|
2012-03-09
|
|
Toenda CMS 1.6.2 Osaka Stable Local File Inclusion
|
92 |
WEB
|
AkaStep
|
|
2012-03-08
|
|
SQLI Online Shop LeKommerce
|
93 |
WEB
|
Mazt0r
|
|
2012-03-08
|
|
Iciniti Store SQL Injection - Security Advisory - SOS-12-003
|
92 |
WEB
|
Lists
|
|
2012-03-08
|
|
Promise WebPAM v2.2.0.13 Multiple Remote Vulnerabilities
|
86 |
WEB
|
LiquidWorm
|
|
2012-03-08
|
|
WebfolioCMS <= 1.1.4 Multiple XSS
|
180 |
WEB
|
Ivano Binetti
|
|
2012-03-08
|
|
Symfony 2 Unauthenticated Information Disclosure
|
106 |
WEB
|
Phil Taylor
|
|
2012-03-08
|
|
Log1cms v2.1 Multiple XSRF File (Upload/Download) Vulnerabilities
|
108 |
WEB
|
KedAns-Dz
|
|
2012-03-08
|
|
Zen Cart v.1.5.0 Remote Shell Upload
|
212 |
WEB
|
Mr.ExiT
|
|
2012-03-06
|
|
Drupal CMS 7.12 (latest stable release) Multiple Vulnerabilities
|
89 |
WEB
|
Ivano Binetti
|
|
2012-03-06
|
|
ForkCMS 3.2.5 Multiple Vulnerabilities
|
73 |
WEB
|
Ivano Binetti
|
|
2012-03-06
|
|
lizard cart SQLi (search.php)
|
80 |
WEB
|
Number 7
|
|
2012-03-06
|
|
Symfony2 Local File Disclosure - Security Advisory - SOS-12-002
|
91 |
WEB
|
Lists
|
|
2012-03-06
|
|
EbizCare => SQL Injection Vulnerability
|
105 |
WEB
|
dbx
|
|
2012-03-06
|
|
Open-Realty 2.5.8 Local File Inclusion
|
89 |
WEB
|
Transparent
|
|
2012-03-06
|
|
BigDump Importer v0.32b RFU
|
134 |
WEB
|
TeaM MosTa
|
|
2012-03-06
|
|
piwigo <== SQL Injector
|
80 |
WEB
|
TeaM MosTa
|
|
2012-03-06
|
|
Multiple SQL injections in rivettracker <=1.03
|
79 |
WEB
|
Ali Raheem
|
|
2012-03-06
|
|
CnnCMS 1.x SQL Injection Vulnerability
|
91 |
WEB
|
X-Cisadane
|
|
2012-03-05
|
|
AneCMS v.2e2c583 LFI exploit
|
83 |
WEB
|
I2sec-PJH
|
|
2012-03-05
|
|
deV!L`z Clanportal Witze Addon Versions 0.9 SQL Injection Vulnerability
|
110 |
WEB
|
Easy Laster
|
|
2012-03-04
|
|
Timesheet Next Gen 1.5.2 Multiple SQLi
|
70 |
WEB
|
G13
|
|
2012-03-04
|
|
Multiple SQL injection rivettracker <=1.03
|
99 |
WEB
|
Ali Raheem
|
|
2012-03-03
|
|
Infoserve SQL Vulnerability
|
79 |
WEB
|
Optimiz3r
|
|
2012-03-03
|
|
Endian UTM Firewall v2.4.x & v2.5.0 - Multiple Web Vulnerabilities
|
91 |
WEB
|
expku
|
|
2012-03-03
|
|
Wpmanager version wpm 2.2.0 (FCKeditor) Remote File Upload
|
123 |
WEB
|
T0x!c
|
|
2012-03-03
|
|
phxEventManager 2.0 beta 5 search.php search_terms SQL Injection
|
103 |
WEB
|
skysbsb
|
|
2012-03-01
|
|
Wolf CMS v0.7.5 Multiple Vulnerabilities
|
91 |
WEB
|
longrifle0x
|
|
2012-03-01
|
|
ImgPals Photo Host Version 1.0 Admin Account Disactivation
|
97 |
WEB
|
CorryL
|
|
2012-03-01
|
|
Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability
|
105 |
WEB
|
Narendra Shinde
|
|
2012-03-01
|
|
Topics Viewer CSRF Add Admin
|
92 |
WEB
|
Green Hornet
|
|
2012-03-01
|
|
BrewBlogger v2.3.2 Multiple (XSRF/ShellUpload/SQLi) Vulnerabilities
|
84 |
WEB
|
KedAns-Dz
|
|
2012-02-29
|
|
WebfolioCMS <= 1.1.4 CSRF (Add Admin/Modify Pages)
|
83 |
WEB
|
Ivano Binetti
|
|
2012-02-28
|
|
Bitweaver v2.81 Local File Inclusion Vulnerability
|
87 |
WEB
|
I2sec-PJH
|
|
2012-02-28
|
|
Dotclear 2.4.2 Arbitrary File Upload Vulnerability
|
78 |
WEB
|
T0x!c
|
|
2012-02-28
|
|
ContaoCMS (aka TYPOlight) <= 2.11 CSRF (Delete Admin - Delete Article)
|
91 |
WEB
|
Ivano Binetti
|
|
2012-02-27
|
|
YVS Image Gallery Sql Injection
|
91 |
WEB
|
CorryL
|
|
2012-02-27
|
|
CreateVision CMS Database injection.
