wordpress、Joomla、Drupal历史插件漏洞合集

发布于 2019-01-21  1758 次阅读


wordpress历史插件漏洞集合

date:2018-08-18,name:WordPress Dreamsmiths Themes 0.0.1 Arbitrary File Download  
date:2018-07-28,name:WordPress Plugin Responsive Thumbnail Sltrary File Upload (Metasploit)  
date:2018-07-27,name:WordPress Gwolle Guestbook 2.5.3 Cross Site Scripting  
date:2018-07-27,name:WordPress Strong Testimonials 2.31.4 Cross Site Scripting  
date:2018-07-27,name:WordPress Snazzy Maps 1.1.3 Cross Site Scripting  
date:2018-07-09,name:wordpress file-away plugin - File Disclosure  
date:2018-06-28,name:WordPress 4.9.6 Arbitrary File Deletion  
date:2018-06-27,name:WordPress Plugin Advanced Order Export For WooCommerce <  1.5.4 CSV Injection  
date:2018-06-26,name:WordPress Comments Import And Export CSV Injection  
date:2018-06-26,name:WordPress iThemes Security SQL Injection  
date:2018-06-26,name:WordPress Plugin iThemes Security <  7.0.3 SQL Injection  
date:2018-06-25,name:WordPress Plugin weixin robot advanced 4.4 Cross-Site-Scripting  
date:2018-06-23,name:WordPress Design By SmartCat.Net ImageManager Plugin Remote File Upload Vulnerability  
date:2018-06-23,name:WordPress Design By SmartCatDesign.Net ImageManager Plugin Remote File Upload Vulnerability  
date:2018-06-21,name:WordPress DrcSystems EthicSolutions Jssor-Slary Plugin Arbitrary File Upload Vulnerability  
date:2018-06-13,name:WordPress Tooltipy 5.0 Cross Site Scripting  
date:2018-06-13,name:WordPress Redirection 2.7.3 Remote File Inclusion  
date:2018-06-13,name:WordPress Tooltipy 5.0 Cross Site Request Forgery  
date:2018-06-08,name:WordPress Theme Sydney by aThemes 2018 GravityForms Input Remote File Upload Vulnerability  
date:2018-05-30,name:Wordpress Plugin Events Calendar SQL Injection  
date:2018-05-30,name:WordPress Headway Theme The Drag and Drop SQL Injection Vulnerability  
date:2018-05-25,name:WordPress Peugeot Music 1.0 Shell Upload \/ Cross Site Request Forgery  
date:2018-05-24,name:WordPress Plugin Peugeot Music Arbitrary File Upload  
date:2018-05-23,name:WordPress Muller Design Studio DiyThemes Rich-Wtor Arbitrary File Upload  
date:2018-05-12,name:WordPress WP User Groups 2.0.0 Cross Site Request Forgery  
date:2018-05-09,name:Wordpress wp-js-external-link-info redirect  
date:2018-05-07,name:WordPress Plugin User Role Editor <  4.25 Privilege Escalation  
date:2018-05-06,name:Wordpress Hestia 1.1.73 Theme XSS Vuln  
date:2018-04-29,name:WordPress UK Cookie Consent 2.3.9 Cross Site Scripting  
date:2018-04-27,name:WordPress WP With Spritz 1.0 File Inclusion  
date:2018-04-26,name:WordPress Woo Import Export 1.0 Arbitrary File Deletion  
date:2018-04-14,name:Nielsen WordPress Theme Xss Stored Exploit  
date:2018-04-12,name:WordPress Content Injection and Deface  
date:2018-04-11,name:WordPress Google Drive 2.2 Remote Code Execution  
date:2018-04-11,name:WordPress Plugin WordPress File Upload 4.3.3 Stored XSS  
date:2018-04-11,name:WordPress Activity Logs 2.4.0 Cross Site Scripting  
date:2018-04-10,name:WordPress Plugin Google Drive 2.2 Remote Code Execution  
date:2018-04-10,name:WordPress Plugin Gratifikasi 1.3 Cross Site Scripting (XSS)  
date:2018-04-10,name:WordPress Viral Optins Plugin Exploit and File Upload  
date:2018-04-01,name:Wordpress Plugin Contact Form 7 to Database Extension 2.10.32 CSV Injection  
date:2018-03-28,name:Wordpress Plugin Site Editor 1.1.1 Local File Inclusion  
date:2018-03-27,name:WordPress Event Manager 5.8.1.1 Cross Site Scripting  
date:2018-03-20,name:WordPress Site Editor 1.1.1 Local File Inclusion  
date:2018-03-16,name:WordPress Plugin Duplicator 1.2.32 Cross-Site Scripting  
date:2018-03-10,name:Wordpress Theme Distributel SQLi  
date:2018-02-16,name:WordPress UltimateMember 2.0 Cross Site Scripting  
date:2018-02-16,name:Wordpress 4.9.4 Username Enumeration (perl version)  
date:2018-01-31,name:WordPress Propertyhive 1.4.14 Cross Site Scripting  
date:2018-01-30,name:WordPress Splashing Images 2.1 Cross Site Scripting \/ PHP Object Injection  
date:2018-01-22,name:Wordpress Tips Wp-Config Setup Vulnerable  
date:2018-01-22,name:Wordpress linenity theme - Arbitrary file download  
date:2018-01-21,name:Wordpress newspro2891 theme - Arbitrary file download  
date:2018-01-21,name:Wordpress endlesshorizon theme - Arbitrary file download  
date:2018-01-21,name:Wordpress duena theme - Arbitrary file download  
date:2018-01-21,name:Wordpress cafesalivation theme - Arbitrary file download  
date:2018-01-21,name:Wordpress File Manager plugin Version 5.0.1 SSRF\/XSPA Vulnerability  
date:2018-01-21,name:Wordpress liberator theme - Arbitrary file download  
date:2018-01-21,name:Wordpress oxygen theme - Arbitrary file download  
date:2018-01-20,name:wordpress kap theme arbitrary file download  
date:2018-01-15,name:Wordpress wp-File-Manager plugin Version 1.9 SSRF\/XSPA Vulnerability  
date:2018-01-11,name:WordPress Smooth Sl6 SQL Injection  
date:2018-01-11,name:WordPress Dbox 3D Sl 1.2.2 SQL Injection  
date:2018-01-11,name:WordPress MQ ReLinks 1.8 XSS \/ Open Redirection  
date:2018-01-11,name:WordPress Download Manager 2.9.60 Cross Site Request Forgery  
date:2018-01-11,name:WordPress Testimonial Sl4 SQL Injection  
date:2018-01-10,name:WordPress Social Media WAcurax 3.2.5 Cross Site Request Forgery  
date:2018-01-10,name:WordPress Plugin Events Calendar event_jection  
date:2018-01-09,name:WordPress CMS Tree Page View 1.4 CSRF \/ Privilege Escalation  
date:2018-01-08,name:WordPress Plugin LearnDash 2.5.3 Arbitrary File Upload  
date:2018-01-07,name:WordPress WpJobBoard 4.4.4 SQL Injection  
date:2018-01-04,name:WordPress Smart Google Code Inserter SQL Injection  
date:2018-01-03,name:WordPress Plugin Smart Google Code Inserter <  3.5 Authentication Bypass  \/ SQL Injection  
date:2017-12-22,name:WordPress Feed-Statistics 4.1 Open Redirect  
date:2017-12-22,name:WordPress Grifus 4.0.1 Cross Site Scripting  
date:2017-12-22,name:WordPress mgl-instagram-gallery Plugin Cross Site Scripting  
date:2017-12-21,name:WordPress feed-statistics Plugin Open Redirect Vulnerability  
date:2017-12-21,name:WordPress WebConnex Form Management 1.6.3 Cross Site Scripting  
date:2017-12-21,name:WordPress Itinerary 1.0.0 Cross Site Scripting  
date:2017-12-20,name:WordPress Concours 1.1 Cross Site Scripting  
date:2017-12-20,name:WordPress Clean Up Optimizer 4.0.0 SQL Injection  
date:2017-12-20,name:WordPress Custom Map 1.1 Cross Site Scripting  
date:2017-12-20,name:WordPress Booking Calendar 7.0 \/ 7.1 SQL Injection \/ Local File Inclusion  
date:2017-12-20,name:WordPress CSV Import-Export 1.1 Cross Site Scripting  
date:2017-12-20,name:WordPress Top-10 2.4.2 SQL Injection  
date:2017-12-19,name:WordPress Yakadanda Google+ Hangout Events 0.3.7 XSS  
date:2017-12-18,name:WordPress Sagepay Server Gateway For WooCommerce 1.0.7 XSS  
date:2017-12-17,name:WordPress Plugins FormCraft - Cross-Site Scripting Image type  
date:2017-12-15,name:WordPress Wunderbar Basic 1.1.3 Cross Site Scripting  
date:2017-12-15,name:WordPress Pinterest Badge 1.8.0 Cross Site Scripting  
date:2017-12-14,name:WordPress WooPay Inicis 1.1.3 Cross Site Scripting  
date:2017-12-14,name:WordPress Qiniu Cloudtuchuang 1.8 Cross Site Scripting  
date:2017-12-14,name:WordPress WordApp Mobile 2.0.3 Cross Site Scripting  
date:2017-12-11,name:Wordpress UserPro 4.9.17 Authentication Bypass  
date:2017-12-06,name:WordPress Z-URL Preview 1.6.1 Cross Site Scripting  
date:2017-12-06,name:WordPress 3rd-Party Inject Results 0.2 Cross Site Scripting  
date:2017-12-06,name:WordPress Smart Marketing SMS And Newsletters Forms 1.1.1 XSS  
date:2017-12-06,name:WordPress WP Mailster 1.5.4.0 Cross Site Scripting  
date:2017-12-01,name:WordPress WooCommerce 2.0 \/ 3.0 Directory Traversal  
date:2017-11-22,name:WordPress Emag Marketplace Connector 1.0 Cross Site Scripting  
date:2017-11-22,name:WordPress Advanced Post Type Ratings 1.1 Cross Site Scripting  
date:2017-11-22,name:WordPress In Link 1.0 SQL Injection  
date:2017-11-22,name:WordPress Breezing Forms 1.2.7.42 Cross Site Scripting  
date:2017-11-15,name:WordPress Affiliate Ads For Clickbank Products 1.3 XSS  
date:2017-11-15,name:WordPress AMP Toolbox 1.9.4 Cross Site Scripting  
date:2017-11-15,name:WordPress DFD Reddcoin Tips 1.1.1 Cross Site Scripting  
date:2017-11-14,name:WordPress Boozang 1.0.0 Cross Site Scripting  
date:2017-11-14,name:WordPress Cartogiraffe Map 1.0 Cross Site Scripting  
date:2017-11-14,name:WordPress Appointments 2.2.2.2 Cross Site Scripting  
date:2017-11-13,name:Wordpress < = 4.8.2 SQL Injection POC  
date:2017-11-10,name:WordPress Secure HTML5 Ver 3.14 Cross Site Scripting  
date:2017-11-09,name:WordPress Ultimate Instagram Feed 1.2 Cross Site Scripting  
date:2017-11-07,name:WordPress Duplicator Migration 1.2.28 Cross Site Scripting  
date:2017-11-06,name:WordPress Plugin Userpro <  4.9.17.1 Authentication Bypass  
date:2017-11-05,name:WordPress Plugins ImageManager- Arbitrary File Upload  
date:2017-11-04,name:WordPress Plugin JTRT Responsive Tables 4.1 SQL Injection  
date:2017-11-01,name:WordPress User Login History 1.5.2 Cross Site Scripting  
date:2017-11-01,name:WordPress SmoothGallery for NextGen Gallery XSS  
date:2017-11-01,name:WPBounce WordPress plugin Open Redirect  
date:2017-10-20,name:WordPress Car Park Booking SQL Injection  
date:2017-10-17,name:WordPress Influencer Marketing And Press Release System 2.2 XSS  
date:2017-10-13,name:WordPress Pootle Button 1.1.1 Cross Site Scripting  
date:2017-10-12,name:WordPress WP-Contact-W4.1 Cross Site Scripting  
date:2017-10-12,name:WordPress PopCash.Net Publisher Code Integration 1.0 Cross Site Scripting  
date:2017-10-11,name:WordPress TR Easy Google Analytics 1.0.0 Cross Site Scripting  
date:2017-10-11,name:WordPress Simple Login Log 1.1.1 SQL Injection  
date:2017-10-11,name:WordPress Ad W0.0 Local File Inclusion  
date:2017-10-08,name:WordPress 4.8.2 Activation Key Failed Expiry  
date:2017-10-08,name:Gallery by BestWebSoft wordpress \/ FILE UPLOAD  
date:2017-10-07,name:WordPress does not hash wp_signups.activation_key SQL injection to create accounts  
date:2017-10-05,name:WordPress Smush Image 2.7.4.1 Directory Traversal  
date:2017-09-28,name:WordPress Content Audit 1.9.1 Cross Site Request Forgery \/ Cross Site Scripting  
date:2017-09-28,name:WordPress Church SQL Injection  
date:2017-09-23,name:WordPress Responsive Image Gallery 1.1.8 SQL Injection  
date:2017-09-21,name:WordPress 2kb Amazon Affiliates Store 2.1.0 Cross Site Scripting  
date:2017-09-09,name:WordPress SB Uploader 4.9 Arbitrary File Upload Vulnerability  
date:2017-09-09,name:WordPress Training Membership 1.0.8 Cross Site Scripting  
date:2017-09-08,name:Stanford University ( Longevity ) WordPress Website BruteForce Attack  
date:2017-09-07,name:Wordpress cool-flickr-sllugin Cross Site Scripting(xss)  
date:2017-09-07,name:Wordpress Contact Form 7 International Sms Integration Plugin Cross Site Scripting  
date:2017-09-05,name:WordPress Plugin Participants Database <  1.7.5.10 Cross-Site Scripting  
date:2017-08-25,name:WordPress Plugins woocommerce-product-options - Arbitrary File Upload  
date:2017-08-19,name:Wordpress MoneyTheme Themes XSS \/ Arbitrary File Upload  
date:2017-08-18,name:WordPress share-on-diaspora Plugin Cross Site Scripting (XSS)  
date:2017-08-13,name:WordPress FAdvertisement Plugin Sql Injection Vulnerability  
date:2017-08-11,name:WordPress Easy Modal 2.0.17 SQL Injection  
date:2017-08-11,name:WordPress PressForward 4.3.0 Cross Site Scripting  
date:2017-08-11,name:WordPress Podlove Podcast Publisher 2.5.3 SQL Injection  
date:2017-08-08,name:WordPress Plugin Easy Modal 2.0.17 SQL Injection  
date:2017-08-06,name:WordPress GamePlan Event And Gym Fitness Theme 1.5.13.2 Cross Site Scripting  
date:2017-08-01,name:WordPress Logosware Suite Uploader 1.1.6 File Upload  
date:2017-07-31,name:WordPress Plugin Logosware Suite Uploader 1.1.6 Remote File Upload  
date:2017-07-26,name:WordPress Ultimate Affiliate Pro 3.6 Cross Site Scripting  
date:2017-07-26,name:WordPress FormCraft Form Builder 3.2.31 Cross Site Scripting  
date:2017-07-21,name:WordPress Task Manager Pro 1.31 Cross Site Scripting  
date:2017-07-11,name:Wordpress Plugin How-Interest Cross-Site Scripting  
date:2017-06-28,name:WordPress Plugin Ultimate Product Catalogue 4.2.2 SQL Injection  
date:2017-06-26,name:WordPress FormCraft Basic 1.0.5 SQL Injection  
date:2017-06-21,name:WordPress Download Manager 2.9.46 \/ 2.9.51 Cross Site Scripting  
date:2017-06-21,name:WordPress Photo Gallery 1.3.34 \/ 1.3.42 Path Traversal  
date:2017-06-13,name:WordPress Plugins WP Checkout - Arbitrary File Upload  
date:2017-06-13,name:WordPress Plugins Viral Optins - Arbitrary File Upload  
date:2017-06-13,name:WordPress Themes Awake - Cross-Site Scripting  
date:2017-06-08,name:WordPress Plugins console contact form - Arbitrary File Upload  
date:2017-06-04,name:WordPress Plugins WP Job Manager Locations - Arbitrary File Upload  
date:2017-06-03,name:WordPress No External Links 3.5.17 Cross Site Scripting  
date:2017-06-03,name:WordPress Tribulant Newsletters 4.6.4.2 XSS \/ File Disclosure  
date:2017-06-02,name:WordPress Plugins WP Job Manager - Arbitrary File Upload  
date:2017-06-01,name:WordPress Themes U-design File Upload  
date:2017-05-31,name:WordPress Simple Slanager 2.2 Cross Site Scripting  
date:2017-05-29,name:WordPress Themes Purevision - Arbitrary File Upload  
date:2017-05-28,name:WordPress AffiliateWP 2.0.8 Cross Site Scripting  
date:2017-05-28,name:WordPress Social-Stream 1.6.0 Twitter API Secret Disclosure  
date:2017-05-28,name:WordPress Huge-IT Very 2.0.4 SQL Injection  
date:2017-05-28,name:WordPress All In One Schema.org Rich Snippets 1.4.1 XSS  
date:2017-05-25,name:Wordpress plugins dopts upload File Vulnerability  
date:2017-05-24,name:WordPress Newsletter Supsystic 1.1.7 Cross Site Scripting  
date:2017-05-23,name:WordPress rehber Themes  File Upload Vulnerability  
date:2017-05-22,name:Wordpress plugins wp-mailinglist upload File Vulnerability | CSRF  
date:2017-05-18,name:WordPress Revsloit and Mass Shell Upload  
date:2017-05-17,name:WordPress EELV Newsletter 4.5 XSS \/ CSRF  
date:2017-05-17,name:WordPress PHPMailer Host Header Command Injection  
date:2017-05-14,name:Wordpress plugins wpdm-filemanager upload File Vulnerability  
date:2017-05-10,name:WordPress Clean Login Cross Site Request Forgery  
date:2017-05-10,name:Wordpress Plugin Organizer File 6.x Upload Vulnerability  
date:2017-05-05,name:Wordpress Plugins Art Picture Shop File Upload Vulnerability  
date:2017-05-05,name:WordPress Core 4.6 Unauthenticated Remote Code Execution Full Advisory  
date:2017-05-04,name:WordPress FancyProductDesigner 3.4.2 Stored XSS  
date:2017-05-04,name:Wordpress Theme Sehf File Upload Vulnerability | CSRF  
date:2017-05-03,name:Wordpress Theme Ebs File Upload Vulnerability | CSRF  
date:2017-05-03,name:WordPress 4.6 Unauthenticated Remote Code Execution (RCE) PoC Exploit  
date:2017-04-27,name:WordPress Wow Forms 2.1 SQL Injection  
date:2017-04-27,name:WordPress KittyCatfish 2.2 SQL Injection  
date:2017-04-27,name:WordPress Wow Viral Signups 2.1 SQL Injection  
date:2017-04-27,name:WordPress Car Rental System 2.5 SQL Injection  
date:2017-04-23,name:Wordpress flash album gallery Plugins SQL Vulnerability.  
date:2017-04-22,name:Wordpress newsletter Plugins SQL Vulnerability.  
date:2017-04-21,name:WordPress Connection Information Cross Site Request Forgery  
date:2017-04-19,name:Wordpress theme 'boldial' - Full Path Disclosure  
date:2017-04-13,name:Wordpress pdfjs-viewer-shortcode Plugins  Xss \/ Code Execution Vulnerability  
date:2017-04-10,name:Wordpress webplayer Plugins SQL Injection Vulnerability  
date:2017-04-09,name:Wordpress salient Themes SQL Injection Vulnerability  
date:2017-04-08,name:WordPress Gravity Forms Plugin Exploit and File Upload  
date:2017-04-05,name:Wordpress dreamwork_manage File Upload Vulnerability  
date:2017-03-31,name:Wordpress wp-dreamworkgallery File Upload Vulnerability  
date:2017-03-29,name:Wordpress plugins team-admin upload File Vulnerability  
date:2017-03-28,name:Wordpress Themes betheme Sh3ll Upload Vulnerability | CSRF  
date:2017-03-27,name:Wordpress Themes Multimedia1 Shell Upload Vulnerability | CSRF  
date:2017-03-21,name:WordPress Multiple Plugin File Upload  
date:2017-03-20,name:Wordpress plugin Sports Rankings and Lists directory  
date:2017-03-17,name:WordPress Membership Simplified 1.58 Arbitrary File Download  
date:2017-03-16,name:Wordpress Plugin Membership Simplified v1.58 - Arbitrary File Download  
date:2017-03-15,name:Wordpress Themes Nunace Shell Upload Vulnerability | CSRF  
date:2017-03-14,name:WordPress Print Money v4.91 Plugin Persistent Cross Site Scripting  
date:2017-03-13,name:WordPress Chat-Room plugin v0.1.2 directory traversal\/arbitrary file write  
date:2017-03-13,name:WordPress plugin Flash Rotator Gallery SQL injection  
date:2017-03-11,name:Wordpress Themes Synoptic Shell Upload Vulnerability | CSRF  
date:2017-03-10,name:WordPress PICA Photo Gallery 1.0 SQL Injection  
date:2017-03-09,name:Unlock WordPress Admin Login Disable Protection  
date:2017-03-09,name:Wordpress Themes Qualifire File Upload Vulnerabilty CSRF  
date:2017-03-07,name:WordPress 4.5.3 Audio Playlist Cross Site Scripting  
date:2017-03-07,name:WordPress 4.5.3 Press This Function CSRF \/ Denial Of Service  
date:2017-03-06,name:WordPress Multiple Plugins - Remote File Upload  
date:2017-03-05,name:WordPress VaultPress 1.8.4 Remote Code Execution \/ Man-In-The-Mdate:2017-03-04,name:WordPress Username Enumeration  
date:2017-03-03,name:WordPress Global Content Blocks 2.1.5 Cross Site Request Forgery  
date:2017-03-03,name:WordPress Magic Fields 1 1.7.1 Cross Site Scripting  
date:2017-03-03,name:WordPress Popup By Supsystic 1.7.6 Cross Site Request Forgery  
date:2017-03-03,name:WordPress Download Manager 2.8.99 Cross Site Request Forgery  
date:2017-03-03,name:WordPress Gwolle Guestbook 1.7.4 Cross Site Request Forgery  
date:2017-03-03,name:WordPress Tribulant Slalleries 1.6.3 Cross Site Scripting  
date:2017-03-03,name:WordPress Contact Form Manager CSRF \/ XSS  
date:2017-03-03,name:WordPress Alpine PhotoTile For Instagram 1.2.7.7 XSS  
date:2017-03-03,name:WordPress Atahualpa Theme Cross Site Request Forgery  
date:2017-03-03,name:WordPress File Manager 3.0.1 Cross Site Request Forgery  
date:2017-03-03,name:WordPress User Login Log 2.2.1 Cross Site Scripting  
date:2017-03-03,name:WordPress Google Analytics Dashboard 2.1.1 Cross Site Scripting  
date:2017-03-03,name:WordPress Atahualpa Theme Cross Site Scripting  
date:2017-03-03,name:WordPress Contact Form 4.0.0 Cross Site Scripting  
date:2017-03-03,name:WordPress Simple Ads Manager 2.9.8.125 PHP Object Injection  
date:2017-03-03,name:WordPress NewStatPress 1.2.4 Cross Site Scripting  
date:2017-03-03,name:WordPress Gwolle Guestbook 1.7.4 Cross Site Scripting  
date:2017-03-03,name:WordPress Adminer 1.4.4 Interface Exposure  
date:2017-02-28,name:WordPress Kama Click Counter 3.4.9 SQL Injection  
date:2017-02-25,name:MyMag wordpress theme Unrestricted File Upload  
date:2017-02-24,name:WordPress Mail Masta 1.0 SQL Injection  
date:2017-02-17,name:WordPress Plugin Corner Ad 1.0.7 - Cross-Site Scripting  
date:2017-02-15,name:WordPress Easy Table 1.6 Cross Site Scripting  
date:2017-02-13,name:WordPress 4.7 \/ 4.7.1 Content Injection Gui Exploit  
date:2017-02-13,name:Wordpress Themes dance studio 1.0.0 - Arbitrary Shell Upload vulnerbility  
date:2017-02-12,name:WordPress 4.7.0\/4.7.1 Plugin Insert PHP -  PHP Code Injection  
date:2017-02-09,name:WordPress wp-json Content Injection  
date:2017-02-02,name:WordPress 4.7.0 \/ 4.7.1 REST API Privilege Escalation  
date:2017-02-02,name:WordPress 4.7.0\/4.7.1 Unauthenticated Content Injection  
date:2017-01-30,name:WordPress FormBuilder 1.05 Cross Site Request Forgery  
date:2017-01-27,name:WordPress InfiniteWP Client 1.5.1.3 \/ 1.6.0 PHP Object Injection  
date:2017-01-26,name:CMS Commander Client WordPress Plugin unauthenticated PHP Object injection vulnerability  
date:2017-01-26,name:Google Forms WordPress Plugin unauthenticated PHP Object injection vulnerability  
date:2017-01-26,name:Wordpress >=4.7 User Enumeration Exploit  
date:2017-01-18,name:WordPress WooCommerce Direct Download Local File Inclusion  
date:2017-01-14,name:Wordpress cmw-speakers Plugin  SQL injection Vulnerability  
date:2017-01-11,name:WordPress WP Support Plus Responsive Ticket System 7.1.3 Privilege Escalation  
date:2017-01-07,name:Wordpress Plugin slo Arbitrary File Upload  
date:2017-01-05,name:WordPress Stop User Enumeration 1.3.4 User Enumeration  
date:2016-12-31,name:WordPress Templatic 2.3.6 File Upload  
date:2016-12-29,name:WordPress Simply Poll 1.4.1 SQL Injection  
date:2016-12-28,name:WordPress Image Sl41 \/ 1.1.89 Arbitrary File Deletion  
date:2016-12-23,name:WordPress Copy-Me 1.0.0 Cross Site Request Forgery  
date:2016-12-20,name:WordPress Support Plus Responsive Ticket System 7.1.3 SQL Injection  
date:2016-12-20,name:WordPress 404 1.0 SQL Injection  
date:2016-12-20,name:WordPress Private Messages 1.0.1 SQL Injection  
date:2016-12-17,name:WordPress Quiz And Survey Master 4.7.8 \/ 4.5.4 XSS \/ CSRF  
date:2016-12-15,name:WordPress MailChimp 3.1.5 \/ 4.0.10 Cross Site Scripting  
date:2016-12-13,name:WordPress Google Analytics Counter Tracker 3.1.5 PHP Object Injection  
date:2016-12-12,name:WordPress Multisite Post Duplicator 0.9.5.1 Cross Site Request Forgery  
date:2016-12-06,name:WordPress Single Personal Message 1.0.3 SQL Injection  
date:2016-12-02,name:WordPress WP Vault 0.8.6.6 Local File Inclusion  
date:2016-11-30,name:WordPress Insert Html Snippet 1.2 Cross Site Request Forgery  
date:2016-11-29,name:WordPress Olimometer 2.56 SQL Injection  
date:2016-11-28,name:WordPress Image Gallery 1.9.65 Cross Site Scripting  
date:2016-11-26,name:Wordpress Twentyfourteen Theme (Default Theme) Full Path Disclosure  
date:2016-11-22,name:WordPress Canvas - Shortcodes 1.92 Cross Site Scripting  
date:2016-11-22,name:WordPress Easy Facebook Like Box 4.3.0 CSRF \/ XSS  
date:2016-11-22,name:WordPress Check Email 0.3 Cross Site Scripting  
date:2016-11-22,name:WordPress Instagram Feed 1.4.6.2 Cross Site Scripting \/ Cross Site Request Forgery  
date:2016-11-22,name:WordPress MailChimp 4.0.7 Cross Site Request Forgery \/ Cross Site Scripting  
date:2016-11-22,name:Wordpress FancyBox For WordPress Plugin Full Path Disclosure  
date:2016-11-20,name:WordPress Plugin MailChimp 4.0.7 - Cross-Site Request Forgery \/ XSS  
date:2016-11-20,name:WordPress Plugin Easy Facebook Like Box 4.3.0- Cross-Site Request Forgery \/ XSS  
date:2016-11-19,name:Wordpress Plugin  N-Media 1.4 Arbitrary File Download Vulnerability  
date:2016-11-19,name:Wordpress ThemeRush Theme Cross Site Scripting  
date:2016-11-18,name:WordPress Answer My Question 1.3 SQL Injection  
date:2016-11-18,name:WordPress Sirv 1.3.1 SQL Injection  
date:2016-11-17,name:WordPress All In One WP Security And Firewall 4.1.9 Cross Site Scripting  
date:2016-11-12,name:WordPress Google Maps 6.3.14 Cross Site Request Forgery  
date:2016-11-12,name:WordPress W3 Total Cache 0.9.4.1 Cross Site Scripting  
date:2016-11-12,name:WordPress W3 Total Cache 0.9.4.1 Race Condition  
date:2016-11-12,name:WordPress W3 Total Cache Amazon SNS Push Messages Weak Valdate:2016-11-09,name:WordPress XCloner 3.1.5 Denial Of Service \/ Code Execution  
date:2016-11-09,name:WordPress Calendar 1.3.7 Cross Site Scripting  
date:2016-11-09,name:WordPress 404 To 301 2.2.8 Cross Site Scripting  
date:2016-10-20,name:Wordpress Userpro Remote File Upload  
date:2016-10-14,name:WordPress Newsletter 4.6.0 Cross Site Request Forgery \/ Cross Site Scripting  
date:2016-10-01,name:WordPress Plugin KBoard - Cross Site Scripting  
date:2016-10-01,name:WordPress Plugin KBoard 2.7 - SQL Injection  
date:2016-09-22,name:Wordpress W3 Total Cache < = 0.9.4.1 XSS  
date:2016-09-20,name:WordPress Neosense Theme 1.7 Shell Upload  
date:2016-09-17,name:Wordpress pulgin bordeaux theme upload shell Vulnerability  
date:2016-09-11,name:WordPress InfiniteWP Admin Panel 2.8.0 Authorization Bypass  
date:2016-09-11,name:WordPress InfiniteWP Admin Panel 2.8.0 Command Injection  
date:2016-09-11,name:WordPress Woocommerce 2.6.2 API Cross Site Scripting  
date:2016-09-11,name:WordPress MailPoet Newsletters 2.7.2 Cross Site Scripting  
date:2016-09-11,name:Image Export WordPress Plugin - Local File Disclosure  
date:2016-09-11,name:Meteogalicia WordPress Wocal File Disclosure  
date:2016-09-09,name:WordPress 4.5.3 Cross Site Scripting  
date:2016-09-08,name:WordPress Theme cubed_v1.2 CSRF File Upload Vulnerability  
date:2016-09-06,name:WordPress RB Agency Plugin 2.4.7 - Local File Disclosure  
date:2016-08-29,name:Wordpress Themes Arbitrary File Download  timthumb-config.php Vulnerability  
date:2016-08-23,name:Wordpress Multi Themes Arbitrary File Download Vulnerability  
date:2016-08-22,name:WordPress 4.5.3 Core Ajax Handlers Path Traversal  
date:2016-08-16,name:Wordpress Tevolution Plugin 2.3.1 Arbitrary Shell Upload Vulnerability  
date:2016-08-16,name:Wordpress Theme Directory Arbitrary Shell Upload Vulnerability  
date:2016-08-16,name:WordPress Ajax Load More 2.11.1 Local File Inclusion  
date:2016-08-16,name:WordPress Photo Gallery 1.8.5 Cross Site Scripting  
date:2016-08-16,name:WordPress Link Library 5.9.12.29 Cross Site Scripting  
date:2016-08-16,name:WordPress Email Users 4.8.3 Cross Site Request Forgery  
date:2016-08-16,name:WordPress Google Maps 2.1.2 Cross Site Scripting  
date:2016-08-16,name:WordPress Photo Gallery 1.8.5 Cross Site Request Forgery  
date:2016-08-16,name:WordPress Peters Login Redirect 2.9.0 XSS \/ CSRF  
date:2016-08-10,name:WordPress Add From Server 6.2 Cross Site Request Forgery  
date:2016-08-08,name:Wordpress force download Arbitrary File Download  
date:2016-08-07,name:WordPress Selected Text Sharer 1.0 CSRF \/ XSS  
date:2016-08-07,name:WordPress Welcome Announcement 1.0.5 Cross Site Scripting  
date:2016-08-07,name:WordPress Store Locator Plus 4.5.09 Cross Site Scripting  
date:2016-08-07,name:WordPress Ecwrce Shopping Cart 4.4 \/ 4.4.3 PHP Object Injection  
date:2016-08-06,name:WordPress Activity Log 2.3.2 Cross Site Scripting  
date:2016-08-06,name:WordPress Landing Pages 2.2.4 Cross Site Scripting  
date:2016-08-06,name:WordPress Yoast SEO Cross Site Scripting  
date:2016-08-03,name:WordPress Uji Countdown 2.0.6 Cross Site Scripting  
date:2016-08-02,name:WordPress ALO EasyMail Newsletter Plugin 2.9.2 CSRF  
date:2016-08-02,name:WordPress Booking Calendar Plugin 6.2 - SQL Injection  
date:2016-07-31,name:Insert PHP WordPress Plugin allows authenticated user to execute arbitrary PHP  
