|
2015-06-01
|
|
Realtek SDK Miniigd UPnP SOAP Command Execution
|
226 |
WEB
|
Michael Messner
|
|
2015-06-01
|
|
Airties login-cgi Buffer Overflow
|
175 |
WEB
|
Michael Messner
|
|
2015-06-01
|
|
D-Link Devices UPnP SOAPAction-Header Command Execution
|
212 |
WEB
|
Michael Messner
|
|
2015-06-01
|
|
ESC 8832 Data Controller Multiple Vulnerabilities
|
108 |
WEB
|
alazs Makany
|
|
2015-05-28
|
|
extjs Arbitrary File Read
|
202 |
WEB
|
Jianfeng Gao
|
|
2015-05-27
|
|
Apache Jackrabbit WebDAV XXE Exploit
|
101 |
WEB
|
Mikhail Egorov
|
|
2015-05-27
|
|
Sendio ESP Information Disclosure Vulnerability
|
90 |
WEB
|
Core Security
|
|
2015-05-25
|
|
Newsletter 4.3 SQL Injection
|
103 |
WEB
|
Ashiyane Digital Security Team
|
|
2015-05-22
|
|
ElasticSearch 1.4.5 / 1.5.2 - Path Transversal Vulnerability
|
143 |
WEB
|
Pedro Andujar
|
|
2015-05-20
|
|
ManageEngine EventLog Analyzer 10.0 Build 10001 CSRF Vulnerability
|
131 |
WEB
|
Akash S. Chavan
|
|
2015-05-13
|
|
WordPress N-Media Website Contact Form with File Upload 1.3.4 - File Upload
|
80 |
WEB
|
F17.c0de
|
|
2015-05-12
|
|
SixApart MovableType Storable Perl Code Execution
|
157 |
WEB
|
John Lightsey
|
|
2015-05-12
|
|
D-Link DSL-500B Gen 2 - (URL Filter Configuration Panel) Stored XSS
|
96 |
WEB
|
XLabs Security
|
|
2015-05-12
|
|
D-Link DSL-500B Gen 2 - (Parental Control Configuration Panel) Stored XSS
|
95 |
WEB
|
XLabs Security
|
|
2015-05-08
|
|
WordPress RevSlider 3.0.95 File Upload / Execute
|
214 |
WEB
|
Tom Sellers
|
|
2015-05-08
|
|
elFinder 2 Remote Command Execution (Via File Creation) Vulnerability
|
119 |
WEB
|
TUNISIAN CYBER
|
|
2015-05-06
|
|
WordPress 4.2.1 XSS / Code Execution
|
103 |
WEB
|
Evex
|
|
2015-04-28
|
|
ProjectSend r561 CSRF / XSS / Shell Upload
|
98 |
WEB
|
TUNISIAN CYBER
|
|
2015-04-28
|
|
OTRS 3.x Cross Site Scripting
|
192 |
WEB
|
Adam Ziaja
|
|
2015-04-28
|
|
OTRS < 3.1.x & < 3.2.x & < 3.3.x - Stored Cross-Site Scripting (XSS) Vulnerability
|
182 |
WEB
|
Adam Ziaja
|
|
2015-04-27
|
|
WordPress WPshop eCommerce 1.3.9.5 Shell Upload
|
151 |
WEB
|
Roberto Soares Espreto
|
|
2015-04-27
|
|
WordPress InBoundio Marketing 2.0 Shell Upload
|
84 |
WEB
|
Roberto Soares Espreto
|
|
2015-04-23
|
|
Wolf CMS 0.8.2 Arbitrary File Upload Exploit
|
143 |
WEB
|
CWH Underground
|
|
2015-04-22
|
|
WordPress NEX-Forms 3.0 SQL Injection
|
216 |
WEB
|
Cleiton Pinheiro
|
|
2015-04-22
|
|
Open-Letters Remote PHP Code Injection Exploit
|
