|
2014-11-18
|
|
Joomla HD FLV 2.1.0.1 Arbitrary File Download
|
98 |
WEB
|
Claudio Viviani
|
|
2014-11-18
|
|
PHP 5.x - Bypass Disable Functions Vulnerability
|
152 |
WEB
|
Ryan King
|
|
2014-11-18
|
|
Proticaret E-Commerce Script 3.0 - SQL Injection Vulnerability
|
68 |
WEB
|
Onur Alanbel
|
|
2014-11-18
|
|
ZTE ZXHN H108L - Authentication Bypass
|
208 |
WEB
|
Project Zero Labs
|
|
2014-11-18
|
|
ZTE ZXHN H108L - Authentication Bypass
|
56 |
WEB
|
Project Zero Labs
|
|
2014-11-14
|
|
Who's Who Script Cross Site Request Forgery
|
85 |
WEB
|
ZoRLu
|
|
2014-11-14
|
|
Joomla HD FLV 2.1.0.1 SQL Injection
|
93 |
WEB
|
Claudio Viviani
|
|
2014-11-11
|
|
IP.Board 3.4.7 SQL Injection
|
87 |
WEB
|
secthrowaway
|
|
2014-11-05
|
|
Drupal < 7.32 Pre Auth SQL Injection
|
152 |
WEB
|
Stefan Horst
|
|
2014-10-31
|
|
Joomla RD Download SQL Injection
|
129 |
WEB
|
Claudio Viviani
|
|
2014-10-30
|
|
MAARCH 1.4 - Arbitrary File Upload
|
76 |
WEB
|
Adrien Thierry
|
|
2014-10-29
|
|
vBulletin Tapatalk - Blind SQL Injection
|
188 |
WEB
|
tintinweb
|
|
2014-10-28
|
|
vBulletin 4.x Tapatalk Blind SQL Injection
|
103 |
WEB
|
tintinweb
|
|
2014-10-28
|
|
Incredible PBX 2.0.6.5.0 - Remote Command Execution Exploit
|
83 |
WEB
|
Simo Ben Youssef
|
|
2014-10-28
|
|
HP Operations Agent Remote XSS iFrame Injection
|
101 |
WEB
|
Matt Schmidt
|
|
2014-10-28
|
|
Creative Contact Form (Wordpress 0.9.7 and Joomla 2.0.0) - Shell Upload Vulnerability
|
88 |
WEB
|
Claudio Viviani
|
|
2014-10-24
|
|
Centreon SQL / Command Injection
|
95 |
WEB
|
MaZ
|
|
2014-10-24
|
|
WordPress / Joomla Creative Contact Form 0.9.7 Shell Upload
|
96 |
WEB
|
Claudio Viviani
|
|
2014-10-24
|
|
Feng Office 1.7.4 - Arbitrary File Upload
|
70 |
WEB
|
AutoSec Tools
|
|
2014-10-23
|
|
DotNetNuke DNNspot Store 3.0.0 Arbitary File Upload
|
164 |
WEB
|
Glafkos Charalambous
|
|
2014-10-21
|
|
ZTE ZXDSL-931VII - Unauthenticated Configuration Dump
|
247 |
WEB
|
L0ukanik0-s S0kniaku0l
|
|
2014-10-20
|
|
Fonality Trixbox CE 2.8.0.4 Command Execution Vulnerability
|
86 |
WEB
|
Simo Ben
|
|
2014-10-20
|
|
NETIS DL4322D Multiple Vulnerabilities
|
80 |
WEB
|
AkaStep
|
|
2014-10-20
|
|
Wordpress Theme Dazzling Shell Upload Vulnerability
|
100 |
WEB
|
king_cobra
|
|
2014-10-20
|
|
Drupal Core <= 7.32 - SQL Injection (PHP)
|
91 |
WEB
|
Dustin Dörr
|
|
2014-10-20
|
|
Drupal Core <= 7.32 - SQL Injection
|
78 |
WEB
|
fyukyuk
|
