|
2012-02-15
|
|
LEPTON 1.1.3 - Cross-Site Scripting
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2012-02-15
|
|
11in1 CMS 1.2.1 - Cross-Site Request Forgery (Admin Password)
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2012-02-15
|
|
11in1 CMS 1.2.1 - '/admin/index.php?class' Traversal Local File Inclusion
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2012-02-15
|
|
11in1 CMS 1.2.1 - 'index.php?class' Traversal Local File Inclusion
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2015-04-16
|
|
WordPress Plugin Ajax Store Locator 1.2 - SQL Injection
|
3 |
WEB
|
Claudio Viviani
|
|
2015-04-15
|
|
WordPress Plugin MiwoFTP 1.0.5 - Arbitrary File Download (1)
|
3 |
WEB
|
Necmettin COSKUN
|
|
2012-02-13
|
|
EditWrxLite CMS - 'wrx.cgi' Remote Command Execution
|
3 |
WEB
|
chippy1337
|
|
2012-02-13
|
|
STHS v2 Web Portal - 'team.php?team' SQL Injection
|
3 |
WEB
|
Liyan Oz
|
|
2012-02-13
|
|
STHS v2 Web Portal - 'prospect.php?team' SQL Injection
|
3 |
WEB
|
Liyan Oz
|
|
2012-02-13
|
|
STHS v2 Web Portal - 'prospects.php?team' SQL Injection
|
3 |
WEB
|
Liyan Oz
|
|
2012-02-10
|
|
ProWiki - 'id' Cross-Site Scripting
|
3 |
WEB
|
sonyy
|
|
2012-02-13
|
|
Powie pFile 1.02 - '/pfile/file.php?id' SQL Injection
|
2 |
WEB
|
indoushka
|
|
2012-02-13
|
|
Powie pFile 1.02 - '/pfile/kommentar.php?filecat' Cross-Site Scripting
|
3 |
WEB
|
indoushka
|
|
2012-02-13
|
|
SMW+ 1.5.6 - 'target' HTML Injection
|
3 |
WEB
|
sonyy
|
|
2015-04-14
|
|
WordPress Plugin MiwoFTP 1.0.5 - Cross-Site Request Forgery / Arbitrary File Creation / Remote Code
|
3 |
WEB
|
LiquidWorm
|
|
2015-04-14
|
|
WordPress Plugin MiwoFTP 1.0.5 - Multiple Cross-Site Request Forgery / Cross-Site Scripting Vulnerab
|
3 |
WEB
|
LiquidWorm
|
|
2015-04-14
|
|
WordPress Plugin MiwoFTP 1.0.5 - Cross-Site Request Forgery / Arbitrary File Deletion
|
3 |
WEB
|
LiquidWorm
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_ag_main.php' Crafted Arbitrary File Upload /
|
2 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - '/admin/index.php?base_path' Remote File Inclusion
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - '/admin/base_useradmin.php?base_path' Remote File
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'index.php?base_path' Remote File Inclusion
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_user.php?base_path' Remote File Inclusion
|
2 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_uaddr.php?base_path' Remote File Inclus
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_time.php?base_path' Remote File Inclusi
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_sensor.php?base_path' Remote File Inclu
|
3 |
WEB
|
indoushka
|
|
2015-04-14
|
|
WordPress Plugin Video Gallery 2.8 - SQL Injection
|
2 |
WEB
|
Claudio Viviani
|
|
2015-04-13
|
|
WordPress Plugin N-Media Website Contact Form with File Upload 1.3.4 - Arbitrary File Upload (1)
|
3 |
WEB
|
Claudio Viviani
|
|
2015-04-13
|
|
Traidnt Up 3.0 - SQL Injection
|
3 |
WEB
|
Ali Trixx
|
|
2015-04-13
|
|
WordPress Plugin Duplicator 0.5.14 - SQL Injection / Cross-Site Request Forgery
|
3 |
WEB
|
Claudio Viviani
|
|
2015-04-13
|
|
WordPress Plugin WP Mobile Edition 2.7 - Remote File Disclosure
|
3 |
WEB
|
Khwanchai Kaewyos
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_ports.php?base_path' Remote File Inclus
|
