|
2015-03-30
|
|
Joomla! Component com_gallery_wd - SQL Injection
|
1 |
WEB
|
CrashBandicot
|
|
2015-03-30
|
|
WordPress Plugin aspose-doc-exporter 1.0 - Arbitrary File Download
|
1 |
WEB
|
ACC3SS
|
|
2015-03-30
|
|
WordPress Plugin Slider REvolution 4.1.4 - Arbitrary File Download
|
2 |
WEB
|
Claudio Viviani
|
|
2015-03-30
|
|
JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution
|
1 |
WEB
|
ikki
|
|
2012-01-16
|
|
BoltWire 3.4.16 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Stefan Schurtz
|
|
2012-01-15
|
|
PHP Ringtone Website - 'ringtones.php' Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Atmon3r
|
|
2012-01-16
|
|
PHP Membership Site Manager Script 2.1 - 'index.php' Cross-Site Scripting
|
2 |
WEB
|
Atmon3r
|
|
2012-01-12
|
|
Joomla! Component com_contushdvideoshare 1.3 - 'id' SQL Injection
|
2 |
WEB
|
Lazmania61
|
|
2012-01-13
|
|
Contus Job Portal - 'Category' SQL Injection
|
2 |
WEB
|
Lazmania61
|
|
2012-01-12
|
|
MailEnable 6.02 - 'ForgottonPassword.aspx' Cross-Site Scripting
|
2 |
WEB
|
Sajjad Pourali
|
|
2012-01-11
|
|
Kayako SupportSuite 3.x - Multiple Vulnerabilities
|
2 |
WEB
|
Yuri Goltsev
|
|
2012-01-11
|
|
KnowledgeTree 3.x - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2012-01-10
|
|
PHP-Fusion 7.2.4 - 'downloads.php' Cross-Site Scripting
|
2 |
WEB
|
Am!r
|
|
2012-01-10
|
|
WordPress Plugin Age Verification 0.4 - 'redirect_to' Open Redirection
|
1 |
WEB
|
Gianluca Brindisi
|
|
2012-01-09
|
|
Advanced File Management 1.4 - 'users.php' Cross-Site Scripting
|
2 |
WEB
|
Am!r
|
|
2012-01-09
|
|
Gregarius 0.6.1 - Multiple SQL Injections / Cross-Site Scripting
|
2 |
WEB
|
sonyy
|
|
2012-01-09
|
|
Marinet CMS - 'gallery.php?id' SQL Injection
|
2 |
WEB
|
H4ckCity Security Team
|
|
2012-01-09
|
|
Marinet CMS - 'galleryphoto.php?id' SQL Injection
|
3 |
WEB
|
H4ckCity Security Team
|
|
2012-01-09
|
|
Marinet CMS - 'room2.php?roomid' SQL Injection
|
0 |
WEB
|
H4ckCity Security Team
|
|
2012-01-09
|
|
Clipbucket 2.6 - 'channels.php?time' SQL Injection
|
0 |
WEB
|
YaDoY666
|
|
2012-01-09
|
|
Clipbucket 2.6 - 'videos.php?time' SQL Injection
|
1 |
WEB
|
YaDoY666
|
|
2012-01-09
|
|
Clipbucket 2.6 - 'view_item.php?type' Cross-Site Scripting
|
2 |
WEB
|
YaDoY666
|
|
2012-01-09
|
|
Clipbucket 2.6 - 'view_collection.php?type' Cross-Site Scripting
|
1 |
WEB
|
YaDoY666
|
|
2012-01-09
|
|
Clipbucket 2.6 - 'videos.php?cat' Cross-Site Scripting
|
1 |
WEB
|
YaDoY666
|
|
2012-01-09
|
|
Clipbucket 2.6 - 'search_result.php?query' Cross-Site Scripting
|
2 |
WEB
|
YaDoY666
|
|
2012-01-09
|
|
Clipbucket 2.6 - 'groups.php?cat' Cross-Site Scripting
