|
2011-04-08
|
|
PrestaShop 1.3.6 - 'cms.php' Remote File Inclusion
|
3 |
WEB
|
KedAns-Dz
|
|
2011-04-08
|
|
vTiger CRM 5.2.1 - 'sortfieldsjson.php' Local File Inclusion
|
2 |
WEB
|
John Leitch
|
|
2011-04-06
|
|
Redmine 1.0.1/1.1.1 - 'projects/hg-hellowword/news/' Cross-Site Scripting
|
2 |
WEB
|
Mesut Timur
|
|
2011-04-06
|
|
TextPattern 4.2 - 'index.php' Cross-Site Scripting
|
2 |
WEB
|
kurdish hackers team
|
|
2011-04-04
|
|
XOOPS 2.5 - 'banners.php' Multiple Local File Inclusions
|
3 |
WEB
|
KedAns-Dz
|
|
2011-04-05
|
|
UseBB 1.0.11 - 'admin.php' Local File Inclusion
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-05
|
|
Eleanor CMS - Cross-Site Scripting / Multiple SQL Injections
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-04
|
|
Yaws-Wiki 1.88-1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
|
1 |
WEB
|
Michael Brooks
|
|
2011-04-04
|
|
Gazelle CMS 1.0 - Cross-Site Scripting / SQL Injection
|
1 |
WEB
|
kurdish hackers team
|
|
2011-04-03
|
|
DoceboLms 4.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities
|
1 |
WEB
|
LiquidWorm
|
|
2011-04-03
|
|
WordPress Plugin Placester 0.1 - 'ajax_action' Cross-Site Scripting
|
1 |
WEB
|
John Leitch
|
|
2011-04-04
|
|
WordPress Plugin WPwizz AdWizz Plugin 1.0 - 'link' Cross-Site Scripting
|
0 |
WEB
|
John Leitch
|
|
2011-04-04
|
|
MyBB 1.4/1.6 - Multiple Vulnerabilities
|
1 |
WEB
|
MustLive
|
|
2011-04-04
|
|
PHP-Fusion - 'article_id' SQL Injection
|
1 |
WEB
|
KedAns-Dz
|
|
2014-12-17
|
|
CIK Telecom VoIP Router SVG6000RW - Privilege Escalation / Command Execution
|
1 |
WEB
|
Chako
|
|
2011-04-01
|
|
AWCM 2.x - 'search.php' Cross-Site Scripting
|
1 |
WEB
|
Antu Sanadi
|
|
2014-12-16
|
|
CMS Papoo 6.0.0 Rev. 4701 - Persistent Cross-Site Scripting
|
3 |
WEB
|
Steffen Rösemann
|
|
2011-03-31
|
|
Collabtive 0.6.5 - Multiple Remote Input Validation Vulnerabilities
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-31
|
|
InTerra Blog Machine 1.84 - 'subject' HTML Injection
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-30
|
|
ICJobSite 1.1 - 'pid' SQL Injection
|
1 |
WEB
|
RoAd_KiLlEr
|
|
2014-12-15
|
|
WordPress Plugin WP Symposium 14.11 - Arbitrary File Upload
|
2 |
WEB
|
Claudio Viviani
|
|
2014-12-15
|
|
ResourceSpace 6.4.5976 - Cross-Site Scripting / SQL Injection / Insecure Cookie Handling
|
2 |
WEB
|
Adler Freiheit
|
|
2014-12-15
|
|
PHPads 213607 - Authentication Bypass / Password Change
|
2 |
WEB
|
Shaker msallm
|
|
2014-12-15
|
|
WordPress Plugin Download Manager 2.7.4 - Remote Code Execution
|
1 |
WEB
|
Claudio Viviani
|
|
2014-12-15
|
|
Soitec SmartEnergy 1.4 - SCADA Login SQL Injection / Authentication Bypass
|
3 |
WEB
|
LiquidWorm
|
|
2014-12-15
|
|
GLPI 0.85 - Blind SQL Injection
|
2 |
WEB
|
Kacper Szurek
|
|
2011-03-30
|
|
YaCOMAS 0.3.6 OpenCMS - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Pr@fesOr X
|
|
2011-03-30
|
|
GuppY 4.6.14 - 'lng' Multiple SQL Injections
|
2 |
WEB
|
kurdish hackers team
|
|
2011-03-29
|
|
XOOPS - 'view_photos.php' Cross-Site Scripting
|
2 |
WEB
|
KedAns-Dz
|
|
2011-03-29
|
|
Tracks 1.7.2 - URI Cross-Site Scripting
|
1 |
WEB
|
Mesut Timur
|
|
2011-03-29
|
|
Spitfire 1.0.3x - 'cms_username' Cross-Site Scripting
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-29
|
|