|
147 |
WEB
|
Zwierzchowski Oskar
|
|
2012-02-27
|
|
webgrind 1.0 (file param) Local File Inclusion Vulnerability
|
157 |
WEB
|
LiquidWorm
|
|
2012-02-27
|
|
cPassMan v1.82 Remote Command Execution Exploit
|
72 |
WEB
|
ls
|
|
2012-02-27
|
|
PHP Gift Registry 1.5.5 SQL Injection
|
86 |
WEB
|
G13
|
|
2012-02-24
|
|
Snom IP Phone Privilege Escalation - Security Advisory - SOS-12-001
|
80 |
WEB
|
Lists
|
|
2012-02-24
|
|
phpDenora <= 1.4.6 Multiple SQL Injection Vulnerabilities
|
120 |
WEB
|
KnickLighter
|
|
2012-02-24
|
|
The Uploader 2.0.4 (Eng/Ita) Remote File Upload Remote Code Execution
|
97 |
WEB
|
Danny Moules
|
|
2012-02-23
|
|
DFLabs PTK <= 1.0.5 Multiple Vulnerabilities (Steal Authentication Credentials)
|
89 |
WEB
|
Ivano Binetti
|
|
2012-02-23
|
|
D-Link DSL-2640B Authentication Bypass
|
70 |
WEB
|
Ivano Binetti
|
|
2012-02-23
|
|
WebcamXP and Webcam 7 Directory Traversal Vulnerability
|
102 |
WEB
|
Silent Dream
|
|
2012-02-23
|
|
Dlink DCS series CSRF Change Admin Password
|
94 |
WEB
|
rigan
|
|
2012-02-23
|
|
BRIM < 2.0.0 SQL Injection
|
86 |
WEB
|
ifnull
|
|
2012-02-23
|
|
ForkCMS 3.2.5 Multiple Vulnerabilities
|
92 |
WEB
|
Ivano Binetti
|
|
2012-02-23
|
|
Sagem F@ST 2604 CSRF Vulnerability (ADSL Router)
|
97 |
WEB
|
KinG Of PiraTeS
|
|
2012-02-23
|
|
Limesurvey (PHPSurveyor v.1.91+ stable) Blind SQL Injection
|
83 |
WEB
|
TorTukiTu
|
|
2012-02-23
|
|
VOXTRONIC Voxlog Professional 3.7.2.729 SQL Injection
|
307 |
WEB
|
J. Greil
|
|
2012-02-23
|
|
TestLink SQL Injection Vulnerabilities
|
102 |
WEB
|
Juan M. Natal
|
|
2012-02-23
|
|
Cisco Linksys WAG54GS (ADSL Router) change admin password
|
74 |
WEB
|
Ivano Binetti
|
|
2012-02-23
|
|
MySQLDumper v1.2x.x SQL Injection/Execute Vulnerability
|
132 |
WEB
|
KedAns-Dz
|
|
2012-02-23
|
|
Beats Website SQL Injection Vulnerability
|
91 |
WEB
|
system k1ller
|
|
2012-02-22
|
|
Cisco Linksys WAG54GS CSRF Change Admin Password
|
110 |
WEB
|
Ivano Binetti
|
|
2012-02-21
|
|
PlumeCMS <= 1.2.4 CSRF Vulnerability
|
68 |
WEB
|
Ivano Binetti
|
|
2012-02-21
|
|
D-Link DSL-2640B (ADSL Router) CSRF Vulnerability
|
118 |
WEB
|
Ivano Binetti
|
|
2012-02-21
|
|
Joomla com_etree Blind SQL-inj Vuln
|
92 |
WEB
|
Mach1ne
|
|
2012-02-20
|
|
SyndeoCMS <= 3.0 CSRF Vulnerability
|
67 |
WEB
|
Ivano Binetti
|
|
2012-02-20
|
|
4PSA CMS SQL Injection Vulnerabilities
|
60 |
WEB
|
BHG Security Center
|
|
2012-02-20
|
|
almnzm 2.4 <= CSRF Vulnerability (Add Admin)
|
170 |
WEB
|
HaNniBaL KsA
|
|
2012-02-20
|
|
Pandora FMS v4.0.1 - Local File Include Vulnerability
|
99 |
WEB
|
Vulnerability-Lab
|
|
2012-02-20
|
|
Mitra Iranian CMS Remote File Upload
|
106 |
WEB
|
Nitrojen90
|
|
2012-02-20
|
|
Joomla Component com_x-shop (idd) <= SQLi Vulnerability
|
75 |
WEB
|
KedAns-Dz
|
|
