|
2017-12-08
|
|
Co-work Space Search Script 1.0 - 'city' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
CMS Auditor Website 1.0 - SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Child Care Script 1.0 - 'city' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Chartered Accountant Booking Script 1.0 - 'city' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Cab Booking Script 1.0 - 'city' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Nearbuy Clone Script 3.2 - 'search' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
Beauty Parlour Booking Script 1.0 - 'gender' / 'city' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
Basic B2B Script 2.0.8 - 'product_details.php?id' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
Affiliate MLM Script 1.0 - 'product-category.php?key' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
Advance Online Learning Management Script 3.1 - 'subcatid' / 'popcourseid' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
Advance B2B Script 2.1.3 - 'show_id' / 'pid' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Foodpanda Clone 1.0 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Expedia Clone 1.0 - 'fl_orig' / 'fl_dest' / 'id' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Trademe Clone 1.0 - 'search' / 'id' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Amazon Clone 1.0 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Care Clone 1.0 - 'jobFrequency' / 'jobType' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Crowdfunding Script 1.0 - 'latest_news_details.php?id' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Ebay Clone 1.0 - 'id' / 'sub_category_id' / 'category_id' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Freelancer Clone 1.0 - 'profile.php?u' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Gigs Script 1.0 - 'cat' / 'sc' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Groupon Clone 1.0 - 'id' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Grubhub Clone 1.0 - 'keywords' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS IMDB Clone 1.0 - 'f' / 's' / 'id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Indiamart Clone 1.0 - 'token' / 'id' / 'c' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-09
|
|
FS Linkedin Clone 1.0 - 'grid' / 'fid' / 'id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
FS Makemytrip Clone 1.0 - 'fl_orig' / 'fl_dest' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
FS Monster Clone 1.0 - 'Employer_Details.php?id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
FS Olx Clone 1.0 - 'scat' / 'pid' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
FS Quibids Clone 1.0 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
FS Shutterstock Clone 1.0 - 'keywords' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
FS Stackoverflow Clone 1.0 - 'keywords' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
FS Thumbtack Clone 1.0 - 'cat' / 'sc' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Realestate Crowdfunding Script 2.7.2 - 'pid' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Website Auction Marketplace 2.0.5 - 'cat_id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
Simple Chatting System 1.0.0 - Arbitrary File Upload
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-08
|
|
DomainSale PHP Script 1.0 - 'id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-07
|
|
OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting
|
2 |
WEB
|
SEC Consult
|
|
2017-12-07
|
|
OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting
|
2 |
WEB
|
SEC Consult
|
|
2017-12-07
|
|
FS Facebook Clone - 'token' SQL Injection
|
2 |
WEB
|
Dan°
|
|
2017-12-07
|
|
FS IMDB Clone - 'id' SQL Injection
|
2 |
WEB
|
Dan°
|
|
2017-12-06
|
|
FS Shaadi Clone - 'token' SQL Injection
|
2 |
