|
2012-08-20
|
|
PG Portal Pro - Cross-Site Request Forgery
|
1 |
WEB
|
Noxious
|
|
2012-08-20
|
|
GWebmail 0.7.3 - Cross-Site Scripting / Local File Inclusion / Remote Code Execution
|
1 |
WEB
|
Shai rod
|
|
2012-08-20
|
|
hupa webmail 0.0.2 - Persistent Cross-Site Scripting
|
1 |
WEB
|
Shai rod
|
|
2012-08-20
|
|
Alpha Networks ADSL2/2+ Wireless Router ASL-26555 - Password Disclosure
|
1 |
WEB
|
Alberto Ortega
|
|
2012-08-20
|
|
Clipbucket 2.5 - Cross-Site Request Forgery
|
0 |
WEB
|
DaOne
|
|
2012-08-20
|
|
T-dah Webmail - Cross-Site Request Forgery / Persistent Cross-Site Scripting
|
1 |
WEB
|
Yakir Wizman
|
|
2012-08-18
|
|
ManageEngine OpUtils 6.0 - Persistent Cross-Site Scripting
|
2 |
WEB
|
loneferret
|
|
2012-08-18
|
|
IlohaMail Webmail - Persistent Cross-Site Scripting
|
2 |
WEB
|
Shai rod
|
|
2012-08-17
|
|
Jaow CMS 2.3 - Blind SQL Injection
|
2 |
WEB
|
loneferret
|
|
2000-01-06
|
|
Phorum 3.0.7 - 'auth.php3' Backdoor Access
|
1 |
WEB
|
Max Vision
|
|
2000-01-01
|
|
Phorum 3.0.7 - 'violation.php3' Arbitrary Email Relay
|
1 |
WEB
|
Max Vision
|
|
2000-01-06
|
|
Phorum 3.0.7 - 'admin.php3' Unverified Administrative Password Change
|
1 |
WEB
|
Max Vision
|
|
2012-08-17
|
|
webid 1.0.4 - Multiple Vulnerabilities
|
2 |
WEB
|
dun
|
|
2012-08-17
|
|
T-dah Webmail Client - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Shai rod
|
|
2012-08-17
|
|
hastymail2 webmail 1.1 rc2 - Persistent Cross-Site Scripting
|
2 |
WEB
|
Shai rod
|
|
2012-08-17
|
|
Inferno vBShout 2.5.2 - SQL Injection
|
2 |
WEB
|
Luit
|
|
2012-08-17
|
|
ManageEngine OpStor 7.4 - Multiple Vulnerabilities
|
2 |
WEB
|
Vulnerability-Lab
|
|
2012-08-17
|
|
Social Engine 4.2.5 - Multiple Vulnerabilities
|
2 |
WEB
|
Vulnerability-Lab
|
|
2012-08-17
|
|
Jaow CMS 2.3 - Cross-Site Request Forgery
|
2 |
WEB
|
DaOne
|
|
2012-08-16
|
|
ProQuiz 2.0.2 - Cross-Site Request Forgery
|
2 |
WEB
|
DaOne
|
|
2012-08-16
|
|
Roundcube Webmail 0.8.0 - Persistent Cross-Site Scripting
|
2 |
WEB
|
Shai rod
|
|
2012-08-15
|
|
sphpforum 0.4 - Multiple Vulnerabilities
|
2 |
WEB
|
loneferret
|
|
2012-08-15
|
|
Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities
|
2 |
WEB
|
loneferret
|
|
2012-08-15
|
|
xt:Commerce 3.04 SP2.1 - Blind SQL Injection
|
2 |
WEB
|
stoffline.com
|
|
2012-08-15
|
|
MaxForum 1.0.0 - Local File Inclusion
|
2 |
WEB
|
ahwak2000
|
|
2012-08-15
|
|
MobileCartly 1.0 - Arbitrary File Upload
|
2 |
WEB
|
ICheer_No0M
|
|
2001-01-11
|
|
Basilix Webmail 0.9.7 - Incorrect File Permissions