128 |
WEB
|
TUNISIAN CYBER
|
|
2015-04-21
|
|
WordPress SlideShow Gallery Authenticated File Upload
|
94 |
WEB
|
Roberto Soares Espreto
|
|
2015-04-21
|
|
MediaSuite CMS - Artibary File Disclosure Exploit
|
87 |
WEB
|
KnocKout
|
|
2015-04-20
|
|
WordPress Reflex Gallery Upload
|
133 |
WEB
|
Roberto Soares Espreto
|
|
2015-04-20
|
|
WordPress N-Media Website Contact Form Upload
|
98 |
WEB
|
Roberto Soares Espreto
|
|
2015-04-20
|
|
WordPress Creative Contact Form Upload
|
80 |
WEB
|
Roberto Soares Espreto
|
|
2015-04-13
|
|
TP-LINK Local File Disclosure
|
206 |
WEB
|
Stefan Viehböck
|
|
2015-04-07
|
|
WordPress PHP Event Calendar 1.5 Arbitrary File Upload Vulnerability
|
96 |
WEB
|
CrashBandicot
|
|
2015-04-02
|
|
WordPress VideoWhisper Video Presentation 3.31.17 Shell Upload
|
103 |
WEB
|
Larry W. Cashdollar
|
|
2015-04-02
|
|
WordPress VideoWhisper Video Conference Integration 4.91.8 Shell Upload
|
123 |
WEB
|
Larry W. Cashdollar
|
|
2015-04-02
|
|
WordPress Revolution Slider File Upload
|
95 |
WEB
|
CrashBandicot
|
|
2015-04-02
|
|
WordPress DesignFolio+ Theme File Upload
|
96 |
WEB
|
CrashBandicot
|
|
2015-04-01
|
|
Palo Alto Traps Server 3.1.2.1546 - Persistent XSS Vulnerability
|
195 |
WEB
|
Michael Hendrickx
|
|
2015-03-31
|
|
WebDepo CMS SQL Injection
|
149 |
WEB
|
Cleiton Pinheiro
|
|
2015-03-30
|
|
Wordpress Plugin Revolution Slider - Unrestricted File Upload Exploit
|
116 |
WEB
|
CrashBandicot
|
|
2015-03-30
|
|
WordPress Aspose Cloud eBook Generator File Download Vulnerability
|
114 |
WEB
|
ACC3SS
|
|
2015-03-26
|
|
WP Marketplace 2.4.0 - Remote Code Execution (Add WP Admin)
|
106 |
WEB
|
Claudio Viviani
|
|
2015-03-25
|
|
Wordpress InfusionSoft Shell Upload
|
109 |
WEB
|
us3r777
|
|
2015-03-25
|
|
WordPress OptimizePress Theme Shell Upload
|
103 |
WEB
|
Mekanismen
|
|
2015-03-25
|
|
WordPress cache_lastpostdate Arbitrary Code Execution
|
102 |
WEB
|
str0ke
|
|
2015-03-25
|
|
WordPress W3 Total Cache PHP Code Execution
|
98 |
WEB
|
hdm
|
|
2015-03-25
|
|
WordPress Foxypress uploadify.php Arbitrary Code Execution
|
90 |
WEB
|
patrick
|
|
2015-03-25
|
|
WordPress Marketplace 2.4.0 Arbitrary File Download
|
85 |
WEB
|
Kacper Szurek
|
|
2015-03-25
|
|
Unasjee CMS Cross Site Request Forgery
|
205 |
WEB
|
KnocKout
|
|
2015-03-25
|
|
WordPress Plugin InBoundio Marketing 1.0 - Shell Upload Vulnerability
|
200 |
WEB
|
KedAns-Dz
|
|
2015-03-24
|
|
Powershell Remoting Remote Command Execution
