|
2018-01-17
|
|
D-Link DSL-2640R - DNS Change
|
3 |
WEB
|
Todor Donev
|
|
2018-01-17
|
|
Reservo Image Hosting Script 1.5 - Cross-Site Scripting
|
3 |
WEB
|
Dennis Veninga
|
|
2018-01-17
|
|
Zomato Clone Script - Arbitrary File Upload
|
2 |
WEB
|
Tauco
|
|
2018-01-15
|
|
Flash Operator Panel 2.31.03 - Command Execution
|
2 |
WEB
|
Vulnerability-Lab
|
|
2018-01-15
|
|
ILIAS < 5.2.4 - Cross-Site Scripting
|
2 |
WEB
|
Florian Kunushevci
|
|
2018-01-15
|
|
Oracle PeopleSoft 8.5x - Remote Code Execution
|
2 |
WEB
|
Vahagn Vardanyan
|
|
2018-01-15
|
|
Adminer 4.3.1 - Server-Side Request Forgery
|
2 |
WEB
|
hyp3rlinx
|
|
2018-01-15
|
|
Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect
|
1 |
WEB
|
Andrew Gill
|
|
2018-01-15
|
|
RISE 1.9 - 'search' SQL Injection
|
1 |
WEB
|
Ahmad Mahfouz
|
|
2018-01-15
|
|
PerfexCRM 1.9.7 - Arbitrary File Upload
|
1 |
WEB
|
Ahmad Mahfouz
|
|
2018-01-15
|
|
Domains & Hostings Manager PRO 3.0 - Authentication Bypass
|
2 |
WEB
|
Tauco
|
|
2018-01-15
|
|
ImgHosting 1.5 - Cross-Site Scripting
|
2 |
WEB
|
Dennis Veninga
|
|
2018-01-15
|
|
pfSense < 2.1.4 - 'status_rrd_graph_img.php' Command Injection
|
2 |
WEB
|
absolomb
|
|
2018-01-12
|
|
Taxi Booking Script 1.0 - Cross-site Scripting
|
2 |
WEB
|
Tauco
|
|
2018-01-12
|
|
Xnami 1.0 - Cross-Site Scripting
|
2 |
WEB
|
Dennis Veninga
|
|
2018-01-10
|
|
D-Link Routers 110/412/615/815 < 1.03 - 'service.cgi' Arbitrary Code Execution
|
2 |
WEB
|
Cr0n1c
|
|
2018-01-10
|
|
SAP NetWeaver J2EE Engine 7.40 - SQL Injection
|
2 |
WEB
|
Vahagn Vardanyan
|
|
2018-01-10
|
|
Joomla! Component Easydiscuss < 4.0.21 - Cross-Site Scripting
|
2 |
WEB
|
Mattia Furlani
|
|
2018-01-10
|
|
WordPress Plugin WordPress Download Manager 2.9.60 - Cross-Site Request Forgery
|
2 |
WEB
|
Panagiotis Vagenas
|
|
2018-01-10
|
|
WordPress Plugin Admin Menu Tree Page View 2.6.9 - Cross-Site Request Forgery / Privilege Escalation
|
2 |
WEB
|
Panagiotis Vagenas
|
|
2018-01-10
|
|
WordPress Plugin CMS Tree Page View 1.4 - Cross-Site Request Forgery / Privilege Escalation
|
2 |
WEB
|
Panagiotis Vagenas
|
|
2018-01-10
|
|
WordPress Plugin Social Media Widget by Acurax 3.2.5 - Cross-Site Request Forgery
|
2 |
WEB
|
Panagiotis Vagenas
|
|
2018-01-10
|
|
WordPress Plugin Events Calendar - 'event_id' SQL Injection
|
2 |
WEB
|
Dennis Veninga
|
|
2018-01-10
|
|
Muviko 1.1 - SQL Injection
|
2 |
WEB
|
Ahmad Mahfouz
|
|
2018-01-10
|
|
WordPress Plugin Service Finder Booking < 3.2 - Local File Disclosure
|
2 |
WEB
|
telahdihapus
|
|
2018-01-10
|
|
Synology Photostation 6.7.2-3429 - Remote Code Execution (Metasploit)
|
2 |
WEB
|
James Bercegay
|
|
2018-01-08
|
|
Vanilla < 2.1.5 - Cross-Site Request Forgery
|
2 |
WEB
|
Anand Meyyappan
|
|
2018-01-08
|
|
WordPress Plugin LearnDash 2.5.3 - Arbitrary File Upload
|
2 |
WEB
|
NinTechNet
|
|
2018-01-08
|
|
FiberHome LM53Q1 - Multiple Vulnerabilities
|
2 |
WEB
|
Ibad Shah
|
|
2018-01-08
|
|
SonicWall NSA 6600/5600/4600/3600/2600/250M - Multiple Vulnerabilities
|
2 |
WEB
|
Vulnerability-Lab
|
|
2018-01-08
|
|
Photos in Wifi 1.0.1 - Path Traversal
|
1 |
WEB
|
Vulnerability-Lab
|
|
2018-01-08
|
|
Synology DiskStation Manager (DSM) < 6.1.3-15152 - 'forget_passwd.cgi' User Enumeration
|
1 |
WEB
|
Steve Kaun
|
|
2018-01-05
|
|
Gespage 7.4.8 - SQL Injection
|
2 |
WEB
|
Sysdream
|
|
2003-06-16
|
|
Snitz Forums 2000 < 3.4.0.3 - Multiple Vulnerabilities
|
2 |
WEB
|
GulfTech Security
|
|
2003-06-06
|
|
Max Web Portal < 1.30 - Multiple Vulnerabilities
|
2 |
WEB
|
GulfTech Security
|
|
2003-06-04
|
|
MegaBrowser < 0.71b - Multiple Vulnerabilities
|
2 |
WEB
|
GulfTech Security
|
|
2003-06-03
|
|
FTP Service < 1.2 - Multiple Vulnerabilities
|
2 |
WEB
|
GulfTech Security
|
|
2003-06-02
|
|
WinMX < 2.6 - Design Error
|
2 |
WEB
|
GulfTech Security
|
|
2003-05-30
|
|
P-Synch < 6.2.5 - Multiple Vulnerabilities
|
1 |
WEB
|
GulfTech Security
|
|
2003-01-17
|
|
phpLinks < 2.1.2 - Multiple Vulnerabilities
|
2 |
WEB
|
GulfTech Security
|
|
2003-01-13
|
|
PHP Topsites < 2.2 - Multiple Vulnerabilities
|
2 |
WEB
|
GulfTech Security
|
|
2008-09-04
|
|
Zen Cart < 1.3.8a - SQL Injection
|
1 |
WEB
|
GulfTech Security
|
|
2018-01-05
|
|
