|
2012-05-21
|
|
PHPhq.Net phAlbum 1.5.1 - 'index.php' Cross-Site Scripting
|
1 |
WEB
|
Eyup CELIK
|
|
2012-05-22
|
|
Plogger Photo Gallery - SQL Injection
|
1 |
WEB
|
Eyup CELIK
|
|
2015-06-17
|
|
BlackCat CMS 1.1.1 - Arbitrary File Download
|
1 |
WEB
|
d4rkr0id
|
|
2015-06-16
|
|
E-Detective Lawful Interception System - Multiple Vulnerabilities
|
2 |
WEB
|
Mustafa Al-Bassam
|
|
2015-06-16
|
|
TYPO3 Extension Akronymmanager 0.5.0 - SQL Injection
|
2 |
WEB
|
RedTeam Pentesting
|
|
2015-06-16
|
|
Apexis IP CAM - Information Disclosure
|
2 |
WEB
|
Sunplace Solutions
|
|
2015-06-16
|
|
Ektron CMS 9.10 SP1 (Build 9.1.0.184.1.114) - Cross-Site Request Forgery
|
3 |
WEB
|
Jerold Hoong
|
|
2015-06-15
|
|
Milw0rm Clone Script 1.0 - '/admin/login.php' Authentication Bypass
|
2 |
WEB
|
walid naceri
|
|
2012-05-20
|
|
AZ Photo Album - Cross-Site Scripting / Arbitrary File Upload
|
2 |
WEB
|
Eyup CELIK
|
|
2015-06-12
|
|
WordPress Plugin Aviary Image Editor Addon For Gravity Forms 3.0 Beta - Arbitrary File Upload
|
3 |
WEB
|
Larry W. Cashdollar
|
|
2015-06-12
|
|
WordPress Plugin SE HTML5 Album Audio Player 1.1.0 - Directory Traversal
|
2 |
WEB
|
Larry W. Cashdollar
|
|
2015-06-12
|
|
ZCMS 1.1 - Multiple Vulnerabilities
|
1 |
WEB
|
hyp3rlinx
|
|
2015-06-12
|
|
Opsview 4.6.2 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Dolev Farhi
|
|
2015-06-12
|
|
Nakid CMS - Multiple Vulnerabilities
|
1 |
WEB
|
hyp3rlinx
|
|
2015-06-12
|
|
ClickHeat 1.14 - Cross-Site Request Forgery (Change Admin Password)
|
1 |
WEB
|
David Shanahan
|
|
2015-06-10
|
|
WordPress Plugin Encrypted Contact Form 1.0.4 - Cross-Site Request Forgery
|
1 |
WEB
|
Nitin Venkatesh
|
|
2015-06-10
|
|
AnimaGallery 2.6 - Local File Inclusion
|
1 |
WEB
|
d4rkr0id
|
|
2015-06-10
|
|
Alcatel-Lucent OmniSwitch - Cross-Site Request Forgery
|
2 |
WEB
|
RedTeam Pentesting
|
|
2015-06-10
|
|
Bonita BPM 6.5.1 - Multiple Vulnerabilities
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2015-06-10
|
|
ISPConfig 3.0.5.4p6 - Multiple Vulnerabilities
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2015-06-10
|
|
GeoVision (GeoHttpServer) Webcams - Remote File Disclosure
|
2 |
WEB
|
Viktor Minin
|
|
2015-06-10
|
|
FiverrScript - Cross-Site Request Forgery (Add Admin)
|
2 |
WEB
|
Mahmoud Gamal
|
|
2015-06-10
|
|
Pandora FMS 5.0/5.1 - Authentication Bypass
|
1 |
WEB
|
Manuel Mancera
|
|
2015-06-10
|
|
WordPress Plugin History Collection 1.1.1 - Arbitrary File Download
|
2 |
WEB
|
Kuroi'SH
|
|
2015-06-10
|
|
WordPress Plugin Paypal Currency Converter Basic For WooCommerce - File Read
|
2 |
WEB
|
Kuroi'SH
|
|
2015-06-10
|
|
WordPress Plugin RobotCPA V5 - Local File Inclusion
|
2 |
WEB
|
T3N38R15
|
|
