|
2016-05-05
|
|
PHP Imagick 3.3.0 - disable_functions Bypass
|
577 |
WEB
|
RicterZ
|
|
2016-04-28
|
|
Multiple Vendors (RomPager <= 4.34) - Misfortune Cookie Router Authentication Bypass
|
127 |
WEB
|
Milad Doorbash
|
|
2016-04-26
|
|
Gemtek CPE7000 - WLTCS-106 sysconf.cgi Unauthenticated Remote Command Execution (MSF)
|
101 |
WEB
|
Federico Scalco
|
|
2016-04-26
|
|
Gemtek CPE7000 - WLTCS-106 Administrator SID Retriever (MSF)
|
148 |
WEB
|
Federico Scalco
|
|
2016-04-22
|
|
Gemtek CPE7000 / WLTCS-106 - Multiple Vulnerabilities
|
241 |
WEB
|
Federico Ramondino
|
|
2016-04-22
|
|
Symantec Brightmail 10.6.0-7- LDAP Credentials Disclosure
|
121 |
WEB
|
Fakhir Karim Reda
|
|
2016-04-21
|
|
PHPBack 1.3.0 - SQL Injection
|
232 |
WEB
|
hyp3rlinx
|
|
2016-04-15
|
|
Oracle Application Testing Suite 12.4.0.2.0 - Authentication Bypass and Arbitrary File Upload Exploi
|
204 |
WEB
|
Zhou Yu
|
|
2016-04-06
|
|
WordPress Advanced Video Plugin 1.0 - Local File Inclusion Exploit
|
218 |
WEB
|
evait security GmbH
|
|
2016-03-18
|
|
Zenphoto 1.4.11 - Remote File Inclusion Vulnerability
|
130 |
WEB
|
curesec
|
|
2016-03-08
|
|
ATutor LMS install_modules.php CSRF Remote Code Execution Vulnerability
|
178 |
WEB
|
mr_me
|
|
2016-03-04
|
|
WordPress Bulk Delete Plugin 5.5.3 - Privilege Escalation
|
152 |
WEB
|
Panagiotis Vagenas
|
|
2016-03-01
|
|
Pulse CMS 4.5.2 Local File Inclusion
|
369 |
WEB
|
Ehsan Hosseini
|
|
2016-02-26
|
|
IBM Lotus Domino <= R8 Password Hash Extraction Exploit
|
338 |
WEB
|
Jonathan Broche
|
|
2016-02-25
|
|
WordPress Extra User Details Plugin 0.4.2 - Privilege Escalation
|
115 |
WEB
|
Panagiotis Vagenas
|
|
2016-02-18
|
|
Cisco ASA VPN Portal Cross Site Scripting
|
153 |
WEB
|
Juan Sacco
|
|
2016-02-17
|
|
phpMyBackupPro 2.5 - Remote Command Execution / CSRF
|
136 |
WEB
|
hyp3rlinx
|
|
2016-02-17
|
|
Inductive Automation Ignition 7.8.1 Remote Leakage Of Shared Buffers
|
223 |
WEB
|
LiquidWorm
|
|
2016-02-14
|
|
Wordpress Smallbiz Themes Remote File Uploads Vulnerability
|
383 |
WEB
|
Milad Hacking
|
|
2016-02-14
|
|
WordPress WooCommerce Store Toolkit Plugin 1.5.5 - Privilege Escalation Exploit
|
107 |
WEB
|
Panagiotis Vagenas
|
|
2016-02-14
|
|
WordPress WP User Frontend Plugin < 2.3.11 - Unrestricted File Upload Exploit
|
324 |
WEB
|
Panagiotis Vagenas
|
|
2016-02-14
|
|
JiveForums 5.5.25 Directory Traversal Exploit
|
222 |
WEB
|
Zhaohuan
|
|
2016-01-27
|
|
Glassfish Server - Arbitrary File Read Vulnerability
|
358 |