|
95 |
WEB
|
Ben Campbell
|
|
2015-03-24
|
|
Belkin Play N750 login.cgi Buffer Overflow
|
78 |
WEB
|
Michael Messner
|
|
2015-03-23
|
|
Wordpress WP Marketplace 2.4.0 Arbitrary File Download Vulnerability
|
82 |
WEB
|
Kacper Szurek
|
|
2015-03-20
|
|
Chamilo LMS 1.9.10 Cross Site Request Forgery / Cross Site Scripting
|
127 |
WEB
|
Rehan Ahmed
|
|
2015-03-20
|
|
Metasploit Project < 4.11.1 - Initial User Creation CSRF Vulnerability
|
133 |
WEB
|
Mohamed Abdelbaset Elnoby
|
|
2015-03-20
|
|
GoAutoDial CE 2.0 - Shell Upload Vulnerability
|
165 |
WEB
|
R-73eN
|
|
2015-03-20
|
|
EMC M&R (Watch4net) - Credential Disclosure
|
85 |
WEB
|
Han Sahin
|
|
2015-03-17
|
|
WordPress Reflex Gallery 3.1.3 Shell Upload
|
121 |
WEB
|
Cleiton Pinheiro
|
|
2015-03-09
|
|
Betster 1.0.4 SQL Injection / Authentication Bypass
|
94 |
WEB
|
ZeQ3uL
|
|
2015-03-06
|
|
PHPMoAdmin 1.1.2 Remote Code Execution
|
127 |
WEB
|
Ricardo Jorge Borges de Almeida
|
|
2015-03-06
|
|
Wordpress Theme DesignFolio+ Arbitrary File Upload Vulnerability
|
116 |
WEB
|
CrashBandicot
|
|
2015-03-05
|
|
PHPMoAdmin Remote Code Execution
|
174 |
WEB
|
Pichaya Morimoto
|
|
2015-03-05
|
|
Generic Web Application DLL Injection
|
81 |
WEB
|
Matthew Hall
|
|
2015-03-03
|
|
Symantec Web Gateway 5 restore.php Command Injection
|
97 |
WEB
|
sinn3r
|
|
2015-03-02
|
|
Seagate Business NAS <= 2014.00319 - Pre-Authentication Remote Code Execution (0day)
|
135 |
WEB
|
OJ Reeves
|
|
2015-02-25
|
|
WordPress Holding Pattern Theme Arbitrary File Upload
|
118 |
WEB
|
Alexander Borg
|
|
2015-02-25
|
|
WordPress Admin Shell Upload
|
101 |
WEB
|
Rob Carr
|
|
2015-02-25
|
|
WeBid 1.1.1 Unrestricted File Upload
|
94 |
WEB
|
CWH Underground
|
|
2015-02-25
|
|
WordPress Webdorado Spider Event Calendar 1.4.9 - SQL Injection
|
104 |
WEB
|
Mateusz Lach
|
|
2015-02-11
|
|
Achat 0.150 beta7 Buffer Overflow
|
95 |
WEB
|
Balazs Bucsay
|
|
2015-02-11
|
|
LG DVR LE6016D - Unauthenticated Remote Users/Passwords Disclosure Exploit
|
193 |
WEB
|
Todor Donev
|
|
2015-02-10
|
|
WordPress WP EasyCart Unrestricted File Upload
|
111 |
WEB
|
Kacper Szurek
|
|
2015-02-10
|
|
Redaxscript CMS 2.2.0 - SQL Injection Vulnerability
|
128 |
WEB
|
ITAS Team
|
|
2015-02-05
|
|
ManageEngine Desktop Central 9 Build 90087 - CSRF Vulnerability
|
102 |
WEB
|
Mohamed Idris
|
|
2015-02-04
|
|
WordPress Pixabay Images PHP Code Upload
|
114 |
WEB
|
h0ng10
|
|
2015-02-04
|
|