2015-06-10
|
|
HP WebInspect 10.4 - XML External Entity Injection
|
2 |
WEB
|
Jakub Palaczynski
|
|
2015-06-09
|
|
Milw0rm Clone Script 1.0 - 'related.php?program' Blind SQL Injection
|
2 |
WEB
|
Pancaker
|
|
2015-06-08
|
|
Pasworld - 'detail.php' Blind SQL Injection
|
1 |
WEB
|
Sebastian khan
|
|
2015-06-08
|
|
WordPress Plugin WP Mobile Edition - Local File Inclusion
|
1 |
WEB
|
Ali Khalil
|
|
2015-06-08
|
|
WordPress Plugin Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities
|
1 |
WEB
|
T3N38R15
|
|
2015-06-08
|
|
D-Link DSL-526B ADSL2+ AU_2.01 - Remote DNS Change
|
1 |
WEB
|
Todor Donev
|
|
2015-06-08
|
|
D-Link DSL-2730B AU_2.01 - Authentication Bypass DNS Change
|
1 |
WEB
|
Todor Donev
|
|
2015-06-08
|
|
TP-Link TD-W8950ND ADSL2+ - Remote DNS Change
|
1 |
WEB
|
Todor Donev
|
|
2015-06-08
|
|
D-Link DSL-2780B DLink_1.01.14 - Remote DNS Change
|
1 |
WEB
|
Todor Donev
|
|
2012-05-20
|
|
Concrete5 CMS FlashUploader - Arbitrary '.SWF' File Upload
|
1 |
WEB
|
AkaStep
|
|
2012-05-20
|
|
Concrete CMS < 5.5.21 - Multiple Vulnerabilities
|
1 |
WEB
|
AkaStep
|
|
2012-05-21
|
|
Yandex.Server 2010 9.0 - 'text' Cross-Site Scripting
|
1 |
WEB
|
MustLive
|
|
2012-05-21
|
|
Acuity CMS 2.6.2 - '/admin/file_manager/browse.asp?path' Traversal Arbitrary File Access
|
1 |
WEB
|
Aung Khant
|
|
2012-05-21
|
|
Acuity CMS 2.6.2 - '/admin/file_manager/file_upload_submit.asp' Multiple Arbitrary File Upload / Cod
|
1 |
WEB
|
Aung Khant
|
|
2012-05-17
|
|
Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Security
|
1 |
WEB
|
anonymous
|
|
2012-05-03
|
|
OpenKM 5.1.7 - Cross-Site Request Forgery
|
1 |
WEB
|
Cyrill Brunschwiler
|
|
2012-05-17
|
|
PHP Address Book 7.0 - Multiple Cross-Site Scripting Vulnerabilities
|
0 |
WEB
|
Stefan Schurtz
|
|
2012-05-17
|
|
ArtiPHP 5.5.0 Neo - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
0 |
WEB
|
Gjoko Krstic
|
|
2012-05-16
|
|
Unijimpe Captcha - 'captchademo.php' Cross-Site Scripting
|
0 |
WEB
|
Daniel Godoy
|
|
2015-06-06
|
|
Broadlight Residential Gateway DI3124 - Remote DNS Change
|
1 |
WEB
|
Todor Donev
|
|
2015-06-06
|
|
WiFi HD 8.1 - Directory Traversal / Denial of Service
|
0 |
WEB
|
Wh1t3Rh1n0 (Michael Allen)
|
|
2015-06-05
|
|
WordPress Plugin Really Simple Guest Post 1.0.6 - Local File Inclusion
|
1 |
WEB
|
Kuroi'SH
|
|
2012-05-16
|
|
backupDB() 1.2.7a - 'onlyDB' Cross-Site Scripting
|
1 |
WEB
|
LiquidWorm
|
|
2012-05-16
|
|
SiliSoftware PHPThumb() 1.7.11-201108081537 - '/demo/PHPThumb.demo.random.php?dir' Cross-Site Script
|
1 |
WEB
|
Gjoko Krstic
|
|
2012-05-16
|
|
SiliSoftware PHPThumb() 1.7.11-201108081537 - '/demo/PHPThumb.demo.showpic.php?title' Cross-Site Scr
|
1 |
WEB
|
Gjoko Krstic
|
|
2012-05-16
|
|
