Offensive Security
|
a099e58626
|
DB: 2016-12-22
3 new exploits
Android - getpidcon Usage binder Service Replacement Race Condition
Google Android - getpidcon Usage binder Service Replacement Race Condition
ADODB < 4.70 - (tmssql.php) Denial of Service
ADODB < 4.70 - 'tmssql.php' Denial of Service
FlashGet 3.x - IEHelper Remote Exec (PoC)
FlashGet 3.x - IEHelper Remote Execution (PoC)
SopCast SopCore Control ActiveX - Remote Exec (PoC)
UUSee ReliPlayer ActiveX - Remote Exec (PoC)
SPlayer XvidDecoder 3.3 - ActiveX Remote Exec (PoC)
SopCast SopCore Control ActiveX - Remote Execution (PoC)
UUSee ReliPlayer ActiveX - Remote Execution (PoC)
SPlayer XvidDecoder 3.3 - ActiveX Remote Execution (PoC)
Xunlei XPPlayer 5.9.14.1246 - ActiveX Remote Exec (PoC)
Xunlei XPPlayer 5.9.14.1246 - ActiveX Remote Execution (PoC)
EViews 7.0.0.1 - (aka 7.2) Multiple Vulnerabilities
EViews 7.0.0.1 (aka 7.2) - Multiple Vulnerabilities
Android Kernel 2.6 - Local Denial of Service Crash (PoC)
Google Android Kernel 2.6 - Local Denial of Service Crash (PoC)
IBM solidDB 6.0.10 - (Format String and Denial of Service) Multiple Vulnerabilities
IBM solidDB 6.0.10 - Format String / Denial of Service
OpenLDAP 2.4.22 - ('modrdn' Request) Multiple Vulnerabilities
OpenLDAP 2.4.22 - 'modrdn' Request Multiple Vulnerabilities
Apple Mac OSX Regex Engine (TRE) - (Integer Signedness and Overflow) Multiple Vulnerabilities
Apple Mac OSX Regex Engine (TRE) - Integer Signedness / Overflow
Android - ih264d_process_intra_mb Memory Corruption
Google Android - 'ih264d_process_intra_mb' Memory Corruption
Android - IOMX getConfig/getParameter Information Disclosure
Android - IMemory Native Interface is Insecure for IPC Use
Google Android - IOMX getConfig/getParameter Information Disclosure
Google Android - IMemory Native Interface is Insecure for IPC Use
Android Broadcom Wi-Fi Driver - Memory Corruption
Google Android Broadcom Wi-Fi Driver - Memory Corruption
Android - /system/bin/sdcard Stack Buffer Overflow
Google Android - '/system/bin/sdcard' Stack Buffer Overflow
Android - Insufficient Binder Message Verification Pointer Leak
Android - 'gpsOneXtra' Data Files Denial of Service
Google Android - Insufficient Binder Message Verification Pointer Leak
Google Android - 'gpsOneXtra' Data Files Denial of Service
Android - Binder Generic ASLR Leak
Google Android - Binder Generic ASLR Leak
Android - IOMXNodeInstance::enableNativeBuffers Unchecked Index
Google Android - IOMXNodeInstance::enableNativeBuffers Unchecked Index
Google Android - WifiNative::setHotlist Stack Overflow
Google Android - WifiNative::setHotlist Stack Overflow
Microsoft Edge - SIMD.toLocaleString Uninitialized Memory (MS16-145)
Microsoft Edge - Internationalization Initialization Type Confusion (MS16-144)
PHP 4.4.0 - (mysql_connect function) Local Buffer Overflow
PHP 4.4.0 - 'mysql_connect function' Local Buffer Overflow
Android 1.x/2.x - Privilege Escalation
Google Android 1.x/2.x - Privilege Escalation
Android - 'sensord' Privilege Escalation
Google Android - 'sensord' Privilege Escalation
tcpdump - ISAKMP Identification payload Integer Overflow
tcpdump - ISAKMP Identification Payload Integer Overflow
Smail 3.2.0.120 - Heap Overflow
Smail 3.2.0.120 - Heap Overflow
HP Mercury Quality Center 9.0 build 9.1.0.4352 - SQL Execution Exploit
HP Mercury Quality Center 9.0 build 9.1.0.4352 - SQL Execution
Motorola Wimax modem CPEi300 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities
Motorola Wimax modem CPEi300 - File Disclosure / Cross-Site Scripting
navicopa WebServer 3.0.1 - (Buffer Overflow / Script Source Disclosure) Multiple Vulnerabilities
navicopa WebServer 3.0.1 - Buffer Overflow / Script Source Disclosure
dwebpro 6.8.26 - (Directory Traversal/File Disclosure) Multiple Vulnerabilities
dwebpro 6.8.26 - Directory Traversal / File Disclosure
citrix xencenterweb - (Cross-Site Scripting / SQL Injection / Remote Code Execution) Multiple Vulnerabilities
citrix xencenterweb - Cross-Site Scripting / SQL Injection / Remote Code Execution
Adobe GetPlus get_atlcom 1.6.2.48 - ActiveX Remote Exec (PoC)
Trend Micro Web-Deployment ActiveX - Remote Exec (PoC)
Adobe GetPlus get_atlcom 1.6.2.48 - ActiveX Remote Execution (PoC)
Trend Micro Web-Deployment ActiveX - Remote Execution (PoC)
Apache OFBiz - SQL Remote Execution PoC Payload
Apache OFBiz - FULLADMIN Creator PoC Payload
Apache OFBiz - Remote Execution (via SQL Execution) (PoC)
Apache OFBiz - Admin Creator (PoC)
Android 2.0 < 2.1 - Reverse Shell Exploit
Google Android 2.0 < 2.1 - Reverse Shell Exploit
Android 2.0/2.1 - Use-After-Free Remote Code Execution on Webkit
Google Android 2.0/2.1 - Use-After-Free Remote Code Execution on Webkit
Android 2.0 / 2.1 /2.1.1 - WebKit Use-After-Free Exploit
Google Android 2.0/2.1/2.1.1 - WebKit Use-After-Free Exploit
Android - Inter-Process munmap with User-Controlled Size in android.graphics.Bitmap
Google Android - Inter-Process munmap with User-Controlled Size in android.graphics.Bitmap
ASUS RT-AC66U - 'acsd' Parameter Remote Command Execution
ASUS RT-AC66U - 'acsd' Parameter Remote Command Execution
WinComLPD Total 3.0.2.623 - (Buffer Overflow and Authentication Bypass) Multiple Vulnerabilities
WinComLPD Total 3.0.2.623 - Buffer Overflow / Authentication Bypass
Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow
Google Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow
McAfee ePolicy Orchestrator 4.6.0 < 4.6.5 - (ePowner) Multiple Vulnerabilities
McAfee ePolicy Orchestrator 4.6.0 < 4.6.5 - 'ePowner' Multiple Vulnerabilities
ServletExec - (Directory Traversal / Authentication Bypass) Multiple Vulnerabilities
ServletExec - Directory Traversal / Authentication Bypass
Android - 'Stagefright' Remote Code Execution
Google Android - 'Stagefright' Remote Code Execution
Android - libstagefright Integer Overflow Remote Code Execution
Google Android - libstagefright Integer Overflow Remote Code Execution
Android 2.3.5 - PowerVR SGX Driver Information Disclosure
Google Android 2.3.5 - PowerVR SGX Driver Information Disclosure
