|
2014-08-02
|
|
ArticleFR 11.06.2014 - 'data.php' Privilege Escalation
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2014-08-02
|
|
Photo WiFi Transfer 1.01 - Directory Traversal
|
4 |
WEB
|
Vulnerability-Lab
|
|
2014-08-02
|
|
ISPConfig 3.0.54p1 - (Authenticated) Admin Privilege Escalation
|
4 |
WEB
|
mra
|
|
2014-08-02
|
|
TigerCom iFolder+ 1.2 iOS - Multiple Vulnerabilities
|
4 |
WEB
|
Vulnerability-Lab
|
|
2014-08-02
|
|
Status2k Server Monitoring Software - Multiple Vulnerabilities
|
4 |
WEB
|
Shayan S
|
|
2014-08-02
|
|
Sphider Search Engine - Multiple Vulnerabilities
|
5 |
WEB
|
Shayan S
|
|
2010-07-02
|
|
Xplico 0.5.7 - 'add.ctp' Cross-Site Scripting (2)
|
4 |
WEB
|
Marcos Garcia & Maximiliano Soler
|
|
2010-07-01
|
|
ReCMS - 'users_lang' Directory Traversal
|
4 |
WEB
|
Locu
|
|
2010-07-01
|
|
Wiki Web Help 0.2.7 - Cross-Site Scripting / HTML Injection
|
4 |
WEB
|
John Leitch
|
|
2010-07-01
|
|
Flatnux 2010-06.09 - 'find' Cross-Site Scripting
|
4 |
WEB
|
ITSecTeam
|
|
2010-07-01
|
|
DPScms - 'q' SQL Injection / Cross-Site Scripting
|
5 |
WEB
|
Ariko-Security
|
|
2009-12-30
|
|
LiveZilla 3.1.8.3 - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
MaXe
|
|
2010-06-29
|
|
ArcademSX 2.904 - 'cat' Cross-Site Scripting
|
3 |
WEB
|
Th3 RDX
|
|
2010-06-30
|
|
System CMS Contentia - 'news.php' SQL Injection
|
3 |
WEB
|
GlaDiaT0R
|
|
2010-06-29
|
|
TornadoStore 1.4.3 - SQL Injection / HTML Injection
|
5 |
WEB
|
Lucas Apa
|
|
2010-06-29
|
|
Kryn.cms 6.0 - Cross-Site Request Forgery / HTML Injection
|
2 |
WEB
|
TurboBorland
|
|
2010-06-29
|
|
Miyabi CGI Tools 1.02 - 'index.pl' Remote Command Execution
|
4 |
WEB
|
Marshall Whittaker
|
|
2010-06-29
|
|
Grafik CMS - '/admin.php' SQL Injection / Cross-Site Scripting
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-29
|
|
Iatek PortalApp 3.3/4.0 - 'login.asp' Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-29
|
|
CANDID - '/image/view.php?image_id' Cross-Site Scripting
|
4 |
WEB
|
L0rd CrusAd3r
|
|
2010-06-29
|
|
CANDID - '/image/view.php?image_id' SQL Injection
|
4 |
WEB
|
L0rd CrusAd3r
|
|
2010-06-28
|
|
V-EVA Classified Script 5.1 - 'classified_img.php' SQL Injection
|
3 |
WEB
|
Sid3^effects
|
|
2010-06-28
|
|
Clix'N'Cash Clone 2010 - 'index.php' SQL Injection
|
4 |
WEB
|
L0rd CrusAd3r
|
|
2010-06-28
|
|
eBay Clone Script 2010 - 'showcategory.php' SQL Injection
|
3 |
WEB
|
L0rd CrusAd3r
|
|
2010-06-28
|
|
MySpace Clone 2010 - SQL Injection / Cross-Site Scripting
|
4 |
WEB
|
L0rd CrusAd3r
|
|
2010-06-29
|
|
PHP Bible Search - 'bible.php?chapter' Cross-Site Scripting
|
4 |
WEB
|
L0rd CrusAd3r
|
|
2010-06-29
|
|
PHP Bible Search - 'bible.php?chapter' SQL Injection
|
4 |
WEB
|
L0rd CrusAd3r
|
|
2010-06-24
|
|
OneCMS 2.6.1 - 'short1' Cross-Site Scripting
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-24
|
|
OneCMS 2.6.1 - 'search' SQL Injection
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-24
|
|
OneCMS 2.6.1 - 'cat' Cross-Site Scripting
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-28
|
|
BlaherTech Placeto CMS - 'Username' SQL Injection
|
4 |
WEB
|
S.W.T
|
|
2010-06-28
|
|
Customer Paradigm PageDirector - 'id' SQL Injection
|
4 |
WEB
|
Tr0y-x
|
|
2014-07-30
|
|
D-Link AP 3200 - Multiple Vulnerabilities
|
4 |
WEB
|
pws
|
|
