|
2017-03-08
|
|
ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Remote Code Execution
|
1 |
WEB
|
Bruno Bierbaumer
|
|
2017-03-08
|
|
ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Session Stealing
|
1 |
WEB
|
Bruno Bierbaumer
|
|
2017-03-08
|
|
ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Cross-Site Scripting
|
1 |
WEB
|
Bruno Bierbaumer
|
|
2017-03-07
|
|
Apache Struts 2.3.5 < 2.3.31 / 2.5 < 2.5.10 - Remote Code Execution
|
1 |
WEB
|
Vex Woo
|
|
2017-03-09
|
|
WordPress Plugin PICA Photo Gallery 1.0 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-09
|
|
WordPress Plugin Apptha Slider Gallery 1.0 - Arbitrary File Download
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-09
|
|
WordPress Plugin Apptha Slider Gallery 1.0 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-09
|
|
WordPress Plugin Mac Photo Gallery 3.0 - Arbitrary File Download
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-09
|
|
Drupal 7.x Module Services - Remote Code Execution
|
1 |
WEB
|
Charles Fol
|
|
2017-03-09
|
|
TradeMart 1.1 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-09
|
|
Fashmark 1.2 - 'category' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-09
|
|
Busewe 1.2 - SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-03-09
|
|
Nlance 2.2 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-09
|
|
BistroStays 3.0 - 'guests' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-09
|
|
Soundify 1.1 - 'tid' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-09
|
|
Media Search Engine Script - 'search' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-09
|
|
Country on Sale Script - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-08
|
|
Navetti PricePoint 4.6.0.0 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery
|
1 |
WEB
|
SEC Consult
|
|
2017-03-08
|
|
Navetti PricePoint 4.6.0.0 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery
|
1 |
WEB
|
SEC Consult
|
|
2017-03-08
|
|
Navetti PricePoint 4.6.0.0 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery
|
1 |
WEB
|
SEC Consult
|
|
2017-03-08
|
|
Envato Clone Script - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-08
|
|
Videohive Clone Script - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-08
|
|
Audiojungle Clone Script - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-08
|
|
Codecanyon Clone Script - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-08
|
|
Graphicriver Clone Script - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-08
|
|
Themeforest Clone Script - SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-03-07
|
|
Bull/IBM AIX Clusterwatch/Watchware - Multiple Vulnerabilities
|
1 |
WEB
|
RandoriSec
|
|
2017-03-07
|
|
Daily Deals Script 1.0 - 'id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-07
|
|
Mini CMS 1.1 - 'name' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
Deluge Web UI 1.3.13 - Cross-Site Request Forgery
|
1 |
WEB
|
Kyle Neideck
|
|
2017-03-03
|
|
Multiple WordPress Plugins - Arbitrary File Upload
|
0 |
WEB
|
The Martian
|
|
2017-03-06
|
|
Website Broker Script 3.02 - 'view' SQL Injection
|
0 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
Social Network Script 3.01 - 'id' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
Select Your College Script 2.01 - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
Schools Alert Management Script 2.01 - 'list_id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
Responsive Matrimonial Script 4.0.1 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
PHP B2B Script 3.05 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
Network Community Script 3.0.2 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
Multireligion Responsive Matrimonial Script 4.7.1 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
MLM Membership Plan Script 2.0.5 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
MLM Forex Market Plan Script 2.0.1 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
MLM Forced Matrix 2.0.7 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
MLM Binary Plan Script 2.0.5 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
PHP Matrimonial Script 3.0 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