gps-server.net GPS Tracking Software < 3.1 - Multiple Vulnerabilities
|
1 |
WEB
|
Noman Riffat
|
|
2018-01-03
|
|
EMC xPression 4.5SP1 Patch 13 - 'model.jobHistoryId' SQL Injection
|
2 |
WEB
|
Pawel Gocyla
|
|
2018-01-03
|
|
WordPress Plugin Smart Google Code Inserter < 3.5 - Authentication Bypass / SQL Injection
|
1 |
WEB
|
Benjamin Lim
|
|
2017-12-25
|
|
Huawei Router HG532 - Arbitrary Command Execution
|
2 |
WEB
|
anonymous
|
|
2017-12-31
|
|
PHP Melody 2.7.1 - 'playlist' SQL Injection
|
2 |
WEB
|
Ahmad Mahfouz
|
|
2017-12-27
|
|
DotNetNuke DreamSlider 01.01.02 - Arbitrary File Download (Metasploit)
|
2 |
WEB
|
Glafkos Charalambous
|
|
2017-12-27
|
|
SAP BusinessObjects launch pad - Server-Side Request Forgery
|
2 |
WEB
|
Ahmad Mahfouz
|
|
2017-12-27
|
|
Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure
|
2 |
WEB
|
LiquidWorm
|
|
2017-12-27
|
|
Telesquare SKT LTE Router SDT-CS3B1 - Cross-Site Request Forgery
|
2 |
WEB
|
LiquidWorm
|
|
2017-12-27
|
|
Easy!Appointments 1.2.1 - Cross-Site Scripting
|
2 |
WEB
|
LiquidWorm
|
|
2017-12-27
|
|
Xerox DC260 EFI Fiery Controller Webtools 2.0 - Arbitrary File Disclosure
|
2 |
WEB
|
LiquidWorm
|
|
2017-12-26
|
|
SilverStripe CMS 3.6.2 - CSV Excel Macro Injection
|
2 |
WEB
|
Ishaq Mohammed
|
|
2017-12-26
|
|
Sendroid < 6.5.0 - SQL Injection
|
2 |
WEB
|
Onwuka Gideon
|
|
2017-12-26
|
|
Biometric Shift Employee Management System 3.0 - Local File Disclosure
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-26
|
|
Joomla! Component JEXTN FAQ Pro 4.0.0 - 'id' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-20
|
|
BEIMS ContractorWeb 5.18.0.0 - SQL Injection
|
2 |
WEB
|
Rajwinder Singh
|
|
2017-12-20
|
|
Ability Mail Server 3.3.2 - Cross-Site Scripting
|
0 |
WEB
|
Aloyce J. Makalanga
|
|
2017-12-20
|
|
Conarc iChannel - Improper Access Restrictions
|
1 |
WEB
|
Information Paradox
|
|
2017-12-19
|
|
Joomla! Component NextGen Editor 2.1.0 - 'plname' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-19
|
|
BrightSign Digital Signage - Multiple Vulnerablities
|
2 |
WEB
|
Information Paradox
|
|
2017-12-14
|
|
Linksys WVBR0 - 'User-Agent' Remote Command Injection
|
2 |
WEB
|
nixawk
|
|
2017-12-13
|
|
vBulletin 5.x - 'cacheTemplates' Remote Arbitrary File Deletion
|
3 |
WEB
|
SecuriTeam
|
|
2017-12-13
|
|
vBulletin 5.x - 'routestring' Remote Code Execution
|
2 |
WEB
|
SecuriTeam
|
|
2017-12-18
|
|
Joomla! Component My Projects 2.0 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-18
|
|
Joomla! Component User Bench 1.0 - 'userid' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-18
|
|
Joomla! Component Guru Pro - 'promocode' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-18
|
|
Joomla! Component JB Visa 1.0 - 'visatype' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-18
|
|
Cells Blog 3.5 - 'bgid' / 'fmid' / 'fnid' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-18
|
|
Monstra CMS 3.0.4 - (Authenticated) Arbitrary File Upload / Remote Code Execution
|
1 |
WEB
|
Ishaq Mohammed
|
|
2017-12-18
|
|
Ciuis CRM 1.0.7 - SQL Injection
|
1 |
WEB
|
Zahid Abbasi
|
|
2017-12-15
|
|
Movie Guide 2.0 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-15
|
|
ITGuard-Manager 0.0.0.1 - Remote Code Execution
|
2 |
WEB
|
Nassim Asrir
|
|
2017-12-14
|
|
Advantech WebAccess 8.2-2017.03.31 - Webvrpcs Service Opcode 80061 Stack Buffer Overflow (Metasploit
|
1 |
WEB
|
Metasploit
|
|
2017-12-14
|
|
Piwigo 2.9.1 - 'cat_true' / 'cat_false' SQL Injection
|
2 |
WEB
|
Akityo
|
|
2017-12-14
|
|
Bus Booking Script 1.0 - 'txtname' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-14
|
|
FS Lynda Clone 1.0 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-14
|
|
Paid To Read Script 2.0.5 - 'uid' / 'fnum' / 'fn' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-14
|
|
Readymade Video Sharing Script 3.2 - HTML Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-13
|
|
Meinberg LANTIME Web Configuration Utility 6.16.008 - Arbitrary File Read
|
1 |
WEB
|
Jakub Palaczynski
|
|
2017-12-13
|
|
Joomla! Component JEXTN Video Gallery 3.0.5 - 'id' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-13
|
|
Joomla! Component JEXTN Question And Answer 3.1.0 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-12
