|
2015-11-10
|
|
Arris TG1682G Modem - Stored XSS Vulnerability
|
285 |
WEB
|
Nu11By73
|
|
2015-11-09
|
|
vBulletin 5.1.x - PreAuth 0day Remote Code Execution Exploit
|
254 |
WEB
|
hhjj
|
|
2015-11-06
|
|
OpenSSL Alternative Chains Certificate Forgery
|
221 |
WEB
|
Ramon de C Valle
|
|
2015-11-06
|
|
Java Secure Socket Extension (JSSE) SKIP-TLS
|
199 |
WEB
|
Ramon de C Valle
|
|
2015-11-02
|
|
eBay Magento <= 1.9.2.1 - PHP FPM XML eXternal Entity Injection
|
128 |
WEB
|
Dawid Golunski
|
|
2015-11-02
|
|
PHP Server Monitor 3.1.1- CSRF Privilege Escalation
|
73 |
WEB
|
hyp3rlinx
|
|
2015-10-27
|
|
articleFR 3.0.7 Arbitrary File Read
|
167 |
WEB
|
0keeteam
|
|
2015-10-27
|
|
SiteWIX SQL Injection
|
197 |
WEB
|
ZoRLu
|
|
2015-10-27
|
|
Beckhoff CX9020 CPU Module - Remote Code Execution Exploit
|
312 |
WEB
|
Photubias
|
|
2015-10-20
|
|
RealtyScript 4.0.2 SQL Injection
|
161 |
WEB
|
LiquidWorm
|
|
2015-10-20
|
|
RealtyScript 4.0.2 Cross Site Request Forgery / Cross Site Scripting
|
169 |
WEB
|
LiquidWorm
|
|
2015-10-19
|
|
Nibbleblog File Upload
|
115 |
WEB
|
Roberto Soares Espreto
|
|
2015-10-19
|
|
WordPress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability
|
225 |
WEB
|
PizzaHatHacker
|
|
2015-10-19
|
|
ZHONE < S3.0.501 - Multiple Remote Code Execution Vulnerabilities
|
185 |
WEB
|
Lyon Yang
|
|
2015-10-15
|
|
ElasticSearch Snapshot API Directory Traversal
|
195 |
WEB
|
Pedro Andujar
|
|
2015-10-14
|
|
Kerio Control <= 8.6.1 - Multiple Vulnerabilities
|
307 |
WEB
|
Raschin Tavakoli
|
|
2015-10-10
|
|
Buffalo LinkStation 1.34 / 1.69 / 1.70 Authentication Bypass
|
111 |
WEB
|
Jens Liebchen
|
|
2015-09-30
|
|
Western Digital My Cloud 04.01.03-421, 04.01.04-422 - Command Injection
|
174 |
WEB
|
absane
|
|
2015-09-29
|
|
ManageEngine EventLog Analyzer Remote Code Execution
|
85 |
WEB
|
xistence
|
|
2015-09-28
|
|
Watchguard XCS Remote Command Execution
|
123 |
WEB
|
Daniel Jensen
|
|
2015-09-28
|
|
SMF (Simple Machine Forum) <= 2.0.10 - Remote Memory Exfiltration Exploit
|
124 |
WEB
|
Filippo Roncari
|
|
2015-09-23
|
|
Shadow Infosystem Arbitrary File Download
|
92 |
WEB
|
Cloner-47
|
|
2015-09-11
|
|
php - cgimode fpm writeprocmemfile bypass disable function demo
|
265 |
WEB
|
ylbhz
|
|
2015-09-10
|
|
Auto-Exchanger 5.1.0 - CSRF Vulnerability
|
187 |
WEB
|
Aryan Bayaninejad
|
|
2015-09-07
|
|
Elastix < 2.5 , PHP Code Injection Exploit
|
188 |
WEB
|
i-Hmx
|
|
2015-09-07
|
|