2014-07-30
|
|
SkaDate Lite 2.0 - Remote Code Execution
|
4 |
WEB
|
LiquidWorm
|
|
2014-07-30
|
|
SkaDate Lite 2.0 - Multiple Cross-Site Request Forgery / Persistent Cross-Site Scripting Vulnerabili
|
4 |
WEB
|
LiquidWorm
|
|
2010-06-24
|
|
Limny 2.1 - 'q' Cross-Site Scripting
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-25
|
|
AbleSpace 1.0 - 'news.php' SQL Injection
|
2 |
WEB
|
JaMbA
|
|
2014-07-29
|
|
WiFi HD 7.3.0 iOS - Multiple Vulnerabilities
|
3 |
WEB
|
Vulnerability-Lab
|
|
2010-05-05
|
|
WordPress Plugin Cimy Counter 0.9.4 - HTTP Response Splitting / Cross-Site Scripting
|
3 |
WEB
|
MustLive
|
|
2010-06-24
|
|
Lois Software WebDB 2.0A Script - Multiple SQL Injections
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2014-07-28
|
|
Oxwall 1.7.0 - Multiple Cross-Site Request Forgery / HTML Injection Vulnerabilities
|
3 |
WEB
|
LiquidWorm
|
|
2014-07-28
|
|
Sphider Search Engine 1.3.6 - Multiple Vulnerabilities
|
3 |
WEB
|
Mike Manzotti
|
|
2014-07-28
|
|
Ubiquiti UbiFi / mFi / AirVision - Cross-Site Request Forgery
|
3 |
WEB
|
Seth Art
|
|
2010-06-23
|
|
PreProject Multi-Vendor Shopping Malls - 'products.php' SQL Injection
|
3 |
WEB
|
CoBRa_21
|
|
2010-06-21
|
|
Jamroom 4.0.2/4.1.x - 'forum.php' Cross-Site Scripting
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-22
|
|
SoftComplex PHP Event Calendar 1.5 - Multiple Remote Vulnerabilities
|
3 |
WEB
|
cp77fk4r
|
|
2010-06-22
|
|
webConductor - 'default.asp' SQL Injection
|
3 |
WEB
|
Th3 RDX
|
|
2010-06-21
|
|
IBM Websphere ILOG JRules 6.7 - Cross-Site Scripting
|
3 |
WEB
|
IBM
|
|
2010-06-21
|
|
Sigmer Technologies Scribe CMS - 'copy_folder.php' Cross-Site Scripting
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-21
|
|
osCMax 2.0 - 'articles.php' Cross-Site Scripting
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-21
|
|
SaffaTunes CMS - 'news.php' Multiple SQL Injections
|
3 |
WEB
|
Th3 RDX
|
|
2014-07-27
|
|
DirPHP 1.0 - Local File Inclusion
|
3 |
WEB
|
black hat
|
|
2014-07-27
|
|
ZeroCMS 1.0 - Persistent Cross-Site Scripting
|
3 |
WEB
|
Mayuresh Dani
|
|
2014-07-27
|
|
Moodle 2.7 - Persistent Cross-Site Scripting
|
3 |
WEB
|
Osanda Malith Jayathissa
|
|
2014-07-25
|
|
Pligg CMS 2.0.1 - Multiple Vulnerabilities
|
3 |
WEB
|
BlackHawk
|
|
2010-06-18
|
|
KubeSupport - 'lang' SQL Injection
|
3 |
WEB
|
L0rd CrusAd3r
|
|
2014-07-25
|
|
Zenoss Monitoring System 4.2.5-2108 (x64) - Persistent Cross-Site Scripting
|
3 |
WEB
|
Dolev Farhi
|
|
2014-07-24
|
|
Lian Li NAS - Multiple Vulnerabilities
|
3 |
WEB
|
pws
|
|
2014-07-24
|
|
WordPress Plugin Video Gallery 2.5 - Multiple Vulnerabilities
|
3 |
WEB
|
Claudio Viviani
|
|
2010-06-18
|
|
Joomla! Component Gallery XML 1.1 - SQL Injection / Local File Inclusion
|
3 |
WEB
|
jdc
|
|
2010-06-17
|
|
Firebook - Multiple Cross-Site Scripting / Directory Traversal Vulnerabilities
|
3 |
WEB
|
MustLive
|
|
2010-06-27
|
|
Ceica-GW - 'login.php' Cross-Site Scripting
|
3 |
WEB
|
indoushka
|
|
2010-06-16
|
|
2DayBiz ybiz Network Community Script - SQL Injection / Cross-Site Scripting
|
3 |
WEB
|
Sid3^effects
|
|
2014-07-23
|
|
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure
|
3 |
WEB
|
Dolev Farhi
|
|
2014-07-23
|
|
Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass / Persistent
|
2 |