LongTail JW Player - 'debug' Cross-Site Scripting
|
1 |
WEB
|
gainover
|
|
2012-05-15
|
|
WordPress Plugin Track That Stat 1.0.8 - Cross-Site Scripting
|
1 |
WEB
|
Heine Pedersen
|
|
2012-05-15
|
|
WordPress Plugin Soundcloud Is Gold 2.1 - 'width' Cross-Site Scripting
|
1 |
WEB
|
Heine Pedersen
|
|
2012-05-15
|
|
WordPress Plugin Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting
|
1 |
WEB
|
Heine Pedersen
|
|
2012-05-15
|
|
WordPress Plugin Sharebar 1.2.1 - SQL Injection / Cross-Site Scripting
|
1 |
WEB
|
Heine Pedersen
|
|
2015-06-04
|
|
WordPress Plugin zM Ajax Login & Register 1.0.9 - Local File Inclusion
|
1 |
WEB
|
Panagiotis Vagenas
|
|
2012-05-15
|
|
WordPress Plugin Pretty Link Lite 1.5.2 - SQL Injection / Cross-Site Scripting
|
0 |
WEB
|
Heine Pedersen
|
|
2012-05-15
|
|
WordPress Plugin WP Forum Server 1.7.3 - '/fs-admin/fs-admin.php' Multiple Cross-Site Scripting Vuln
|
1 |
WEB
|
Heine Pedersen
|
|
2012-05-15
|
|
WordPress Plugin Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Heine Pedersen
|
|
2012-05-15
|
|
WordPress Plugin GD Star Rating 1.9.16 - 'tpl_section' Cross-Site Scripting
|
1 |
WEB
|
Heine Pedersen
|
|
2012-05-15
|
|
WordPress Plugin Leaflet Maps Marker 0.0.1 - 'leaflet_marker.php?id' Cross-Site Scripting
|
1 |
WEB
|
Heine Pedersen
|
|
2012-05-15
|
|
WordPress Plugin Leaflet Maps Marker 0.0.1 - 'leaflet_layer.php?id' Cross-Site Scripting
|
1 |
WEB
|
Heine Pedersen
|
|
2012-05-15
|
|
WordPress Plugin LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Heine Pedersen
|
|
2012-05-15
|
|
WordPress Plugin Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Heine Pedersen
|
|
2015-06-03
|
|
VFront 0.99.2 - Cross-Site Request Forgery / Persistent Cross-Site Scripting
|
2 |
WEB
|
hyp3rlinx
|
|
2015-06-03
|
|
Seagate Central 2014.0410.0026-F - Remote Facebook Access Token
|
2 |
WEB
|
Jeremy Brown
|
|
2015-06-02
|
|
WordPress Plugin LeagueManager 3.9.11 - SQL Injection
|
1 |
WEB
|
javabudd
|
|
2012-05-15
|
|
WordPress Plugin NewsLetter Manager 1.0 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Heine Pedersen
|
|
2012-05-15
|
|
WordPress Plugin iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting
|
1 |
WEB
|
Heine Pedersen
|
|
2012-05-15
|
|
WordPress Plugin 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Heine Pedersen
|
|
2012-05-15
|
|
WordPress Plugin CataBlog 1.6 - 'admin.php' Cross-Site Scripting
|
1 |
WEB
|
Heine Pedersen
|
|
2012-05-15
|
|
WordPress Plugin PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Heine Pedersen
|
|
2012-05-15
|
|
WordPress Plugin Network Publisher 5.0.1 - 'networkpub_key' Cross-Site Scripting
|
2 |
WEB
|
Heine Pedersen
|
|
2015-06-01
|
|
