|
2010-07-25
|
|
XML-RPC Library 1.3.0 - 'xmlrpc.php' Arbitrary Code Execution (Metasploit)
|
1 |
WEB
|
Metasploit
|
|
2010-07-03
|
|
Cacti - 'graph_view.php' Remote Command Execution (Metasploit)
|
1 |
WEB
|
Metasploit
|
|
2010-10-18
|
|
RedHat Piranha Virtual Server Package - 'passwd.php3' Arbitrary Command Execution (Metasploit)
|
1 |
WEB
|
Metasploit
|
|
2010-10-05
|
|
Alcatel-Lucent OmniPCX Enterprise - masterCGI Arbitrary Command Execution (Metasploit)
|
1 |
WEB
|
Metasploit
|
|
2010-07-07
|
|
DD-WRT HTTPd Daemon/Service - Arbitrary Command Execution (Metasploit)
|
1 |
WEB
|
Metasploit
|
|
2010-11-24
|
|
ColdFusion 8.0.1 - Arbitrary File Upload / Execution (Metasploit)
|
1 |
WEB
|
Metasploit
|
|
2010-11-24
|
|
FreeNAS - 'exec_raw.php' Arbitrary Command Execution (Metasploit)
|
2 |
WEB
|
Metasploit
|
|
2011-03-05
|
|
BoutikOne - 'description.php' SQL Injection
|
2 |
WEB
|
IRAQ_JAGUAR
|
|
2011-03-05
|
|
vTiger CRM 5.0.4 - Local File Inclusion
|
1 |
WEB
|
TecR0c
|
|
2011-03-05
|
|
MySms 1.0 - Multiple Vulnerabilities
|
2 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-03-04
|
|
ADAN Neuronlabs - 'view.php' SQL Injection
|
2 |
WEB
|
IRAQ_JAGUAR
|
|
2011-03-04
|
|
JBoss Application Server 4.2 < 4.2.0.CP09 / 4.3 < 4.3.0.CP08 - Remote Command Execution
|
2 |
WEB
|
kingcope
|
|
2011-03-04
|
|
WordPress Plugin PHP Speedy 0.5.2 - 'admin_container.php' Remote Code Execution
|
1 |
WEB
|
mr_me
|
|
2011-03-04
|
|
Limelight Software - 'article.php' SQL Injection
|
2 |
WEB
|
eXeSoul
|
|
2011-03-02
|
|
cChatBox for vBulletin 3.6.8/3.7.x - SQL Injection
|
2 |
WEB
|
DSecurity
|
|
2011-03-02
|
|
Bitweaver 2.8.0 - Multiple Vulnerabilities
|
2 |
WEB
|
lemlajt
|
|
2011-03-02
|
|
Quicktech - SQL Injection
|
2 |
WEB
|
eXeSoul
|
|
2011-03-02
|
|
Readmore Systems Script - SQL Injection
|
2 |
WEB
|
vBzone & Zooka & El3arby
|
|
2011-02-28
|
|
SnapProof - 'page.php' SQL Injection
|
2 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-02-28
|
|
DO-CMS - Multiple SQL Injections
|
2 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-02-26
|
|
Cisco Linksys WAG120N - Cross-Site Request Forgery
|
2 |
WEB
|
Khashayar Fereidani
|
|
2011-02-26
|
|
WordPress Plugin OPS Old Post Spinner 2.2.1 - Local File Inclusion
|
2 |
WEB
|
AutoSec Tools
|
|
2011-02-26
|
|
WordPress Plugin jQuery Mega Menu 1.0 - Local File Inclusion
|
2 |
WEB
|
AutoSec Tools
|
|
2011-02-26
|
|
phreebooks r30rc4 - Multiple Vulnerabilities
|
2 |
WEB
|
AutoSec Tools
|
|
2011-02-25
|
|
Pragyan CMS 3.0 - Multiple Vulnerabilities
|
2 |
WEB
|
Villy & Abhishek Lyall
|
|
2011-02-25
|
|
Joomla! Component com_xcloner-backupandrestore - Remote Command Execution
|
2 |
WEB
|
mr_me
|
|
2011-02-25
|
|
RaksoCT - Multiple SQL Injections
|
1 |
WEB
|
p0pc0rn
|
|
2011-02-24
|
|
WordPress Plugin IWantOneButton 3.0.1 - Multiple Vulnerabilities
|
0 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-24
|
|
WordPress Plugin Forum Server 1.6.5 - SQL Injection