WEB
|
Vulnerability-Lab
|
|
2010-06-06
|
|
JForum 2.1.8 - 'Username' Cross-Site Scripting
|
3 |
WEB
|
Adam Baldwin
|
|
2010-06-15
|
|
Sell@Site PHP Online Jobs Login - Multiple SQL Injections
|
3 |
WEB
|
L0rd CrusAd3r
|
|
2010-06-14
|
|
MODx 1.0.3 - 'index.php' Multiple SQL Injections
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-11
|
|
AneCMS 1.x - '/modules/blog/index.php' SQL Injection
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-11
|
|
AneCMS 1.x - '/modules/blog/index.php' HTML Injection
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-14
|
|
VideoWhisper PHP 2 Way Video Chat - 'r' Cross-Site Scripting
|
3 |
WEB
|
Sid3^effects
|
|
2010-06-21
|
|
Plesk Server Administrator (PSA) - 'locale' Local File Inclusion
|
2 |
WEB
|
Pouya Daneshmand
|
|
2014-07-21
|
|
Raritan PowerIQ 4.1.0 - SQL Injection (Metasploit)
|
3 |
WEB
|
Brandon Perry
|
|
2014-07-21
|
|
MTS MBlaze Ultra Wi-Fi / ZTE AC3633 - Multiple Vulnerabilities
|
3 |
WEB
|
Ajin Abraham
|
|
2010-06-10
|
|
Arab Portal 2.2 - 'members.php' SQL Injection
|
3 |
WEB
|
SwEET-DeViL
|
|
2014-07-20
|
|
WordPress Plugin WP BackupPlus - Database and Files Backup Download
|
3 |
WEB
|
pSyCh0_3D
|
|
2010-01-18
|
|
Bits Video Script 2.04/2.05 - 'search.php' Cross-Site Scripting
|
3 |
WEB
|
indoushka
|
|
2010-01-18
|
|
Bits Video Script 2.04/2.05 - '/register.php' Arbitrary File Upload / Arbitrary PHP Code Execution
|
3 |
WEB
|
indoushka
|
|
2010-01-18
|
|
Bits Video Script 2.04/2.05 - '/addvideo.php' Arbitrary File Upload / Arbitrary PHP Code Execution
|
3 |
WEB
|
indoushka
|
|
2010-01-18
|
|
Hitmaaan Gallery 1.3 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
indoushka
|
|
2010-01-18
|
|
Bits Video Script 2.05 Gold Beta - 'showcase2search.php?rowptem[template]' Remote File Inclusion
|
3 |
WEB
|
indoushka
|
|
2010-01-18
|
|
Bits Video Script 2.05 Gold Beta - 'showcasesearch.php?rowptem[template]' Remote File Inclusion
|
3 |
WEB
|
indoushka
|
|
2010-06-09
|
|
SilverStripe CMS 2.4 - File Renaming Security Bypass
|
3 |
WEB
|
John Leitch
|
|
2010-06-09
|
|
(GREEZLE) Global Real Estate Agent Login - Multiple SQL Injections
|
3 |
WEB
|
L0rd CrusAd3r
|
|
2010-06-09
|
|
PGAUTOPro - SQL Injection / Cross-Site Scripting (2)
|
3 |
WEB
|
Sid3^effects
|
|
2010-06-03
|
|
log1 CMS 2.0 - Session Handling Remote Security Bypass / Remote File Inclusion
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2009-01-08
|
|
PRTG Traffic Grapher 6.2.1 - 'url' Cross-Site Scripting
|
3 |
WEB
|
Patrick Webster
|
|
2010-06-07
|
|
BoastMachine 3.1 - 'key' Cross-Site Scripting
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-07
|
|
cPanel 11.25 Image Manager - 'target' Local File Inclusion
|
4 |
WEB
|
AnTi SeCuRe
|
|
2014-07-18
|
|
WordPress Plugin Gallery Objects 0.4 - SQL Injection
|
3 |
WEB
|
Claudio Viviani
|
|
2014-07-18
|
|
Barracuda Networks Message Archiver 650 - Persistent Cross-Site Scripting
|
3 |
WEB
|
Vulnerability-Lab
|
|
2014-07-17
|
|
Omeka 2.2 - Cross-Site Request Forgery / Persistent Cross-Site Scripting
|
3 |
WEB
|
LiquidWorm
|
|
2010-06-06
|
|
CuteSITE CMS 1.x - '/manage/main.php?fld_path' Cross-Site Scripting
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2010-06-06
|
|
CuteSITE CMS 1.x - '/manage/add_user.php?user_id' SQL Injection