WEB
|
bingbing
|
|
2016-01-26
|
|
pfSense Firewall <= 2.2.5 - Config File CSRF
|
138 |
WEB
|
Aatif Shahdad
|
|
2016-01-22
|
|
Joomla com_forum Remote SQL Injection Exploit
|
227 |
WEB
|
Dz MinD Injector
|
|
2016-01-15
|
|
Manage Engine Application Manager 12.5 - Arbitrary Command Execution Vulnerability
|
370 |
WEB
|
Bikramaditya Guha
|
|
2016-01-15
|
|
SevOne NMS <= 5.3.6.0 - Remote Root Exploit
|
184 |
WEB
|
iamsecurity
|
|
2016-01-14
|
|
WhatsUp Gold 16.3 - Unauthenticated Remote Code Execution
|
106 |
WEB
|
Matt Buzanowski
|
|
2016-01-07
|
|
D-Link DCS-931L Arbitrary File Upload
|
165 |
WEB
|
Brendan Coles
|
|
2016-01-04
|
|
Joomla 3.4.5 Object Injection
|
230 |
WEB
|
Khashayar Fereidani
|
|
2016-01-04
|
|
WordPress Simple Ads Manager 2.9.4.116 SQL Injection
|
230 |
WEB
|
Kacper Szurek
|
|
2016-01-04
|
|
Simple Ads Manager 2.9.4.116 - SQL Injection
|
212 |
WEB
|
Kacper Szurek
|
|
2015-12-23
|
|
phpMyFAQ 2.7.9 PHP Code Injection
|
163 |
WEB
|
indoushka
|
|
2015-12-22
|
|
Ovidentia Widgets 1.0.61 - Remote Command Execution Exploit
|
145 |
WEB
|
bd0rk
|
|
2015-12-16
|
|
Article Script 1.00 SQL Injection
|
105 |
WEB
|
Linux Zone Research Team
|
|
2015-12-16
|
|
WordPress Tierra Billboard Manager 1.14 SQL Injection
|
140 |
WEB
|
Linux Zone Research Team
|
|
2015-12-15
|
|
Joomla MyDynGallery SQL Injection
|
205 |
WEB
|
D35m0nd142
|
|
2015-12-08
|
|
DMarket 1.0 Remote PHP Code Injection
|
124 |
WEB
|
indoushka
|
|
2015-12-07
|
|
Atlassian HipChat for Jira Plugin Velocity Template Injection
|
216 |
WEB
|
sinn3r
|
|
2015-12-02
|
|
Advantech Switch Bash Environment Variable Code Injection
|
155 |
WEB
|
hdm
|
|
2015-11-26
|
|
Dimofinf 3.0.0 SQL Injection
|
94 |
WEB
|
D35m0nd142
|
|
2015-11-24
|
|
vBulletin 5.x - Remote Code Execution Exploit
|
111 |
WEB
|
Mohammad Reza
|
|
2015-11-18
|
|
WordPress Users Ultra 1.5.50 Unrestricted File Upload
|
167 |
WEB
|
panVagenas
|
|
2015-11-17
|
|
D-Link DIR-816L Cross Site Request Forgery
|
185 |
WEB
|
Bhadresh Patel
|
|
2015-11-17
|
|
D-Link SSDP Command Injection
|
207 |
WEB
|
Samuel Huntley
|
|
2015-11-17
|
|
D-Link DIR-890L/R Buffer Overflow
|
353 |
WEB
|
Samuel Huntley
|
|
2015-11-17
|
|
D-Link DIR-866L Buffer Overflow
|
125 |
WEB
|
Samuel Huntley
|
|
2015-11-17
|
|
D-Link DIR-825 Buffer Overflow / Directory Traversal
|
86 |
WEB
|
Samuel Huntley
|
|
2015-11-17
|
|
D-Link DIR-818W Buffer Overflow / Command Injection
|
78 |
WEB
|
Samuel Huntley
|
|
2015-11-17
|
|
