|
2011-12-28
|
|
Joomla! Component Module Simple File Upload 1.3 - Remote Code Execution
|
2 |
WEB
|
gmda
|
|
2011-12-26
|
|
Free Image Hosting Script - Arbitrary File Upload
|
1 |
WEB
|
ySecurity
|
|
2011-12-26
|
|
WordPress Plugin Mailing List - Arbitrary File Download
|
1 |
WEB
|
6Scan
|
|
2011-12-25
|
|
OpenEMR 4 - Multiple Vulnerabilities
|
1 |
WEB
|
Level
|
|
2011-12-23
|
|
Open Conference/Journal/Harvester Systems 2.3.x - Multiple Remote Code Execution Vulnerabilities
|
1 |
WEB
|
mr_me
|
|
2011-12-22
|
|
Tiki Wiki CMS Groupware 8.2 - 'snarf_ajax.php' Remote PHP Code Injection
|
1 |
WEB
|
EgiX
|
|
2011-12-21
|
|
Plone and Zope - Remote Command Execution
|
1 |
WEB
|
Nick Miles
|
|
2011-12-21
|
|
SpamTitan 5.08 - Multiple Vulnerabilities
|
0 |
WEB
|
Vulnerability-Lab
|
|
2011-12-21
|
|
Barracuda Control Center 620 - Multiple Web Vulnerabilities
|
2 |
WEB
|
Vulnerability-Lab
|
|
2011-12-21
|
|
Infoproject Business Hero - Multiple Vulnerabilities
|
2 |
WEB
|
LiquidWorm
|
|
2011-12-19
|
|
Joomla! Component com_dshop - SQL Injection
|
2 |
WEB
|
CoBRa_21
|
|
2011-12-19
|
|
DotA OpenStats 1.3.9 - SQL Injection
|
2 |
WEB
|
HvM17
|
|
2011-12-19
|
|
appRain CMF 0.1.5 - Multiple Web Vulnerabilities
|
2 |
WEB
|
Vulnerability-Lab
|
|
2011-12-16
|
|
mPDF 5.3 - File Disclosure
|
2 |
WEB
|
ZadYree
|
|
2011-12-16
|
|
Capexweb 1.1 - SQL Injection
|
2 |
WEB
|
D1rt3 Dud3
|
|
2011-12-16
|
|
Seotoaster - SQL Injection
|
1 |
WEB
|
Stefan Schurtz
|
|
2011-12-14
|
|
PmWiki 2.2.34 - 'pagelist' Remote PHP Code Injection (2) (Metasploit)
|
1 |
WEB
|
Metasploit
|
|
2011-12-13
|
|
Traq 2.3 - Authentication Bypass / Remote Code Execution (Metasploit)
|
1 |
WEB
|
Metasploit
|
|
2011-12-11
|
|
Pixie 1.04 - Blog Post Cross-Site Request Forgery
|
1 |
WEB
|
hackme
|
|
2011-12-11
|
|
Xoops 2.5.4 - Blind SQL Injection
|
2 |
WEB
|
blkhtc0rp
|
|
2011-12-11
|
|
FCMS CMS 2.7.2 - Multiple Cross-Site Request Forgery Vulnerabilities
|
2 |
WEB
|
Ahmed Elhady Mohamed
|
|
2011-12-11
|
|
WordPress Plugin UPM Polls 1.0.4 - Blind SQL Injection
|
1 |
WEB
|
Saif
|
|
2011-12-10
|
|
Family CMS 2.7.2 - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
0 |
WEB
|
Ahmed Elhady Mohamed
|
|
2011-12-09
|
|
Docebo Lms 4.0.4 - 'Messages' Remote Code Execution
|
2 |
WEB
|
mr_me
|
|
2011-12-09
|
|
SePortal 2.5 - SQL Injection (1)
|
1 |
WEB
|
Don
|
|
2011-12-08
|
|
