bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms
History
Offensive Security be57520c6f DB: 2016-12-21 
2 new exploits

FlashGet 1.9 - (FTP PWD Response) Remote Buffer Overflow (PoC)
FlashGet 1.9 - 'FTP PWD Response' Remote Buffer Overflow (PoC)

VMware Workstation - 'hcmon.sys 6.0.0.45731' Local Denial of Service
VMware Workstation 6.5.1 - 'hcmon.sys 6.0.0.45731' Local Denial of Service

Flashget 3.x - IEHelper Remote Exec (PoC)
FlashGet 3.x - IEHelper Remote Exec (PoC)

Rosoft media player 4.4.4 - Buffer Overflow (SEH) (PoC)
Rosoft Media Player 4.4.4 - Buffer Overflow (SEH) (PoC)
Google Android -  WifiNative::setHotlist Stack Overflow
Microsoft Internet Explorer 11 MSHTML - CSplice­Tree­Engine::Remove­Splice Use-After-Free (MS14-035)
FlashGet 1.9.0.1012 - (FTP PWD Response) SEH STACK Overflow
FlashGet 1.9.0.1012 - (FTP PWD Response) Buffer Overflow (SafeSEH)
FlashGet 1.9.0.1012 - 'FTP PWD Response' SEH STACK Overflow
FlashGet 1.9.0.1012 - 'FTP PWD Response' Buffer Overflow (SafeSEH)

freeFTPd - Remote Authentication Bypass
freeFTPd 1.2.6 - Remote Authentication Bypass

freeFTPd 1.0.10 - 'PASS' SEH Overflow (Metasploit)
freeFTPd 1.0.10 - 'PASS' SEH Buffer Overflow (Metasploit)

freeFTPd - 'PASS' Buffer Overflow (Metasploit)
freeFTPd 1.0.10 - 'PASS' Buffer Overflow (Metasploit)
AlberT-EasySite 1.0a5 - (PSA_PATH) Remote File Inclusion
iziContents RC6 - GLOBALS[] Remote Code Execution
AlberT-EasySite 1.0a5 - 'PSA_PATH' Parameter Remote File Inclusion
iziContents RC6 - Remote Code Execution

SunShop Shopping Cart 3.5 - 'abs_path' Remote File Inclusion
SunShop Shopping Cart 3.5 - 'abs_path' Parameter Remote File Inclusion

SunShop 4.0 RC 6 - 'Search' Blind SQL Injection
SunShop Shopping Cart 4.0 RC 6 - 'Search' Blind SQL Injection

izicontents rc6 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities
iziContents rc6 - Remote File Inclusion / Local File Inclusion
gelato CMS 0.95 - (img) Remote File Disclosure
dotCMS 1.6 - 'id' Multiple Local File Inclusion
ZeeJobsite 2.0 - (adid) SQL Injection
gelato CMS 0.95 - 'img' Parameter Remote File Disclosure
dotCMS 1.6 - 'id' Parameter Local File Inclusion
Zeeways ZeeJobsite 2.0 - 'adid' Parameter SQL Injection

XNova 0.8 sp1 - (xnova_root_path) Remote File Inclusion
XNova 0.8 sp1 - 'xnova_root_path' Parameter Remote File Inclusion

PHPBasket - 'product.php pro_id' SQL Injection
PHPBasket - 'pro_id' Parameter SQL Injection
Ad Board - 'id' SQL Injection
SunShop 4.1.4 - 'id' SQL Injection
Banner Management Script - 'tr.php id' SQL Injection
Ad Board - 'id' Parameter SQL Injection
SunShop Shopping Cart 4.1.4 - 'id' Parameter SQL Injection
Banner Management Script - 'id' Parameter SQL Injection
phpBazar 2.0.2 - (adid) SQL Injection
webEdition CMS - (we_objectID) Blind SQL Injection
CustomCMS 4.0 - (CCMS) print.php SQL Injection
phpBazar 2.0.2 - 'adid' Parameter SQL Injection
webEdition CMS - 'we_objectID' Parameter Blind SQL Injection
CustomCMS 4.0 - 'print.php' SQL Injection

