|
2011-06-15
|
|
miniblog 1.0 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-06-14
|
|
vBTube 1.2.9 - 'vBTube.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Mr.ThieF
|
|
2015-01-20
|
|
vBulletin vBSSO Single Sign-On 1.4.14 - SQL Injection
|
3 |
WEB
|
Technidev
|
|
2015-01-21
|
|
ArticleFR CMS 3.0.5 - Arbitrary File Upload
|
3 |
WEB
|
TranDinhTien
|
|
2015-01-21
|
|
ArticleFR CMS 3.0.5 - SQL Injection
|
3 |
WEB
|
TranDinhTien
|
|
2011-06-13
|
|
PHP-Nuke 8.3 - 'upload.php' Arbitrary File Upload (2)
|
2 |
WEB
|
pentesters.ir
|
|
2011-06-13
|
|
PHP-Nuke 8.3 - 'upload.php' Arbitrary File Upload (1)
|
3 |
WEB
|
pentesters.ir
|
|
2011-06-13
|
|
Microsoft Lync Server 2010 - 'ReachJoin.aspx' Remote Command Injection
|
3 |
WEB
|
Mark Lachniet
|
|
2011-06-13
|
|
WebFileExplorer 3.6 - 'user' / 'pass' SQL Injection
|
3 |
WEB
|
pentesters.ir
|
|
2015-01-20
|
|
WordPress Plugin Pixarbay Images 2.3 - Multiple Vulnerabilities
|
3 |
WEB
|
Hans-Martin Muench
|
|
2015-01-20
|
|
RedaxScript 2.1.0 - Privilege Escalation
|
3 |
WEB
|
shyamkumar somana
|
|
2011-06-13
|
|
Joomla! Component Minitek FAQ Book 1.3 - 'id' SQL Injection
|
3 |
WEB
|
kaMtiEz
|
|
2011-06-10
|
|
Tolinet Agencia - 'id' SQL Injection
|
4 |
WEB
|
Andrea Bocchetti
|
|
2011-06-07
|
|
The Pacer Edition CMS 2.1 - 'email' Cross-Site Scripting
|
2 |
WEB
|
LiquidWorm
|
|
2011-06-08
|
|
WordPress Plugin GD Star Rating - 'votes' SQL Injection
|
2 |
WEB
|
anonymous
|
|
2011-06-07
|
|
Blog:CMS 4.2 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Stefan Schurtz
|
|
2011-06-07
|
|
Xataface 1.x - 'action' Local File Inclusion
|
2 |
WEB
|
ITSecTeam
|
|
2011-06-06
|
|
Squiz Matrix 4 - 'colour_picker.php' Cross-Site Scripting
|
2 |
WEB
|
Patrick Webster
|
|
2011-06-06
|
|
PopScript - 'index.php' Multiple Input Validation Vulnerabilities
|
2 |
WEB
|
NassRawI
|
|
2011-06-06
|
|
Multiple WordPress WooThemes Themes - 'test.php' Cross-Site Scripting
|
2 |
WEB
|
MustLive
|
|
2011-06-06
|
|
Nakid CMS 1.0.2 - 'CKEditorFuncNum' Cross-Site Scripting
|
3 |
WEB
|
AutoSec Tools
|
|
2011-06-06
|
|
Joomla! Component CCBoard - SQL Injection / Arbitrary File Upload
|
3 |
WEB
|
KedAns-Dz
|
|
2011-06-06
|
|
vBulletin vBExperience 3 - 'sortorder' Cross-Site Scripting
|
3 |
WEB
|
Mr.ThieF
|
|
2015-01-16
|
|
WordPress Plugin Pie Register 2.0.13 - Privilege Escalation
|
3 |
WEB
|
Kacper Szurek
|
|
2011-06-02
|
|
Ushahidi 2.0.1 - 'range' SQL Injection
|
3 |
WEB
|
Gjoko Krstic
|
|
2011-06-01
|
|
ARSC Really Simple Chat 3.3-rc2 - Cross-Site Scripting / Multiple SQL Injections
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-06-01
|
|
PikaCMS - Multiple Local File Disclosure Vulnerabilities
|
2 |
WEB
|
KnocKout
|
|
2011-06-01
|
|
TEDE Simplificado 1.01/S2.04 - Multiple SQL Injections
|
2 |
WEB
|
KnocKout
|
|
2011-05-31
|
|
S9Y Serendipity Freetag-plugin 3.21 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
Stefan Schurtz
|
|
2011-05-31
|
|
Kentico CMS 5.5R2.23 - 'userContextMenu_Parameter' Cross-Site Scripting
|
2 |
WEB
|
LiquidWorm
|
|
2011-05-30
|
|
Cotonti 0.9.2 - Multiple SQL Injections
|
3 |
WEB
|
KedAns-Dz
|
|
2011-05-25
|
|
BlackBoard Learn 8.0 - 'keywordraw' Cross-Site Scripting
|
3 |
WEB
|
Matt Jezorek
|
|
2011-05-25
|