Android ADB Debug Server - Remote Payload Execution (Metasploit)
Google Android ADB Debug Server - Remote Payload Execution (Metasploit)
Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass)
Google Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass)
Android - 'BadKernel' Remote Code Execution
Google Android - 'BadKernel' Remote Code Execution
Android 5.0 <= 5.1.1 - 'Stagefright' .MP4 tx3g Integer Overflow (Metasploit)
Google Android 5.0 <= 5.1.1 - 'Stagefright' .MP4 tx3g Integer Overflow (Metasploit)
NETGEAR WNR2000v5 - Remote Code Execution
Linux/x86 - portbind payload Shellcode (Generator)
Windows XP SP1 - portbind payload Shellcode (Generator)
Linux/x86 - Portbind Payload Shellcode (Generator)
Windows XP SP1 - Portbind Payload Shellcode (Generator)
Android - Telnetd (Port 1035) with Parameters Shellcode (248 bytes)
Google Android - Telnetd (Port 1035) with Parameters Shellcode (248 bytes)
phpCOIN 1.2.2 - (phpcoinsessid) SQL Inj / Remote Code Execution
phpCOIN 1.2.2 - 'phpcoinsessid' SQL Injection / Remote Code Execution
Aztek Forum 4.00 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities (PoC)
Aztek Forum 4.00 - Cross-Site Scripting / SQL Injection
Integramod Portal 2.x - (functions_portal.php) Remote File Inclusion
Integramod Portal 2.x - 'functions_portal.php' Remote File Inclusion
Integramod Portal 2.0 rc2 - 'phpbb_root_path' Remote File Inclusion
Integramod Portal 2.0 rc2 - 'phpbb_root_path' Parameter Remote File Inclusion
paBugs 2.0 Beta 3 - (class.mysql.php) Remote File Inclusion
paBugs 2.0 Beta 3 - 'class.mysql.php' Remote File Inclusion
Agora 1.4 RC1 - (MysqlfinderAdmin.php) Remote File Inclusion
Agora 1.4 RC1 - 'MysqlfinderAdmin.php' Remote File Inclusion
blogme 3.0 - (Cross-Site Scripting / Authentication Bypass) Multiple Vulnerabilities
blogme 3.0 - Cross-Site Scripting / Authentication Bypass
torrentflux 2.2 - (Arbitrary File Create/ Execute / Delete) Multiple Vulnerabilities
torrentflux 2.2 - Arbitrary File Create/ Execute/Delete
BBS E-Market Professional - (Full Path Disclosure / File Inclusion) Multiple Vulnerabilities
BBS E-Market Professional - Full Path Disclosure / File Inclusion
myPHPNuke Module My_eGallery 2.5.6 - 'basepath' Remote File Inclusion
myPHPNuke Module My_eGallery 2.5.6 - 'basepath' Parameter Remote File Inclusion
ig shop 1.0 - (Code Execution / SQL Injection) Multiple Vulnerabilities
ig shop 1.0 - Code Execution / SQL Injection
QUOTE&ORDERING SYSTEM 1.0 - (ordernum) Multiple Vulnerabilities
QUOTE&ORDERING SYSTEM 1.0 - 'ordernum' Multiple Vulnerabilities
vp-asp shopping cart 6.09 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
vp-asp shopping cart 6.09 - SQL Injection / Cross-Site Scripting
forum livre 1.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
forum livre 1.0 - SQL Injection / Cross-Site Scripting
otscms 2.1.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
otscms 2.1.5 - SQL Injection / Cross-Site Scripting
Connectix Boards 0.7 - (p_skin) Multiple Vulnerabilities
Connectix Boards 0.7 - 'p_skin' Multiple Vulnerabilities
wbblog - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
wbblog - Cross-Site Scripting / SQL Injection
PHP-Nuke Module Eve-Nuke 0.1 - (mysql.php) Remote File Inclusion
PHP-Nuke Module Eve-Nuke 0.1 - 'mysql.php' Remote File Inclusion
Quick and Dirty Blog (qdblog) 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities
Quick and Dirty Blog (qdblog) 0.4 - SQL Injection / Local File Inclusion
PHP Coupon Script 3.0 - (index.php bus) SQL Injection
PHP Coupon Script 3.0 - 'bus' Parameter SQL Injection
runawaysoft haber portal 1.0 - (tr) Multiple Vulnerabilities
runawaysoft haber portal 1.0 - 'tr' Multiple Vulnerabilities
NetClassifieds - (SQL Injection / Cross-Site Scripting / Full Path) Multiple Vulnerabilities
NetClassifieds - SQL Injection / Cross-Site Scripting / Full Path
bugmall shopping cart 2.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
bugmall shopping cart 2.5 - SQL Injection / Cross-Site Scripting
PHPVID 0.9.9 - (categories_type.php cat) SQL Injection
PHPVID 0.9.9 - 'categories_type.php' SQL Injection
bcoos 1.0.10 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
bcoos 1.0.10 - Local File Inclusion / SQL Injection
ftp Admin 0.1.0 - (Local File Inclusion / Cross-Site Scripting / Authentication Bypass) Multiple Vulnerabilities
ftp Admin 0.1.0 - Local File Inclusion / Cross-Site Scripting / Authentication Bypass
falcon CMS 1.4.3 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
falcon CMS 1.4.3 - Remote File Inclusion / Cross-Site Scripting
gf-3xplorer 2.4 - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities
gf-3xplorer 2.4 - Cross-Site Scripting / Local File Inclusion
PortalApp 4.0 - (SQL Injection / Cross-Site Scripting / Authentication Bypass) Multiple Vulnerabilities
PortalApp 4.0 - SQL Injection / Cross-Site Scripting / Authentication Bypass
netrisk 1.9.7 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
netrisk 1.9.7 - Cross-Site Scripting / SQL Injection
EasyClassifields 3.0 - (go) SQL Injection
CMSbright - (id_rub_page) SQL Injection
EasyClassifields 3.0 - 'go' Parameter SQL Injection
CMSbright - 'id_rub_page' Parameter SQL Injection
myPHPNuke < 1.8.8_8rc2 - 'artid' SQL Injection
Coupon Script 4.0 - 'id' SQL Injection
Reciprocal Links Manager 1.1 - (site) SQL Injection
myPHPNuke < 1.8.8_8rc2 - 'artid' Parameter SQL Injection
Coupon Script 4.0 - 'id' Parameter SQL Injection
Reciprocal Links Manager 1.1 - 'site' Parameter SQL Injection
CS-Cart 1.3.5 - (Authentication Bypass) SQL Injection
Spice Classifieds - (cat_path) SQL Injection
CS-Cart 1.3.5 - Authentication Bypass
Spice Classifieds - 'cat_path' Parameter SQL Injection
aspwebalbum 3.2 - (Arbitrary File Upload / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
aspwebalbum 3.2 - Arbitrary File Upload / SQL Injection / Cross-Site Scripting
Living Local Website - 'listtest.php r' SQL Injection
ACG-PTP 1.0.6 - 'adid' SQL Injection
qwicsite pro - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
