|
2015-06-29
|
|
XOOPS < 2.0.11 - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2015-05-16
|
|
Burning Board < 2.3.1 - SQL Injection
|
2 |
WEB
|
GulfTech Security
|
|
2015-05-05
|
|
Invision Power Board (IP.Board) < 2.0.3 - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2015-04-19
|
|
AZBB < 1.0.07d - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2015-01-03
|
|
PhotoPost < 4.85 - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2015-01-02
|
|
ReviewPost < 2.84 - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2015-01-01
|
|
PhotoPost Classifieds < 2.01 - Multiple Vulnerabilities
|
2 |
WEB
|
GulfTech Security
|
|
2014-12-29
|
|
PHP-Calendar < 0.10.1 - Arbitrary File Inclusion
|
2 |
WEB
|
GulfTech Security
|
|
2014-12-27
|
|
WHM.AutoPilot < 2.4.6.5 - Multiple Vulnerabilities
|
2 |
WEB
|
GulfTech Security
|
|
2014-08-23
|
|
LiveWorld Multiple Products - Cross Site Scripting
|
2 |
WEB
|
GulfTech Security
|
|
2004-05-17
|
|
HelpCenter Live! < 1.2.7 - Multiple Vulnerabilities
|
2 |
WEB
|
GulfTech Security
|
|
2004-05-04
|
|
Invision Power Board (IP.Board) < 1.3.1 - Design Error
|
3 |
WEB
|
GulfTech Security
|
|
2004-05-04
|
|
PHPX < 3.26 - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2004-04-24
|
|
OpenBB < 1.0.6 - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2004-04-14
|
|
phpBugTracker < 0.9.1 - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2004-04-11
|
|
TikiWiki < 1.8.1 - Multiple Vulnerabilities
|
2 |
WEB
|
GulfTech Security
|
|
2004-03-28
|
|
PhotoPost < 4.6 - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2004-03-21
|
|
Invision Gallery < 1.0.1 - SQL Injection
|
2 |
WEB
|
GulfTech Security
|
|
2004-03-21
|
|
Invision Power Top Site List < 1.1 RC 2 - SQL Injection
|
3 |
WEB
|
GulfTech Security
|
|
2004-03-20
|
|
phpBB < 2.0.7a - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2004-03-15
|
|
Mambo < 4.5 - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2004-03-15
|
|
vBulletin < 3.0.0 RC4 - Cross Site Scripting
|
3 |
WEB
|
GulfTech Security
|
|
2004-03-15
|
|
Phorum < 5.0.3 Beta - Cross Site Scripting
|
3 |
WEB
|
GulfTech Security
|
|
2004-03-12
|
|
phpBB < 2.0.6d - Cross Site Scripting
|
3 |
WEB
|
GulfTech Security
|
|
2004-03-02
|
|
Invision Power Board (IP.Board) < 1.3 - SQL Injection
|
2 |
WEB
|
GulfTech Security
|
|
2004-01-13
|
|
phpShop < 0.6.1-b - Multiple Vulnerabilities
|
2 |
WEB
|
GulfTech Security
|
|
2004-01-13
|
|
phpGedView < 2.65 beta 5 - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2004-01-12
|
|
MetaDot < 5.6.5.4b5 - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2004-01-03
|
|
PostNuke < 0.726 Phoenix - Multiple Vulnerabilities
|
2 |
WEB
|
GulfTech Security
|
|
2003-12-22
|
|
osCommerce < 2.2-MS2 - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2003-12-18
|
|
ASPapp Multiple Products - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2003-12-18
|
|
AutoRank PHP < 2.0.4 - SQL Injection (PoC)
|
3 |
WEB
|
GulfTech Security
|
|
2003-12-16
|
|
Aardvark Topsites < 4.1.0 - Multiple Vulnerabilities
|
4 |
WEB
|
GulfTech Security
|
|
2003-12-16