|
2014-10-17
|
|
Drupal 7.X SQL Injection
|
192 |
WEB
|
Claudio Viviani
|
|
2014-10-15
|
|
SEO Control Panel 3.6.0 - Authenticated SQL Injection
|
81 |
WEB
|
Tiago Carvalho
|
|
2014-10-14
|
|
Croogo 2.0.0 Arbitrary PHP Code Execution / Cross Site Scripting Vulnerabilities
|
86 |
WEB
|
LiquidWorm
|
|
2014-10-09
|
|
Nessus Web UI 2.3.3 Cross Site Scripting Vulnerability
|
65 |
WEB
|
Frank Lycops
|
|
2014-10-09
|
|
Wordpress InfusionSoft Upload
|
121 |
WEB
|
us3r777
|
|
2014-10-08
|
|
Toast Forums Database Disclosure
|
97 |
WEB
|
indoushka
|
|
2014-10-08
|
|
Snitz Forums 2000 3.4.07 Database Disclosure
|
88 |
WEB
|
indoushka
|
|
2014-10-08
|
|
AutoWeb 3.0 SQL Injection
|
257 |
WEB
|
ZoRLu
|
|
2014-10-08
|
|
Wordpress Slideshow Gallery 1.4.6 - Shell Upload (Python Exploit)
|
70 |
WEB
|
Claudio Viviani
|
|
2014-10-08
|
|
IPFire Cgi Web Interface Authenticated Bash Environment Variable Code Injection exploit
|
94 |
WEB
|
Claudio Viviani
|
|
2014-09-30
|
|
Microsoft Exchange IIS HTTP Internal IP Address Disclosure
|
76 |
WEB
|
Nate Power
|
|
2014-09-30
|
|
OpenFiler 2.99.1 - CSRF Vulnerability
|
86 |
WEB
|
Dolev Farhi
|
|
2014-09-28
|
|
Comersus Sophisticated Cart Database Disclosure
|
84 |
WEB
|
indoushka
|
|
2014-09-26
|
|
Nucom ADSL ADSLR5000UN ISP Credentials Disclosure
|
70 |
WEB
|
Sebastián Magof
|
|
2014-09-25
|
|
ZyXEL Prestig P-660HNU-T1 ISP Credentials Disclosure Exploit
|
88 |
WEB
|
Sebastián Magof
|
|
2014-09-23
|
|
Joomla Face Gallery 1.0 Multiple Vulnerabilities
|
94 |
WEB
|
Claudio Viviani
|
|
2014-09-23
|
|
Joomla Mac Gallery <= 1.5 Arbitrary File Download Exploit
|
83 |
WEB
|
Claudio Viviani
|
|
2014-09-22
|
|
GetSimpleCMS PHP File Upload
|
74 |
WEB
|
Ahmed Elhady Mohamed
|
|
2014-09-19
|
|
Briefcase 4.0 iOS - Code Execution & File Include Vulnerability
|
96 |
WEB
|
Vulnerability-Lab
|
|
2014-09-18
|
|
ZTE ZXDSL-931VII Unauthenticated Configuration Dump
|
342 |
WEB
|
L0ukanik0s
|
|
2014-09-17
|
|
WordPress Slideshow Gallery 1.4.6 Shell Upload
|
76 |
WEB
|
Claudio Viviani
|
|
2014-09-16
|
|
ALCASAR <= 2.8.1 - Remote Root Code Execution Vulnerability
|
128 |
WEB
|
eF
|
|
2014-09-15
|
|
EGYWEB (Mantrac) <= Remote File Disclosure Exploit
|
106 |
WEB
|
KnocKout
|
|
2014-09-12
|
|
Onlineon E-Ticaret Database Disclosure
|
88 |
WEB
|
ZoRLu
|
|
2014-09-12
|
|
Joomla Spider Contacts 1.3.6 (index.php, contacts_id param) - SQL Injection
|
89 |
