|
2011-02-15
|
|
Photopad 1.2 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-15
|
|
Wikipad 1.6.0 - Cross-Site Scripting / HTML Injection / Information Disclosure
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-15
|
|
Gollos 2.8 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-15
|
|
MG2 0.5.1 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
LiquidWorm
|
|
2011-02-12
|
|
Dokeos 1.8.6 2 - 'style' Cross-Site Scripting
|
1 |
WEB
|
AutoSec Tools
|
|
2014-11-24
|
|
WordPress Plugin DukaPress 2.5.2 - Directory Traversal
|
1 |
WEB
|
Kacper Szurek
|
|
2014-11-24
|
|
RobotStats 1.0 - 'robot' SQL Injection
|
1 |
WEB
|
ZoRLu Bugrahan
|
|
2011-02-09
|
|
Smarty Template Engine 2.6.9 - '$smarty.template' PHP Code Injection
|
1 |
WEB
|
jonieske
|
|
2014-11-24
|
|
WordPress Plugin wpDataTables 1.5.3 - Arbitrary File Upload
|
1 |
WEB
|
Claudio Viviani
|
|
2014-11-24
|
|
WordPress Plugin wpDataTables 1.5.3 - SQL Injection
|
2 |
WEB
|
Claudio Viviani
|
|
2011-02-12
|
|
TaskFreak! 0.6.4 - 'rss.php' HTTP Referer Header Cross-Site Scripting
|
2 |
WEB
|
LiquidWorm
|
|
2011-02-12
|
|
TaskFreak! 0.6.4 - 'print_list.php' Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
LiquidWorm
|
|
2011-02-12
|
|
TaskFreak! 0.6.4 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
LiquidWorm
|
|
2011-02-11
|
|
Drupal Module CAPTCHA - Security Bypass
|
2 |
WEB
|
anonymous
|
|
2011-02-10
|
|
RunCMS 2.2.2 - 'register.php' SQL Injection
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-10
|
|
webERP 4.0.1 - 'InputSerialItemsFile.php' Arbitrary File Upload
|
1 |
WEB
|
AutoSec Tools
|
|
2011-02-10
|
|
Dolphin 7.0.4 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
AutoSec Tools
|
|
2011-02-10
|
|
ManageEngine ADSelfService Plus 4.4 - 'EmployeeSearch.cc' Multiple Cross-Site Scripting Vulnerabilit
|
2 |
WEB
|
Core Security
|
|
2011-02-10
|
|
ManageEngine ADSelfService Plus 4.4 - POST Manipulation Security Question
|
2 |
WEB
|
Core Security
|
|
2011-02-09
|
|
PHPXref 0.7 - 'nav.html' Cross-Site Scripting
|
2 |
WEB
|
MustLive
|
|
2011-02-08
|
|
UMI CMS 2.8.1.2 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-08
|
|
CiviCRM 3.3.3 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
AutoSec Tools
|
|
2014-11-22
|
|
Netgear WNR500 Wireless Router - 'webproc?getpage' Traversal Arbitrary File Access
|
2 |
WEB
|
LiquidWorm
|
|
2014-11-22
|
|
WordPress Plugin CM Download Manager 2.0.0 - Code Injection
|
2 |
WEB
|
Phi Ngoc Le
|
|
2014-11-22
|
|
MyBB 1.8.2 - 'unset_globals()' Function Bypass / Remote Code Execution
|
2 |
WEB
|
Taoguang Chen
|
|
2011-02-08
|
|
ViArt Shop 4.0.5 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-08
|
|
WebAsyst Shop-Script - Cross-Site Scripting / HTML Injection
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-07
|
|
Escortservice 1.0 - 'custid' SQL Injection
|
2 |
WEB
|
NoNameMT
|
|
2014-11-21
|
|
WordPress Plugin SP Client Document Manager 2.4.1 - SQL Injection
|
1 |
WEB
|
ITAS Team
|
|
2011-02-03
|
|
Firebook - 'index.html' Cross-Site Scripting
|
1 |
WEB
|
MustLive
|
|
2011-02-03
|
|
Octeth Oempro 3.6.4 - SQL Injection / Information Disclosure
|
1 |
WEB
|
Ignacio Garrido
|
|
2011-03-23
|
|
Web Wiz Forums 9.5 - Multiple SQL Injections
|
1 |
WEB
|
eXeSoul
|
|
2011-02-02
|
|