WordPress Platform Theme Remote Code Execution
|
115 |
WEB
|
Christian Mehlmauer
|
|
2015-02-03
|
|
Sefrengo CMS 1.6.1 SQL Injection
|
123 |
WEB
|
Nguyen Hung Tuan
|
|
2015-01-27
|
|
SWFupload 2.5.0 Cross Frame Scripting
|
128 |
WEB
|
MindCracker
|
|
2015-01-27
|
|
Symantec Data Center Security - Multiple Vulnerabilities
|
187 |
WEB
|
SEC Consult
|
|
2015-01-27
|
|
PHP Webquest 2.6 - SQL Injection
|
107 |
WEB
|
jordan root
|
|
2015-01-23
|
|
Arris VAP2500 tools_command.php Command Execution
|
166 |
WEB
|
HeadlessZeke
|
|
2015-01-21
|
|
WordPress Pixarbay Images 2.3 XSS / Bypass / Upload / Traversal
|
95 |
WEB
|
Hans-Martin Muench
|
|
2015-01-21
|
|
N-Central Remote Support Manager 14.2.7.171 File Read / Code Execution
|
81 |
WEB
|
Thomas Hibbert
|
|
2015-01-21
|
|
D-Link DSL-2730B Modem - XSS Injection Stored Exploit Lancfg2get.cgi
|
117 |
WEB
|
Mauricio Correa
|
|
2015-01-21
|
|
D-Link DSL-2730B Modem - XSS Injection Stored Exploit DnsProxy.cmd
|
127 |
WEB
|
Mauricio Correa
|
|
2015-01-15
|
|
Congstar Internet-Manager SEH Buffer Overflow
|
107 |
WEB
|
metacom
|
|
2015-01-15
|
|
T-Mobile Internet Manager SEH Buffer Overflow
|
94 |
WEB
|
metacom
|
|
2015-01-14
|
|
Wordpress Photo Gallery Unauthenticated SQL Injection User Enumeration
|
83 |
WEB
|
Brandon Perry
|
|
2015-01-14
|
|
Dell iDRAC IPMI 1.5 - Insufficient Session ID Randomness
|
95 |
WEB
|
Yong Chuan, Koh
|
|
2015-01-13
|
|
WordPress WP Symposium 14.11 Shell Upload
|
104 |
WEB
|
Claudio Viviani
|
|
2015-01-06
|
|
AdaptCMS 3.0.3 HTTP Referer Header Open Redirect
|
165 |
WEB
|
LiquidWorm
|
|
2015-01-06
|
|
WordPress Banner Effect Header 1.2.6 XSS / CSRF
|
168 |
WEB
|
Mahdi.Hidden
|
|
2015-01-06
|
|
Wordpress Infocus3 Theme Arbitrary File Download Vulnerability
|
183 |
WEB
|
killer~x
|
|
2015-01-06
|
|
Wordpress Infocus2 Theme Arbitrary File Download Vulnerability
|
203 |
WEB
|
killer~x
|
|
2015-01-06
|
|
Wordpress WP-EMail 2.64 Cross Site Scripting Vulnerability
|
79 |
WEB
|
Ashiyane
|
|
2015-01-06
|
|
Wordpress Email 1.1 Cross Site Scripting Vulnerability
|
92 |
WEB
|
Ashiyane
|
|
2015-01-06
|
|
Wordpress Email newsletter 20.9 Cross Site Scripting Vulnerability
|
98 |
WEB
|
Ashiyane
|
|
2015-01-06
|
|
Wordpress sumome 1.6 Cross Site Scripting Vulnerability
|
80 |
WEB
|
Ashiyane
|
|
2015-01-06
|
|
AdaptCMS 3.0.3 XSS / Remote Code Execute Vulnerabilities
|
79 |
WEB
|
LiquidWorm
|
|
2015-01-06
|
|
HikaShop 2.3.3 Local File Inclusion Vulnerability
|
114 |