WEB
|
Claudio Viviani
|
|
2014-08-29
|
|
DomainTrader Domain Parking / Auction Script 2.5.3 CSRF / XSS
|
74 |
WEB
|
Haider Mahmood
|
|
2014-08-29
|
|
XRMS - Blind SQL Injection and Command Execution
|
110 |
WEB
|
Benjamin Harris
|
|
2014-08-29
|
|
PhpWiki - Remote Command Execution
|
55 |
WEB
|
Benjamin Harris
|
|
2014-08-29
|
|
ActualAnalyzer Lite 2.81 - Unauthenticated Command Execution
|
76 |
WEB
|
Benjamin Harris
|
|
2014-08-29
|
|
Plogger 1.0-RC1 - Authenticated Arbitrary File Upload
|
77 |
WEB
|
b0z
|
|
2014-08-20
|
|
HybridAuth install.php PHP Code Execution
|
82 |
WEB
|
Pichaya Morimoto
|
|
2014-08-14
|
|
WordPress Disqus 2.7.5 CSRF / Cross Site Scripting Vulnerabilities
|
115 |
WEB
|
Nik Cubrilovic
|
|
2014-08-13
|
|
CS-Cart 4.2.0 Session Hijacking
|
67 |
WEB
|
Nik Cubrilovic
|
|
2014-08-04
|
|
TigerCom iFolder+ v1.2 iOS - Multiple Vulnerabilities
|
94 |
WEB
|
Vulnerability-Lab
|
|
2014-07-31
|
|
D-Link AP 3200 Multiple Vulnerabilities
|
101 |
WEB
|
pws
|
|
2014-07-31
|
|
SkaDate Lite 2.0 - Remote Code Execution Exploit
|
185 |
WEB
|
LiquidWorm
|
|
2014-07-29
|
|
Oxwall 1.7.0 - Remote Code Execution Exploit
|
137 |
WEB
|
LiquidWorm
|
|
2014-07-29
|
|
Oxwall 1.7.0 - Multiple CSRF And HTML Injection Vulnerabilities
|
91 |
WEB
|
LiquidWorm
|
|
2014-07-28
|
|
Pligg 2.0.1 - Multiple Vulnerabilities
|
83 |
WEB
|
BlackHawk
|
|
2014-07-25
|
|
NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure vulnerability
|
89 |
WEB
|
Dolev Farhi
|
|
2014-07-22
|
|
vBulletin 5.1.2 SQL Injection
|
89 |
WEB
|
Nytro
|
|
2014-07-22
|
|
MTS MBlaze Ultra Wi-Fi / ZTE AC3633 - Multiple Vulnerabilities
|
76 |
WEB
|
Ajin Abraham
|
|
2014-07-16
|
|
Wordpress WPTouch Authenticated File Upload
|
63 |
WEB
|
Marc-Alexandre Montpas
|
|
2014-07-09
|
|
Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow
|
108 |
WEB
|
Redsadic
|
|
2014-07-09
|
|
Wordpress Theme ProjectTheme Shell Upload Vulnerability
|
121 |
WEB
|
Aloulou
|
|
2014-07-09
|
|
Wordpress Theme PricerrTheme Shell Upload Vulnerability
|
126 |
WEB
|
Aloulou
|
|
2014-07-08
|
|
Netgear WNR1000v3 - Password Recovery Credential Disclosure Vulnerability
|
143 |
WEB
|
c1ph04
|
|
2014-07-01
|
|
IBM Algorithmics RICOS Disclosure / XSS / CSRF
|
143 |
WEB
|
F. Lukavsky
|
|
2014-07-01
|
|
Horde Framework Unserialize PHP Code Execution
|
77 |
WEB
|
Akra Macha
|
|
2014-06-30
|
|
WordPress wp-crm Plugin Arbitrary File Upload Vulnerability
