|
2017-01-17
|
|
Courier Management System - SQL Injection
|
4 |
WEB
|
Sibusiso Sishi
|
|
2017-01-18
|
|
Study Abroad Educational Website Script - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Shiksha Educational Website Script - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Online Tshirt Design Script - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Online Printing Business Clone Script - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Clone of Oddee Script 1.1.3 - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Online Mobile Recharge Script - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Questions and Answers Script 1.1.3 - 'id' SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
NGO Website Script - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Yoga and Fitness Website Script - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
NGO Directory Script - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
My Private Tutor Website Builder Script - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Micro Blog Script - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Manufacturer Website Design Script - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Dentist Website Script - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Buy and Sell Market Place Software - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Business Directory Script - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Justdial Clone Script - Authentication Bypass
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Finance Website Script - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Wetransfer Clone Script - Authentication Bypass
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Auction Website Script - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Fileserve Clone Script - Authentication Bypass
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-18
|
|
Medical Clinic Website Script - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-17
|
|
Openexpert 0.5.17 - 'area_id' SQL Injection
|
3 |
WEB
|
Nassim Asrir
|
|
2017-01-17
|
|
Check Box 2016 Q2 Survey - Multiple Vulnerabilities
|
5 |
WEB
|
Fady Mohammed Osman
|
|
2017-01-17
|
|
BoZoN 2.4 - Remote Code Execution
|
4 |
WEB
|
hyp3rlinx
|
|
2017-01-17
|
|
dirLIST 0.3.0 - Arbitrary File Upload
|
3 |
WEB
|
hyp3rlinx
|
|
2017-01-08
|
|
ManagEnegine ADManager Plus 6.5.40 - Multiple Vulnerabilities
|
5 |
WEB
|
Mehmet Ince
|
|
2017-01-16
|
|
Million Pixels 3 - Authentication Bypass
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-16
|
|
Image Sharing Script 4.13 - Multiple Vulnerabilities
|
5 |
WEB
|
Hasan Emre Ozer
|
|
2017-01-16
|
|
Tenda ADSL2/2+ Modem D840R - DNS Change
|
5 |
WEB
|
Todor Donev
|
|
2017-01-16
|
|
Pirelli DRG A115 ADSL Router - DNS Change
|
5 |
WEB
|
Todor Donev
|
|
2017-01-16
|
|
Business Networking Script 8.11 - SQL Injection / Cross-Site Scripting
|
4 |
WEB
|
Ahmet Gurel
|
|
2017-01-12
|
|
Huawei Flybox B660 - Cross-Site Request Forgery (2)
|
5 |
WEB
|
Vulnerability-Lab
|
|
2017-01-15
|
|
MC Documentation Creator Script - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
MC Coming Soon Script - Arbitrary File Upload / Improper Access Restrictions
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
MC Inventory Manager Script - Multiple Vulnerabilities
|
5 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
MC Hosting Coupons Script - Cross-Site Request Forgery
|
5 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
MC Real Estate Pro Script - Improper Access Restrictions
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
MC Yellow Pages Script - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
MC Buy and Sell Cars Script 1.1 - SQL Injection
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
MC Smart Shop Script - SQL Injection
|
5 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
e-Soft24 Jokes Portal Script Seo 1.3 - Authentication Bypass
|
5 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
Article Directory Script Seo 3.2 - Improper Access Restrictions
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-15