osCSS 2.1 - Multiple Cross-Site Scripting / Local File Inclusions
|
2 |
WEB
|
AutoSec Tools
|
|
2011-03-28
|
|
Claroline 1.10 - Multiple HTML Injection Vulnerabilities
|
2 |
WEB
|
AutoSec Tools
|
|
2014-12-10
|
|
OpenEMR 4.1.2(7) - Multiple SQL Injections
|
2 |
WEB
|
Portcullis
|
|
2011-03-28
|
|
webEdition CMS 6.1.0.2 - 'DOCUMENT_ROOT' Local File Inclusion
|
2 |
WEB
|
eidelweiss
|
|
2011-03-28
|
|
Alkacon OpenCMS 7.5.x - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
antisnatchor
|
|
2011-03-27
|
|
OrangeHRM 2.6.2 - 'jobVacancy.php' Cross-Site Scripting
|
2 |
WEB
|
AutoSec Tools
|
|
2014-12-10
|
|
Humhub 0.10.0-rc.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Jos Wetzels_ Emiel Florijn
|
|
2014-12-10
|
|
Humhub 0.10.0-rc.1 - SQL Injection
|
1 |
WEB
|
Jos Wetzels_ Emiel Florijn
|
|
2011-03-27
|
|
Cetera eCommerce - Multiple Cross-Site Scripting / SQL Injections
|
2 |
WEB
|
MustLive
|
|
2014-12-09
|
|
Flat Calendar 1.1 - HTML Injection
|
1 |
WEB
|
ZoRLu Bugrahan
|
|
2014-12-09
|
|
WordPress Plugin Symposium 14.10 - SQL Injection
|
2 |
WEB
|
Kacper Szurek
|
|
2011-03-25
|
|
Family Connections 2.3.2 - 'subject' HTML Injection
|
2 |
WEB
|
Zero Science Lab
|
|
2011-03-24
|
|
netjukebox 4.01B/5.25 - 'skin' Cross-Site Scripting
|
2 |
WEB
|
AutoSec Tools
|
|
2011-03-24
|
|
Ripe Website Manager 1.1 - Cross-Site Scripting / Multiple SQL Injections
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-24
|
|
GrapeCity Data Dynamics Reports 1.6.2084.14 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Dionach
|
|
2011-03-24
|
|
MC Content Manager 10.1.1 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
MustLive
|
|
2014-12-08
|
|
WordPress Plugin Ajax Store Locator 1.2 - Arbitrary File Download
|
2 |
WEB
|
Claudio Viviani
|
|
2014-12-08
|
|
Free Article Submissions 1.0 - SQL Injection
|
1 |
WEB
|
BarrabravaZ
|
|
2014-12-08
|
|
PBBoard CMS - Persistent Cross-Site Scripting
|
2 |
WEB
|
Manish Tanwar
|
|
2014-12-08
|
|
IceHrm 7.1 - Multiple Vulnerabilities
|
1 |
WEB
|
LiquidWorm
|
|
2011-03-21
|
|
PluggedOut Blog 1.9.9 - 'year' Cross-Site Scripting
|
1 |
WEB
|
kurdish hackers team
|
|
2011-03-21
|
|
Newsportal 0.37 - 'post.php' Cross-Site Scripting
|
2 |
WEB
|
kurdish hackers team
|
|
2011-03-21
|
|
Online store PHP script - Multiple Cross-Site Scripting / SQL Injections
|
2 |
WEB
|
kurdish hackers team
|
|
2011-03-19
|
|
Web Poll Pro 1.0.3 - 'error' HTML Injection
|
3 |
WEB
|
Hector.x90
|
|
2011-03-18
|
|
XOOPS 2.x - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Aung Khant
|
|
2011-03-17
|
|
WordPress Plugin Rating-Widget 1.3.1 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Todor Donev
|
|
2011-03-17
|
|
WordPress Plugin Sodahead Polls 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2014-12-05
|
|
PBBoard CMS 3.0.1 - SQL Injection
|
1 |
WEB
|
Tran Dinh Tien
|
|
2011-03-16
|
|
AplikaMedia CMS - 'page_info.php' SQL Injection
|
2 |
WEB
|
H3X
|
|
2011-03-10
|
|
Wikiwig 5.01 - Cross-Site Scripting / HTML Injection
|
2 |
WEB
|
AutoSec Tools
|
|
2011-03-15
|
|
SugarCRM 6.1.1 - Information Disclosure
|
2 |
WEB
|
RedTeam Pentesting GmbH
|
|
2014-12-04
|
|
Advertise With Pleasure! (AWP) 6.6 - SQL Injection
|
2 |
WEB
|
Robert Cooper
|
|
2014-12-04
|
|
Technicolor DT5130 2.05.C29GV - Multiple Vulnerabilities