|
Kryn.cms 0.9 - '_kurl' Cross-Site Scripting
|
3 |
WEB
|
AutoSec Tools
|
|
2011-05-25
|
|
Joomla! Component com_shop - SQL Injection
|
3 |
WEB
|
ThunDEr HeaD
|
|
2011-05-25
|
|
MidiCMS Website Builder - Local File Inclusion / Arbitrary File Upload
|
2 |
WEB
|
KedAns-Dz
|
|
2011-05-24
|
|
Ajax Chat 1.0 - 'ajax-chat.php' Cross-Site Scripting
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-24
|
|
phpScheduleIt 1.2.12 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-23
|
|
Joomla! Component Map Locator - 'cid' SQL Injection
|
3 |
WEB
|
FL0RiX
|
|
2011-05-19
|
|
LimeSurvey 1.85+ - 'admin.php' Cross-Site Scripting
|
3 |
WEB
|
Juan Manuel Garcia
|
|
2015-01-14
|
|
Ansible Tower 2.0.2 - Multiple Vulnerabilities
|
3 |
WEB
|
SEC Consult
|
|
2011-05-19
|
|
Andy's PHP KnowledgeBase 0.95.4 - 'step5.php' PHP Remote Code Execution
|
2 |
WEB
|
AutoSec Tools
|
|
2011-05-19
|
|
Room Juice 0.3.3 - 'display.php' Cross-Site Scripting
|
3 |
WEB
|
AutoSec Tools
|
|
2011-05-18
|
|
CiscoWorks Common Services 3.1.1 - Auditing Directory Traversal
|
2 |
WEB
|
Sense of Security
|
|
2015-01-13
|
|
Foxit MobilePDF 4.4.0 iOS - Multiple Vulnerabilities
|
3 |
WEB
|
Vulnerability-Lab
|
|
2015-01-13
|
|
Dell iDRAC IPMI 1.5 - Insufficient Session ID Randomness
|
3 |
WEB
|
Yong Chuan_ Koh
|
|
2015-01-13
|
|
Gecko CMS 2.3 - Multiple Vulnerabilities
|
3 |
WEB
|
LiquidWorm
|
|
2011-05-18
|
|
TWiki 5.0.1 - 'origurl' Cross-Site Scripting
|
3 |
WEB
|
Mesut Timur
|
|
2011-05-17
|
|
PHP Calendar Basic 2.3 - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-16
|
|
eFront 3.6.9 - 'submitScore.php' Cross-Site Scripting
|
3 |
WEB
|
John Leitch
|
|
2011-05-16
|
|
Mitel Audio and Web Conferencing 4.4.3.0 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Richard Brain
|
|
2011-05-16
|
|
eFront 3.6.9 - 'scripts.php' Local File Inclusion
|
5 |
WEB
|
AutoSec Tools
|
|
2011-05-16
|
|
openQRM 4.8 - 'source_tab' Cross-Site Scripting
|
4 |
WEB
|
AutoSec Tools
|
|
2011-05-12
|
|
DocMGR 1.1.2 - 'history.php' Cross-Site Scripting
|
4 |
WEB
|
AutoSec Tools
|
|
2011-05-16
|
|
allocPSA 1.7.4 - '/login/login.php' Cross-Site Scripting
|
4 |
WEB
|
AutoSec Tools
|
|
2011-05-16
|
|
Mambo Component Docman 1.3.0 - Multiple SQL Injections
|
4 |
WEB
|
KedAns-Dz
|
|
2015-01-11
|
|
D-Link DSL-2730B Modem - 'Lancfg2get.cgi Persistent Cross-Site Scripting
|
4 |
WEB
|
XLabs Security
|
|
2015-01-11
|
|
D-Link DSL-2730B Modem - Cross-Site Scripting Injection Stored DnsProxy.cmd
|
4 |
WEB
|
XLabs Security
|
|
2015-01-11
|
|
D-Link DSL-2730B Modem - Cross-Site Scripting Injection Stored Wlsecrefresh.wl & Wlsecurity.wl
|
5 |
WEB
|
XLabs Security
|
|
2011-05-16
|
|
Joomla! Component com_cbcontact - 'contact_id' SQL Injection
|
4 |
WEB
|
KedAns-Dz
|
|
2011-05-13
|
|
Flash Tag Cloud And MT-Cumulus Plugin - 'tagcloud' Cross-Site Scripting
|
3 |
WEB
|
MustLive
|
|
2011-05-12
|
|
Argyle Social - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-10
|
|
Calendarix 0.8.20080808 - Multiple Cross-Site Scripting / SQL Injections
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-10
|
|
poMMo Aardvark PR16.1 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-09
|
|
ZAPms 1.22 - 'nick' SQL Injection
|
3 |
WEB
|
KedAns-Dz
|
|