ACG-ScriptShop - 'cid' SQL Injection
AWStats Totals - 'AWStatstotals.php sort' Remote Code Execution
Living Local Website - 'listtest.php' SQL Injection
ACG-PTP 1.0.6 - 'adid' Parameter SQL Injection
qwicsite pro - SQL Injection / Cross-Site Scripting
ACG-ScriptShop - 'cid' Parameter SQL Injection
AWStats Totals 1.14 - 'AWStatstotals.php' Remote Code Execution
Vastal I-Tech Agent Zone - (ann_id) SQL Injection
Vastal I-Tech Visa Zone - (news_id) SQL Injection
Vastal I-Tech Toner Cart - 'id' SQL Injection
Vastal I-Tech Share Zone - 'id' SQL Injection
Vastal I-Tech DVD Zone - 'cat_id' SQL Injection
Vastal I-Tech Jobs Zone - (news_id) SQL Injection
Vastal I-Tech MMORPG Zone - (game_id) SQL Injection
Vastal I-Tech Mag Zone - 'cat_id' SQL Injection
Vastal I-Tech Freelance Zone - (coder_id) SQL Injection
Vastal I-Tech Cosmetics Zone - 'cat_id' SQL Injection
EsFaq 2.0 - (idcat) SQL Injection
Vastal I-Tech Shaadi Zone 1.0.9 - (tage) SQL Injection
Vastal I-Tech Dating Zone - (fage) SQL Injection
Vastal I-Tech Agent Zone - 'ann_id' Parameter SQL Injection
Vastal I-Tech Visa Zone - 'news_id' Parameter SQL Injection
Vastal I-Tech Toner Cart - 'id' Parameter SQL Injection
Vastal I-Tech Share Zone - 'id' Parameter SQL Injection
Vastal I-Tech DVD Zone - 'cat_id' Parameter SQL Injection
Vastal I-Tech Jobs Zone - 'news_id' Parameter SQL Injection
Vastal I-Tech MMORPG Zone - 'game_id' Parameter SQL Injection
Vastal I-Tech Mag Zone - 'cat_id' Parameter SQL Injection
Vastal I-Tech Freelance Zone - 'coder_id' Parameter SQL Injection
Vastal I-Tech Cosmetics Zone - 'cat_id' Parameter SQL Injection
EsFaq 2.0 - 'idcat' Parameter SQL Injection
Vastal I-Tech Shaadi Zone 1.0.9 - 'tage' Parameter SQL Injection
Vastal I-Tech Dating Zone - 'fage' Parameter SQL Injection
Masir Camp E-Shop Module 3.0 - (ordercode) SQL Injection
Alstrasoft Forum - (cat) SQL Injection
Masir Camp E-Shop Module 3.0 - 'ordercode' Parameter SQL Injection
Alstrasoft Forum - 'cat' Parameter SQL Injection
Alstrasoft Forum - 'catid' SQL Injection
Alstrasoft Forum - 'catid' Parameter SQL Injection
Creator CMS 5.0 - (sideid) SQL Injection
Creator CMS 5.0 - 'sideid' Parameter SQL Injection
CMS Buzz - 'id' SQL Injection
CMS Buzz - 'id' Parameter SQL Injection
phpVID 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Zanfi CMS lite / Jaw Portal free - 'page' SQL Injection
PhpWebGallery 1.3.4 - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities
Autodealers CMS AutOnline - (pageid) SQL Injection
Sports Clubs Web Panel 0.0.1 - (p) Local File Inclusion
PHPVID 1.1 - Cross-Site Scripting / SQL Injection
Zanfi CMS lite / Jaw Portal free - 'page' Parameter SQL Injection
PhpWebGallery 1.3.4 - Cross-Site Scripting / Local File Inclusion
Autodealers CMS AutOnline - 'pageid' Parameter SQL Injection
Sports Clubs Web Panel 0.0.1 - 'p' Parameter Local File Inclusion
Autodealers CMS AutOnline - 'id' SQL Injection
Sports Clubs Web Panel 0.0.1 - 'id' SQL Injection
PhpWebGallery 1.3.4 - (cat) Blind SQL Injection
Autodealers CMS AutOnline - 'id' Parameter SQL Injection
Sports Clubs Web Panel 0.0.1 - 'id' Parameter SQL Injection
PhpWebGallery 1.3.4 - Blind SQL Injection
phpsmartcom 0.2 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
phpsmartcom 0.2 - Local File Inclusion / SQL Injection
AvailScript Article Script - 'view.php v' SQL Injection
AvailScript Article Script - 'view.php' SQL Injection
Fastpublish CMS 1.9999 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
Fastpublish CMS 1.9999 - Local File Inclusion / SQL Injection
mini-pub 0.3 - (File Disclosure/Code Execution) Multiple Vulnerabilities
mini-pub 0.3 - File Disclosure / Code Execution
websvn 2.0 - (Cross-Site Scripting / File Handling/Code Execution) Multiple Vulnerabilities
websvn 2.0 - Cross-Site Scripting / File Handling / Code Execution
phpdaily - (SQL Injection / Cross-Site Scripting / lfd) Multiple Vulnerabilities
phpdaily - SQL Injection / Cross-Site Scripting / Local File Download
questcms - (Cross-Site Scripting / Directory Traversal / SQL Injection) Multiple Vulnerabilities
questcms - Cross-Site Scripting / Directory Traversal / SQL Injection
MatPo Link 1.2b - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
MatPo Link 1.2b - Blind SQL Injection / Cross-Site Scripting
WEBBDOMAIN WebShop 1.02 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
WEBBDOMAIN WebShop 1.02 - SQL Injection / Cross-Site Scripting
Prozilla Software Directory - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Prozilla Software Directory - Cross-Site Scripting / SQL Injection
TurnkeyForms Local Classifieds - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
TurnkeyForms Local Classifieds - Cross-Site Scripting / SQL Injection
zeeproperty 1.0 - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities
zeeproperty 1.0 - Arbitrary File Upload / Cross-Site Scripting
Openfire Server 3.6.0a - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Collabtive 0.4.8 - (Cross-Site Scripting / Authentication Bypass / Arbitrary File Upload) Multiple Vulnerabilities
Openfire Server 3.6.0a - Authentication Bypass / SQL Injection / Cross-Site Scripting
Collabtive 0.4.8 - Cross-Site Scripting / Authentication Bypass / Arbitrary File Upload
MODx CMS 0.9.6.2 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
MODx CMS 0.9.6.2 - Remote File Inclusion / Cross-Site Scripting
ftpzik - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities
bandwebsite 1.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
ftpzik - Cross-Site Scripting / Local File Inclusion
bandwebsite 1.5 - SQL Injection / Cross-Site Scripting
nitrotech 0.0.3a - (Remote File Inclusion / SQL Injection) Multiple Vulnerabilities
nitrotech 0.0.3a - Remote File Inclusion / SQL Injection
chipmunk topsites - (Authentication Bypass / Cross-Site Scripting) Multiple Vulnerabilities
Clean CMS 1.5 - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
chipmunk topsites - Authentication Bypass / Cross-Site Scripting
Clean CMS 1.5 - Blind SQL Injection / Cross-Site Scripting