TinyCMS 1.1.2 - (templater.php) Local File Inclusion
TinyCMS 1.1.2 - 'templater.php' Local File Inclusion
onenews Beta 2 - (Cross-Site Scripting / HTML Injection / SQL Injection) Multiple Vulnerabilities
5 star review - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
onenews Beta 2 - Cross-Site Scripting / HTML Injection / SQL Injection
5 star review - Cross-Site Scripting / SQL Injection

Web Directory Script 2.0 - (name) SQL Injection
Web Directory Script 2.0 - 'name' Parameter SQL Injection

Crafty Syntax Live Help 2.14.6 - (department) SQL Injection
Crafty Syntax Live Help 2.14.6 - 'department' Parameter SQL Injection
k-rate - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
CMME 1.12 - (Local File Inclusion / Cross-Site Scripting / Cross-Site Request Forgery/Download Backup/Make Directory) Multiple Vulnerabilities
Thickbox Gallery 2.0 - (Admins.php) Admin Data Disclosure
k-rate - SQL Injection / Cross-Site Scripting
CMME 1.12 - Local File Inclusion / Cross-Site Scripting / Cross-Site Request Forgery/Download Backup/Make Directory
Thickbox Gallery 2.0 - 'Admins.php' Admin Data Disclosure

phpMyRealty 1.0.9 - Multiple SQL Injections
PHPMyRealty 1.0.9 - Multiple SQL Injections
brim 2.0.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Web Directory Script 1.5.3 - (site) SQL Injection
Words tag script 1.2 - (word) SQL Injection
Brim 2.0.0 - SQL Injection / Cross-Site Scripting
Web Directory Script 1.5.3 - 'site' Parameter SQL Injection
Words tag script 1.2 - 'word' Parameter SQL Injection

WeBid 0.5.4 - (item.php id) SQL Injection
WeBid 0.5.4 - 'item.php' SQL Injection

ZeeJobsite 2.0 - Arbitrary File Upload
Zeeways ZeeJobsite 2.0 - Arbitrary File Upload

BandSite CMS 1.1.4 - (members.php memid) SQL Injection
BandSite CMS 1.1.4 - 'members.php' SQL Injection

Thickbox Gallery 2 - 'index.php ln' Local File Inclusion
Thickbox Gallery 2 - 'index.php' Local File Inclusion

Joomla! Component 'com_wmtpic' 1.0 - SQL Injection
Joomla! Component com_wmtpic 1.0 - SQL Injection
Joomla! Component 'com_redshop' 1.0 - Local File Inclusion
Joomla! Component 'com_redtwitter' 1.0 - Local File Inclusion
Joomla! Component redSHOP 1.0 - Local File Inclusion
Joomla! Component redTWITTER 1.0 - Local File Inclusion
Joomla! Component 'com_svmap' 1.1.1 - Local File Inclusion
Joomla! Component 'com_shoutbox' - Local File Inclusion
Joomla! Component SVMap 1.1.1 - Local File Inclusion
Joomla! Component Shoutbox Pro - Local File Inclusion

Joomla! Component 'com_sebercart' 1.0.0.12 - Local File Inclusion
Joomla! Component Saber Cart 1.0.0.12 - Local File Inclusion

Joomla! Component 'com_xobbix' 1.0 - 'prodid' Parameter SQL Injection
Joomla! Component XOBBIX 1.0 - 'prodid' Parameter SQL Injection

Joomla! Component 'com_vjdeo' 1.0 - Local File Inclusion
Joomla! Component VJDEO 1.0 - Local File Inclusion

Joomla! Component 'com_realtyna' 1.0.15 - Local File Inclusion
Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion

Joomla! Component 'com_powermail' 1.5.3 - Local File Inclusion
Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion

Joomla! Component 'com_properties' - 'aid' Parameter SQL Injection
Joomla! Component Real Estate Property 3.1.22-03 - 'aid' Parameter SQL Injection

Joomla! Component 'com_tweetla' - Local File Inclusion
Joomla! Component TweetLA 1.0.1 - Local File Inclusion
Joomla! Component 'com_preventive' - Local File Inclusion
Joomla! Component 'com_rokmodule' - 'moduleid' Parameter Blind SQL Injection
Joomla! Component Preventive And Reservation 1.0.5 - Local File Inclusion
Joomla! Component RokModule 1.1 - 'moduleid' Parameter Blind SQL Injection

Joomla! Component 'com_travelbook' 1.0.1 - Local File Inclusion
Joomla! Component TRAVELbook 1.0.1 - Local File Inclusion

Joomla! Component 'com_webtv' - Local File Inclusion
Joomla! Component Web TV 1.0 - Local File Inclusion

Joomla! Component 'com_onlineexam' - Local File Inclusion
Joomla! Component Online Exam 1.5.0 - Local File Inclusion

Joomla! Component 'com_sweetykeeper' - Local File Inclusion
Joomla! Component Sweetykeeper 1.5 - Local File Inclusion

Joomla! Component 'com_sermonspeaker' - SQL Injection
Joomla! Component SermonSpeaker - SQL Injection

Joomla! Component 'com_QPersonel' - SQL Injection
Joomla! Component QPersonel 1.0.2 - SQL Injection

Joomla! Component 'com_photobattle' - Local File Inclusion
Joomla! Component Photo Battle 1.0.1 - Local File Inclusion
Joomla! Component 'com_zimbcomment' - Local File Inclusion
Joomla! Component 'com_zimbcore' - Local File Inclusion
Joomla! Component ZiMB Comment 0.8.1 - Local File Inclusion
Joomla! Component ZiMBCore 0.1 - Local File Inclusion
Joomla! Component 'com_wmi' - Local File Inclusion
Joomla! Component 'com_orgchart' - Local File Inclusion
Joomla! Component WMI 1.5.0 - Local File Inclusion
Joomla! Component OrgChart 1.0.0 - Local File Inclusion

Joomla! Component 'com_ultimateportfolio' - Local File Inclusion
Joomla! Component Ultimate Portfolio 1.0 - Local File Inclusion

Joomla! Component 'com_smartsite' - Local File Inclusion
Joomla! Component SmartSite 1.0.0 - Local File Inclusion

Joomla! Component 'com_simpledownload' 0.9.5 - Local File Inclusion
Joomla! Component simpledownload 0.9.5 - Local File Inclusion

Joomla! Component 'com_simpledownload' 0.9.5 - Local File Disclosure
Joomla! Component simpledownload 0.9.5 - Local File Disclosure

Wordpress Plugin TinyBrowser - Arbitrary File Upload
WordPress Plugin TinyBrowser - Arbitrary File Upload

Joomla! Component 'com_qpersonel' 1.0 - SQL Injection
Joomla! Component Q-Personel 1.0 - SQL Injection

Joomla! Component 'com_searchlog' - SQL Injection
Joomla! Component Search Log 3.1.0 - SQL Injection

Joomla! Component 'com_oziogallery' 2 - Multiple Vulnerabilities
Joomla! Component Ozio Gallery 2 - Multiple Vulnerabilities

Joomla! Component 'com_picasa2gallery' - Local File Inclusion
Joomla! Component Picasa2Gallery 1.2.8 - Local File Inclusion

Joomla! Component 'jeeventcalendar' - SQL Injection
Joomla! Component JE Ajax Event Calendar 1.0.5 - SQL Injection