WordPress Contact Form Generator <= 2.0.1 - Multiple CSRF Vulnerabilities
|
122 |
WEB
|
i0akiN SEC-LABORATORY
|
|
2015-09-06
|
|
GPON Home Router FTP G-93RG1 - CSRF Command Execution Vulnerability
|
92 |
WEB
|
Phan Thanh Duy
|
|
2015-09-06
|
|
YesWiki 0.2 - Path Traversal Vulnerability
|
96 |
WEB
|
HaHwul
|
|
2015-09-06
|
|
Thomson Wireless VoIP Cable Modem TWG850-4B ST9C.05.08 - Authentication Bypass
|
113 |
WEB
|
Glaysson dos Santos
|
|
2015-09-06
|
|
Serendipity 2.0.1 Shell Upload
|
165 |
WEB
|
Tim Coen
|
|
2015-09-01
|
|
Ganglia Web Frontend < 3.5.1 - PHP Code Execution
|
70 |
WEB
|
Andrei Costin
|
|
2015-08-31
|
|
Pluck CMS 4.7.3 - Multiple Vulnerabilities
|
87 |
WEB
|
smash
|
|
2015-08-25
|
|
Pligg CMS 2.0.2 - CSRF Add Admin Exploit
|
95 |
WEB
|
Arash Khazaei
|
|
2015-08-21
|
|
Pligg CMS 2.0.2 - Arbitrary Code Execution
|
176 |
WEB
|
Arash Khazaei
|
|
2015-08-21
|
|
up.time 7.5.0 Upload And Execute File Exploit
|
143 |
WEB
|
LiquidWorm
|
|
2015-08-21
|
|
up.time 7.5.0 Superadmin Privilege Escalation Exploit
|
161 |
WEB
|
LiquidWorm
|
|
2015-08-21
|
|
Easy File Management Web Server 5.6 Buffer Overflow
|
158 |
WEB
|
Tracy Turben
|
|
2015-08-19
|
|
Magento CE < 1.9.0.1 Post Auth RCE
|
177 |
WEB
|
Ebrietas0
|
|
2015-08-18
|
|
Sagemcom F@ST 3864 V2 - Get Admin Password
|
417 |
WEB
|
Cade Bull
|
|
2015-08-18
|
|
TOTOLINK Routers - Backdoor and RCE Exploit PoC
|
288 |
WEB
|
MadMouse
|
|
2015-08-13
|
|
PHPfileNavigator 2.3.3 Privilege Escalation
|
153 |
WEB
|
hyp3rlinx
|
|
2015-08-10
|
|
Microweber 1.0.3 - Stored XSS And CSRF Add Admin Exploit
|
164 |
WEB
|
LiquidWorm
|
|
2015-07-28
|
|
Xceedium Xsuite Command Injection / XSS / Traversal / Escalation
|
83 |
WEB
|
Martin Schobert
|
|
2015-07-15
|
|
FreiChat 9.6 SQL Injection
|
191 |
WEB
|
Kacper Szurek
|
|
2015-07-15
|
|
WordPress WP-PowerPlayGallery 3.3 File Upload / SQL Injection
|
197 |
WEB
|
Larry W. Cashdollar
|
|
2015-07-10
|
|
GWC CMS 1.0 SQL Injection
|
164 |
WEB
|
nopesled
|
|
2015-07-10
|
|
WordPress S3Bubble Cloud Video With Adverts / Analytics Arbitrary File Download
|
232 |
WEB
|
CrashBandicot
|
|
2015-07-07
|
|
DedeCMS < 5.7-sp1 - Remote File Inclusion
|
389 |
WEB
|
zise
|
|
2015-07-07
|
|
AirDroid Unauthenticated Arbitrary File Upload
|
59 |
WEB
|
Parsa Adib
|
|
2015-07-02
|
|
D-Link DSP-W w110 v1.05b01 - Multiple Vulnerabilities
|
108 |
WEB
|
DNO
|
|
2015-06-30
|
|
Huawei Home Gateway HG530 / HG520b Password Disclosure / Change
|
83 |