2 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_iplink.php?base_path' Remote File Inclu
|
2 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_ipaddr.php?base_path' Remote File Inclu
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_common.php?base_path' Remote File Inclu
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_class.php?base_path' Remote File Inclus
|
2 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_alerts.php?base_path' Remote File Inclu
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_qry_common.php?base_path' Remote File Inclus
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_qry_alert.php?base_path' Remote File Inclusi
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_ag_main.php?base_path' Remote File Inclusion
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - '/setup/setup2.php?ado_inc_PHP' Remote File Inclus
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - '/includes/base_state_common.inc.php?GLOBALS[user_
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - '/setup/base_conf_contents.php' Multiple Remote Fi
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - '/includes/base_state_query.inc.php?base_path' Rem
|
2 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - '/includes/base_state_criteria.inc.php?base_path'
|
2 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - '/includes/base_output_query.inc.php?base_path' Re
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - '/includes/base_output_html.inc.php?base_path' Rem
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - '/includes/base_include.inc.php?base_path' Remote
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - '/includes/base_db.inc.php?base_path' Remote File
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - '/includes/base_cache.inc.php?base_path' Remote Fi
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - '/includes/base_action.inc.php?base_path' Remote F
|
2 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - '/help/base_setup_help.php?base_path' Remote File
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_payload.php?base_path' Remote File Inclusion
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_maintenance.php?base_path' Remote File Inclu
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_main.php?base_path' Remote File Inclusion
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_logout.php?base_path' Remote File Inclusion
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_local_rules.php?base_path' Remote File Inclu
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_graph_main.php?base_path' Remote File Inclus
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_graph_form.php?base_path' Remote File Inclus
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_graph_display.php?base_path' Remote File Inc
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_graph_common.php?base_path' Remote File Incl
|
4 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_db_setup.php?base_path' Remote File Inclusio
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Nova CMS - '/includes/function/usertpl.php?conf[blockfile]' Remote File Inclusion
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Nova CMS - '/includes/function/gets.php?Filename' Remote File Inclusion
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Nova CMS - '/optimizer/index.php?fileType' Remote File Inclusion