2015-01-09
|
|
vBulletin MicroCART 1.1.4 - Arbitrary Files Deletion / SQL Injection / Cross-Site Scripting
|
3 |
WEB
|
Technidev
|
|
2015-01-08
|
|
WordPress Plugin Shopping Cart 3.0.4 - Unrestricted Arbitrary File Upload
|
3 |
WEB
|
Kacper Szurek
|
|
2011-05-09
|
|
Keyfax Customer Response Management 3.2.2.6 - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Richard Brain
|
|
2011-05-09
|
|
HOMEPIMA Design - 'filedown.php' Local File Disclosure
|
4 |
WEB
|
KnocKout
|
|
2011-05-07
|
|
Getsimple CMS 3.0 - 'set' Local File Inclusion
|
4 |
WEB
|
AutoSec Tools
|
|
2011-05-09
|
|
EmbryoCore 1.03 - 'index.php' SQL Injection
|
4 |
WEB
|
KedAns-Dz
|
|
2011-05-01
|
|
TCExam 11.1.29 - 'tce_xml_user_results.php' Multiple SQL Injections
|
4 |
WEB
|
AutoSec Tools
|
|
2015-01-07
|
|
Sefrengo CMS 1.6.0 - SQL Injection
|
4 |
WEB
|
Steffen Rösemann
|
|
2015-01-07
|
|
Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure
|
4 |
WEB
|
Eduardo Novella
|
|
2015-01-07
|
|
Microweber CMS 0.95 - SQL Injection
|
5 |
WEB
|
Pham Kien Cuong
|
|
2011-05-09
|
|
phpWebSite 1.7.1 - 'upload.php' Arbitrary File Upload
|
5 |
WEB
|
AutoSec Tools
|
|
2011-05-09
|
|
Gelsheet 1.02 - 'index.php' Cross-Site Scripting
|
4 |
WEB
|
AutoSec Tools
|
|
2011-05-09
|
|
Exponent CMS 2.0.0 Beta 1.1 - Local File Inclusion / Arbitrary File Upload
|
4 |
WEB
|
AutoSec Tools
|
|
2011-05-09
|
|
Ampache 3.5.4 - 'login.php' Cross-Site Scripting
|
4 |
WEB
|
AutoSec Tools
|
|
2011-05-09
|
|
encoder 0.4.10 - 'edit.php' Cross-Site Scripting
|
3 |
WEB
|
AutoSec Tools
|
|
2011-05-08
|
|
FestOS 2.3c - 'upload.php' Arbitrary File Upload
|
5 |
WEB
|
KedAns-Dz
|
|
2015-01-06
|
|
AdaptCMS 3.0.3 - Multiple Vulnerabilities
|
4 |
WEB
|
LiquidWorm
|
|
2011-05-07
|
|
e107 0.7.25 - 'news.php' SQL Injection
|
3 |
WEB
|
KedAns-Dz
|
|
2011-05-05
|
|
PHPDug 2.0 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-05
|
|
BMC Dashboards 7.6.01 - Cross-Site Scripting / Information Disclosure
|
3 |
WEB
|
Richard Brain
|
|
2011-05-05
|
|
BMC Remedy Knowledge Management 7.5.00 - Default Account / Multiple Cross-Site Scripting Vulnerabili
|
3 |
WEB
|
Richard Brain
|
|
2011-05-05
|
|
PHP Directory Listing Script 3.1 - 'index.php' Cross-Site Scripting
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-05
|
|
WordPress Plugin WP Ajax Calendar 1.0 - 'example.php' Cross-Site Scripting
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-03
|
|
GoT.MY (Multiple Products) - 'theme_dir' Cross-Site Scripting
|
3 |
WEB
|
Hector.x90
|
|
2011-05-03
|
|
SelectaPix 1.4.1 - 'uploadername' Cross-Site Scripting
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-03
|
|
YaPiG 0.95 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-03
|
|
E2 Photo Gallery 0.9 - 'index.php' Cross-Site Scripting
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-03
|
|
Proofpoint Protection Server 5.5.5 - 'process.cgi' Cross-Site Scripting
|
3 |
WEB
|
Karan Khosla
|
|
2011-05-03
|
|
Web Auction 0.3.6 - 'lang' Cross-Site Scripting
|
4 |
WEB
|
AutoSec Tools
|
|
2015-01-04
|
|
Crea8Social 2.0 - Cross-Site Scripting Change Interface
|
3 |
WEB
|
Yudhistira B W
|
|
2011-05-02
|
|
LDAP Account Manager 3.4.0 - 'selfserviceSaveOk' Cross-Site Scripting
|
3 |
WEB
|
AutoSec Tools