|
|
Accesspress Anonymous Post Pro < 3.2.0 - Arbitrary File Upload
|
1 |
WEB
|
Colette Chamberland
|
|
2017-12-12
|
|
Joomla! Component JBuildozer 1.4.1 - 'appid' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Vanguard 1.4 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Vanguard 1.4 - Arbitrary File Upload
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Basic Job Site Script 2.0.5 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Resume Clone Script 2.0.5 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Advanced World Database 2.0.5 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Muslim Matrimonial Script 3.02 - 'succid' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Groupon Clone Script 3.01 - 'state_id' / 'search' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Car Rental Script 2.0.4 - 'val' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
MLM Forced Matrix 2.0.9 - 'newid' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
MLM Forex Market Plan Script 2.0.4 - 'newid' / 'eventid' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Entrepreneur Bus Booking Script 3.0.4 - 'sourcebus' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Advanced Real Estate Script 4.0.7 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Single Theater Booking Script 3.2.1 - 'findcity.php?q' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Multiplex Movie Theater Booking Script 3.1.5 - 'moid' / 'eid' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Responsive Events & Movie Ticket Booking Script 3.2.1 - 'findcity.php?q' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Multireligion Responsive Matrimonial 4.7.2 - 'succid' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Responsive Realestate Script 3.2 - 'property-list?tbud' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Readymade Video Sharing Script 3.2 - SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Readymade PHP Classified Script 3.3 - 'subctid' / 'mctid' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Professional Service Script 1.0 - 'service-list?city' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
PHP Multivendor Ecommerce 1.0 - 'sid' / 'searchcat' / 'chid1' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Opensource Classified Ads Script 3.2 - SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Online Exam Test Application Script 1.6 - 'exams.php?sort' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Multivendor Penny Auction Clone Script 1.0 - SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Lawyer Search Script 1.1 - 'lawyer-list?city' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Laundry Booking Script 1.0 - 'list?city' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Secure E-commerce Script 2.0.1 - 'searchcat' / 'searchmain' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Kickstarter Clone Acript 2.0 - 'projid' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Foodspotting Clone Script 1.0 - 'quicksearch.php?q' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Hot Scripts Clone 3.1 - 'subctid' / 'mctid' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Freelance Website Script 2.0.6 - 'pr_id' / 'catid' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Yoga Class Script 1.0 - 'list?city' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Food Order Script 1.0 - 'list?city' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-11
|
|
Facebook Clone Script 1.0 - 'id' / 'send' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Event Calendar Category Script 1.0 - 'city' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Entrepreneur Dating Script 2.0.1 - 'marital' / 'gender' / 'country' / 'profileid' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
E-commerce MLM Software 1.0 - SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Doctor Search Script 1.0 - 'city' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Entrepreneur Job Portal Script 2.0.6 - 'jobsearch_all.php?rid1' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Consumer Complaints Clone Script 1.0 - 'id' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