|
312 |
WEB
|
brunox
|
|
2014-06-27
|
|
Python CGIHTTPServer File Disclosure / Code Execution
|
239 |
WEB
|
Jens Liebchen
|
|
2014-06-25
|
|
WordPress image-symlinks Plugin Arbitrary File Upload Vulnerability
|
153 |
WEB
|
brunox
|
|
2014-06-25
|
|
Cogent DataHub Command Injection
|
109 |
WEB
|
juan vazquez
|
|
2014-06-24
|
|
Supermicro IPMI/BMC Cleartext Password Scanner
|
211 |
WEB
|
1N3
|
|
2014-06-23
|
|
D-link DSL-2760U-E1 - Persistent XSS
|
80 |
WEB
|
Yuval tisf Nativ
|
|
2014-06-20
|
|
AlienVault OSSIM av-centerd Command Injection
|
60 |
WEB
|
temp66
|
|
2014-06-19
|
|
Ericom AccessNow Server Buffer Overflow
|
93 |
WEB
|
temp66
|
|
2014-06-16
|
|
ZeroCMS 1.0 - zero_transact_user.php, Handling Privilege Escalation
|
150 |
WEB
|
Tiago Carvalho
|
|
2014-06-13
|
|
Plesk 10.4.4 / 11.0.9 XXE Injection
|
80 |
WEB
|
z00
|
|
2014-06-10
|
|
Xornic Contact Us Form CAPTCHA Bypass / XSS
|
99 |
WEB
|
Scott Arciszewski
|
|
2014-06-09
|
|
Madness Pro <= 1.14 - SQL Injection
|
75 |
WEB
|
bwall
|
|
2014-06-09
|
|
Madness Pro <= 1.14 - Persistent XSS
|
97 |
WEB
|
bwall
|
|
2014-05-22
|
|
SPIP - CMS < 3.0.9 / 2.1.22 / 2.0.23 - Privilege Escalation
|
81 |
WEB
|
Gregory DRAPERI
|
|
2014-05-20
|
|
UPS Web/SNMP-Manager CS121 Login Bypass
|
83 |
WEB
|
jkmac
|
|
2014-05-20
|
|
SafeNet Sentinel Protection Server 7.0 - 7.4 and Sentinel Keys Server 1.0.3 - 1.0.4 Directory Traver
|
71 |
WEB
|
Matt Schmidt
|
|
2014-05-20
|
|
HP Release Control Authenticated XXE
|
94 |
WEB
|
Brandon Perry
|
|
2014-05-16
|
|
ElasticSearch Remote Code Execution
|
76 |
WEB
|
Jeff Geiger
|
|
2014-05-14
|
|
WordPress Formidable Forms Remote Code Execution
|
88 |
WEB
|
Manish Tanwar
|
|
2014-05-14
|
|
AlienVault OSSIM 4.6.1 - Authenticated SQL Injection
|
105 |
WEB
|
Chris Hebert
|
|
2014-05-09
|
|
F5 iControl Remote Command Execution Vulnerability
|
70 |
WEB
|
Brandon Perry
|
|
2014-05-04
|
|
HP Laser Jet - JavaScript Persistent XSS via PJL Directory Traversal
|
80 |
WEB
|
@0x00string
|
|
2014-04-25
|
|
Bonefire v.0.7.1 - Reinstall Admin Account Exploit
|
64 |
WEB
|
Mehmet Ince
|
|
2014-04-23
|
|
No-CMS 0.6.6 rev 1 - Admin Account Hijacking / RCE Exploit via Static Encryption Key
|
177 |
WEB
|
Mehmet Ince
|
|
2014-04-23
|
|
Sixnet Sixview 2.4.1 - Web Console Directory Traversal
|
61 |
WEB
|
daniel svartman
|
|
2014-04-22
|
|
Comtrend CT 5361T Cross Site Request Forgery / Cross Site Scripting