Joomla! Component com_qcontacts 1.0.6 - SQL Injection
|
2 |
WEB
|
Don
|
|
2011-12-08
|
|
SantriaCMS - SQL Injection
|
2 |
WEB
|
Troy
|
|
2011-12-07
|
|
SourceBans 1.4.8 - SQL Injection / Local File Inclusion Injection
|
2 |
WEB
|
Havok
|
|
2011-12-07
|
|
SMF 2.0.1 - SQL Injection / Privilege Escalation
|
1 |
WEB
|
The:Paradox
|
|
2011-12-07
|
|
Traq 2.3 - Authentication Bypass / Remote Code Execution
|
2 |
WEB
|
EgiX
|
|
2011-12-07
|
|
phpBB MyPage Plugin - SQL Injection
|
2 |
WEB
|
CrazyMouse
|
|
2011-12-07
|
|
PHP City Portal Script Software - SQL Injection
|
2 |
WEB
|
Don
|
|
2011-12-07
|
|
Family Connections CMS 2.7.1 - 'less.php' Remote Command Execution (Metasploit)
|
1 |
WEB
|
Metasploit
|
|
2011-12-06
|
|
Alstrasoft EPay Enterprise 4.0 - Blind SQL Injection
|
1 |
WEB
|
Don
|
|
2011-12-05
|
|
Meditate Web Content Editor 'username_input' - SQL Injection
|
1 |
WEB
|
Stefan Schurtz
|
|
2011-12-04
|
|
Family Connections CMS 2.5.0/2.7.1 - 'less.php' Remote Command Execution
|
2 |
WEB
|
mr_me
|
|
2011-12-02
|
|
WSN Classifieds 6.2.12/6.2.18 - Multiple Vulnerabilities
|
1 |
WEB
|
d3v1l
|
|
2011-12-02
|
|
Joomla! Component com_jobprofile - SQL Injection
|
2 |
WEB
|
kaMtiEz
|
|
2011-12-01
|
|
Muster Render Farm Management System - Arbitrary File Download
|
2 |
WEB
|
Nick Freeman
|
|
2011-11-30
|
|
WikkaWiki 1.3.2 - Multiple Vulnerabilities
|
2 |
WEB
|
EgiX
|
|
2011-11-28
|
|
JQuery-Real-Person plugin - Bypass Captcha
|
2 |
WEB
|
Alberto_García_Illera
|
|
2011-11-28
|
|
Google Android - 'content://' URI Multiple Information Disclosure Vulnerabilities
|
2 |
WEB
|
Thomas Cannon
|
|
2011-11-25
|
|
PHP video script - SQL Injection
|
2 |
WEB
|
longrifle0x
|
|
2011-11-24
|
|
Zabbix 1.8.4 - 'popup.php' SQL Injection
|
2 |
WEB
|
Marcio Almeida
|
|
2011-11-24
|
|
LibLime Koha 4.2 - Local File Inclusion
|
2 |
WEB
|
Akin Tosunlar
|
|
2011-11-24
|
|
Log1 CMS 2.0 - 'ajax_create_folder.php' Remote Code Execution
|
1 |
WEB
|
Adel SBM
|
|
2011-11-23
|
|
PmWiki 2.2.34 - 'pagelist' Remote PHP Code Injection (1)
|
1 |
WEB
|
EgiX
|
|
2011-11-23
|
|
PHP-Nuke 8.1.0.3.5b - 'Downloads' Blind SQL Injection
|
2 |
WEB
|
Dante90
|
|
2011-11-19
|
|
Support Incident Tracker 3.65 - 'translate.php' Remote Code Execution
|
2 |
WEB
|
EgiX
|
|
2011-11-19
|
|
ARASTAR - SQL Injection
|
2 |
WEB
|
TH3_N3RD
|
|
2011-11-19
|
|
Blogs manager 1.101 - SQL Injection
|
2 |
WEB
|
muuratsalo