|
2 |
WEB
|
Tamer Sahin
|
|
2012-08-13
|
|
IBM Websphere MQ File Transfer Edition Web Gateway - Insufficient Access Control
|
2 |
WEB
|
Nir Valtman
|
|
2012-08-13
|
|
IBM Websphere MQ File Transfer Edition Web Gateway - Cross-Site Request Forgery
|
2 |
WEB
|
Nir Valtman
|
|
2012-08-13
|
|
Hotel Booking Portal 0.1 - Multiple Vulnerabilities
|
2 |
WEB
|
Yakir Wizman
|
|
2012-08-13
|
|
WordPress Plugin RSVPMaker 2.5.4 - Persistent Cross-Site Scripting
|
2 |
WEB
|
Chris Kellum
|
|
2000-11-24
|
|
Phorum 3.x - Arbitrary File Read
|
2 |
WEB
|
Joao Gouveia
|
|
2000-11-23
|
|
Phorum 3.x - PHP Configuration Disclosure
|
1 |
WEB
|
Joao Gouveia
|
|
2012-08-10
|
|
MobileCartly 1.0 - Arbitrary File Write
|
1 |
WEB
|
Yakir Wizman
|
|
2012-08-11
|
|
ProQuiz 2.0.2 - Multiple Vulnerabilities
|
2 |
WEB
|
L0n3ly-H34rT
|
|
2012-08-11
|
|
Flynax General Classifieds CMS 4.0 - Multiple Vulnerabilities
|
2 |
WEB
|
Vulnerability-Lab
|
|
2012-08-10
|
|
WordPress Plugin Mz-jajak 2.1 - SQL Injection
|
1 |
WEB
|
StRoNiX
|
|
2012-08-10
|
|
MobileCartly 1.0 - Arbitrary File Deletion
|
2 |
WEB
|
GoLd_M
|
|
2012-08-09
|
|
Cyclope Employee Surveillance Solution 6.0/6.1.0/6.2.0/6.2.1/6.3.0 - SQL Injection
|
1 |
WEB
|
loneferret
|
|
2012-08-09
|
|
Kamads Classifieds 2.0 - Admin Hash Disclosure
|
1 |
WEB
|
Mr.tro0oqy
|
|
2012-08-09
|
|
Joomla! Component com_fireboard - SQL Injection
|
1 |
WEB
|
Vulnerability-Lab
|
|
2012-08-08
|
|
IBM Proventia Network Mail Security System 2.5 - POST File Read
|
2 |
WEB
|
muts
|
|
2012-08-08
|
|
xeams email server 4.4 build 5720 - Persistent Cross-Site Scripting
|
2 |
WEB
|
loneferret
|
|
2012-08-08
|
|
winwebmail server 3.8.1.6 - Persistent Cross-Site Scripting
|
1 |
WEB
|
loneferret
|
|
2012-08-08
|
|
WordPress Plugin ThreeWP Email Reflector 1.13 - Persistent Cross-Site Scripting
|
1 |
WEB
|
loneferret
|
|
2012-08-08
|
|
T-dah Webmail Client 3.2.0-2.3 - Persistent Cross-Site Scripting
|
1 |
WEB
|
loneferret
|
|
2012-08-08
|
|
Surgemail 6.0a4 - Persistent Cross-Site Scripting
|
0 |
WEB
|
loneferret
|
|
2012-08-08
|
|
smartermail free 9.2 - Persistent Cross-Site Scripting
|
0 |
WEB
|
loneferret
|
|
2012-08-08
|
|
WordPress Plugin simplemail 1.0.6 - Persistent Cross-Site Scripting
|
0 |
WEB
|
loneferret
|
|
2012-08-08
|
|
WordPress Plugin postie 1.4.3 - Persistent Cross-Site Scripting
|
1 |
WEB
|
loneferret
|
|
2012-08-08
|
|
OTRS Open Technology Real Services 3.1.4 - Persistent Cross-Site Scripting
|
1 |
WEB
|
loneferret