date:2016-07-31,name:Easy Testimonials WordPress Plugin Stored Cross-Site Scripting  
date:2016-07-29,name:WordPress Ultimate Product Catalog 3.9.8 SQL Injection  
date:2016-07-27,name:WordPress ColorWay 3.4.1 Cross Site Scripting  
date:2016-07-26,name:WordPress Code Snippets 2.6.1 Cross Site Scripting  
date:2016-07-26,name:WordPress Contact Form To Email 1.1.47 Cross Site Scripting  
date:2016-07-22,name:WordPress WooCommerce 2.6.2 Cross Site Scripting  
date:2016-07-22,name:WordPress Paships Pro 1.8.9.3 Cross Site Scripting  
date:2016-07-20,name:WordPress Icegram 1.9.18 Cross Site Request Forgery  
date:2016-07-20,name:WordPress Ninja Forms 2.9.51 Cross Site Scripting  
date:2016-07-20,name:WordPress Ver 1.5.16 SQL Injection  
date:2016-07-14,name:WordPress WP No External Links 3.5.15 Cross Site Scripting  
date:2016-07-14,name:WordPress Top 10 Popular Posts 2.3.0 Cross Site Scripting  
date:2016-07-14,name:WordPress Simple Membership 3.2.8 Cross Site Scripting  
date:2016-07-14,name:WordPress Google Forms 0.84 Cross Site Scripting  
date:2016-07-13,name:WordPress Easy Forms For MailChimp 6.0.5.5 Local File Inclusion  
date:2016-07-13,name:WordPress WP Fastest Cache 0.8.5.9 Local File Inclusion  
date:2016-07-13,name:WordPress Email Users 4.8.2 Cross Site Scripting  
date:2016-07-13,name:WordPress Master Sl1 Cross Site Scripting  
date:2016-07-13,name:WordPress Profile Builder 2.4.0 Cross Site Scripting  
date:2016-07-12,name:Wordpress WP Job Manager 1.25 Arbitrary File Upload Vulnerability  
date:2016-07-12,name:WordPress Ultimate Member 1.3.64 Local File Inclusion  
date:2016-07-12,name:WordPress Live Chat Support 6.2.00 Cross Site Scripting  
date:2016-07-12,name:WordPress Activity Log 2.3.1 Persistent Cross Site Scripting  
date:2016-07-10,name:WordPress All in One SEO Pack Plugin Persistent Cross-Site Scripting  
date:2016-07-09,name:WordPress Lazy Content SlCross Site Request Forgery  
date:2016-07-06,name:WordPress CodeCanyon Real3D FlipBook 2.18.8 File Deletion \/ Upload \/ XSS  
date:2016-06-30,name:WordPress Ultimate Membership Pro 3.3 SQL Injection  
date:2016-06-24,name:WordPress Ultimate Product Catalog 3.8.6 Shell Upload  
date:2016-06-23,name:WordPress Contus Vents 1.0 File Upload  
date:2016-06-21,name:WordPress Premium SEO Pack 1.9.1.3 wp_options Overwrite  
date:2016-06-18,name:WordPress Ultimate Product Catalog 3.8.1 Privilege Escalation  
date:2016-06-18,name:WordPress Gravity Forms 1.8.19 Shell Upload  
date:2016-06-16,name:WordPress Social Stream 1.5.15 wp_options Overwrite  
date:2016-06-08,name:Wordpress Levo-Sl2.3 - Persistent Vulnerability  
date:2016-06-08,name:Wordpress Levo-Sl.3 - Arbitrary File Upload Vulnerability  
date:2016-06-08,name:WordPress ADS PRO 2.9.22 \u2013 Multi-Purpose Ad Manager Exploit  
date:2016-06-08,name:\tWordPress UserPro 2.62 \u2013 User Profiles with Social Login Exploit  
date:2016-06-08,name:WordPress Br3 Theme Exploit  
date:2016-06-06,name:Levo Sl.3 Stored XSS WordPress Plugin *youtube  
date:2016-06-06,name:Wordpress Levo-Sl.3 Shell Upload by Unprivileged user  
date:2016-06-05,name:WordPress Realia 0.8.5 Cross Site Scripting  
date:2016-06-05,name:WordPress WP Mobile Detector 3.5 Shell Upload *youtube  
date:2016-05-27,name:WordPress Ninja Forms Unauthenticated File Upload  
date:2016-05-21,name:WordPress Brafton 3.3.10 Cross Site Scripting  
date:2016-05-20,name:Vulnerabilitie XSS in brafton WordPress Plugin  
date:2016-05-16,name:Wordpress Easyrotator Plugin File Manipulation Vulnerability  
date:2016-05-02,name:WordPress Export to Ghost Unrestricted Export Download  
date:2016-04-30,name:WordPress Truemag Theme Cross Site Scripting  
date:2016-04-22,name:WordPress iThemes Security Insecure Backup \/ Logfile Generation  
date:2016-04-19,name:WordPress Kento Post View Counter Plugin 2.8 - CSRF\/XSS  
date:2016-04-19,name:WordPress leenk.me Plugin 2.5.0 - CSRF\/XSS  
date:2016-04-18,name:Wordpress Plugins jQuery Html5 File Upload  
date:2016-04-17,name:Wordpress Plugin Mega stor  - Local File Inclusion  
date:2016-04-13,name:WordPress Robo Gallery 2.0.14 Code Execution  
date:2016-04-11,name:Wordpress Product Options for WooCommerce Plugin File Upload  
date:2016-04-10,name:WordPress Multiple Meta Box 1.0 SQL Injection  
date:2016-04-04,name:WordPress Memphis Document Library Plugin 3.1.5 Path Disclosure  
date:2016-04-04,name:Wordpress Plugin HB Audio Gallery Lite - Arbitrary File Download  
date:2016-03-28,name:WordPress Music Store 1.0.41 Cross Site Scripting  
date:2016-03-28,name:WordPress Claptastic Clap! Button 1.3 Cross Site Scripting  
date:2016-03-28,name:WordPress CloudFlare 1.3.20 Cross Site Scripting  
date:2016-03-28,name:WordPress IMDb Profile W.8 Local File Inclusion  
date:2016-03-28,name:WordPress Visual Form Builder 2.8.6 Cross Site Scripting  
date:2016-03-28,name:WordPress Photocart Link 1.6 Local File Inclusion  
date:2016-03-26,name:WordPress WP External Links 1.80 Cross Site Scripting  
date:2016-03-24,name:WordPress Issuu Panel 1.6 Remote \/ Local File Inclusion  
date:2016-03-24,name:WordPress Facebook With Login 1.0 Cross Site Scripting \/ SQL Injection  
date:2016-03-23,name:WordPress Memphis Document Library 3.1.5 Arbitrary File Download  
date:2016-03-23,name:WordPress HB Audio Gallery Lite 1.0.0 Arbitrary File Download  
date:2016-03-23,name:WordPress Dharma Booking 2.28.3 Remote \/ Local File Inclusion  
date:2016-03-23,name:WordPress Brandfolder 3.0 Remote \/ Local File Inclusion  
date:2016-03-22,name:WordPress eBook Download 1.1 Directory Traversal  
date:2016-03-22,name:WordPress Import CSV 1.1 Directory Traversal  
date:2016-03-22,name:WordPress Abtest Local File Inclusion  
date:2016-03-16,name:WordPress Bulletproof 0.53.2 Cross Site Scripting  
date:2016-03-12,name:WordPress Email Encoder Bundle 1.4.3 - Stored Cross Site Scripting  
date:2016-03-12,name:WordPress WP Mailto Links 2.0.1 - Stored Cross Site Scripting  
date:2016-03-09,name:Wordpress ProjectTheme Multiple Vulnerabilities  
date:2016-03-08,name:WordPress SP Projects And Document Manager 2.5.9.6 XSS \/ SQL Injection  
date:2016-03-04,name:WordPress Bulk Delete 5.5.3 Privilege Escalation  
date:2016-03-03,name:WordPress CP Polls 1.0.8 Cross Site Request Forgery \/ Cross Site Scripting  
date:2016-03-03,name:WordPress CP Polls 1.0.8 File Upload \/ Cross Site Scripting  
date:2016-03-03,name:WordPress CP Polls 1.0.8 Malicious File Download  
date:2016-03-02,name:WordPress GravityForms 1.9.15.11 Cross Site Scripting  
date:2016-03-01,name:WordPress More Fields 2.1 Cross Site Request Forgery  
date:2016-02-28,name:Wordpress Goodnews Themes Reflected Cross Site Scripting  
date:2016-02-26,name:Wordpress Ocim MP3 Plugin SQL Injection Vulnerability  
date:2016-02-25,name:WordPress Extra User Details Plugin 0.4.2 - Privilege Escalation  
date:2016-02-25,name:WordPress User Submitted Posts 20151113 Cross Site Scripting  
date:2016-02-15,name:Wordpress Formcraft Plugin File Upload Vulnerability  
date:2016-02-12,name:WordPress Duplicator 1.1.0 \/ 1.2.0 Cross Site Request Forgery  
date:2016-02-10,name:WordPress WooCommerce 1.5.5 Privilege Escalation  
date:2016-02-09,name:WordPress 4.4.2 SSRF and open redirect vulnerability  
date:2016-02-08,name:WordPress User Meta Manager 3.4.6 Privilege Escalation  
date:2016-02-08,name:Wordpress clikstats plugin Open Redirect  
date:2016-02-08,name:Wordpress Newsletter Pro Plugin Open Redirect  
date:2016-02-08,name:Wordpress Smallbiz Themes Remote File Uploads Vulnerability  
date:2016-02-07,name:WordPress Instagram 1.1.0 Cross Site Scripting  
date:2016-02-06,name:WordPress User Meta Manager Plugin [Blind SQLI]  
date:2016-02-04,name:WordPress Instagram Plugin 1.1.0 Cross Site Scripting  
date:2016-02-01,name:WordPress Comment Rating 1.5.0 Cross Site Scripting  
date:2016-01-31,name:Wordpress Download Manager 2.3.0 XSS  
date:2016-01-31,name:Wordpress simple add pages or posts CSRF Vulnerability  
date:2016-01-29,name:WordPress Appointment Booking Calendar 1.1.24 SQL Injection  
date:2016-01-29,name:WordPress Appointment Booking Calendar 1.1.24 Escalation \/ XSS  
date:2016-01-27,name:WordPress Easy Gallery 4.1.4 Cross Site Scripting  
date:2016-01-26,name:WordPress Appointment Booking Calendar 1.1.23 SQL Injection  
date:2016-01-20,name:WordPress Extredj Open Redirection  
date:2016-01-15,name:Wordpress Tubepress Plugin v 2 Cross Site Scripting  
date:2016-01-14,name:WordPress Commentator 2.5.2 Cross Site Scripting  
date:2016-01-14,name:WordPress No External Links 2.6.3 \/ 2.7.1 Open Redirect  
date:2016-01-14,name:WordPress Tubepress 2 Cross Site Scripting  
date:2016-01-12,name:WordPress JS External Link Info 1.21 Open Redirect  
date:2016-01-09,name:WordPress Symposium Pro Social 15.12 XSS \/ CSRF  
date:2016-01-09,name:Wordpress AzonPop Plugin SQL Injection  
date:2016-01-09,name:Wordpress Feed Statistics Plugin V 1.4.3 Open Redirect  
date:2016-01-08,name:WordPress Stanford Theme Cross Site Scripting  
date:2015-12-23,name:WordPress Content Text Slost 6.8 Cross Site Scripting  
date:2015-12-21,name:WordPress woocommerce plugin v2.4.12 PHP Code Injection Vulnerability  
date:2015-12-21,name:Wordpress Gallery Master Persistent XSS Vulnerability  
date:2015-12-18,name:WordPress Google Adsense 1.29 Cross Site Scripting  
date:2015-12-18,name:WordPress Quotes And Tips 1.19 Cross Site Scripting  
date:2015-12-18,name:WordPress PDF And Print 1.7.4 Cross Site Scripting  
date:2015-12-18,name:WordPress Portfolio 2.27 Cross Site Scripting  
date:2015-12-18,name:WordPress Relevant Related Posts 1.0.7 Cross Site Scripting  
date:2015-12-18,name:WordPress User Role 1.4.1 Cross Site Scripting  
date:2015-12-18,name:WordPress Twitter 2.37 Cross Site Scripting  
date:2015-12-18,name:WordPress Social Essentials Social Stats And Sharing Buttons 1.3.1 XSS  
date:2015-12-18,name:WordPress Limit Attempts 1.0.3 Cross Site Request Forgery  
date:2015-12-18,name:WordPress Limit Attempts 1.0.3 Cross Site Scripting  
date:2015-12-18,name:WordPress Sender 0.7 Cross Site Request Forgery  
date:2015-12-18,name:WordPress Sender 0.7 Cross Site Scripting  
date:2015-12-17,name:WordPress Google Captcha 1.05 Cross Site Scripting  
date:2015-12-17,name:WordPress Simple Booking Calendar 1.3 Cross Site Request Forgery  
date:2015-12-17,name:WordPress Symposium 14.05.02 Cross Site Scripting  
date:2015-12-17,name:WordPress Google +1 1.1.6 Cross Site Scripting  
date:2015-12-17,name:WordPress Facebook Like Button 2.32 Cross Site Scripting  
date:2015-12-17,name:WordPress Contact Form To DB 1.4.0 Cross Site Scripting  
date:2015-12-17,name:WordPress Google Sitemap 2.9.1 Cross Site Scripting  
date:2015-12-17,name:WordPress Donate 2.0.1 Cross Site Scripting  
date:2015-12-17,name:WordPress Symposium 14.05.02 Cross Site Request Forgery  
date:2015-12-17,name:WordPress Captcha 4.0.2 Cross Site Scripting  
date:2015-12-17,name:WordPress Contact Form 3.81 Cross Site Scripting  
date:2015-12-17,name:WordPress NextGEN Gallery 2.0.66.16 Cross Site Scripting  
date:2015-12-17,name:WordPress Gallery 4.2.1 Cross Site Scripting  
date:2015-12-17,name:WordPress Htaccess 1.4 Cross Site Scripting  
date:2015-12-17,name:WordPress BestWebSoft Google Maps 1.2.1 Cross Site Scripting  
date:2015-12-17,name:WordPress Email Queue 1.0.0 Cross Site Request Forgery  
date:2015-12-17,name:WordPress Job Board 1.0.0 Cross Site Scripting  
date:2015-12-17,name:Wordpress Begin Themes Open Redirect Vulnerability  
date:2015-12-16,name:WordPress Tierra Billboard Manager 1.14 SQL Injection  
date:2015-12-15,name:WordPress Admin Management Xtended 2.4.0 Privilege Escalation  
date:2015-12-15,name:Wordpress Plugin Tierra Billboard Manager SQL Injection Vulnerability  
date:2015-12-14,name:Wordpress Ad King Pro Stored XSS Vulnerability  
date:2015-12-12,name:WordPress 4.4 User Enumeration  
date:2015-12-11,name:WordPress S3 Vte Shell Upload  
date:2015-12-10,name:Wordpress agp font awesome collection Stored XSS  
date:2015-12-08,name:WordPress Poll W.7 SQL Injection  
date:2015-12-08,name:WordPress Squirrel Theme 1.6.4 Remote File Inclusion  
date:2015-12-08,name:Wordpress Content text slost Stored XSS  
date:2015-12-06,name:WordPress TheCartPress 1.4.7 Code Execution \/ Local File Disclosure  
date:2015-12-05,name:WordPress Advanced Uploader 2.10 Shell Upload  
date:2015-12-05,name:Wordpress "Js Support Ticket" File Upload Bypass Extensions  
date:2015-12-04,name:WordPress Cool Very 1.9 Command Injection  
date:2015-12-03,name:WordPress Gwolle Guestbook 1.5.3 Remote File Inclusion  
date:2015-12-03,name:WordPress Role Scoper 1.3.66 Cross Site Scripting  
date:2015-12-03,name:WordPress Calls To Action 2.4.3 Cross Site Scripting  
date:2015-12-03,name:WordPress Ultimate Member 1.3.28 Cross Site Scripting  
date:2015-12-03,name:WordPress Users Ultra 1.5.50 SQL Injection  
date:2015-12-03,name:WordPress Users Ultra 1.5.50 Cross Site Scripting  
date:2015-11-29,name:WordPress Auto-ThickBox-Plus XSS Vulnerability  
date:2015-11-29,name:WordPress theme parallelus-salutation Arbitrary File Download Vulnerability  
date:2015-11-21,name:WordPress Category and Page Icons File Upload  
date:2015-11-19,name:Wordpress ajax-load-more Authenticated Arbitrary2.8.2 File Upload Vulnerability  
date:2015-11-18,name:WordPress Users Ultra 1.5.50 Unrestricted File Upload  
date:2015-11-14,name:WordPress i1.wp.com Functionality Abuse  
date:2015-11-10,name:WordPress Ajax Load More PHP Upload  
date:2015-11-06,name:WordPress Neuvoo-Jobroll 2.0 Cross Site Scripting  
date:2015-11-06,name:Wordpress Plugin easy-comment-uploads File Upload Vulendrability  
date:2015-10-19,name:WordPress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability  
date:2015-10-19,name:WordPress Events Made Easy 1.5.49 CSRF \/ XSS  
date:2015-10-16,name:WordPress HUGE IT Very 1.3.6 CSRF Vulnerability  
date:2015-10-13,name:WordPress Pie Register 2.0.18 SQL Injection  
date:2015-10-13,name:WordPress Pie Register 2.0.18 Cross Site Scripting  
date:2015-10-13,name:WordPress Font 7.5 Path Traversal  
date:2015-10-08,name:WordPress Support Ticket System 1.2 SQL Injection  
date:2015-10-07,name:WordPress U-Design Theme 2.7.9 Cross Site Scripting  
date:2015-10-06,name:WordPress ResAds 1.0.1 Cross Site Scripting  
date:2015-10-06,name:WordPress Easy2Map 1.2.9 Cross Site Scripting  
date:2015-10-06,name:WordPress Payment Form For PayPal Pro 1.0.1 XSS  
date:2015-10-06,name:WordPress Easy2Map 1.2.9 Local File Inclusion \/ Directory Traversal  
date:2015-09-30,name:WordPress mTheme-Unus Local File Inclusion  
date:2015-09-30,name:Wordpress Better-wp-security  Plugin Remote Code Execution  
date:2015-09-29,name:WordPress Appointment Booking Calendar 1.1.7 SQL Injection  
date:2015-09-29,name:Wordpress popup-maker Stored XSS  
date:2015-09-26,name:Wordpress wordpress-popup Reflected XSS  
date:2015-09-24,name:Wordpress wp-downloadmanager stored XSS  
date:2015-09-20,name:WordPress Vertical Image SlCSRF \/ XSS  
date:2015-09-15,name:Wordpress Wpages Light XSS  
date:2015-09-15,name:Wordpress GigPress XSS  
date:2015-09-14,name:Wordpress ver stored XSS  
date:2015-09-14,name:Wordpress Ver Stored XSS\/CSRF  
date:2015-09-14,name:Wordpress plugin Ultimate Addons Cross Site Scripting  
date:2015-09-14,name:Wordpress KVS Player Stored XSS\/CSRF  
date:2015-09-10,name:Wordpress Crash Ultimate Addons for Visual Composer vulnerability  
date:2015-09-06,name:WordPress eShop Plugin Reflected XSS  
date:2015-09-06,name:Wordpress Easy Media Gallery Stored XSS  
date:2015-09-03,name:WordPress WP Symposium Plugin Cross Site Scripting  
date:2015-09-01,name:WordPress Testimonial Sl1 Cross Site Scripting  
date:2015-09-01,name:WordPress sourceAFRICA 0.1.3 Cross Site Scripting  
date:2015-08-30,name:WordPress Captain Sl6 Cross Site Scripting  
date:2015-08-28,name:Wordpress Responsive Thumbnail Sled XSS  
date:2015-08-28,name:NextGen Gallery WordPress Plugin LFI\/Path Traversal  
date:2015-08-28,name:WordPress Navis DocumentCloud 0.1 Cross Site Scripting  
date:2015-08-28,name:WordPress Private Only 3.5.1 CSRF \/ Cross Site Scripting  
date:2015-08-28,name:WordPress Responsive Thumbnail SlShell Upload  
date:2015-08-27,name:WordPress YouTube Embed 3.3.2 Cross Site Scripting  
date:2015-08-26,name:WordPress Car Rental System SQL Injection  
date:2015-08-25,name:Wordpress theme Doraa XSS Vulnerability  
date:2015-08-25,name:Wordpress theme Dosimple XSS Vulnerability  
date:2015-08-24,name:WordPress Googmonify 0.8.1 Cross Site Request Forgery \/ Cross Site Scripting  
date:2015-08-21,name:Wordpress Amazonify Plug-in XSS\/CSRF  
date:2015-08-20,name:Wordpress WP Fade in Text News Plugin Cross Site Scripting  
date:2015-08-19,name:Wordpress Tag Miner Cross Site Request Forgery  
date:2015-08-19,name:Wordpress Maintenance Mode Cross Site Scripting  
date:2015-08-19,name:Wordpress 1.5.8 Simple PopUp Plugin Cross Site Scripting  
date:2015-08-19,name:Wordpress WP Slin Cross Site Scripting  
date:2015-08-18,name:Dorks Multiple WordPress passwords disclosure  
date:2015-08-17,name:Wordpress Tag Miner Cross Site Scripting  
date:2015-08-13,name:WordPress OAuth2 Complete 3.1.3 Insecure Random  
date:2015-08-09,name:WordPress 3.8.1 \/ 3.8.2 \/ 4.2.2 Cross Site Request Forgery  
date:2015-08-08,name:Wordpress Avenir-Soft Direct Download Plug-in XSS\/CSRF  
date:2015-08-08,name:WordPress 4.2.3 and earlier SQL Injection Vulnerability  
date:2015-08-04,name:WordPress Altos Connect W.0 Cross Site Scripting  
date:2015-08-04,name:WordPress Admin Pack By Site Caseiro 1.1 Cross Site Scripting  
date:2015-08-04,name:WordPress Database Sync 0.4 Cross Site Scripting  
date:2015-08-04,name:WordPress Ninja Forms 2.9.21 Cross Site Scripting  
date:2015-08-03,name:WordPress Advance Categorizer 0.3 Cross Site Scripting  
date:2015-08-03,name:WordPress 1-Click Retweet\/Share\/Like 5.2 Cross Site Scripting  
date:2015-08-03,name:WordPress Chief Editor 3.6.1 Cross Site Scripting  
date:2015-08-03,name:WordPress Advertisement Management 1.0 Cross Site Scripting  
date:2015-08-03,name:WordPress Customize Youtube V Cross Site Scripting  
date:2015-08-03,name:WordPress Copy Or Move Comments 1.0.0 Cross Site Scripting  
date:2015-08-03,name:WordPress F\/T\/G Social W3.7 Cross Site Scripting  
date:2015-07-29,name:WordPress Flickr Justified Gallery 3.3.6 Cross Site Scripting  
date:2015-07-29,name:XSS vulnerability in WordPress plugin The Holndar  
date:2015-07-28,name:WordPress Unite Gallery Lite 1.4.6 CSRF \/ SQL Injection  
date:2015-07-28,name:WordPress Music Store 1.0.14 Open Redirect  
date:2015-07-27,name:Unite Gallery Lite WordPress Plugin v1.4.6 Cross-Site Request Forgery & SQL Injection  
date:2015-07-25,name:Open Redirect Vulnerability in Music Store WordPress Plugin v1.0.14  
date:2015-07-25,name:Cross-Site Request Forgery & SQL Injection Vulnerabilities in Unite Gallery Lite WordPress Plugi  
date:2015-07-23,name:WordPress Paships Pro 1.8.4.2 Cross Site Scripting  
date:2015-07-22,name:WordPress Portfolio 1.0 Cross Site Request Forgery  
date:2015-07-21,name:WordPress Mailcwp 1.99 Shell Upload  
date:2015-07-17,name:WordPress WP Attachment Export 0.2.3 Arbitrary File Download  
date:2015-07-17,name:WordPress BuddyPress Activity Plus 1.5 CSRF \/ File Deletion  
date:2015-07-17,name:WordPress Subscribe To Comments 2.1.2 LFI \/ Code Execution  
date:2015-07-16,name:Wordpress ibs-mappro Plugin Arbitrary File Download Vulnerability  
date:2015-07-15,name:WordPress Plotly 1.0.2 Cross Site Scripting  
date:2015-07-15,name:WordPress Image Export 1.1 Arbitrary File Download  
date:2015-07-13,name:WordPress CP Contact Form With Paypal 1.1.5 CSRF \/ XSS \/ SQL Injection  
date:2015-07-13,name:WordPress GD bbPress Attachments 2.1 Cross Site Scripting  
date:2015-07-13,name:WordPress GD bbPress Attachments 2.1 Local File Inclusion  
date:2015-07-13,name:WordPress WP-SwimTeam 1.44.10777 Arbitrary File Download  
date:2015-07-08,name:WordPress MDC-Youtube-Downloader 2.1.0 File Disclosure  
date:2015-07-08,name:WordPress WP-Ecommerce-Shop-Styling 2.5 File Download  
date:2015-07-07,name:WordPress easy2map 1.24 SQL Injection  
date:2015-06-27,name:WordPress WP-Instance-Rename 1.0 File Download  
date:2015-06-25,name:WordPress Nextend Twitter Connect 1.5.1 Cross Site Scripting  
date:2015-06-25,name:Wordpress huge-it-sl5 & Persistent JS-HTML Code injection  
date:2015-06-24,name:WordPress Nextend Facebook Connect 1.5.4 Cross Site Scripting  
date:2015-06-24,name:WordPress Revsltrary File Upload, Download & Cross Site Scripting  
date:2015-06-24,name:WordPress Google Analyticator 6.4.9.3 CSRF  
date:2015-06-19,name:WordPress Revsl2 XSS \/ Information Disclosure  
date:2015-06-16,name:WordPress Yoast 2.1.1 Cross Site Scripting  
date:2015-06-16,name:WordPress Users To CSV 1.4.5 Cross Site Request Forgery  
date:2015-06-15,name:Yoast WordPress SEO Plugin <= 2.1.1 Stored Authenticated XSS  
date:2015-06-11,name:WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta Shell Upload  
date:2015-06-11,name:Wordpress History Collection <=1.1.1 Arbitraty File Download  
date:2015-06-09,name:Wordpress Plugin 'WP Mobile Edition' LFI Vulnerability  
date:2015-06-06,name:Xloner v3.1.2 wordpress plugin authenticated command execution and XSS  
date:2015-06-05,name:WordPress zM Ajax Login & Register Plugin 1.0.9 Local File Inclusion  
date:2015-06-02,name:WordPress UserPro 2.33 Cross Site Scripting  
date:2015-05-27,name:WordPress Church Admin 0.800 Cross Site Scripting  
date:2015-05-27,name:WordPress MailChimp Subscribe Forms 1.1 Remote Code Execution  
date:2015-05-27,name:WordPress Estrutura-Basica File Disclosure  
date:2015-05-26,name:WordPress plugin "GigPress" SQLi vulnerabilities  
date:2015-05-26,name:Wordpress church_admin Stored XSS  
date:2015-05-26,name:WordPress plugin "WordPress Landing Pages" Multiple vulnerabilities  
date:2015-05-26,name:WordPress plugin "NewStatPress" Multiple vulnerabilities  
date:2015-05-23,name:WordPress Very 2.8 Unprotected Mail Page *youtube  
date:2015-05-22,name:WordPress WP Photo Album Plus 6.1.2 Cross Site Scripting  
date:2015-05-21,name:WordPress FeedWordPress Plugin 2015.0426 SQL Injection  
date:2015-05-21,name:WordPress WP Membership Plugin 1.2.3 Multiple Vulnerabilities  
date:2015-05-19,name:WordPress Simple Backup Plugin Arbitrary Download  
date:2015-05-18,name:WordPress 'WP Security Scan(Acunetix)' Exposure Backup File Unauthorized Control  
date:2015-05-18,name:WordPress 'ALL Themes' Developed By "ThemeMakers" File Information Exposure  
date:2015-05-18,name:WordPress 'Snapshot Pro' Plugin Exposure Backup File to Unauthorized Control  
date:2015-05-18,name:WordPress 'WP Backup Plus' Plugin Exposure Backup File to Unauthorized Control  
date:2015-05-18,name:WordPress 'BackupBuddy' Plugin Exposure Backup File to Unauthorized Control  
date:2015-05-14,name:WordPress Contact Form To Email Plugin CSRF \/ XSS  
date:2015-05-11,name:WordPress Yet Another Related Posts 4.2.4 CSRF \/ XSS \/ Code Execution  
date:2015-05-08,name:WordPress Ultimate Profile Builder 2.3.3 CSRF \/ Cross Site Scripting  
date:2015-05-08,name:WordPress ClickBank Ads 1.7 CSRF \/ Cross Site Scripting  
date:2015-05-08,name:WordPress RevSl95 File Upload \/ Execute  
date:2015-05-08,name:WordPress Ad Buttons 2.3.1 CSRF \/ Cross Site Scripting  
date:2015-05-08,name:WordPress Twenty Fifteen 4.2.1 Cross Site Scripting  
date:2015-05-07,name:Wordpress Freshmail Unauthenticated SQL Injection  
date:2015-05-07,name:WordPress Embed-Articles 7.0.3 XSRF \/ XSS  
date:2015-05-07,name:WordPress Ad Inserter 1.5.2 XSRF \/ XSS  
date:2015-05-06,name:WordPress 4.2.1 XSS \/ Code Execution  
date:2015-05-06,name:WordPress eShop 6.3.11 Code Execution  
date:2015-05-05,name:WordPress Ultimate Product Catalogue 3.1.2 XSS \/ CSRF \/ File Upload  
date:2015-04-29,name:TheCartPress WordPress plugin 1.3.9 Multiple Vulns  
date:2015-04-28,name:WordPress Exquisite Ultimate Newspaper 1.3.3 Cross Site Scripting  
date:2015-04-28,name:WordPress WooCommerce Amazon Affiliates 7.0 Shell Upload \/ File Disclosure  
date:2015-04-28,name:WordPress Premium SEO Pack 1.8.0 Shell Upload \/ File Disclosure  
date:2015-04-27,name:WordPress 4.2 Stored XSS  
date:2015-04-27,name:WordPress WPshop eCommerce 1.3.9.5 Shell Upload  
date:2015-04-27,name:WordPress InBoundio Marketing 2.0 Shell Upload  
date:2015-04-27,name:WordPress Ultimate Product Catalogue 3.1.4 Vulnerability  
date:2015-04-22,name:WordPress Yoast Google Analytics Cross Site Scripting  
date:2015-04-22,name:WordPress Add Link To Facebook 1.215 Cross Site Scripting  
date:2015-04-21,name:WordPress Slallery Authenticated File Upload  
date:2015-04-20,name:WordPress Creative Contact Form Upload  
date:2015-04-20,name:WordPress N-Media Website Contact Form Upload  
date:2015-04-20,name:WordPress Reflex Gallery Upload  
date:2015-04-20,name:WordPress Citizen Space 1.1 Cross Site Scripting  
date:2015-04-20,name:WordPress Content Sl CSRF \/ Cross Site Scripting  
date:2015-04-20,name:WordPress Work The Flow Upload  
date:2015-04-17,name:Wordpress Ajax Store Locator <= 1.2 SQL Injection Vulnerability  
date:2015-04-16,name:WordPress WP Statistics 9.1.2 Cross Site Scripting  
date:2015-04-14,name:WordPress MiwoFTP Plugin 1.0.5 CSRF Arbitrary File Deletion Exploit  
date:2015-04-14,name:WordPress MiwoFTP Plugin 1.0.5 CSRF Arbitrary File Creation Exploit (RCE)  
date:2015-04-14,name:WordPress MiwoFTP Plugin 1.0.5 Multiple CSRF XSS Vulnerabilities  
date:2015-04-11,name:WordPress Fusion Engage Local File Disclosure  
date:2015-04-11,name:WordPress Duplicator 0.5.14 Cross Site Request Forgery \/ SQL Injection  
date:2015-04-09,name:WordPress Windows Desktop And iPhone Photo Uploader File Upload  
date:2015-04-08,name:WordPress Shareaholic 7.6.0.3 Cross Site Scripting  
date:2015-04-07,name:WordPress Work The Flow 2.5.2 Shell Upload  
date:2015-04-04,name:WordPress Simple Ads Manager 2.5.94 \/ 2.5.96 SQL Injection  
date:2015-04-04,name:WordPress Simple Ads Manager 2.5.94 \/ 2.5.96 Information Disclosure  
date:2015-04-04,name:WordPress Simple Ads Manager 2.5.94 File Upload  
date:2015-04-04,name:WordPress PHP Event Calendar 1.5 Arbitrary File Upload  
date:2015-04-02,name:WordPress DesignFolio+ Theme File Upload  
date:2015-04-02,name:WordPress Ver Verence Integration 4.91.8 Shell Upload  
date:2015-04-02,name:WordPress Ver Ventation 3.31.17 Shell Upload  
date:2015-04-02,name:WordPress Revolution Sl Upload  
date:2015-04-02,name:Wordpress Better-wp-security Plugin Remote Code Execution  
date:2015-04-01,name:WordPress Business Intelligence Lite 1.6.1 SQL Injection  
date:2015-03-30,name:Wordpress aspose-doc-exporter Plugin Arbitrary File Download Vulnerability  
date:2015-03-27,name:WordPress Aspose Cloud eBook Generator File Download  
date:2015-03-27,name:Wordpress Aspose-Cloud-eBook-Generator Plugin Arbitrary File Download  