|
|
9 Network Linkedin Clone Script - Improper Access Restrictions
|
5 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Courier Business Website Script - Authentication Bypass
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Professional Service Booking Script - SQL Injection
|
5 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Education Website Script - Authentication Bypass
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Inout Celebrities 1.0 Script - Improper Access Restrictions
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Inout SocialTiles 2.0 Script - Improper Access Restrictions
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Inout CareerLamp 1.0 Script - Improper Access Restrictions
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Inout QuerySpace 1.0 Script - Improper Access Restrictions
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Inout SmartDeal 1.0 Script - Improper Access Restrictions
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Inout Webmail Ultimate Edition 4.0 Script - Improper Access Restrictions
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Inout Search Engine Ultimate Edition 7.0/8.0 Script - Improper Access Restrictions
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Inout StickBoard 1.0 Script - Improper Access Restrictions
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Open Source Real-Estate Script - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Entrepreneur Matrimonial Script - Authentication Bypass
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Just Dial Marketplace - Authentication Bypass
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Hindu Matrimonial Script - Authentication Bypass
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
My Private Tutor Website Script - Authentication Bypass
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-13
|
|
Zeroshell 3.6.0/3.7.0 Net Services - Remote Code Execution
|
3 |
WEB
|
Ozer Goker
|
|
2017-01-11
|
|
ECommerce-Multi-Vendor Software - Arbitrary File Upload
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-11
|
|
ECommerce-TIBSECART - Arbitrary File Upload
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-11
|
|
Penny Auction Script - Arbitrary File Upload
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-11
|
|
Airbnb Clone Script - Arbitrary File Upload
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-11
|
|
School Management Software 2.75 - SQL Injection
|
2 |
WEB
|
Ihsan Sencan
|
|
2017-01-10
|
|
D-Link DIR-615 - Multiple Vulnerabilities
|
2 |
WEB
|
Osanda Malith Jayathissa
|
|
2017-01-11
|
|
iTechscripts Freelancer Script 5.11 - 'sk' SQL Injection
|
2 |
WEB
|
v3n0m
|
|
2017-01-12
|
|
Online Food Delivery 2.04 - Authentication Bypass
|
3 |
WEB
|
Dawid Morawski
|
|
2017-01-12
|
|
Itech Job Portal Script 9.11 - Authentication Bypass
|
3 |
WEB
|
Dawid Morawski
|
|
2017-01-11
|
|
Dating Script 3.25 - SQL Injection
|
4 |
WEB
|
Dawid Morawski
|
|
2017-01-11
|
|
Itech Movie Portal Script 7.35 - SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-11
|
|
Itech Travel Portal Script 9.33 - SQL Injection
|
5 |
WEB
|
Ihsan Sencan
|
|
2017-01-10
|
|
Huawei Flybox B660 - Cross-Site Request Forgery (1)
|
4 |
WEB
|
Vulnerability-Lab
|
|
2017-01-09
|
|
Blackboard LMS 9.1 SP14 - Cross-Site Scripting
|
3 |
WEB
|
Vulnerability-Lab
|
|
2016-12-29
|
|
b2evolution 6.8.2 - Arbitrary File Upload
|
3 |
WEB
|
Li Fei
|
|
2017-01-11
|
|
My Link Trader 1.1 - 'id' SQL Injection
|
3 |
WEB
|
Dawid Morawski
|
|
2017-01-11
|
|
Starting Page 1.3 - 'category' SQL Injection
|
3 |
WEB
|
Ben Lee
|
|
2017-01-10
|
|
FMyLife Clone Script (Pro Edition) 1.1 - Cross-Site Request Forgery (Add Admin)
|
4 |
WEB
|
Ihsan Sencan
|
|
2017-01-10
|
|
WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 - Privilege Escalation
|
3 |
WEB
|
Kacper Szurek
|
|
2016-12-23
|
|
Freepbx < 2.11.1.5 - Remote Code Execution
|
3 |
WEB
|
inj3ctor3
|
|
2017-01-10
|
|
Starting Page 1.3 - 'linkid' SQL Injection
|
2 |
WEB
|
JaMbA
|
|
2017-01-09
|
|
Friends in War Make or Break 1.7 - 'imgid' SQL Injection