Ocean12 Contact Manager Pro - (SQL Injection / Cross-Site Scripting / File Disclosure) Multiple Vulnerabilities
Ocean12 Contact Manager Pro - SQL Injection / Cross-Site Scripting / File Disclosure
comersus asp shopping cart - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities
Comersus ASP Shopping Cart - File Disclosure / Cross-Site Scripting
minimal ablog 0.4 - (SQL Injection / Arbitrary File Upload / Authentication Bypass) Multiple Vulnerabilities
minimal ablog 0.4 - SQL Injection / Arbitrary File Upload / Authentication Bypass
wbstreet 1.0 - (SQL Injection / File Disclosure) Multiple Vulnerabilities
wbstreet 1.0 - SQL Injection / File Disclosure
template creature - (SQL Injection / File Disclosure) Multiple Vulnerabilities
template creature - SQL Injection / File Disclosure
merlix educate servert - (Authentication Bypass/File Disclosure) Multiple Vulnerabilities
merlix educate servert - Authentication Bypass / File Disclosure
nightfall personal diary 1.0 - (Cross-Site Scripting / File Disclosure) Multiple Vulnerabilities
nightfall personal diary 1.0 - Cross-Site Scripting / File Disclosure
ASP AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities
ASP AutoDealer - SQL Injection / File Disclosure
aspmanage banners - (Arbitrary File Upload / File Disclosure) Multiple Vulnerabilities
aspmanage banners - Arbitrary File Upload / File Disclosure
asp talk - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
asp talk - SQL Injection / Cross-Site Scripting
webcaf 1.4 - (Local File Inclusion / Remote Code Execution) Multiple Vulnerabilities
webcaf 1.4 - Local File Inclusion / Remote Code Execution
PHPmyGallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities
PHPmyGallery 1.0beta2 - Remote File Inclusion / Local File Inclusion
postecards - (SQL Injection / File Disclosure) Multiple Vulnerabilities
postecards - SQL Injection / File Disclosure
PHP Multiple Newsletters 2.7 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
PHP Multiple Newsletters 2.7 - Local File Inclusion / Cross-Site Scripting
living Local 1.1 - (Cross-Site Scripting / Arbitrary File Upload) Multiple Vulnerabilities
Pro Chat Rooms 3.0.2 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities
living Local 1.1 - Cross-Site Scripting / Arbitrary File Upload
Pro Chat Rooms 3.0.2 - Cross-Site Scripting / Cross-Site Request Forgery
cf shopkart 5.2.2 - (SQL Injection / File Disclosure) Multiple Vulnerabilities
cf shopkart 5.2.2 - SQL Injection / File Disclosure
the net guys aspired2blog - (SQL Injection / File Disclosure) Multiple Vulnerabilities
the net guys aspired2blog - SQL Injection / File Disclosure
Joomla! Component live chat - (SQL Injection / Open Proxy) Multiple Vulnerabilities
Joomla! Component live chat - SQL Injection / Open Proxy
Simple Text-File Login script (SiTeFiLo) 1.0.6 - (File Disclosure / Remote File Inclusion) Multiple Vulnerabilities
Simple Text-File Login script (SiTeFiLo) 1.0.6 - File Disclosure / Remote File Inclusion
autositephp 2.0.3 - (Local File Inclusion / Cross-Site Request Forgery / Edit File) Multiple Vulnerabilities
autositephp 2.0.3 - Local File Inclusion / Cross-Site Request Forgery / Edit File
PHP weather 2.2.2 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
PHP weather 2.2.2 - Local File Inclusion / Cross-Site Scripting
isweb CMS 3.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
isweb CMS 3.0 - SQL Injection / Cross-Site Scripting
clickandemail - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
clickandemail - SQL Injection / Cross-Site Scripting
Zelta E Store - (Arbitrary File Upload / Bypass / SQL Injection / Blind SQL Injection) Multiple Vulnerabilities
Zelta E Store - Arbitrary File Upload / Bypass / SQL Injection / Blind SQL Injection
chicomas 2.0.4 - (Database Backup/File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities
chicomas 2.0.4 - Database Backup / File Disclosure / Cross-Site Scripting
phpg 1.6 - (Cross-Site Scripting / Full Path Disclosure/Denial of Service) Multiple Vulnerabilities
phpg 1.6 - Cross-Site Scripting / Full Path Disclosure / Denial of Service
doop CMS 1.4.0b - (Cross-Site Request Forgery / Arbitrary File Upload) Multiple Vulnerabilities
doop CMS 1.4.0b - Cross-Site Request Forgery / Arbitrary File Upload
phpskelsite 1.4 - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
phpskelsite 1.4 - Remote File Inclusion / Local File Inclusion / Cross-Site Scripting
ezpack 4.2b2 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
ezpack 4.2b2 - Cross-Site Scripting / SQL Injection
Netvolution CMS 1.0 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Netvolution CMS 1.0 - Cross-Site Scripting / SQL Injection
rankem - (File Disclosure / Cross-Site Scripting / cm) Multiple Vulnerabilities
blogit! - (SQL Injection / File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities
rankem - File Disclosure / Cross-Site Scripting / Cookie
blogit! - SQL Injection / File Disclosure / Cross-Site Scripting
gamescript 4.6 - (Cross-Site Scripting / SQL Injection / Local File Inclusion) Multiple Vulnerabilities
gamescript 4.6 - Cross-Site Scripting / SQL Injection / Local File Inclusion
revou twitter clone - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
revou twitter clone - Cross-Site Scripting / SQL Injection
bpautosales 1.0.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
bpautosales 1.0.1 - Cross-Site Scripting / SQL Injection
sma-db 0.3.12 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
sma-db 0.3.12 - Remote File Inclusion / Cross-Site Scripting
Android 'content://' URI - Multiple Information Disclosure Vulnerabilities
Google Android - 'content://' URI Multiple Information Disclosure Vulnerabilities
Power System Of Article Management 3.0 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities
team 1.x - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities
Power System Of Article Management 3.0 - File Disclosure / Cross-Site Scripting
team 1.x - File Disclosure / Cross-Site Scripting
gr blog 1.1.4 - (Arbitrary File Upload / Authentication Bypass) Multiple Vulnerabilities