date:2015-03-26,name:WordPress Marketplace 2.4.0 Add Administrator  
date:2015-03-25,name:Wordpress Theme Arbitrary File Download Vulnerability  
date:2015-03-24,name:WordPress MP3-Jplayer 2.1 Local File Disclosure  
date:2015-03-24,name:WordPress InBoundio Marketing Shell Upload  
date:2015-03-24,name:WordPress AB Google Map Travel CSRF \/ XSS  
date:2015-03-17,name:WordPress Reflex Gallery 3.1.3 Shell Upload  
date:2015-03-17,name:WordPress WPML Missing Authentication  
date:2015-03-13,name:WordPress SEO By Yoast 1.7.3.3 SQL Injection  
date:2015-03-13,name:WordPress WPML XSS \/ Deletion \/ SQL Injection  
date:2015-03-13,name:WordPress Huge IT Sl8 SQL Injection  
date:2015-03-12,name:WordPress Daily Edition Theme 1.6.2 Cross Site Scripting  
date:2015-03-12,name:WordPress Daily Edition Theme 1.6.2 Path Disclosure  
date:2015-03-11,name:WordPress Fraction Theme 1.1.1 Privilege Escalation  
date:2015-03-10,name:WordPress Daily Edition 1.6.2 File Upload  
date:2015-03-10,name:WordPress Yoast Google Analytics 5.3.2 Cross Site Scripting  
date:2015-03-06,name:WordPress Download Manager 2.7.2 Privilege Escalation  
date:2015-03-05,name:WordPress Max Banner Ads 1.9 Cross Site Scripting  
date:2015-03-05,name:WordPress Newsletter 2.6.x \/ 2.5.x Open Redirect  
date:2015-03-04,name:WordPress: Webdorado Spt Calendar <= 1.4.9  SQL Injection  
date:2015-03-03,name:WordPress Photocrati Theme 4.x.x SQL Injection  
date:2015-03-03,name:WordPress WP All 3.2.3 Shell Upload  
date:2015-03-03,name:WordPress Calculated Fields Form 1.0.10 SQL Injection  
date:2015-02-28,name:WordPress Media Cleaner 2.2.6 Cross Site Scripting  
date:2015-02-25,name:Wordpress force download  Local File Download  
date:2015-02-24,name:WordPress Easy Social Icons 1.2.2 CSRF \/ XSS  
date:2015-02-24,name:WordPress Holding Pattern Theme Arbitrary File Upload  
date:2015-02-19,name:WordPress Duplicator 0.5.8 Privilege Escalation  
date:2015-02-18,name:WordPress Image Metadata Cruncher CSRF \/ XSS  
date:2015-02-17,name:WordPress Fusion 3.1 Arbitrary File Upload  
date:2015-02-17,name:WordPress Image Metadata Cruncher Cross Site Scripting  
date:2015-02-14,name:WordPress Photo Gallery 1.2.5 Unrestricted File Upload  
date:2015-02-14,name:WordPress Fusion 1.9.1 Arbitrary File Upload  
date:2015-02-13,name:WordPress Failed Randomness on Windows  
date:2015-02-13,name:WordPress Survey And Poll 1.1.7 Blind SQL Injection  
date:2015-02-12,name:WordPress Very 2.7 SQL Injection  
date:2015-02-12,name:WordPress Ninja Forms 2.8.8 Cross Site Scripting  
date:2015-02-10,name:WordPress Contact Form DB 2.8.26 Cross Site Scripting  
date:2015-02-10,name:WordPress Cart66 Lite 1.5.4 Cross Site Scripting  
date:2015-02-10,name:WordPress Holding Pattern 0.6 Shell Upload  
date:2015-02-10,name:WordPress WPLMS 1.8.4.1 Privilege Escalation  
date:2015-02-10,name:WordPress WP EasyCart Unrestricted File Upload  
date:2015-02-10,name:WordPress Acobot Live Chat And Contact Form 2.0 CSRF \/ XSS  
date:2015-02-04,name:WordPress Platform Theme Remote Code Execution  
date:2015-02-04,name:WordPress Pixabay Images PHP Code Upload  
date:2015-02-03,name:WordPress Quasar Theme 1.9.1 Privilege Escalation  
date:2015-01-27,name:WordPress Revolution Sll File Disclosure  
date:2015-01-26,name:Wordpress RedSteel Theme Arbitrary File Download Vulnerability  
date:2015-01-20,name:WordPress Bretheon Theme Arbitrary File Download  
date:2015-01-20,name:WordPress CIP4 Folder Download 1.10 Local File Inclusion  
date:2015-01-20,name:WordPress Pixarbay Images 2.3 XSS \/ Bypass \/ Upload \/ Traversal  
date:2015-01-18,name:Wordpress Theme Bretheon Arbitrary File Download Vulnerability  
date:2015-01-15,name:WordPress Simple Security 1.1.5 Cross Site Scripting  
date:2015-01-14,name:Wordpress Photo Gallery Unauthenticated SQL Injection User Enumeration  
date:2015-01-13,name:WordPress Pods 2.4.3 CSRF \/ Cross Site Scripting  
date:2015-01-13,name:WordPress WP Symposium 14.11 Shell Upload  
date:2015-01-09,name:WordPress Shopping Cart 3.0.4 Unrestricted File Upload  
date:2015-01-09,name:Wordpress slrox Plugin Cross site scripting vulnerability  
date:2015-01-06,name:WordPress Banner Effect Header 1.2.6 XSS \/ CSRF  
date:2015-01-05,name:Wordpress Email newsletter 20.9 Cross Site Scripting  
date:2015-01-05,name:Wordpress sumome 1.6 Cross Site Scripting  
date:2015-01-05,name:Wordpress WP-EMail 2.64 Cross Site Scripting  
date:2015-01-05,name:Wordpress Email 1.1 Cross Site Scripting  
date:2014-12-31,name:Wordpress 4.1 XSS & CSRF Web Vulnerability  
date:2014-12-30,name:WordPress Frontend Uploader 0.9.2 Cross Site Scripting  
date:2014-12-30,name:WordPress Dmsguestbook Unauthenticated Data Injection  
date:2014-12-29,name:Wordpress RevSlin LFD  
date:2014-12-28,name:Wordpress Frontend Uploader Cross Site Scripting(XSS)  
date:2014-12-25,name:WordPress Themes download.php File Disclosure  
date:2014-12-19,name:WordPress Simplelife 1.2 CSRF \/ XSS  
date:2014-12-19,name:WordPress SimpleFlickr 3.0.3 CSRF \/ XSS  
date:2014-12-19,name:WordPress PWG Random 1.11 CSRF \/ XSS  
date:2014-12-19,name:WordPress iTwitter 0.04 Cross Site Request Forgery \/ Cross Site Scripting  
date:2014-12-19,name:WordPress TweetScribe 1.1 CSRF \/ XSS  
date:2014-12-19,name:WordPress PictoBrowser 0.3.1 CSRF \/ XSS  
date:2014-12-19,name:WordPress gSl.1 CSRF \/ XSS  
date:2014-12-19,name:WordPress Twitter 0.7 CSRF \/ XSS  
date:2014-12-19,name:WordPress WP Limit Posts Automatically 0.7 CSRF \/ XSS  
date:2014-12-19,name:WordPress Twitter LiveBlog 1.1.2 CSRF \/ XSS  
date:2014-12-19,name:WordPress twimp-wp Cross Site Request Forgery \/ Cross Site Scripting  
date:2014-12-18,name:WordPress Bird Feeder 1.2.3 CSRF \/ XSS  
date:2014-12-17,name:WordPress A.F.D. Theme Echelon Arbitrary File Download  
date:2014-12-16,name:WordPress O2Tweet 0.0.4 CSRF \/ XSS  
date:2014-12-15,name:Wordpress Wp Symposium 14.11 Unauthenticated Shell Upload Exploit  
date:2014-12-13,name:WordPress Slial Icons 1.61 CSRF \/ XSS  
date:2014-12-13,name:WordPress Timed Popup 1.3 CSRF \/ XSS  
date:2014-12-13,name:WordPress WP Construction Mode 1.91 XSS  
date:2014-12-09,name:WordPress Ajax Store Locator 1.2 Arbitrary File Download  
date:2014-12-04,name:Cart66 Lite WordPress Ecommerce 1.5.1.17 Blind SQL Injection  
date:2014-12-04,name:WordPress CM Download Manager 2.0.6 XSS \/ CSRF  
date:2014-12-02,name:Wordpress <= v4.0 - Denial of Service  
date:2014-12-02,name:WordPress <= v4.0 Denial of Service Exploit  
date:2014-12-01,name:WordPress Ad-Manager 1.1.2 Open Redirect  
date:2014-11-27,name:Wordpress db-backup plugin File Download Vulnerability  
date:2014-11-27,name:WordPress Sexy Squeeze Pages Cross Site Scripting  
date:2014-11-27,name:WordPress Html5 Mp3 Player Full Path Disclosure  
date:2014-11-25,name:WordPress WP-DB-Backup 2.2.4 Backup Theft  
date:2014-11-25,name:WordPress wpDataTables 1.5.3 SQL Injection  
date:2014-11-25,name:WordPress wpDataTables 1.5.3 Shell Upload  
date:2014-11-23,name:WordPress SP Client Document Manager 2.4.1 SQL Injection  
date:2014-11-21,name:WordPress CM Download Manager 2.0.0 Code Injection  
date:2014-11-21,name:WordPress 3.9.2 Cross Site Scripting  
date:2014-11-14,name:WordPress SupportEzzy Ticket System 1.2.5 Cross Site Scripting  
date:2014-11-11,name:Another WordPress Classifieds Cross Site Scripting \/ SQL Injection  
date:2014-11-07,name:Joomla\/WordPress XCloner Command Execution \/ Password Disclosure  
date:2014-11-06,name:WordPress Bulletproof-Security .51 XSS \/ SQL Injection \/ SSRF  
date:2014-11-05,name:WordPress Wordfence Firewall 5.1.2 Cross Site Scripting  
date:2014-11-05,name:WordPress Clean And Simple Contact Form 4.4.0 XSS  
date:2014-10-27,name:WordPress Count-per-Day Plugin (notes.php) Remote Code Upload  
date:2014-10-27,name:WordPress Download Manager Plugin Arbitrary File Download  
date:2014-10-27,name:Wordpress gallery-bank Plugin Upload Vulnerability  
date:2014-10-25,name:WordPress HT-Poi Plugin Remote File Upload (RFU)  
date:2014-10-25,name:WordPress HTML5 and FLash PLayer Plugin SQL Injection  
date:2014-10-24,name:WordPress CP Multi View Event Calendar 1.01 SQL Injection  
date:2014-10-24,name:WordPress \/ Joomla Creative Contact Form 0.9.7 Shell Upload  
date:2014-10-22,name:WordPress Database Manager 2.7.1 Command Injection \/ Credential Leak  
date:2014-10-16,name:WordPress WP Google Maps 6.0.26 Cross Site Scripting  
date:2014-10-16,name:WordPress MaxButtons 1.26.0 Cross Site Scripting  
date:2014-10-10,name:WordPress EWWW Image Optimizer 2.0.1 Cross Site Scripting  
date:2014-10-10,name:WordPress Contact Form DB 2.8.13 Cross Site Scripting  
date:2014-10-10,name:WordPress Google Calendar Events 2.0.1 Cross Site Scripting  
date:2014-10-09,name:Wordpress InfusionSoft Upload  
date:2014-10-06,name:WordPress BulletProof Security 50.8 Script Insertion  
date:2014-10-02,name:WordPress Content Audit 1.6 Blind SQL Injection  
date:2014-10-02,name:WordPress Photo Gallery 1.1.30 Cross Site Scripting  
date:2014-10-01,name:WordPress All In One Security And Firewall 3.8.3 XSS  
date:2014-09-18,name:WordPress WP-Ban 1.62 Bypass  
date:2014-09-18,name:WordPress Login Wh Shortcode 3.1.1 CSRF \/ XSS  
date:2014-09-16,name:WordPress Wordfence 5.2.3 Cross Site Scripting \/ Bypass  
date:2014-09-13,name:WordPress Photo Album Plus 5.4.4 Cross Site Scripting  
date:2014-09-12,name:WordPress Trinity Theme Arbitrary File Download  
date:2014-09-09,name:WordPress Antioch Arbitrary File Download  
date:2014-09-08,name:Wordpress Authentic Theme Arbitrary File Download Vulnerability  
date:2014-09-08,name:Wordpress epic theme Arbitrary File Download Vulnerability  
date:2014-09-07,name:Wordpress Like Dislike Counter Plugin SQL Injection Vulnerability  
date:2014-09-07,name:WordPress acento theme Arbitrary File Download Vulnerability  
date:2014-09-07,name:WordPress FR0_theme theme Arbitrary File Download Vulnerability  
date:2014-09-07,name:WordPress lote27 theme Arbitrary File Download Vulnerability  
date:2014-09-07,name:WordPress NativeChurch theme Arbitrary File Download Vulnerability  
date:2014-09-04,name:WordPress Advanced Access Manager 2.8.2 File Write \/ Code Execution  
date:2014-09-03,name:WordPress Huge IT Image Gallery 1.0.0 SQL Injection  
date:2014-09-02,name:WordPress CuckooTap Theme & eShop Arbitrary File Download  
date:2014-08-28,name:WordPress ShortCode 1.1 Local File Inclusion  
date:2014-08-27,name:WordPress WPtouch Mobile 3.4.5 Shell Upload  
date:2014-08-26,name:WordPress KenBurner Sltrary File Download  
date:2014-08-21,name:WordPress All In One SEO Pack 2.2.2 Cross Site Scripting  
date:2014-08-21,name:WordPress Mobile Pack 2.0.1 Information Disclosure  
date:2014-08-19,name:WordPress Disqus 2.7.7 Cross Site Request Forgery  
date:2014-08-19,name:Wordpress 3.9.1 pluggable.php CSRF vulnerability  
date:2014-08-13,name:WordPress Disqus 2.7.5 CSRF \/ Cross Site Scripting  
date:2014-08-13,name:WordPress CK-And-SyntaxHighLighter Arbitrary File Upload  
date:2014-08-13,name:WordPress 3.9 XMLRPC Denial of Service Exploit  
date:2014-08-12,name:WordPress GB Gallery Sl.5 SQL Injection *youtube  
date:2014-08-11,name:WordPress 3.9 and Drupal 7.x Denial Of Service Vulnerability *vdate:2014-08-11,name:Wordpress Js plupload Cross Site Scripting  
date:2014-08-08,name:WordPress WPSS 0.62 Cross Site Scripting  
date:2014-08-08,name:WordPress WPSS 0.62 SQL Injection  
date:2014-08-05,name:WordPress MyBand Theme Cross Site Scripting  
date:2014-08-04,name:WordPress Gmedia Gallery 1.2.1 Shell Upload  
date:2014-08-04,name:WordPress Gamespeed Theme Cross Site Scripting  
date:2014-08-03,name:Wordpress SI CAPTCHA Anti-Spam Plugin Cross site scripting  
date:2014-08-02,name:Wordpress Sper plugin Cross site scripting  
date:2014-07-30,name:WordPress WhyDoWork AdSense 1.2 XSS \/ CSRF  
date:2014-07-29,name:WordPress Sllution Responsive 4.1.4 File Download  
date:2014-07-29,name:WordPress Lead Octopus Power SQL Injection  
date:2014-07-29,name:WordPress FBGorilla SQL Injection  
date:2014-07-25,name:WordPress Very 2.5 Cross Site Scripting \/ SQL Injection  
date:2014-07-22,name:WordPress Gallery Objects 0.4 SQL Injection  
date:2014-07-16,name:Wordpress WPTouch Authenticated File Upload  
date:2014-07-15,name:WordPress CopySafe PDF Protection 0.6 Shell Upload  
date:2014-07-15,name:WordPress Tery 1.1 Shell Upload \/ XSS  
date:2014-07-14,name:DZS Very for WordPress XSS, FPD and RCE vulnerabilities  
date:2014-07-13,name:WordPress Download Manager 2.6.8 Shell Upload  
date:2014-07-10,name:WordPress BSK PDF Manager 1.3.2 SQL Injection  
date:2014-07-07,name:Wordpress MailPoet (wysija-newsletters) Unauthenticated File Upload  
date:2014-07-07,name:WordPress NextGEN Gallery 2.0.63 Shell Upload  
date:2014-07-02,name:Wordpress blogstand-smart-banner.1.0 Cross Site Scripting  
date:2014-06-29,name:Wordpress ml-slCross Site Scripting  
date:2014-06-29,name:Wordpress wp-construction-mode.1.8 Cross Site Scripting  
date:2014-06-27,name:WordPress Simple Share Buttons Adder 4.4 CSRF \/ XSS  
date:2014-06-23,name:Wordpress 3.9.1-CSRF vulnerability  
date:2014-06-02,name:WordPress Popup Images Cross Site Scripting  
date:2014-06-02,name:WordPress Participants Database 1.5.4.8 SQL Injection  
date:2014-06-02,name:WordPress iMember360is 3.9.001 XSS Disclosure Code Execution  
date:2014-05-30,name:WordPress DZS Very Cross Site Scripting \/ Content Spoofing  
date:2014-05-23,name:WordPress Conversion Ninja Cross Site Scripting  
date:2014-05-23,name:WordPress bib2html 0.9.3 Cross Site Scripting  
date:2014-05-22,name:WordPress Booking System SQL Injection  
date:2014-05-22,name:WordPress Simple Popup Cross Site Scripting  
date:2014-05-14,name:WordPress Formrms Remote Code Execution  
date:2014-05-13,name:Wordpress Bonuspressx Plugin Cross Site Scripting  
date:2014-05-08,name:WordPress Photo-Gallery Cross Site Request Forgery  
date:2014-05-02,name:WordPress leaflet maps marker plugin SQL Injection Vulnerability  
date:2014-05-02,name:WordPress plugin EZPZ One Click Backup Command Injection  
date:2014-04-28,name:NextCellent Gallery 1.9.13 WordPress plugin XSS  
date:2014-04-28,name:WordPress Work-The-Flow 1.2.1 Shell Upload  
date:2014-04-22,name:WordPress JS External Link Info Cross Site Scripting  
date:2014-04-22,name:Wordpress Themes Theagency File Upload Vulnerability  
date:2014-04-21,name:WordPress File Disclosure Vulnerability  
date:2014-04-15,name:WordPress LineNity Local File Inclusion  
date:2014-04-14,name:WordPress Theme LineNity LFI  
date:2014-04-03,name:WordPress XCloner 3.1.0 Cross Site Request Forgery  
date:2014-03-29,name:WordPress Business Intelligence 1.0.6 Shell Upload  
date:2014-03-11,name:Wordpress plugin LayerSlersion 4.6.1 Directory Traversal CSRF  
date:2014-03-07,name:WordPress Premium Gallery Manager Shell Upload  
date:2014-03-06,name:WordPress Barclaycart Shell Upload  
date:2014-03-04,name:WordPress thecotton Themes Remote File Upload Vulnerability  
date:2014-03-04,name:WordPress plugin Google Analytics MU 2.3 CSRF  
date:2014-03-03,name:WordPress Sixtees Shell Upload  
date:2014-02-27,name:WordPress Alpine PhotoTile For Instagram 1.2.6.5 XSS  
date:2014-02-27,name:WordPress Ver Live Streaming 4.29.6 Cross Site Scripting  
date:2014-02-27,name:WordPress Wtrol 1.0.1 Cross Site Scripting  
date:2014-02-27,name:WordPress PrintFriendly 3.3.7 Cross Site Scripting  
date:2014-02-27,name:WordPress mp3-jplayer 1.8.7 Cross Site Scripting  
date:2014-02-27,name:WordPress BSK PDF Manager 1.3 Cross Site Scripting  
date:2014-02-26,name:WordPress Zedity 2.4.0 Cross Site Scripting  
date:2014-02-26,name:WordPress Thanks You Counter Button 1.8.7 Cross Site Scripting  
date:2014-02-26,name:WordPress EasyMedia Gallery 1.2.29 Cross Site Scripting  
date:2014-02-24,name:Media File Renamer V1.7.0 wordpress plugin XSS  
date:2014-02-16,name:WordPress WP-Password Plugin XSS Vulnerability  
date:2014-02-15,name:Wordpress Plugin Acunetix WP Security Make Backup CSRF  
date:2014-02-15,name:Wordpress Plugin Better WP Security multiple vulnerability  
date:2014-02-14,name:WordPress Buddypress 1.9.1 Cross Site Scripting  
date:2014-02-14,name:WordPress Buddypress 1.9.1 Privilege Escalation  
date:2014-02-13,name:Wordpress dzs-vry plugin Cross site scripting Vulnerability  
date:2014-02-07,name:WordPress Dandelion Theme Shell Upload  
date:2014-02-02,name:Wordpress 3.3.1+dfsg-1 Media Library Persistent XSS  
date:2014-01-30,name:Wordpress amerisale-re Arbitrary File Upload Vulnerability  
date:2014-01-30,name:WordPress Photocrati Cross Site Scripting  
date:2014-01-30,name:Wordpress amerisale-re Remote Shell Upload  
date:2014-01-28,name:WordPress SS Downloads Cross Site Scripting  
date:2014-01-28,name:WordPress Seo Link Rotator Cross Site Scripting  
date:2014-01-28,name:WordPress Infocus Theme Cross Site Scripting  
date:2014-01-26,name:Wordpress anti-plagiarism Cross Site Scripting Vulnerability  
date:2014-01-24,name:WordPress E-Commerce 3.8.9.5 File Upload \/ XSS \/ CSRF \/ Code Execution  
date:2014-01-21,name:WordPress Global Flash Galleries File Upload  
date:2014-01-20,name:Wordpress social ring Cross Site Scripting  
date:2014-01-14,name:WordPress DT Chocolate Cross Site Scripting  
date:2014-01-09,name:WordPress WP-Members 2.8.9 Cross Site Scripting  
date:2014-01-04,name:Wordpress intouch Cross Site Scripting Vulnerability  
date:2014-01-01,name:WordPress 2.0.11 CSRF in options-discussion.php  
date:2013-12-31,name:Wordpress dzs-vry plugin Cross site scripting Vulnerability  
date:2013-12-30,name:Wordpress formcraft Plugin Sql Injection  
date:2013-12-27,name:WordPress Ad-minister 0.6 Cross Site Scripting  
date:2013-12-24,name:Wordpress Recommend to a friend plugin Cross site scripting  
date:2013-12-23,name:Wordpress information leakage and backdoor in writing settings  
date:2013-12-23,name:Wordpress WP EZLead Pro plugin Cross site scripting  
date:2013-12-20,name:Wordpress cevhershare plugin Cross site scripting Vulnerability  
date:2013-12-20,name:WordPress URL Redirector Abuse and XSS vulnerabilities  
date:2013-12-08,name:WordPress DZS Very 3.1.3 Remote File Disclosure  
date:2013-12-08,name:WordPress Page Flip Image Gallery Shell Upload  
date:2013-12-06,name:WordPress Easy Career Openings SQL Injection  
date:2013-12-03,name:WordPress OptimizePress Theme File Upload  
date:2013-12-03,name:WordPress Blooog 1.1 jplayer.swf Cross Site Scripting  
date:2013-12-03,name:WordPress Js-Multi-Hotel 2.2.1 Cross Site Scripting  
date:2013-12-02,name:WordPress dzs-vry Plugins Remote File Upload Vulnerability  
date:2013-12-01,name:Wordpress Orange Themes CSRF File Upload Vulnerability  
date:2013-12-01,name:WordPress Folo Theme Cross Site Scripting  
date:2013-11-28,name:Wordpress amerisale-re plugin Cross site scripting  
date:2013-11-28,name:Wordpress optinfirex plugin Cross site scripting  
date:2013-11-26,name:WordPress Blogfolio Shell Upload  
date:2013-11-26,name:WordPress Contact Form 7 3.5.2 Shell Upload  
date:2013-11-26,name:WordPress Elemin Shell Upload  
date:2013-11-26,name:WordPress Pinboard Shell Upload  
date:2013-11-26,name:WordPress Blogggie Shell Upload  
date:2013-11-26,name:WordPress Folo Shell Upload  
date:2013-11-22,name:Wordpress capturapro Plugin Cross site scripting  
date:2013-11-21,name:WordPress Suco Shell Upload  
date:2013-11-21,name:WordPress iThemes2 Shell Upload  
date:2013-11-21,name:WordPress Pretty Photo Cross Site Scripting  
date:2013-11-19,name:WordPress Project 10 Themes Remote File Upload Vulnerability  
date:2013-11-19,name:WordPress Tweet Blender 4.0.1 Cross Site Scripting  
date:2013-11-18,name:WordPress EuclSite Request Forgery  
date:2013-11-18,name:WordPress Dimension Cross Site Request Forgery  
date:2013-11-18,name:WordPress Amplus Cross Site Request Forgery  
date:2013-11-18,name:WordPress Make A Statement Cross Site Request Forgery  
date:2013-11-12,name:WordPress Theme Kernel - Arbitrary code execution  
date:2013-11-12,name:WordPress Curvo Themes - Arbitrary code execution  
date:2013-11-12,name:WordPress Highlight Premium Theme CSRF \/ Shell Upload  
date:2013-11-10,name:WordPress Army Knife CSRF File Upload Vulnerability  
date:2013-11-09,name:WordPress Theme Kernel Shell Upload  
date:2013-11-07,name:WordPress Gallery Bank 2.0.19 Cross Site Scripting  
date:2013-11-06,name:Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting  
date:2013-11-05,name:LBG Zoom In\/Out Effect SlWordPress XSS and FPD vulnerabilities  
date:2013-11-05,name:WordPress ThisWay Shell Upload  
date:2013-11-04,name:Wordpress fresh-page plugin site scripting Vulnerability  
date:2013-11-02,name:WordPress Think Responsive Themes Arbitrary File Upload Vulnerability  
date:2013-11-02,name:WordPress Switchblade Themes Arbitrary File Upload Vulnerability  
date:2013-11-01,name:WordPress Cold Fusion theme Arbitrary File Upload Vulnerability  
date:2013-10-30,name:WordPress MoneyTheme Cross Site Scripting \/ Shell Upload  
date:2013-10-30,name:WordPress Curvo Shell Upload  
date:2013-10-27,name:WordPress TimThumb Plugin Remote Code Execution  
date:2013-10-27,name:WordPress GeoPlaces 4.x Shell Upload  
date:2013-10-24,name:WordPress DailyDeal Themes Shell Upload Vulnerabillity  
date:2013-10-24,name:WordPress e-Commerce Payment Gateways Caller Local File Inclusion  
date:2013-10-22,name:Wordpress Themes WPLocalPlaces Upload Vulnerability  
date:2013-10-22,name:Wordpress vPlugin Xss vulnerabilities  
date:2013-10-19,name:Wordpress WooCommerce Plugin 2.0.17 Cross-Site Scripting Vulnerability  
date:2013-10-19,name:Wordpress spreadsheet Plugin Cross site scripting  
date:2013-10-18,name:WordPress WP Realty Blind SQL Injection  
date:2013-10-17,name:WordPress Dexs PM System Cross Site Scripting  
date:2013-10-16,name:Wordpress zingiri-forum Plugin SQL Injection Vulnerability  
date:2013-10-15,name:WordPress Finalist Cross Site Scripting  
date:2013-10-12,name:WordPress Cart66 1.5.1.14 Cross Site Request Forgery \/ Cross Site Scripting  
date:2013-10-11,name:WordPress Simple Flash VCross Site Scripting  
date:2013-10-08,name:WordPress Woopra Remote Code Execution  
date:2013-10-07,name:Wordpress Zoo Realty Plugin Cross site scripting Vulnerability  
date:2013-10-04,name:WordPress Slimstat Ex Code Execution  
date:2013-10-04,name:WordPress SEO Watcher Remote Code Execution  
date:2013-10-04,name:WordPress Semper Fi Cross Site Scripting  
date:2013-10-03,name:WordPress Social Hashtag 2.0.0 Cross Site Scripting  
date:2013-09-29,name:Wordpress FireStorm Professional Real Estate Plugin Cross site scripting  
date:2013-09-25,name:WordPress Sharebar 1.2.5 Cross Site Scripting  
date:2013-09-25,name:WordPress Miniaudioplayer Cross Site Scripting  
date:2013-09-25,name:Wordpress lbg zoominoutslin Cross site scripting Vulnerability  
date:2013-09-25,name:Wordpress simple forum Cross site scripting Vulnerability  
date:2013-09-24,name:WordPress Bradesco Gateway Cross Site Scripting  
date:2013-09-24,name:WordPress fGallery_Plus Cross Site Scripting  
date:2013-09-24,name:Wordpress Lazy SEO plugin Shell Upload Vulnerability  
date:2013-09-21,name:WordPress NOSpamPTI 2.1 Blind SQL Injection  
date:2013-09-21,name:WordPress Comment Attachment 1.0 <= Cross Site Scripting  
date:2013-09-20,name:WordPress RokMicroNews 1.5 XSS & DoS & Shell Upload  
date:2013-09-20,name:WordPress Page Showcaser Boxes 1.0 Cross Site Scripting  
date:2013-09-19,name:WordPress RokIntroScroller 1.8 XSS \/ DoS \/ Disclosure \/ Upload  
date:2013-09-19,name:WordPress Complete Gallery Manager 3.3.3 File Upload  
date:2013-09-18,name:WordPress RokNewsPager 1.17 Disclosure \/ Shell Upload \/ XSS \/ DoS  
date:2013-09-18,name:WordPress RokStories 1.25 Disclosure \/ Shell Upload \/ XSS \/ DoS  
date:2013-09-12,name:WordPress 3.6.1 PHP unserialization & Open Redirect & Privilege Escalation  
date:2013-09-09,name:WordPress Event Easy Calendar 1.0.0 XSS \/ CSRF \/ Input Valdate:2013-09-04,name:WordPress NextGen Smooth Gallery Cross Site Scripting  
date:2013-09-02,name:WordPress IndiaNIC Testimonial 2.2 XSS & CSRF & SQL Injection  
date:2013-08-29,name:WordPress Wordfence 3.8.1 Cross Site Scripting  
date:2013-08-29,name:WordPress Encrypted Blog 0.0.6.2 XSS & Open Redirect  
date:2013-08-29,name:WordPress silverOrchSite Scripting  
date:2013-08-27,name:WordPress Simple Login Registration 1.0.1 Cross Site Scripting  
date:2013-08-27,name:WordPress Post-Gallery Cross Site Scripting  
date:2013-08-24,name:Wordpress ver-live-streaming-integration Plugin XSS vulnerabilities  
date:2013-08-22,name:WordPress BackWPup 3.0.12 Cross Site Scripting  
date:2013-08-12,name:WordPress HMS Testimonials 2.0.10 XSS \/ CSRF  
date:2013-08-09,name:WordPress HMS Testimonials 2.0.10 XSS & CSRF  
date:2013-08-07,name:WordPress Usernoise 3.7.8 Cross Site Scripting  
date:2013-08-04,name:WPtouch and WPtouch Pro for WordPress XSS and FPD vulnerabilities  
date:2013-07-26,name:WordPress Duplicator 0.4.4 Cross Site Scripting  
date:2013-07-23,name:WordPress FlagEm Cross Site Scripting  
date:2013-07-19,name:WordPress WooCommerce 2.0.12 Cross Site Scripting  
date:2013-07-15,name:Wordpress Plugin Spicy Blogroll File Inclusion Vulnerability  
date:2013-07-13,name:WordPress I Love It XSS & Content Spoofing & Path Disclosure  
date:2013-07-09,name:WordPress Search N Save XSS & Path Disclosure  
date:2013-07-09,name:WordPress JS Restaurant SQL Injection  
date:2013-07-03,name:WordPress 3.5.1 Cross Site Scripting  
date:2013-07-03,name:WordPress Category-Grallery XSS  
date:2013-07-03,name:WordPress Feed SQL Injection  
date:2013-07-01,name:WordPress wp-private-messages SQL Injection  
date:2013-07-01,name:Xorbin Digital Flash Clock 1.0 For WordPress XSS  
date:2013-07-01,name:Xorbin Analog Flash Clock 1.0 For WordPress XSS  
date:2013-06-30,name:WordPress Denial of Service .py exploit  
date:2013-06-21,name:WordPress Slash WP theme XSS and Content Spoofing vulnerabilities  
date:2013-06-18,name:Ultimate WordPress Auction v1.0 Plugin CSRF Vulnerability  
date:2013-06-12,name:WordPress WP-SendSMS 1.0 CSRF \/ XSS  
date:2013-06-12,name:WordPress 3.5.1 Denial of Service Exploit  
date:2013-06-12,name:WordPress 3.5.1 Denial of Service  
date:2013-06-11,name:WordPress jobroller Reflected XSS  
date:2013-06-11,name:WordPress Ambience Cross Site Scripting  
date:2013-06-09,name:WordPress nextgen-gallery Cross Site Scripting  
date:2013-06-07,name:WordPress plugin uk-cookie CSRF  
date:2013-06-03,name:WordPress AntiVirus FPD and Security bypass vulnerabilities  
date:2013-06-01,name:WordPress Plugin 'Feedweb 1.8.8' Cross-site Scripting vulnerability  
date:2013-05-28,name:WordPress wp-banners-lite Plugin Cross Site Scripting  
date:2013-05-27,name:WordPress User Role Editor CSRF  
date:2013-05-26,name:WordPress milano Theme Cross Site Scripting  