WEB
|
Fady Mohamed Osman
|
|
2015-06-30
|
|
C2Box 4.0.0 r19171 Cross Site Request Forgery
|
97 |
WEB
|
Wissam Bashour
|
|
2015-06-29
|
|
Joomla Simple Image Upload 1.0 Shell Upload
|
240 |
WEB
|
CrashBandicot
|
|
2015-06-29
|
|
WordPress Revslider Arbitrary File Upload / Download / XSS
|
110 |
WEB
|
CaFc Versace
|
|
2015-06-21
|
|
Tango FTP 1.0 Active-X Heap Spray
|
100 |
WEB
|
metacom
|
|
2015-06-21
|
|
Tango DropBox 3.1.5 Active-X Heap Spray
|
73 |
WEB
|
metacom
|
|
2015-06-17
|
|
Apexis IP CAM - Information Disclosure
|
235 |
WEB
|
Sunplace Solutions
|
|
2015-06-16
|
|
WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta Shell Upload
|
104 |
WEB
|
Larry W. Cashdollar
|
|
2015-06-16
|
|
WordPress NativeChurch Theme 1.0 / 1.5 Arbitrary File Download
|
148 |
WEB
|
Arash Khazaei
|
|
2015-06-12
|
|
D-Link DSP-W110 Command Execution / SQL Injection / File Upload
|
146 |
WEB
|
Peter Adkins
|
|
2015-06-11
|
|
GeoVision (GeoHttpServer) Webcams Remote File Disclosure Exploit
|
504 |
WEB
|
Viktor Minin
|
|
2015-06-10
|
|
Apexis IP CAM Username / Password Disclosure
|
227 |
WEB
|
Daniel Godoy
|
|
2015-06-10
|
|
WordPress Plugin 'WP Mobile Edition' - LFI Vulnerability
|
225 |
WEB
|
Ali Khalil
|
|
2015-06-05
|
|
ProductCart 2.1 Database Disclosure
|
86 |
WEB
|
indoushka
|
|
2015-06-05
|
|
CmyDocument CMS Database Disclosure
|
166 |
WEB
|
indoushka
|
|
2015-06-05
|
|
JDownloader 2 Beta Directory Traversal Vulnerability
|
106 |
WEB
|
PizzaHatHacker
|
|
2015-06-02
|
|
WordPress dzs-zoomsounds Plugins <= 2.0 - Remote File Upload Vulnerability
|
250 |
WEB
|
nabil chris
|
|
2015-06-02
|
|
D-Link Devices HNAP SOAPAction-Header Command Execution
|
110 |
WEB
|
Michael Messner
|
|
2015-06-01
|
|
Realtek SDK Miniigd UPnP SOAP Command Execution
|
204 |
WEB
|
Michael Messner
|
|
2015-06-01
|
|
Airties login-cgi Buffer Overflow
|
154 |
WEB
|
Michael Messner
|
|
2015-06-01
|
|
D-Link Devices UPnP SOAPAction-Header Command Execution
|
179 |
WEB
|
Michael Messner
|
|
2015-06-01
|
|
ESC 8832 Data Controller Multiple Vulnerabilities
|
82 |
WEB
|
alazs Makany
|
|
2015-05-28
|
|
extjs Arbitrary File Read
|
172 |
WEB
|
Jianfeng Gao
|
|
2015-05-27
|
|
Apache Jackrabbit WebDAV XXE Exploit
|
76 |
WEB
|
Mikhail Egorov
|
|
2015-05-27
|
|
Sendio ESP Information Disclosure Vulnerability
|
65 |
WEB
|
Core Security
|
|
2015-05-25
|
|
Newsletter 4.3 SQL Injection
|
78 |
WEB
|
Ashiyane Digital Security Team
|
|
2015-05-22
|
