|
2017-02-10
|
|
QWIKIA 1.1.1 - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
Multilanguage Estate Agency Pro 1.2 - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
D-Link DIR-600M - Cross-Site Request Forgery
|
3 |
WEB
|
Ajay S. Kulal
|
|
2017-02-10
|
|
Zigaform - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
Takas Classified 1.1 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
Collabo - Arbitrary File Download
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
Youtube Analytics Multi Channel 3.0 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
Gram Post 1.0 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
Tiger Post 3.0.1 - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-10
|
|
CMS Lite 1.3.1 - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-09
|
|
EXAMPLO - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-09
|
|
Client Expert 1.0.1 - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-09
|
|
SOA School Management - 'view' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-09
|
|
Fome SMS Portal 2.0 - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-09
|
|
Sendroid 5.2 - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-09
|
|
Mobiketa 3.5 - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-08
|
|
Multi Outlets POS 3.1 - 'id' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-08
|
|
Muviko Video CMS - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-02-07
|
|
Responsive Filemanger <= 9.11.0 - Arbitrary File Disclosure
|
6 |
WEB
|
Wiswat Aswamenakul
|
|
2017-02-07
|
|
Easy File Uploader 1.2 - Arbitrary File Download
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-07
|
|
FTP Made Easy PRO 1.2 - Arbitrary File Download
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-07
|
|
Easy Web Search 3 - 'id' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-07
|
|
Easy Support Tools 1.0 - 'stt' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-07
|
|
MySQL File Uploader 1.0 - 'id' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-07
|
|
Fully Featured News CMS 1.0 - 'id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
Questions and Answers Script 2.0.0 - 'cid' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
Viral Fun Facts Sharing Script 1.1.0 - 'id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
Web Inspiration Gallery Script 1.0.0 - 'id' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
NewsBee CMS - SQL Injection
|
3 |
WEB
|
Kaan KAMIS
|
|
2017-02-06
|
|
Viral Pictures and Video Script 2.0.0 - 'id' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
Clone Script Directory Script 1.1.0 - 'cid' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
Funny Image and Video Script 2.0.0 - 'id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
Visual Link Sharing Websites Builder Script 2.1.0 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
Ultimate Viral Media Script 1.0 - 'id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
Upworthy Clone Script 1.1.0 - 'id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-06
|
|
ThisIsWhyImBroke Clone Script 4.0 - 'id' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
iScripts EasyCreate 3.2 - 'siteid' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
iScripts AutoHoster 3.0 - 'siteid' SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
Itech Job Portal Script 9.13 - Multiple Vulnerabilities
|
2 |
WEB
|
Th3GundY
|
|
2017-02-04
|
|
Alstrasoft Template Seller Pro 3.25e - 'tempid' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
Alstrasoft Forum Pay Per Post Exchange Script 2.01 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
Alstrasoft FMyLife Pro 1.02 - Cross-Site Request Forgery (Add Admin)
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
Alstrasoft Flippa Clone MarketPlace Script 4.10 - Cross-Site Request Forgery (Add Admin)
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
Alstrasoft Video Share Enterprise 4.72 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