|
4 |
WEB
|
v3n0m
|
|
2017-01-09
|
|
My PHP Dating 2.0 - 'id' SQL Injection
|
3 |
WEB
|
Sniper Pex
|
|
2017-01-09
|
|
My PHP Dating 2.0 - 'path' SQL Injection
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-07
|
|
My Link Trader 1.1 - Authentication Bypass
|
3 |
WEB
|
Ihsan Sencan
|
|
2017-01-07
|
|
Splunk 6.1.1 - 'Referer' Header Cross-Site Scripting
|
3 |
WEB
|
justpentest
|
|
2017-01-04
|
|
Atlassian Confluence < 5.10.6 - Persistent Cross-Site Scripting
|
3 |
WEB
|
Jodson Santos
|
|
2017-01-03
|
|
My Click Counter 1.0 - Authentication Bypass
|
3 |
WEB
|
Adam
|
|
2017-01-02
|
|
PHPMailer < 5.2.20 / SwiftMailer < 5.4.5-DEV / Zend Framework / zend-mail < 2.4.11 - 'AIO' 'PwnScrip
|
3 |
WEB
|
Dawid Golunski
|
|
2016-12-09
|
|
D-Link DI-524 - Cross-Site Request Forgery
|
3 |
WEB
|
Felipe Soares de Souza
|
|
2016-08-09
|
|
Xfinity Gateway (Technicolor DPC3941T) - Cross-Site Request Forgery
|
4 |
WEB
|
Ayushman Dutta
|
|
2016-12-30
|
|
Zend Framework / zend-mail < 2.4.11 - Remote Code Execution
|
4 |
WEB
|
Dawid Golunski
|
|
2016-12-29
|
|
Dell SonicWALL Secure Mobile Access SMA 8.1 - Cross-Site Scripting / Cross-Site Request Forgery
|
4 |
WEB
|
LiquidWorm
|
|
2016-12-29
|
|
Dell SonicWALL Global Management System GMS 8.1 - Blind SQL Injection
|
3 |
WEB
|
LiquidWorm
|
|
2016-12-29
|
|
WordPress Plugin Slider Templatic Tevolution < 2.3.6 - Arbitrary File Upload
|
4 |
WEB
|
r3m1ck
|
|
2016-12-29
|
|
PHPMailer < 5.2.18 - Remote Code Execution
|
3 |
WEB
|
anarc0der
|
|
2016-12-28
|
|
Joomla! Component aWeb Cart Watching System for Virtuemart 2.6.0 - SQL Injection
|
2 |
WEB
|
qemm
|
|
2016-12-28
|
|
SwiftMailer < 5.4.5-DEV - Remote Code Execution
|
3 |
WEB
|
Dawid Golunski
|
|
2016-12-28
|
|
WordPress Plugin Simply Poll 1.4.1 - SQL Injection
|
3 |
WEB
|
TAD GROUP
|
|
2016-12-25
|
|
PHPMailer < 5.2.18 - Remote Code Execution
|
3 |
WEB
|
Dawid Golunski
|
|
2016-12-27
|
|
PHPMailer < 5.2.20 - Remote Code Execution
|
2 |
WEB
|
Dawid Golunski
|
|
2016-12-26
|
|
PHPMailer < 5.2.18 - Remote Code Execution
|
2 |
WEB
|
Dawid Golunski
|
|
2016-12-26
|
|
Joomla! Component Blog Calendar - SQL Injection
|
3 |
WEB
|
X-Cisadane
|
|
2016-12-23
|
|
Apache mod_session_crypto - Padding Oracle
|
4 |
WEB
|
RedTeam Pentesting GmbH
|
|
2016-08-04
|
|
ntop-ng 2.5.160805 - Username Enumeration
|
2 |
WEB
|
Dolev Farhi
|
|
2016-12-19
|
|
WordPress Plugin 404 Redirection Manager 1.0 - SQL Injection
|
1 |
WEB
|
Ahmed Sherif
|
|
2016-12-16
|
|
WordPress Plugin WP Private Messages 1.0.1 - SQL Injection (1)
|
3 |
WEB
|
Lenon Leite
|
|
2016-12-16
|
|
WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 - SQL Injection
|
2 |
WEB
|
Lenon Leite
|
|
2016-12-16
|
|
WordPress Plugin Quiz And Survey Master 4.5.4/4.7.8 - Cross-Site Request Forgery
|
3 |
WEB
|
dxw
|
|
2016-12-16
|
|
WHMCompleteSolution (WHMCS) Addon VMPanel 2.7.4 - SQL Injection
|
4 |
WEB
|
ZwX
|
|
2016-12-13
|
|
Joomla! Component DT Register - 'cat' SQL Injection
|
4 |
WEB
|
Elar Lang
|
|
2016-12-12
|
|
WordPress Plugin Multisite Post Duplicator 0.9.5.1 - Cross-Site Request Forgery
|
4 |
WEB
|
dxw
|
|
2016-12-03
|
|
Smart Guard Network Manager 6.3.2 - SQL Injection
|
4 |
WEB
|
Rahul Raz
|
|
2016-12-11
|
|
ARG-W4 ADSL Router - Multiple Vulnerabilities
|
2 |
WEB
|
Persian Hack Team
|
|
2016-12-11
|
|
Netgear R7000 - Cross-Site Scripting
|
4 |
WEB
|
Vincent Yiu
|
|
2016-12-09
|
|
Splunk Enterprise 6.4.3 - Server-Side Request Forgery
|
2 |
WEB
|
Security-Assessment.com
|
|
2016-12-09
|
|
Roundcube 1.2.2 - Remote Code Execution
|
4 |
WEB
|
Robin Peraglie
|
|
2016-12-07
|
|
Netgear R7000 - Command Injection
|
3 |
WEB
|
Acew0rm
|
|
2016-12-07
|
|
Cisco Unified Communications Manager 7/8/9 - Directory Traversal
|
3 |
WEB
|
justpentest
|
|
2016-12-06
|
|
Edge SkateShop - Authentication bypass
|
4 |
WEB
|
Delilah
|
|
2016-12-06
|
|
AbanteCart 1.2.7 - Cross-Site Scripting
|
3 |
WEB
|
Kacper Szurek
|
|
2016-12-05
|
|
WordPress Plugin Single Personal Message 1.0.3 - SQL Injection
|
4 |
WEB
|
Lenon Leite
|
|
2016-12-02
|
|
Xfinity Gateway - Remote Code Execution
|
3 |
WEB
|
Gregory Smiley
|