2012-02-20
|
|
Joomla Component (com_xcomp) <= Local File Inclusion Vulnerability
|
80 |
WEB
|
KedAns-Dz
|
|
2012-02-20
|
|
Joomla Component (com_xvs) <= Local File Inclusion Vulnerability
|
83 |
WEB
|
KedAns-Dz
|
|
2012-02-20
|
|
CDPI Software SQL Injection Vulnerability
|
93 |
WEB
|
ITTIHACK
|
|
2012-02-20
|
|
TopForm CMS SQL Injection Vulnerability
|
97 |
WEB
|
faza02
|
|
2012-02-20
|
|
Solgens SQLInjection Vulnerability
|
72 |
WEB
|
the_cyber_nuxbie
|
|
2012-02-20
|
|
Pirelli Discus DSL-DRGA112-07 Remote Change Password
|
78 |
WEB
|
Daniel Godoy
|
|
2012-02-20
|
|
Telerom CMS SQLi Vulnerability
|
73 |
WEB
|
ITTIHACK
|
|
2012-02-17
|
|
SocialCMS CSRF Vulnerability
|
94 |
WEB
|
Ivano Binetti
|
|
2012-02-17
|
|
LEPTON 1.1.3 SQL Injection / XSS / Local File Inclusion
|
172 |
WEB
|
expku
|
|
2012-02-17
|
|
BuyWebArt <<< SQL Injection Vulnerability
|
98 |
WEB
|
Infamous
|
|
2012-02-17
|
|
Fork CMS v.3.2.4 - Multiple Vulnerabilities
|
60 |
WEB
|
RandomStorm
|
|
2012-02-16
|
|
AHLANNET<<< SQL Injection Vulnerability
|
86 |
WEB
|
Infamous
|
|
2012-02-15
|
|
Chicago Tribune Cross Site Scripting
|
103 |
WEB
|
Janne Ahlberg
|
|
2012-02-15
|
|
Sonexis ConferenceManager Information Disclosure
|
133 |
WEB
|
Netragard
|
|
2012-02-13
|
|
PBBoard v2.1.4 <= Multiple Vulnerabilites
|
85 |
WEB
|
KedAns-Dz
|
|
2012-02-13
|
|
Razor CMS v1.2 <= Multiple File Disclosure Vulnerabilites
|
86 |
WEB
|
KedAns-Dz
|
|
2012-02-13
|
|
Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities
|
107 |
WEB
|
Vulnerability-Lab
|
|
2012-02-10
|
|
SimogeoFilemanager Upload File Vulnerability
|
321 |
WEB
|
hack`
|
|
2012-02-10
|
|
Pluck CMS 4.7 Multiple CSRF Vulnerabilities
|
94 |
WEB
|
Gordon Security
|
|
2012-02-09
|
|
D-Link ShareCenter Remote Code Execution
|
77 |
WEB
|
Roberto Paleari
|
|
2012-02-09
|
|
Tibetsystem OwnServer 1.0 Directory Traversal
|
192 |
WEB
|
Jason Ellison
|
|
2012-02-09
|
|
Cyberoam Central Console v2.00.2 - File Include Vulnerability
|
112 |
WEB
|
Vulnerability-Lab
|
|
2012-02-09
|
|
Ananta Gazelle CMS - Update Statement Sql injection
|
75 |
WEB
|
hackme
|
|
2012-02-08
|
|
Flyspray 0.9.9.6 CSRF Vulnerability
|
97 |
WEB
|
Vaibhav Gupta
|
|
2012-02-07
|
|
XRayCMS 1.1.1 SQL Injection Vulnerability
|
79 |
WEB
|
chap0
|
|
2012-02-07
|
|
Tube Ace(Adult PHP Tube Script) SQL Injection
|
118 |
WEB
|
Daniel Godoy
|
|
2012-02-07
|
|
BASE 1.4.5 (base_qry_main.php t_view) SQL Injection Vulnerability
|
71 |
WEB
|
a.kadir altan
|
|
2012-02-06
|
|
Tube Ace(Adult PHP Tube Script) SQL Injection
|
81 |
WEB
|
Daniel Godoy
|
|
2012-02-06
|
|
GAzie <= 5.20 Cross Site Request Forgery
|
84 |
WEB
|
Giuseppe D'Inverno
|
|
2012-02-03
|
|
Achievo v1.4.3 - Multiple Web Vulnerabilities
|
86 |
WEB
|
Vulnerability-Lab
|
|
2012-02-03
|
|