date:2013-05-21,name:WordPress ProPlayer Plugin SQL Injection  
date:2013-05-17,name:WordPress plugin wp-cleanfix CSRF  
date:2013-05-17,name:WordPress plugin mail-on-update CSRF  
date:2013-05-16,name:WordPress wp-FileManager File Download  
date:2013-05-15,name:WordPress Newsletter Plugin 3.2.6 (alert) Reflected XSS Vulnerability  
date:2013-05-15,name:WordPress Vross Site Scripting  
date:2013-05-13,name:WordPress Securimage-WP Plugin v3.2.4 URI-based XSS Vulnerability  
date:2013-05-13,name:WordPress Search and Share plugin vulnerabilities  
date:2013-05-07,name:WordPress Advanced XML Reader 0.3.4 Plugin XXE 0day *youtube  
date:2013-05-02,name:Wordpress W3 Total Cache 0.9.2.8 PHP Code Execution exploit  
date:2013-04-21,name:WordPress theme Colormix Multiple vulnerabilities  
date:2013-04-12,name:Wordpress Catalog Plugin Xss Vulnerability  
date:2013-04-11,name:WordPress Sper 2.1 SQL Injection  
date:2013-04-09,name:Wordpress plugins kioskprox XSS Vulnerability  
date:2013-04-09,name:Wordpress plugins fbsurveypro XSS Vulnerability  
date:2013-04-08,name:Wordpress plugins kioskprox XSS Vulnerability  
date:2013-04-07,name:WordPress Trafficanalyzer Plugin XSS Vulnerability  
date:2013-03-27,name:WordPress plugin user-photo file upload arbitrary PHP code execution  
date:2013-03-27,name:Wordpress trafficanalyzer Plugin XSS  
date:2013-03-27,name:Wordpress wp-vando Plugin XSS  
date:2013-03-27,name:Wordpress plugin v3 level four storefront SQL injection Vulnerability  
date:2013-03-27,name:Wordpress ver-live-streaming-integration Plugin XSS  
date:2013-03-26,name:WordPress Mathjax Latex 1.1 Cross Site Request Forgery  
date:2013-03-25,name:Wordpress wp-vando Plugin XSS  
date:2013-03-23,name:WordPress IndiaNIC FAQS Manager 1.0 SQL Injection  
date:2013-03-23,name:WordPress IndiaNIC FAQS Manager 1.0 XSS & CSRF  
date:2013-03-22,name:Joomla Component com_wordpress XSS Vulnerability  
date:2013-03-20,name:WordPress Occasions 1.0.4 Cross Site Request Forgery  
date:2013-03-20,name:WordPress Count Per Day 3.2.5 XSS  
date:2013-03-19,name:WordPress Simply Poll Plugin 1.4.1 CSRF and stored XSS  
date:2013-03-17,name:WordPress LeagueManager Plugin 3.8 SQL Injection  
date:2013-03-17,name:Wordpress o2s-gallery plugin Cross Site Scripting Vulnerability  
date:2013-03-17,name:Wordpress bp-gallery plugin 1.2.5 Cross Site Scripting Vulnerability  
date:2013-03-17,name:Wordpress WP-e-Commerce plugin 3.8.9.5 Cross Site Scripting Vulnerability  
date:2013-03-17,name:Wordpress Image News slin 3.5 Cross Site Scripting Vulnerability  
date:2013-03-15,name:WordPress LeagueManager 3.8 SQL Injection  
date:2013-03-12,name:WordPress Terillion Reviews Cross Site Scripting  
date:2013-03-11,name:WordPress plugin snazzy-archives XSS vulnerability  
date:2013-03-10,name:WordPress plugins vulnerable to CVE-2013-1808  
date:2013-03-08,name:WordPress Events Manager 5.3.3 Cross Site Scripting  
date:2013-03-06,name:WordPress Count-Per-Day 3.2.5 Cross Site Scripting  
date:2013-03-05,name:WordPress Caulk Path Disclosure  
date:2013-03-05,name:WordPress Counter per Day plugin <= 3.2.3. Path Disclosure and Denial-Of-Service  
date:2013-02-28,name:WordPress Comment Rating 2.9.32 SQL Injection & Bypass  
date:2013-02-25,name:WordPress plugin smart-flv jwplayer.swf XSS  
date:2013-02-21,name:WordPress Pretty Link 1.6.3 Cross Site Scripting  
date:2013-02-12,name:Wordpress wp forum server v2 plugin SQL Injection  
date:2013-02-12,name:Wordpress simple flash vlugin SQL Injection  
date:2013-02-12,name:Wordpress newscast Theme SQL Injection  
date:2013-02-12,name:Wordpress image news sllugin SQL Injection  
date:2013-02-12,name:Wordpress Xhanch My Prayer Time plugin v2 Plugin SQL Injection  
date:2013-02-12,name:Wordpress podpress plugin v2 Plugin SQL Injection  
date:2013-02-11,name:Wordpress post2pdf-converter v2 Plugin SQL Injection  
date:2013-02-11,name:Wordpress smart-map v2 Plugin SQL Injection  
date:2013-02-10,name:Wordpress plugin myftp-ftp-like-plugin-for-wordpress 2 SQL Injection  
date:2013-02-10,name:Wordpress theme pinboard 1.0.6 XSS  
date:2013-02-08,name:WordPress Audio Player SWF Cross Site Scripting  
date:2013-02-07,name:WordPress CommentLuv 2.92.3 Cross Site Scripting  
date:2013-02-07,name:WordPress Wysija Newsletters 2.2 SQL Injection  
date:2013-02-06,name:Wordpress wp-forum plugin SQL Injection  
date:2013-02-03,name:Wordpress dt-chocolate Theme Image Open redirect  
date:2013-02-03,name:WordPress theme Flash News Multiple vulnerabilities  
date:2013-02-02,name:WordPressSearch plugin SQL Injection Vulnerability  
date:2013-02-01,name:Wordpress wp-table-reloaded plugin cross-site scripting in SWF  
date:2013-02-01,name:Wordpress simple-shout-box Plugin SQL Injection  
date:2013-02-01,name:Wordpress portfolio-slro v3 Plugin SQL Injection  
date:2013-01-31,name:Wordpress RLSWordPressSearch plugin SQL Injection  
date:2013-01-26,name:WordPress SolveMedia 1.1.0 Cross Site Request Forgery  
date:2013-01-25,name:Wordpress Zingiri Web Shop Plugin <= 2.4.0 Multiple XSS Vulnerabilities  
date:2013-01-24,name:WordPress Chocolate Theme XSS & Denial Of Service & Shell Upload  
date:2013-01-23,name:Cardoza WordPress Poll 34.05 SQL Injection  
date:2013-01-22,name:Wordpress Developer Formatter CSRF Vulnerability  
date:2013-01-21,name:WordPress Ripe HD FLV Player SQL Injection & Path Disclosure  
date:2013-01-15,name:WordPress Daily Edition Mouss XSS & Disclosure & Shell Upload  
date:2013-01-15,name:WordPress theme Daily Edition Mouss Multiple vulnerabilities  
date:2013-01-14,name:WordPress Floating Tweets 1.0.1 XSS and Directory Traversal  
date:2013-01-10,name:Wordpress gallery-3.8.3 plugin Arbitrary File Read Vulnerability  
date:2013-01-09,name:WordPress Plugin Google Document Embedder Arbitrary File Disclosure  
date:2013-01-08,name:WordPress Spam Free 1.9.2 Filter Bypass  
date:2013-01-08,name:XML Sitemap Generator for WordPress (Google XML Sitemaps) Code Injection  
date:2013-01-08,name:WordPress OpenInviter Information Disclosure  
date:2013-01-07,name:Wordpress NextGEN Gallery plugin Cross-Site Scripting Vulnerability  
date:2013-01-07,name:Wordpress wilderness SQL injection  
date:2013-01-03,name:WordPress Advanced Custom Fields Remote File Inclusion  
date:2013-01-03,name:WordPress Shopping Cart 8.1.14 Shell Upload & SQL Injection  
date:2013-01-03,name:WordPress ReFlex Gallery 1.3 Shell Upload  
date:2013-01-03,name:WordPress Xerte Online 0.32 Shell Upload  
date:2013-01-03,name:WordPress Uploader 1.0.4 Shell Upload  
date:2013-01-02,name:Wordpress Sahifa theme 2.4.0 CSRF and Full Path Disclosure  
date:2013-01-01,name:Wordpress plugins WP PHP wl Path Disclosure vulnerability  
date:2012-12-31,name:Wordpress plugins NextGEN Public Uploader Full Path Disclosure Vulnerability  
date:2012-12-31,name:WordPress Photo Plus & Photo Search XSS & CSRF  
date:2012-12-31,name:WordPress SB Uploader 3.9 Shell Upload  
date:2012-12-30,name:WordPress themes RocketTheme Multiple vulnerabilities  
date:2012-12-28,name:WordPress Asset-Manager PHP File Upload  
date:2012-12-25,name:WordPress W3 Total Cache Data Disclosure  
date:2012-12-25,name:WordPress Rokbox Themes Content Spoofing and XSS  
date:2012-12-23,name:WordPress BuddyPress Cross Site Scripting & Content Spoofing  
date:2012-12-21,name:WordPress 3.4.2 Sessions Not Terminated Upon Explicit User Logout  
date:2012-12-21,name:BuddyPress for WordPress XSS and CS vulnerabilities  
date:2012-12-21,name:Wordpress plugin sintic_gallery Path Disclosure Vulnerability  
date:2012-12-18,name:WordPress Rokbox 2.13 Multiple Vulns  
date:2012-12-16,name:WordPress RokBox Multiple Vulnerabilities  
date:2012-12-13,name:WordPress portable-phpMyAdmin 1.3.0 Authentication Bypass  
date:2012-12-09,name:WordPress Simple Gmail Login Path Disclosure  
date:2012-12-04,name:WordPress Nest SQL Injection  
date:2012-11-30,name:WordPress V Form 0.5 Cross Site Scripting  
date:2012-11-30,name:WordPress TimelineJS_Nuweb Local File Inclusion  
date:2012-11-30,name:WordPress Toolbox 1.4 SQL Injection  
date:2012-11-28,name:WordPress Newstimes Package SQL Injection  
date:2012-11-28,name:WordPress myflash Local File Inclusion  
date:2012-11-28,name:WordPress starmark Theme Local File Inclusion  
date:2012-11-28,name:Wordpress asm theme SQL injection  
date:2012-11-28,name:WordPress yaren Tema SQL Injection  
date:2012-11-27,name:WordPress wp-imagezoon SQL Injection  
date:2012-11-27,name:WordPress cstardesign SQL Injection  
date:2012-11-27,name:WordPress oberliga SQL Injection  
date:2012-11-27,name:WordPress st_newsletter SQL Injection  
date:2012-11-27,name:WordPress weddingsatwork SQL Injection  
date:2012-11-27,name:WordPress Shai-Saul SQL Injection  
date:2012-11-25,name:Wordpress dailyedition-mouss Theme  SQL injection  
date:2012-11-24,name:WordPress Zarzadzanie Kontem Shell Upload  
date:2012-11-24,name:WordPress Simple SlCross Site Scripting  
date:2012-11-24,name:WordPress Plg Novana SQL Injection  
date:2012-11-24,name:WordPress Zingiri Web Shop 2.5.0 Shell Upload  
date:2012-11-23,name:Wordpress malmonation theme SQL Injection  
date:2012-11-23,name:Wordpress magazine-basic-plugin\/ Theme SQL Injection  
date:2012-11-23,name:Wordpress plg_novana plugin Sql Injection  
date:2012-11-22,name:Wordpress hd-webplayer Theme SQL Injection  
date:2012-11-22,name:Wordpress webplayer-plugin Theme SQL Injection  
date:2012-11-22,name:Wordpress fs-real-estate-plugin Theme SQL Injection  
date:2012-11-21,name:wordpress tdo-mini-forms plugin (rfu\/rfd) Vulnerabilities  
date:2012-11-21,name:WordPress FireStorm Real Estate 2.06.08 SQL Injection  
date:2012-11-21,name:WordPress Madebymilk SQL Injection  
date:2012-11-20,name:Wordpress Facebook Survey v1 SQL Injection Vulnerability  
date:2012-11-20,name:WordPress List Communities SQL Injection  
date:2012-11-20,name:WordPress ArribaLaEsteban SQL Injection  
date:2012-11-19,name:Wordpress Plugins Spotlight Your Upload Vulnerability  
date:2012-11-16,name:WordPress Dailyedition-mouss SQL Injection  
date:2012-11-16,name:WordPress Tagged Albums SQL Injection  
date:2012-11-14,name:WordPress WP E-Commerce 3.8.9 SQL Injection \/ Cross Site Scripting  
date:2012-11-13,name:WordPress Related Posts Exit Popup SQL Injection  
date:2012-11-10,name:WordPress Eco-Annu SQL Injection  
date:2012-11-10,name:WordPress Calendar-Script Blind SQL Injection  
date:2012-11-10,name:WordPress swfupload XSS vulnerability  
date:2012-11-09,name:Wordpress theme kakao SQL Injection  
date:2012-11-09,name:Wordpress theme wilderness SQL Injection  
date:2012-11-08,name:WordPress Cardoza Ajax Search 1.1 SQL Injection  
date:2012-11-07,name:WordPress Hitasoft FLV Player 1.1 SQL Injection  
date:2012-10-31,name:Wordpress FoxyPress Plugin Multiple Vulnerabilities  
date:2012-10-27,name:WordPress Easy Webinar Blind SQL Injection  
date:2012-10-26,name:WordPress GRAND Flash Album Gallery SQL Injection & Disclosure & File Overwrite  
date:2012-10-20,name:WordPress Wordfence Security XSS and IAA vulnerabilities  
date:2012-10-18,name:Wordpress Social Discussions Plugin Multiple Vulnerabilities  
date:2012-10-17,name:Wordpress Pay With Tweet plugin <= 1.1 Multiple Vulnerabilities  
date:2012-10-17,name:Wordpress Plugin BackWPup 1.6.1 Remote auth bypass  
date:2012-10-06,name:WordPress Shopp v1.0.17 eCommerce Plugin <= XSS & LFI  
date:2012-10-04,name:WordPress Sp1 SQL Injection & XSS  
date:2012-10-01,name:wordpressthemesbook Cms Cross-Site Scripting Vulnerability  
date:2012-09-28,name:Wordpress phpBAK Red Config Vulnerability  
date:2012-09-27,name:WordPress ABC-Test 0.1 Cross Site Scripting  
e:2012-09-23,name:MF Gig Calendar WordPress Plugin Cross-Site Scripting  
e:2012-09-23,name:Wordpress Admin name Information Disclosure  
te:2012-09-22,name:WordPress Tierra Audio Path Disclosure  
te:2012-09-22,name:WordPress Krea3AllMedias SQL Injection  
te:2012-09-21,name:Wordpress Download Monitor Download Page Cross-Site Scripting  
te:2012-09-20,name:WordPress AdRotate 3.7.3.5 Cross Site Scripting  
te:2012-09-20,name:WordPress NextGEN Gallery 1.9.5 Cross Site Scripting  
te:2012-09-20,name:WordPress Google Analytics 4.2.4 Cross Site Scripting  
te:2012-09-19,name:WordPress TDO Mini Forms Arbitrary File Upload  
te:2012-09-18,name:WordPress HD Webplayer 1.1 SQL Injection  
te:2012-08-29,name:WordPress Simple Forum Shell Upload  
te:2012-08-28,name:WordPress Finder Cross Site Scripting  
te:2012-08-28,name:WordPress Count Per Day 3.2.3 Cross Site Scripting  
te:2012-08-25,name:WordPress Monsters Editor Shell Upload  
te:2012-08-25,name:WordPress SEM WYSIWYG Arbitrary File Upload  
te:2012-08-21,name:ShopperPress WordPress Theme 2.7 Cross Site Scripting  
te:2012-07-31,name:WordPress Front End Upload 0.5.4.4 Shell Upload  
te:2012-07-24,name:Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability  
te:2012-07-23,name:WordPress Cimy User Extra Fields 2.3.7 Shell Upload  
te:2012-07-17,name:WordPress Count Per Day 3.1.1 Cross Site Scripting  
te:2012-07-16,name:WordPress Resume Submissions \/ Job Postings 2.5.1 Shell Upload  
te:2012-07-16,name:WordPress WP-Predict 1.0 Blind SQL Injection  
te:2012-07-10,name:Wordpress (wp-insert Plugin) Arbitrary File Upload Vulnerability  
te:2012-07-10,name:WordPress MoodThingy W.7 SQL Injection  
te:2012-07-10,name:Wordpress (editormonkey) [FCKeditor] Arbitrary File Upload Vulnerability  
te:2012-06-30,name:WordPress Website FAQ 1.0 SQL Injection  
te:2012-06-26,name:WordPress Fancy Gallery 1.2.4 Shell Upload  
te:2012-06-26,name:WordPress Flip Book 1.0 Shell Upload  
te:2012-06-26,name:WordPress Ajax Multi Upload 1.1 Shell Upload  
te:2012-06-26,name:WordPress Schreikasten 0.14.13 Cross Site Scripting  
te:2012-06-20,name:WordPress Organizer 1.2.1 Cross Site Scripting \/ Directory Traversal  
te:2012-06-20,name:WordPress Lim4wp 1.1.1 Shell Upload  
te:2012-06-20,name:WordPress Wp-ImageZoom 1.0.3 File Disclosure  
te:2012-06-20,name:WordPress LB Mixed Sl.0 Shell Upload  
te:2012-06-20,name:WordPress Famous 2.0.5 Shell Upload  
te:2012-06-20,name:WordPress Deep-Blue 1.9.2 Shell Upload  
te:2012-06-17,name:WordPress Automatic 2.0.3 Cross Site Request Forgery  
ate:2012-06-15,name:WordPress Annonces 1.2.0.1 Shell Upload  
ate:2012-06-15,name:WordPress Evarisk 5.1.5.4 Shell Upload  
ate:2012-06-15,name:WordPress Invit0r 0.22 Shell Upload  
ate:2012-06-13,name:WordPress Foxypress Arbitrary Code Execution  
ate:2012-06-13,name:WordPress Top Quark Architecture 2.10 Shell Upload  
ate:2012-06-13,name:WordPress Wp-Gpx-Map 1.1.21 Shell Upload  
ate:2012-06-13,name:WordPress User Meta 1.1.1 Shell Upload  
ate:2012-06-13,name:WordPress Custom Content Type Manager 0.9.5.13-pl Shell Upload  
ate:2012-06-13,name:WordPress Front End Upload 0.5.3 Shell Upload  
ate:2012-06-13,name:WordPress Omni Secure Files 0.1.13 Shell Upload  
ate:2012-06-13,name:WordPress Front File Manager 0.1 Shell Upload  
ate:2012-06-13,name:WordPress Easy Contact Forms Export 1.1.0 File Disclosure  
ate:2012-06-12,name:WordPress Hungred Post Thumbnail 2.1.9 Shell Upload  
ate:2012-06-12,name:WordPress PICA Photo Gallery 1.0 File Disclosure  
ate:2012-06-12,name:WordPress PDW File Browser 1.1 Shell Upload  
ate:2012-06-12,name:WordPress Picturesurf Gallery 1.2 Shell Upload  
ate:2012-06-12,name:WordPress Tinymce Thumbnail Gallery 1.0.7 File Disclosure  
ate:2012-06-12,name:WordPress Newsletter 1.5 File Disclosure  
ate:2012-06-12,name:WordPress wpStoreCart 2.5.29 Shell Upload  
ate:2012-06-12,name:WordPress Simple Download Button Shortcode 1.0 File Disclosure  
ate:2012-06-12,name:WordPress RBX Gallery 2.1 Shell Upload  
ate:2012-06-12,name:WordPress Thinkun Remind 1.1.3 File Disclosure  
ate:2012-06-08,name:WordPress Gallery 3.06 Shell Upload  
ate:2012-06-08,name:WordPress MM Forms Community 2.2.5 \/ 2.2.6 Shell Upload  
ate:2012-06-08,name:WordPress Ver Ventation 3.17 Shell Upload  
ate:2012-06-08,name:WordPress WP-Property 1.35.0 Shell Upload  
ate:2012-06-08,name:WordPress Google Maps Via Store Locator Plus Email Spool \/ SQL Injection  
ate:2012-06-08,name:WordPress WP Marketplace Shell Upload  
ate:2012-06-08,name:WordPress HTML5 AV Manager 0.2.7 Shell Upload  
ate:2012-06-08,name:WordPress HT-Poi Shell Upload  
ate:2012-06-08,name:WordPress Asset Manager 0.2 Shell Upload  
ate:2012-06-08,name:WordPress WP Mass Mail Spoofing  
ate:2012-06-08,name:WordPress Comment Extra Fields Shell Upload  
ate:2012-06-08,name:WordPress Nmedia WP Member Conversation 1.35.0 Shell Upload  
ate:2012-06-08,name:WordPress Nmedia User File Uploader Shell Upload  
ate:2012-06-08,name:WordPress Foxypress Shell Upload  
ate:2012-06-08,name:WordPress 3.3.2 Cross Site Scripting  
ate:2012-05-19,name:WordPress Track That Stat 1.0.8 Cross Site Scripting  
ate:2012-05-19,name:WordPress WP-FaceThumb Gallery 0.1 Cross Site Scripting  
ate:2012-05-13,name:WordPress 2-Click-Socialmedia-Buttons Cross Site Scripting  
ate:2012-05-13,name:WordPress Custom Contact Forms Cross Site Scripting  
ate:2012-05-13,name:WordPress Better WP Security Cross Site Scripting  
ate:2012-05-13,name:WordPress BulletProof Security Cross Site Scripting  
ate:2012-05-13,name:WordPress Bad Behavior Cross Site Scripting  
ate:2012-05-04,name:Wordpress WPsc-MijnPress plugin Cross-Site Scripting Vulnerabilities  
ate:2012-04-28,name:WordPress 3.3.1 Cross Site Request Forgery  
ate:2012-04-28,name:WordPress Organizer 1.2.1 XSS \/ CSRF \/ Shell Upload  
ate:2012-04-28,name:WordPress Organizer 1.2.1 Cross Site Scripting \/ Path Disclosure  
ate:2012-04-21,name:WordPress Zingiri Tickets File Disclosure  
ate:2012-04-21,name:Yahoo Answer WordPress Auto Poster Cross Site Scripting  
ate:2012-04-21,name:WordPress DoS Vulnerability  
ate:2012-04-16,name:WordPress All-In-One Event Calendar 1.4 Cross Site Scripting  
ate:2012-04-15,name:Wordpress taggator plugin Sql Injection Vulnerabilities  
ate:2012-04-01,name:WordPress Deans With Pwwangs Code Shell Upload  
ate:2012-04-01,name:WordPress Integrator 1.32 Cross Site Scripting  
ate:2012-03-14,name:WordPress 3.3.1 Post-Auth Cross Site Scripting  
ate:2012-03-14,name:WordPress 3.3.1 Post-Auth Information Disclosure  
ate:2012-03-14,name:WordPress 3.3.1 Post-Auth SQL Injection  
ate:2012-03-14,name:WordPress 3.3.1 User Count Enumeration  
ate:2012-01-29,name:WordPress Slallery 2 Cross SIte Scripting  
ate:2012-01-29,name:WordPress <= 3.3.1 Multiple Vulnerabilities  
ate:2012-01-29,name:WordPress Kish Guest Posting 1.0 Shell Upload  
ate:2012-01-28,name:AllWebMenus < 1.1.9 WordPress Menu Plugin Arbitrary File Upload  
ate:2012-01-22,name:WordPress Shortcode Redirect 1.0.01 Stored Cross Site Scripting  
ate:2012-01-22,name:WordPress Mingle Forum 1.0.32.1 Cross Site Scripting \/ SQL Injection  
ate:2012-01-22,name:Wordpress uCan Post plugin <= 1.0.09 Stored XSS  
ate:2012-01-22,name:WordPress uCan Post 1.0.09 Cross Site Scripting  
ate:2012-01-18,name:WordPress myEASYbackup 1.0.8.1 Directory Traversal  
ate:2012-01-17,name:WordPress wp-autoyoutube plugin Blind SQL Injection Vulnerability  
ate:2012-01-17,name:WordPress Yousaytoo Auto Publishing Cross Site Scripting  
ate:2012-01-17,name:Wordpress Age Verification Plugin <= 0.4 Open Redirect  
ate:2012-01-10,name:Wordpress Pay With Tweet Plugin <= 1.1 Multiple Vulnerabilities  
ate:2012-01-09,name:WordPress Comment Rating Cross Site Scripting \/ SQL Injection  
ate:2012-01-03,name:WordPress CartPress 1.6 Cross Site Scripting  
ate:2012-01-03,name:WordPress LivePHP Cross Site Scripting  
ate:2012-01-02,name:WordPress Facebook Page Promoter Lightbox Cross Site Scripting  
ate:2012-01-02,name:WordPress Whois Search Cross Site Scripting  
ate:2011-12-19,name:WordPress Jetpack SQL Injection  
ate:2011-12-19,name:WordPress Flexible Custom Post Type Cross Site Scripting  
ate:2011-12-19,name:WordPress AdRotate 3.6.6 SQL Injection  
ate:2011-11-21,name:WordPress Zingiri 2.2.3 Code Execution  
ate:2011-11-01,name:WordPress Classipress Theme 3.1.4 Cross Site Scripting  
ate:2011-10-29,name:WordPress Contact Form 2.7.5 SQL Injection \/ Patch  
ate:2011-10-15,name:WordPress Photo Album Plus 4.1.1 SQL Injection  
ate:2011-10-15,name:WordPress Pretty Link 1.4.56 Cross Site Scripting  
ate:2011-10-15,name:WordPress GD Star Rating 1.9.10 SQL Injection  
ate:2011-10-15,name:WordPress WP-SpamFree SQL Injection  
ate:2011-10-13,name:WordPress Vodpod Very 3.1.5 Cross-site Scripting  
ate:2011-10-02,name:WordPress WP Bannerize 2.8.7 SQL Injection  
ate:2011-10-02,name:WordPress Mingle Forum 1.0.31 SQL Injection  
ate:2011-10-02,name:WordPress + Buddypress + Blogs Mu Theme Cross Site Scripting  
ate:2011-10-02,name:WordPress CevherShare 2.0 SQL Injection  
ate:2011-10-02,name:WordPress Link Library 5.2.1 SQL Injection  
ate:2011-10-02,name:WordPress AdRotate 3.6.5 SQL Injection  
ate:2011-10-02,name:WordPress Mailing List 1.3.2 Remote File Inclusion  
ate:2011-10-02,name:WordPress Relocate Upload 0.14 Remote File Inclusion  
ate:2011-09-22,name:WordPress Zingiri Web Shop 2.2.0 Remote File Inclusion  
ate:2011-09-22,name:WordPress AllWebMenus 1.1.3 Remote File Inclusion  
ate:2011-09-22,name:WordPress Filedownload 0.1 File Disclosure  
ate:2011-09-22,name:WordPress Count Per Day 2.17 SQL Injection  
ate:2011-09-20,name:WordPress WP e-Commerce 3.8.6 SQL Injection  
ate:2011-09-20,name:WordPress 3.0.4 Blind SQL Injection  
ate:2011-09-20,name:WordPress 3.0.4 comment_post_SQL Injection  
ate:2011-09-12,name:WordPress SCORM Cloud 1.0.6.6 SQL Injection  
ate:2011-09-12,name:WordPress Eventify Simple Events 1.7.f SQL Injection  
ate:2011-09-12,name:WordPress Tweet Old Post 3.2.5 SQL Injection  
ate:2011-09-12,name:WordPress Community Events 1.2.1 SQL Injection  
ate:2011-09-12,name:WordPress Post Highlights 2.2 SQL Injection  
ate:2011-09-12,name:WordPress KNR Author List W.0 SQL Injection  
ate:2011-09-09,name:WordPress Zotpress 4.4 SQL Injection  
ate:2011-09-09,name:WordPress oQey Gallery 0.4.8 SQL Injection  
ate:2011-09-09,name:WordPress Donation 1.0 SQL Injection  
ate:2011-09-02,name:WordPress Evarisk 5.1.3.6 SQL Injection  
ate:2011-09-02,name:WordPress iCopyright Article Tools 1.1.4 SQL Injection  
ate:2011-09-02,name:WordPress Profiles 2.0 RC1 SQL Injection  
ate:2011-09-02,name:WordPress mySTAT 2.6 SQL Injection  
ate:2011-09-02,name:WordPress Facebook Promotions 1.3.3 SQL Injection  
ate:2011-09-02,name:WordPress Collision Testimonials 3.0 SQL Injection  
ate:2011-09-02,name:WordPress oQey Headers 0.3 SQL Injection  
ate:2011-09-02,name:WordPress SH Sl.1.4 SQL Injection  
ate:2011-09-02,name:WordPress Super CAPTCHA 2.2.4 SQL Injection  
ate:2011-09-01,name:WordPress MM Forms Community 1.2.3 SQL Injection  
ate:2011-09-01,name:WordPress 3.1 \/ 3.2.1 Cross Site Scripting  
ate:2011-09-01,name:WordPress SendIt 1.5.9 Blind SQL Injection  
ate:2011-08-26,name:WordPress MM Duplicate 1.2 SQL Injection  
ate:2011-08-24,name:WordPress Allow PHP In Posts And Pages 2.0.0.RC1 SQL Injection  
ate:2011-08-19,name:WordPress WP DS FAQ 1.3.2 SQL Injection  
ate:2011-08-19,name:WordPress WP Forum 1.7.8 SQL Injection  
ate:2011-08-19,name:WordPress Global Content Blocks 1.2 SQL Injection  
ate:2011-08-19,name:WordPress Menu Creator 1.1.7 SQL Injection  
ate:2011-08-19,name:WordPress Ajax Gallery 3.0 SQL Injection  
ate:2011-08-12,name:eShop 6.2.8 For WordPress Cross Site Scripting  
ate:2011-08-06,name:WordPress e-Commerce 3.8.5 Cross Site Scripting  
ate:2011-07-27,name:WordPress WPtouch 1.9.32 URL Redirect  
ate:2011-07-25,name:WordPress e-Commerce 3.8.4 SQL Injection  
ate:2011-07-25,name:WordPress bSuite 4.0.7 Cross Site Scripting  
ate:2011-07-03,name:WordPress Pretty Link Like 1.4.56 SQL Injection  
ate:2011-07-03,name:WordPress Beer Recipes 1.0 Cross Site Scripting  
ate:2011-06-22,name:WordPress Wysi 0.0.2 Shell Upload  
ate:2011-06-16,name:WordPress Events Manager 3.1.2 SQL Injection  
ate:2011-06-16,name:WordPress Star Rating SQL Injection  
ate:2011-06-16,name:Multiple WordPress Themes Cross Site Scripting  
ate:2011-05-23,name:WordPress EditorMonkey (FCKeditor) Remote File Upload  
ate:2011-05-08,name:Daily Maui Photo WdPress Plugin 0.2 Cross Site Scripting  
ate:2011-04-29,name:WP Photo Album WordPress Plugin 1.5.1 Cross Site Scripting  
ate:2011-04-29,name:Wordpress Insufficient Anti-automation Vulnerability  
ate:2011-04-29,name:Wordpress Abuse of Functionality Vulnerability  
ate:2011-04-29,name:Universal Post Manager WordPress Plugin 1.0.9 XSS \/ Path Disclosure  
ate:2011-04-29,name:WP-StarsRateBox WordPress Plugin 1.1 XSS \/ SQL Injection  
ate:2011-04-29,name:SocialGress Plugin 2.3 Cross Site Scripting  
ate:2011-04-20,name:Universal Post Manager WordPress Plugin 1.0.9 SQL Injection  
ate:2011-04-20,name:WordPress Spellchecker Local File Inclusion \/ Remote File Inclusion  
ate:2011-04-13,name:Live Wire 2.0 For WordPress Cross Site Scripting \/ Denial Of Service  
ate:2011-04-07,name:WordPress AdWizz 1.0 Cross Site Scripting  
ate:2011-03-18,name:Cool Very 1.3 WordPress Plugin Path Disclosure  
ate:2011-03-10,name:WP Forum WordPress Plugin 1.7.8 SQL Injection  
ate:2011-03-10,name:NextGEN Gallery WordPress Plugin 1.7.3 Path Disclosure  
ate:2011-03-10,name:Mingle Forum WordPress Plugin 1.0.28 Cross Site Scripting \/ Path Disclosure  
ate:2011-03-02,name:WordPress IGIT Posts Sl Cross Site Scripting  
ate:2011-03-02,name:WordPress PG Flash Gallery 4.1.1 Cross Site Scripting  
ate:2011-03-02,name:WordPress YT-Audio 1.7 Cross Site Scripting  
ate:2011-03-02,name:WordPress WPhone 1.5.2 Cross Site Scripting  
ate:2011-03-02,name:WordPress PhotoSmash 1.0.2 Cross Site Scripting  
ate:2011-03-01,name:WordPress jQuery Mega Menu 1.0 Local File Inclusion  
ate:2011-03-01,name:WordPress OPS Old Post Spinner 2.2 Local File Inclusion  
ate:2011-03-01,name:WordPress ComicPress Manager 1.4.9.9 Cross Site Scripting  
ate:2011-03-01,name:WordPress Zotpress 2.6 Cross Site Scripting  
ate:2011-03-01,name:WordPress Uploadify 1.0 Shell Upload  
ate:2011-03-01,name:SQL Injection in WP Forum Server wordpress plugin  
ate:2011-02-22,name:WordPress User Photo Component Shell Upload  
ate:2011-02-03,name:WordPress TagNinja 1.0 Cross Site Scripting  
ate:2011-02-03,name:WordPress RSS Feed Reader For WordPress 0.1 Cross Site Scripting  
ate:2011-02-03,name:WordPress WP Featured Post With Thumbnail 3.0 Cross Site Scripting  
ate:2011-02-03,name:WordPress WP Publication Archive 2.0.1 Local File Inclusion  
ate:2011-01-11,name:WordPress Feed List 2.61.01 Cross Site Scripting  
ate:2011-01-04,name:WordPress Survery And Quiz Tool 1.2.1 XSS  
ate:2011-01-02,name:Embedded VPress Plugin Cross Site Vulnerability (XSS)  
ate:2011-01-01,name:WordPress Accept Signups 0.1 Cross Site Scripting  
ate:2010-12-23,name:Embedded VPress Plugin Cross Site Scripting  
ate:2010-12-13,name:Vulnerabilities in Register Plus for WordPress  