D-Link DGL5500 - HNAP Buffer Overflow Vulnerability
|
87 |
WEB
|
Samuel Huntley
|
|
2015-11-16
|
|
Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload Version 1
|
181 |
WEB
|
Denis Andzakovic
|
|
2015-11-16
|
|
Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload Version 2
|
174 |
WEB
|
Denis Andzakovic
|
|
2015-11-16
|
|
vBulletin 5.1.2 Unserialize Code Execution
|
264 |
WEB
|
cutz
|
|
2015-11-11
|
|
Google AdWords <= 6.2.0 API client libraries - XML eXternal Entity Injection (XXE)
|
136 |
WEB
|
Dawid Golunski
|
|
2015-11-11
|
|
Google AdWords API PHP client library <= 6.2.0 - Arbitrary PHP Code Execution
|
54 |
WEB
|
Dawid Golunski
|
|
2015-11-11
|
|
Jenkins 1.633 - Unauthenticated Credential Recovery
|
213 |
WEB
|
The Repo
|
|
2015-11-10
|
|
Google AdWords API PHP Client Library 6.2.0 XXE Injection
|
183 |
WEB
|
Dawid Golunski
|
|
2015-11-10
|
|
Google AdWords API PHP Client Library 6.2.0 Code Execution
|
162 |
WEB
|
Dawid Golunski
|
|
2015-11-10
|
|
Arris TG1682G Modem - Stored XSS Vulnerability
|
291 |
WEB
|
Nu11By73
|
|
2015-11-09
|
|
vBulletin 5.1.x - PreAuth 0day Remote Code Execution Exploit
|
260 |
WEB
|
hhjj
|
|
2015-11-06
|
|
OpenSSL Alternative Chains Certificate Forgery
|
226 |
WEB
|
Ramon de C Valle
|
|
2015-11-06
|
|
Java Secure Socket Extension (JSSE) SKIP-TLS
|
204 |
WEB
|
Ramon de C Valle
|
|
2015-11-02
|
|
eBay Magento <= 1.9.2.1 - PHP FPM XML eXternal Entity Injection
|
133 |
WEB
|
Dawid Golunski
|
|
2015-11-02
|
|
PHP Server Monitor 3.1.1- CSRF Privilege Escalation
|
78 |
WEB
|
hyp3rlinx
|
|
2015-10-27
|
|
articleFR 3.0.7 Arbitrary File Read
|
173 |
WEB
|
0keeteam
|
|
2015-10-27
|
|
SiteWIX SQL Injection
|
203 |
WEB
|
ZoRLu
|
|
2015-10-27
|
|
Beckhoff CX9020 CPU Module - Remote Code Execution Exploit
|
317 |
WEB
|
Photubias
|
|
2015-10-20
|
|
RealtyScript 4.0.2 SQL Injection
|
166 |
WEB
|
LiquidWorm
|
|
2015-10-20
|
|
RealtyScript 4.0.2 Cross Site Request Forgery / Cross Site Scripting
|
173 |
WEB
|
LiquidWorm
|
|
2015-10-19
|
|
Nibbleblog File Upload
|
120 |
WEB
|
Roberto Soares Espreto
|
|
2015-10-19
|
|
WordPress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability
|
230 |
WEB
|
PizzaHatHacker
|
|
2015-10-19
|
|
ZHONE < S3.0.501 - Multiple Remote Code Execution Vulnerabilities
|
190 |
WEB
|
Lyon Yang
|
|
2015-10-15
|
|
ElasticSearch Snapshot API Directory Traversal
|
200 |
WEB
|
Pedro Andujar
|
|
2015-10-14
|
|
Kerio Control <= 8.6.1 - Multiple Vulnerabilities
|
313 |
WEB
|
Raschin Tavakoli
|
|