|
3 |
WEB
|
indoushka
|
|
2012-02-11
|
|
Nova CMS - '/administrator/modules/moduleslist.php?id' Remote File Inclusion
|
3 |
WEB
|
indoushka
|
|
2012-02-13
|
|
Zimbra - 'view' Cross-Site Scripting
|
3 |
WEB
|
sonyy
|
|
2012-02-12
|
|
eFront Community++ 3.6.10 - SQL Injection / Multiple HTML Injection Vulnerabilities
|
3 |
WEB
|
Benjamin Kunz Mejri
|
|
2012-02-10
|
|
RabbitWiki - 'title' Cross-Site Scripting
|
3 |
WEB
|
sonyy
|
|
2015-04-09
|
|
WordPress Plugin Windows Desktop and iPhone Photo Uploader - Arbitrary File Upload
|
3 |
WEB
|
Manish Tanwar
|
|
2000-12-19
|
|
BOA Web Server 0.94.8.2 - Arbitrary File Access
|
3 |
WEB
|
llmora
|
|
2012-02-10
|
|
Zen Cart 1.3.9h - '/path_to_admin/product.php' Cross-Site Request Forgery
|
3 |
WEB
|
DisK0nn3cT
|
|
2012-02-10
|
|
CubeCart 3.0.20 - 'switch.php?r' Arbitrary Site Redirect
|
3 |
WEB
|
Aung Khant
|
|
2012-02-10
|
|
CubeCart 3.0.20 - '/admin/login.php?goto' Arbitrary Site Redirect
|
3 |
WEB
|
Aung Khant
|
|
2012-02-10
|
|
CubeCart 3.0.20 - Multiple Script 'redir' Arbitrary Site Redirects
|
3 |
WEB
|
Aung Khant
|
|
2012-02-10
|
|
LxCenter Kloxo 6.1.10 - Multiple HTML Injection Vulnerabilities
|
3 |
WEB
|
anonymous
|
|
2012-02-10
|
|
Dolibarr ERP/CRM 3.x - '/adherents/fiche.php' SQL Injection
|
3 |
WEB
|
Benjamin Kunz Mejri
|
|
2015-04-08
|
|
Novell ZENworks Configuration Management 11.3.1 - Remote Code Execution
|
3 |
WEB
|
Pedro Ribeiro
|
|
2015-04-08
|
|
WordPress Plugin Traffic Analyzer 3.4.2 - Blind SQL Injection
|
3 |
WEB
|
Dan King
|
|
2015-04-08
|
|
Balero CMS 0.7.2 - Multiple JS/HTML Injection Vulnerabilities
|
3 |
WEB
|
LiquidWorm
|
|
2015-04-08
|
|
Balero CMS 0.7.2 - Multiple Blind SQL Injections
|
3 |
WEB
|
LiquidWorm
|
|
2015-04-08
|
|
WordPress Plugin Shareaholic 7.6.0.3 - Cross-Site Scripting
|
2 |
WEB
|
Kacper Szurek
|
|
2015-04-08
|
|
WordPress Plugin All In One WP Security & Firewall 3.9.0 - SQL Injection
|
3 |
WEB
|
Claudio Viviani
|
|
2012-02-07
|
|
eFront 3.6.10 - 'administrator.php' Cross-Site Scripting
|
3 |
WEB
|
Chokri B.A
|
|
2012-02-07
|
|
ManageEngine ADManager Plus 5.2 Build 5210 - 'domainName' Cross-Site Scripting
|
3 |
WEB
|
LiquidWorm
|
|
2012-02-07
|
|
ManageEngine ADManager Plus 5.2 Build 5210 - 'Operation' Cross-Site Scripting
|
3 |
WEB
|
LiquidWorm
|
|
2012-02-07
|
|
Simple Groupware 0.742 - 'export' Cross-Site Scripting
|
3 |
WEB
|
Infoserve Security Team
|
|
2012-02-06
|
|
Vespa 0.8.6 - 'getid3.php' Local File Inclusion
|
3 |
WEB
|
T0x!c
|
|
2012-02-03
|
|
PHP-Fusion 7.2.4 - 'weblink_id' SQL Injection
|
3 |
WEB
|
Am!r
|
|
2012-02-03
|
|
project-open 3.4.x - 'account-closed.tcl' Cross-Site Scripting
|
4 |
WEB
|
Michail Poultsakis
|
|
2012-02-02
|
|
Joomla! Component Currency Converter 1.0.0 - 'from' Cross-Site Scripting
|
3 |
WEB
|
BHG Security Center
|
|
2012-02-02
|
|
iknSupport 'search' Module - Cross-Site Scripting
|
3 |
WEB
|
Red Security TEAM
|
|
2012-02-02
|
|
Joomla! Component com_bnf - 'seccion_id' SQL Injection
|
2 |
WEB
|
Daniel Godoy
|
|
2012-02-02
|
|
GForge 5.7.1 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
sonyy
|
|
2012-02-01
|
|
phpLDAPadmin 1.2.0.5-2 - 'server_id' Cross-Site Scripting
|
2 |
WEB
|
andsarmiento
|
|
2012-02-01
|
|
phpLDAPadmin 1.2.2 - 'base' Cross-Site Scripting
|
2 |
WEB
|
andsarmiento
|
|
2012-02-01
|
|