|
|
2011-11-19
|
|
Valid tiny-erp 1.6 - SQL Injection
|
2 |
WEB
|
muuratsalo
|
|
2011-11-19
|
|
Freelancer Calendar 1.01 - SQL Injection
|
2 |
WEB
|
muuratsalo
|
|
2011-11-19
|
|
WordPress Plugin jetpack - 'sharedaddy.php' ID SQL Injection
|
2 |
WEB
|
longrifle0x
|
|
2011-11-16
|
|
SonicWALL Aventail SSL-VPN - SQL Injection
|
1 |
WEB
|
Asheesh kumar
|
|
2011-11-16
|
|
FreeWebShop 2.2.9 R2 - 'ajax_save_name.php' Remote Code Execution
|
2 |
WEB
|
EgiX
|
|
2011-11-15
|
|
QuiXplorer 2.3 - Bugtraq Arbitrary File Upload
|
1 |
WEB
|
PCA
|
|
2011-11-15
|
|
Authenex A-Key/ASAS Web Management Control 3.1.0.2 - Blind SQL Injection
|
2 |
WEB
|
Jose Carlos de Arriba
|
|
2011-11-14
|
|
Pixie CMS 1.01 < 1.04 - Blind SQL Injections
|
2 |
WEB
|
Piranha
|
|
2011-11-14
|
|
WordPress Plugin AdRotate 3.6.6 - SQL Injection
|
2 |
WEB
|
Miroslav Stampar
|
|
2011-11-13
|
|
WordPress Plugin Zingiri 2.2.3 - 'ajax_save_name.php' Remote Code Execution
|
1 |
WEB
|
EgiX
|
|
2011-11-13
|
|
Mambo 4.x - 'Zorder' SQL Injection
|
2 |
WEB
|
KraL BeNiM
|
|
2011-11-13
|
|
Support Incident Tracker 3.65 - Remote Command Execution (Metasploit)
|
2 |
WEB
|
Metasploit
|
|
2011-11-09
|
|
COMTREND CT-5624 Router - Root/Support Password Disclosure/Change
|
1 |
WEB
|
Todor Donev
|
|
2011-11-09
|
|
labwiki 1.1 - Multiple Vulnerabilities
|
1 |
WEB
|
muuratsalo
|
|
2011-11-09
|
|
osCSS2 - '_ID' Local file Inclusion
|
2 |
WEB
|
Stefan Schurtz
|
|
2011-11-08
|
|
11in1 CMS 1.0.1 - 'do.php' CRLF Injection
|
2 |
WEB
|
LiquidWorm
|
|
2011-11-07
|
|
OrderSys 1.6.4 - SQL Injection
|
2 |
WEB
|
muuratsalo
|
|
2011-11-07
|
|
LabStoRe 1.5.4 - SQL Injection
|
2 |
WEB
|
muuratsalo
|
|
2011-11-07
|
|
WHMCompleteSolution 3.x/4.x - Multiple Vulnerabilities
|
2 |
WEB
|
ZxH-Labs
|
|
2011-11-05
|
|
aidiCMS 3.55 - 'ajax_create_folder.php' Remote Code Execution
|
1 |
WEB
|
EgiX
|
|
2011-11-05
|
|
PHPMyFAQ 2.7.0 - 'ajax_create_folder.php' Remote Code Execution
|
1 |
WEB
|
EgiX
|
|
2011-11-05
|
|
ZenPhoto 1.4.1.4 - 'ajax_create_folder.php' Remote Code Execution
|
1 |
WEB
|
EgiX
|
|
2011-11-04
|
|
WHMCompleteSolution (WHMCS) 3.x - 'clientarea.php' Local File Disclosure
|
2 |
WEB
|
red virus
|
|
2011-11-04
|
|
HP Data Protector Media Operations 6.20 - Directory Traversal
|
2 |
WEB
|
Luigi Auriemma
|
|
2011-11-04
|
|
Advanced Poll 2.02 - SQL Injection
|
2 |
WEB
|
Yassin Aboukir
|
|
2011-11-04
|
|