Aruba ClearPass Policy Manager - Persistent Cross-Site Scripting
|
2 |
WEB
|
Cristiano Maruti
|
|
2015-06-01
|
|
WordPress Plugin dzs-zoomsounds 2.0 - Arbitrary File Upload
|
2 |
WEB
|
nabil chris
|
|
2012-05-15
|
|
WordPress Plugin Dynamic Widgets 1.5.1 - 'themes.php' Cross-Site Scripting
|
2 |
WEB
|
Heine Pedersen
|
|
2012-05-15
|
|
WordPress Plugin GRAND Flash Album Gallery 1.71 - 'admin.php' Cross-Site Scripting
|
2 |
WEB
|
Heine Pedersen
|
|
2012-05-13
|
|
WordPress Plugin WP-FaceThumb 0.1 - 'pagination_wp_facethum' Cross-Site Scripting
|
2 |
WEB
|
d3v1l
|
|
2015-05-29
|
|
ESC 8832 Data Controller - Multiple Vulnerabilities
|
2 |
WEB
|
Balazs Makany
|
|
2015-05-29
|
|
JSPMyAdmin 1.1 - Multiple Vulnerabilities
|
2 |
WEB
|
hyp3rlinx
|
|
2015-05-29
|
|
TCPDF Library 5.9 - Arbitrary File Deletion
|
0 |
WEB
|
Filippo Roncari
|
|
2012-05-10
|
|
Chevereto 1.91 - '/Upload/engine.php?v' Traversal Arbitrary File Enumeration
|
1 |
WEB
|
AkaStep
|
|
2012-05-10
|
|
Chevereto 1.91 - '/Upload/engine.php?v' Cross-Site Scripting
|
1 |
WEB
|
AkaStep
|
|
2012-05-09
|
|
PivotX 2.3.2 - 'ajaxhelper.php' Cross-Site Scripting
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2012-05-09
|
|
OrangeHRM 2.7 RC - 'index.php?URI' Cross-Site Scripting
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2012-05-09
|
|
OrangeHRM 2.7 RC - '/templates/hrfunct/emppop.php?sortOrder1' Cross-Site Scripting
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2012-05-09
|
|
OrangeHRM 2.7 RC - '/plugins/ajaxCalls/haltResumeHsp.php?newHspStatus' Cross-Site Scripting
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2012-05-09
|
|
OrangeHRM 2.7 RC - '/plugins/ajaxCalls/haltResumeHsp.php?hspSummaryId' SQL Injection
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2012-05-08
|
|
PHP Enter 4.1.2 - 'banners.php' PHP Code Injection
|
2 |
WEB
|
L3b-r1'z
|
|
2012-05-07
|
|
JibberBook 2.3 - 'Login_form.php' Authentication Bypass
|
2 |
WEB
|
L3b-r1'z
|
|
2012-05-07
|
|
Ramui Forum Script - 'query' Cross-Site Scripting
|
2 |
WEB
|
3spi0n
|
|
2012-05-06
|
|
Schneider Electric Telecontrol Kerweb 3.0.0/6.0.0 - 'kw.dll' HTML Injection
|
2 |
WEB
|
phocean
|
|
2012-05-07
|
|
Trombinoscope 3.x - 'photo.php' Server SQL Injection
|
2 |
WEB
|
Ramdan Yantu
|
|
2012-05-02
|
|
iGuard Security Access Control Device Firmware 3.6.7427A - Cross-Site Scripting
|
1 |
WEB
|
Usman Saeed
|
|
2012-04-27
|
|
MySQLDumper 1.24.4 - 'menu.php' PHP Remote Code Execution
|
1 |
WEB
|
AkaStep
|
|
2012-04-27
|
|
MySQLDumper 1.24.4 - 'index.php?page' Cross-Site Scripting
|
1 |
WEB
|
AkaStep
|
|
2015-05-27
|
|
WordPress Plugin Free Counter 1.1 - Persistent Cross-Site Scripting
|
1 |
WEB
|
Panagiotis Vagenas
|
|
2012-04-27
|
|