gr blog 1.1.4 - Arbitrary File Upload / Authentication Bypass
Kipper 2.01 - (Cross-Site Scripting / Local File Inclusion / File Disclosure) Multiple Vulnerabilities
Kipper 2.01 - Cross-Site Scripting / Local File Inclusion / File Disclosure
SilverNews 2.04 - (Authentication Bypass / Local File Inclusion / Remote Code Execution) Multiple Vulnerabilities
SilverNews 2.04 - Authentication Bypass / Local File Inclusion / Remote Code Execution
AdaptCMS Lite 1.4 - (Cross-Site Scripting / Remote File Inclusion) Multiple Vulnerabilities
SnippetMaster Webpage Editor 2.2.2 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
AdaptCMS Lite 1.4 - Cross-Site Scripting / Remote File Inclusion
SnippetMaster Webpage Editor 2.2.2 - Remote File Inclusion / Cross-Site Scripting
dacio's CMS 1.08 - (Cross-Site Scripting / SQL Injection / File Disclosure) Multiple Vulnerabilities
dacio's CMS 1.08 - Cross-Site Scripting / SQL Injection / File Disclosure
ideacart 0.02 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
ideacart 0.02 - Local File Inclusion / SQL Injection
CmsFaethon 2.2.0 - (info.php item) SQL Command Injection
CmsFaethon 2.2.0 - info.php item SQL Command Injection
powermovielist 0.14b - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
powermovielist 0.14b - SQL Injection / Cross-Site Scripting
Graugon Forum 1 - 'id' SQL Command Injection
Graugon Forum 1 - 'id' Command Injection (via SQL Injection)
irokez blog 0.7.3.2 - (Cross-Site Scripting / Remote File Inclusion / Blind SQL Injection) Multiple Vulnerabilities
irokez blog 0.7.3.2 - Cross-Site Scripting / Remote File Inclusion / Blind SQL Injection
ritsblog 0.4.2 - (Authentication Bypass / Cross-Site Scripting) Multiple Vulnerabilities
ritsblog 0.4.2 - Authentication Bypass / Cross-Site Scripting
blindblog 1.3.1 - (SQL Injection / Authentication Bypass / Local File Inclusion) Multiple Vulnerabilities
tghostscripter Amazon Shop - (Cross-Site Scripting / Directory Traversal / Remote File Inclusion) Multiple Vulnerabilities
blindblog 1.3.1 - SQL Injection / Authentication Bypass / Local File Inclusion
tghostscripter Amazon Shop - Cross-Site Scripting / Directory Traversal / Remote File Inclusion
Wili-CMS 0.4.0 - (Remote File Inclusion / Local File Inclusion / Authentication Bypass) Multiple Vulnerabilities
Wili-CMS 0.4.0 - Remote File Inclusion / Local File Inclusion / Authentication Bypass
PHP Director 0.21 - (sql into outfile) eval() Injection
PHP Director 0.21 - (SQL into outfile) eval() Injection
phpCommunity 2.1.8 - (SQL Injection / Directory Traversal / Cross-Site Scripting) Multiple Vulnerabilities
phpCommunity 2.1.8 - SQL Injection / Directory Traversal / Cross-Site Scripting
phpmysport 1.4 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
phpmysport 1.4 - Cross-Site Scripting / SQL Injection
Kim Websites 1.0 - (Authentication Bypass) SQL Injection
Kim Websites 1.0 - Authentication Bypass
Bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities
Bloginator 1a - Cookie Bypass / SQL Injection
Pixie CMS - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Pixie CMS - Cross-Site Scripting / SQL Injection
Codice CMS 2 - SQL Command Execution
Syzygy CMS 0.3 - Local File Inclusion / SQL Command Injection
Codice CMS 2 - Command Execution (via SQL Injection)
Syzygy CMS 0.3 - Local File Inclusion / SQL Injection
acute control panel 1.0.0 - (SQL Injection / Remote File Inclusion) Multiple Vulnerabilities
acute control panel 1.0.0 - SQL Injection / Remote File Inclusion
Diskos CMS Manager - (SQL Injection / File Disclosure/Authentication Bypass) Multiple Vulnerabilities
Diskos CMS Manager - SQL Injection / File Disclosure / Authentication Bypass
ablespace 1.0 - (Cross-Site Scripting / Blind SQL Injection) Multiple Vulnerabilities
PHP-revista 1.1.2 - (Remote File Inclusion / SQL Injection / Authentication Bypass / Cross-Site Scripting) Multiple Vulnerabilities
ablespace 1.0 - Cross-Site Scripting / Blind SQL Injection
PHP-revista 1.1.2 - Remote File Inclusion / SQL Injection / Authentication Bypass / Cross-Site Scripting
flatnux 2009-03-27 - (Arbitrary File Upload / Information Disclosure) Multiple Vulnerabilities
flatnux 2009-03-27 - Arbitrary File Upload / Information Disclosure
fungamez rc1 - (Authentication Bypass / Local File Inclusion) Multiple Vulnerabilities
fungamez rc1 - Authentication Bypass / Local File Inclusion
pastelcms 0.8.0 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
pastelcms 0.8.0 - Local File Inclusion / SQL Injection
mixedcms 1.0b - (Local File Inclusion / Arbitrary File Upload / Authentication Bypass/File Disclosure) Multiple Vulnerabilities
mixedcms 1.0b - Local File Inclusion / Arbitrary File Upload / Authentication Bypass / File Disclosure
fowlcms 1.1 - (Authentication Bypass / Local File Inclusion / Arbitrary File Upload) Multiple Vulnerabilities
fowlcms 1.1 - Authentication Bypass / Local File Inclusion / Arbitrary File Upload
photo-rigma.biz 30 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
photo-rigma.biz 30 - SQL Injection / Cross-Site Scripting
Dew-NewPHPLinks 2.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Dew-NewPHPLinks 2.0 - Local File Inclusion / Cross-Site Scripting
Leap CMS 0.1.4 - (SQL Injection / Cross-Site Scripting / Arbitrary File Upload) Multiple Vulnerabilities
Leap CMS 0.1.4 - SQL Injection / Cross-Site Scripting / Arbitrary File Upload
TemaTres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
TemaTres 1.0.3 - Authentication Bypass / SQL Injection / Cross-Site Scripting
PHP recommend 1.3 - (Authentication Bypass / Remote File Inclusion / Code Inject) Multiple Vulnerabilities
PHP recommend 1.3 - Authentication Bypass / Remote File Inclusion / Code Inject
my-colex 1.4.2 - (Authentication Bypass / Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
my-gesuad 0.9.14 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
my-colex 1.4.2 - Authentication Bypass / Cross-Site Scripting / SQL Injection
my-gesuad 0.9.14 - Authentication Bypass / SQL Injection / Cross-Site Scripting
