|
2011-06-07
|
|
Angora Guestbook 1.5 Local File Inclusion
|
104 |
WEB
|
AutoSec Tools
|
|
2011-06-07
|
|
Multiple WordPress Themes Cross Site Scripting
|
104 |
WEB
|
Best wishes
|
|
2011-06-07
|
|
vBulletin 3.x vBExperience Cross Site Scripting
|
140 |
WEB
|
Mr.ThieF
|
|
2011-06-07
|
|
vBulletin 4.1.3 Open Redirect
|
157 |
WEB
|
Robert Gilbert
|
|
2011-06-07
|
|
Unu2 multimedia => SQL Injection
|
120 |
WEB
|
Sideswipe
|
|
2011-06-07
|
|
SmartySolution Sql injection
|
167 |
WEB
|
Anas
|
|
2011-06-07
|
|
Kleophatra v0.1.5 'TinyBrowser' File Upload Code Execution (meta)
|
121 |
WEB
|
KedAns-Dz
|
|
2011-06-07
|
|
SpidaNews v1.0 (edit.php) SQL Injection Vulnerability
|
100 |
WEB
|
KedAns-Dz
|
|
2011-06-07
|
|
Joomla Component (com_ccboard) Multiple Vulnerabilities
|
130 |
WEB
|
KedAns-Dz
|
|
2011-06-07
|
|
PopScript Multiple Vulnerabilities
|
115 |
WEB
|
NassRawI
|
|
2011-06-07
|
|
SmartySolution Admin Auth ByPass
|
167 |
WEB
|
xConsoLe
|
|
2011-06-07
|
|
PHP-AddressBook v6.2.12 (view.php) SQL Injection Vulnerability
|
103 |
WEB
|
KedAns-Dz
|
|
2011-06-07
|
|
Radiant Infotech Nepal 2.x.x Multiple Vulnerability
|
128 |
WEB
|
Net.Edit0r
|
|
2011-06-07
|
|
WebSVN 2.3.2 Unproper Metacharacters Escaping exec() Remote Command Injection
|
123 |
WEB
|
rgod
|
|
2011-06-07
|
|
Ushahidi 2.0.1 (range param) SQL Injection Vulnerability (post-auth)
|
125 |
WEB
|
LiquidWorm
|
|
2011-06-03
|
|
discuz! X1.5 Get Shell 叉day[Alibaba后续修改与添加Get Shell代码]
|
234 |
WEB
|
alibaba
|
|
2011-06-03
|
|
9959网店系统 v5.0 Blind SQL injection exploit
|
121 |
WEB
|
闷豆
|
|
2011-06-03
|
|
Vibrant Creations =>SQL Injection Vulnerability
|
104 |
WEB
|
eXeSoul
|
|
2011-06-03
|
|
mWebnet Admin Auth ByPass
|
139 |
WEB
|
xConsoLe
|
|
2011-06-03
|
|
Epop Studio News SQL Injection
|
197 |
WEB
|
Codeine
|
|
2011-06-02
|
|
Discuz! X1-1.5 notify_credit.php Blind SQL injection exploit
|
206 |
WEB
|
toby57
|
|
2011-06-02
|
|
Serendipity 1.5.5 Event Freetag Cross Site Scripting
|
151 |
WEB
|
Stefan Schurtz
|
|
2011-06-02
|
|
Post Revolution 0.8.0c XSS / XSRF / Denial Of Service
|
127 |
WEB
|
Javier Bassi
|
|
2011-06-02
|
|
A Really Simple Chat (ARSC) 3.3-rc2 XSS / SQL Injection
|
91 |
WEB
|
expku
|
|
2011-06-02
|
|
Nagios 3.2.3 Cross Site Scripting
|
127 |
WEB
|
Stefan Schurtz
|
|
2011-06-02
|
|
Netgear WNDAP350 Root Password Disclosure
|
181 |
WEB
|
Juerd Waalboer
|
|
2011-06-02
|
|
MediaCluster (mcCMS) Arbitrary File Upload Vulnerability
|
74 |
WEB
|
RoAd_KiLlEr
|
|
2011-06-02
|
|
Vibrant Creations =>SQL Injection Vulnerability
|
111 |
WEB
|
eXeSoul
|
|
2011-06-02
|
|
Icinga 1.3.0 / 1.4.0 Cross Site Scripting
|
104 |
WEB
|
Stefan Schurtz
|
|
2011-06-02
|
|
byTolinet Agencia <= Remote 'conexion.php' Disclosure Exploit
|
129 |
WEB
|
KnocKout
|
|
2011-06-02
|
|
Innovative Web SQL Injection Vulnerability
|
122 |
WEB
|
Kalashinkov3
|
|
2011-06-02
|
|
ROCKETMEDIA (index.php) Blind SQL-i Vulnerability
|
106 |
WEB
|
Kalashinkov3