Ajax File and Image Manager 1.0 Final - Remote Code Execution
|
2 |
WEB
|
EgiX
|
|
2011-11-03
|
|
Web File Browser 0.4b14 - File Download
|
2 |
WEB
|
Sangyun YOO
|
|
2011-11-03
|
|
Jara 1.6 - Multiple Vulnerabilities
|
2 |
WEB
|
Or4nG.M4N
|
|
2011-11-02
|
|
CaupoShop Pro (2.x < 3.70) Classic 3.01 - Local File Inclusion
|
1 |
WEB
|
Rami Salama
|
|
2011-11-02
|
|
SetSeed CMS 5.8.20 - 'loggedInUser' SQL Injection
|
2 |
WEB
|
LiquidWorm
|
|
2011-11-02
|
|
BST (BestShopPro) - 'nowosci.php' Multiple Vulnerabilities
|
1 |
WEB
|
CoBRa_21
|
|
2011-11-01
|
|
ZTE ZXDSL 831IIV7.5.0a_Z29_OV - Multiple Vulnerabilities
|
1 |
WEB
|
mehdi boukazoula
|
|
2011-10-31
|
|
Joomla! Component Alameda 1.0 - SQL Injection
|
0 |
WEB
|
kaMtiEz
|
|
2011-10-31
|
|
jbShop e107 7 CMS Plugin - SQL Injection
|
1 |
WEB
|
Robert Cooper
|
|
2011-10-31
|
|
WordPress Plugin Glossary - SQL Injection
|
0 |
WEB
|
longrifle0x
|
|
2011-10-31
|
|
WordPress Theme classipress 3.1.4 - Persistent Cross-Site Scripting
|
1 |
WEB
|
Paul Loftness
|
|
2011-10-31
|
|
Joomla! Component HM Community - Multiple Vulnerabilities
|
1 |
WEB
|
599eme Man
|
|
2011-10-29
|
|
Joomla! Component Vik Real Estate 1.0 - Multiple Vulnerabilities
|
1 |
WEB
|
Chris Russell
|
|
2011-10-29
|
|
Joomla! Component com_jeemasms 3.2 - Multiple Vulnerabilities
|
2 |
WEB
|
Chris Russell
|
|
2011-10-29
|
|
Joomla! Component Barter Sites 1.3 - Multiple Vulnerabilities
|
2 |
WEB
|
Chris Russell
|
|
2011-10-29
|
|
PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities
|
2 |
WEB
|
BHG Security Center
|
|
2011-10-28
|
|
Joomla! Component Techfolio 1.0 - SQL Injection
|
2 |
WEB
|
Chris Russell
|
|
2011-10-27
|
|
WordPress Plugin wptouch - SQL Injection
|
2 |
WEB
|
longrifle0x
|
|
2011-10-26
|
|
phpScheduleIt 1.2.10 - 'reserve.php' Arbitrary Code Injection (Metasploit)
|
2 |
WEB
|
Metasploit
|
|
2011-10-27
|
|
eFront 3.6.10 (build 11944) - Multiple Vulnerabilities
|
2 |
WEB
|
EgiX
|
|
2011-10-26
|
|
Online Subtitles Workshop - Cross-Site Scripting
|
2 |
WEB
|
M.Jock3R
|
|
2011-10-25
|
|
Joomla! Component com_yjcontactus - Local File Inclusion
|
2 |
WEB
|
MeGo
|
|
2011-10-24
|
|
SAP Management Console - OSExecute Payload Execution (Metasploit)
|
2 |
WEB
|
Metasploit
|
|
2011-10-25
|
|
phpLDAPadmin 1.2.1.1 - Remote PHP Code Injection (Metasploit) (2)
|
2 |
WEB
|
Metasploit
|
|
2011-10-23
|
|