WEB
|
Dan°
|
|
2017-12-06
|
|
WinduCMS 3.1 - Local File Disclosure
|
2 |
WEB
|
Maciek Krupa
|
|
2017-12-06
|
|
FS Makemytrip Clone - 'id' SQL Injection
|
1 |
WEB
|
Dan°
|
|
2017-12-05
|
|
Readymade Classifieds Script 1.0 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-05
|
|
Techno Portfolio Management Panel - 'id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-12-05
|
|
Perspective ICM Investigation & Case 5.1.1.16 - Privilege Escalation
|
2 |
WEB
|
Konstantinos Alexiou
|
|
2017-12-01
|
|
Artica Web Proxy 3.06 - Remote Code Execution
|
2 |
WEB
|
hyp3rlinx
|
|
2017-12-01
|
|
MistServer 2.12 - Cross-Site Scripting
|
2 |
WEB
|
hyp3rlinx
|
|
2017-11-30
|
|
Jobs2Careers / Coroflot Clone - SQL Injection
|
2 |
WEB
|
8bitsec
|
|
2017-11-28
|
|
WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal
|
2 |
WEB
|
Fu2x2000
|
|
2017-11-11
|
|
osCommerce 2.3.4.1 - Arbitrary File Upload
|
2 |
WEB
|
Simon Scannell
|
|
2017-11-28
|
|
Synology StorageManager 5.2 - Root Remote Command Execution
|
3 |
WEB
|
SecuriTeam
|
|
2017-11-27
|
|
ZTE ZXDSL 831CII - Improper Access Restrictions
|
3 |
WEB
|
Ibad Shah
|
|
2017-11-15
|
|
CommuniGatePro 6.1.16 - Cross-Site Scripting
|
2 |
WEB
|
Boumediene KADDOUR
|
|
2017-11-17
|
|
Icon Time Systems RTC-1000 Firmware 2.5.7458 - Cross-Site Scripting
|
2 |
WEB
|
Keith Thome
|
|
2017-11-16
|
|
Zeta Components Mail 1.8.1 - Remote Code Execution
|
1 |
WEB
|
MalwareBenchmark
|
|
2017-11-16
|
|
Vonage VDV23 - Cross-Site Scripting
|
1 |
WEB
|
Nu11By73
|
|
2017-11-16
|
|
LanSweeper 6.0.100.75 - Cross-Site Scripting
|
1 |
WEB
|
Miguel Mendez Z
|
|
2017-11-16
|
|
TP-Link TL-WR740N - Cross-Site Scripting
|
3 |
WEB
|
bl00dy
|
|
2017-03-26
|
|
D-Link DCS-936L Network Camera - Cross-Site Request Forgery
|
1 |
WEB
|
SlidingWindow
|
|
2017-11-13
|
|
Kirby CMS < 2.5.7 - Cross-Site Scripting
|
2 |
WEB
|
Ishaq Mohammed
|
|
2017-11-13
|
|
Web Viewer 1.0.0.193 (Samsung SRN-1670D) - Unrestricted File Upload
|
2 |
WEB
|
0xFFFFFF
|
|
2017-11-11
|
|
MyBB 1.8.13 - Cross-Site Scripting
|
2 |
WEB
|
Pabstersac
|
|
2017-11-11
|
|
MyBB 1.8.13 - Remote Code Execution
|
3 |
WEB
|
Pabstersac
|
|
2017-11-07
|
|
ManageEngine Applications Manager 13 - SQL Injection
|
2 |
WEB
|
Cody Sixteen
|
|
2017-11-07
|
|
pfSense 2.3.1_1 - Command Execution
|
1 |
WEB
|
s4squatch
|
|
2017-11-03
|
|
Logitech Media Server 7.9.0 - 'Radio URL' Cross-Site Scripting
|
2 |
WEB
|
Dewank Pant
|
|
2017-11-03
|
|
Logitech Media Server 7.9.0 - 'favorites' Cross-Site Scripting
|
1 |
WEB
|
Dewank Pant
|
|
2017-11-04
|
|
WordPress Plugin Userpro < 4.9.17.1 - Authentication Bypass
|
2 |
WEB
|
Colette Chamberland
|
|
2017-05-17
|
|
Oracle PeopleSoft Enterprise PeopleTools < 8.55 - Remote Code Execution Via Blind XML External Entit
|
2 |
WEB
|
Charles Fol
|
|
2017-11-03
|
|
Ladon Framework for Python 0.9.40 - XML External Entity Expansion
|
2 |
WEB
|
RedTeam Pentesting
|
|
2017-11-03
|
|
WordPress Plugin JTRT Responsive Tables 4.1 - SQL Injection
|
2 |
WEB
|
Lenon Leite
|
|
2017-11-01
|
|
Ingenious School Management System 2.3.0 - 'friend_index' SQL injection
|
2 |
WEB
|
Giulio Comi
|
|
2017-11-01
|
|
OctoberCMS 1.0.426 (Build 426) - Cross-Site Request Forgery
|
2 |
WEB
|
Zain Sabahat
|
|
2017-10-30
|
|
Oracle Java SE - Web Start jnlp XML External Entity Processing Information Disclosure
|
2 |
WEB
|
mr_me
|
|
2017-10-30
|
|
Ingenious 2.3.0 - Arbitrary File Upload
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
D-Park Pro 1.0 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Adult Script Pro 2.2.4 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Article Directory Script 3.0 - 'id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
iProject Management System 1.0 - 'ID' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
iStock Management System 1.0 - Arbitrary File Upload