ate:2010-11-05,name:cforms WordPress Plugin Cross Site Scripting Vulnerability  
ate:2010-10-29,name:WordPress 3.0.1 plugin myLDlinker ( SQL Injection Vulnerability )  
ate:2010-08-18,name:WordPress 3.0.1 - Cross Site Scripting Issue  
ate:2010-07-05,name:WP-UserOnline 2.62 for WordPress cross site scripting and path disclosure  
ate:2010-06-30,name:Cimy Counter for WordPress Vulnerabilities  
ate:2010-06-13,name:Gigya Socializes 1.1.8 and below for WordPress cross site scripting  
ate:2010-05-14,name:Events Manager WordPress plugins 2.1 remote blind SQL injection  
ate:2010-04-03,name:WordPress Plugin: My Category Order <= 2.8 SQL Injection  
ate:2010-02-28,name:WordPress 0.16 Copperleaf Photolog SQL injection  
ate:2010-02-06,name:The WordPress Calendar remote SQL injection  
ate:2009-12-30,name:WordPress and Pyrmont V2. SQL Injection Vulnerability  
ate:2009-12-10,name:WP-Cumulus for WordPress - XSS, FPD  
ate:2009-11-27,name:WordPress 2.7.1 security bypass vulnerability admin  
ate:2009-11-16,name:WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution  
ate:2009-10-28,name:Wordpress Resource Exhaustion - Denial of Service Vulnerability  
ate:2009-09-12,name:Nextgen gallery 0.96 wordpress plugin XSS Vulnerability  
ate:2009-08-27,name:WordPress SQL Injection(wp-content-simple-forum)  
ate:2009-08-24,name:Wordpress Plugin WP-Syntax <= 0.9.1 Remote Command Execution  
ate:2009-08-14,name:WordPress <= 2.8.3 Remote Admin Reset Password Vulnerability  
ate:2009-07-16,name:WordPress Privileges Unchecked in admin.php and Multiple Information Disclosures  
ate:2009-07-15,name:WordPress Plugin Related Sites 2.1 Blind SQL Injection Vulnerability  
ate:2009-07-11,name:WordPress Plugin DM Albums 1.9.2 Remote File Inclusion Vuln  
ate:2009-07-11,name:WordPress Privileges Unchecked in admin.php and Multiple Information  
ate:2009-06-23,name:WordPress Plugin Photoracer 1.0 (njection Vulnerability  
ate:2009-05-20,name:Wordpress Plugin e-Commerce <= 3.4 Arbitrary File Upload Exploit  
ate:2009-03-23,name:WordPress MU HTTP Header XSS Vulnerability  
ate:2009-03-23,name:Wordpress Plugin fMoblog 2.1 (njection Vulnerability  
ate:2009-01-03,name:Wordpress Plugin Page Flip Image Gallery <= 0.2.2 Remote FD Vuln  
ate:2008-12-23,name:Wordpress MU < 1.3.2 active_plugins option Code Execution Exploit  
ate:2008-12-02,name:WordPress XSS vulnerability in RSS Feed Generator  
date:2008-10-25,name:Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection Vuln  
date:2008-10-22,name:Exploiting the SpamBam plugin for wordpress  
date:2008-10-06,name:WordPress MU < 2.6 wpmu-blogs.php Crose Site Scrpting vulnerability  
date:2008-10-05,name:WordPress MU < 2.6 wpmu-blogs.php Crose Site Scrpting vulnerability  
date:2008-09-18,name:Wordpress user_login Column SQL Truncation Vulnerability  
date:2008-08-02,name:Wordpress Plugin Download Manager 0.2 Arbitrary File Upload Exploit  
date:2008-06-15,name:XSS - NEXTGEN GALLERY 0.96 WORDPRESS PLUGIN  
date:2008-06-02,name:vuln in WordPress plugin Upload File(UP)  
date:2008-06-02,name:Wordpress Malicious File Execution Vulnerability  
date:2008-03-25,name:WordPress Multiple Cross-Site Scripting Vulnerabilities  
date:2008-03-10,name:Wordpress Plugin Sniplets 1.1.2 Multiple Vulnerabilities  
date:2008-03-09,name:WordPress album PHOTO SQL Injection  
date:2008-03-06,name:Search Unleashed 0.2.10 JavaScript injection (WordPress plugin)  
date:2008-03-06,name:Wordpress Plugin (wp-people) SQL Injection  
date:2008-02-19,name:Wordpress Pluging wp-footnotes 2.2 (admin_panel.php) Multiple Vulnerabilites  
date:2008-02-15,name:Wordpress Plugin dmsguestbook 1.7.0 Multiple Remote Vulnerabilities  
date:2008-01-21,name:Multiple Vulnerabilities in WordPress and other Web applications  
date:2007-12-16,name:WordPress Charset SQL injection vulnerability (re-resend)  
date:2007-11-24,name:Wordpress Cookie Authentication Vulnerability  
date:2007-10-12,name:2 vanilla XSS on WordPress \wp-register.php\  
date:2007-07-17,name:Redirection Vulnerability in wp-pass.php, WordPress 2.2.1  
date:2007-06-28,name:Persistent cross-site scripting in wordpress.com dashboard  
date:2007-06-27,name:Wordpress default theme XSS (admin) and other problems  
date:2007-05-20,name:Wordpress All versions XSS  
date:2007-05-12,name:wordpress plugins wordTube <= 1.43 (wpPATH) Remote File Inclusion Vulnerability  
date:2007-04-13,name:WordPress XSS under function wp_title()  
date:2007-02-05,name:Multiple Remote Vulnerabilities in WordPress  
date:2007-01-19,name:WordPress CSRF Protection XSS Vulnerability  
date:2007-01-19,name:Wordpress <= 2.x dictionnary & Bruteforce attack  
date:2007-01-19,name:WordPress Trackback Charset Decoding SQL Injection Vulnerability  
date:2007-01-07,name:Enigma WordPress Brrddir) Remote File Include  
date:2006-08-23,name:Wordpress WP-DB Backup Plugin Directory Traversal Vulnerability  
date:2006-07-13,name:WordPress 2.0.3 SQL Error and Full Path Disclosure  
date:2006-01-05,name:Full path disclosure on WordPress < 1.5.2}  

Joomla历史插件漏洞集合

date:2018-06-28,name:joomla jsn gruve pro 2.1.0 Directory traversal Vulnerability  
date:2018-06-24,name:Joomla com_regionalm Icta Regional Museum SQL Injection Vulnerability  
date:2018-06-24,name:Joomla Com_Techedu Courseview Developed in Association with Icta SriLanka SQL Injection Vulnerabilit  
date:2018-06-20,name:Joomla! Component Jomres 9.11.2 Cross-Site Request Forgery (Add User)  
date:2018-06-18,name:Joomla Jomres 9.11.2 Cross Site Request Forgery  
date:2018-06-14,name:Joomla Component Ek rishta 2.10 SQL Injection  
date:2018-06-12,name:Joomla! Component EkRishta 2.10 username SQL Injection  
date:2018-06-11,name:Joomla com_rsfiles Local File Disclosure Vulnerability  
date:2018-06-06,name:Joomla! Component dj-imageslider 3.2.3-3.1.0 - Arbitrary File Upload Vulnerability  
date:2018-05-30,name:Joomla! Component jCart for OpenCart 2.3.0.2 Cross-Site Request Forgery  
date:2018-05-24,name:Joomla Content Editor JCE ImageManager Vulnerability Mass Auto Exploiter  
date:2018-05-21,name:Joomla EkRishta 2.10 Cross Site Scripting \/ SQL Injection  
date:2018-05-11,name:Joomla com_training SQL Injection Vulnerability  
date:2018-04-17,name:Joomla! Component jDownloads 3.2.58 Cross Site Scripting  
date:2018-04-13,name:Joomla Convert Forms 2.0.3 CSV Injection  
date:2018-04-09,name:Joomla com_foxcontact Shell Upload Vulnerability Exploit  
date:2018-04-06,name:Joomla JS Jobs 1.2.0 Cross Site Scripting  
date:2018-03-31,name:Joomla! Component Acymailing Starter 5.9.5 CSV Macro Injection  
date:2018-03-30,name:Joomla Component Fields SQLi Remote Code Execution  
date:2018-03-06,name:Joomla com_scatalog 2.0 SQL Injection Vulnerability  
date:2018-03-06,name:Joomla com_jomestate 1.0 Sql injection Vulnerability  
date:2018-03-06,name:Joomla com_pricelist SQL Injection Vulnerability  
date:2018-03-06,name:Joomla com_niceajaxpoll 1.4.0 Sql injection Vulnerability  
date:2018-03-06,name:Joomla com_subcategory 1.2.15 SQL Injection Vulnerability  
date:2018-03-06,name:Joomla! Component Joomanager 2.0.0  com_Joomanager Arbitrary File Download  
date:2018-03-05,name:Joomla com_fireboard SQL Injection Vulnerability  
date:2018-03-03,name:Joomla! 3.7 SQL Injection  
date:2018-02-28,name:Joomla! Component K2 2.8.0 Arbitrary File Download  
date:2018-02-28,name:Joomla kunena_com - SQL Injection Vulnerability  
date:2018-02-23,name:Joomla! Component OS Property Real Estate 3.12.7 SQL Injection  
date:2018-02-23,name:Joomla! Component Proclaim 9.1.1 Backup File Download  
date:2018-02-23,name:Joomla! Component PrayerCenter 3.0.2 sessionid SQL Injection  
date:2018-02-23,name:Joomla! Component Proclaim 9.1.1 Arbitrary File Upload  
date:2018-02-23,name:Joomla! Component CheckList 1.1.1 SQL Injection  
date:2018-02-23,name:Joomla! Component Alexandria Book Library 3.1.2 letter SQL Injection  
date:2018-02-23,name:Joomla! Component Ek Rishta 2.9 SQL Injection  
date:2018-02-22,name:Joomla! Component CW Tags 2.0.6 SQL Injection  
date:2018-02-17,name:Joomla! JquickContact 1.3.2.2.1 SQL Injection  
date:2018-02-17,name:Joomla! Google Map Landkarten 4.2.3 SQL Injection  
date:2018-02-17,name:Joomla! Gallery WD 1.3.6 SQL Injection  
date:2018-02-17,name:Joomla! Saxum Numerology 3.0.4 SQL Injection  
date:2018-02-17,name:Joomla! SquadManagement 1.0.3 SQL Injection  
date:2018-02-17,name:Joomla! Timetable Responsive Schedule For Joomla 1.5 SQL Injection  
date:2018-02-17,name:Joomla ccNewsletter 2.x.x SQL Injection  
date:2018-02-17,name:Joomla! MediaLibrary Free 4.0.12 SQL Injection  
date:2018-02-17,name:Joomla! SimpleCalendar 3.1.9 SQL Injection  
date:2018-02-17,name:Joomla! JTicketing 2.0.16 SQL Injection  
date:2018-02-17,name:Joomla! JS Jobs 1.1.9 SQL Injection  
date:2018-02-17,name:Joomla! JGive 2.0.9 SQL Injection  
date:2018-02-17,name:Joomla! InviteX 3.0.5 SQL Injection  
date:2018-02-17,name:Joomla! JS Autoz 1.0.9 SQL Injection  
date:2018-02-17,name:Joomla! Solidres 2.5.1 SQL Injection  
date:2018-02-17,name:Joomla! Project Log 1.5.3 SQL Injection  
date:2018-02-17,name:Joomla! Realpin 1.5.04 SQL Injection  
date:2018-02-17,name:Joomla! Saxum Astro 4.0.14 SQL Injection  
date:2018-02-06,name:Joomla! Component JSP Tickets 1.1 SQL Injection  
date:2018-02-06,name:Joomla! Component jLike 1.0 Information Leak  
date:2018-02-06,name:Joomla! Component Zh GoogleMap 8.4.0.0 SQL Injection  
date:2018-02-06,name:Joomla! Component Zh YandexMap 6.2.1.0 id SQL Injection  
date:2018-02-06,name:Joomla! Component Zh BaiduMap 3.0.0.1 SQL Injection  
date:2018-02-03,name:Joomla! JEXTN Reverse Auction 3.1.0 SQL Injection  
date:2018-02-03,name:Joomla! JMS Music 1.1.1 SQL Injection  
date:2018-02-03,name:Joomla! JE PayperVideo 3.0.0 SQL Injection  
date:2018-02-02,name:joomla! com_joomlabook  components SQL Injection  
date:2018-01-31,name:Joomla! Visual Calendar 3.1.3 SQL Injection  
date:2018-01-31,name:Joomla! Picture Calendar For Joomla 3.1.4 Directory Traversal  
date:2018-01-30,name:Joomla JEXTN FAQ Pro 4.0.0 - SQL Injection  
date:2018-01-29,name:Joomla! Jtag Members Directory 5.3.7 Arbitrary File Download  
date:2018-01-29,name:Joomla! JS Support Ticket 1.1.0 Cross Site Request Forgery  
date:2018-01-27,name:VirtueMart2.6.12.2 Joomla 2.5.27 Stable Full Package Sql Vulnerability  
date:2018-01-11,name:Joomla! Easydiscuss Cross Site Scripting  
date:2018-01-05,name:Joomla JMultipleHotelReservation 6.0.5 SQL Injection  
date:2018-01-05,name:Joomla Ad Agency 6.0.9 SQL Injection  
date:2018-01-05,name:Joomla JUX Real Estate 3.3.0 SQL Injection  
date:2018-01-05,name:Joomla J-BusinessDirectory 4.7.3 SQL Injection  
date:2018-01-04,name:Joomla EXP Auto 4.2.3 SQL Injection  
date:2018-01-03,name:Joomla JomDirectory 4.4 SQL Injection  
date:2018-01-03,name:Joomla VP Conversion Tracking 1.7 SQL Injection  
date:2017-12-31,name:Joomla YouBumpit 2.0 SQL Injection  
date:2017-12-30,name:Joomla Varista Education 2.9 SQL Injection  
date:2017-12-30,name:Joomla JomEvents 3.7 SQL Injection  
date:2017-12-30,name:Joomla Jtag Minicart 4.1.0 SQL Injection  
date:2017-12-30,name:Joomla Jtag Members Directory 5.3.7 SQL Injection  
date:2017-12-30,name:Joomla JomEstate PRO 3.7 SQL Injection  
date:2017-12-30,name:Joomla JomHoliday 4.0 SQL Injection  
date:2017-12-30,name:Joomla SP Movie Database 1.4 SQL Injection  
date:2017-12-26,name:Joomla! Component JEXTN FAQ Pro 4.0.0 id SQL Injection  
date:2017-12-22,name:Joomla JB Bus 2.3.0 SQL Injection  
date:2017-12-22,name:Joomla JB Tour Booking 2.2.2 SQL Injection  
date:2017-12-19,name:Joomla! My Projects 2.0 SQL Injection  
date:2017-12-19,name:Joomla! Guru Pro SQL Injection  
date:2017-12-19,name:Joomla! JB Visa 1.0 SQL Injection  
date:2017-12-19,name:Joomla! User Bench 1.0 SQL Injection  
date:2017-12-17,name:Joomla Component JBcatalog - Arbitrary File Upload  
date:2017-12-15,name:Joomla! JEXTN Question And Answer 3.1.0 SQL Injection  
date:2017-12-15,name:Joomla! JEXTN Video Gallery 3.0.5 SQL Injection  
date:2017-12-13,name:Joomla Com_fabrik Upload Shell  
date:2017-12-13,name:Joomla JBuildozer 1.4.1 SQL Injection  
date:2017-10-31,name:Joomla! Component NS Download Shop 2.2.6 id SQL Injection  
date:2017-10-31,name:Joomla! Component Zh YandexMap 6.1.1.0 placemarklistid SQL Injection  
date:2017-10-01,name:Joomla NS Download Shop 2.2.6 SQL Injection  
date:2017-10-01,name:Joomla Zh YandexMap 6.1.1.0 SQL Injection  
date:2017-09-25,name:Joomla! 3.7.5 LDAP Injection  
date:2017-09-12,name:Huge-IT Video Gallery v1.0.9 for Joomla Unauthenticated SQL Injection  
date:2017-09-12,name:Huge-IT Catalog v1.0.7 for Joomla Unauthenticated SQL Injection  
date:2017-09-03,name:Joomla Pinboard Romet File Upload  
date:2017-09-01,name:Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.6 - SQL Injection  
date:2017-08-31,name:Joomla! Component Quiz Deluxe 3.7.4 SQL Injection  
date:2017-08-31,name:Joomla! Component Joomanager 2.0.0 Arbitrary File Download  
date:2017-08-22,name:Joomla Ajax Quiz 1.8 SQL Injection  
date:2017-08-21,name:Joomla Component Calendar Planner 1.0.1 - SQL Injection  
date:2017-08-20,name:Joomla Component com_annonces Upload Shell  
date:2017-08-20,name:Joomla com_eportfolio Upload  Vulnerability  
date:2017-08-19,name:Joomla! Component Appointment 1.1 - SQL Injection  
date:2017-08-19,name:Joomla! Component Calendar Planner 1.0.1 - SQL Injection  
date:2017-08-19,name:Joomla! Component SP Movie Database 1.3 - SQL Injection  
date:2017-08-19,name:Joomla! Component Zap Calendar Lite 4.3.4 - SQL Injection  
date:2017-08-19,name:Joomla! Component KissGallery 1.0.0 - SQL Injection  
date:2017-08-19,name:Joomla! Component Twitch Tv 1.1 - SQL Injection  
date:2017-08-18,name:Joomla com_jumi Remote SQL Injection  
date:2017-08-18,name:Joomla com_weblinks Shell Upload Vulnerability  
date:2017-08-04,name:Joomla! Component StreetGuessr Game 1.1.8 SQL Injection  
date:2017-08-03,name:Joomla Component Ultimate Property Listing 1.0.2 - SQL Injection  
date:2017-08-02,name:Joomla! Component Event Registration Pro Calendar 4.1.3 - SQL Injection  
date:2017-08-02,name:Joomla! Component LMS King Professional 3.2.4.0 - SQL Injection  
date:2017-08-02,name:Joomla! Component Ultimate Property Listing 1.0.2 - SQL Injection  
date:2017-08-02,name:Joomla! Component SIMGenealogy 2.1.5 - SQL Injection  
date:2017-08-02,name:Joomla! Component PHP-Bridge 1.2.3 - SQL Injection  
date:2017-07-29,name:Joomla! Component CCNewsLetter 2.1.9 - &#039;sbid&#039; Parameter SQL Injection  
date:2017-07-21,name:Joomla JoomRecipe 1.0.4 Component - Blind SQL Injection Vulnerability  
date:2017-07-10,name:Joomla Akobook Component Cross-Site Scripting  
date:2017-06-29,name:Joomla SocialPinBoard Arbitrary File Upload  
date:2017-06-16,name:Joomla! Component JoomRecipe 1.0.3 SQL Injection  
date:2017-06-11,name:Joomla COM_ALPHACONTENT 4.0.11 SQL injection Vulnerability *youtube  
date:2017-06-11,name:Joomla COM_FWZ_EVENTS 1.0 SQL injection Vulnerability  
date:2017-05-31,name:Se*y Exploit Joomla File Upload  
date:2017-05-31,name:Joomla 3.x Proof Of Concept Shell Upload  
date:2017-05-29,name:Joomla VideoFlow 1.2.0 SQL Injection Vulnerability  
date:2017-05-25,name:Joomla VideoFlow 1.2.0 - SQL Injection  
date:2017-05-24,name:Joomla VideoFlow 1.2.0 SQL Injection  
date:2017-05-20,name:Joomla 3.7.0 Fields SQL Injection  
date:2017-05-19,name:Joomla Component SIMGallery 6.0.0 - Full Path Disclosure  
date:2017-05-02,name:Joomla com_tag Component - &#039;Tag&#039; Parameter Sql Injection Vulnerability  
date:2017-05-01,name:Joomla Component JGrid 4.44 - SQL Injection  
date:2017-04-27,name:Joomla jDBexport 3.2.10 Cross Site Scripting \/ Path Disclosure  
date:2017-04-27,name:Joomla MyPortfolio 3.0.2 SQL Injection  
date:2017-04-15,name:Joomla com_phocadownload SQL Vulnerability  
date:2017-04-08,name:Joomla com_winners - &#039;id&#039; Parameter SQL Injection  
date:2017-04-03,name:Joomla Component JobGrok Listing 3.1-1.2.58 - SQL Injection  
date:2017-04-03,name:Joomla Component JobGrok Application 3.1-1.2.55 - SQL Injection  
date:2017-03-24,name:Joomla FocalPoint 1.2.3 SQL Injection  
date:2017-03-23,name:Joomla Component FocalPoint 1.2.3 - SQL Injection  
date:2017-03-22,name:Joomla Extra Search 2.2.8 SQL Injection  
date:2017-03-21,name:Joomla JooCart 2.x SQL Injection  
date:2017-03-20,name:Joomla jCart For OpenCart 2.0 SQL Injection  
date:2017-03-16,name:Joomla Vik Appointments 1.5 SQL Injection  
date:2017-03-16,name:Joomla Vik Rent Car 1.11 SQL Injection  
date:2017-03-16,name:Joomla Vik Rent Items 1.3 SQL Injection  
date:2017-03-15,name:Joomla Advertisement Board 3.0.4 SQL Injection  
date:2017-03-15,name:Joomla Simple Membership 3.3.3 SQL Injection  
date:2017-03-14,name:Joomla ALFContact 3.2.3 SQL Injection  
date:2017-03-13,name:Joomla com_kide Component &#039;view&#039; Parameter Sql Injection Vulnerability  
date:2017-03-13,name:Joomla com_carocci Component &#039;isbn&#039; Parameter Sql Injection Vulnerability  
date:2017-03-11,name:Joomla com_product 2.2 SQL injection Vulnerability  
date:2017-03-08,name:Joomla Akeeba Backup 5.2.5 Directory Traversal  
date:2017-03-07,name:Joomla Component Akeeba Backup 5.2.5 - Directory Traversal  
date:2017-03-04,name:Joomla Abstract 2.1 SQL Injection  
date:2017-03-04,name:Joomla Guesser 1.0.4 SQL Injection  
date:2017-03-04,name:Joomla Recipe Manager 2.2 SQL Injection  
date:2017-03-04,name:Joomla StreetGuessr Game 1.0 SQL Injection  
date:2017-03-02,name:Joomla com_jdownloads Component - &#039;cid&#039; Parameter Sql Injection Vulnerability  
date:2017-03-02,name:Joomla com_webgrouper Component - &#039;Itemid&#039; Parameter Sql Injection Vulnerability  
date:2017-03-01,name:Joomla com_frontpage Component &#039;Itemid&#039; Parameter Sql Injection Vulnerability  
date:2017-03-01,name:Joomla com_filecabinet Component &#039;id&#039; Parameter Sql Injection Vulnerability  
date:2017-03-01,name:Joomla com_phocadownload Component &#039;id&#039; Parameter Sql Injection Vulnerability  
date:2017-02-28,name:Joomla Spinner 360 1.3.0 SQL Injection  
date:2017-02-26,name:Joomla com_remository Component &#039;id&#039; Parameter Sql Injection Vulnerability  
date:2017-02-26,name:Joomla com_k2 Component &#039;id&#039; Parameter Sql Injection Vulnerability  
date:2017-02-26,name:Joomla com_onlinejudge Component - &#039;Itemid&#039; Parameter Sql Injection Vulnerability  
date:2017-02-26,name:Joomla com_fsf Component &#039;catid&#039; Parameter Sql Injection Vulnerability  
date:2017-02-26,name:Joomla com_publication Component &#039;sid&#039; Parameter Sql Injection Vulnerability  
date:2017-02-25,name:Joomla com_jumi - SQL Injection Exploit  
date:2017-02-25,name:Joomla com_comprofiler Component Sql Injection Vulnerability  
date:2017-02-25,name:Joomla com_wisroyq Component - &#039;Pid&#039; Parameter Sql Injection Vulnerability  
date:2017-02-25,name:Joomla com_sgpprojects Component Sql Injection Vulnerability  
date:2017-02-25,name:Joomla com_glossary Component &#039;id&#039; Parameter Sql Injection Vulnerability  
date:2017-02-25,name:Joomla com_civicrm Component &#039;id&#039; Parameter Sql Injection Vulnerability  
date:2017-02-25,name:Joomla GPS Tools 4.0.1 SQL Injection  
date:2017-02-25,name:Joomla AJAX Search For K2 2.2 SQL Injection  
date:2017-02-25,name:Joomla Community Surveys 4.3 SQL Injection  
date:2017-02-25,name:Joomla Community Quiz 4.3.5 SQL Injection  
date:2017-02-25,name:Joomla JO Facebook Gallery 4.5 SQL Injection  
date:2017-02-25,name:Joomla Community Polls 4.5.0 SQL Injection  
date:2017-02-25,name:Joomla JooDatabase 3.1.0 SQL Injection  
date:2017-02-25,name:Joomla Intranet Attendance Track 2.6.5 SQL Injection  
date:2017-02-24,name:Joomla J-CruiseReservation Standard 3.0 SQL Injection  
date:2017-02-24,name:Joomla VehicleManager 3.9 SQL Injection  
date:2017-02-24,name:Joomla RealEstateManager 3.9 SQL Injection  
date:2017-02-24,name:Joomla MultiTier 3.1 SQL Injection  
date:2017-02-24,name:Joomla MediaLibrary Basic 3.5 SQL Injection  
date:2017-02-24,name:Joomla UserExtranet 1.3.1 SQL Injection  
date:2017-02-24,name:Joomla BookLibrary 3.6.1 SQL Injection  
date:2017-02-24,name:Joomla Eventix Events Calendar 1.0 SQL Injection  
date:2017-02-24,name:Joomla J-BusinessDirectory 4.6.8 SQL Injection  
date:2017-02-24,name:Joomla AppointmentBookingPro 4.0.1 SQL Injection  
date:2017-02-22,name:Joomla Component com_digistore &#039;cid&#039; Parameter Sql Injection Vulnerability  
date:2017-02-22,name:Joomla Component com_redshop &#039;Pid&#039; Parameter Sql Injection Vulnerability  
date:2017-02-22,name:Joomla Component com_fabrik XSS Injection Vulnerability  
date:2017-02-21,name:Joomla Anief 1.5 SQL Injection  
date:2017-02-21,name:Joomla DJCatalog2 1.5 SQL Injection  
date:2017-02-20,name:Joomla Component Com_rsgallery2 &#039;gid&#039; Parameter Sql Injection Vulnerability  
date:2017-02-19,name:Joomla Component com_djcatalog2 &#039;cid&#039; Parameter Sql Injection Vulnerability  
date:2017-02-19,name:Joomla Component com_maxcomment Sql Injection Vulnerability  
date:2017-02-18,name:Joomla com_media Upload Vulnerability  
date:2017-02-18,name:Joomla Component com_dcrc &#039;pid&#039; Parameter Sql Injection Vulnerability  
date:2017-02-18,name:Joomla Component com_topics &#039;id&#039; Parameter Sql Injection Vulnerability  
date:2017-02-18,name:Joomla Component com_docman &#039;gid&#039; Parameter Sql Injection Vulnerability  
date:2017-02-15,name:Joomla Music Collection 3.0.3 SQL Injection  
date:2017-02-14,name:Joomla Hbooking 1.9.9 SQL Injection  
date:2017-02-14,name:Joomla JE Auto 1.5 SQL Injection  
date:2017-02-14,name:Joomla JE Auction 1.6 SQL Injection  
date:2017-02-14,name:Joomla JE Tour 2.0 SQL Injection  
date:2017-02-14,name:Joomla JE Video Rate 1.0 SQL Injection  
date:2017-02-14,name:Joomla JE Classify Ads 1.2 SQL Injection  
date:2017-02-14,name:Joomla JE Quiz 2.3 SQL Injection  
date:2017-02-14,name:Joomla JE Directory Ads 1.7 SQL Injection  
date:2017-02-14,name:Joomla JE K2 Multiple Form Story 1.3 SQL Injection  
date:2017-02-14,name:Joomla JE Form Creator 1.8 SQL Injection  
date:2017-02-14,name:Joomla JE Ticket System 1.2 SQL Injection  
date:2017-02-14,name:Joomla JE Grid Folio SQL Injection  
date:2017-02-14,name:Joomla JE Portfolio Creator 1.2 SQL Injection  
date:2017-02-14,name:Joomla JE Property Finder 1.6.3 SQL Injection  
date:2017-02-14,name:Joomla JE Gallery 1.3 SQL Injection  
date:2017-02-14,name:Joomla JE Messanger SQL Injection  
date:2017-02-14,name:Joomla JE QuoteForm SQL Injection  
date:2017-02-14,name:Joomla Component GeoContent 4.5 - Cross-site scripting  
date:2017-02-14,name:Joomla JE Awd Song 1.8 SQL Injection  
date:2017-02-14,name:Joomla Component GameServer! 3.4 - SQL Injection  
date:2017-02-14,name:Joomla Component Fastball 3.2.8 - SQL Injection  
date:2017-02-13,name:Joomla Component onisMusic 2 - SQL Injection  
date:2017-02-13,name:Joomla Component onisQuotes 2.5 - SQL Injection  
date:2017-02-13,name:Joomla Component onisPetitions 2.5 - SQL Injection  
date:2017-02-13,name:Joomla Component Sports Predictions 2.1.0.4 - Cross-site scripting  
date:2017-02-13,name:Joomla Component Soccer Bet 4.1.5 - SQL Injection  
date:2017-02-13,name:Joomla Component Vik Booking 1.7 - SQL Injection  
date:2017-02-13,name:Joomla Component Sponsor Wall 7.0 - SQL Injection  
date:2017-02-11,name:Joomla com_joominaflileselling 2.2 SQL injection Vulnerability  
date:2017-01-30,name:Joomla Store Locator 2.3.1.0 Cross Site Scripting  
date:2017-01-28,name:Joomla Component Store Locator 2.3.1.0 - Cross-site scripting  
date:2017-01-28,name:Joomla Component JTAG Calendar 6.2.4 - SQL Injection  
date:2017-01-26,name:Joomla! &lt;  2.5.2 - Admin Creation  
date:2017-01-26,name:Joomla! &lt;  3.6.4 - Admin TakeOver  
date:2017-01-08,name:F3D4\u0130&#039;s Joomla Arbitrary File Upload Vulnerability  
date:2017-01-03,name:Joomla com_remository Remote Upload File  
date:2016-12-30,name:Joomla aWeb Cart Watching System For Virtuemart 2.6.0 SQL Injection  
date:2016-12-30,name:Joomla! Blog Calendar SQL Injection  
date:2016-12-27,name:Joomla Blog Calendar SQL Injection  
date:2016-12-21,name:Syrian&#039;s joomla 1.6.x Download Database Backup  
date:2016-12-20,name:Joomla RPL 8.9.2 SQL Injection  
date:2016-12-17,name:Joomla com_rpl SQL injection Vulnerability  
date:2016-12-13,name:Joomla extension DT Register SQL injection  
date:2016-11-22,name:Joomla K2 2.7.1 Shell Upload \/ Cross Site Request Forgery  
date:2016-10-27,name:Joomla (&lt;  3.6.4) Account Creation\/Elevated Privileges write-up and exploit  
date:2016-10-11,name:Joomla Virtuemart 2.6. com_devn_vmattribute Arbitrary File Upload Vulnerability  
date:2016-10-03,name:Joomla DVFolderContent 1.0.2 Local File Disclosure  
date:2016-09-28,name:Joomla com_remository Component - Full Path Disclosure Vulnerability  
date:2016-09-27,name:Joomla Event Booking 2.10.1 SQL Injection  
date:2016-09-23,name:Joomla Huge-IT Video Gallery 1.0.9 SQL Injection  
date:2016-09-21,name:Joomla! session id not hashed  
date:2016-09-16,name:Joomla com_cckjseblod Config File Download Vulnerability  
date:2016-09-13,name:Joomla jVoteSystem Component 2.56 SQL Injection  
date:2016-09-13,name:Joomla jVoteSystem 2.56 Component Cross Site Scripting  
date:2016-09-11,name:Joomla com_alberghi Arbitrary File Upload Vulnerability  
date:2016-08-31,name:Joomla com_jsjobs SQL injection Vulnerability  
date:2016-08-31,name:Joomla com_offices SQL injection Vulnerability  
date:2016-08-17,name:Joomla com aceftp Arbitrary File Download Vulnerability  
date:2016-08-16,name:Joomla AceFTP Arbitrary File Download  
date:2016-08-11,name:Joomla com_registrationpro SQL injection Vulnerability  
date:2016-08-06,name:K2 Joomla! Extension Cross Site Scripting  
date:2016-08-04,name:Joomla com_videoflow SQL injection Vulnerability  
date:2016-08-02,name:Joomla com_breezingforms Arbitrary File Upload  
date:2016-07-28,name:Huge IT Joomla Catalog Extension 1.0.4 XSS \/ SQL Injection  
date:2016-07-28,name:Joomla com_seyret SQL Injection  
date:2016-07-26,name:Joomla Huge IT Gallery 1.1.5 Cross Site Scripting \/ SQL Injection  
date:2016-07-25,name:Joomla com_showdown SQL injection Vulnerability  
date:2016-07-19,name:Joomla com_aicontactsafe Arbitrary File Upload \/ SQL injection Vulnerability  
date:2016-07-17,name:Joomla com_music SQL injection Vulnerability  
date:2016-07-17,name:Joomla Component com_jcalpro XSS  
date:2016-07-15,name:Joomla Guru Pro SQL Injection  
date:2016-07-15,name:Joomla Zh GoogleMap 8.1.2.0 Blind SQL Injection  
date:2016-07-13,name:Joomla com_ jomres SQL injection Vulnerability  
date:2016-07-12,name:Joomla com_jbusinessdirectory SQL injection  
date:2016-07-12,name:Joomla Branch 3.0 SQL Injection  