|
|
2012-08-08
|
|
WordPress Plugin mini mail Dashboard widget 1.42 - Persistent Cross-Site Scripting
|
0 |
WEB
|
loneferret
|
|
2012-08-08
|
|
Alt-N MDaemon free 12.5.4 - Persistent Cross-Site Scripting
|
1 |
WEB
|
loneferret
|
|
2012-08-08
|
|
ManageEngine ServiceDesk Plus 8.1 - Persistent Cross-Site Scripting
|
1 |
WEB
|
loneferret
|
|
2012-08-08
|
|
mailtraq 2.17.3.3150 - Persistent Cross-Site Scripting
|
1 |
WEB
|
loneferret
|
|
2012-08-08
|
|
afterlogic mailsuite pro (VMware Appliance) 6.3 - Persistent Cross-Site Scripting
|
1 |
WEB
|
loneferret
|
|
2012-08-08
|
|
mailenable enterprise 6.5 - Persistent Cross-Site Scripting
|
1 |
WEB
|
loneferret
|
|
2012-08-08
|
|
escon supportportal pro 3.0 - Persistent Cross-Site Scripting
|
0 |
WEB
|
loneferret
|
|
2012-08-08
|
|
emailarchitect enterprise email server 10.0 - Persistent Cross-Site Scripting
|
0 |
WEB
|
loneferret
|
|
2012-08-08
|
|
Axigen Mail Server 8.0.1 - Persistent Cross-Site Scripting
|
0 |
WEB
|
loneferret
|
|
2012-08-08
|
|
Openconstructor CMS 3.12.0 - 'id' Multiple SQL Injections
|
0 |
WEB
|
Lorenzo Cantoni
|
|
2012-08-08
|
|
Inout Mobile Webmail APP - Persistent Cross-Site Scripting
|
1 |
WEB
|
Vulnerability-Lab
|
|
2012-08-08
|
|
iauto mobile Application 2012 - Multiple Vulnerabilities
|
2 |
WEB
|
Vulnerability-Lab
|
|
2012-08-08
|
|
AraDown - Blind SQL Injection
|
2 |
WEB
|
G-B
|
|
2012-08-08
|
|
Joomla! Component com_enmasse 1.2.0.4 - SQL Injection
|
2 |
WEB
|
D4NB4R
|
|
2012-08-08
|
|
WespaJuris 3.0 - Multiple Vulnerabilities
|
2 |
WEB
|
WhiteCollarGroup
|
|
2012-08-07
|
|
Zoho BugTracker - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
LiquidWorm
|
|
2000-10-07
|
|
phpix 1.0 - Directory Traversal
|
2 |
WEB
|
Synnergy.net
|
|
2012-08-05
|
|
WordPress Plugin Effective Lead Management 3.0.0 - Persistent Cross-Site Scripting
|
1 |
WEB
|
Chris Kellum
|
|
2012-08-05
|
|
Tickets CAD 2.20G - Multiple Vulnerabilities
|
2 |
WEB
|
chap0
|
|
2012-08-05
|
|
Islamnt Islam Forum Script 1.2 - Blind SQL Injection
|
1 |
WEB
|
s3n4t00r
|
|
2000-09-07
|
|
nathan purciful phpphotoalbum 0.9.9 - Directory Traversal
|
2 |
WEB
|
pestilence
|
|
2012-08-02
|
|
am4ss Support System 1.2 - PHP Code Injection
|
2 |
WEB
|
i-Hmx
|
|
2012-08-02
|
|
am4ss 1.2 - Multiple Vulnerabilities
|
1 |
WEB
|
s3n4t00r
|
|
2012-08-02
|
|
Joomla! Component com_joomgalaxy 1.2.0.4 - Multiple Vulnerabilities
|
2 |
WEB
|
D4NB4R
|
|
2012-08-02
|
|
WebPageTest - Arbitrary '.PHP' File Upload (Metasploit)
|
2 |