Joomla! Component 'com_realtyna' - Local File Inclusion
Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion
Joomla! Component 'jesubmit' - SQL Injection
Joomla! Component 'com_sef' - Remote File Inclusion
Joomla! Component jesubmit 1.4 - SQL Injection
Joomla! Component com_sef - Remote File Inclusion

Joomla! Component 'jesectionfinder' - Local File Inclusion
Joomla! Component jesectionfinder - Local File Inclusion

Joomla! Component 'Joomanager' - SQL Injection
Joomla! Component Joomanager - SQL Injection

Joomla! Component 'com_socialads' - Persistent Cross-Site Scripting
Joomla! Component Techjoomla SocialAds - Persistent Cross-Site Scripting
Joomla! Component 'com_redshop' 1.0 - 'pid' Parameter SQL Injection
Joomla! Component 'com_quickfaq' - Blind SQL Injection
Joomla! Component redSHOP 1.0 - 'pid' Parameter SQL Injection
Joomla! Component QuickFAQ 1.0.3 - Blind SQL Injection

Joomla! Component 'com_redshop' 1.0.23.1 - Blind SQL Injection
Joomla! Component redSHOP 1.0.23.1 - Blind SQL Injection

Joomla! Component 'com_staticxt' - SQL Injection
Joomla! Component StaticXT - SQL Injection

Joomla! Component 'com_oziogallery' - SQL Injection
Joomla! Component Ozio Gallery - SQL Injection

Joomla! Component 'com_youtube' - SQL Injection
Joomla! Component YouTube 1.5 - SQL Injection

Joomla! Component 'com_ttvideo' 1.0 - SQL Injection
Joomla! Component TTVideo 1.0 - SQL Injection

Joomla! Component 'com_teams' - Multiple Blind SQL Injection
Joomla! Component Teams - Multiple Blind SQL Injection

Joomla! Component 'com_picsell' - Local File Disclosure
Joomla! Component PicSell 1.0 - Local File Disclosure

Joomla! Component 'com_restaurantguide' - Multiple Vulnerabilities
Joomla! Component Restaurant Guide 1.0.0 - Multiple Vulnerabilities

Joomla! Component 'com_timetrack' 1.2.4 - Multiple SQL Injection
Joomla! Component TimeTrack 1.2.4 - Multiple SQL Injection

Joomla! Component 'com_sponsorwall' - SQL Injection
Joomla! Component Sponsor Wall 1.1 - SQL Injection

Joomla! Component 'com_pro_desk' 1.5 - Local File Inclusion
Joomla! Component ProDesk 1.5 - Local File Inclusion

Joomla! Component 'mdigg' - SQL Injection
Joomla! Component mDigg 2.2.8 - SQL Injection

phpMyRealty 1.0.7 - SQL Injection
PHPMyRealty 1.0.7 - SQL Injection

Joomla! Component 'com_timereturns' 2.0 - SQL Injection
Joomla! Component Time Returns 2.0 - SQL Injection

Joomla! Component 'com_techfolio' 1.0 - SQL Injection
Joomla! Component Techfolio 1.0 - SQL Injection

Joomla! Component 'com_vikrealestate' 1.0 - Multiple Vulnerabilities
Joomla! Component Vik Real Estate 1.0 - Multiple Vulnerabilities

BRIM < 2.0.0 - SQL Injection
Brim < 2.0.0 - SQL Injection

Joomla! Component 'com_rokmodule' - 'module' Parameter Blind SQL Injection
Joomla! Component RokModule 1.1 - 'module' Parameter Blind SQL Injection

Wordpress Plugin White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting
WordPress Plugin White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting

webid 1.0.5 - Directory Traversal
weBid 1.0.5 - Directory Traversal

Wordpress Theme Clockstone (and other CMSMasters Themes) - Arbitrary File Upload
WordPress Theme Clockstone (and other CMSMasters Themes) - Arbitrary File Upload