Entrepreneur B2B Script 2.0.4 - 'id' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
PHP Classifieds Rental Script 3.6.0 - 'scatid' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
Advanced Real Estate Script 4.0.6 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
Advanced Matrimonial Script 2.0.3 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
Yellow Pages Clone Script 1.3.4 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
Naukri Clone Script 3.02 - 'type' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
Groupon Clone Script 3.01 - 'catid' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
Redbus Clone Script 3.05 - 'hid_Busid' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
Online Cinema and Event Booking Script 2.01 - 'newsid' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
Responsive Events & Movie Ticket Booking Script - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
Single Theater Booking Script - 'newsid' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
Entrepreneur Bus Booking Script 3.03 - 'hid_Busid' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-06
|
|
Advanced Bus Booking Script 2.04 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-04
|
|
Joomla! Component AltaUserPoints 1.1 - 'userid' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-03-04
|
|
Joomla! Component Content ConstructionKit 1.1 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-04
|
|
Joomla! Component AYS Quiz 1.0 - 'id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-04
|
|
Joomla! Component Monthly Archive 3.6.4 - 'author_form' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-04
|
|
Joomla! Component JUX EventOn 1.0.1 - 'id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-03
|
|
EPSON TMNet WebConfig 1.00 - Cross-Site Scripting
|
2 |
WEB
|
Michael Benich
|
|
2017-03-03
|
|
pfSense 2.3.2 - Cross-Site Scripting / Cross-Site Request Forgery
|
2 |
WEB
|
Yann CAM
|
|
2017-03-03
|
|
pfSense 2.3.2 - Cross-Site Scripting / Cross-Site Request Forgery
|
2 |
WEB
|
Yann CAM
|
|
2017-03-03
|
|
Joomla! Component Coupon 3.5 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-23
|
|
NetGain Enterprise Manager 7.2.562 - 'Ping' Command Injection
|
2 |
WEB
|
MrChaZ
|
|
2017-03-03
|
|
WordPress Core < 4.7.1 - Username Enumeration
|
2 |
WEB
|
Dctor
|
|
2017-03-02
|
|
Joomla! Component Recipe Manager 2.2 - 'id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-02
|
|
Joomla! Component Guesser 1.0.4 - 'type' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-02
|
|
Joomla! Component StreetGuessr Game 1.0 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-02
|
|
Joomla! Component Abstract 2.1 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-02
|
|
Php Classified OLX Clone Script - 'category' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-01
|
|
Meme Maker Script 2.1 - 'user' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-01
|
|
Rage Faces Script 1.3 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-01
|
|
SchoolDir - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-03-01
|
|
WordPress Plugin File Manager 3.0.1 - Cross-Site Request Forgery
|
2 |
WEB
|
David Vaartjes
|
|
2017-03-01
|
|
WordPress Plugin Global Content Blocks 2.1.5 - Cross-Site Request Forgery
|
1 |
WEB
|
Yorick Koster
|
|
2017-03-01
|
|
WordPress Plugin NewStatPress 1.2.4 - Cross-Site Scripting
|
2 |
WEB
|
Han Sahin
|
|
2017-03-01
|
|
WordPress Plugin Popup by Supsystic 1.7.6 - Cross-Site Request Forgery
|
2 |
WEB
|
Radjnies Bhansingh
|
|
2017-03-01
|
|
WordPress Plugin User Login Log 2.2.1 - Cross-Site Scripting
|
1 |
WEB
|
Axel Koolhaas
|
|
2017-03-01
|
|
WordPress Plugin Contact Form Manager - Cross-Site Request Forgery / Cross-Site Scripting
|
2 |
WEB
|
Edwin Molenaar
|
|
2017-03-01
|
|
WordPress Plugin Contact Form Manager - Cross-Site Request Forgery / Cross-Site Scripting
|
2 |
WEB
|
Edwin Molenaar
|
|
2017-03-01
|
|
Aruba AirWave 8.2.3 - XML External Entity Injection / Cross-Site Scripting
|
2 |
WEB
|
SEC Consult
|
|
2017-03-01
|
|
D-Link DSL-2730U Wireless N 150 - Cross-Site Request Forgery
|
2 |
WEB
|
B GOVIND
|
|
2017-02-28
|
|