InverseFlow 2.4 - Cross-Site Request Forgery (Add Admin)
|
2 |
WEB
|
EjRaM HaCkEr
|
|
2011-10-23
|
|
phpLDAPadmin 1.2.1.1 - Remote PHP Code Injection (1)
|
2 |
WEB
|
EgiX
|
|
2011-10-23
|
|
Jara 1.6 - SQL Injection
|
2 |
WEB
|
muuratsalo
|
|
2011-10-21
|
|
SportsPHool 1.0 - Remote File Inclusion
|
2 |
WEB
|
cr4wl3r
|
|
2011-10-20
|
|
Cyclope Internet Filtering Proxy 4.0 - Persistent Cross-Site Scripting
|
2 |
WEB
|
loneferret
|
|
2011-10-20
|
|
Metasploit Web UI 4.1.0 - Persistent Cross-Site Scripting
|
1 |
WEB
|
Stefan Schurtz
|
|
2011-10-20
|
|
Pre Studio Business Cards Designer - SQL Injection
|
2 |
WEB
|
dr_zig
|
|
2011-10-20
|
|
OCS Inventory NG 2.0.1 - Persistent Cross-Site Scripting
|
2 |
WEB
|
Nicolas DEROUET
|
|
2011-10-20
|
|
Simple Free PHP Forum Script - SQL Injection
|
2 |
WEB
|
Skraps
|
|
2011-10-20
|
|
fims File Management System 1.2.1a - Multiple Vulnerabilities
|
2 |
WEB
|
Skraps
|
|
2011-10-20
|
|
Uiga Personal Portal - Multiple Vulnerabilities
|
2 |
WEB
|
Eyup CELIK
|
|
2011-10-20
|
|
CMS mini 0.2.2 - Local File Inclusion
|
2 |
WEB
|
BeopSeong/I2Sec
|
|
2011-10-19
|
|
1024 CMS 1.1.0 Beta - 'force_download.php' Local File Inclusion
|
2 |
WEB
|
Sangyun YOO
|
|
2011-10-19
|
|
WHMCompleteSolution (WHMCS) 3.x < 4.0.x - 'cart.php' Local File Disclosure
|
2 |
WEB
|
Lagripe-Dz & Mca-Crb
|
|
2011-10-19
|
|
Openemr-4.1.0 - SQL Injection
|
2 |
WEB
|
I2sec-dae jin Oh
|
|
2011-10-19
|
|
Yet Another CMS 1.0 - SQL Injection / Cross-Site Scripting
|
2 |
WEB
|
Stefan Schurtz
|
|
2011-10-18
|
|
Joomla! Plugin NoNumber Framework - Multiple Vulnerabilities
|
2 |
WEB
|
jdc
|
|
2011-10-18
|
|
Dolphin 7.0.7 - 'member_menu_queries.php' Remote PHP Code Injection
|
1 |
WEB
|
EgiX
|
|
2011-10-17
|
|
GNUBoard 4.33.02 - 'tp.php?PATH_INFO' SQL Injection
|
1 |
WEB
|
flyh4t
|
|
2011-10-17
|
|
Dominant Creature BBG/RPG Browser Game - Persistent Cross-Site Scripting
|
2 |
WEB
|
M.Jock3R
|
|
2011-10-17
|
|
WordPress Plugin BackWPUp 2.1.4 - Code Execution
|
1 |
WEB
|
Sense of Security
|
|
2011-10-16
|
|
Ruubikcms 1.1.0 - '/extra/image.php' Local File Inclusion
|
2 |
WEB
|
Sangyun YOO
|
|
2011-10-15
|
|
WordPress Plugin Photo Album Plus 4.1.1 - SQL Injection
|
2 |
WEB
|
Skraps
|
|
2011-10-14
|
|
WordPress Plugin Contact Form 2.7.5 - SQL Injection
|
2 |
WEB
|
Skraps
|
|
2011-10-12
|
|
WordPress Plugin GD Star Rating 1.9.10 - SQL Injection
|
2 |
WEB
|
Miroslav Stampar
|