Webid 1.0.6 - Multiple Vulnerabilities
WeBid 1.0.6 - Multiple Vulnerabilities
MyBulletinBoard RC4 - 'Username' Parameter SQL Injection
MyBulletinBoard RC4 - 'member.php' Multiple Parameter SQL Injection
MyBulletinBoard RC4 - 'polloptions' Parameter SQL Injection
MyBulletinBoard RC4 - 'action' Parameter SQL Injection
MyBulletinBoard (MyBB) RC4 - 'Username' Parameter SQL Injection
MyBulletinBoard (MyBB) RC4 - 'member.php' Multiple Parameter SQL Injection
MyBulletinBoard (MyBB) RC4 - 'polloptions' Parameter SQL Injection
MyBulletinBoard (MyBB) RC4 - 'action' Parameter SQL Injection

MyBulletinBoard 1.0 - Multiple SQL Injections
MyBulletinBoard (MyBB) 1.0 - Multiple SQL Injections

MyBulletinBoard 1.0 - 'RateThread.php' SQL Injection
MyBulletinBoard (MyBB) 1.0 - 'RateThread.php' SQL Injection

MyBulletinBoard 1.0 - 'usercp.php' SQL Injection
MyBulletinBoard (MyBB) 1.0 - 'usercp.php' SQL Injection

Joomla! Component 'com_redshop' 1.2 - SQL Injection
Joomla! Component redSHOP 1.2 - SQL Injection

MyBulletinBoard 1.0.x/1.1.x - 'usercp.php' SQL Injection
MyBulletinBoard (MyBB) 1.0.x/1.1.x - 'usercp.php' SQL Injection

MyBulletinBoard 1.x - 'usercp.php' Directory Traversal
MyBulletinBoard (MyBB) 1.x - 'usercp.php' Directory Traversal
Grayscale BandSite CMS 1.1 - help_news.php the_band Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - help_merch.php the_band Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - help_mp3.php max_file_size_purdy Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - sendemail.php message_text Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - header.php the_band Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - login_header.php the_band Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - bio_content.php the_band Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - gbook_content.php the_band Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - interview_content.php the_band Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - links_content.php the_band Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - lyrics_content.php the_band Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - member_content.php the_band Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - merch_content.php the_band Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - mp3_content.php the_band Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - news_content.php the_band Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - pastshows_content.php the_band Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - photo_content.php the_band Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - releases_content.php the_band Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - reviews_content.php the_band Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - shows_content.php the_band Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - signgbook_content.php the_band Parameter Cross-Site Scripting
Grayscale BandSite CMS 1.1 - footer.php this_year Parameter Cross-Site Scripting
BandSite CMS 1.1 - 'help_news.php' Cross-Site Scripting
BandSite CMS 1.1 - 'help_merch.php' Cross-Site Scripting
BandSite CMS 1.1 - 'help_mp3.php' Cross-Site Scripting
BandSite CMS 1.1 - 'sendemail.php' Cross-Site Scripting
BandSite CMS 1.1 - 'header.php' Cross-Site Scripting
BandSite CMS 1.1 - 'login_header.php' Cross-Site Scripting
BandSite CMS 1.1 - 'bio_content.php' Cross-Site Scripting
BandSite CMS 1.1 - 'gbook_content.php' Cross-Site Scripting
BandSite CMS 1.1 - 'interview_content.php' Cross-Site Scripting
BandSite CMS 1.1 - 'links_content.php' Cross-Site Scripting
BandSite CMS 1.1 - 'lyrics_content.php' Cross-Site Scripting
BandSite CMS 1.1 - 'member_content.php' Cross-Site Scripting
BandSite CMS 1.1 - 'merch_content.php' Cross-Site Scripting
BandSite CMS 1.1 - 'mp3_content.php' Cross-Site Scripting
BandSite CMS 1.1 - 'news_content.php' Cross-Site Scripting
BandSite CMS 1.1 - 'pastshows_content.php' Cross-Site Scripting
BandSite CMS 1.1 - 'photo_content.php' Cross-Site Scripting
BandSite CMS 1.1 - 'releases_content.php' Cross-Site Scripting
BandSite CMS 1.1 - 'reviews_content.php' Cross-Site Scripting
BandSite CMS 1.1 - 'shows_content.php' Cross-Site Scripting
BandSite CMS 1.1 - 'signgbook_content.php' Cross-Site Scripting
BandSite CMS 1.1 - 'footer.php' Cross-Site Scripting