date:2016-07-12,name:Joomla XMap 2.3.4 SQL Injection  
date:2016-07-12,name:Joomla Services SQL Injection  
date:2016-07-12,name:Joomla Forms 1.3.1 SQL Injection  
date:2016-07-10,name:Joomla com_threate 1.1.4 SQL injection  
date:2016-07-09,name:Joomla Topics 1.5.12 SQL Injection  
date:2016-07-02,name:Joomla com_jotloader - Full Path Disclosure Vulnerability  
date:2016-07-01,name:Joomla com_smartformer 2.4.1 Shell Upload  
date:2016-06-22,name:Joomla Publisher 3.0.11 SQL Injection  
date:2016-06-20,name:Joomlaxtc Template Burgertime Cross Site Scripting Stored Vulnerability  
date:2016-06-19,name:Joomla com_bt_media - SQL Injection  
date:2016-06-16,name:Joomla En-Masse 6.4 SQL Injection  
date:2016-06-15,name:Joomla Catfiltering 1.5.4 SQL Injection  
date:2016-06-15,name:Joomla com_catfiltering - SQL Injection  
date:2016-06-15,name:Joomla com_affiliate - SQL Injection  
date:2016-06-13,name:Joomla com_payplans - SQL Injection  
date:2016-06-11,name:Joomla com_maqmahelpdesk - XSS Vulnerability  
date:2016-06-08,name:Joomla com_availcal - SQL Injection  
date:2016-06-08,name:Joomla JobGrokApp 3.1-1.2.55 SQL Injection  
date:2016-06-08,name:Joomla com_joomdoc - Full Path Disclosure Vulnerability  
date:2016-06-05,name:Joomla Jumi 3.0.5 Cross Site Scripting  
date:2016-06-02,name:Joomla SecurityCheck 2.8.9 Cross Site Scripting \/ SQL Injection  
date:2016-05-31,name:Joomla Simple Calendar 0.7.6b SQL Injection  
date:2016-05-17,name:Joomla com_ksadvertiser Advertiser Remote File &amp; Bypass Upload shell  
date:2016-05-17,name:Joomla Component com_foxcontact Arbitrary File Upload  shell  Vulnerability  
date:2016-05-13,name:Joomla com property unrestricted file upload image php  
date:2016-05-13,name:Joomla Component com_smartformer shell upload Vulnerability  
date:2016-05-13,name:Joomla com_garyscookbook file upload  
date:2016-05-11,name:Joomla Simple Photo Gallery - SQL injection  
date:2016-05-11,name:Joomla Event Manager (com_jem) - Cross Site Scripting  
date:2016-04-11,name:Joomla com_simpleimageupload Image Upload - Arbitrary File Upload  
date:2016-03-23,name:Joomla iCagenda 3.5.15 Cross Site Scripting  
date:2016-03-23,name:Joomla Easy Youtube Gallery 1.0.2 SQL Injection  
date:2016-02-10,name:Joomla Subcategory 1.2.15 SQL Injection  
date:2016-02-10,name:Joomla Scatalog 2.0 SQL Injection  
date:2016-02-08,name:Joomla Pricelist 3.2.1 SQL Injection  
date:2016-01-29,name:Joomla Component com_hotel XSS  
date:2016-01-27,name:Joomla com_hotelguide Sql injection  
date:2016-01-24,name:Joomla com_abook Sql Injection  
date:2016-01-21,name:Joomla com_hotproperty SQL Injection  
date:2016-01-20,name:Joomla Fsave 2.0 Local File Disclosure  
date:2016-01-20,name:Joomla com_furniture SQL Injection  
date:2016-01-19,name:Joomla com_jumi Remote SQL Injection Exploit  
date:2016-01-19,name:Joomla com_igallery Sql Injection  
date:2015-12-21,name:Joomla Object Injection RCE Vulnerability (py Exploit)  
date:2015-12-16,name:Joomla 1.5 - 3.4.5 Object Injection Remote Command Execution Exploit  
date:2015-12-15,name:Joomla Shape 5 MP3 Player 2.0 Local File Disclosure  
date:2015-12-15,name:Joomla Critical 0-day Remote Command Execution Vulnerability  
date:2015-12-11,name:Joomla Nice Ajax Poll 1.4.0 SQL Injection  
date:2015-12-03,name:Joomla dtracker exploit SQL Injection  
date:2015-12-02,name:Joomla Dom_asbcgraph SQLi  
date:2015-11-23,name:Joomla com_autostand File Upload Vulnerability  
date:2015-11-23,name:Joomla com_media Remot File Upload Vulnerability  
date:2015-11-21,name:Joomla Content History SQL Injection Remote Code Execution  
date:2015-11-11,name:Joomla Cryptography Fails  
date:2015-11-01,name:Joomla com_ebcontent SQL injection  
date:2015-11-01,name:Joomla cckjseblod exploit LFD  
date:2015-10-30,name:Joomla JNews SQL Injection  
date:2015-10-23,name:Joomla SQL Injection Vulnerability in Full Administrative Access  
date:2015-10-23,name:Realtyna RPL 8.9.2 Joomla Extension Persistent XSS And CSRF Vulnerabilities  
date:2015-10-23,name:Realtyna RPL 8.9.2 Joomla Extension Multiple SQL Injection Vulnerabilities  
date:2015-10-11,name:Joomla! CMS 3.4.3 Cross Site Scripting  
date:2015-10-07,name:Joomla Komento Cross Site Scripting  
date:2015-10-05,name:Joomla jetext LFD  
date:2015-09-21,name:Joomla vnmshop SQL Injection  
date:2015-09-01,name:Joomla GoogleSearch (CSE) 3.0.2 Cross Site Scripting  
date:2015-08-17,name:Joomla com_memorix component SQL Injection vulnerability  
date:2015-08-01,name:Vulnerability in VirtueMart for Joomla  
date:2015-07-22,name:Joomla Helpdesk Pro XSS \/ File Disclosure \/ SQL Injection  
date:2015-07-14,name:Joomla com_docman Full Path Disclosure &amp; Local File Disclosure\/Include  
date:2015-07-13,name:Joomla J2Store 3.1.6 SQL Injection  
date:2015-06-28,name:Joomla Simple Image Upload 1.0 Shell Upload  
date:2015-06-25,name:Joomla Simple Image Upload Arbitrary File Upload  
date:2015-04-02,name:Joomla Simple Photo Gallery Shell Upload  
date:2015-03-30,name:Joomla Gallery WD SQL Injection  
date:2015-03-25,name:Joomla Spider Random Article SQL Injection  
date:2015-03-25,name:Joomla Random Article SQL Injection  
date:2015-03-19,name:Joomla ECommerce-WD 1.2.5 SQL Injection  
date:2014-11-20,name:Joomla Simple Email Form 1.8.5 Cross Site Scripting  
date:2014-11-18,name:Joomla HD FLV 2.1.0.1 Arbitrary File Download  
date:2014-11-14,name:Joomla Eventbooking Cross Site Scripting  
date:2014-11-14,name:Joomla HD FLV 2.1.0.1 SQL Injection  
date:2014-11-07,name:Joomla\/WordPress XCloner Command Execution \/ Password Disclosure  
date:2014-10-24,name:WordPress \/ Joomla Creative Contact Form 0.9.7 Shell Upload  
date:2014-09-23,name:Joomla Mac Gallery &lt;= 1.5 Arbitrary File Download  
date:2014-09-13,name:Joomla Spider Form Maker 4.3 SQL Injection  
date:2014-09-08,name:Joomla Spider Calendar &lt;= 3.2.6 SQL Injection Exploit  
date:2014-08-27,name:Joomla Spider 2.8.3 SQL Injection  
date:2014-07-31,name:Joomla Kunena Forum 3.0.5 Cross Site Scripting  
date:2014-07-31,name:Joomla Kunena Forum 3.0.5 SQL Injection  
date:2014-07-17,name:Joomla Youtube Gallery 4.1.7 SQL Injection  
date:2014-07-08,name:Joomla JChatSocial 2.2 Cross Site Scripting  
date:2014-04-16,name:Joomla SMF Cross Site Scripting  
date:2014-04-15,name:Joomla BeaconDecode Cross Site Scripting  
date:2014-04-15,name:Joomla EWriting Cross Site Scripting  
date:2014-04-09,name:Joomla Inneradmission SQL Injection  
date:2014-03-28,name:Joomla Kunena 3.0.4 Cross Site Scripting  
date:2014-03-16,name:Joomla AJAX Shoutbox SQL Injection  
date:2014-03-16,name:Joomla Youtube Gallery 3.4.0 Cross Site Scripting  
date:2014-03-16,name:Joomla Pbbooking 2.4 Cross Site Scripting  
date:2014-03-16,name:Joomla Freichat Cross Site Scripting  
date:2014-03-16,name:Joomla Multi Calendar 4.0.2 Cross Site Scripting  
date:2014-03-16,name:Joomla eXtplorer 2.1.3 Cross Site Scripting  
date:2014-03-04,name:Joomla 3.2.2 Cross Site Scripting  
date:2014-02-26,name:Joomla-Base XSS \/ XML Injection \/ Denial Of Service  
date:2014-02-24,name:JoomLeague for Joomla Multiple vulnerabilities  
date:2014-02-15,name:Joomla JomSocial Remote Code Execution Vulnerability  
date:2014-01-26,name:Joomla Music Collection XSS &amp; FPD  
date:2014-01-26,name:Joomla iRecommend XSS &amp; FPD  
date:2014-01-24,name:Joomla StackIdeas Extensions Multiple Vulnerabilities  
date:2014-01-24,name:Joomla JV Comment 3.0.2 SQL Injection  
date:2014-01-24,name:Joomla Komento 1.7.2 Cross Site Scripting  
date:2014-01-22,name:Joomla Zap Weather FPD &amp; Zap Calendar XSS  
date:2014-01-17,name:Sexy Polling Joomla Extension SQL Injection  
date:2014-01-11,name:Joomla com_aclassfb File Upload Vulnerability  
date:2014-01-10,name:Joomla Melody Cross Site Scripting  
date:2014-01-08,name:Joomla Aclsfgpl Shell Upload  
date:2013-12-08,name:Joomla Flexicontent Remote Code Execution  
date:2013-12-05,name:Joomla Hotornot2 Shell Upload  
date:2013-12-03,name:Joomla Alphauserpoints phpThumb.php Shell Upload  
date:2013-12-01,name:Joomla com_jmultimedia Remote Command Execution  
date:2013-11-01,name:Joomla Joomleague Shell Upload  
date:2013-10-23,name:Joomla component com_maian15 remode code injection  
date:2013-09-27,name:joomla com_seminar Cross site scripting Vulnerability  
date:2013-09-24,name:Joomla JVideoClip Blind SQL Injection  
date:2013-08-30,name:Joomla com_pccookbook Components Sql Injection vulnerability  
date:2013-08-24,name:Joomla Virtuemart 2.0.22a SQL Injection  
date:2013-08-19,name:Joomla com_jdownloads Cross Site Scripting  
date:2013-08-15,name:Joomla Media Manager File Upload Vulnerability  
date:2013-08-09,name:Joomla redSHOP 1.2 SQL Injection  
date:2013-08-06,name:Joomla com_sectionex v2.5.96 SQL Injection vulnerabilities  
date:2013-08-06,name:Joomla 3.1.5 Cross Site Scripting  
date:2013-08-01,name:Joomla Component com_easybookreloaded Sql Injection Vulnerability  
date:2013-07-29,name:Joomla Googlemaps 3.2 Cross Site Scripting \/ Denial Of Service  
date:2013-07-17,name:Joomla Googlemaps XSS \/ XML Injection \/ Path Disclosure \/ DoS  
date:2013-07-11,name:Joomla AICONTACTSAFE 2.0.19 Cross Site Scripting  
date:2013-07-10,name:Joomla Attachments Shell Upload  
date:2013-07-01,name:Xorbin Analog Flash Clock 1.0 For Joomla XSS  
date:2013-06-27,name:Joomla com_g2bridge Components Local File Include vulnerability  
date:2013-06-20,name:Joomla Rokdownloads Shell Upload  
date:2013-06-19,name:Joomla 1.5.26, 2.5.11, 3.1.1 crypto vulnerability  
date:2013-06-16,name:Joomla com_extplorer Components shell upload Vulnerability  
date:2013-05-15,name:Joomla Jnews 8.0.1 Cross Site Scripting  
date:2013-05-14,name:Joomla Phocagallery 3.0.0 \/ 4.0.0 Cross Site Scripting  
date:2013-05-13,name:Joomla Component com_s5clanroster Sql Injection Vulnerability  
date:2013-05-13,name:Joomla Component com_shohada Local File Inclusion  
date:2013-05-13,name:Joomla Component com_myalbum Blind Injection Vulnerability  
date:2013-05-09,name:Joomla DJ Classifieds Extension 2.0 SQL Injection  
date:2013-04-30,name:Joomla! &lt;= 3.0.3 (remember.php) PHP Object Injection Vulnerability  
date:2013-04-23,name:Joomla com_civicrm Exploitation Tool with MultiThread *youtube  
date:2013-04-21,name:Joomla component com_civicrm remode code injection exploit  
date:2013-04-06,name:Joomla GPL Template Cross Site Scripting  
date:2013-03-27,name:Joomla Component JCE File Upload Remote Code Execution  
date:2013-03-22,name:Joomla Component com_wordpress XSS Vulnerability  
date:2013-03-18,name:Joomla Component RSfiles &lt;= (cid) SQL injection Vulnerability  
date:2013-03-18,name:Joomla com_preachit XSS Vulnerability  
date:2013-02-28,name:Joomla! 3.0.2 PHP Object Injection  
date:2013-01-21,name:Joomla Collector Shell Upload  
date:2013-01-19,name:Joomla com_picaweb SQL injection  
date:2013-01-09,name:Joomla Incapsula Component &lt;= 1.4.6_b Reflected Cross-Site Scripting  
date:2013-01-08,name:Joomla Ignite Gallery 0.8.3.1 SQL Injection  
date:2013-01-08,name:Joomla LiveChat 2.0 XSS &amp; SQL Injection  
date:2012-12-28,name:Joomla bch and Content Shell Upload  
date:2012-12-28,name:Joomla Aclassif Cross Site Scripting  
date:2012-12-19,name:Joomla Component bit LFI Vulnerability  
date:2012-12-19,name:Joomla Component RPX LFI Vulnerability  
date:2012-12-19,name:Joomla Component ztautolink LFI Vulnerability  
date:2012-12-12,name:Joomla Jooproperty SQL Injection &amp;Cross Site Scripting  
date:2012-11-28,name:Joomla Community Builder Enhenced (CBE) Component LFI\/RCE  
date:2012-11-14,name:joomla com_autostand shell upload vulnerability  
date:2012-11-04,name:Joomla com_parcoauto SQL injection Vulnerability  
date:2012-11-01,name:Joomla 2.5.6 Multiple Cross-site scripting vulnerabilities  
date:2012-10-31,name:Joomla com_quiz sql\/xss Vulnerability  
date:2012-10-23,name:Joomla SQLReport Password Disclosure  
date:2012-10-20,name:Joomla Tag SQL Injection  
date:2012-10-20,name:Joomla Freestyle Support 1.9 SQL Injection  
date:2012-10-20,name:Joomla Commedia 3.1 SQL Injection  
date:2012-09-30,name:joomla FreiChat upload shell  
date:2012-09-27,name:Joomla Component com_joomla_flash_uploader Remote File Upload  
te:2012-09-23,name:Joomla <= 1.0.9 Weblinks blind SQL injection \/ admin credentials  
te:2012-09-22,name:Mambo \/ Joomla FCKEditor Local File Inclusion  
te:2012-09-18,name:Joomla Spider Calendar Lite SQL Injection  
te:2012-08-29,name:Joomla com_ornekek SQL Vulnerability  
te:2012-08-29,name:Joomla com_weblinks SQL Vulnerability  
te:2012-08-28,name:Joomla Komento SQL Injection  
te:2012-08-25,name:Joomla 1.7 \/ 2.5 Civicrm Arbitrary File Upload  
te:2012-08-14,name:Joomla com_fireboard SQL Injection Vulnerabilit  
te:2012-08-07,name:Joomla com_package SQL Injection Vulnerability  
te:2012-08-07,name:Joomla Photo SQL Injection  
te:2012-08-07,name:Joomla Enmasse SQL Injection  
te:2012-08-07,name:Joomla com_agileplmform file upload vulnerability  
te:2012-08-07,name:Joomla Nice Ajax Poll 1.3.0 SQL Injection  
te:2012-08-07,name:Joomla Joomgalaxy 1.2.0.4 Shell Upload and SQL Injection  
te:2012-08-06,name:Joomla Move 1.0 SQL Injection  
te:2012-07-31,name:Joomla Odudeprofile 2.x SQL Injection  
te:2012-07-24,name:Joomla Hello Local File Inclusion  
te:2012-07-16,name:Joomla KSAdvertiser Shell Upload  
te:2012-06-25,name:Joomla Szallasok SQL Injection  
te:2012-06-20,name:Joomla hwdVideoShare Shell Upload  
te:2012-06-17,name:Joomla Dione FileUploader 1.0.1 Shell Upload  
te:2012-06-17,name:Joomla Maian Media 1.5.8.x Shell Upload  
ate:2012-06-13,name:Joomla Joomsport SQL Injection \/ Shell Upload  
ate:2012-06-13,name:Joomla Alphacontent SQL Injection  
ate:2012-06-08,name:Joomla com_eslamiat Sql Injection Vulnerability  
ate:2012-05-12,name:Joomla 2.5.4 Cross Site Scripting  
ate:2012-05-04,name:Joomla 1.5.26 ja_purity Cross Site Scripting  
ate:2012-04-28,name:Joomla Video Gallery Local File Inclusion \/ SQL Injection  
ate:2012-04-28,name:Joomla CCNewsLetter 1.0.7 SQL Injection  
ate:2012-04-21,name:Joomla JA T3-Framework Directory Traversal  
ate:2012-04-21,name:Joomla com_ponygallery SQL Injection  
ate:2012-04-21,name:Joomla! Plugin Beatz 1.x <= Multiple Cross Site Scripting Vulnerabilities  
ate:2012-03-20,name:Joomla Time Based SQL Injection  
ate:2012-03-20,name:Joomla Component com_golfstats (uid) SQL Injection Vulnerability  
ate:2012-02-23,name:Joomla Dtregister SQL Injection  
ate:2012-02-22,name:Joomla XVS Local File Inclusion  
ate:2012-02-22,name:Joomla X-Shop SQL Injection  
ate:2012-02-22,name:Joomla Xcomp Local File Inclusion  
ate:2012-02-04,name:Joomla modules (mod_currencyconverter) XSS Vulnerability  
ate:2012-02-04,name:Joomla com_bbs SQL Injection  
ate:2012-02-04,name:Joomla com_cmotour SQL Injection  
ate:2012-02-04,name:Joomla com_firmy SQL Injection  
ate:2012-02-03,name:Joomla Visa SQL Injection \/ Local File Inclusion  
ate:2012-01-29,name:Joomla Sadnews Local File Inclusion  
ate:2012-01-29,name:Joomla Funny News Local File Inclusion  
ate:2012-01-29,name:Joomla Autographbook Local File Inclusion  
ate:2012-01-28,name:Joomla Component com_br LFI Vulnerability  
ate:2012-01-28,name:Joomla com_boss Local File Inclusion  
ate:2012-01-27,name:Joomla com_full SQL Injection  
ate:2012-01-27,name:Joomla com_some Local File Inclusion  
ate:2012-01-27,name:Joomla com_car SQL Injection  
ate:2012-01-22,name:Joomla KP Local File Inclusion  
ate:2012-01-22,name:Joomla Sanpham SQL Injection  
ate:2012-01-22,name:Joomla Bulkenquery Local File Inclusion  
ate:2012-01-18,name:Joomla Discussions Component (com_discussions) SQL Injection  
ate:2012-01-17,name:Joomla Contushdvideoshare SQL Injection  
ate:2012-01-02,name:Joomla Simple File Upload 1.3 Remote Code Execution  
ate:2012-01-02,name:Simple File Upload v1.3 (module for joomla) Remote Code Execution Exploit  
ate:2012-01-02,name:Joomla Component Jobprofile (com_jobprofile) SQL Injection Vulnerability  
ate:2011-12-24,name:Joomla Dshop SQL Injection  
ate:2011-12-24,name:Joomla Tsonymf SQL Injection  
ate:2011-12-24,name:Joomla Caproductprices SQL Injection  
ate:2011-11-21,name:Joomla Content Blind SQL Injection  
ate:2011-11-21,name:Joomla ALFContact 1.9.3 Cross Site Scripting  
ate:2011-11-09,name:Joomla Autartimonial SQL Injection  
ate:2011-11-09,name:Joomla VideoWhisper 2 Way Video Chat Cross Site Scripting  
ate:2011-11-09,name:Joomla NeoRecruit SQL Injection  
ate:2011-11-09,name:Joomla PaymentsPlus Blind SQL Injection  
ate:2011-11-09,name:Canteen Joomla Component 1.0 Multiple Remote Vulnerabilities  
ate:2011-11-09,name:Joomla  Component  com_wmtpic  SQL Injection Vulnerability  
ate:2011-11-09,name:Joomla HM Community SQL Injection \/ Cross Site Scripting  
ate:2011-11-09,name:Joomla Alameda 1.0 SQL Injection  
ate:2011-11-01,name:Joomla Techfolio 1.0 SQL Injection  
ate:2011-10-30,name:Joomla YJ Contact Local File Inclusion  
ate:2011-10-15,name:Joomla Directory Tree SQL Injection  
ate:2011-10-15,name:Joomla Camelcitydb2 2.2 SQL Injection  
ate:2011-10-15,name:Joomla Component Multiple Blind SQL Injection Vulnerabilities  
ate:2011-10-15,name:Joomla Slideshow SQL Injection  
ate:2011-10-15,name:Joomla Restaurant Guide Cross Site Scripting \/ Local File Inclusion \/ SQL Injection  
ate:2011-10-15,name:Amblog 1.0 Joomla Component Multiple SQL Injection Vulnerabilities  
ate:2011-10-15,name:TimeTrack 1.2.4 Joomla Component Multiple SQL Injection Vulnerabilities  
ate:2011-10-15,name:Joomla Component (com_sgicatalog) <= SQL Injection Vulnerability  
ate:2011-10-15,name:Joomla Component (com_expedition) <= SQL Injection Vulnerability  
ate:2011-10-10,name:Joomla Barter Site Cross Site Scripting \/ SQL Injection  
ate:2011-10-10,name:JE Guestbook 1.0 Joomla Component Multiple Remote Vulnerabilities  
ate:2011-10-10,name:Joomla com_clubmanager SQL Injection  
ate:2011-10-10,name:Joomla Component Time Returns (com_timereturns) SQL Injection Vulnerability  
ate:2011-10-10,name:Joomla Time Returns SQL Injection  
ate:2011-10-10,name:Joomla Estate Agent SQL Injection  
ate:2011-10-10,name:Joomla Component ccinvoices SQL Injection Vulnerability  
ate:2011-10-10,name:Joomla! 1.7.0 Cross Site Scripting  
ate:2011-10-02,name:Joomla Component (com_biitatemplateshop) SQL Injection  
ate:2011-08-19,name:Joomla JoomTouch 1.0.2 Local File Inclusion  
ate:2011-08-12,name:TNR Enhanced Joomla Search 3.0.0 SQL Injection  
ate:2011-08-06,name:Joomla Astra SQL Injection  
ate:2011-08-03,name:Joomla obSuggest Local File Inclusion  
ate:2011-08-03,name:Joomla Component Testimonialku 2.1 Persistent XSS Vulnerability  
ate:2011-07-27,name:Joomla! 1.7.0-RC \/ 1.6.x Cross Site Scripting  
ate:2011-07-27,name:Joomla Component (com_pobierz) Remote File Disclouse  
ate:2011-07-25,name:Joomla Appointment Booking Pro Arbitrary File Reading  
ate:2011-07-15,name:Joomla SOBI2 2.9.3.2 SQL Injection  
ate:2011-07-15,name:Joomla Xmap 1.2.11 Blind SQL Injection  
ate:2011-07-14,name:Joomla mdigg SQL Injection  
ate:2011-07-03,name:Joomla CSVUploader SQL Injection  
ate:2011-07-03,name:JoomlaXi Cross Site Scripting  
ate:2011-07-03,name:Joomla Morfeoshow SQL Injection  
ate:2011-07-01,name:Joomla Calc Builder Blind SQL Injection  
ate:2011-06-30,name:Joomla A Cool Debate 1.0.3 Local File Inclusion  
ate:2011-06-22,name:Joomla Minitek FAQ Book 1.3 SQL Injection  
ate:2011-06-04,name:Joomla CCBoard SQL Injection \/ Shell Upload  
ate:2011-06-02,name:Joomla JMSFileSeller Local File Inclusion  
ate:2011-06-02,name:Joomla Shop SQL Injection  
ate:2011-05-19,name:Joomla versioning SQLi Vulnerability  
ate:2011-05-19,name:Joomla Hello SQL Injection  
ate:2011-05-08,name:JS Calendar 1.5.1 Joomla Component Multiple Remote Vulnerabilities  
ate:2011-04-20,name:Joomla Phocadownload Local File Inclusion  
ate:2011-04-20,name:Joomla Virtuemart Latestprod Remote File Inclusion  
ate:2011-04-18,name:Joomla Virtuemart Featureprod Remote File Inclusion  
ate:2011-04-13,name:Joomla Extensions 1.6.0 SQL Injection  
ate:2011-03-21,name:Joomla Book Library SQL Injection  
ate:2011-03-18,name:Joomla! 1.6.0 Cross Site Scripting (XSS) Vulnerability  
ate:2011-03-18,name:Joomla! 1.6.0 SQL Injection Vulnerability  
ate:2011-03-10,name:Joomla Jsjobs Blind SQL Injection  
ate:2011-03-01,name:Joomla MyGarage SQL Injection  
ate:2011-02-22,name:Joomla Component JE Event Calendar LFI Vulnerability  
ate:2011-02-22,name:Joomla Component JE  Quote Form LFI Vulnerability  
ate:2011-02-12,name:Joomla! 1.5 \/ 1.6 JFilterinput Cross Site Scripting Bypass  
ate:2011-01-25,name:allCineVid Joomla Component 1.0.0 Blind SQL Injection Vulnerability  
ate:2011-01-25,name:Joomla allCineVid 1.0.0 Blind SQL Injection  
ate:2011-01-22,name:Joomla People 1.0.0 SQL Injection  
ate:2011-01-22,name:Joomla People Component 1.0.0 Local File Inclusion  
ate:2011-01-22,name:People Joomla Component 1.0.0 Local File Inclusion Vulnerability  
ate:2011-01-22,name:Joomla! 1.0.x ~ 1.0.15 Cross Site Scripting (XSS) Vulnerability  
ate:2011-01-11,name:Joomla 1.0.15 Cross Site Scripting  
ate:2011-01-11,name:JQuarks4s Joomla Component 1.0.0 Blind SQL Injection Vulnerability  
ate:2011-01-01,name:Joomla Ads Manager Remote File Inclusion  
ate:2010-12-23,name:Joomla XGallery 1.0 Local File Inclusion  
ate:2010-12-23,name:The Joomla Hacking Compendium 1.0  
ate:2010-12-23,name:Joomla Jotloader 2.2.1 Local File Inclusion  
ate:2010-12-23,name:Joomla Component RokQuickCart LFI  
ate:2010-12-23,name:Joomla Component (com_lyftenbloggie) XSS\/HTML Vulnerability  
ate:2010-12-13,name:Joomla 1.5.22 Cross Site Scripting  
ate:2010-12-13,name:Joomla Billy Portfolio 1.1.2 Blind SQL Injection  
ate:2010-12-13,name:Joomla JE Messenger 1.0 Shell Upload  
ate:2010-12-13,name:Joomla JE Auto 1.0 SQL Injection  
ate:2010-12-13,name:Joomla Component Social User List SQL Injection  
ate:2010-12-05,name:Joomla JE Ajax Event Calendar SQL Injection  
ate:2010-12-03,name:Joomla Component (com_annuaire) SQL Injection Vulnerability  
ate:2010-12-03,name:Joomla Component (com_competitions) SQL Injection  
ate:2010-12-03,name:Joomla Component (com_competitions) XSS\/HTML Vulnerability  
ate:2010-12-03,name:Joomla Component (com_storedirectory) SQL Injection Vulnerability  
ate:2010-12-03,name:Joomla Component (com_catalogue) SQL Injection Vulnerability  
ate:2010-12-03,name:Joomla Component (com_catalogue) LFI Vulnerability  
ate:2010-11-28,name:Joomla Component Joomap 1.5 LFI  
ate:2010-11-26,name:Joomla Component (btg_pretraga) XSS\/HTML Vulnerability  
ate:2010-11-26,name:Joomla Component (btg_vidi_oglas) XSS\/HTML Vulnerability  
ate:2010-11-25,name:Joomla Component flipwall SQL Injection Vulnerability  
ate:2010-11-25,name:Joomla Component sponsorwall SQL Injection Vulnerability  
ate:2010-11-25,name:Joomla Component (com_jeajaxeventcalendar) Blind SQLi Vulnerability  
ate:2010-11-25,name:Joomla Component (com_jeajaxeventcalendar) LFI Vulnerability  
ate:2010-11-25,name:Joomla Component com_news_portal Local File Inclusion Vulnerability  
ate:2010-11-25,name:Joomla Component com_ninjarsssyndicator Local File Inclusion Vulnerability  
ate:2010-11-24,name:Joomla Component com_jsupport SQL Injection Vulnerability  
ate:2010-11-24,name:Joomla Component com_jsupport Critical XSS Vulnerability  
ate:2010-11-16,name:Joomla Component com_alfurqan15x SQL injection  
ate:2010-11-16,name:Joomla Component (com_maianmedia) SQL Injection Vulnerability  
ate:2010-11-16,name:Joomla Component Phocadownload RFI Vulnerability  
ate:2010-11-16,name:Joomla Component Jcomments RFI Vulnerability  
ate:2010-11-16,name:Joomla Component AutoArticles 3000 Blind SQL Injection  
ate:2010-11-16,name:Joomla Component Joomla! 1.6 b13 grants SQL Injection  
ate:2010-11-16,name:The Joomla swMenuPro component remote file inclusion vulnerability  
ate:2010-11-16,name:The Joomla Wisroyq component local file inclusion vulnerability  
ate:2010-11-05,name:The Joomla User component 1.5 local file inclusion vulnerability  
ate:2010-11-05,name:The Joomla Xplorer component 1.6.2 remote file inclusion vulnerability  
ate:2010-11-05,name:The Joomla Smartformer component 2.4 remote file inclusion vulnerability  
ate:2010-11-04,name:Joomla 1.5.21 Potential SQL Injection Flaws  
ate:2010-11-04,name:Joomla! CMS 1.5.20 remote SQL injection  
ate:2010-11-04,name:Joomla Component com_faqs Remote SQL Injection Vulnerability  
ate:2010-11-04,name:Joomla  Component com_mailchimpccnewsletter LFI Vulnerability  
ate:2010-11-04,name:The Joomla Jcars component remote SQL injection vulnerability  
ate:2010-10-31,name:Joomla  Component com_projects LFI & SQL Vulnerability  
ate:2010-10-31,name:The Joomla Calendrier component remote file inclusion vulnerability  
ate:2010-10-29,name:The Joomla Pinboard component remote file inclusion vulnerability  
ate:2010-10-15,name:Joomla Component com_jstore LFI Vulnerability  
ate:2010-10-15,name:Joomla Component com_rwcards RFI Vulnerability  
ate:2010-10-15,name:Joomla Component com_pollxt LFI Vulnerability  
ate:2010-10-14,name:Joomla! 1.5.20 <= Cross Site Scripting (XSS) Vulnerability  
ate:2010-10-14,name:Joomla Component com_mgm RFI Vulnerability  
ate:2010-10-14,name:Joomla Component com_pollx LFI Vulnerability  
ate:2010-10-14,name:Joomla Component com_jcs RFI Vulnerability  
ate:2010-10-14,name:Joomla Component com_jeformcr LFI Vulnerability  
ate:2010-10-14,name:Joomla Component com_joomlapicasa2 LFI Vulnerability  
ate:2010-10-14,name:Joomla Component com_lurm RFI Vulnerability  
ate:2010-10-14,name:The Joomla Bsadv component local file inclusiond directory traversal  
ate:2010-10-06,name:Joomla Component com_jeeventcalendar - Local File Inclusion  
ate:2010-10-06,name:The Joomla JE Guestbook component 1.0 local file inclusiond remote blind SQL injection  
ate:2010-09-28,name:Joomla (com_content) Component com_ezautos File Upload Vulnerability  
ate:2010-09-28,name:The Joomla TimeTrack component 1.2.4 multiple remote SQL injection  
ate:2010-09-27,name:The Joomla EZ Autos component remote SQL injection vulnerability  
ate:2010-09-22,name:The Joomla Spain component remote SQL injection vulnerability  
ate:2010-09-22,name:JPhone 1.0 Alpha 3 Component Joomla Local File Inclusion  
ate:2010-09-20,name:Joomla Component com_nkc 2.0.b Beta SQL Injection Vulnerability  
ate:2010-09-20,name:Joomla Component (com_profil) Blind Injection Vulnerability  
ate:2010-09-14,name:The Joomla NKC component 2.0.b Beta remote SQL injection  
ate:2010-09-14,name:The Joomla Aardvertiser component 2.1 remote blind SQL injection  
ate:2010-09-13,name:The Joomla Clantools component 1.5 remote blind SQL injection vulnerability  
ate:2010-09-13,name:The Joomla Clantools component 1.5 remote blind SQL injection  
ate:2010-09-13,name:The Joomla Clantools component 1.2.3 blind SQL injection  
ate:2010-09-13,name:iJoomla Magazine 3.0.1 remote file inclusion vulnerability.  