|
2 |
WEB
|
Crash
|
|
2014-12-03
|
|
WordPress Plugin CodeArt Google MP3 Player - File Disclosure Download
|
2 |
WEB
|
QK14 Team
|
|
2014-12-03
|
|
WordPress Plugin Cart66 Lite eCommerce 1.5.1.17 - Blind SQL Injection
|
2 |
WEB
|
Kacper Szurek
|
|
2011-03-14
|
|
BoutikOne - 'rss_top10.php?lang' SQL Injection
|
3 |
WEB
|
cdx.security
|
|
2011-03-14
|
|
BoutikOne - 'rss_promo.php?lang' SQL Injection
|
2 |
WEB
|
cdx.security
|
|
2011-03-14
|
|
BoutikOne - 'rss_flash.php?lang' SQL Injection
|
2 |
WEB
|
cdx.security
|
|
2011-03-14
|
|
BoutikOne - 'rss_news.php?lang' SQL Injection
|
2 |
WEB
|
cdx.security
|
|
2011-03-14
|
|
BoutikOne - 'search.php' Multiple SQL Injections
|
2 |
WEB
|
cdx.security
|
|
2011-03-14
|
|
BoutikOne - 'list.php?path' SQL Injection
|
2 |
WEB
|
cdx.security
|
|
2011-03-14
|
|
BoutikOne - 'categorie.php?path' SQL Injection
|
1 |
WEB
|
cdx.security
|
|
2014-12-03
|
|
WordPress Plugin Google Document Embedder 2.5.16 - 'mysql_real_escpae_string' Bypass SQL Injection
|
0 |
WEB
|
Securely (Yoo Hee man)
|
|
2011-03-04
|
|
Lms Web Ensino - Multiple Input Validation Vulnerabilities
|
1 |
WEB
|
waKKu
|
|
2014-12-02
|
|
TYPO3 Extension ke DomPDF - Remote Code Execution
|
2 |
WEB
|
RedTeam Pentesting
|
|
2014-12-02
|
|
EntryPass N5200 - Credentials Exposure
|
2 |
WEB
|
RedTeam Pentesting
|
|
2014-12-02
|
|
WordPress Plugin Nextend Facebook Connect 1.4.59 - Cross-Site Scripting
|
2 |
WEB
|
Kacper Szurek
|
|
2011-03-10
|
|
Cosmoshop 10.05.00 - Multiple Cross-Site Scripting / SQL Injections
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-10
|
|
Xinha 0.96 - 'spell-check-savedicts.php' Multiple HTML Injection Vulnerabilities
|
2 |
WEB
|
John Leitch
|
|
2011-03-10
|
|
WordPress Plugin Lazyest Gallery 1.0.26 - 'image' Cross-Site Scripting
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-08
|
|
Ruubikcms 1.0.3 - 'head.php' Cross-Site Scripting
|
2 |
WEB
|
Khashayar Fereidani
|
|
2011-03-08
|
|
WordPress Plugin 1 Flash Gallery 0.2.5 - Cross-Site Scripting / SQL Injection
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-08
|
|
WordPress Plugin PhotoSmash Galleries 1.0.x - 'action' Cross-Site Scripting
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2014-12-02
|
|
SQL Buddy 1.3.3 - Remote Code Execution
|
2 |
WEB
|
Fady Mohammed Osman
|
|
2014-12-02
|
|
ProjectSend r-561 - Arbitrary File Upload
|
1 |
WEB
|
Fady Mohammed Osman
|
|
2014-12-02
|
|
Prolink PRN2001 - Multiple Vulnerabilities
|
1 |
WEB
|
Herman Groeneveld
|
|
2011-03-08
|
|
WordPress Plugin Inline Gallery 0.3.9 - 'do' Cross-Site Scripting
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-08
|
|
WS Interactive Automne 4.1 - '/admin/upload-controler.php' Arbitrary File Upload
|
1 |
WEB
|
AutoSec Tools
|
|
2011-03-03
|
|
Interleave 5.5.0.2 - 'basicstats.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
AutoSec Tools
|
|
2011-03-07
|
|
Kodak InSite 5.5.2 - '/Pages/login.aspx?Language' Cross-Site Scripting
|
2 |
WEB
|
Dionach
|
|
2011-03-07
|
|
Kodak InSite 5.5.2 - '/Troubleshooting/DiagnosticReport.asp?HeaderWarning' Cross-Site Scripting
|
2 |
WEB
|
Dionach
|
|
2011-03-04
|
|
InterPhoto Image Gallery 2.4.2 - 'IPLANG' Local File Inclusion
|
2 |
WEB
|
AutoSec Tools
|
|
2011-03-03
|
|