Wordpress Plugin Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting
WordPress Plugin Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting

Active PHP BookMarks 1.1.2 - APB_SETTINGS['apb_path' ] Multiple Remote File Inclusion
Active PHP BookMarks 1.1.2 - Multiple Remote File Inclusion

Wordpress Theme Redoable 1.2 - header.php s Parameter Cross-Site Scripting
WordPress Theme Redoable 1.2 - header.php s Parameter Cross-Site Scripting

TurnkeyWebTools Sunshop 3.5/4.0 - Multiple Remote File Inclusion
SunShop Shopping Cart 3.5/4.0 - Multiple Remote File Inclusion

Active PHP BookMarks 1.0 - APB.php Remote File Inclusion
Active PHP BookMarks 1.0 - 'APB.php' Remote File Inclusion
TurnkeyWebTools SunShop Shopping Cart 4.0 - 'index.php' Multiple Parameter SQL Injection
TurnkeyWebTools SunShop Shopping Cart 4.0 - 'index.php' l Parameter Cross-Site Scripting
SunShop Shopping Cart 4.0 - 'index.php' Multiple Parameter SQL Injection
SunShop Shopping Cart 4.0 - 'index.php' l Parameter Cross-Site Scripting

Wordpress Plugin Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery
WordPress Plugin Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery

DMCMS 0.7 - 'index.php' SQL Injection
deeemm CMS (dmcms) 0.7 - 'index.php' SQL Injection
EasySite 2.0 - browser.php EASYSITE_BASE Parameter Remote File Inclusion
EasySite 2.0 - image_editor.php EASYSITE_BASE Parameter Remote File Inclusion
EasySite 2.0 - skin_chooser.php EASYSITE_BASE Parameter Remote File Inclusion
EasySite 2.0 - 'browser.php' Remote File Inclusion
EasySite 2.0 - 'image_editor.php' Remote File Inclusion
EasySite 2.0 - 'skin_chooser.php' Remote File Inclusion

MatterDaddy Market 1.1 - 'admin/login.php' Cross-Site Scripting
MatterDaddy Market 1.1 - 'login.php' Cross-Site Scripting

Wordpress Plugin TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting
WordPress Plugin TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting
Joomla! Component 'com_perchaimageattach' 1.1 - 'Controller' Parameter Traversal Arbitrary File Access
Joomla! Component 'com_perchafieldsattach' 1.0 - 'index.php' Controller Parameter Traversal Arbitrary File Access
Joomla! Component 'com_perchadownloadsattach' 1.1 - 'Controller' Parameter Traversal Arbitrary File Access
Joomla! Component 'com_perchagallery' 1.6 Beta - 'Controller' Parameter Traversal Arbitrary File Access
Joomla! Component Percha Image Attach 1.1 - 'Controller' Parameter Traversal Arbitrary File Access
Joomla! Component Percha Fields Attach 1.0 - 'Controller' Parameter Traversal Arbitrary File Access
Joomla! Component Percha Downloads Attach 1.1 - 'Controller' Parameter Traversal Arbitrary File Access
Joomla! Component Percha Gallery 1.6 Beta - 'Controller' Parameter Traversal Arbitrary File Access

Joomla! Component 'com_perchacategoriestree' 0.6 - 'Controller' Parameter Arbitrary File Access
Joomla! Component Percha Multicategory Article 0.6 - 'Controller' Parameter Arbitrary File Access

Joomla! Component 'com_youtubegallery' - SQL Injection
Joomla! Component Youtube Gallery 4.1.7 - SQL Injection