OpenEMR 4.1 - '/Interface/fax/fax_dispatch.php?File' 'exec()' Call Arbitrary Shell Command Execution
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2012-02-01
|
|
OpenEMR 4.1 - '/contrib/acog/print_form.php?formname' Traversal Local File Inclusion
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2012-02-01
|
|
OpenEMR 4.1 - '/Interface/patient_file/encounter/load_form.php?formname' Traversal Local File Inclus
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2012-02-01
|
|
OpenEMR 4.1 - '/Interface/patient_file/encounter/trend_form.php?formname' Traversal Local File Inclu
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2012-01-21
|
|
Lead Capture - 'login.php' Script Cross-Site Scripting
|
1 |
WEB
|
HashoR
|
|
2012-01-28
|
|
Joomla! Component com_cmotour - 'id' SQL Injection
|
2 |
WEB
|
the_cyber_nuxbie
|
|
2012-01-31
|
|
4Images 1.7.10 - '/admin/index.php?redirect' Arbitrary Site Redirect
|
3 |
WEB
|
RandomStorm
|
|
2012-01-31
|
|
4Images 1.7.10 - '/admin/categories.php?cat_parent_id' Cross-Site Scripting
|
2 |
WEB
|
RandomStorm
|
|
2012-01-31
|
|
4Images 1.7.10 - '/admin/categories.php?cat_parent_id' SQL Injection
|
2 |
WEB
|
RandomStorm
|
|
2012-01-30
|
|
Joomla! Component com_bbs - Multiple SQL Injections
|
2 |
WEB
|
the_cyber_nuxbie
|
|
2015-04-05
|
|
u-Auctions - Multiple Vulnerabilities
|
2 |
WEB
|
*Don*
|
|
2015-04-05
|
|
WordPress Plugin Work The Flow File Upload 2.5.2 - Arbitrary File Upload
|
3 |
WEB
|
Claudio Viviani
|
|
2012-01-30
|
|
Joomla! Component com_propertylab - 'id' SQL Injection
|
3 |
WEB
|
the_cyber_nuxbie
|
|
2012-01-31
|
|
Joomla! Component com_crhotels - 'catid' SQL Injection
|
3 |
WEB
|
the_cyber_nuxbie
|
|
2012-01-30
|
|
Joomla! Component com_firmy - 'Id' SQL Injection
|
3 |
WEB
|
the_cyber_nuxbie
|
|
2012-01-28
|
|
Joomla! Component com_visa - Local File Inclusion / SQL Injection
|
2 |
WEB
|
the_cyber_nuxbie
|
|
2012-01-26
|
|
xClick Cart 1.0.x - 'shopping_url' Cross-Site Scripting
|
3 |
WEB
|
sonyy
|
|
2012-01-26
|
|
WordPress Plugin Slideshow Gallery 1.1.x - 'border' Cross-Site Scripting
|
3 |
WEB
|
Bret Hawk
|
|
2012-01-26
|
|
Joomla! Component com_products - Multiple SQL Injections
|
2 |
WEB
|
the_cyber_nuxbie
|
|
2012-01-26
|
|
Joomla! Component com_motor - 'cid' SQL Injection
|
3 |
WEB
|
the_cyber_nuxbie
|
|
2012-01-25
|
|
vBadvanced CMPS 3.2.2 - 'vba_cmps_include_bottom.php' Remote File Inclusion
|
3 |
WEB
|
PacketiK
|
|
2012-01-25
|
|
DClassifieds 0.1 final - Cross-Site Request Forgery
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2012-01-25
|
|
OSClass 2.3.3 - 'index.php?getParam()' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2012-01-25
|
|
OSClass 2.3.3 - 'index.php?sCategory' SQL Injection
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2012-01-24
|
|
Joomla! Component JE Story Submit - 'index.php' Arbitrary File Upload
|
3 |
WEB
|
Robert Cooper
|
|
2012-01-24
|
|
Ultimate Locator - 'radius' SQL Injection
|
3 |
WEB
|
Robert Cooper
|
|
2012-01-24
|
|
glFusion 1.x - SQL Injection
|
3 |
WEB
|
KedAns-Dz
|
|
2012-01-24
|
|
WordPress Plugin YouSayToo auto-publishing 1.0 - 'submit' Cross-Site Scripting
|
3 |
WEB
|
H4ckCity Security Team
|
|
2015-04-02
|
|
Ericsson Drutt MSDP (Instance Monitor) - Directory Traversal
|
2 |
WEB
|
Anastasios Monachos
|
|
2015-04-02
|
|
WordPress Plugin VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload
|
2 |
WEB
|
Larry W. Cashdollar
|