|
2 |
WEB
|
YaDoY666
|
|
2012-01-09
|
|
Clipbucket 2.6 - 'collections.php?cat' Cross-Site Scripting
|
3 |
WEB
|
YaDoY666
|
|
2012-01-09
|
|
Clipbucket 2.6 - 'channels.php?cat' Cross-Site Scripting
|
2 |
WEB
|
YaDoY666
|
|
2012-01-07
|
|
Atar2b CMS 4.0.1 - 'pageE.php?id' SQL Injection
|
2 |
WEB
|
BHG Security Center
|
|
2012-01-07
|
|
Atar2b CMS 4.0.1 - 'pageH.php?id' SQL Injection
|
1 |
WEB
|
BHG Security Center
|
|
2012-01-07
|
|
Atar2b CMS 4.0.1 - 'gallery_e.php?id' SQL Injection
|
2 |
WEB
|
BHG Security Center
|
|
2015-03-27
|
|
Berta CMS - Arbitrary File Upload
|
2 |
WEB
|
Simon Waters
|
|
2012-01-07
|
|
DIGIT CMS 1.0.7 - Cross-Site Scripting / SQL Injection
|
2 |
WEB
|
BHG Security Center
|
|
2012-01-06
|
|
eFront 3.6.10 - 'download' Directory Traversal
|
2 |
WEB
|
Chokri B.A
|
|
2012-01-05
|
|
SQLiteManager 1.2.4 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Stefan Schurtz
|
|
2012-01-05
|
|
SQLiteManager 1.2.4 - 'main.php?dbsel' Cross-Site Scripting
|
2 |
WEB
|
Stefan Schurtz
|
|
2012-01-05
|
|
VertrigoServ 2.25 - 'extensions.php' Script Cross-Site Scripting
|
2 |
WEB
|
Stefan Schurtz
|
|
2015-03-26
|
|
pfSense 2.2 - Multiple Vulnerabilities
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2012-01-04
|
|
StatIt 4 - 'statistik.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
sonyy
|
|
2012-01-05
|
|
Yaws-Wiki 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
|
2 |
WEB
|
SiteWatch
|
|
2012-01-04
|
|
UBBCentral UBB.Threads 7.5.6 - 'Username' Cross-Site Scripting
|
1 |
WEB
|
sonyy
|
|
2011-12-29
|
|
Pligg CMS 1.1.4 - 'SERVER[php_self]' Cross-Site Scripting
|
1 |
WEB
|
SiteWatch
|
|
2011-12-29
|
|
Pligg CMS 1.1.2 - 'status' SQL Injection
|
1 |
WEB
|
SiteWatch
|
|
2012-01-04
|
|
Limny 3.0.1 - 'login.php' Script Cross-Site Scripting
|
0 |
WEB
|
Gjoko Krstic
|
|
2012-01-04
|
|
Orchard 1.3.9 - 'ReturnUrl' Open Redirection
|
0 |
WEB
|
Mesut Timur
|
|
2012-01-04
|
|
GraphicsClone Script - 'term' Cross-Site Scripting
|
3 |
WEB
|
Mr.PaPaRoSSe
|
|
2015-03-25
|
|
WordPress Plugin Marketplace 2.4.0 - Remote Code Execution (Add Admin)
|
1 |
WEB
|
Claudio Viviani
|
|
2012-01-04
|
|
TextPattern 4.4.1 - 'ddb' Cross-Site Scripting
|
0 |
WEB
|
Jonathan Claudius
|
|
2012-01-03
|
|
WordPress Plugin WHOIS 1.4.2 3 - 'domain' Cross-Site Scripting
|
1 |
WEB
|
Atmon3r
|
|
2012-01-03
|
|
WordPress Plugin Comment Rating 2.9.20 - 'path' Cross-Site Scripting
|
0 |
WEB
|
The Evil Thinker
|
|
2012-01-03
|
|
Tienda Virtual - 'art_detalle.php' SQL Injection
|
1 |
WEB
|
Arturo Zamora
|
|
2012-01-02
|
|
FuseTalk Forums 3.2 - 'windowed' Cross-Site Scripting