Wordpress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities
WordPress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities

Joomla! Component 'FreiChat' 1.0/2.x - Unspecified HTML Injection
Joomla! Component FreiChat 1.0/2.x - Unspecified HTML Injection

Wordpress Plugin WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities
WordPress Plugin WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities

Joomla! Component 'com_weblinks' - 'Itemid' Parameter SQL Injection
Joomla! Component Weblinks - 'Itemid' Parameter SQL Injection

Wordpress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload
WordPress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload

Wordpress Plugin Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting
WordPress Plugin Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting

Wordpress Plugin Paid Memberships Pro 1.7.14.2 - Directory Traversal
WordPress Plugin Paid Memberships Pro 1.7.14.2 - Directory Traversal

Wordpress Plugin DukaPress 2.5.2 - Directory Traversal
WordPress Plugin DukaPress 2.5.2 - Directory Traversal

Wordpress Plugin Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection
WordPress Plugin Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection

Wordpress Plugin WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting
WordPress Plugin WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting

Wordpress Plugin Duplicator 0.5.8 - Privilege Escalation
WordPress Plugin Duplicator 0.5.8 - Privilege Escalation

Wordpress Plugin Single Personal Message 1.0.3 - SQL Injection
WordPress Plugin Single Personal Message 1.0.3 - SQL Injection

Joomla! Component 'com_sanpham' - Multiple SQL Injections
Joomla! Component Vik Real Estate 1.0 - Multiple SQL Injections

Wordpress Plugin VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload
WordPress Plugin VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload

Joomla! Component 'mod_currencyconverter' - 'from' Parameter Cross-Site Scripting
Joomla! Component Currency Converter 1.0.0 - 'from' Parameter Cross-Site Scripting

Wordpress Plugin Shareaholic 7.6.0.3 - Cross-Site Scripting
WordPress Plugin Shareaholic 7.6.0.3 - Cross-Site Scripting

Wordpress Plugin Paypal Currency Converter Basic For WooCommerce - File Read
WordPress Plugin Paypal Currency Converter Basic For WooCommerce - File Read

Joomla! Component 'mod_ccnewsletter' 1.0.7 - 'id' Parameter SQL Injection
Joomla! Component CCNewsLetter 1.0.7 - 'id' Parameter SQL Injection

Wordpress Plugin Simple Photo Gallery 1.7.8 - Blind SQL Injection
WordPress Plugin Simple Photo Gallery 1.7.8 - Blind SQL Injection

Wordpress Plugin PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities
WordPress Plugin PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting
WordPress Plugin 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities
WordPress Plugin iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting
Wordpress Plugin Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities
WordPress Plugin Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities
WordPress Plugin LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting
Wordpress Plugin ]Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities
WordPress Plugin GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting
WordPress Plugin ]Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities

Wordpress Plugin Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting
WordPress Plugin Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting

Wordpress Plugin EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities
WordPress Plugin EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities
Joomla! Component 'com_rpl' 8.9.2 - Multiple SQL Injections
Joomla! Component 'com_rpl' 8.9.2 - Persistent Cross-Site Scripting / Cross-Site Request Forgery
Joomla! Component Realtyna RPL 8.9.2 - Multiple SQL Injections
Joomla! Component Realtyna RPL 8.9.2 - Persistent Cross-Site Scripting / Cross-Site Request Forgery

Wordpress Plugin Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting
WordPress Plugin Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting

Wordpress Plugin miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities
WordPress Plugin miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities

Joomla! Component 'com_sexypolling' - 'answer_id' Parameter SQL Injection
Joomla! Component Sexy polling 1.0.8 - 'answer_id' Parameter SQL Injection

Joomla! Component 'com_novasfh' - 'upload.php' Arbitrary File Upload
Joomla! Component Projoom NovaSFH 3.0.2 - 'upload.php' Arbitrary File Upload