WEB
|
HauntIT Blog
|
|
2015-01-04
|
|
WordPress RevSlider Local File Disclosure
|
98 |
WEB
|
FarbodEZRaeL
|
|
2015-01-04
|
|
PHPads <= 213607 - Authentication Bypass / Password Change Exploit
|
134 |
WEB
|
Shaker msallm
|
|
2014-12-30
|
|
ProjectSend Arbitrary File Upload
|
129 |
WEB
|
Fady Mohammed Osman
|
|
2014-12-30
|
|
WordPress Dmsguestbook Unauthenticated Data Injection
|
94 |
WEB
|
Evex
|
|
2014-12-25
|
|
WordPress Themes download.php File Disclosure
|
208 |
WEB
|
Cleiton Pinheiro
|
|
2014-12-25
|
|
AMSI 3.20.47 Build 37 File Disclosure
|
213 |
WEB
|
KnocKout
|
|
2014-12-24
|
|
Phase botnet blind SQL injection vulnerability
|
86 |
WEB
|
Xylitol
|
|
2014-12-22
|
|
Cacti Superlinks Plugin 1.4-2 RCE(LFI) via SQL Injection Exploit
|
100 |
WEB
|
Wireghoul
|
|
2014-12-17
|
|
ProjectSend r-561 - Arbitrary File Upload
|
107 |
WEB
|
Fady Mohammed Osman
|
|
2014-12-16
|
|
Wordpress Download Manager 2.7.4 - Remote Code Execution Vulnerability
|
103 |
WEB
|
Claudio Viviani
|
|
2014-12-15
|
|
Tuleap PHP Unserialize Code Execution
|
176 |
WEB
|
EgiX
|
|
2014-12-15
|
|
WordPress WP Symposium 14.11 Shell Upload
|
101 |
WEB
|
Claudio Viviani
|
|
2014-12-09
|
|
Flat Calendar 1.1 HTML Injection
|
141 |
WEB
|
ZoRLu
|
|
2014-11-27
|
|
Device42 Embedded Credentials
|
116 |
WEB
|
Brandon Perry
|
|
2014-11-27
|
|
Slider Revolution/Showbiz Pro Shell Upload Exploit
|
100 |
WEB
|
Simo Ben Youssef
|
|
2014-11-27
|
|
Device42 WAN Emulator 2.3 Ping Command Injection
|
77 |
WEB
|
Brandon Perry
|
|
2014-11-27
|
|
Device42 WAN Emulator 2.3 Traceroute Command Injection
|
95 |
WEB
|
Brandon Perry
|
|
2014-11-26
|
|
All-in-One WP Migration 2.0.2 Remote Code Execution Vulnerability
|
104 |
WEB
|
Kacper Szurek
|
|
2014-11-26
|
|
Arris VAP2500 Authentication Bypass
|
119 |
WEB
|
HeadlessZeke
|
|
2014-11-26
|
|
phpMyRecipes 1.2.2 (dosearch.php, words_exact param) - SQL Injection
|
162 |
WEB
|
bard
|
|
2014-11-25
|
|
WordPress WP-DB-Backup 2.2.4 Backup Theft
|
131 |
WEB
|
Larry W. Cashdollar
|
|
2014-11-25
|
|
FluxBB 1.5.6 SQL Injection
|
108 |
WEB
|
secthrowaway
|
|
2014-11-25
|
|
Atrax Botnet Shell Upload Vulnerability
|
103 |
WEB
|
Xylitol
|
|
2014-11-24
|
|
Wordpress wpDataTables 1.5.3 shell Upload Exploit
|
93 |
WEB
|
Claudio Viviani
|
|
2014-11-18
|
|
MantisBT XmlImportExport Plugin PHP Code Injection
|
79 |
WEB
|
EgiX
|
|
2014-11-18
|
|
Joomla HD FLV 2.1.0.1 Arbitrary File Download
|
118 |
WEB
|
Claudio Viviani
|