Betsy 4.0 - 'page' Local File Inclusion
|
2 |
WEB
|
MizoZ
|
|
2011-01-31
|
|
All In One Control Panel 1.4.1 - 'cp_menu_data_file.php' SQL Injection
|
1 |
WEB
|
AutoSec Tools
|
|
2011-02-02
|
|
TCExam 11.1.16 - 'user_password' Cross-Site Scripting
|
1 |
WEB
|
AutoSec Tools
|
|
2011-02-01
|
|
ACollab - 't' SQL Injection
|
1 |
WEB
|
AutoSec Tools
|
|
2014-11-19
|
|
WordPress Plugin Paid Memberships Pro 1.7.14.2 - Directory Traversal
|
1 |
WEB
|
Kacper Szurek
|
|
2014-11-19
|
|
Snowfox CMS 1.0 - Cross-Site Request Forgery (Add Admin)
|
1 |
WEB
|
LiquidWorm
|
|
2011-02-01
|
|
WordPress Plugin TagNinja 1.0 - 'id' Cross-Site Scripting
|
2 |
WEB
|
AutoSec Tools
|
|
2011-02-01
|
|
TinyWebGallery 1.8.3 - Cross-Site Scripting / Local File Inclusion
|
1 |
WEB
|
Yam Mesicka
|
|
2011-02-01
|
|
Moodle 2.0.1 - 'PHPCOVERAGE_HOME' Cross-Site Scripting
|
0 |
WEB
|
AutoSec Tools
|
|
2011-01-30
|
|
eSyndiCat Directory Software 2.2/2.3 - 'preview' Cross-Site Scripting
|
0 |
WEB
|
Avram Marius
|
|
2011-02-01
|
|
Joomla! Component com_frontenduseraccess - Local File Inclusion
|
1 |
WEB
|
wishnusakti
|
|
2011-02-01
|
|
Joomla! Component com_clan_members - 'id' SQL Injection
|
1 |
WEB
|
FL0RiX
|
|
2011-01-31
|
|
Joomla! Component com_virtuemart 1.1.6 - SQL Injection
|
1 |
WEB
|
Andrea Fabrizi
|
|
2011-01-30
|
|
vBSEO 3.2.2/3.5.2 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
MaXe
|
|
2011-01-27
|
|
Vanilla Forums 2.0.16 - 'Target' Cross-Site Scripting
|
1 |
WEB
|
YGN Ethical Hacker Group
|
|
2011-01-26
|
|
SimpGB 1.49.2 - 'Guestbook.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
MustLive
|
|
2011-01-25
|
|
WordPress Plugin FCChat Widget 2.1.7 - 'path' Cross-Site Scripting
|
1 |
WEB
|
AutoSec Tools
|
|
2011-01-24
|
|
WordPress Plugin oQey-Gallery 0.2 - 'tbpv_domain' Cross-Site Scripting
|
1 |
WEB
|
AutoSec Tools
|
|
2011-01-24
|
|
WordPress Plugin Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Cross-Site Script
|
1 |
WEB
|
AutoSec Tools
|
|
2011-01-25
|
|
WordPress Plugin BezahlCode Generator 1.0 - 'gen_name' Cross-Site Scripting
|
1 |
WEB
|
AutoSec Tools
|
|
2011-01-24
|
|
WordPress Plugin Feature Slideshow 1.0.6 - 'src' Cross-Site Scripting
|
1 |
WEB
|
AutoSec Tools
|
|
2014-11-17
|
|
Zoph 0.9.1 - Multiple Vulnerabilities
|
1 |
WEB
|
Manuel García Cárdenas
|
|
2014-11-17
|
|
WebsiteBaker 2.8.3 - Multiple Vulnerabilities
|
2 |
WEB
|
Manuel García Cárdenas
|
|
2014-11-17
|
|
ZTE ZXHN H108L - Authentication Bypass (2)
|
1 |
WEB
|
Project Zero Labs
|
|
2014-11-17
|
|
Proticaret E-Commerce Script 3.0 - SQL Injection (2)
|
1 |
WEB
|
BGA Security
|
|
2014-11-17
|
|
PHPFox - Persistent Cross-Site Scripting
|
1 |
WEB
|
spyk2r
|
|
2014-11-17
|
|
ZTE ZXHN H108L - Authentication Bypass (1)
|
1 |
WEB
|
Project Zero Labs
|
|
2014-11-17
|
|
Maarch LetterBox 2.8 - (Authentication Bypass) Insecure Cookies
|
1 |
WEB
|
ZoRLu Bugrahan
|
|
2014-11-17
|
|
MyBB Forums 1.8.2 - Persistent Cross-Site Scripting
|
1 |
WEB
|
Avinash Thapa
|
|
2011-01-25
|
|
WordPress Plugin Recip.ly 1.1.7 - 'uploadImage.php' Arbitrary File Upload
|
1 |
WEB
|
AutoSec Tools
|
|
2011-01-25
|
|
WordPress Plugin Featured Content 0.0.1 - 'listid' Cross-Site Scripting
|
1 |
WEB
|
AutoSec Tools
|
|
2011-01-23
|
|
WordPress Plugin WP Publication Archive 2.0.1 - 'file' Information Disclosure