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-24
|
|
WordPress Plugin Relevanssi 2.7.2 - Persistent Cross-Site Scripting
|
1 |
WEB
|
Saif El-Sherei
|
|
2011-02-24
|
|
WordPress Plugin GigPress 2.1.10 - Persistent Cross-Site Scripting
|
1 |
WEB
|
Saif El-Sherei
|
|
2011-02-24
|
|
Alcassoft's SOPHIA CMS - SQL Injection
|
1 |
WEB
|
p0pc0rn
|
|
2011-02-23
|
|
VidiScript - SQL Injection
|
1 |
WEB
|
ThEtA.Nu
|
|
2011-02-23
|
|
course registration management system 2.1 - Multiple Vulnerabilities
|
1 |
WEB
|
AutoSec Tools
|
|
2011-02-23
|
|
WordPress Plugin Comment Rating 2.9.23 - Multiple Vulnerabilities
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-23
|
|
ProQuiz 2.0.0b - Arbitrary File Upload
|
1 |
WEB
|
AutoSec Tools
|
|
2011-02-23
|
|
WordPress Plugin Z-Vote 1.1 - SQL Injection
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-23
|
|
Bitweaver 2.8.1 - Persistent Cross-Site Scripting
|
1 |
WEB
|
lemlajt
|
|
2011-02-23
|
|
tplSoccerStats - 'player.php' SQL Injection
|
1 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-02-23
|
|
Hyena Cart - 'index.php' SQL Injection
|
2 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-02-22
|
|
dotProject 2.1.5 - Multiple Vulnerabilities
|
1 |
WEB
|
lemlajt
|
|
2011-02-22
|
|
Galilery 1.0 - Local File Inclusion
|
2 |
WEB
|
lemlajt
|
|
2011-02-22
|
|
DIY Web CMS - Multiple Vulnerabilities
|
2 |
WEB
|
p0pc0rn
|
|
2011-02-21
|
|
Woltlab Burning Board 2.3.6 Addon - 'hilfsmittel.php' SQL Injection
|
2 |
WEB
|
Crazyball
|
|
2011-02-20
|
|
JAKCMS 2.01 RC1 - Blind SQL Injection
|
2 |
WEB
|
mr_me
|
|
2011-02-20
|
|
JAKCMS 2.01 - Code Execution
|
2 |
WEB
|
mr_me
|
|
2011-02-20
|
|
Icy Phoenix 1.3.0.53a - HTTP Referer Persistent Cross-Site Scripting
|
2 |
WEB
|
Saif El-Sherei
|
|
2011-02-19
|
|
Independent Escort CMS - Blind SQL Injection
|
2 |
WEB
|
NoNameMT
|
|
2011-02-19
|
|
Escort Directory CMS - SQL Injection
|
2 |
WEB
|
NoNameMT
|
|
2011-02-19
|
|
eventum issue tracking system 2.3.1 - Persistent Cross-Site Scripting
|
2 |
WEB
|
Saif El-Sherei
|
|
2011-02-17
|
|
GAzie 5.10 - 'Login' Multiple Vulnerabilities
|
3 |
WEB
|
LiquidWorm
|
|
2011-02-17
|
|
WordPress Plugin User Photo Component - Arbitrary File Upload
|
2 |
WEB
|
ADVtools
|
|
2011-02-16
|
|
Rae Media Real Estate Multi Agent - SQL Injection
|
0 |
WEB
|
R4dc0re
|
|
2011-02-16
|
|
Rae Media Real Estate Single Agent - SQL Injection
|
2 |
WEB
|
R4dc0re
|
|
2011-02-15
|
|
Seo Panel 2.2.0 - SQL Injection
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-15
|
|
omegabill 1.0 build 6 - Multiple Vulnerabilities
|
2 |
WEB
|
AutoSec Tools
|
|
2011-02-15
|
|
Lingxia I.C.E CMS - Blind SQL Injection
|
2 |
WEB
|
mr_me
|
|
2011-02-15
|
|
phpMyBitTorrent 2.0.4 - SQL Injection
|
2 |
WEB
|
#forkbombers
|
|
2011-02-14
|
|
RunCMS 2.2.2 - Multiple Vulnerabilities
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-14
|
|
jSchool Advanced - SQL Injection
|
1 |
WEB
|
eXa.DisC
|
|
2011-02-14
|
|
AWCM 2.2 Final - Persistent Cross-Site Scripting
|