Netgear DGN2200v1/v2/v3/v4 - Cross-Site Request Forgery
|
2 |
WEB
|
SivertPL
|
|
2017-02-27
|
|
Joomla! Component OneVote! 1.0 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-21
|
|
Grails PDF Plugin 0.6 - XML External Entity Injection
|
2 |
WEB
|
Charles Fol
|
|
2017-02-25
|
|
Joomla! Component JomSocial - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-25
|
|
Joomla! Component Spinner 360 1.3.0 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-02-25
|
|
Joomla! Component My MSG 3.2.1 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-02-25
|
|
Joomla! Component Appointments for JomSocial 3.8.1 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
Trend Micro InterScan Messaging Security (Virtual Appliance) < 9.1.-1600 - Remote Code Execution (Me
|
0 |
WEB
|
Mehmet Ince
|
|
2017-02-25
|
|
Joomla! Component Gnosis 1.1.2 - 'id' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-02-25
|
|
Netgear DGN2200v1/v2/v3/v4 - 'dnslookup.cgi' Remote Command Execution
|
1 |
WEB
|
SivertPL
|
|
2017-02-25
|
|
Joomla! Component Intranet Attendance Track 2.6.5 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-02-24
|
|
memcache-viewer - Cross-Site Scripting
|
2 |
WEB
|
HaHwul
|
|
2017-02-24
|
|
Apple WebKit 10.0.2 - 'Frame::setDocument' Universal Cross-Site Scripting
|
1 |
WEB
|
Google Security Research
|
|
2017-02-24
|
|
Joomla! Component Community Quiz 4.3.5 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-24
|
|
Apple WebKit 10.0.2 - Cross-Origin or Sandboxed IFRAME Pop-up Blocker Bypass
|
2 |
WEB
|
Google Security Research
|
|
2017-02-24
|
|
Joomla! Component GPS Tools 4.0.1 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-24
|
|
Apple WebKit 10.0.2 - 'FrameLoader::clear' Universal Cross-Site Scripting
|
2 |
WEB
|
Google Security Research
|
|
2017-02-24
|
|
Joomla! Component Community Polls 4.5.0 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-24
|
|
Joomla! Component Community Surveys 4.3 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-24
|
|
Joomla! Component AJAX Search for K2 2.2 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-24
|
|
Joomla! Component JO Facebook Gallery 4.5 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-24
|
|
Joomla! Component JooDatabase 3.1.0 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-02-23
|
|
Joomla! Component MultiTier 3.1 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-23
|
|
Joomla! Component UserExtranet 1.3.1 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-23
|
|
Joomla! Component Store for K2 3.8.2 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-18
|
|
WordPress Plugin Mail Masta 1.0 - SQL Injection
|
1 |
WEB
|
Hanley Shun
|
|
2017-02-22
|
|
Teradici Management Console 2.2.0 - Privilege Escalation
|
1 |
WEB
|
hantwister
|
|
2017-02-21
|
|
ProjectSend r754 - Insecure Direct Object Reference
|
2 |
WEB
|
Vulnerability-Lab
|
|
2017-02-21
|
|
Lock Photos Album&Videos Safe 4.3 - Directory Traversal
|
2 |
WEB
|
Vulnerability-Lab
|
|
2017-02-22
|
|
Joomla! Component MediaLibrary Basic 3.5 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-22
|
|
Joomla! Component BookLibrary 3.6.1 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-22
|
|
Joomla! Component RealEstateManager 3.9 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-02-22
|
|
Joomla! Component VehicleManager 3.9 - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-02-22
|
|
Joomla! Component ContentMap 1.3.8 - 'contentid' SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-01-31
|
|
AlienVault OSSIM/USM < 5.3.1 - Remote Code Execution (Metasploit)
|
2 |
WEB
|
Mehmet Ince
|
|
2016-12-24
|
|
Sonicwall 8.1.0.2-14sv - 'viewcert.cgi' Remote Command Injection (Metasploit)
|
2 |
WEB
|
xort
|
|
2016-12-25
|
|
Sonicwall 8.1.0.2-14sv - 'extensionsettings.cgi' Remote Command Injection (Metasploit)
|
2 |
WEB
|
xort
|
|
2016-12-12
|
|
Sophos Web Appliance 4.2.1.3 - DiagnosticTools Remote Command Injection (Metasploit)
|
2 |
WEB
|
xort
|
|
2016-12-12
|
|
Sophos Web Appliance 4.2.1.3 - block/unblock Remote Command Injection (Metasploit)
|
3 |
WEB
|
xort
|
|
2017-02-21
|
|
Joomla! Component AppointmentBookingPro 4.0.1 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