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2010-01-15
|
|
PonVFTP - 'login.php' SQL Injection
|
3 |
WEB
|
S2K9
|
|
2010-06-06
|
|
JForum 2.1.8 - 'bookmarks' Module Multiple HTML Injection Vulnerabilities
|
3 |
WEB
|
Adam Baldwin
|
|
2010-01-04
|
|
Pay Per Minute Video Chat Script 2.x - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
R3d-D3V!L
|
|
2014-07-16
|
|
Bilboplanet 2.0 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Vivek N
|
|
2014-07-16
|
|
Joomla! Component Youtube Gallery 4.1.7 - SQL Injection
|
3 |
WEB
|
Pham Van Khanh
|
|
2014-07-16
|
|
BitDefender GravityZone 5.1.5.386 - Multiple Vulnerabilities
|
3 |
WEB
|
SEC Consult
|
|
2010-06-04
|
|
WordPress Plugin Gigya Socialize 1.0/1.1.x - Cross-Site Scripting
|
3 |
WEB
|
MustLive
|
|
2010-01-06
|
|
L2Web LineWeb 1.0.5 - Multiple Input Validation Vulnerabilities
|
3 |
WEB
|
Ignacio Garrido
|
|
2009-12-30
|
|
Western Digital My Book World Edition 1.1.16 - 'lang' Cross-Site Scripting
|
3 |
WEB
|
emgent
|
|
2010-01-02
|
|
Obsession-Design Image-Gallery 1.1 - 'display.php' Cross-Site Scripting
|
3 |
WEB
|
kaMtiEz
|
|
2010-01-06
|
|
KubeLabs PHPDug 2.0 - 'upcoming.php' Cross-Site Scripting
|
3 |
WEB
|
indoushka
|
|
2010-06-03
|
|
MoinMoin 1.x - 'PageEditor.py' Cross-Site Scripting
|
3 |
WEB
|
anonymous
|
|
2010-01-06
|
|
Sniggabo CMS 2.21 - 'search.php' Cross-Site Scripting
|
3 |
WEB
|
Sora
|
|
2010-06-02
|
|
PHP City Portal 1.3 - 'cms_data.php' Cross-Site Scripting
|
3 |
WEB
|
Red-D3v1L
|
|
2010-06-02
|
|
TPO Duyuru Scripti - Insecure Cookie Authentication Bypass
|
3 |
WEB
|
Septemb0x
|
|
2010-06-02
|
|
TCExam 10.1.7 - '/admin/code/tce_functions_tcecode_editor.php' Arbitrary File Upload
|
3 |
WEB
|
John Leitch
|
|
2010-06-01
|
|
Hexjector 1.0.7.2 - 'hexjector.php' Cross-Site Scripting
|
4 |
WEB
|
hexon
|
|
2010-06-02
|
|
Joomla! Component com_sar_news - 'id' SQL Injection
|
3 |
WEB
|
LynX
|
|
2010-01-07
|
|
Datetopia Match Agency BiZ - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
R3d-D3V!L
|
|
2010-01-01
|
|
CMS Made Simple 1.x - Cross-Site Scripting / Cross-Site Request Forgery
|
3 |
WEB
|
Truong Thao Nguyen
|
|
2010-01-10
|
|
Smart Statistics 1.0 - 'smart_Statistics_admin.php' Cross-Site Scripting
|
3 |
WEB
|
R3d-D3V!L
|
|
2014-07-14
|
|
Shopizer 1.1.5 - Multiple Vulnerabilities
|
2 |
WEB
|
SEC Consult
|
|
2010-05-31
|
|
wsCMS - 'news.php' Cross-Site Scripting
|
3 |
WEB
|
cyberlog
|
|
2010-05-28
|
|
CMScout 2.08 - Cross-Site Scripting
|
3 |
WEB
|
XroGuE
|
|
2010-05-30
|
|
GR Board 1.8.6 - 'page.php' Remote File Inclusion
|
3 |
WEB
|
eidelweiss
|
|
2010-05-28
|
|
ImpressPages CMS 1.0x - 'admin.php' Multiple SQL Injections
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2010-05-28
|
|
osCommerce Visitor Web Stats AddOn - 'Accept-Language' Header SQL Injection
|
3 |
WEB
|
Christopher Schramm
|
|
2010-05-27
|
|
BackLinkSpider 1.3.1774 - 'cat_id' SQL Injection
|
3 |
WEB
|
sniper ip
|
|
2010-05-26
|
|
md5 Encryption Decryption PHP Script - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
indoushka
|
|
2010-05-24
|
|
360 Web Manager 3.0 - 'webpages-form-led-edit.php' SQL Injection
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2010-05-24
|
|
Ruubikcms 1.0.3 - 'index.php' Cross-Site Scripting
|
4 |
WEB
|
High-Tech Bridge SA
|