|
|
2011-06-02
|
|
World e Mart(news/event/page)=>SQL Injection Vulnerability
|
104 |
WEB
|
eXeSoul
|
|
2011-06-02
|
|
WebC.be <= Remote 'db_login.php' Disclosure Exploit
|
136 |
WEB
|
KnocKout
|
|
2011-06-02
|
|
Pika CMS <= 'showSource.php' Local File Inclusion
|
122 |
WEB
|
KnocKout
|
|
2011-06-02
|
|
Pika CMS <= Remote 'baza_mysql.php' Disclosure Exploit
|
106 |
WEB
|
KnocKout
|
|
2011-06-02
|
|
TEDE Simplificado <= (Versions) SQL Injection Vulnerability
|
104 |
WEB
|
KnocKout
|
|
2011-06-02
|
|
Chiangmai Webdesign (webboardAnswer.php)<= Blind SQL injection Vulnerability
|
103 |
WEB
|
Caddy-Dz
|
|
2011-06-02
|
|
xinha Arbitrary File Upload Vulnerability
|
176 |
WEB
|
xConsoLe
|
|
2011-06-01
|
|
Joomla 1.6.x Administrator PHP Code Execution
|
83 |
WEB
|
James Bercegay
|
|
2011-06-01
|
|
Joomla 1.6.0 SQL Injection
|
98 |
WEB
|
James Bercegay
|
|
2011-06-01
|
|
Kentico CMS 5.5R2.23 Cross Site Scripting
|
112 |
WEB
|
LiquidWorm
|
|
2011-06-01
|
|
Websolutions SQL Injection Vulnerability
|
202 |
WEB
|
Kalashinkov3
|
|
2011-06-01
|
|
GloDerWorks SQL Injection Vulnerability
|
127 |
WEB
|
Kalashinkov3
|
|
2011-06-01
|
|
Mlffat 2.3 SQL Injection Vulnerability
|
147 |
WEB
|
KinG Of PiraTeS
|
|
2011-06-01
|
|
Guru JustAnswer Professional 1.25 Multiple SQL Injection Vulnerabilities
|
104 |
WEB
|
v3n0m
|
|
2011-06-01
|
|
Belkin G Wireless Router Admin Exploit
|
110 |
WEB
|
Aodrulez
|
|
2011-06-01
|
|
eFront Educational <=XSRF (Add admin/change admin passwd)
|
141 |
WEB
|
Caddy-Dz
|
|
2011-06-01
|
|
eFront Community++ <=XSRF (Add admin/change admin passwd)
|
117 |
WEB
|
Caddy-Dz
|
|
2011-06-01
|
|
eFront enterprise <=XSRF (Add admin/change admin passwd)
|
97 |
WEB
|
Caddy-Dz
|
|
2011-05-31
|
|
Callisto 821+ Cross Site Request Forgery / Cross Site Scripting
|
110 |
WEB
|
MustLive
|
|
2011-05-31
|
|
Forticlient SSL VPN Symlink Overwrite
|
313 |
WEB
|
expku
|
|
2011-05-31
|
|
TinyMCE AjaxFileManager Shell Upload
|
181 |
WEB
|
Dr Trojan
|
|
2011-05-31
|
|
Apache Archiva 1.3.4 Cross Site Request Forgery
|
108 |
WEB
|
expku
|
|
2011-05-31
|
|
Apache Archiva 1.3.4 Cross Site Scripting
|
89 |
WEB
|
expku
|
|
2011-05-31
|
|
SQL Injection Vulnerbility in Dreamzsop
|
123 |
WEB
|
lionaneesh
|
|
2011-05-31
|
|
PHP Inventory <= XSRF Vulnerabelity
|
94 |
WEB
|
Caddy-Dz
|
|
2011-05-31
|
|
ApPHP Shopping Cart <= XSRF (Change Admin Password)
|
131 |
WEB
|
Caddy-Dz
|
|
2011-05-31
|
|
Belkin G Wireless Router F5D7234-4 v5 Exploit
|
115 |
WEB
|
Aodrulez
|
|
2011-05-31
|
|
Easy Media Script SQL Injection Vulnerability
|
87 |
WEB
|
Lagripe-Dz
|
|
2011-05-31
|
|
w-Agora Forum 4.2.1 Arbitrary File Upload Exploit
|
95 |
WEB
|
Treasure Priyamal
|
|
2011-05-30
|
|
风讯(FoosunCMS) SetNextOptions.asp注入漏洞利用
|
123 |
WEB
|
expku
|
|
2011-05-30
|
|
Lil' HTTP Server 2.2 Cross Site Scripting
|
108 |
WEB
|
expku
|
|
2011-05-30
|
|
Apache Archiva 1.3.4 Cross Site Request Forgery
|
101 |
WEB
|
expku
|
|
2011-05-30