OSCommerce v3.0.2 - Persistent Cross Site Vulnerability
|
172 |
WEB
|
Vulnerability-Lab
|
|
2012-02-03
|
|
Apache Struts Multiple Persistent Cross-Site Scripting Vulnerabilities
|
215 |
WEB
|
SecPod Research
|
|
2012-02-03
|
|
Sphinix Mobile Web Server 3.1.2.47 Multiple Persistent XSS Vulnerabilities
|
90 |
WEB
|
SecPod Research
|
|
2012-02-02
|
|
MailEnable Webmail Cross-Site Scripting Vulnerability
|
92 |
WEB
|
Sajjad Pourali
|
|
2012-02-02
|
|
Webkit normalize bug for android 2.2 (CVE-2010-1759)
|
97 |
WEB
|
MJ Keith
|
|
2012-02-02
|
|
SiT! Support Incident Tracker 3.64 Multiple Vulnerabilities
|
81 |
WEB
|
High-Tech Bridge SA
|
|
2012-02-02
|
|
swDesk Multiple Vulnerabilities
|
90 |
WEB
|
Red Security TEAM
|
|
2011-12-13
|
|
Squiz Matrix - User Account Enumeration
|
81 |
WEB
|
Troy Rose
|
|
2011-12-12
|
|
Docebo LMS <= v4.0.4 (messages) Remote Code Execution
|
99 |
WEB
|
mr_me
|
|
2011-12-09
|
|
QContacts 1.0.6 (Joomla component) SQL injection
|
86 |
WEB
|
Don
|
|
2011-12-09
|
|
SantriaCMS SQL Injection Vulnerability
|
105 |
WEB
|
Troy
|
|
2011-12-09
|
|
QContacts 1.0.6 (Joomla component) SQL injection
|
92 |
WEB
|
Don
|
|
2011-12-08
|
|
SourceBans <= 1.4.8 SQL/LFI Injection
|
102 |
WEB
|
Havok
|
|
2011-12-08
|
|
SMF <= 2.0.1 SQL Injection, Privilege Escalation
|
108 |
WEB
|
The:Paradox
|
|
2011-12-08
|
|
Traq <= 2.3 Authentication Bypass / Remote Code Execution Exploit
|
89 |
WEB
|
EgiX
|
|
2011-12-08
|
|
phpBB MyPage Plugin SQL Injection
|
102 |
WEB
|
CrazyMouse
|
|
2011-12-08
|
|
Family Connections less.php Remote Command Execution
|
91 |
WEB
|
mr_me
|
|
2011-12-08
|
|
Php City Portal Script Software SQL Injection
|
125 |
WEB
|
Don
|
|
2011-12-07
|
|
AlstraSoft EPay Enterprise v4.0 Blind SQL Injection
|
189 |
WEB
|
Don
|
|
2011-12-07
|
|
PEC php calendars script SQL Injection
|
88 |
WEB
|
Mr.MLL
|
|
2011-12-07
|
|
Five Star Review Remote SQL Injection (recommend.php)
|
99 |
WEB
|
EthicalPractice
|
|
2011-12-07
|
|
Meditate Web Content Editor 'username_input' SQL-Injection vulnerability
|
81 |
WEB
|
Stefan Schurtz
|
|
2011-12-06
|
|
Apache MyFaces information disclosure vulnerability
|
213 |
WEB
|
expku
|
|
2011-12-06
|
|
Meditate Web Content Editor 'username_input' SQL-Injection vulnerability
|
85 |
WEB
|
Stefan Schurtz
|
|
2011-12-06
|
|
majalty (category.php) Blind SQL Injection Vulnerability
|
262 |
WEB
|
TH3.ONE
|
|
2011-12-05
|
|
Family Connections CMS v2.5.0-v2.7.1 (less.php) Remote Command Execution
|
89 |
WEB
|
mr_me
|
|
2011-12-05
|
|
WSN Classifieds v.6.2.12 and 6.2.18 Multiple Vulnerabilities
|
111 |
WEB
|
d3v1l
|
|
2011-12-05
|
|
Joomla Jobprofile Component (com_jobprofile) SQL Injection
|
98 |
WEB
|
kaMtiEz
|
|
2011-12-05
|
|
CLEVAR CMS Multiple Vulnerabilities
|
122 |
WEB
|
Mr.XHat
|