Pragyan CMS 3.0 Beta - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-03
|
|
xtcModified 1.05 - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-03
|
|
phpWebSite 1.7.1 - 'local' Cross-Site Scripting
|
2 |
WEB
|
AutoSec Tools
|
|
2011-03-03
|
|
Support Incident Tracker (SiT!) 3.62 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
AutoSec Tools
|
|
2011-03-02
|
|
VidiScript - 'vp' Cross-Site Scripting
|
2 |
WEB
|
NassRawI
|
|
2011-03-02
|
|
Forritun - Multiple SQL Injections
|
1 |
WEB
|
eXeSoul
|
|
2011-02-28
|
|
SnapProof - 'retPageID' Cross-Site Scripting
|
2 |
WEB
|
difficult 511
|
|
2011-02-28
|
|
WordPress Plugin BackWPup 1.4 - Multiple Information Disclosure Vulnerabilities
|
2 |
WEB
|
Danilo Massa
|
|
2011-02-23
|
|
Drupal Module Cumulus 5.x-1.1/6.x-1.4 - 'tagcloud' Cross-Site Scripting
|
2 |
WEB
|
MustLive
|
|
2014-11-28
|
|
xEpan 1.0.4 - Multiple Vulnerabilities
|
1 |
WEB
|
Parikesit _ Kurawa
|
|
2011-02-23
|
|
WordPress Plugin YT-Audio 1.7 - 'v' Cross-Site Scripting
|
1 |
WEB
|
AutoSec Tools
|
|
2011-02-23
|
|
WordPress Plugin ComicPress Manager 1.4.9 - 'lang' Cross-Site Scripting
|
1 |
WEB
|
AutoSec Tools
|
|
2011-02-23
|
|
WordPress Plugin IGIT Posts Slider Widget 1.0 - 'src' Cross-Site Scripting
|
2 |
WEB
|
AutoSec Tools
|
|
2011-02-25
|
|
glFusion 1.1.x/1.2.1 - 'users.php' SQL Injection
|
2 |
WEB
|
H3X
|
|
2011-02-25
|
|
phpShop 0.8.1 - 'page' Cross-Site Scripting
|
1 |
WEB
|
Aung Khant
|
|
2014-11-26
|
|
WordPress Plugin Slider REvolution 3.0.95 / Showbiz Pro 1.7.1 - Arbitrary File Upload
|
2 |
WEB
|
Simo Ben Youssef
|
|
2014-11-26
|
|
Device42 WAN Emulator 2.3 - Ping Command Injection (Metasploit)
|
2 |
WEB
|
Brandon Perry
|
|
2014-11-26
|
|
Device42 WAN Emulator 2.3 - Traceroute Command Injection (Metasploit)
|
2 |
WEB
|
Brandon Perry
|
|
2014-11-26
|
|
xEpan 1.0.1 - Cross-Site Request Forgery
|
0 |
WEB
|
High-Tech Bridge SA
|
|
2014-11-26
|
|
WordPress Plugin DB Backup - Arbitrary File Download
|
1 |
WEB
|
Ashiyane Digital Security Team
|
|
2011-02-16
|
|
mySeatXT 0.164 - 'lang' Local File Inclusion
|
1 |
WEB
|
AutoSec Tools
|
|
2011-02-22
|
|
Vanilla Forums 2.0.17.x - 'p' Cross-Site Scripting
|
1 |
WEB
|
Aung Khant
|
|
2011-02-22
|
|
IBM Lotus Sametime Server 8.0 - 'stcenter.nsf' Cross-Site Scripting
|
1 |
WEB
|
andrew
|
|
2011-02-22
|
|
WordPress Plugin GD Star Rating 1.9.7 - 'wpfn' Cross-Site Scripting
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2014-11-25
|
|
Arris VAP2500 - Authentication Bypass
|
1 |
WEB
|
HeadlessZeke
|
|
2014-11-25
|
|
WordPress Plugin Google Document Embedder 2.5.14 - SQL Injection
|
1 |
WEB
|
Kacper Szurek
|
|
2014-11-25
|
|
Crea8Social 1.3 - Persistent Cross-Site Scripting
|
2 |
WEB
|
Halil Dalabasmaz
|
|
2014-11-25
|
|
PHPMyRecipes 1.2.2 - 'dosearch.php?words_exact' SQL Injection
|
1 |
WEB
|
bard
|
|
2011-02-21
|
|
Batavi 1.0 - Multiple Local File Inclusion / Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
AutoSec Tools
|
|
2011-02-18
|
|
WSN Guest 1.24 - 'wsnuser' Cookie SQL Injection
|
2 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2014-11-24
|
|
Advantech EKI-6340 - Command Injection
|
1 |
WEB
|
Core Security
|
|
2011-02-15
|
|
Getsimple CMS 2.03 - 'upload-ajax.php' Arbitrary File Upload
|
1 |
WEB
|
s3rg3770 & Chuzz
|