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
iTech Gigs Script 1.21 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Job Board Script - 'nice_theme' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Joomla! Component NS Download Shop 2.2.6 - 'id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Joomla! Component Zh YandexMap 6.1.1.0 - 'placemarklistid' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Mailing List Manager Pro 3.0 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
MyBuilder Clone 1.0 - 'subcategory' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
PG All Share Video 1.0 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
PHP CityPortal 2.0 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Same Sex Dating Software Pro 1.0 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
SoftDatepro Dating Social Network 1.3 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Sokial Social Network Script 1.0 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
tPanel 2009 - Authentication Bypass
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Vastal I-Tech Dating Zone 0.9.9 - 'product_id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
ZeeBuddy 2x - 'groupid' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Protected Links - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
AROX School ERP PHP Script - 'id' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Shareet - 'photo' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
US Zip Codes Database - 'state' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Newspaper 1.0 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
News 1.0 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
MyMagazine 1.0 - 'id' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
CmsLite 1.4 - 'S' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Basic B2B Script - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
CPA Lead Reward Script - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Fake Magazine Cover Script - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Nice PHP FAQ Script - 'nice_theme' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Online Exam Test Application - 'sort' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Php Inventory - Arbitrary File Upload
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Vastal I-Tech Agent Zone - 'searchCommercial.php' / 'searchResidential.php' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Website Broker Script - 'status_id' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
Zomato Clone Script - 'resid' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-10-30
|
|
WordPress Plugin Ultimate Product Catalog 4.2.24 - PHP Object Injection
|
0 |
WEB
|
tomplixsee
|
|
2017-10-27
|
|
phpMyFAQ 2.9.8 - Cross-Site Request Forgery
|
0 |
WEB
|
Nikhil Mittal
|
|
2017-10-28
|
|
PHPMyFAQ 2.9.8 - Cross-Site Scripting (3)
|
0 |
WEB
|
Nikhil Mittal
|
|
2017-10-28
|
|
PHP Melody 2.6.1 - SQL Injection
|
0 |
WEB
|
Venkat Rajgor
|
|
2017-10-25
|
|
PHPMailer < 5.2.21 - Local File Disclosure
|
2 |
WEB
|
Maciek Krupa
|
|
2017-10-25
|
|
KeystoneJS 4.0.0-beta.5 - Cross-Site Scripting
|
1 |
WEB
|
Ishaq Mohammed
|
|
2017-10-25
|
|
KeystoneJS 4.0.0-beta.5 - CSV Excel Macro Injection
|
1 |
WEB
|
Ishaq Mohammed
|
|
2017-10-24
|
|
FS Realtor Clone - 'id' SQL Injection
|
2 |
WEB
|
8bitsec
|
|
2017-10-24
|
|
FS Crowdfunding Script - 'id' SQL Injection
|
2 |
WEB
|
8bitsec
|
|
2017-10-24
|
|
FS Care Clone - 'sitterService' SQL Injection
|
2 |
WEB
|
8bitsec
|
|
2017-10-24
|
|
FS Monster Clone - 'id' SQL Injection
|
2 |
WEB
|
8bitsec
|
|
2017-10-24
|
|
FS Trademe Clone - 'id' SQL Injection
|
3 |
WEB
|
8bitsec
|
|
2017-10-24
|
|
FS Thumbtack Clone - 'ser' SQL Injection
|
2 |
WEB
|
8bitsec
|