|
|
Invision Power Board (IP.Board) < 2.0 Alpha 3 - SQL Injection (PoC)
|
2 |
WEB
|
GulfTech Security
|
|
2003-12-15
|
|
Invision Power Top Site List < 2.0 Alpha 3 - SQL Injection (PoC)
|
3 |
WEB
|
GulfTech Security
|
|
2003-12-15
|
|
DUWare Multiple Products - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2018-01-18
|
|
GitStack 2.3.10 - Remote Code Execution
|
3 |
WEB
|
Kacper Szurek
|
|
2018-01-18
|
|
Primefaces 5.x - Remote Code Execution (Metasploit)
|
3 |
WEB
|
Bjoern Schuette
|
|
2018-01-17
|
|
SugarCRM 3.5.1 - Cross-Site Scripting
|
3 |
WEB
|
Guilherme Assmann
|
|
2018-01-17
|
|
Belkin N600DB Wireless Router - Multiple Vulnerabilities
|
3 |
WEB
|
Wadeek
|
|
2018-01-17
|
|
D-Link DSL-2640R - DNS Change
|
4 |
WEB
|
Todor Donev
|
|
2018-01-17
|
|
Reservo Image Hosting Script 1.5 - Cross-Site Scripting
|
4 |
WEB
|
Dennis Veninga
|
|
2018-01-17
|
|
Zomato Clone Script - Arbitrary File Upload
|
3 |
WEB
|
Tauco
|
|
2018-01-15
|
|
Flash Operator Panel 2.31.03 - Command Execution
|
2 |
WEB
|
Vulnerability-Lab
|
|
2018-01-15
|
|
ILIAS < 5.2.4 - Cross-Site Scripting
|
3 |
WEB
|
Florian Kunushevci
|
|
2018-01-15
|
|
Oracle PeopleSoft 8.5x - Remote Code Execution
|
3 |
WEB
|
Vahagn Vardanyan
|
|
2018-01-15
|
|
Adminer 4.3.1 - Server-Side Request Forgery
|
3 |
WEB
|
hyp3rlinx
|
|
2018-01-15
|
|
Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect
|
3 |
WEB
|
Andrew Gill
|
|
2018-01-15
|
|
RISE 1.9 - 'search' SQL Injection
|
3 |
WEB
|
Ahmad Mahfouz
|
|
2018-01-15
|
|
PerfexCRM 1.9.7 - Arbitrary File Upload
|
3 |
WEB
|
Ahmad Mahfouz
|
|
2018-01-15
|
|
Domains & Hostings Manager PRO 3.0 - Authentication Bypass
|
3 |
WEB
|
Tauco
|
|
2018-01-15
|
|
ImgHosting 1.5 - Cross-Site Scripting
|
3 |
WEB
|
Dennis Veninga
|
|
2018-01-15
|
|
pfSense < 2.1.4 - 'status_rrd_graph_img.php' Command Injection
|
2 |
WEB
|
absolomb
|
|
2018-01-12
|
|
Taxi Booking Script 1.0 - Cross-site Scripting
|
4 |
WEB
|
Tauco
|
|
2018-01-12
|
|
Xnami 1.0 - Cross-Site Scripting
|
3 |
WEB
|
Dennis Veninga
|
|
2018-01-10
|
|
D-Link Routers 110/412/615/815 < 1.03 - 'service.cgi' Arbitrary Code Execution
|
4 |
WEB
|
Cr0n1c
|
|
2018-01-10
|
|
SAP NetWeaver J2EE Engine 7.40 - SQL Injection
|
2 |
WEB
|
Vahagn Vardanyan
|
|
2018-01-10
|
|
Joomla! Component Easydiscuss < 4.0.21 - Cross-Site Scripting
|
3 |
WEB
|
Mattia Furlani
|
|
2018-01-10
|
|
WordPress Plugin WordPress Download Manager 2.9.60 - Cross-Site Request Forgery
|
3 |
WEB
|
Panagiotis Vagenas
|
|
2018-01-10
|
|
WordPress Plugin Admin Menu Tree Page View 2.6.9 - Cross-Site Request Forgery / Privilege Escalation
|
3 |
WEB
|
Panagiotis Vagenas
|
|
2018-01-10
|
|
WordPress Plugin CMS Tree Page View 1.4 - Cross-Site Request Forgery / Privilege Escalation
|
3 |
WEB
|
Panagiotis Vagenas
|
|
2018-01-10
|
|
WordPress Plugin Social Media Widget by Acurax 3.2.5 - Cross-Site Request Forgery
|
3 |
WEB
|
Panagiotis Vagenas
|
|
2018-01-10
|
|
WordPress Plugin Events Calendar - 'event_id' SQL Injection
|
3 |
WEB
|
Dennis Veninga
|
|
2018-01-10
|
|
Muviko 1.1 - SQL Injection
|
3 |
WEB
|
Ahmad Mahfouz
|
|
2018-01-10
|
|