WEB
|
Metasploit
|
|
2012-08-01
|
|
ManageEngine Mobile Application Manager 10 - SQL Injection
|
2 |
WEB
|
Vulnerability-Lab
|
|
2012-08-01
|
|
ManageEngine Application Manager 10 - Multiple Vulnerabilities
|
2 |
WEB
|
Vulnerability-Lab
|
|
2012-08-01
|
|
Joomla! Component com_movm - SQL Injection
|
2 |
WEB
|
D4NB4R
|
|
2012-08-01
|
|
Joomla! Component com_niceajaxpoll 1.3.0 - SQL Injection
|
2 |
WEB
|
Patrick de Brouwer
|
|
2000-08-21
|
|
PHP-Nuke 1.0/2.5 - Administrative Privileges
|
2 |
WEB
|
bruj0
|
|
2012-07-31
|
|
Dr. Web Control Center 6.00.3.201111300 - Cross-Site Scripting
|
1 |
WEB
|
Oliver Karow
|
|
2012-07-30
|
|
Symantec Web Gateway 5.0.3.18 - 'deptUploads_data.php?groupid' Blind SQL Injection
|
2 |
WEB
|
Kc57
|
|
2012-07-27
|
|
CuteFlow 2.11.2 - Arbitrary File Upload (Metasploit)
|
1 |
WEB
|
Metasploit
|
|
2012-07-24
|
|
Zabbix 2.0.1 - Session Extractor
|
2 |
WEB
|
muts
|
|
2012-07-24
|
|
WordPress Plugin Front End Upload 0.5.4.4 - Arbitrary '.PHP' File Upload
|
2 |
WEB
|
Chris Kellum
|
|
2012-07-24
|
|
Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion / Remote Command Execution
|
1 |
WEB
|
muts
|
|
2012-07-23
|
|
SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / (Authenticated) SQL Injection
|
2 |
WEB
|
dookie
|
|
2012-07-23
|
|
Alienvault Open Source SIEM (OSSIM) 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection
|
2 |
WEB
|
muts
|
|
2012-07-23
|
|
MySQL Squid Access Report 2.1.4 - HTML Injection
|
1 |
WEB
|
Daniel Godoy
|
|
2012-07-23
|
|
Symantec Web Gateway 5.0.3.18 - Blind SQL Injection Backdoor via MySQL Triggers
|
2 |
WEB
|
muts
|
|
2012-07-23
|
|
Symantec Web Gateway 5.0.2 - 'blocked.php?id' Blind SQL Injection
|
2 |
WEB
|
muts
|
|
2012-07-23
|
|
Atmail WebAdmin and Webmail Control Panel - SQL Root Password Disclosure
|
2 |
WEB
|
Ciph3r
|
|
2012-07-22
|
|
ipswitch whatsup gold 15.02 - Persistent Cross-Site Scripting / Blind SQL Injection / Remote Code Ex
|
2 |
WEB
|
muts
|
|
2012-07-22
|
|
Dell SonicWALL Scrutinizer 9.0.1 - 'statusFilter.php?q' SQL Injection
|
2 |
WEB
|
muts
|
|
2012-07-23
|
|
EGallery - Arbitrary '.PHP' File Upload (Metasploit)
|
2 |
WEB
|
Metasploit
|
|
2012-07-21
|
|
SolarWinds Orion Network Performance Monitor 10.2.2 - Multiple Vulnerabilities
|
2 |
WEB
|
muts
|
|
2012-07-21
|
|
X-Cart Gold 4.5 - 'products_map.php?symb' Cross-Site Scripting
|
2 |
WEB
|
muts
|
|
2012-07-20
|
|
iBoutique 4.0 - 'key' SQL Injection
|
2 |
WEB
|
SecPod Research
|
|
2012-07-20
|
|