|
1 |
WEB
|
sonyy
|
|
2011-01-01
|
|
PHPB2B 4.1 - 'q' Cross-Site Scripting
|
1 |
WEB
|
H4ckCity Security Team
|
|
2012-01-01
|
|
WordPress Plugin WP Live.php 1.2.1 - 's' Cross-Site Scripting
|
1 |
WEB
|
H4ckCity Security Team
|
|
2012-01-01
|
|
Siena CMS 1.242 - 'err' Cross-Site Scripting
|
1 |
WEB
|
Net.Edit0r
|
|
2011-12-31
|
|
WordPress Plugin TheCartPress 1.6 - 'OptionsPostsList.php' Cross-Site Scripting
|
1 |
WEB
|
6Scan
|
|
2015-03-24
|
|
WordPress Plugin InBoundio Marketing 1.0 - Arbitrary File Upload
|
2 |
WEB
|
KedAns-Dz
|
|
2011-12-21
|
|
epesi BIM 1.2 rev 8154 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2011-12-20
|
|
Cyberoam UTM 10 - 'tableid' SQL Injection
|
2 |
WEB
|
Benjamin Kunz Mejri
|
|
2011-12-20
|
|
Joomla! Component com_caproductprices - 'id' SQL Injection
|
2 |
WEB
|
CoBRa_21
|
|
2011-12-20
|
|
PHPShop CMS 3.4 - Multiple Cross-Site Scripting / SQL Injections
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-12-20
|
|
Tiki Wiki CMS Groupware 8.1 - 'show_errors' HTML Injection
|
2 |
WEB
|
Stefan Schurtz
|
|
2011-12-20
|
|
Joomla! Component com_tsonymf - 'idofitem' SQL Injection
|
0 |
WEB
|
CoBRa_21
|
|
2011-12-19
|
|
PHP Booking Calendar 10e - 'page_info_message' Cross-Site Scripting
|
2 |
WEB
|
G13
|
|
2015-03-22
|
|
WordPress Plugin Marketplace 2.4.0 - Arbitrary File Download
|
1 |
WEB
|
Kacper Szurek
|
|
2015-03-22
|
|
Joomla! Component Spider FAQ - SQL Injection
|
2 |
WEB
|
Manish Tanwar
|
|
2015-03-21
|
|
Telescope 0.9.2 - Markdown Persistent Cross-Site Scripting
|
3 |
WEB
|
shubs
|
|
2011-12-18
|
|
Video Community Portal - 'userID' SQL Injection
|
3 |
WEB
|
Lazmania61
|
|
2011-12-17
|
|
Social Network Community 2 - 'userID' SQL Injection
|
3 |
WEB
|
Lazmania61
|
|
2011-12-17
|
|
Flirt-Projekt 4.8 - 'rub' SQL Injection
|
2 |
WEB
|
Lazmania61
|
|
2011-12-15
|
|
Websense 7.6 Products - 'favorites.exe' Authentication Bypass
|
2 |
WEB
|
Ben Williams
|
|
2011-12-15
|
|
Websense 7.6 Triton - 'ws_irpt.exe' Remote Command Execution
|
2 |
WEB
|
Ben Williams
|
|
2011-12-15
|
|
Websense 7.6 - Triton Report Management Interface Cross-Site Scripting
|
2 |
WEB
|
Ben Williams
|
|
2011-12-15
|
|
Owl Intranet Engine 1.00 - 'userid' Authentication Bypass
|
2 |
WEB
|
RedTeam Pentesting GmbH
|
|
2011-12-14
|
|
BrowserCRM 5.100.1 - 'login[]' Cross-Site Scripting
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-12-14
|
|
BrowserCRM 5.100.1 - 'clients.php' Cross-Site Scripting
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-12-14
|
|
BrowserCRM 5.100.1 - 'framed' Cross-Site Scripting