vidshare pro - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
vidshare pro - SQL Injection / Cross-Site Scripting
asp inline Corporate Calendar - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
asp inline Corporate Calendar - SQL Injection / Cross-Site Scripting
minitwitter 0.3-beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
minitwitter 0.3-beta - SQL Injection / Cross-Site Scripting
small pirate 2.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
amember 3.1.7 - (Cross-Site Scripting / SQL Injection / HTML Injection) Multiple Vulnerabilities
small pirate 2.1 - Cross-Site Scripting / SQL Injection
amember 3.1.7 - Cross-Site Scripting / SQL Injection / HTML Injection
elitecms 1.01 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
elitecms 1.01 - SQL Injection / Cross-Site Scripting
flashlight free edition - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
flashlight free edition - Local File Inclusion / SQL Injection
propertymax pro free - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
propertymax pro free - SQL Injection / Cross-Site Scripting
virtue news - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
virtue news - SQL Injection / Cross-Site Scripting
mrcgiguy freeticket - (Cookie Handling / SQL Injection) Multiple Vulnerabilities
mrcgiguy freeticket - Cookie Handling / SQL Injection
yogurt 0.3 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
yogurt 0.3 - Cross-Site Scripting / SQL Injection
campus virtual-lms - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
campus virtual-lms - Cross-Site Scripting / SQL Injection
translucid 1.75 - Multiple Vulnerabilities
TransLucid 1.75 - Multiple Vulnerabilities
impleo music Collection 2.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
impleo music Collection 2.0 - SQL Injection / Cross-Site Scripting
adaptweb 0.9.2 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
adaptweb 0.9.2 - Local File Inclusion / SQL Injection
CMS buzz - (Cross-Site Scripting / Password Change/HTML Injection) Multiple Vulnerabilities
CMS buzz - Cross-Site Scripting / Password Change / HTML Injection
elgg - (Cross-Site Scripting / Cross-Site Request Forgery/Change Password) Multiple Vulnerabilities
elgg - Cross-Site Scripting / Cross-Site Request Forgery / Change Password
phpCollegeExchange 0.1.5c - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
phpCollegeExchange 0.1.5c - Remote File Inclusion / Local File Inclusion / Cross-Site Scripting
Tribiq CMS 5.0.12c - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities
Tribiq CMS 5.0.12c - Cross-Site Scripting / Local File Inclusion
Virtue Online Test Generator - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Virtue Online Test Generator - Authentication Bypass / SQL Injection / Cross-Site Scripting
webasyst shop-script - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
webasyst shop-script - Blind SQL Injection / Cross-Site Scripting
ebay clone 2009 - (Cross-Site Scripting / Blind SQL Injection) Multiple Vulnerabilities
ebay clone 2009 - Cross-Site Scripting / Blind SQL Injection
censura 1.16.04 - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
censura 1.16.04 - Blind SQL Injection / Cross-Site Scripting
good/bad vote - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities
good/bad vote - Cross-Site Scripting / Local File Inclusion
mcshoutbox 1.1 - (SQL Injection / Cross-Site Scripting / shell) Multiple Vulnerabilities
mcshoutbox 1.1 - SQL Injection / Cross-Site Scripting / shell
Million-Dollar Pixel Ads Platinum - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Million-Dollar Pixel Ads Platinum - SQL Injection / Cross-Site Scripting
almond Classifieds ads - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
skadate dating - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
XOOPS Celepar Module Qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
garagesalesjunkie - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
almond Classifieds ads - Blind SQL Injection / Cross-Site Scripting
skadate dating - Remote File Inclusion / Local File Inclusion / Cross-Site Scripting
XOOPS Celepar Module Qas - Blind SQL Injection / Cross-Site Scripting
garagesalesjunkie - SQL Injection / Cross-Site Scripting
iwiccle 1.01 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
iwiccle 1.01 - Local File Inclusion / SQL Injection
Orbis CMS 1.0 - (File Delete/Download File / Arbitrary File Upload / SQL Injection) Multiple Vulnerabilities
Orbis CMS 1.0 - File Delete / Download File / Arbitrary File Upload / SQL Injection
cmsphp 0.21 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
d.net CMS - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
cmsphp 0.21 - Local File Inclusion / Cross-Site Scripting
d.net CMS - Local File Inclusion / SQL Injection
mobilelib gold 3.0 - (Authentication Bypass / SQL Injection) Multiple Vulnerabilities
mobilelib gold 3.0 - Authentication Bypass / SQL Injection
elvin bts 1.2.2 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
elvin bts 1.2.2 - SQL Injection / Cross-Site Scripting
shopmaker CMS 2.0 - (Blind SQL Injection / Local File Inclusion) Multiple Vulnerabilities
shopmaker CMS 2.0 - Blind SQL Injection / Local File Inclusion
mybackup 1.4.0 - (File Download / Remote File Inclusion) Multiple Vulnerabilities
tenrok 1.1.0 - (File Disclosure / Remote Code Execution) Multiple Vulnerabilities
mybackup 1.4.0 - File Download / Remote File Inclusion
tenrok 1.1.0 - File Disclosure / Remote Code Execution
AccessoriesMe PHP Affiliate Script 1.4 - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
opennews 1.0 - (SQL Injection / Remote Code Execution) Multiple Vulnerabilities
AccessoriesMe PHP Affiliate Script 1.4 - Blind SQL Injection / Cross-Site Scripting
opennews 1.0 - SQL Injection / Remote Code Execution
PHP Script Forum Hoster - (Topic Delete / Cross-Site Scripting) Multiple Vulnerabilities
PHP Script Forum Hoster - Topic Delete / Cross-Site Scripting
LM Starmail 2.0 - (SQL Injection / File Inclusion) Multiple Vulnerabilities