Alstrasoft e-Friends 5.12 - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
Alstrasoft ProTaxi Enterprise 3.5 - Arbitrary File Upload
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-04
|
|
Alstrasoft EPay Enterprise 5.17 - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-02-03
|
|
Zoneminder 1.29/1.30 - Cross-Site Scripting / SQL Injection / Session Fixation / Cross-Site Request
|
3 |
WEB
|
Tim Herres
|
|
2017-02-03
|
|
Itech Multi Vendor Script 6.49 - SQL Injection
|
2 |
WEB
|
Th3GundY
|
|
2017-02-03
|
|
SlimarUSER Management 1.0 - 'id' SQL Injection
|
4 |
WEB
|
Kaan KAMIS
|
|
2017-02-02
|
|
Itech Travel Portal Script 9.35 - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-02-02
|
|
Itech Movie Portal Script 7.37 - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-02
|
|
Itech Auction Script 6.49 - 'pid' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-02
|
|
Itech News Portal Script 6.28 - 'sc' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-02
|
|
Itech Inventory Management Software 3.77 - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-02-02
|
|
Property Listing Script - 'propid' Blind SQL Injection
|
3 |
WEB
|
Kaan KAMIS
|
|
2017-02-02
|
|
WordPress Core 4.7.0/4.7.1 - Content Injection (Ruby)
|
3 |
WEB
|
Harsh Jaiswal
|
|
2017-02-02
|
|
WordPress Core 4.7.0/4.7.1 - Content Injection
|
3 |
WEB
|
leonjza
|
|
2017-02-01
|
|
LogoStore - 'query' SQL Injection
|
3 |
WEB
|
Kaan KAMIS
|
|
2017-01-28
|
|
Joomla! Component JTAG Calendar 6.2.4 - 'search' SQL Injection
|
2 |
WEB
|
Persian Hack Team
|
|
2017-01-31
|
|
Netman 204 - Backdoor Account / Password Reset
|
3 |
WEB
|
Simon Gurney
|
|
2017-01-30
|
|
Netgear Routers - Password Disclosure
|
3 |
WEB
|
Trustwave's SpiderLabs
|
|
2017-01-30
|
|
Itech Video Sharing Script 4.94 - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-30
|
|
Itech Real Estate Script 3.12 - 'id' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-30
|
|
Itech Dating Script 3.26 - 'send_gift.php' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-30
|
|
Itech Classifieds Script 7.27 - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-30
|
|
HelpDeskZ < 1.0.2 - (Authenticated) SQL Injection / Unauthorized File Download
|
3 |
WEB
|
Mariusz Poplawski
|
|
2017-01-30
|
|
Itech Video Sharing Script 4.94 - 'v' SQL Injection
|
3 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
PHP Logo Designer Script - Arbitrary File Upload
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-01-30
|
|
PHP Product Designer Script - Arbitrary File Upload
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-01-30
|
|
Itech Real Estate Script 3.12 - SQL Injection
|
2 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
Itech News Portal Script 6.28 - 'inf' SQL Injection
|
3 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
Itech Multi Vendor Script 6.49 - 'pl' SQL Injection
|
4 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
Itech Freelancer Script 5.13 - SQL Injection
|
3 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
Itech Dating Script 3.26 - SQL Injection
|
3 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
Itech Classifieds Script 7.27 - 'scat' SQL Injection
|
3 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
Itech B2B Script 4.28 - SQL Injection
|
3 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
Itech Auction Script 6.49 - 'mcid' SQL Injection
|
2 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
Caregiver Script 2.57 - SQL Injection
|
2 |
WEB
|
Kaan KAMIS
|
|
2017-01-30
|
|
PHP PEAR 1.10.1 - Arbitrary File Download
|
3 |
WEB
|
hyp3rlinx
|
|
2017-01-29
|
|
TrueConf Server 4.3.7 - Multiple Vulnerabilities
|
3 |
WEB
|
LiquidWorm
|
|
2017-01-27
|
|
WordPress Plugin Online Hotel Booking System Pro 1.0 - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-27
|
|
Online Hotel Booking System Pro 1.2 - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-27
|
|
WordPress Plugin WP Private Messages 1.0.1 - SQL Injection (2)
|
3 |
WEB
|
Lenon Leite
|