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-12-14
|
|
BrowserCRM 5.100.1 - URI Cross-Site Scripting
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2011-12-14
|
|
BrowserCRM 5.100.1 - 'contact_id' SQL Injection
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2011-12-14
|
|
BrowserCRM 5.100.1 - 'parent_id' SQL Injection
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-12-14
|
|
Pulse Pro 1.7.2 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Avram Marius
|
|
2011-12-16
|
|
Fork CMS 3.1.5 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Avram Marius
|
|
2011-12-31
|
|
WordPress Plugin The Welcomizer 1.3.9.4 - 'twiz-index.php' Cross-Site Scripting
|
3 |
WEB
|
Am!r
|
|
2011-12-13
|
|
WordPress Plugin flash-album-gallery - 'flagshow.php' Cross-Site Scripting
|
2 |
WEB
|
Am!r
|
|
2015-03-19
|
|
Citrix Nitro SDK - Command Injection
|
3 |
WEB
|
Han Sahin
|
|
2015-03-19
|
|
Citrix Command Center - Credential Disclosure
|
3 |
WEB
|
Han Sahin
|
|
2015-03-19
|
|
EMC M&R (Watch4net) - Directory Traversal
|
2 |
WEB
|
Han Sahin
|
|
2015-03-19
|
|
Joomla! Component ECommerce-WD 1.2.5 - SQL Injection
|
4 |
WEB
|
Brandon Perry
|
|
2015-03-19
|
|
EMC M&R (Watch4net) - Credential Disclosure
|
3 |
WEB
|
Han Sahin
|
|
2015-03-19
|
|
Chamilo LMS 1.9.10 - Multiple Vulnerabilities
|
2 |
WEB
|
Rehan Ahmed
|
|
2011-12-12
|
|
WordPress Plugin GRAND FlAGallery 1.57 - 'flagshow.php' Cross-Site Scripting
|
3 |
WEB
|
Am!r
|
|
2011-12-09
|
|
Pet Listing - 'preview.php' Cross-Site Scripting
|
2 |
WEB
|
Mr.PaPaRoSSe
|
|
2015-03-18
|
|
Websense Appliance Manager - Command Injection
|
3 |
WEB
|
Han Sahin
|
|
2015-03-17
|
|
Metasploit Project < 4.11.1 - Initial User Creation Cross-Site Request Forgery (Metasploit)
|
4 |
WEB
|
Mohamed Abdelbaset Elnoby
|
|
2015-03-17
|
|
Moodle 2.5.9/2.6.8/2.7.5/2.8.3 - Block Title Handler Cross-Site Scripting
|
3 |
WEB
|
LiquidWorm
|
|
2015-03-16
|
|
WordPress Plugin WPML 3.1.9 - Multiple Vulnerabilities
|
3 |
WEB
|
Jouko Pynnonen
|
|
2015-03-16
|
|
WordPress Plugin SEO by Yoast 1.7.3.3 - Blind SQL Injection
|
3 |
WEB
|
Ryan Dewhurst
|
|
2011-12-06
|
|
Simple Machines Forum (SMF) 1.1.15 - 'fckeditor' Arbitrary File Upload
|
3 |
WEB
|
HELLBOY
|
|
2011-12-06
|
|
WordPress Plugin Pretty Link 1.5.2 - 'pretty-bar.php' Cross-Site Scripting
|
3 |
WEB
|
Am!r
|
|
2011-12-05
|
|
Elxis CMS 2009 - 'administrator/index.php' URI Cross-Site Scripting
|
4 |
WEB
|
Ewerson Guimaraes
|
|
2011-12-05
|
|
Elxis CMS 2009 - 'index.php?task' Cross-Site Scripting
|
2 |
WEB
|
Ewerson Guimaraes
|
|
2011-12-01
|
|
Hero 3.69 - 'month' Cross-Site Scripting
|
3 |
WEB
|