|
1 |
WEB
|
AutoSec Tools
|
|
2011-01-23
|
|
WordPress Plugin WP Featured Post with Thumbnail 3.0 - 'src' Cross-Site Scripting
|
1 |
WEB
|
AutoSec Tools
|
|
2011-01-23
|
|
WordPress Plugin RSS Feed Reader 0.1 - 'rss_url' Cross-Site Scripting
|
1 |
WEB
|
AutoSec Tools
|
|
2011-01-25
|
|
PivotX 2.2 - '/pivotx/includes/timwrapper.php?src' Cross-Site Scripting
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2011-01-25
|
|
PivotX 2.2 - '/pivotx/includes/blogroll.php?color' Cross-Site Scripting
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2011-01-23
|
|
WordPress Plugin Audio 0.5.1 - 'showfile' Cross-Site Scripting
|
1 |
WEB
|
AutoSec Tools
|
|
2011-01-25
|
|
WordPress Plugin Videox7 UGC 2.5.3.2 - 'listid' Cross-Site Scripting
|
1 |
WEB
|
AutoSec Tools
|
|
2011-01-25
|
|
ActiveWeb Professional 3.0 - Arbitrary File Upload
|
1 |
WEB
|
StenoPlasma
|
|
2011-01-24
|
|
WordPress Plugin Uploader 1.0 - 'num' Cross-Site Scripting
|
2 |
WEB
|
AutoSec Tools
|
|
2011-01-25
|
|
PivotX 2.2.2 - 'module_image.php' Cross-Site Scripting
|
2 |
WEB
|
AutoSec Tools
|
|
2011-01-25
|
|
web@all 1.1 - 'url' Cross-Site Scripting
|
2 |
WEB
|
AutoSec Tools
|
|
2011-01-20
|
|
Pixie CMS 1.0.4 - '/admin/index.php' SQL Injection
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2014-11-15
|
|
clientResponse Client Management 4.1 - Cross-Site Scripting
|
2 |
WEB
|
Halil Dalabasmaz
|
|
2014-11-15
|
|
Joomla! Component com_hdflvplayer < 2.1.0.1 - Arbitrary File Download
|
1 |
WEB
|
Claudio Viviani
|
|
2011-01-19
|
|
PHPAuctions - 'viewfaqs.php' SQL Injection
|
2 |
WEB
|
h4ck3r
|
|
2011-01-17
|
|
phpCMS 2008 V2 - 'data.php' SQL Injection
|
2 |
WEB
|
R3d-D3V!L
|
|
2014-11-14
|
|
Gogs - 'users'/'repos' '?q' SQL Injection
|
1 |
WEB
|
Timo Schmid
|
|
2014-11-14
|
|
Gogs - 'label' SQL Injection
|
1 |
WEB
|
Timo Schmid
|
|
2011-01-18
|
|
B-Cumulus - 'tagcloud' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
MustLive
|
|
2011-01-16
|
|
Advanced Webhost Billing System (AWBS) 2.9.2 - 'oid' SQL Injection
|
1 |
WEB
|
ShivX
|
|
2011-01-15
|
|
CompactCMS 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities (2)
|
1 |
WEB
|
Patrick de Brouwer
|
|
2011-01-14
|
|
Alguest 1.1c-patched - 'elimina' SQL Injection
|
1 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2014-11-13
|
|
MyBB 1.8.x - Multiple Vulnerabilities
|
2 |
WEB
|
smash
|
|
2014-11-13
|
|
Digi Online Examination System 2.0 - Unrestricted Arbitrary File Upload
|
2 |
WEB
|
Halil Dalabasmaz
|
|
2014-11-13
|
|
F5 BIG-IP 10.1.0 - Directory Traversal
|
2 |
WEB
|
Anastasios Monachos
|
|
2014-11-13
|
|
Piwigo 2.6.0 - 'picture.php?rate' SQL Injection
|
2 |
WEB
|
Manuel García Cárdenas
|
|
2014-11-13
|
|
Joomla! Component com_hdflvplayer < 2.1.0.1 - SQL Injection
|
2 |
WEB
|
Claudio Viviani
|
|
2014-11-13
|
|
Proticaret E-Commerce Script 3.0 - SQL Injection (1)
|
2 |
WEB
|
Onur Alanbel (BGA)
|
|
2014-11-12
|
|
WordPress Plugin SupportEzzy Ticket System 1.2.5 - Persistent Cross-Site Scripting
|
2 |
WEB
|
Halil Dalabasmaz
|
|
2014-11-11
|
|
Subex Fms 7.4 - SQL Injection
|
1 |
WEB
|
Anastasios Monachos
|
|
2014-11-10
|
|
WordPress Plugin / Joomla! Component XCloner - Multiple Vulnerabilities
|
2 |
WEB
|
Larry W. Cashdollar
|
|
2014-11-10
|
|