|
|
LilHTTP Source Code Disclosure/Download
|
109 |
WEB
|
Treasure Priyamal
|
|
2011-05-30
|
|
AIDeX Mini-Webserver 1.4 integrated Chat Javascript
|
116 |
WEB
|
wingthor
|
|
2011-05-30
|
|
WysGui <= 2.3 (FCKeditor) File Upload Code Execution (meta)
|
90 |
WEB
|
KedAns-Dz
|
|
2011-05-30
|
|
Bitweaver 2.x (FCKeditor) File Upload Code Execution (meta)
|
87 |
WEB
|
KedAns-Dz
|
|
2011-05-30
|
|
Cotonti <=0.9.2 Blind SQL Injection Vulnerability
|
93 |
WEB
|
KedAns-Dz
|
|
2011-05-30
|
|
FineArtPost <= SQL injection Vulnerabelity
|
67 |
WEB
|
Caddy-Dz
|
|
2011-05-30
|
|
Ishikatech <= SQL injection Vulnerabelity
|
113 |
WEB
|
Caddy-Dz
|
|
2011-05-30
|
|
Andabate.com SQL Injection Vulnerability
|
130 |
WEB
|
magret
|
|
2011-05-30
|
|
html_edit CMS <= 3.1.x Multiple (XSRF/CSRF) Vulnerabilites
|
85 |
WEB
|
KedAns-Dz
|
|
2011-05-30
|
|
AlegroCart <= 1.2.x (category_next) Blind SQL Injection Vulnerability
|
133 |
WEB
|
KedAns-Dz
|
|
2011-05-30
|
|
Cotonti <=0.9.2 Multiple Vulnerabilities
|
126 |
WEB
|
KedAns-Dz
|
|
2011-05-30
|
|
Invisionix Roaming System Remote metasys 0.2 LFI Vulnerability
|
134 |
WEB
|
Treasure Priyamal
|
|
2011-05-30
|
|
Puzzle Apps CMS 3.2 Local File Inclusion
|
159 |
WEB
|
Treasure Priyamal
|
|
2011-05-30
|
|
Joomla Component com_joomnik SQL Injection Vulnerability
|
147 |
WEB
|
SOLVER
|
|
2011-05-30
|
|
Joomla Component com_jmsfileseller Local File Inclusion Vulnerability
|
129 |
WEB
|
Valentin
|
|
2011-05-30
|
|
Guru Penny Auction Pro V3 Blind SQL Injection Vulnerability
|
133 |
WEB
|
v3n0m
|
|
2011-05-30
|
|
Duhok Forum 1.1 SQL Injection Vulnerability
|
116 |
WEB
|
M.Jock3R
|
|
2011-05-30
|
|
cPanel < 11.25 CSRF - Add User php Script
|
163 |
WEB
|
ninjashell
|
|
2011-05-30
|
|
HB Ecommerce SQL Injection Vulnerability
|
126 |
WEB
|
takeshix
|
|
2011-05-27
|
|
Clipbucket 2.4 RC2 645 SQL Injection Vulnerability
|
239 |
WEB
|
AutoSec Tools
|
|
2011-05-27
|
|
Design Extensions (Admin) Auth Bypass/File Upload
|
130 |
WEB
|
Kalashinkov3
|
|
2011-05-26
|
|
eGroupware 1.8.001.20110421 Multiple Vulnerabilities
|
137 |
WEB
|
AutoSec Tools
|
|
2011-05-26
|
|
ExtCalendar 2.0b2 (cal_search.php) SQL Injection Vulnerability
|
117 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-26
|
|
i-doIT 0.9.9-4 LFI Vulnerability
|
100 |
WEB
|
AutoSec Tools
|
|
2011-05-26
|
|
Tickets 2.13 SQL Injection Vulnerability
|
120 |
WEB
|
AutoSec Tools
|
|
2011-05-26
|
|
Pixprod SQL Injection Vulnerability
|
133 |
WEB
|
Kalashinkov3
|
|
2011-05-25
|
|
HP System Management Homepage Cross Site Scripting
|
169 |
WEB
|
Secunia
|
|
2011-05-25
|
|
DH Softwares Auth Bypass Vulnerability
|
198 |
WEB
|
Kalashinkov3
|
|
2011-05-25
|
|
MidiCMS-WB (2011) Multiple Vulnerabilities
|
172 |
WEB
|
KedAns-Dz
|
|
2011-05-24
|
|
smart vision (newsdetail.php) SQL Injection Vulnerability
|
95 |
WEB
|
Net.Edit0r
|
|
2011-05-24
|
|
Ciphertek Systems(snapshots.php)&(detail.php)=>SQL Injection Vulnerability
|
