gallery 1.3 - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
indoushka
|
|
2010-01-18
|
|
Bits Video Script 2.05 Gold Beta - 'showcase2search.php?rowptem[template]' Remote File Inclusion
|
9 |
WEB
|
indoushka
|
|
2010-01-18
|
|
Bits Video Script 2.05 Gold Beta - 'showcasesearch.php?rowptem[template]' Remote File Inclusion
|
8 |
WEB
|
indoushka
|
|
2010-06-09
|
|
SilverStripe CMS 2.4 - File Renaming Security Bypass
|
9 |
WEB
|
John Leitch
|
|
2010-06-09
|
|
(GREEZLE) Global Real Estate Agent Login - Multiple SQL Injections
|
8 |
WEB
|
L0rd CrusAd3r
|
|
2010-06-09
|
|
PGAUTOPro - SQL Injection / Cross-Site Scripting (2)
|
9 |
WEB
|
Sid3^effects
|
|
2010-06-03
|
|
log1 CMS 2.0 - Session Handling Remote Security Bypass / Remote File Inclusion
|
9 |
WEB
|
High-Tech Bridge SA
|
|
2009-01-08
|
|
PRTG Traffic Grapher 6.2.1 - 'url' Cross-Site Scripting
|
9 |
WEB
|
Patrick Webster
|
|
2010-06-07
|
|
BoastMachine 3.1 - 'key' Cross-Site Scripting
|
9 |
WEB
|
High-Tech Bridge SA
|