Password Manager Pro / Pro MSP - Blind SQL Injection
|
2 |
WEB
|
Pedro Ribeiro
|
|
2014-11-10
|
|
ManageEngine OpManager / Social IT Plus / IT360 - Multiple Vulnerabilities
|
2 |
WEB
|
Pedro Ribeiro
|
|
2014-11-10
|
|
Barracuda - Multiple Unauthentication Logfile Downloads
|
2 |
WEB
|
4CKnowLedge
|
|
2014-11-10
|
|
PHP-Fusion 7.02.07 - SQL Injection
|
2 |
WEB
|
XLabs Security
|
|
2014-11-10
|
|
WordPress Plugin Another WordPress Classifieds Plugin - SQL Injection
|
2 |
WEB
|
dill
|
|
2014-11-10
|
|
ZTE ZXDSL 831CII - Insecure Direct Object Reference
|
2 |
WEB
|
Paulos Yibelo
|
|
2014-11-10
|
|
phpSound Music Sharing Platform 1.0.5 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Halil Dalabasmaz
|
|
2014-11-10
|
|
Serenity Client Management Portal 1.0.1 - Multiple Vulnerabilities
|
1 |
WEB
|
Halil Dalabasmaz
|
|
2014-11-10
|
|
vldPersonals 2.7 - Multiple Vulnerabilities
|
2 |
WEB
|
Mr T
|
|
2011-01-11
|
|
CMS Tovar - 'tovar.php' SQL Injection
|
1 |
WEB
|
jos_ali_joe
|
|
2011-01-08
|
|
Joostina 1.3 - 'index.php' Cross-Site Scripting
|
2 |
WEB
|
MustLive
|
|
2011-01-10
|
|
WikLink 0.1.3 - Multiple SQL Injections
|
1 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2011-01-04
|
|
WonderCMS 0.3.3 - 'editText.php' Cross-Site Scripting
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2014-11-06
|
|
Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities
|
1 |
WEB
|
SEC Consult
|
|
2011-01-06
|
|
PHP MicroCMS 1.0.1 - 'page_text' Cross-Site Scripting
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2011-01-05
|
|
Openfire 3.6.4 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Walikar Riyaz Ahemed Dawalmalik
|
|
2011-01-05
|
|
BlogEngine.NET 1.6 - Directory Traversal / Information Disclosure
|
2 |
WEB
|
Deniz Cevik
|
|
2011-01-06
|
|
Joomla! 1.0.x - 'ordering' Cross-Site Scripting
|
2 |
WEB
|
Aung Khant
|
|
2011-01-05
|
|
WikLink 0.1.3 - 'getURL.php' SQL Injection
|
2 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2014-11-05
|
|
Mouse Media Script 1.6 - Persistent Cross-Site Scripting
|
1 |
WEB
|
Halil Dalabasmaz
|
|
2014-11-05
|
|
MODx CMS 2.2.14 - Cross-Site Request Forgery Bypass / Reflected Cross-Site Scripting / Persistent Cr
|
2 |
WEB
|
Narendra Bhati
|
|
2010-12-28
|
|
Coppermine Photo Gallery 1.5.10 - 'searchnew.php' Cross-Site Scripting
|
2 |
WEB
|
waraxe
|
|
2010-12-28
|
|
Coppermine Photo Gallery 1.5.10 - 'help.php' Cross-Site Scripting
|
2 |
WEB
|
waraxe
|
|
2010-12-26
|
|
CruxCMS 3.0 - Multiple Input Validation Vulnerabilities
|
2 |
WEB
|
ToXiC
|
|
2014-11-03
|
|
Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Remote Code Execution)
|
1 |
WEB
|
Stefan Horst
|
|
2010-12-27
|
|
LiveZilla 3.2.0.2 - 'Track' Module 'server.php' Cross-Site Scripting
|
1 |
WEB
|
Ulisses Castro
|
|
2014-11-03
|
|
PHP < 5.6.2 - 'Shellshock' Safe Mode / disable_functions Bypass / Command Injection
|
1 |
WEB
|
Ryan King (Starfall)
|
|
2010-12-27
|
|
Pligg CMS 1.1.3 - 'range' SQL Injection
|
1 |
WEB
|
Dr.NeT
|
|
2010-12-28
|
|
HotWeb Scripts HotWeb Rentals - 'PageId' SQL Injection
|
1 |
WEB
|
non customers
|
|
2010-12-23
|
|
Social Share - 'search' Cross-Site Scripting
|
1 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2010-12-23
|
|
MyBB 1.6 - 'private.php?keywords' SQL Injection
|
1 |
WEB
|
Aung Khant
|