|
86 |
WEB
|
TUNISIAN CYBER
|
|
2014-04-22
|
|
ATSEngine credential disclosure vulnerability
|
56 |
WEB
|
Xylitol
|
|
2014-04-21
|
|
CU3ER 1.24 Cross Site Scripting / Content Spoofing
|
73 |
WEB
|
MustLive
|
|
2014-04-16
|
|
NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities
|
79 |
WEB
|
Santhosh Kumar
|
|
2014-04-15
|
|
Madss Software Solution SQL Injection
|
128 |
WEB
|
Ashiyane Digital Security Team
|
|
2014-04-14
|
|
Plex Media Server 0.9.9.10 CSRF / Disclosure
|
176 |
WEB
|
S. Viehbock
|
|
2014-04-14
|
|
eScan Web Management Console Command Injection
|
67 |
WEB
|
juan vazquez
|
|
2014-04-10
|
|
Sophos Web Protection Appliance Command Execution
|
62 |
WEB
|
Brandon Perry
|
|
2014-04-10
|
|
RunCMS 1.6.1 - 'pm.class.php' Multiple SQL Injection Vulnerabilities
|
117 |
WEB
|
The:Paradox
|
|
2014-04-09
|
|
Vtiger Install Unauthenticated Remote Command Execution
|
41 |
WEB
|
Jonathan Borgeaud
|
|
2014-04-08
|
|
PHPFox 3.7.5 Authorization Bypass
|
95 |
WEB
|
Wesley Henrique Leite
|
|
2014-04-04
|
|
Kyocera FS5250 Cross Site Scripting
|
60 |
WEB
|
Jeff Sergeant
|
|
2014-04-04
|
|
Kloxo-MR 6.5.0 - CSRF Vulnerability
|
93 |
WEB
|
Necmettin COSKUN
|
|
2014-04-04
|
|
Kloxo 6.1.18 Stable - CSRF Vulnerability
|
76 |
WEB
|
Necmettin COSKUN
|
|
2014-04-03
|
|
iShare Your Moving Library 1.0 iOS - Multiple Vulnerabilities
|
45 |
WEB
|
Vulnerability-Lab
|
|
2014-04-03
|
|
ICOMM 610 Wireless Modem - CSRF Vulnerability
|
97 |
WEB
|
Blessen Thomas
|
|
2014-04-01
|
|
AlienVault 4.5.0 SQL Injection
|
83 |
WEB
|
Brandon Perry
|
|
2014-04-01
|
|
EMC Cloud Tiering Appliance v10.0 Unauthenticated XXE Arbitrary File Read
|
184 |
WEB
|
Brandon Perry
|
|
2014-03-31
|
|
WordPress Business Intelligence 1.0.6 Shell Upload
|
102 |
WEB
|
Manish Tanwar
|
|
2014-03-27
|
|
IBM Tealeaf CX 8.8 - Remote OS Command Injection
|
58 |
WEB
|
drone
|
|
2014-03-26
|
|
qEngine CMS 6.0.0 - Multiple Vulnerabilities
|
79 |
WEB
|
LiquidWorm
|
|
2014-03-26
|
|
Kemana Directory 1.5.6 (qvc_init()) Cookie Poisoning CAPTCHA Bypass Exploit
|
76 |
WEB
|
LiquidWorm
|
|
2014-03-26
|
|
Kemana Directory 1.5.6 Database Backup Disclosure Exploit
|
92 |
WEB
|
LiquidWorm
|
|
2014-03-26
|
|
Cart Engine 3.0.0 Database Backup Disclosure Exploit
|
81 |
WEB
|
LiquidWorm
|
|
2014-03-18
|
|
osCmax 2.5.X Cross-Site Request Forgery (Add Admin) Vulnerability
|
76 |
WEB
|
TUNISIAN CYBER
|