Gjoko Krstic
|
|
2011-12-01
|
|
AtMail 1.04 - 'func' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Dognædis
|
|
2015-03-16
|
|
Smart PHP Poll - Authentication Bypass
|
3 |
WEB
|
Mr.tro0oqy yemen
|
|
2015-03-16
|
|
Joomla! Component com_simplephotogallery 1.0 - SQL Injection
|
1 |
WEB
|
Moneer Masoud
|
|
2011-11-30
|
|
SugarCRM Community Edition 6.3.0RC1 - 'index.php' Multiple SQL Injections
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-11-30
|
|
WordPress Plugin flash-album-gallery - 'facebook.php' Cross-Site Scripting
|
2 |
WEB
|
Am!r
|
|
2011-11-30
|
|
WordPress Plugin 1-jquery-photo-gallery-Slideshow-flash 1.01 - Cross-Site Scripting
|
1 |
WEB
|
Am!r
|
|
2011-11-30
|
|
OrangeHRM 2.6.11 - '/lib/controllers/CentralController.php?id' SQL Injection
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2011-11-30
|
|
OrangeHRM 2.6.11 - 'lib/controllers/CentralController.php' URI Cross-Site Scripting
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-11-30
|
|
OrangeHRM 2.6.11 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-11-29
|
|
Virtual Vertex Muster 6.1.6 - Web Interface Directory Traversal
|
3 |
WEB
|
Nick Freeman
|
|
2015-03-08
|
|
WordPress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload
|
3 |
WEB
|
CrashBandicot
|
|
2015-03-10
|
|
Joomla! Component com_simplephotogallery 1.0 - Arbitrary File Upload
|
3 |
WEB
|
CrashBandicot
|
|
2015-03-04
|
|
WordPress Theme DesignFolio Plus 1.2 - Arbitrary File Upload
|
3 |
WEB
|
CrashBandicot
|
|
2015-03-12
|
|
Codiad 2.5.3 - Local File Inclusion
|
3 |
WEB
|
TUNISIAN CYBER
|
|
2015-03-12
|
|
Citrix Netscaler NS10.5 - WAF Bypass (Via HTTP Header Pollution)
|
4 |
WEB
|
BGA Security
|
|
2015-03-13
|
|
WoltLab Community Gallery - Persistent Cross-Site Scripting
|
3 |
WEB
|
ITAS Team
|
|
2011-11-28
|
|
Manx 1.0.1 - '/admin/admin_pages.php?Filename' Traversal Arbitrary File Access
|
3 |
WEB
|
LiquidWorm
|
|
2011-11-28
|
|
Manx 1.0.1 - '/admin/admin_blocks.php?Filename' Traversal Arbitrary File Access
|
3 |
WEB
|
LiquidWorm
|
|
2011-11-28
|
|
Manx 1.0.1 - '/admin/tiny_mce/plugins/ajaxfilemanager_OLD/ajax_get_file_listing.php' Multiple Cross-
|
3 |
WEB
|
LiquidWorm
|
|
2011-11-28
|
|
Manx 1.0.1 - '/admin/tiny_mce/plugins/ajaxfilemanager/ajax_get_file_listing.php' Multiple Cross-Site
|
2 |
WEB
|
LiquidWorm
|
|
2011-11-28
|
|
WordPress Plugin Skysa App Bar - 'idnews' Cross-Site Scripting
|
1 |
WEB
|
Amir
|
|
2011-11-26
|
|
eSyndiCat Pro 2.3.5 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
d3v1l
|
|
2015-03-11
|
|
CS-Cart 4.2.4 - Cross-Site Request Forgery
|
2 |
WEB
|
Luis Santana
|