ate:2010-09-03,name:The Joomla JE FAQ component remote blind SQL injection vulnerability  
ate:2010-09-03,name:The Joomla PicSell component file disclosure vulnerability  
ate:2010-08-29,name:Joomla! Component com_bc Cross Script Scripting (XSS) Vulnerability  
ate:2010-08-27,name:The Joomla BCAccount component persistent cross site scripting  
ate:2010-08-27,name:The Joomla Newspaper component remote SQL injection vulnerability.  
ate:2010-08-27,name:The Joomla Lesson component remote SQL injection  
ate:2010-08-27,name:The Joomla Extcalendar component remote blind SQL injection  
ate:2010-08-27,name:The Joomla Dirfrm component remote SQL injection  
ate:2010-08-27,name:The Mambo \/ Joomla HeXimage component 2.1.2 remote SQL injection  
ate:2010-08-18,name:The Joomla cgTestimonial component 2.2 cross site scriptingd shell upload  
ate:2010-08-10,name:The Joomla Rokin component cross site scripting vulnerability.  
ate:2010-08-10,name:The Joomla Neorecruit component 1.4 remote SQL injection vulnerability.  
ate:2010-08-10,name:Joomla \com_youtube\  SQL Injection Vulnerability  
ate:2010-08-10,name:Joomla Visites 1.1 RC2 Remote File Inclusion Vulnerability  
ate:2010-08-10,name:Joomla Component Foobla Suggestions Local File Inclusion  
ate:2010-08-10,name:Joomla Component (com_staticxt) SQL Injection Vulnerability  
ate:2010-08-10,name:TTVideo 1.0 Joomla Component SQL Injection Vulnerability  
ate:2010-08-05,name:Joomla TTVideo component 1.0 remote SQL injection  
ate:2010-07-28,name:Joomla Music Manager Component LFI Vulnerability  
ate:2010-07-28,name:Joomla BookLibrary From Same Author Module \id\ SQL Injection  
ate:2010-07-28,name:ArtForms 2.1b7.2 RC2 Joomla Component Multiple Remote Vulnerabilities  
ate:2010-07-28,name:Joomla Ozio Gallery remote SQL injection  
ate:2010-07-27,name:The Joomla Joomdle components 0.24 remote SQL injection  
ate:2010-07-27,name:Joomla   Component  (com_quickfaq)  BSQL-i Vulnerability  
ate:2010-07-27,name:Joomla Component Joomdle SQL vulnerability  
ate:2010-07-27,name:Joomla Component com_golfcourseguide SQL Injection Vulnerability  
ate:2010-07-27,name:Joomlas 1.5.19 and below cross site scripting  
ate:2010-07-19,name:Joomla Component Realtyna Translator Local File Inclusion Vulnerability  
ate:2010-07-19,name:Joomla jesectionfinder LFI Vulnerability  
ate:2010-07-13,name:Joomla Component com_weblinks Sql Injection Vulnerability  
ate:2010-07-13,name:Joomla Component com_xmap Sql Injection Vulnerability  
ate:2010-07-13,name:Joomla Component com_redshop 1.0 (pid) SQL Injection Vulnerability  
ate:2010-07-13,name:The Joomla Jobs Pro component remote blind SQL injection  
ate:2010-07-12,name:The Joomla JPodium component remote SQL injection  
ate:2010-07-05,name:The Joomla Eventcal component 1.6.4 remote blind SQL injection  
ate:2010-07-04,name:Joomla com_awd_song persistent xss Vulnerability  
ate:2010-07-04,name:Joomla Component com_gamesbox 1.0.2 (id) SQL Injection Vulnerability  
ate:2010-07-04,name:Joomla Component JFaq 1.2 Multiple Vulnerabilities  
ate:2010-07-04,name:Joomla JE Ajax event calendar SQL Vulnerable  
ate:2010-07-04,name:Joomla Component com_donateprocess 0.8.5 (project_id) SQL Injection Vulnerability  
ate:2010-06-30,name:Joomla Component RSComments 1.0.0 Multiple XSS  
ate:2010-06-30,name:Joomla Component Picasa2Gallery LFI vulnerability  
ate:2010-06-30,name:Joomla Component com_ybggal 1.0 (catid) SQL Injection Vulnerability  
ate:2010-06-30,name:Joomla Component com_ybggal 1.0 (catid) SQL Injection Vulnerability  
ate:2010-06-15,name:Joomla Component com_bfsurvey (tamlyncreative 1.3.0)  Local File Inlusion  
ate:2010-06-15,name:Joomla! BF Survey Pro 'catid' Parameter SQL Injection Vulnerability  
ate:2010-06-13,name:The Joomla DJ Art Gallery component 0.9.1 SQL Inj and XSS  
ate:2010-06-05,name:Joomla component SimpleDownload Local File Inclusion  
ate:2010-06-04,name:The Joomla ChronoForms component blind SQL injection  
ate:2010-06-04,name:The Joomla JS Jobs component 1.0.5.8 remote SQL injection  
ate:2010-06-04,name:Joomla Component BF Quiz SQL Injection Vulnerability  
ate:2010-06-04,name:Joomla Component com_jejob 1.0 (catid) SQL Injection Vulnerability  
ate:2010-06-04,name:Joomla Component Reservations XSS Vulnerability  
ate:2010-06-04,name:Joomla Component My Car Multiple Vulnerabilities  
ate:2010-06-04,name:Joomla Component MediQnA LFI vulnerability  
ate:2010-05-30,name:Joomla Component com_konsultasi (sid) SQL Injection Vulnerability  
ate:2010-05-30,name:Joomla Component MS Comment 0.8.0 LFI Vulnerability  
ate:2010-05-30,name:Joomla Component ActiveHelper LiveHelp 2.0.3 XSS Vulnerabilities  
ate:2010-05-30,name:Joomla Component FDione Form Wizard lfi vulnerability  
ate:2010-05-29,name:Joomla Component Percha Gallery 1.6 Local File Inclusion Vulnerability  
ate:2010-05-29,name:Joomla Component Percha Fields Attach 1.0 Local File Inclusion Vulnerability  
ate:2010-05-29,name:Joomla Component Percha Downloads Attach 1.1 Local File Inclusion Vulnerability  
ate:2010-05-28,name:Joomla Component Percha Image Attach 1.1 Local File Inclusion Vulnerability  
ate:2010-05-28,name:Joomla Component Percha Categories 0.6 Tree Local File Inclusion Vulnerability  
ate:2010-05-28,name:Joomla Component redTWITTER Local File Inclusion Vulnerability  
ate:2010-05-28,name:Joomla Component BeeHeard Lite Local File Inclusion Vulnerability  
ate:2010-05-24,name:Joomla Component Gadget Factory Local File Inclusion Vulnerability  
ate:2010-05-24,name:Joomla Component Love Factory Local File Inclusion Vulnerability  
ate:2010-05-24,name:Joomla Component Deluxe Blog Factory Local File Inclusion Vulnerability  
ate:2010-05-24,name:Joomla Component OrgChart 1.0.0 Local File Inclusion Vulnerability  
ate:2010-05-21,name:Joomla Component ActiveHelper LiveHelp XSS Vulnerabilities  
ate:2010-05-21,name:The Joomla Job component local file inclusion  
ate:2010-05-21,name:The Joomla Classifieds component remote SQL injection  
ate:2010-05-21,name:The Joomla Hotproperty component cross site scripting  
ate:2010-05-21,name:The Joomla Zelig component remote SQL injection  
ate:2010-05-21,name:The Joomla Store component cross site scripting  
ate:2010-05-21,name:The Joomla Event component local file inclusion  
ate:2010-05-21,name:The Joomla Product component local file inclusion  
ate:2010-05-20,name:The Joomla Camp component remote SQL injection  
ate:2010-05-20,name:The Joomla Simple Download component local file inclusion  
ate:2010-05-20,name:The Joomla 3d User Cloud module cross site scripting  
ate:2010-05-14,name:Joomla (com_aardvertiser) V2.0 Local File Inclusion  
ate:2010-05-14,name:The Joomla Camp26 Visitor Data component 1.1 code execution  
ate:2010-05-13,name:Joomla Component Online Market 2.0 Local File Inclusion Vulnerability  
ate:2010-05-13,name:Joomla Component MT Fire Eagle 1.2 Local File Inclusion Vulnerability  
ate:2010-05-13,name:Joomla Component Online Exam 1.5.0 Local File Inclusion Vulnerability  
ate:2010-05-06,name:Joomla Component QPersonel 1.0.2 SQL Injection Vulnerability  
ate:2010-05-06,name:Joomla Component Arcade Games 1.0 Local File Inclusion Vulnerability  
ate:2010-05-06,name:Joomla Component graphics (com_graphics) 1.0.6\/1.5.0 LFI Vulnerability  
ate:2010-05-06,name:Joomla 1.6.0-Alpha2 cross site scripting  
ate:2010-05-05,name:Joomla Component ZiMB Manager 0.1 Local File Inclusion Vulnerability  
ate:2010-05-05,name:Joomla Component ZiMB Comment 0.8.1 Local File Inclusion Vulnerability  
ate:2010-05-05,name:Joomla Component JA Comment Local File Inclusion Vulnerability  
ate:2010-05-05,name:Joomla Component Media Mall Factory 1.0.4 Blind SQLi Vulnerability  
ate:2010-04-30,name:Joomla Component PowerMail Pro 1.5.3 Local File Inclusion Vulnerability  
ate:2010-04-30,name:The Joomla SmartSite component local file inclusion  
ate:2010-04-30,name:The Joomla NoticeBoard component 1.3 local file inclusion  
ate:2010-04-30,name:The Joomla Ultimate Portfolio component 1.0 local file inclusion  
ate:2010-04-30,name:Joomla ABC component 1.1.7 remote SQL injection  
ate:2010-04-30,name:Joomla Freestyle FAQ Lite Component 1.3 (faqid) SQL Injection  
ate:2010-04-30,name:Joomla Component Matamko 1.01 Local File Inclusion Vulnerability  
ate:2010-04-30,name:Joomla Component com_joltcard SQL Injection Vulnerability  
ate:2010-04-30,name:Joomla Component com_radio SQL injection vulnerability  
ate:2010-04-30,name:Joomla Component AWDwall-Joomla 1.5.4 LFI & SQLi [cbuser] Vulnerability  
ate:2010-04-30,name:Joomla Component MMS Blog 2.3.0 Local File Inclusion Vulnerability  
ate:2010-04-26,name:Joomla! Joaktree 1.0 component SQL injection vulnerability  
ate:2010-04-26,name:Joomla Component MojoBlog Multiple Remote File Include vulnerability  
ate:2010-04-26,name:Joomla Component Quick News SQL injection vulnerability  
ate:2010-04-26,name:The Joomla Portfolio component local file inclusion  
ate:2010-04-25,name:Joomla Component RokModule 1.1 Blind SQLi [moduleid] Vulnerability  
ate:2010-04-25,name:Joomla Component Jfeedback! 1.2 Local File Inclusion Vulnerability  
ate:2010-04-25,name:Joomla Component com_sermonspeaker SQL Injection Vulnerability  
ate:2010-04-21,name:The Joomla JTM Reseller component 1.9 Beta remote SQL injection  
ate:2010-04-21,name:Joomla Component AlphaUserPoints 1.5.5 Local File Inclusion Vulnerability  
ate:2010-04-21,name:Joomla Component Preventive And Reservation 1.0.5 Local File Inclusion Vulnerability  
ate:2010-04-21,name:Joomla Component Sweetykeeper Local File Inclusion Vulnerability  
ate:2010-04-21,name:Joomla Component Horoscope 1.5.0 Local File Inclusion Vulnerability  
ate:2010-04-21,name:Joomla Component Web TV 1.0 Local File Inclusion Vulnerability  
ate:2010-04-21,name:Joomla Component JProject Manager 1.0 Local File Inclusion Vulnerability  
ate:2010-04-21,name:Joomla Component Multi-Venue Restaurant Menu Manager 1.5.2 SQL Injection  
ate:2010-04-21,name:The Joomla Contact Us Draw Root Map component 1.1 local file inclusion  
ate:2010-04-21,name:The Joomla Contact Us Google Map component 1.2 local file inclusion  
ate:2010-04-21,name:Joomla Component com_hdflvplayer 1.3 SQL injection exploit - (id)  
ate:2010-04-21,name:Joomla Component VJDEO 1.0.1 LFI Vulnerability  
ate:2010-04-21,name:Joomla Component com_loginbox LFI Vulnerability  
ate:2010-04-21,name:Joomla Component com_ckforms 1.3.3 Multiple Vulns.  
ate:2010-04-21,name:The Joomla Easy Ad Banner component 0.25 local file inclusion vulnerability  
ate:2010-04-21,name:The Joomla AddressBook component 1.5.0 local file inclusion vulnerability  
ate:2010-04-21,name:The Joomla FLEXIcontent component 1.5 local file inclusion vulnerability  
ate:2010-04-21,name:Joomla Component Jvehicles (aid) SQL Injection Vulnerability  
ate:2010-04-21,name:Joomla Component com_jp_jobs 1.2.0 (id) SQL Injection Vulnerability  
ate:2010-04-13,name:Joomla Component webERPcustomer 1.2.1 Local File Inclusion  
ate:2010-04-13,name:Joomla Magic Updater (com_joomlaupdater) LFI Vulnerability  
ate:2010-04-13,name:Joomla Component Picasa 2.0 LFI Vulnerability  
ate:2010-04-13,name:Joomla Component JInventory 1.23.02 Local File Inclusion  
ate:2010-04-13,name:Joomla Component DW Graph Local File Inclusion  
ate:2010-04-13,name:Joomla Component JA Voice LFI vulnerability  
ate:2010-04-13,name:The Joomla Agenda component 1.0.1 remote SQL injection  
ate:2010-04-13,name:The Joomla HuruHelpDesk component remote SQL injection  
ate:2010-04-13,name:The Joomla Webee 2.0 local file inclusion  
ate:2010-04-07,name:Joomla component jp_jobs 1.4.1 SQL Injection vulnerability  
ate:2010-04-07,name:Joomla Component redSHOP 1.0.x Local File Inclusion Vulnerability  
ate:2010-04-07,name:Joomla Component XOBBIX 1.0.x [prodid] SQL Injection Vulnerability  
ate:2010-04-07,name:Joomla Component com_bca-rss-syndicator local file inclusion  
ate:2010-04-07,name:Joomla Component com_svmap 1.1.1 local file inclusion  
ate:2010-04-07,name:Joomla Component News Portal 1.5.0 Local File Inclusion Vulnerability  
ate:2010-04-07,name:Joomla Component J!WHMCS Integrator 1.5.0 Local File Inclusion Vulnerability  
ate:2010-04-07,name:Joomla Component Saber Cart 1.0.0.12 Local File Inclusion Vulnerability  
ate:2010-04-07,name:Joomla Component Joomla Flickr Local File Inclusion Vulnerability  
ate:2010-04-07,name:Joomla Component Juke Box Local File Inclusion Vulnerability  
ate:2010-04-07,name:Joomla Component Highslide JS 1.5 Local File Inclusion Vulnerability  
ate:2010-04-07,name:Joomla Component Appointment 1.5 Local File Inclusion Vulnerability  
ate:2010-04-07,name:Joomla Component Affiliate Feeds 880 Local File Inclusion Vulnerability  
ate:2010-04-07,name:Joomla Component Fabrik 2.0 Local File Inclusion Vulnerability  
ate:2010-04-03,name:joomla component & plugin JE Tooltip Local File Inclusion  
ate:2010-04-03,name:Joomla Component com_adds Blind SQL Injection Vulnerability  
ate:2010-04-03,name:Joomla Component com_agency SQL Injection Vulnerability  
ate:2010-04-03,name:Joomla Component com_tariff SQL Injection Vulnerability  
ate:2010-04-03,name:Joomla Component com_units SQL Injection Vulnerability  
ate:2010-04-03,name:Joomla Component com_solution SQL Injection Vulnerability  
ate:2010-04-03,name:Joomla Component dcsFlashGames SQL Vulnerability ( catid )  
ate:2010-03-28,name:Joomla component com_universal <= Remote File Inclusion Vulnerability  
ate:2010-03-28,name:Joomla Component com_software SQL Injection Vulnerability  
ate:2010-03-28,name:Joomla Component com_wallpapers SQL Injection Vulnerability  
ate:2010-03-28,name:Joomla Component com_communitypolls LFI Vulnerability  
ate:2010-03-28,name:Joomla Component com_rokdownloads Local File Inclusion Vulnerability  
ate:2010-03-28,name:Joomla component com_extplorer_2.0.1_pt-BR <= Multiple Vulnerability  
ate:2010-03-28,name:Joomla component com_jwmmxtd <= Remote File Inclusion  
ate:2010-03-28,name:The Joomla SMEStorage component local file inclusion  
ate:2010-03-28,name:The Joomla CB component remote SQL injection  
ate:2010-03-28,name:The Joomla J!Research component local file inclusion  
ate:2010-03-28,name:The Joomla CX component remote SQL injection  
ate:2010-03-28,name:The Joomla GDS component remote SQL injection  
ate:2010-03-23,name:Joomla Component com_cartweberp 1.56.75 Local File Inlusion  
ate:2010-03-23,name:Joomla Component com_tpjobs Blind SQL injection Vulnerability  
ate:2010-03-23,name:The Joomla VXDate comp xss, path disclosure and SQL injection  
ate:2010-03-16,name:The Joomla NFN Address Book component remote SQL injection  
ate:2010-03-16,name:The Joomla GCalendar component 2.1.5 local file inclusion vulnerability  
ate:2010-03-16,name:The Joomla D-Greinar component cross site scripting  
ate:2010-03-16,name:The Joomla Juliaportfolio component local file inclusion  
ate:2010-03-16,name:Joomla Component com_party SQL Injection Vulnerability  
ate:2010-03-15,name:Joomla Component com_color SQL Injection Vulnerability  
ate:2010-03-15,name:Joomla Component com_gigfe Remote SQL Injection  
ate:2010-03-15,name:Joomla Component com_blog Remote SQL Injection  
ate:2010-03-15,name:Joomla Component com_hotbrackets Blind SQL injection Vulnerability  
ate:2010-03-15,name:Joomla Component com_jashowcase Directory Travel  
ate:2010-03-15,name:Joomla Component com_jvideodirect Direcotry Travel  
ate:2010-03-15,name:Joomla Component com_jcollection Direcotry Travel  
ate:2010-03-10,name:Joomla (com_autartitarot) Directory Traversal Vulnerability  
ate:2010-03-09,name:Core Design Scriptegrator plugin for Joomla! 1.5 file inclusion  
ate:2010-03-09,name:Joomla (JE Quiz component 1.0) BLIND SQL Injection Vulnerability  
ate:2010-03-02,name:The Joomla JoomlaConnect_be component remote SQL injection  
ate:2010-03-02,name:Joomla 1.5.15 Persistant XSS in 'Author Alias'  
ate:2010-03-02,name:Joomla Component com_perchagallery 1.4 SQL Injection Vulnerability  
ate:2010-02-23,name:The Joomla ACStartSeite component SQL injection vulnerability  
ate:2010-02-23,name:The Joomla RWCards component local file inclusion vulnerability  
ate:2010-02-20,name:Joomla Jw_allVideos 1.0 remote file download vulnerability  
ate:2010-02-20,name:Joomla Component com_simplefaq (catid) Blind Sql Injection Vulnerability  
ate:2010-02-20,name:Joomla (jw_allvideos Plugin) 1.0 Remote File Download Vulnerability  
ate:2010-02-14,name:Joomla (com_photoblog) Blind Sql Injection Vulnerability  
ate:2010-02-06,name:Joomla (com_gambling) SQL Injection Vulnerabilities  
ate:2010-02-06,name:The Joomla RSGallery2 component remote SQL injection  
ate:2010-02-06,name:Joomla (com_casino) 1.0 SQL Injection Vulnerabilities  
ate:2010-02-06,name: The Joomla jVideoDirect component 1.1 RC3b blind SQL injection  
ate:2010-02-06,name:Joomla (com_mochigames) SQL Injection Vulnerability  
ate:2010-01-29,name:The Joomla Tennis Ladders component remote blind SQL injection  
ate:2010-01-29,name:Joomla Component com_libros SQL Injection Vulnerability  
ate:2010-01-28,name:Joomla Component com_biographies Local File Include  
ate:2010-01-28,name:Joomla Component com_iotaPhotoGallery SQL Injection vulnerability  
ate:2010-01-28,name:Joomla Component com_gurujibook SQL Injection vulnerability  
ate:2010-01-28,name:The Joomla Upcoming News component remote SQL injection  
ate:2010-01-28,name:The Joomla Gameserver component 1.2 remote SQL injection  
ate:2010-01-28,name:Joomla Component com_marketplace v1.2 Cross Site Scripting Vulnerability  
ate:2010-01-23,name:Joomla Component com_articlemanager SQL Injection Vulnerability  
ate:2010-01-23,name:The Joomla ACProjects component remote SQL injection  
ate:2010-01-23,name:The Joomla ACProjects component SQL injection vulnerability  
ate:2010-01-22,name:The Joomla Prime component directory traversal  
ate:2010-01-22,name:The Joomla Uploader component shell upload  
ate:2010-01-14,name:Joomla Component com_jsjobs Multiple SQL injection vulnerability  
ate:2010-01-14,name:Joomla Component com_jphoto SQL injection vulnerability  
ate:2010-01-14,name:Mamboleto Joomla! component Remote File Include Vulneralbility  
ate:2010-01-13,name:Joomla Component com_biblestudy Local File Inlusion  
ate:2010-01-13,name:Joomla Component com_dhforum SQL Injection Vulnerability  
ate:2010-01-13,name:Joomla Component com_artistavenue Cross Site Scripting Vulnerability  
ate:2010-01-13,name:Joomla Component com_facileforms Cross Site Scripting Vulnerabilities  
ate:2010-01-13,name:Joomla Component com_king Blind SQL Injection Vulnerability  
ate:2010-01-07,name:Joomla Jembed component remote blind SQL injection  
ate:2010-01-07,name:Joomla Bamboo Simpla Admin Template suffer from REMOTe sql injection  
ate:2010-01-07,name:Joomla Component com_beeheard Blind SQL injection Vulnerability  
ate:2010-01-07,name:The Joomla J-Projects component remote blind SQL injection  
ate:2010-01-07,name:Joomla Compenent Com_joomlub (aid) Remote SQL Injection Vulnerabilities  
ate:2010-01-07,name:The Joomla StaticXT component cross site scripting  
ate:2010-01-06,name:Joomla Component com_jcalpro Remote FiLe include RFI  
ate:2009-12-30,name:Joomla Component com_joomportfolio Blind SQL Injection Vulnerability  
ate:2009-12-30,name:Joomla Component com_calendario Blind SQL injection Vulnerability  
ate:2009-12-30,name:Joomla Component com_qpersonel Cross Site Scripting Vulnerabilities  
ate:2009-12-30,name:Joomla Component com_oprykningspoint_mc Cross Site Scripting Vulnerabilities  
ate:2009-12-30,name:Joomla Component com_trabalhe_conosco Cross Site Scripting Vulnerabilities  
ate:2009-12-30,name:Joomla Component com_if_nexus Remote File Include  
ate:2009-12-10,name:The Joomla Lyftenbloggie component 1.0.4 SQL injection vulnerability  
ate:2009-12-01,name:Joomla Component com_virtuemart SQL injection vulnerability  
ate:2009-11-30,name:The Joomla G Calendar component 1.1.2 remote SQL injection  
ate:2009-11-30,name:Joomla Component Com_Joomclip (cat) SQL injection  
ate:2009-11-27,name:Joomla Extion iF Portfolio Nexus remote SQL injection  
ate:2009-11-13,name:Joomla Component com_photoblog SQL injection vulnerability  
ate:2009-10-28,name:Joomla Component com_ajaxchat Remote File Include vulnerability \t  
ate:2009-10-28,name:The Joomla JShop component remote SQL injection  
ate:2009-10-28,name:Joomla Book Library component 1.0 remote file inclusion  
ate:2009-10-14,name:Joomla Component com_soundset  (cat_id) Remote SQL Injection Vulnerability  
ate:2009-10-14,name:Joomla Component com_cbresumebuilder (group_id) Remote SQL Injection Vulnerability  
ate:2009-10-04,name:The Joomla IRCm Basic component remote SQL injection  
ate:2009-10-03,name:Joomla Component com_sportfusion Remote SQL injection vuln  
ate:2009-10-03,name:Joomla Component com_fastball Remote SQL injection vulnerability - (league)\t  
ate:2009-10-03,name:Joomla com_mytube (user_id) Blind SQL Injection Exploit  
ate:2009-10-03,name:Mambo\/Joomla com_tupinambis 1.0 SQL Injection  
ate:2009-10-03,name:Joomla Component com_facebook SQL injection vulnerability  
ate:2009-09-29,name:Joomla Component idoblog 1.1b30 (com_idoblog) SQL Injection Vuln  
ate:2009-09-28,name:Joomla Hotel Booking System Component XSS\/SQL Injection Multiple Vulnerability  
ate:2009-09-28,name:Joomla Component AlphaUserPoints SQL Injection Exploit  
ate:2009-09-28,name:Joomla Component Turtushout 0.11 (Name) SQL Injection Vulnerability  
ate:2009-09-28,name:Joomla com_jinc (newsid) Blind SQL Injection Vulnerability  
ate:2009-09-28,name:Joomla com_jbudgetsmagic (bid) Remote SQL Injection Vulnerability  
ate:2009-09-28,name:Joomla com_surveymanager (stype) SQL Injection Vulnerability  
ate:2009-09-26,name:Joomla Component com_album 1.14 Directory Traversal Vulnerability  
ate:2009-09-26,name:Joomla Component com_jreservation 1.5 (pid) Blind SQL Injection Exploit  
ate:2009-09-23,name:The Joomla DJ Catalog component SQL injection  
ate:2009-09-23,name:The Joomla Foobla Suggestions component remote SQL injection  
ate:2009-09-23,name:IXXO Cart! Standalone and Joomla Component SQL Injection  
ate:2009-09-23,name:Joomla Jlord RSS component remote blind SQL injection  
ate:2009-09-17,name:Joomla Component com_digifolio 1.52 (id) SQL Injection Vulnerability  
ate:2009-09-15,name:Joomla Almond Classifieds 7.5 (com_aclassf) Multiple Vulnerabilities  
ate:2009-09-11,name:Joomla Component jabode (id) Remote SQL Injection Vulnerability  
ate:2009-09-04,name:Joomla Component com_gameserver 1.0 (id) SQL Injection Vulnerability  
ate:2009-09-04,name:Joomla Component Agora 3.0.0b (com_agora) LFI Vulnerability  
ate:2009-09-04,name:Joomla Component com_artportal 1.0 (portalid) SQL Injection Vulns  
ate:2009-08-27,name:joomla com_simpleshop SQL Injection(section)  
ate:2009-08-20,name:Joomla Component com_jfusion (Itemid) Blind SQL Injection Vuln  
ate:2009-08-13,name:Joomla Component com_content 1.0.0 (ItemID) SQL Injection Vuln  
ate:2009-08-05,name:Joomla Live Chat SQL Injection  
ate:2009-08-05,name:Joomla Component Akobook 2.3 (gbid) SQL Injection Vulnerability  
ate:2009-08-05,name:Joomla Component com_media_library 1.5.3 RFI Vulnerability  
ate:2009-08-05,name:Joomla Component com_realestatemanager 1.0 RFI Vulnerability  
ate:2009-08-05,name:Joomla Component com_vehiclemanager 1.0 RFI Vulnerability  
ate:2009-08-05,name:Joomla com_booklibrary_1.5.2.4 Remote File Include  
ate:2009-08-05,name:Joomla Component com_amocourse (catid) SQL-injection Vulnerability  
ate:2009-08-05,name:Joomla Component com_pinboard (task) SQL Injection Exploit  
ate:2009-08-05,name:Joomla Component Joomlaequipment 2.0.4 (com_juser) SQL Injection  
ate:2009-07-27,name:Joomla Almond Classifieds 5.6.2 Blind SQL Injection Vuln  