|
2017-01-27
|
|
Radisys MRF - Command Injection
|
3 |
WEB
|
Filippos Mastrogiannis
|
|
2017-01-27
|
|
Maian Weblog 4.0 - SQL Injection
|
1 |
WEB
|
Kaan KAMIS
|
|
2017-01-27
|
|
My Photo Gallery 1.0 - SQL Injection
|
3 |
WEB
|
Kaan KAMIS
|
|
2017-01-26
|
|
Polycom VVX Web Interface - Change Admin Password
|
3 |
WEB
|
Mike Brown
|
|
2017-01-26
|
|
PHPBack < 1.3.1 - SQL Injection / Cross-Site Scripting
|
3 |
WEB
|
Manish Tanwar
|
|
2017-01-26
|
|
TM RG4332 Wireless Router - Arbitrary File Disclosure
|
3 |
WEB
|
Saeid Atabaki
|
|
2017-01-26
|
|
Web Based TimeSheet Script - Authentication Bypass
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-26
|
|
KB Messages PHP Script 1.0 - Authentication Bypass
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-26
|
|
KB Login Authentication Script 1.1 - Authentication Bypass
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-26
|
|
KB Affiliate Referral Script 1.0 - Authentication Bypass
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-26
|
|
PHP PEAR HTTP_Upload 1.0.0b3 - Arbitrary File Upload
|
3 |
WEB
|
hyp3rlinx
|
|
2017-01-20
|
|
Joomla! < 3.6.4 - Admin Takeover
|
2 |
WEB
|
Charles Fol
|
|
2017-01-20
|
|
Joomla! < 2.5.2 - Admin Creation
|
1 |
WEB
|
Charles Fol
|
|
2017-01-25
|
|
Movie Portal Script 7.36 - Multiple Vulnerabilities
|
3 |
WEB
|
Marc Castejon
|
|
2017-01-20
|
|
MyBB < 1.8.3 (with PHP 5.6 < 5.6.11) - Remote Code Execution
|
3 |
WEB
|
Taoguang Chen
|
|
2017-01-24
|
|
WD My Cloud Mirror 2.11.153 - Authentication Bypass / Remote Code Execution
|
2 |
WEB
|
Kacper Szurek
|
|
2017-01-21
|
|
PageKit 1.0.10 - Password Reset
|
4 |
WEB
|
Saurabh Banawar
|
|
2017-01-22
|
|
NTOPNG 2.4 Web Interface - Cross-Site Request Forgery
|
4 |
WEB
|
hyp3rlinx
|
|
2017-01-20
|
|
B2B Alibaba Clone Script - 'IndustryID' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-20
|
|
Mini CMS 1.1 - Authentication Bypass
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-20
|
|
Affiliate Tracking Script 1.1 - Authentication Bypass
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-20
|
|
Music Site Script 1.2 - Authentication Bypass
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-20
|
|
Job Site PHP Script 1.1 - Authentication Bypass
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-20
|
|
Mini Blog 1.1 - Authentication Bypass
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-20
|
|
ICTutors Tutoring Site Script 1.1 - Authentication Bypass
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-20
|
|
Domains Marketplace Script 1.1 - Authentication Bypass
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-20
|
|
ICGames-Games Site Script 1.2 - Authentication Bypass
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-20
|
|
Complain Management System - SQL injection
|
3 |
WEB
|
Sibusiso Sishi
|
|
2017-01-19
|
|
Classifieds Script - 'term' SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-19
|
|
Video Site Creator Script - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-01-19
|
|
Home of Viral Images_ Videos and Articles Script - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-01-19
|
|
Job Vacancy Script - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-01-19
|
|
Vine VideoSite Creator Script - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-01-19
|
|
Viral Image Sharing Script - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-01-19
|
|
Social News and Bookmarking Script - SQL Injection
|
1 |
WEB
|
Ihsan Sencan
|
|
2017-01-19
|
|
Image and Video Script - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-01-19
|
|
Viral Image & Video Sharing GagZone Script - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-01-19
|
|
Pirelli DRG A115 v3 ADSL Router - DNS Change
|
2 |
WEB
|
Todor Donev
|
|
2017-01-19
|
|
Tenda ADSL2/2+ Modem D820R - DNS Change
|
2 |
WEB
|
Todor Donev
|
|
2017-01-18
|
|
B2B Script 4.27 - SQL Injection
|
3 |
WEB
|
Dawid Morawski
|
|
2017-01-18
|
|
Flippa Website Script - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