MySQLDumper 1.24.4 - 'main.php' Multiple Cross-Site Request Forgery Vulnerabilities
|
1 |
WEB
|
AkaStep
|
|
2012-04-27
|
|
MySQLDumper 1.24.4 - Multiple Script Direct Request Information Disclosures
|
1 |
WEB
|
AkaStep
|
|
2012-04-27
|
|
MySQLDumper 1.24.4 - 'filemanagement.php?f' Traversal Arbitrary File Access
|
1 |
WEB
|
AkaStep
|
|
2012-04-27
|
|
MySQLDumper 1.24.4 - 'sql.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
AkaStep
|
|
2012-04-27
|
|
MySQLDumper 1.24.4 - 'install.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
AkaStep
|
|
2012-04-27
|
|
MySQLDumper 1.24.4 - 'install.php?language' Traversal Arbitrary File Access
|
1 |
WEB
|
AkaStep
|
|
2012-04-27
|
|
MySQLDumper 1.24.4 - 'restore.php?Filename' Cross-Site Scripting
|
1 |
WEB
|
AkaStep
|
|
2012-04-30
|
|
WordPress Plugin WPsc MijnPress - 'rwflush' Cross-Site Scripting
|
1 |
WEB
|
Am!r
|
|
2012-04-28
|
|
Shawn Bradley PHP Volunteer Management 1.0.2 - 'id' SQL Injection
|
1 |
WEB
|
eidelweiss
|
|
2012-04-27
|
|
BBSXP CMS - Multiple SQL Injections
|
1 |
WEB
|
Farbod Mahini
|
|
2012-04-27
|
|
Uiga FanClub - 'p' SQL Injection
|
1 |
WEB
|
Farbod Mahini
|
|
2012-04-27
|
|
XM Forum - 'id' Multiple SQL Injections
|
1 |
WEB
|
Farbod Mahini
|
|
2012-04-27
|
|
SKYUC 3.2.1 - 'encode' Cross-Site Scripting
|
1 |
WEB
|
farbodmahini
|
|
2012-04-29
|
|
Croogo CMS 1.3.4 - Multiple HTML Injection Vulnerabilities
|
1 |
WEB
|
Chokri Ben Achor
|
|
2012-04-27
|
|
SilverStripe CMS 2.4.7 - 'install.php' PHP Code Injection
|
1 |
WEB
|
Mehmet Ince
|
|
2015-05-26
|
|
ClickHeat 1.13+ - Remote Command Execution
|
1 |
WEB
|
Calum Hutton
|
|
2015-05-26
|
|
Sendio ESP - Information Disclosure
|
1 |
WEB
|
Core Security
|
|
2015-05-26
|
|
WordPress Plugin Simple Photo Gallery 1.7.8 - Blind SQL Injection
|
1 |
WEB
|
woodspeed
|
|
2015-05-26
|
|
WordPress Plugin church_admin 0.800 - Persistent Cross-Site Scripting
|
1 |
WEB
|
woodspeed
|
|
2015-05-26
|
|
WordPress Plugin MailChimp Subscribe Forms 1.1 - Remote Code Execution
|
1 |
WEB
|
woodspeed
|
|
2015-05-26
|
|
Apache JackRabbit - WebDAV XML External Entity
|
1 |
WEB
|
Mikhail Egorov
|
|
2015-05-26
|
|
WordPress Plugin GigPress 2.3.8 - SQL Injection
|
1 |
WEB
|
Adrián M. F.
|
|
2015-05-26
|
|
WordPress Plugin Landing Pages 1.8.4 - Multiple Vulnerabilities
|
1 |
WEB
|
Adrián M. F.
|
|
2015-05-26
|
|
WordPress Plugin NewStatPress 0.9.8 - Multiple Vulnerabilities
|
1 |
WEB
|
Adrián M. F.
|
|
2015-05-26
|
|
WordPress Plugin Video Gallery 2.8 - Arbitrary Mail Relay
|
1 |
WEB
|
Claudio Viviani
|
|
2012-04-26
|
|
Quick.CMS 4.0 - 'p' Cross-Site Scripting
|
1 |
WEB
|
Jakub Galczyk
|
|
2012-04-26
|
|
gpEasy 2.3.3 - 'jsoncallback' Cross-Site Scripting
|
2 |
WEB
|
Jakub Galczyk
|