2015-10-10
|
|
Buffalo LinkStation 1.34 / 1.69 / 1.70 Authentication Bypass
|
117 |
WEB
|
Jens Liebchen
|
|
2015-09-30
|
|
Western Digital My Cloud 04.01.03-421, 04.01.04-422 - Command Injection
|
179 |
WEB
|
absane
|
|
2015-09-29
|
|
ManageEngine EventLog Analyzer Remote Code Execution
|
90 |
WEB
|
xistence
|
|
2015-09-28
|
|
Watchguard XCS Remote Command Execution
|
128 |
WEB
|
Daniel Jensen
|
|
2015-09-28
|
|
SMF (Simple Machine Forum) <= 2.0.10 - Remote Memory Exfiltration Exploit
|
129 |
WEB
|
Filippo Roncari
|
|
2015-09-23
|
|
Shadow Infosystem Arbitrary File Download
|
97 |
WEB
|
Cloner-47
|
|
2015-09-11
|
|
php - cgimode fpm writeprocmemfile bypass disable function demo
|
271 |
WEB
|
ylbhz
|
|
2015-09-10
|
|
Auto-Exchanger 5.1.0 - CSRF Vulnerability
|
190 |
WEB
|
Aryan Bayaninejad
|
|
2015-09-07
|
|
Elastix < 2.5 , PHP Code Injection Exploit
|
195 |
WEB
|
i-Hmx
|
|
2015-09-07
|
|
WordPress Contact Form Generator <= 2.0.1 - Multiple CSRF Vulnerabilities
|
128 |
WEB
|
i0akiN SEC-LABORATORY
|
|
2015-09-06
|
|
GPON Home Router FTP G-93RG1 - CSRF Command Execution Vulnerability
|
96 |
WEB
|
Phan Thanh Duy
|
|
2015-09-06
|
|
YesWiki 0.2 - Path Traversal Vulnerability
|
101 |
WEB
|
HaHwul
|
|
2015-09-06
|
|
Thomson Wireless VoIP Cable Modem TWG850-4B ST9C.05.08 - Authentication Bypass
|
119 |
WEB
|
Glaysson dos Santos
|
|
2015-09-06
|
|
Serendipity 2.0.1 Shell Upload
|
172 |
WEB
|
Tim Coen
|
|
2015-09-01
|
|
Ganglia Web Frontend < 3.5.1 - PHP Code Execution
|
75 |
WEB
|
Andrei Costin
|
|
2015-08-31
|
|
Pluck CMS 4.7.3 - Multiple Vulnerabilities
|
93 |
WEB
|
smash
|
|
2015-08-25
|
|
Pligg CMS 2.0.2 - CSRF Add Admin Exploit
|
100 |
WEB
|
Arash Khazaei
|
|
2015-08-21
|
|
Pligg CMS 2.0.2 - Arbitrary Code Execution
|
181 |
WEB
|
Arash Khazaei
|
|
2015-08-21
|
|
up.time 7.5.0 Upload And Execute File Exploit
|
149 |
WEB
|
LiquidWorm
|
|
2015-08-21
|
|
up.time 7.5.0 Superadmin Privilege Escalation Exploit
|
165 |
WEB
|
LiquidWorm
|
|
2015-08-21
|
|
Easy File Management Web Server 5.6 Buffer Overflow
|
163 |
WEB
|
Tracy Turben
|
|
2015-08-19
|
|
Magento CE < 1.9.0.1 Post Auth RCE
|
183 |
WEB
|
Ebrietas0
|
|
2015-08-18
|
|
Sagemcom F@ST 3864 V2 - Get Admin Password
|
423 |
WEB
|
Cade Bull
|
|
2015-08-18
|
|
TOTOLINK Routers - Backdoor and RCE Exploit PoC
|
293 |
WEB
|
MadMouse
|
|
2015-08-13
|
|
PHPfileNavigator 2.3.3 Privilege Escalation
|
158 |
WEB
|
hyp3rlinx
|
|
2015-08-10
|
|
Microweber 1.0.3 - Stored XSS And CSRF Add Admin Exploit