|
ElasticSearch 1.4.5 / 1.5.2 - Path Transversal Vulnerability
|
117 |
WEB
|
Pedro Andujar
|
|
2015-05-20
|
|
ManageEngine EventLog Analyzer 10.0 Build 10001 CSRF Vulnerability
|
107 |
WEB
|
Akash S. Chavan
|
|
2015-05-13
|
|
WordPress N-Media Website Contact Form with File Upload 1.3.4 - File Upload
|
55 |
WEB
|
F17.c0de
|
|
2015-05-12
|
|
SixApart MovableType Storable Perl Code Execution
|
126 |
WEB
|
John Lightsey
|
|
2015-05-12
|
|
D-Link DSL-500B Gen 2 - (URL Filter Configuration Panel) Stored XSS
|
74 |
WEB
|
XLabs Security
|
|
2015-05-12
|
|
D-Link DSL-500B Gen 2 - (Parental Control Configuration Panel) Stored XSS
|
69 |
WEB
|
XLabs Security
|
|
2015-05-08
|
|
WordPress RevSlider 3.0.95 File Upload / Execute
|
193 |
WEB
|
Tom Sellers
|
|
2015-05-08
|
|
elFinder 2 Remote Command Execution (Via File Creation) Vulnerability
|
92 |
WEB
|
TUNISIAN CYBER
|
|
2015-05-06
|
|
WordPress 4.2.1 XSS / Code Execution
|
79 |
WEB
|
Evex
|
|
2015-04-28
|
|
ProjectSend r561 CSRF / XSS / Shell Upload
|
73 |
WEB
|
TUNISIAN CYBER
|
|
2015-04-28
|
|
OTRS 3.x Cross Site Scripting
|
165 |
WEB
|
Adam Ziaja
|
|
2015-04-28
|
|
OTRS < 3.1.x & < 3.2.x & < 3.3.x - Stored Cross-Site Scripting (XSS) Vulnerability
|
158 |
WEB
|
Adam Ziaja
|
|
2015-04-27
|
|
WordPress WPshop eCommerce 1.3.9.5 Shell Upload
|
126 |
WEB
|
Roberto Soares Espreto
|
|
2015-04-27
|
|
WordPress InBoundio Marketing 2.0 Shell Upload
|
58 |
WEB
|
Roberto Soares Espreto
|
|
2015-04-23
|
|
Wolf CMS 0.8.2 Arbitrary File Upload Exploit
|
119 |
WEB
|
CWH Underground
|
|
2015-04-22
|
|
WordPress NEX-Forms 3.0 SQL Injection
|
189 |
WEB
|
Cleiton Pinheiro
|
|
2015-04-22
|
|
Open-Letters Remote PHP Code Injection Exploit
|
104 |
WEB
|
TUNISIAN CYBER
|
|
2015-04-21
|
|
WordPress SlideShow Gallery Authenticated File Upload
|
68 |
WEB
|
Roberto Soares Espreto
|
|
2015-04-21
|
|
MediaSuite CMS - Artibary File Disclosure Exploit
|
63 |
WEB
|
KnocKout
|
|
2015-04-20
|
|
WordPress Reflex Gallery Upload
|
105 |
WEB
|
Roberto Soares Espreto
|
|
2015-04-20
|
|
WordPress N-Media Website Contact Form Upload
|
75 |
WEB
|
Roberto Soares Espreto
|
|
2015-04-20
|
|
WordPress Creative Contact Form Upload
|
54 |
WEB
|
Roberto Soares Espreto
|
|
2015-04-13
|
|
TP-LINK Local File Disclosure
|
181 |
WEB
|
Stefan Viehböck
|
|
2015-04-07
|
|
WordPress PHP Event Calendar 1.5 Arbitrary File Upload Vulnerability
|
67 |
WEB
|
CrashBandicot
|
|
2015-04-02
|
|