Wordpress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection
WordPress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection

Wordpress Plugin Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting
WordPress Plugin Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting

Wordpress Plugin Job Script by Scubez - Remote Code Execution
WordPress Plugin Job Script by Scubez - Remote Code Execution

Wordpress Plugin Premium SEO Pack 1.9.1.3 - wp_options Overwrite
WordPress Plugin Premium SEO Pack 1.9.1.3 - wp_options Overwrite
Wordpress Plugin Answer My Question 1.3 - SQL Injection
Wordpress Plugin Sirv 1.3.1 - SQL Injection
Wordpress Plugin BBS e-Franchise 1.1.1 - SQL Injection
Wordpress Plugin Product Catalog 8 1.2.0 - SQL Injection
WordPress Plugin Answer My Question 1.3 - SQL Injection
WordPress Plugin Sirv 1.3.1 - SQL Injection
WordPress Plugin BBS e-Franchise 1.1.1 - SQL Injection
WordPress Plugin Product Catalog 8 1.2.0 - SQL Injection

Wordpress Plugin Olimometer 2.56 - SQL Injection
WordPress Plugin Olimometer 2.56 - SQL Injection

Wordpress Plugin WP Vault 0.8.6.6 - Local File Inclusion
WordPress Plugin WP Vault 0.8.6.6 - Local File Inclusion
Wordpress Plugin WP Support Plus Responsive Ticket System 7.1.3 - SQL Injection
Wordpress Plugin WP Private Messages 1.0.1 - SQL Injection
WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 - SQL Injection
WordPress Plugin WP Private Messages 1.0.1 - SQL Injection
2016-12-21 05:01:18 +00:00
..
aix
android DB: 2016-12-21 2016-12-21 05:01:18 +00:00
arm
ashx/webapps
asp DB: 2016-12-10 2016-12-10 05:01:16 +00:00
aspx/webapps
atheos/local
beos
bsd
bsd_ppc/shellcode
bsd_x86/shellcode
bsdi_x86/shellcode
cfm DB: 2016-12-08 2016-12-08 05:01:21 +00:00
cgi DB: 2016-12-10 2016-12-10 05:01:16 +00:00
freebsd
freebsd_x86/shellcode
freebsd_x86-64
generator/shellcode
hardware DB: 2016-12-20 2016-12-20 05:01:16 +00:00
hp-ux
immunix/local
ios DB: 2016-12-14 2016-12-14 05:01:23 +00:00
irix
java DB: 2016-11-29 2016-11-29 05:01:20 +00:00
json/webapps
jsp
lin_x86 DB: 2016-12-18 2016-12-18 05:01:16 +00:00
lin_x86-64 DB: 2016-11-23 2016-11-23 05:01:19 +00:00
linux DB: 2016-12-20 2016-12-20 05:01:16 +00:00
linux_mips DB: 2016-12-21 2016-12-21 05:01:18 +00:00
linux_ppc/shellcode
linux_sparc/shellcode
macos/local
minix/dos
multiple DB: 2016-12-20 2016-12-20 05:01:16 +00:00
netbsd_x86
netware
novell
openbsd
openbsd_x86/shellcode
osx DB: 2016-12-18 2016-12-18 05:01:16 +00:00
osx_ppc
palm_os
perl/webapps
php DB: 2016-12-21 2016-12-21 05:01:18 +00:00
plan9/local
python DB: 2016-11-22 2016-11-22 05:01:18 +00:00
qnx
ruby
sco
sco_x86/shellcode
sh4/shellcode
solaris
solaris_sparc
solaris_x86/shellcode
system_z/shellcode
tru64
ultrix
unix
unixware
win_x86
win_x86-64 DB: 2016-12-10 2016-12-10 05:01:16 +00:00
windows DB: 2016-12-21 2016-12-21 05:01:18 +00:00
xml DB: 2016-11-23 2016-11-23 05:01:19 +00:00