127 |
WEB
|
eXeSoul
|
|
2011-05-24
|
|
Acuity CMS Vulnerable to Blind SQL Injection
|
148 |
WEB
|
p0pc0rn
|
|
2011-05-24
|
|
Pligg CMS v1.1.4 Multiple (XSRF/CSRF) Vulnerabilities
|
105 |
WEB
|
KedAns-Dz
|
|
2011-05-24
|
|
Homepages Admin (index.php)=>(Auth Bypass) Vulnerability
|
121 |
WEB
|
eXeSoul
|
|
2011-05-24
|
|
PEEL Open e-commerce systems Sensitive Database Disclosure Vulnerability
|
137 |
WEB
|
^Xecuti0n3r
|
|
2011-05-24
|
|
MODx Revolution 2.0.8-pl CMS XSRF Vulnerability (Add new user)
|
116 |
WEB
|
^Xecuti0n3r
|
|
2011-05-24
|
|
MyLittleForum 2.2.7 CMS XSRF Vulnerability (Add new user)
|
199 |
WEB
|
^Xecuti0n3r
|
|
2011-05-24
|
|
Textpattern 4.3.0 CMS XSRF Vulnerability (Change Admin's Password)
|
120 |
WEB
|
^Xecuti0n3r
|
|
2011-05-24
|
|
Joomla Component maplocator SQL Injection Vulnerability
|
139 |
WEB
|
Fl0riX
|
|
2011-05-24
|
|
PHPortfolio SQL Injection Vulnerbility
|
133 |
WEB
|
lionaneesh
|
|
2011-05-23
|
|
xtcModified <= 1.05 (FCKeditor) Multiple Vulnerabilities
|
127 |
WEB
|
KedAns-Dz
|
|
2011-05-23
|
|
Collabtive v065 Multiple (CSRF/XSRF) Vulnerabilities
|
128 |
WEB
|
KedAns-Dz
|
|
2011-05-23
|
|
ChromeMedia SQL Injection Vulnerability
|
138 |
WEB
|
Kalashinkov3
|
|
2011-05-23
|
|
werkform (index.php) <= SQL Injection Vulnerability
|
144 |
WEB
|
Caddy-Dz
|
|
2011-05-23
|
|
chillyCMS v1.2.x (CSRF/FD/RFI) Multiple Vulnerabilities
|
94 |
WEB
|
KedAns-Dz
|
|
2011-05-23
|
|
NucleusCMS v3.64 Multiple (CSRF) Vulnerabilities
|
124 |
WEB
|
KedAns-Dz
|
|
2011-05-23
|
|
Mathew Callingham Associatess 3.x.x Multiple Vulnerability
|
128 |
WEB
|
Net.Edit0r
|
|
2011-05-23
|
|
vBulletin 4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability
|
148 |
WEB
|
D4rkB1t
|
|
2011-05-23
|
|
ZabetAgahi SQLInjection Vulnerability
|
136 |
WEB
|
3H34N
|
|
2011-05-23
|
|
PHP Captcha / Securimage 2.0.2 - Authentication Bypass - SO-11-007
|
141 |
WEB
|
Sense of Security
|
|
2011-05-23
|
|
E-Manage MySchool 7.02 SQL Injection Vulnerability
|
136 |
WEB
|
az7rb
|
|
2011-05-23
|
|
Zen Cart <= v1.3.9h Multiple Vulnerabilities
|
131 |
WEB
|
Alberto Fontanella
|
|
2011-05-23
|
|
Tugux CMS 1.2 Multiple Remote Vulnerabilities
|
185 |
WEB
|
LiquidWorm
|
|
2011-05-23
|
|
Ultimate PHP Board 2.2.7 Broken Authentication and Session Management
|
127 |
WEB
|
i2sec
|
|
2011-05-23
|
|
Easy Contact 0.1.2 WordPress Plugin Cross Site Scripting
|
128 |
WEB
|
Websecurity
|
|
2011-05-20
|
|
Rootage 1.0.0.4 Alpha Directory Traversal
|
118 |
WEB
|
AutoSec Tools
|
|
2011-05-20
|
|
Room Juice 0.3.3 Cross Site Scripting
|
96 |
WEB
|
AutoSec Tools
|
|
2011-05-20
|
|
Aphpkb 0.95.4 PHP Execution
|
139 |
WEB
|
AutoSec Tools
|
|
2011-05-20
|
|
Trade Line Web <= Remote 'id' Funcs SQL-i Vulnerabilities
|
205 |
WEB
|
knockout
|
|
2011-05-19
|
|
TWiki 5.0.1 Cross Site Scripting
|
162 |
WEB
|
Netsparker Advisories
|
|
2011-05-19
|
|
99ko <= 0.4b Multiple (CSRF/XSRF) Vulnerabilities
|
355 |
WEB
|
KedAns-Dz
|