WordPress VideoWhisper Video Presentation 3.31.17 Shell Upload
|
81 |
WEB
|
Larry W. Cashdollar
|
|
2015-04-02
|
|
WordPress VideoWhisper Video Conference Integration 4.91.8 Shell Upload
|
99 |
WEB
|
Larry W. Cashdollar
|
|
2015-04-02
|
|
WordPress Revolution Slider File Upload
|
68 |
WEB
|
CrashBandicot
|
|
2015-04-02
|
|
WordPress DesignFolio+ Theme File Upload
|
71 |
WEB
|
CrashBandicot
|
|
2015-04-01
|
|
Palo Alto Traps Server 3.1.2.1546 - Persistent XSS Vulnerability
|
173 |
WEB
|
Michael Hendrickx
|
|
2015-03-31
|
|
WebDepo CMS SQL Injection
|
124 |
WEB
|
Cleiton Pinheiro
|
|
2015-03-30
|
|
Wordpress Plugin Revolution Slider - Unrestricted File Upload Exploit
|
90 |
WEB
|
CrashBandicot
|
|
2015-03-30
|
|
WordPress Aspose Cloud eBook Generator File Download Vulnerability
|
88 |
WEB
|
ACC3SS
|
|
2015-03-26
|
|
WP Marketplace 2.4.0 - Remote Code Execution (Add WP Admin)
|
82 |
WEB
|
Claudio Viviani
|
|
2015-03-25
|
|
Wordpress InfusionSoft Shell Upload
|
82 |
WEB
|
us3r777
|
|
2015-03-25
|
|
WordPress OptimizePress Theme Shell Upload
|
81 |
WEB
|
Mekanismen
|
|
2015-03-25
|
|
WordPress cache_lastpostdate Arbitrary Code Execution
|
77 |
WEB
|
str0ke
|
|
2015-03-25
|
|
WordPress W3 Total Cache PHP Code Execution
|
75 |
WEB
|
hdm
|
|
2015-03-25
|
|
WordPress Foxypress uploadify.php Arbitrary Code Execution
|
67 |
WEB
|
patrick
|
|
2015-03-25
|
|
WordPress Marketplace 2.4.0 Arbitrary File Download
|
61 |
WEB
|
Kacper Szurek
|
|
2015-03-25
|
|
Unasjee CMS Cross Site Request Forgery
|
184 |
WEB
|
KnocKout
|
|
2015-03-25
|
|
WordPress Plugin InBoundio Marketing 1.0 - Shell Upload Vulnerability
|
175 |
WEB
|
KedAns-Dz
|
|
2015-03-24
|
|
Powershell Remoting Remote Command Execution
|
74 |
WEB
|
Ben Campbell
|
|
2015-03-24
|
|
Belkin Play N750 login.cgi Buffer Overflow
|
54 |
WEB
|
Michael Messner
|
|
2015-03-23
|
|
Wordpress WP Marketplace 2.4.0 Arbitrary File Download Vulnerability
|
60 |
WEB
|
Kacper Szurek
|
|
2015-03-20
|
|
Chamilo LMS 1.9.10 Cross Site Request Forgery / Cross Site Scripting
|
105 |
WEB
|
Rehan Ahmed
|
|
2015-03-20
|
|
Metasploit Project < 4.11.1 - Initial User Creation CSRF Vulnerability
|
110 |
WEB
|
Mohamed Abdelbaset Elnoby
|
|
2015-03-20
|
|
GoAutoDial CE 2.0 - Shell Upload Vulnerability
|
141 |
WEB
|
R-73eN
|
|
2015-03-20
|
|
EMC M&R (Watch4net) - Credential Disclosure
|
59 |
WEB
|
Han Sahin
|
|
2015-03-17
|
|
WordPress Reflex Gallery 3.1.3 Shell Upload
|
97 |
WEB
|
Cleiton Pinheiro
|