WordPress Plugin Service Finder Booking < 3.2 - Local File Disclosure
|
3 |
WEB
|
telahdihapus
|
|
2018-01-10
|
|
Synology Photostation 6.7.2-3429 - Remote Code Execution (Metasploit)
|
2 |
WEB
|
James Bercegay
|
|
2018-01-08
|
|
Vanilla < 2.1.5 - Cross-Site Request Forgery
|
3 |
WEB
|
Anand Meyyappan
|
|
2018-01-08
|
|
WordPress Plugin LearnDash 2.5.3 - Arbitrary File Upload
|
3 |
WEB
|
NinTechNet
|
|
2018-01-08
|
|
FiberHome LM53Q1 - Multiple Vulnerabilities
|
3 |
WEB
|
Ibad Shah
|
|
2018-01-08
|
|
SonicWall NSA 6600/5600/4600/3600/2600/250M - Multiple Vulnerabilities
|
3 |
WEB
|
Vulnerability-Lab
|
|
2018-01-08
|
|
Photos in Wifi 1.0.1 - Path Traversal
|
3 |
WEB
|
Vulnerability-Lab
|
|
2018-01-08
|
|
Synology DiskStation Manager (DSM) < 6.1.3-15152 - 'forget_passwd.cgi' User Enumeration
|
3 |
WEB
|
Steve Kaun
|
|
2018-01-05
|
|
Gespage 7.4.8 - SQL Injection
|
3 |
WEB
|
Sysdream
|
|
2003-06-16
|
|
Snitz Forums 2000 < 3.4.0.3 - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2003-06-06
|
|
Max Web Portal < 1.30 - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2003-06-04
|
|
MegaBrowser < 0.71b - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2003-06-03
|
|
FTP Service < 1.2 - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2003-06-02
|
|
WinMX < 2.6 - Design Error
|
3 |
WEB
|
GulfTech Security
|
|
2003-05-30
|
|
P-Synch < 6.2.5 - Multiple Vulnerabilities
|
1 |
WEB
|
GulfTech Security
|
|
2003-01-17
|
|
phpLinks < 2.1.2 - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2003-01-13
|
|
PHP Topsites < 2.2 - Multiple Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2008-09-04
|
|
Zen Cart < 1.3.8a - SQL Injection
|
2 |
WEB
|
GulfTech Security
|
|
2018-01-05
|
|
gps-server.net GPS Tracking Software < 3.1 - Multiple Vulnerabilities
|
2 |
WEB
|
Noman Riffat
|
|
2018-01-03
|
|
EMC xPression 4.5SP1 Patch 13 - 'model.jobHistoryId' SQL Injection
|
3 |
WEB
|
Pawel Gocyla
|
|
2018-01-03
|
|
WordPress Plugin Smart Google Code Inserter < 3.5 - Authentication Bypass / SQL Injection
|
2 |
WEB
|
Benjamin Lim
|
|
2017-12-25
|
|
Huawei Router HG532 - Arbitrary Command Execution
|
3 |
WEB
|
anonymous
|
|
2017-12-31
|
|
PHP Melody 2.7.1 - 'playlist' SQL Injection
|
3 |
WEB
|
Ahmad Mahfouz
|
|
2017-12-27
|
|
DotNetNuke DreamSlider 01.01.02 - Arbitrary File Download (Metasploit)
|
3 |
WEB
|
Glafkos Charalambous
|
|
2017-12-27
|
|
SAP BusinessObjects launch pad - Server-Side Request Forgery
|
3 |
WEB
|
Ahmad Mahfouz
|
|
2017-12-27
|
|
Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure
|
3 |
WEB
|
LiquidWorm
|
|
2017-12-27
|
|
Telesquare SKT LTE Router SDT-CS3B1 - Cross-Site Request Forgery
|
3 |
WEB
|
LiquidWorm
|
|
2017-12-27
|
|
Easy!Appointments 1.2.1 - Cross-Site Scripting
|
3 |
WEB
|
LiquidWorm
|
|
2017-12-27
|
|
Xerox DC260 EFI Fiery Controller Webtools 2.0 - Arbitrary File Disclosure
|
3 |
WEB
|
LiquidWorm
|
|
2017-12-26
|
|
SilverStripe CMS 3.6.2 - CSV Excel Macro Injection
|
3 |
WEB
|
Ishaq Mohammed
|
|
2017-12-26
|
|
Sendroid < 6.5.0 - SQL Injection
|
3 |
WEB
|
Onwuka Gideon
|
|
2017-12-26
|
|