|
169 |
WEB
|
LiquidWorm
|
|
2015-07-28
|
|
Xceedium Xsuite Command Injection / XSS / Traversal / Escalation
|
89 |
WEB
|
Martin Schobert
|
|
2015-07-15
|
|
FreiChat 9.6 SQL Injection
|
196 |
WEB
|
Kacper Szurek
|
|
2015-07-15
|
|
WordPress WP-PowerPlayGallery 3.3 File Upload / SQL Injection
|
204 |
WEB
|
Larry W. Cashdollar
|
|
2015-07-10
|
|
GWC CMS 1.0 SQL Injection
|
169 |
WEB
|
nopesled
|
|
2015-07-10
|
|
WordPress S3Bubble Cloud Video With Adverts / Analytics Arbitrary File Download
|
237 |
WEB
|
CrashBandicot
|
|
2015-07-07
|
|
DedeCMS < 5.7-sp1 - Remote File Inclusion
|
394 |
WEB
|
zise
|
|
2015-07-07
|
|
AirDroid Unauthenticated Arbitrary File Upload
|
64 |
WEB
|
Parsa Adib
|
|
2015-07-02
|
|
D-Link DSP-W w110 v1.05b01 - Multiple Vulnerabilities
|
113 |
WEB
|
DNO
|
|
2015-06-30
|
|
Huawei Home Gateway HG530 / HG520b Password Disclosure / Change
|
88 |
WEB
|
Fady Mohamed Osman
|
|
2015-06-30
|
|
C2Box 4.0.0 r19171 Cross Site Request Forgery
|
104 |
WEB
|
Wissam Bashour
|
|
2015-06-29
|
|
Joomla Simple Image Upload 1.0 Shell Upload
|
245 |
WEB
|
CrashBandicot
|
|
2015-06-29
|
|
WordPress Revslider Arbitrary File Upload / Download / XSS
|
116 |
WEB
|
CaFc Versace
|
|
2015-06-21
|
|
Tango FTP 1.0 Active-X Heap Spray
|
102 |
WEB
|
metacom
|
|
2015-06-21
|
|
Tango DropBox 3.1.5 Active-X Heap Spray
|
77 |
WEB
|
metacom
|
|
2015-06-17
|
|
Apexis IP CAM - Information Disclosure
|
240 |
WEB
|
Sunplace Solutions
|
|
2015-06-16
|
|
WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta Shell Upload
|
109 |
WEB
|
Larry W. Cashdollar
|
|
2015-06-16
|
|
WordPress NativeChurch Theme 1.0 / 1.5 Arbitrary File Download
|
153 |
WEB
|
Arash Khazaei
|
|
2015-06-12
|
|
D-Link DSP-W110 Command Execution / SQL Injection / File Upload
|
149 |
WEB
|
Peter Adkins
|
|
2015-06-11
|
|
GeoVision (GeoHttpServer) Webcams Remote File Disclosure Exploit
|
508 |
WEB
|
Viktor Minin
|
|
2015-06-10
|
|
Apexis IP CAM Username / Password Disclosure
|
231 |
WEB
|
Daniel Godoy
|
|
2015-06-10
|
|
WordPress Plugin 'WP Mobile Edition' - LFI Vulnerability
|
231 |
WEB
|
Ali Khalil
|
|
2015-06-05
|
|
ProductCart 2.1 Database Disclosure
|
89 |
WEB
|
indoushka
|
|
2015-06-05
|
|
CmyDocument CMS Database Disclosure
|
169 |
WEB
|
indoushka
|
|
2015-06-05
|
|
JDownloader 2 Beta Directory Traversal Vulnerability
|
110 |
WEB
|
PizzaHatHacker
|
|
2015-06-02
|
|
WordPress dzs-zoomsounds Plugins <= 2.0 - Remote File Upload Vulnerability
|
254 |
WEB
|
nabil chris
|