1 |
WEB
|
_84kur10_
|
|
2011-02-12
|
|
PixelPost 1.7.3 - Multiple POST SQL Injections
|
1 |
WEB
|
LiquidWorm
|
|
2011-02-12
|
|
Escort Agency CMS - Blind SQL Injection
|
1 |
WEB
|
NoNameMT
|
|
2011-02-12
|
|
TaskFreak! 0.6.4 - Multiple Cross-Site Scripting Vulnerabilities
|
0 |
WEB
|
LiquidWorm
|
|
2011-02-11
|
|
Openedit 5.1294 - Remote Code Execution
|
1 |
WEB
|
mr_me
|
|
2011-02-11
|
|
Kunena < 1.5.13 / < 1.6.3 - SQL Injection
|
1 |
WEB
|
Red Matter
|
|
2011-02-11
|
|
Geomi CMS 1.2/3.0 - SQL Injection
|
1 |
WEB
|
ThunDEr HeaD
|
|
2011-02-11
|
|
Horde - Horde_Image::factory driver Argument Local File Inclusion
|
1 |
WEB
|
skysbsb
|
|
2011-02-10
|
|
LocatePC 1.05 (Ligatt Version + Others) - SQL Injection
|
2 |
WEB
|
anonymous
|
|
2011-02-09
|
|
SourceBans 1.4.7 - Cross-Site Scripting
|
2 |
WEB
|
Sw1tCh
|
|
2011-02-09
|
|
WordPress Plugin Enable Media Replace - Multiple Vulnerabilities
|
2 |
WEB
|
Ulf Harnhammar
|
|
2011-02-09
|
|
MihanTools Script 1.3.3 - SQL Injection
|
2 |
WEB
|
WHITE_DEVIL
|
|
2011-02-09
|
|
Web 2.0 Social Network Freunde Community - SQL Injection
|
1 |
WEB
|
NoNameMT
|
|
2011-02-09
|
|
Auto Database System 1.0 Infusion Addon - SQL Injection
|
2 |
WEB
|
Saif
|
|
2011-02-08
|
|
AIOCP 1.4.001 - Cross-Site Request Forgery
|
1 |
WEB
|
AutoSec Tools
|
|
2011-02-08
|
|
dotProject 2.1.5 - Cross-Site Request Forgery
|
2 |
WEB
|
AutoSec Tools
|
|
2011-02-08
|
|
Model Agentur Script - SQL Injection
|
2 |
WEB
|
NoNameMT
|
|
2011-02-07
|
|
SWFupload 2.5.0 Beta 3 - Arbitrary File Upload
|
2 |
WEB
|
Daniel Godoy
|
|
2011-02-07
|
|
MyMarket 1.71 - 'index.php' SQL Injection
|
2 |
WEB
|
ahmadso
|
|
2011-02-07
|
|
jakcms 2.0 pro rc5 - Persistent Cross-Site Scripting via useragent http header Injection
|
2 |
WEB
|
Saif El-Sherei
|
|
2011-02-07
|
|
T-Content Managment System - Multiple Vulnerabilities
|
2 |
WEB
|
Daniel Godoy
|
|
2011-02-06
|
|
Dew-NewPHPLinks 2.1b - 'index.php' SQL Injection
|
2 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-02-05
|
|
Escort und Begleitservice Agentur Script - SQL Injection
|
2 |
WEB
|
NoNameMT
|
|
2011-02-05
|
|
Qcodo Development Framework 0.3.3 - Full Information Disclosure
|
1 |
WEB
|
Daniel Godoy
|
|
2011-02-05
|
|
Chamilo 1.8.7 / Dokeos 1.8.6 - Remote File Disclosure
|
2 |
WEB
|
beford
|
|
2011-02-04
|
|
osCommerce - Authentication Bypass
|
2 |
WEB
|
Nicolas Krassas
|
|
2011-02-04
|
|
reos 2.0.5 - Multiple Vulnerabilities
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-04
|
|
Podcast Generator 1.3 - Multiple Vulnerabilities
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-03
|
|
OemPro 3.6.4 - Multiple Vulnerabilities
|
1 |
WEB
|
Ignacio Garrido
|
|
2011-02-03
|
|
Islam Sound IV2 - 'details.php' SQL Injection
|
1 |
WEB
|
ZxH-Labs
|
|
2011-02-02
|
|
Zikula CMS 1.2.4 - Cross-Site Request Forgery
|
2 |
WEB
|
Aung Khant
|
|
2011-02-02
|
|
RedaxScript 0.3.2 - Multiple Vulnerabilities
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-02
|
|