LM Starmail 2.0 - SQL Injection / File Inclusion
logoshows bbs 2.0 - (File Disclosure / Insecure Cookie Handling) Multiple Vulnerabilities
logoshows bbs 2.0 - File Disclosure / Insecure Cookie Handling
tgs CMS 0.x - (Cross-Site Scripting / SQL Injection / File Disclosure) Multiple Vulnerabilities
tgs CMS 0.x - Cross-Site Scripting / SQL Injection / File Disclosure
Vtiger CRM 5.0.4 - (Remote Code Execution / Cross-Site Request Forgery / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Vtiger CRM 5.0.4 - Remote Code Execution / Cross-Site Request Forgery / Local File Inclusion / Cross-Site Scripting
totalcalendar 2.4 - (Blind SQL Injection / Local File Inclusion) Multiple Vulnerabilities
totalcalendar 2.4 - Blind SQL Injection / Local File Inclusion
nullam blog 0.1.2 - (Local File Inclusion / File Disclosure / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
nullam blog 0.1.2 - Local File Inclusion / File Disclosure / SQL Injection / Cross-Site Scripting
gyro 5.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
gyro 5.0 - SQL Injection / Cross-Site Scripting
Joomla! Component Hotel Booking System - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Joomla! Component Hotel Booking System - Cross-Site Scripting / SQL Injection
Micro CMS 3.5 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities
Micro CMS 3.5 - SQL Injection / Local File Inclusion
Ez Blog 1.0 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities
Ez Blog 1.0 - Cross-Site Scripting / Cross-Site Request Forgery
Recipe Script 5.0 - (Arbitrary File Upload / Cross-Site Request Forgery / Cross-Site Scripting) Multiple Vulnerabilities
Recipe Script 5.0 - Arbitrary File Upload / Cross-Site Request Forgery / Cross-Site Scripting
eUploader PRO 3.1.1 - (Cross-Site Request Forgery / Cross-Site Scripting) Multiple Vulnerabilities
eUploader PRO 3.1.1 - Cross-Site Request Forgery / Cross-Site Scripting
Pre Job Board 1.0 - SQL Bypass
Pre Job Board 1.0 - SQL Authentication Bypass
Pre Jobo .NET - SQL Bypass
Pre Jobo .NET - SQL Authentication Bypass
PHPDirector Game Edition 0.1 - (Local File Inclusion / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
PHPDirector Game Edition 0.1 - Local File Inclusion / SQL Injection / Cross-Site Scripting
gridcc script 1.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
gridcc script 1.0 - SQL Injection / Cross-Site Scripting
Layout CMS 1.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Layout CMS 1.0 - SQL Injection / Cross-Site Scripting
KosmosBlog 0.9.3 - (SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities
KosmosBlog 0.9.3 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery
ZeusCMS 0.2 - (Database Backup Dump / Local File Inclusion) Multiple Vulnerabilities
ZeusCMS 0.2 - Database Backup Dump / Local File Inclusion
Katalog Stron Hurricane 1.3.5 - (Remote File Inclusion / SQL Injection) Multiple Vulnerabilities
Katalog Stron Hurricane 1.3.5 - Remote File Inclusion / SQL Injection
Open Source Classifieds 1.1.0 - Alpha (OSClassi) Multiple Vulnerabilities
Open Source Classifieds 1.1.0 Alpha (OSClassi) - SQL Injection / Cross-Site Scripting / Arbitrary Admin Change
phpMySite - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
phpMySite - Cross-Site Scripting / SQL Injection
quality point 1.0 newsfeed - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
quality point 1.0 newsfeed - SQL Injection / Cross-Site Scripting
DynPG CMS 4.1.0 - (popup.php and counter.php) Multiple Vulnerabilities
DynPG CMS 4.1.0 - popup.php / counter.php Multiple Vulnerabilities
jevoncms - (Local File Inclusion / Remote File Inclusion) Multiple Vulnerabilities
jevoncms - Local File Inclusion / Remote File Inclusion
SIESTTA 2.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
SIESTTA 2.0 - Local File Inclusion / Cross-Site Scripting
JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerabilities
JV2 Folder Gallery 3.1.1 - 'popup_slideshow.php' Multiple Vulnerabilities
parlic Design - (SQL Injection / Cross-Site Scripting / HTML Injection) Multiple Vulnerabilities
parlic Design - SQL Injection / Cross-Site Scripting / HTML Injection
MileHigh Creative - (SQL Injection / Cross-Site Scripting / HTML Injection) Multiple Vulnerabilities
MileHigh Creative - SQL Injection / Cross-Site Scripting / HTML Injection
QuickTalk 1.2 - (Source Code Disclosure) Multiple Vulnerabilities
QuickTalk 1.2 - Source Code Disclosure
K-Search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
K-Search - SQL Injection / Cross-Site Scripting
Macs CMS 1.1.4 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities
Macs CMS 1.1.4 - Cross-Site Scripting / Cross-Site Request Forgery
Guestbook Script PHP - (Cross-Site Scripting / HTML Injection) Multiple Vulnerabilities
Guestbook Script PHP - Cross-Site Scripting / HTML Injection
Max's Guestbook - (HTML Injection / Cross-Site Scripting) Multiple Vulnerabilities
Max's Guestbook - HTML Injection / Cross-Site Scripting
Allpc 2.5 osCommerce - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Allpc 2.5 osCommerce - SQL Injection / Cross-Site Scripting
TradeMC E-Ticaret - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
TradeMC E-Ticaret - SQL Injection / Cross-Site Scripting
Cag CMS 0.2 - (Cross-Site Scripting / Blind SQL Injection) Multiple Vulnerabilities
Cag CMS 0.2 - Cross-Site Scripting / Blind SQL Injection
Tastydir 1.2 - (1216) Multiple Vulnerabilities
Tastydir 1.2 (1216) - Multiple Vulnerabilities
WordPress - 'do_trackbacks()' function SQL Injection
WordPress 3.0.1 - 'do_trackbacks()' function SQL Injection
F3Site 2011 alfa 1 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities
F3Site 2011 alfa 1 - Cross-Site Scripting / Cross-Site Request Forgery
PHP Coupon Script 6.0 - (bus) Blind SQL Injection
PHP Coupon Script 6.0 - 'bus' Parameter Blind SQL Injection
GAzie 5.10 - (Login Parameter) Multiple Vulnerabilities
GAzie 5.10 - Login Parameter Multiple Vulnerabilities
BST - BestShopPro (nowosci.php) Multiple Vulnerabilities