|
|
2011-05-02
|
|
LANSA aXes Web Terminal TN5250 - 'axes_default.css' Cross-Site Scripting
|
3 |
WEB
|
Patrick Webster
|
|
2011-04-30
|
|
Tine 2.0 - 'vbook.php' Cross-Site Scripting
|
3 |
WEB
|
AutoSec Tools
|
|
2011-04-28
|
|
ClanSphere 2011.0 - Local File Inclusion / Arbitrary File Upload
|
3 |
WEB
|
KedAns-Dz
|
|
2015-01-03
|
|
e107 2 Bootstrap CMS - Cross-Site Scripting
|
5 |
WEB
|
Ahmet Agar / 0x97
|
|
2011-04-28
|
|
phpGraphy 0.9.13b - 'theme_dir' Cross-Site Scripting
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-25
|
|
eyeOS 1.9.0.2 - Image File Handling HTML Injection
|
3 |
WEB
|
Alberto Ortega
|
|
2011-04-28
|
|
BackupPC 3.x - 'index.cgi' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-27
|
|
Kusaba X 0.9 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Emilio Pinna
|
|
2011-04-28
|
|
WordPress Plugin WP Photo Album 1.5.1 - 'id' Cross-Site Scripting
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-28
|
|
WordPress Plugin Daily Maui Photo Widget 0.2 - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-27
|
|
Cisco Unified Communications Manager 8.5 - 'xmldirectorylist.jsp' Multiple SQL Injections
|
3 |
WEB
|
Alberto Revelli
|
|
2015-01-01
|
|
Absolut Engine 1.73 - Multiple Vulnerabilities
|
3 |
WEB
|
Steffen Rösemann
|
|
2011-04-27
|
|
up.time Software 5 - Administration Interface Remote Authentication Bypass
|
2 |
WEB
|
James Burton
|
|
2011-04-27
|
|
Joostina (Multiple Components) - SQL Injection
|
2 |
WEB
|
KedAns-Dz
|
|
2011-04-26
|
|
Football Website Manager 1.1 - SQL Injection / Multiple HTML Injection Vulnerabilities
|
3 |
WEB
|
RoAd_KiLlEr
|
|
2011-04-26
|
|
PHP F1 Max's Photo Album - 'showimage.php' Cross-Site Scripting
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-26
|
|
phpList 2.10.x - 'email' Cross-Site Scripting
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-26
|
|
WordPress Plugin WP Ajax Recent Posts 1.0.1 - 'do' Cross-Site Scripting
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-26
|
|
Noah's Classifieds 5.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2014-12-31
|
|
Social Microblogging PRO 1.5 - Persistent Cross-Site Scripting
|
4 |
WEB
|
Halil Dalabasmaz
|
|
2011-04-26
|
|
html-edit CMS 3.1.x - 'html_output' Cross-Site Scripting
|
4 |
WEB
|
KedAns-Dz
|
|
2011-04-26
|
|
WordPress Plugin Sermon Browser 0.43 - Cross-Site Scripting / SQL Injection
|
4 |
WEB
|
Ma3sTr0-Dz
|
|
2011-04-25
|
|
TemaTres 1.3 - '_search_expresion' Cross-Site Scripting
|
5 |
WEB
|
AutoSec Tools
|
|
2011-04-22
|
|
Nuke Evolution Xtreme 2.0 - Local File Inclusion / SQL Injection
|
4 |
WEB
|
KedAns-Dz
|
|
2011-04-22
|
|
Dolibarr ERP/CRM 3.0 - Local File Inclusion / Cross-Site Scripting
|
4 |
WEB
|
AutoSec Tools
|
|
2011-04-21
|
|
LightNEasy 3.2.3 - 'userhandle' Cookie SQL Injection
|
3 |
WEB
|
AutoSec Tools
|
|
2011-04-22
|
|
todoyu 2.0.8 - 'lang' Cross-Site Scripting
|
4 |
WEB
|
AutoSec Tools
|
|
2011-04-21
|
|
ZenPhoto 1.4.0.3 - '_zp_themeroot' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-21
|
|
SyCtel Design - 'menu' Multiple Local File Inclusions
|
3 |
WEB
|
Ashiyane Digital Security Team
|
|
2011-04-20
|
|
Automagick Tube Script 1.4.4 - 'module' Cross-Site Scripting
|
3 |
WEB
|
Kurd-Team
|