Biometric Shift Employee Management System 3.0 - Local File Disclosure
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-26
|
|
Joomla! Component JEXTN FAQ Pro 4.0.0 - 'id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-20
|
|
BEIMS ContractorWeb 5.18.0.0 - SQL Injection
|
3 |
WEB
|
Rajwinder Singh
|
|
2017-12-20
|
|
Ability Mail Server 3.3.2 - Cross-Site Scripting
|
2 |
WEB
|
Aloyce J. Makalanga
|
|
2017-12-20
|
|
Conarc iChannel - Improper Access Restrictions
|
3 |
WEB
|
Information Paradox
|
|
2017-12-19
|
|
Joomla! Component NextGen Editor 2.1.0 - 'plname' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-12-19
|
|
BrightSign Digital Signage - Multiple Vulnerablities
|
3 |
WEB
|
Information Paradox
|
|
2017-12-14
|
|
Linksys WVBR0 - 'User-Agent' Remote Command Injection
|
2 |
WEB
|
nixawk
|
|
2017-12-13
|
|
vBulletin 5.x - 'cacheTemplates' Remote Arbitrary File Deletion
|
3 |
WEB
|
SecuriTeam
|
|
2017-12-13
|
|
vBulletin 5.x - 'routestring' Remote Code Execution
|
3 |
WEB
|
SecuriTeam
|
|
2017-12-18
|
|
Joomla! Component My Projects 2.0 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-18
|
|
Joomla! Component User Bench 1.0 - 'userid' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-12-18
|
|
Joomla! Component Guru Pro - 'promocode' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-12-18
|
|
Joomla! Component JB Visa 1.0 - 'visatype' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-18
|
|
Cells Blog 3.5 - 'bgid' / 'fmid' / 'fnid' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-12-18
|
|
Monstra CMS 3.0.4 - (Authenticated) Arbitrary File Upload / Remote Code Execution
|
2 |
WEB
|
Ishaq Mohammed
|
|
2017-12-18
|
|
Ciuis CRM 1.0.7 - SQL Injection
|
2 |
WEB
|
Zahid Abbasi
|
|
2017-12-15
|
|
Movie Guide 2.0 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-15
|
|
ITGuard-Manager 0.0.0.1 - Remote Code Execution
|
3 |
WEB
|
Nassim Asrir
|
|
2017-12-14
|
|
Advantech WebAccess 8.2-2017.03.31 - Webvrpcs Service Opcode 80061 Stack Buffer Overflow (Metasploit
|
3 |
WEB
|
Metasploit
|
|
2017-12-14
|
|
Piwigo 2.9.1 - 'cat_true' / 'cat_false' SQL Injection
|
3 |
WEB
|
Akityo
|
|
2017-12-14
|
|
Bus Booking Script 1.0 - 'txtname' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-12-14
|
|
FS Lynda Clone 1.0 - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-12-14
|
|
Paid To Read Script 2.0.5 - 'uid' / 'fnum' / 'fn' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-14
|
|
Readymade Video Sharing Script 3.2 - HTML Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-13
|
|
Meinberg LANTIME Web Configuration Utility 6.16.008 - Arbitrary File Read
|
2 |
WEB
|
Jakub Palaczynski
|
|
2017-12-13
|
|
Joomla! Component JEXTN Video Gallery 3.0.5 - 'id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-13
|
|
Joomla! Component JEXTN Question And Answer 3.1.0 - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-12-12
|
|
Accesspress Anonymous Post Pro < 3.2.0 - Arbitrary File Upload
|
3 |
WEB
|
Colette Chamberland
|
|
2017-12-12
|
|
Joomla! Component JBuildozer 1.4.1 - 'appid' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