Raja Natarajan Guestbook 1.0 - Local File Inclusion
|
2 |
WEB
|
h0rd
|
|
2011-02-01
|
|
Joomla! 1.5/1.6 - JFilterInput Cross-Site Scripting Bypass
|
2 |
WEB
|
Jeff Channell
|
|
2011-02-01
|
|
TinyWebGallery 1.8.3 - Multiple Vulnerabilities
|
2 |
WEB
|
Yam Mesicka
|
|
2011-02-01
|
|
NetLink - Arbitrary File Upload
|
2 |
WEB
|
lumut--
|
|
2011-02-01
|
|
PMB Services 3.4.3 - SQL Injection
|
1 |
WEB
|
Luchador
|
|
2011-01-30
|
|
RW-Download 4.0.6 - 'index.php' SQL Injection
|
1 |
WEB
|
Dr.NeT
|
|
2011-01-30
|
|
vBSEO Sitemap 2.5/3.0 - Multiple Vulnerabilities
|
2 |
WEB
|
MaXe
|
|
2011-01-30
|
|
vBSEO 3.2.2/3.5.2 - Persistent Cross-Site Scripting via LinkBacks
|
2 |
WEB
|
MaXe
|
|
2011-01-29
|
|
MultiCMS - Local File Inclusion
|
2 |
WEB
|
R3VAN_BASTARD
|
|
2011-01-28
|
|
PHP Script Directory Software - 'sbcat_id' SQL Injection
|
2 |
WEB
|
h4ck3r
|
|
2011-01-28
|
|
PHP Classified ads software - 'cid' Blind SQL Injection
|
2 |
WEB
|
h4ck3r
|
|
2011-01-28
|
|
PHP Link Directory Software - 'sbcat_id' SQL Injection
|
2 |
WEB
|
h4ck3r
|
|
2011-01-27
|
|
comercioplus 5.6 - Multiple Vulnerabilities
|
2 |
WEB
|
Daniel Godoy
|
|
2011-01-26
|
|
Xnova Legacies 2009.2 - Cross-Site Request Forgery
|
2 |
WEB
|
Xploit A Day
|
|
2011-01-26
|
|
MultiPowUpload 2.1 - Arbitrary File Upload
|
2 |
WEB
|
DIES3L
|
|
2011-01-26
|
|
sap crystal report server 2008 - Directory Traversal
|
2 |
WEB
|
Dmitriy Chastuhin
|
|
2011-01-26
|
|
Froxlor 0.9.15 - Remote File Inclusion
|
2 |
WEB
|
DIES3L
|
|
2011-01-26
|
|
class.upload.php 0.30 - Arbitrary File Upload
|
2 |
WEB
|
DIES3L
|
|
2011-01-26
|
|
AWCM 2.2 Final - Local File Inclusion
|
2 |
WEB
|
Cucura
|
|
2011-01-26
|
|
PHPDirector Game Edition - 'game.php' SQL Injection
|
2 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-01-25
|
|
ab Web CMS 1.35 - Multiple Vulnerabilities
|
2 |
WEB
|
Dr.0rYX & Cr3W-DZ
|
|
2011-01-24
|
|
Joomla! Component com_b2portfolio 1.0.0 - Multiple SQL Injections
|
2 |
WEB
|
Salvatore Fresta
|
|
2011-01-23
|
|
PHP Link Directory 4.1.0 - Cross-Site Request Forgery (Add Admin)
|
1 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-01-23
|
|
PHP Coupon Script 6.0 - 'bus' Blind SQL Injection
|
2 |
WEB
|
h4ck3r
|
|
2011-01-22
|
|
cultbooking 2.0.4 - Multiple Vulnerabilities
|
2 |
WEB
|
LiquidWorm
|
|
2011-01-22
|
|
phpCMS 9.0 - Blind SQL Injection
|
2 |
WEB
|
eidelweiss
|
|
2011-01-20
|
|
PHP Lowbids - 'viewfaqs.php' Blind SQL Injection
|
3 |
WEB
|
h4ck3r
|
|
2011-01-20
|
|
phpCMS 2008 - SQL Injection
|
2 |
WEB
|
R3d-D3V!L
|
|
2011-01-19
|
|
PHP auctions - 'viewfaqs.php' Blind SQL Injection
|
2 |
WEB
|
h4ck3r
|
|
2011-01-19
|
|
Simploo CMS 1.7.1 - PHP Code Execution
|
1 |
WEB
|
David Vieira-Kurz
|
|
2011-01-18
|
|
N-13 News 3.4 - Cross-Site Request Forgery (Admin Add)
|
2 |
WEB
|
anT!-Tr0J4n
|
|
2011-01-18
|
|
CakePHP 1.3.5/1.2.8 - 'Unserialize()' File Inclusion
|
2 |
WEB
|
felix
|
|
2011-01-18
|
|
Joomla! Component allCineVid 1.0.0 - Blind SQL Injection
|
2 |
WEB
|
Salvatore Fresta
|