BST (BestShopPro) - 'nowosci.php' Multiple Vulnerabilities
Fork CMS 3.2.4 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Fork CMS 3.2.4 - Local File Inclusion / Cross-Site Scripting
DFLabs PTK 1.0.5 - (Steal Authentication Credentials) Multiple Vulnerabilities
DFLabs PTK 1.0.5 - Steal Authentication Credentials
Wolfcms 0.75 - (Cross-Site Request Forgery / Cross-Site Scripting) Multiple Vulnerabilities
Wolfcms 0.75 - Cross-Site Request Forgery / Cross-Site Scripting
Axous 1.1.1 - (Cross-Site Request Forgery / Persistent Cross-Site Scripting) Multiple Vulnerabilities
Axous 1.1.1 - Cross-Site Request Forgery / Persistent Cross-Site Scripting
myPHPNuke 1.8.8 - links.php Cross-Site Scripting
myPHPNuke 1.8.8 - 'links.php' Cross-Site Scripting
Flying Dog Software Powerslave 4.3 Portalmanager - sql_id Information Disclosure
Flying Dog Software Powerslave 4.3 Portalmanager - 'sql_id' Information Disclosure
PHPWebGallery 1.3.4/1.5.1 - comments.php Multiple Parameter SQL Injection
PHPWebGallery 1.3.4/1.5.1 - category.php search Parameter SQL Injection
PHPWebGallery 1.3.4/1.5.1 - picture.php image_id Parameter SQL Injection
PHPWebGallery 1.3.4/1.5.1 - 'comments.php' SQL Injection
PHPWebGallery 1.3.4/1.5.1 - 'category.php' SQL Injection
PHPWebGallery 1.3.4/1.5.1 - 'picture.php' SQL Injection
myPHPNuke 1.8.8 - reviews.php letter Parameter Cross-Site Scripting
myPHPNuke 1.8.8 - download.php dcategory Parameter Cross-Site Scripting
myPHPNuke 1.8.8 - 'reviews.php' Cross-Site Scripting
myPHPNuke 1.8.8 - 'download.php' Cross-Site Scripting
phpVID 1.2.3 - Multiple Vulnerabilities
PHPVID 1.2.3 - Multiple Vulnerabilities
PHPWebGallery 1.4.1 - category.php Multiple Parameter Cross-Site Scripting
PHPWebGallery 1.4.1 - picture.php Multiple Parameter Cross-Site Scripting
PHPWebGallery 1.4.1 - 'category.php' Cross-Site Scripting
PHPWebGallery 1.4.1 - 'picture.php' Cross-Site Scripting
phpMyAdmin 2.7 - sql.php Cross-Site Scripting
phpMyAdmin 2.7 - 'sql.php' Cross-Site Scripting
ADOdb 4.6/4.7 - Tmssql.php Cross-Site Scripting
ADODB 4.6/4.7 - 'Tmssql.php' Cross-Site Scripting
PHPWebGallery 1.x - comments.php Cross-Site Scripting
PHPWebGallery 1.x - 'comments.php' Cross-Site Scripting
MySQLDumper 1.21 - sql.php Cross-Site Scripting
MySQLDumper 1.21 - 'sql.php' Cross-Site Scripting
KikChat - (Local File Inclusion / Remote Code Execution) Multiple Vulnerabilities
KikChat - Local File Inclusion / Remote Code Execution
EasyE-Cards 3.10 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
EasyE-Cards 3.10 - SQL Injection / Cross-Site Scripting
LuxCal 3.2.2 - (Cross-Site Request Forgery/Blind SQL Injection) Multiple Vulnerabilities
LuxCal 3.2.2 - Cross-Site Request Forgery / Blind SQL Injection
Vastal I-Tech DVD Zone - view_mag.php mag_id Parameter SQL Injection
Vastal I-Tech DVD Zone - view_mag.php mag_id Parameter Cross-Site Scripting
Vastal I-Tech DVD Zone - 'view_mag.php' SQL Injection
Vastal I-Tech DVD Zone - 'view_mag.php' Cross-Site Scripting
Interspire Email Marketer - (Cross-Site Scripting / HTML Injection / SQL Injection) Multiple Vulnerabilities
Interspire Email Marketer - Cross-Site Scripting / HTML Injection / SQL Injection
ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Query Execution
ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Execution
miniMySQLAdmin 1.1.3 - Cross-Site Request Forgery (Execute SQL Query)
miniMySQLAdmin 1.1.3 - Cross-Site Request Forgery (SQL Execution)
ntop-ng 2.5.160805 - Username Enumeration
ntop-ng 2.5.160805 - Username Enumeration
|
2016-12-22 05:01:16 +00:00 |
|
Offensive Security
|
5e2fc10125
|
DB: 2016-09-03
|
2016-09-03 13:13:25 +00:00 |
|
Offensive Security
|
31a21bb68d
|
DB: 2016-09-03
14 new exploits
Too many to list!
|
2016-09-03 05:08:42 +00:00 |
|
Offensive Security
|
477bcbdcc0
|
DB: 2016-03-17
5 new exploits
phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerability Exploit
phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerabilities
My Book World Edition NAS Multiple Vulnerability
My Book World Edition NAS - Multiple Vulnerabilities
Katalog Stron Hurricane 1.3.5 - Multiple Vulnerability RFI / SQL
Katalog Stron Hurricane 1.3.5 - (RFI / SQL) Multiple Vulnerabilities
cmsfaethon-2.2.0-ultimate.7z Multiple Vulnerability
cmsfaethon-2.2.0-ultimate.7z - Multiple Vulnerabilities
DynPG CMS 4.1.0 - Multiple Vulnerability (popup.php and counter.php)
DynPG CMS 4.1.0 - (popup.php and counter.php) Multiple Vulnerabilities
Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerability
Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities
N/X - Web CMS (N/X WCMS 4.5) Multiple Vulnerability
N/X - Web CMS (N/X WCMS 4.5) - Multiple Vulnerabilities
New-CMS - Multiple Vulnerability
New-CMS - Multiple Vulnerabilities
Edgephp Clickbank Affiliate Marketplace Script Multiple Vulnerability
Edgephp Clickbank Affiliate Marketplace Script - Multiple Vulnerabilities
JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerability
JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerabilities
i-Gallery - Multiple Vulnerability
i-Gallery - Multiple Vulnerabilities
My Kazaam Notes Management System Multiple Vulnerability
My Kazaam Notes Management System - Multiple Vulnerabilities
Omnidocs - Multiple Vulnerability
Omnidocs - Multiple Vulnerabilities
Web Cookbook Multiple Vulnerability
Web Cookbook - Multiple Vulnerabilities
KikChat - (LFI/RCE) Multiple Vulnerability
KikChat - (LFI/RCE) Multiple Vulnerabilities
Webformatique Reservation Manager - 'index.php' Cross-Site Scripting Vulnerability
Webformatique Reservation Manager 2.4 - 'index.php' Cross-Site Scripting Vulnerability
xEpan 1.0.4 - Multiple Vulnerability
xEpan 1.0.4 - Multiple Vulnerabilities
AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection
Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow
Cisco UCS Manager 2.1(1b) - Shellshock Exploit
OpenSSH <= 7.2p1 - xauth Injection
FreeBSD 10.2 amd64 Kernel - amd64_set_ldt Heap Overflow
|
2016-03-17 07:07:56 +00:00 |
|
Offensive Security
|
fffbf04102
|
Updated
|
2013-12-03 19:44:07 +00:00 |
|