PHP-Nuke module (SPChat) - SQL Injection
|
2 |
WEB
|
Yakir Wizman
|
|
2012-07-18
|
|
Nwahy Articles 2.2 - Cross-Site Request Forgery (Add Admin)
|
2 |
WEB
|
DaOne
|
|
2012-07-17
|
|
Forum Oxalis 0.1.2 - SQL Injection
|
2 |
WEB
|
Jean Pascal Pereira
|
|
2012-07-16
|
|
PBBoard CMS 2.1.4 - Multiple Vulnerabilities
|
2 |
WEB
|
Vulnerability-Lab
|
|
2012-07-16
|
|
VamCart CMS 0.9 - Multiple Vulnerabilities
|
2 |
WEB
|
Vulnerability-Lab
|
|
2012-07-16
|
|
CakePHP 2.x < 2.2.0-RC2 - XML External Entity Injection
|
2 |
WEB
|
Pawel Wylecial
|
|
2012-07-16
|
|
WordPress Theme Diary/Notebook Site5 - Email Spoofing
|
1 |
WEB
|
bwall
|
|
2012-07-16
|
|
Vivotek Cameras - Sensitive Information Disclosure
|
2 |
WEB
|
GothicX
|
|
2012-07-14
|
|
Joomla! Component com_osproperty 2.0.2 - Unrestricted Arbitrary File Upload
|
2 |
WEB
|
D4NB4R
|
|
2012-07-14
|
|
Shopware 3.5 - SQL Injection
|
2 |
WEB
|
Kataklysmos
|
|
2012-07-13
|
|
Magento eCommerce - Local File Disclosure
|
2 |
WEB
|
SEC Consult
|
|
2012-07-13
|
|
Joomla! Component com_ksadvertiser - Remote File / Bypass Upload
|
2 |
WEB
|
D4NB4R
|
|
2012-07-13
|
|
WordPress Plugin Resume Submissions & Job Postings 2.5.1 - Unrestricted Arbitrary File Upload
|
1 |
WEB
|
Chris Kellum
|
|
2012-07-13
|
|
webpagetest 2.6 - Multiple Vulnerabilities
|
1 |
WEB
|
dun
|
|
2012-07-12
|
|
Reserve Logic 1.2 Booking CMS - Multiple Vulnerabilities
|
1 |
WEB
|
Vulnerability-Lab
|
|
2012-07-12
|
|
TP-Link Gateway 3.12.4 - Multiple Vulnerabilities
|
1 |
WEB
|
Vulnerability-Lab
|
|
2012-07-12
|
|
Lc Flickr Carousel 1.0 - Local File Disclosure
|
1 |
WEB
|
GoLd_M
|
|
2012-07-12
|
|
eCan 0.1 - Local File Disclosure
|
1 |
WEB
|
GoLd_M
|
|
2012-07-12
|
|
House Style 0.1.2 - 'readfile()' Local File Disclosure
|
0 |
WEB
|
GoLd_M
|
|
2012-07-12
|
|
Hastymail 2.1.1 RC1 - Command Injection (Metasploit)
|
2 |
WEB
|
Metasploit
|
|
2012-07-10
|
|
WordPress Plugin WP-Predict 1.0 - Blind SQL Injection
|
1 |
WEB
|
Chris Kellum
|
|
2012-07-09
|
|
Umbraco CMS - Remote Command Execution (Metasploit)
|
1 |
WEB
|
Metasploit
|
|
2012-07-09
|
|
Basilic 1.5.14 - 'diff.php' Arbitrary Command Execution (Metasploit)
|
2 |
WEB
|
Metasploit
|
|
2012-07-09
|
|
Tiki Wiki CMS Groupware 8.3 - 'Unserialize()' PHP Code Execution (Metasploit)
|
2 |
WEB
|
Metasploit
|
|
2012-07-06
|
|
Webmatic 3.1.1 - Blind SQL Injection
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2012-07-06
|
|
Event Script PHP 1.1 CMS - Multiple Vulnerabilities
|
2 |
WEB
|
Vulnerability-Lab
|