ate:2009-07-16,name:Joomla Component Ice Gallery 0.5b2 (catid) Blind SQL Injection Vuln  
ate:2009-07-15,name:Joomla Component com_php (id) Blind SQL Injection Vulnerability  
ate:2009-07-11,name:Joomla Component com_K2 <= 1.0.1b (category) SQL Injection Vuln  
ate:2009-07-11,name:Joomla com_bookflip (book_id) Remote SQL Injection Vulnerability  
ate:2009-07-10,name:Joomla Component Boy Scout Advancement <= v-0.3 Sql Injection  
ate:2009-07-03,name:Joomla Component DBQuery <= 1.4.1.1 RFI Vulnerability  
ate:2009-07-02,name:Joomla Casino 0.3.1 Multiple SQL Injection Exploits  
ate:2009-06-23,name:Joomla Component com_jumi (fileid) Blind SQL Injection Exploit  
ate:2009-06-23,name:Joomla Component com_ijoomla_rss Blind SQL Injection Exploit  
ate:2009-06-23,name:Joomla Component com_Projectfork 2.0.10 Local File Inclusion Vuln  
ate:2009-06-22,name:Joomla Component com_school 1.4 (classid) SQL Injection Vulnerability  
ate:2009-06-12,name:Joomla Component MooFAQ (com_moofaq) LFI Vulnerability  
ate:2009-06-05,name:Joomla Component AgoraGroup 0.3.5.3 Blind SQL Injection Vulnerability  
ate:2009-06-04,name:Joomla Component ArtForms 2.1 b7 Remote File Inclusion Vulnerabilities  
ate:2009-05-27,name:Joomla Component 'Boy Scout Advancement' <= v-0.3 Multiple SQL Injection  
ate:2009-05-26,name:Joomla com_gsticketsystem (catid) Blind SQL Injection Exploit  
ate:2009-05-05,name:Joomla Component MailTo (article) SQL Injection Vulnerability  
ate:2009-05-05,name:Joomla Component Cmimarketplace (viewit) Directory Traversal Vuln  
ate:2009-04-26,name:Joomla Component rsmonials Remote Cross Site Scxripting Exploit  
ate:2009-04-13,name:Joomla Component Webhosting (catid) Blind SQL Injection Exploit  
ate:2009-04-13,name:Joomla Component com_bookjoomlas 0.1 SQL Injection Vulnerability  
ate:2009-04-09,name:Joomla Component com_bookjoomlas SQL Injection Vulnerability  
ate:2009-03-31,name:Joomla Component MyAlbum 1.0 (album) SQL Injection Vulnerability  
ate:2009-03-23,name:Joomla Component VirtueMart Google Base 1.1 RFI Vulnerability  
ate:2009-03-23,name:Joomla Component Flash Tree Gallery 1.0 RFI Vulnerability  
ate:2009-03-22,name:Joomla Component versioning 1.0.2 (id) SQL Injection Vulnerability  
ate:2009-03-14,name:Joomla Component  prayercenter <= 1.4.9 (id) SQL Injection Vulnerability  
ate:2009-03-14,name:Joomla Component com_mycontent 1.1.13 Blind SQL Injection Exploit  
ate:2009-03-06,name:Joomla Component ongumatimesheet20 4b RFI Vulnerability  
ate:2009-03-06,name:Joomla Component Volunteer 2.0 (job_id) SQL Injection Vulnerability  
ate:2009-03-03,name:gigCalendar 1.0 (banddetails.php) Joomla Component SQL Injection  
ate:2009-02-27,name:Joomla Component com_gigcal (gigcal_gigs_id) SQL Injection Vuln  
ate:2009-02-26,name:Joomla com_phocadocumentation (id) Remote SQL Injection Exploit  
ate:2009-02-26,name:gigCalendar Joomla Component 1.0 SQL Injection  
ate:2009-02-26,name:gigCalendar 1.0 (venuedetails.php) Joomla Component SQL Injection  
ate:2009-02-22,name:Joomla Component Kbase 1.0 Remote SQL Injection Vulnerability  
ate:2009-02-22,name:Joomla Dada Mail Manager Component 2.6 Remote File Inclusion Vulnerability  
ate:2009-02-22,name:Joomla Component ownbiblio 1.5.3 (catid)  SQL Injection Vulnerability  
ate:2009-02-22,name:Joomla Component mad4joomla SQL Injection Vulnerability  
ate:2009-02-22,name:Joomla Component Ignite Gallery 0.8.3 SQL Injection Vulnerability  
ate:2009-02-22,name:Joomla Component RWCards 3.0.11 Local File Inclusion Vulnerability  
ate:2009-02-22,name:Joomla Component com_joomradio SQL Injection  
ate:2009-02-17,name:Joomla Component Thyme 1.0 (event) SQL Injection Vulnerability  
ate:2009-02-16,name:Joomla Component Portfol (vcatid) SQL Injection Vulnerability  
ate:2009-02-10,name:Joomla Component Joomtracker 1.01 Remote SQL injection Vulnerability  
ate:2009-02-10,name:Joomla Component Daily Message 1.0.3 (id) SQL Injection Vuln  
ate:2009-02-10,name:Joomla Component ionFiles 4.4.2 File Disclosure Vulnerability  
ate:2009-02-09,name:Joomla com_Eventing 1.6.x Blind SQL Injection Exploit  
ate:2009-02-09,name:Joomla Component RD-Autos 1.5.2 (id) SQL Injection Vulnerability  
ate:2009-02-09,name:Joomla Component Tech Article 1.x (item) SQL Injection Vulnerability  
ate:2009-02-05,name:Joomla com_pcchess (game_id) Blind SQL Injection Exploit  
ate:2009-02-05,name:Joomla Com BazaarBuilder Shopping Cart v.5.0 SQL Injection Exploit  
ate:2009-02-05,name:Joomla com_flashmagazinedeluxe (mag_id) SQL Injection Vulnerability  
ate:2009-02-05,name:Joomla com_pccookbook (recipe_id) Blind SQL Injection Exploit  
ate:2009-01-26,name:Joomla component beamospetition 1.0.12 Sql Injection  
ate:2009-01-19,name:Joomla <= 1.5.8 (xstandard editor) Local Directory Traversal Vulnerability  
ate:2009-01-10,name:joomla com_lowcosthotels sql injection  
ate:2009-01-10,name:Joomla Component com_tophotelmodule 1.0 Blind SQL Injection Vuln  
ate:2009-01-10,name:Joomla Component com_hbssearch 1.0 Blind SQL Injection Vuln  
ate:2009-01-09,name:Joomla Component PAX Gallery 0.1 Blind SQL Injection Vulnerability  
ate:2009-01-03,name:Joomla Component Clickheat 1.0.1 Multiple RFI Vulnerabilities  
ate:2009-01-03,name:Joomla Component Feederator 1.0.5 Multiple RFI Vulnerabilities  
ate:2009-01-03,name:Joomla Component mdigg 2.2.8 Blind SQL Injection Exploit  
ate:2008-12-23,name:Joomla 1.0.13 - 1.0.14 \/ (remote) PHP file inclusion possible if old configuration.php  
ate:2008-12-23,name:Joomla com_books(book_id) SQL injection Vulnerability  
ate:2008-12-22,name:Joomla Component com_jmovies 1.1 (id) SQL Injection Exploit  
ate:2008-12-17,name:Joomla: Session hijacking vulnerability  
ate:2008-12-17,name:Joomla Component Contact Info 1.0 SQL Injection Vulnerability  
ate:2008-12-11,name:Joomla Component GameQ  
ate:2008-12-11,name:Joomla Component mydyngallery  
ate:2008-12-02,name:Joomla Component Xe webtv (id) Blind SQL Injection Exploit  
ate:2008-12-01,name:Joomla Component com_datsogallery 1.6 Blind SQL Injection Exploit  
ate:2008-11-20,name:Joomla Simple RSS Reader Component 1.0 Remote File Inclusion Vulnerability  
ate:2008-11-20,name:Joomla Component JooBlog 0.1.1 (PostID) SQL Injection Vulnerability  
ate:2008-11-20,name:Joomla Component JooBlog 0.1.1 (PostID) SQL Injection Vuln.  
date:2008-10-25,name:Joomla Component JPad 1.0 SQL Injection Vulnerability (postauth)  
date:2008-10-25,name:Joomla Component imagebrowser <= 0.1.5 RC2 Directory Traversal Vuln  
date:2008-10-25,name:Joomla Component ds-syndicate (feed_id) SQL Injection Vulnerability  
date:2008-10-22,name:Joomla Component actualite 1.0 (id) SQL Injection Vulnerability  
date:2008-09-21,name:joomla multiple vuln.  
date:2008-09-11,name:Joomla Weak Random Password Reset Token Vulnerability  
date:2008-08-19,name:Joomla 1.5.x (Token) Remote Admin Change Password Vulnerability  
date:2008-08-16,name:Joomla Component netinvoice 1.2.0 SP1 SQL Injection Vulnerability  
date:2008-07-28,name:Joomla Component DT Register Remote SQL injection Vulnerability  
date:2008-07-04,name:Joomla Component Com_Facileforms  
date:2008-06-03,name:Joomla Component xsstream-dm 0.01 Beta  SQL Injection  
date:2008-04-27,name:Pu Arcade component for Joomla - SQL injection  
date:2008-03-06,name:joomla SQL Injection(com_facileforms)  
date:2008-03-06,name:joomla SQL Injection(com_salesrep)  
date:2008-03-06,name:joomla SQL Injection(com_detail)  
date:2008-03-06,name:joomla SQL Injection (cat)(com_downloads)  
date:2008-02-19,name:joomla SQL Injection(com_filebase)  
date:2008-02-19,name:joomla SQL Injection(com_sg)  
date:2008-02-19,name:joomla SQL Injection( com_scheduling)  
date:2008-02-19,name:Default  Multiple Joomla! Component com_rapidrecipe \user_id=\ Remote SQL Inj.  
date:2008-01-17,name:Multiple CSRF in Joomla all versions - Complete compromise  
date:2007-12-15,name:Blind Sql-Injection in Joomla 1.5 RC3  
date:2007-10-14,name:wmtrssreader joomla component 1.0 Remote File Include Vulnerability  
date:2007-10-14,name:Joomla! swMenuFree 4.6 Component Remote File Include  
date:2007-09-12,name:Multiple vulnerabilities in Joomla 1.5 RC 1  
date:2007-08-14,name:Joomla J! Reactions Component Remote File include Bug  
date:2007-08-14,name:Remote command execution in Joomla! CMS  
date:2007-07-14,name:All Of the Mambo & Joomla Script Remote File Inclussion Bugs..  
date:2007-04-26,name:Joomla\/Mambo Jambook v1.0 beta7 Rfi Vuln.  
date:2007-03-09,name:Secunia Research: Joomla BSQ Sitestats Component MultipleVulnerabilities  
date:2006-10-12,name:VirtueMart Joomla eCommerce Edition CMS Multiple XSS Vulnerabilities  
date:2006-09-12,name:Mambo\/Joomla com_comprofiler Components <== v1.0 RC 2 Multiple Remote File Include Vulnerabilities  
date:2006-09-02,name:Joomla Rssxt <= 1.0 Remote File Include Vulnerability  (update)  
date:2006-09-02,name:Joomla Kochsuite Component <= 0.9.4 (config.kochsuite.php) Remote File Inclusion Vulnerability  
date:2006-09-02,name:Joomla MamboWiki Component <= 0.9.4 Remote File Inclusion Vulnerability  
date:2006-08-23,name:Mambo\/Joomla Component Remository v3.25 (mosConfig_absolute_path) Remote File Inclusion Vulnerabilit  
date:2006-08-13,name:Savant2 Remote File Include Vulnerability [For Mambo, Joomla]  
date:2006-07-25,name:Multiple Mambo\/Joomla Component Remote File Include Vulnerabilities  
date:2006-07-25,name:pc_cookbook Mambo\/Joomla Component <= v0.3 Remote File Include Vulnerabilities  
date:2006-06-15,name:Joomla! 1.0 Remote File Inclusion  
date:2006-06-08,name:Joomla\/Mambo CMS Component SimpleBoard 1.1 XSS-Vulnerabilities  
date:2006-03-07,name:JOOMLA CMS 1.0.7 DoS & path disclosing  

Drupal历史插件漏洞集合

date:2018-06-22,name:Drupal 7 ItalianGov Fi.it Scrivi Al Comune Arbitrary File Upload Vulnerability  
date:2018-06-02,name:Drupal PaisDigital ArgentinaGov Municipality ContactForm Arbitrary File Upload Vulnerability  
date:2018-05-22,name:Drupal Exploiter on subdomains brute-forcing (RCE)  
date:2018-04-23,name:Drupal Avatar Uploader 7.x-1.0-beta8 Arbitary File Download  
date:2018-04-14,name:Drupal 0day Remote PHP Code Execution (Perl)  
date:2018-04-13,name:Drupal 0day Remote PHP Code Execution (Python)  
date:2018-04-13,name:Drupal 0day Remote PHP Code Execution (curl)  
date:2018-04-13,name:Drupal Drupalgeddon2 Remote Code Execution (Ruby)  
date:2018-03-30,name:Drupal 7.0 &lt;  7.31 Drupalgeddon SQL Injection (Admin Session)  
date:2017-06-08,name:Drupal Public Download Count Module - Open Redirect  
date:2017-05-16,name:Drupal comment-form Upload Dangerous File  
date:2017-03-10,name:Drupal 7.x Module Services Remote Code Execution  
date:2016-07-25,name:Drupal CODER Module 2.5 - Remote Command Execution  
date:2016-07-21,name:Drupal RESTWS Module 7.x - Remote PHP Code Execution  
date:2016-07-19,name:Drupal 8.1.6 HTTP traffic to an arbitrary proxy server  
date:2016-07-17,name:Drupal Webform Multiple File Upload - Remote code execution  
date:2016-07-05,name:Drupal 6.22 - menupereid SQL injection Vulnerability  
date:2016-02-21,name:Drupal 8.0.x-dev Cross Site Scripting  
date Process MiTM  
date:2015-10-11,name:Drupal 8.0.0 Beta 14 Cross Site Scripting  
date:2014-12-02,name:Drupal 7.34 Memory Exhaustion  
date:2014-11-04,name:Drupal &lt; 7.32 Pre Auth SQL Injection Vulnerability  
date:2014-10-18,name:Drupal HTTP Parameter Key\/Value SQL Injection  
date:2014-10-16,name:Drupal 7.31 CORE pre Auth SQL Injection Vulnerability *youtube  
date:2014-10-16,name:Drupal 7.x SQL Injection Exploit  
date:2014-08-11,name:WordPress 3.9 and Drupal 7.x Denial Of Service Vulnerability *video  
date:2014-05-11,name:Drupal Flag 7.x-3.5 Command Execution  
date:2014-04-03,name:Drupal 7.26 Custom Search 7.x-1.13 Cross Site Scripting  
date:2014-03-13,name:Drupal SexyBookmarks 6.x Information Disclosure  
date:2014-03-13,name:Drupal Webform Template 7.x Access Bypass  
date:2014-03-06,name:Drupal Masquerade 6.x \/ 7.x Access Bypass  
date:2014-03-06,name:Drupal NewsFlash 6.x \/ 7.x Cross Site Scripting  
date:2014-02-27,name:Drupal Mime Mail 6.x \/ 7.x Access Bypass  
date:2014-02-27,name:Drupal Content Locking 6.x \/ 7.x CSRF  
date:2014-02-27,name:Drupal Project Issue File Review 6.x Cross Site Scripting  
date:2014-02-27,name:Drupal Open Omega 7.x Access Bypass  
date:2014-02-20,name:Drupal Maestro 7.x Cross Site Scripting  
date:2014-02-20,name:Drupal Slickgrid 7.x Access Bypass  
date:2014-02-13,name:Drupal Webform Validation 6.x \/ 7.x Cross Site Scripting  
date:2014-02-13,name:Drupal Webform 6.x \/ 7.x Cross Site Scripting  
date:2014-02-13,name:Drupal Image Resize Filter 6.x \/ 7.x Denial Of Service  
date:2014-02-13,name:Drupal Commons 7.x Cross Site Scripting  
date:2014-02-13,name:Drupal MAYO 7.x Cross Site Scripting  
date:2014-02-13,name:Drupal Chaos Tool Suite 6.x \/ 7.x Access Bypass  
date:2014-02-07,name:Drupal Push Notifications 7.x Information Disclosure  
date:2014-02-07,name:Drupal Modal Frame API 6.x Cross Site Scripting  
date:2014-02-06,name:Drupal 6 Modal Frame API Cross Site Scripting  
date:2014-01-30,name:Drupal Tribune 6.x \/ 7.x Cross Site Scripting  
date:2014-01-30,name:Drupal Services 7.x Access Bypass  
date:2014-01-27,name:Drupal Event calendar module Cross Site Scripting (XSS)  
date:2014-01-23,name:Drupal Leaflet 7.x Access Bypass  
date:2014-01-23,name:Drupal Secure Cookie Data 7.x Information Disclosure  
date:2014-01-23,name:Drupal Doubleclick For Publishers 7.x Cross Site Scripting  
date:2014-01-23,name:Drupal Language Switcher Dropdown 7.x Open Redirect  
date:2014-01-16,name:Drupal 6.x \/ 7.x Impersonation \/ Access Bypass \/ Hardening  
date:2014-01-16,name:Drupal Anonymous Posting 7.x Cross Site Scripting  
date:2014-01-09,name:Drupal Media 7.x Access Bypass  
date:2013-12-19,name:Drupal 7.x Ubercart Session Fixation Vulnerability  
date:2013-11-21,name:Drupal 6.x\/7.x core Multiple vulnerabilities  
date:2013-11-21,name:Drupal Invitation 7.x Access Bypass  
date:2013-11-21,name:Drupal Entity Reference 7.x Access Bypass  
date:2013-11-21,name:Drupal 6.x \/ 7.x PRNG \/ XSS \/ Open Redirect  
date:2013-11-21,name:Drupal EU Cookie Compliance 7.x CSRF  
date:2013-11-14,name:Drupal GCC 7.x Access Bypass  
date:2013-11-14,name:Drupal Misery 6.x \/ 7.x Denial Of Service  
date:2013-11-14,name:Drupal Revisioning 7.x Access Bypass  
date:2013-11-07,name:Drupal 7.x Payment for Webform Access Bypass  
date:2013-10-31,name:Drupal Monster Menus 7.x Access Bypass  
date:2013-10-31,name:Drupal Feed Element Mapper 6.x Cross Site Scripting  
date:2013-10-31,name:Drupal FileField Sources 6.x \/ 7.x Access Bypass  
date:2013-10-31,name:Drupal Quiz 6.x Access Bypass  
date:2013-10-17,name:Drupal Context Mulitple Vulnerabilities  
date:2013-10-17,name:Drupal Simplenews Cross Site Scripting  
date:2013-10-03,name:Drupal Quick Tabs 6.x \/ 7.x Access Bypass  
date:2013-10-01,name:Drupal Imagecache security vulnarability (DDOS attack) *youtube  
date:2013-09-19,name:Drupal Google Site Search 6.x \/ 7.x Cross Site Scripting  
date:2013-09-13,name:Drupal MediaFront 6.x \/ 7.x Cross Site Scripting  
date:2013-09-13,name:Drupal Click2Sell Suite 6.x XSS \/ CSRF  
date:2013-09-13,name:Drupal jQuery Countdown 7.x Cross Site Scripting  
date:2013-09-06,name:Drupal Make Meeting Scheduler 6.x Access Bypass  
date:2013-09-06,name:Drupal Core 6.x \/ 7.x Information Disclosure  
date:2013-08-29,name:Drupal Flag 7.x Cross Site Scripting  
date:2013-08-22,name:Drupal Zen 7.x Cross Site Scripting  
date:2013-08-15,name:Drupal 7.22 \/ 6.28 Cross Site Scripting  
date:2013-08-15,name:Drupal BOTCHA Spam Prevention 7.x Information Disclosure  
date:2013-08-15,name:Drupal Password Policy 6.x \/ 7.x Cross Site Scripting  
date:2013-08-15,name:Drupal Entity API 7.x Access Bypass  
date:2013-08-08,name:Drupal RESTful Web Services 7.x Access Bypass  
date:2013-08-08,name:Drupal Authenticated User Page Caching 7.x Information Disclosure  
date:2013-08-08,name:Drupal Mozilla Persona 7.x Cross Site Request Forgery  
date:2013-08-08,name:Drupal Organic Groups 7.x Access Bypass \/ Information Disclosure  
date:2013-08-08,name:Drupal Monster Menus 6.x \/ 7.x Access Bypass  
date:2013-07-26,name:Drupal Scald 6.x \/ 7.x Cross Site Scripting  
date:2013-07-19,name:Drupal MRBS 6.x \/ 7.x CSRF \/ SQL Injection  
date:2013-07-11,name:Drupal TinyBox 7.x Cross Site Scripting  
date:2013-07-11,name:Drupal Stage File Proxy 7.x Denial Of Service  
date:2013-07-11,name:Drupal Hatch 7.x Cross Site Scripting  
date:2013-06-29,name:Drupal 7.x Fonecta verify Cross Site Scripting  
date:2013-06-29,name:Drupal 7.x  Exposed Filter Data Cross Site Scripting  
date:2013-06-27,name:Drupal 7.x Apache Solr Autocomplete Cross Site Scripting  
date:2013-06-27,name:Drupal 7.x Fast Permissions Administration Access bypass  
date:2013-06-20,name:Drupal Login Security 6.x \/ 7.x DoS \/ Bypass  
date:2013-06-13,name:Drupal Display Suite 7.x Cross Site Scripting  
date:2013-06-06,name:Drupal Services 6.x \/ 7.x Cross Site Request Forgery  
date:2013-05-30,name:Drupal 7.x Node access user reference  
date:2013-05-30,name:Drupal 7.x Edit Limit access bypass  
date:2013-05-30,name:Drupal 6.x Webform XSS  
date:2013-05-18,name:CKEditor &lt;4.1 Drupal 6.x &amp; 7.x Persistent XSS  
date:2013-05-16,name:Drupal 6.x\/7.x Google Authenticator login Access Bypass  
date:2013-05-08,name:Drupal Htmlarea Modules (4.7.x-1.x) Arbitary File Upload Vulnerabilities  
date:2013-04-18,name:Drupal AWTNF 6.x \/ 7.x Access Bypass  
date:2013-04-18,name:Drupal MP3 Players 6.x Cross Site Scripting  
date:2013-04-18,name:Drupal elFinder File Mapper 6.x &amp; 7.x CSRF  
date:2013-04-11,name:Drupal RESTful Web Services 7.x Denial Of Service  
date:2013-04-04,name:Drupal Commerce Skrill 7.x Access Bypass  
date:2013-04-04,name:Drupal Chaos Tool Suite 7.x Access Bypass  
date:2013-03-28,name:Drupal Common Groups 7.x Access Bypass &amp; Privilege Escalation  
date:2013-03-28,name:Drupal Common Wikis 7.x Access Bypass &amp; Privilege Escalation  
date:2013-03-28,name:Drupal Rules 7.x Cross Site Scripting  
date:2013-03-28,name:Drupal Zero Point 7.x Cross Site Scripting  
date:2013-03-21,name:Drupal Views 7.x Cross Site Scripting  
date:2013-03-14,name:Drupal Node Parameter Control 6.x Access Bypass  
date:2013-03-02,name:Drupal Premium Responsive 7.x Cross Site Scripting  
date:2013-02-28,name:Drupal Fresh Theme 7.x Cross Site Scripting  
date:2013-02-28,name:Drupal Clean 7.x Cross Site Scripting  
date:2013-02-28,name:Drupal Creative Theme 7.x Cross Site Scripting  
date:2013-02-28,name:Drupal Professional 7.x Cross Site Scripting  
date:2013-02-28,name:Drupal Best Responsive 7.x Cross Site Scripting  
date:2013-02-28,name:Drupal Company Theme 7.x Cross Site Scripting  
date:2013-02-14,name:Drupal Banckle Chat 7.x Access Bypass  
date:2013-02-14,name:Drupal Manager Change For Organic Groups 7.x Cross Site Scripting  
date:2013-01-31,name:Drupal Google Authenticator (third-party module)  
date:2013-01-31,name:Drupal 7.x Boxes Cross Site Scripting  
date:2013-01-31,name:Drupal Drush Debian Packaging Information Disclosure  
date:2013-01-31,name:Drupal 6.x email2image Access bypass  
date:2013-01-25,name:Drupal CurvyCorners Cross-site Scripting  
date:2013-01-24,name:Drupal Video 7.x PHP Code Execution  
date:2013-01-24,name:Drupal Search API Sorts 7.x Cross Site Scripting  
date:2013-01-24,name:Drupal User Relationships 6.x \/ 7.x Cross Site Scripting  
date:2013-01-24,name:Drupal CurvyCorners 6.x \/ 7.x Cross Site Scripting  
date:2013-01-24,name:Drupal Keyboard Shortcut Utility 7.x Access Bypass  
date:2013-01-17,name:Drupal Live CSS 6.x \/ 7.x PHP Code Execution  
date:2013-01-17,name:Drupal Core 6.x \/ 7.x Cross Site Scripting &amp; Access Bypass  
date:2013-01-17,name:Drupal Mark Complete 7.x Cross Site Request Forgery  
date:2013-01-10,name:Drupal Payment 7.x Access Bypass  
date:2013-01-08,name:Drupal 6.x-&gt;7.18 getimagesize() &lt;= Multiple Vulnerabilities  
date:2012-12-20,name:Drupal Core 6.x &amp; 7.x Access Bypass &amp; Code Execution  
date:2012-12-06,name:Drupal Nodeword D6 Meta Tags 6.x Information Disclosure  
date:2012-11-30,name:Drupal Email Field 6.x XSS &amp; Access Bypass  
date:2012-11-25,name:TYPO3 CMS, TinyMCE, Liferay Portal, Drupal swfupload XSS  
date:2012-11-15,name:Drupal RESTful Web Services 7.x Cross Site Request Forgery  
date:2012-11-15,name:Drupal Smiley \/ Smileys 6.x Cross Site Scripting  
date:2012-11-15,name:Drupal User Read-Only 6.x \/ 7.x Access Bypass  
date:2012-11-08,name:Drupal OM Maximenu 6.x \/ 7.x Cross Site Scripting  
date:2012-11-08,name:Drupal Webform CiviCRM Integration 7.x Access Bypass  
date:2012-10-26,name:Drupal MailChimp 7.x Cross Site Scripting  
date:2012-10-11,name:Drupal Feeds 7.x Access Bypass  
date:2012-10-11,name:Drupal Mandrill 7.x Information Disclosure  
date:2012-10-11,name:Drupal ShareThis 7.x Cross Site Scripting  
date:2012-10-11,name:Drupal Basic Webmail 6.x XSS &amp; Information Disclosure  
date:2012-10-04,name:Drupal Twitter Pull 6.x &amp; 7.x Cross Site Scripting  
date:2012-10-04,name:Drupal Commerce Extra Panes 7.x Cross Site Request Forgery  
date:2012-09-27,name:Drupal Organic Groups 7.x Access Bypass  
date:2012-09-19,name:Drupal Heartbeat 6.x 7.x Cross Site Request Forgery  
date:2012-09-19,name:Drupal Exposed Filter Data 6.x Cross Site Scripting  
date:2012-09-18,name:Drupal Email Field 6.x \/ 7.x Access Bypass  
date:2012-09-18,name:Drupal Announcements 6.x Access Bypass  
date:2012-09-18,name:Drupal Activism 6.x Access Bypass  
date:2012-09-18,name:Drupal Taxonomy Image 6.x Cross Site Scripting \/ PHP Code Execution  
date:2012-09-18,name:Drupal Javascript Tool 7.x File Access  
date:2012-08-20,name:Drupal Elegant Theme 7.x Cross Site Scripting  
date:2012-08-20,name:Drupal Custom Publishing Options 6.x XSS  
date:2012-08-20,name:Drupal Hotblocks 6.x Cross Site Scripting  
date:2012-08-07,name:Drupal Excluded Users 6.x Cross Site Scripting  
date:2012-08-07,name:Drupal Monthly Archive by Node Type 6.x Access Bypass  
date:2012-07-31,name:Drupal Location 6.x \/ 7.x Access Bypass  
date:2012-07-31,name:Drupal Secure Login 7.x Open Redirect  
date:2012-07-31,name:Drupal Gallery Formatter 7.x Cross Site Scripting  
date:2012-07-31,name:Drupal Subuser 6.x Bypass \/ CSRF  
date:2012-07-24,name:Drupal Campaign Monitor 6.x Cross Site Scripting  
date:2012-07-16,name:Drupal Book Block 6.x-1.0-beta1 Cross Site Scripting  
date:2012-07-16,name:Drupal Book Block Module V.6.x-1.0-beta1 XSS Vulnerability  
date:2012-06-26,name:Drupal Drag And Drop 6.x-1.5 Shell Upload  
date:2012-06-25,name:Drupal 7.x-1.3 Privatemsg Cross Site Scripting  
date:2012-06-17,name:Drupal Ubercart AJAX Cart 6.x Information Disclosure  
date:2012-06-15,name:Drupal SimpleMeta 6.x Cross Site Request Forgery  
date:2012-06-15,name:Drupal Janrain Capture 6.x \/ 7.x Open Redirect  
date:2012-06-15,name:Drupal Node Hierarchy 6.x Cross Site Request Forgery  
date:2012-06-15,name:Drupal Global Redirect 6.x \/ 7.x Open Redirect  
date:2012-06-15,name:Drupal Protected Node 6.x Access Bypass  
date:2012-06-08,name:Drupal Tokenauth 6.x Access Bypass  
date:2012-06-08,name:Drupal Maestro 7.x Cross Site Scripting \/ Cross Site Request Forgery  
date:2012-06-08,name:Drupal Protest 6.x \/ 7.x Cross Site Scripting  
date:2012-06-08,name:Drupal Authoring HTML 6.x Cross Site Scripting  
date:2012-06-08,name:Drupal Node Embed 6.x \/ 7.x Access Bypass  
date:2012-06-08,name:Drupal Organic Groups 6.x Cross Site Scripting \/ Access Bypass  
date:2012-06-08,name:Drupal Simplenews 6.x \/ 7.x Information Disclosure  
date:2012-06-04,name:Drupal Counter 6.x SQL Injection  
date:2012-06-04,name:Drupal Mobile Tools 6.x Cross Site Scripting  
date:2012-06-04,name:Drupal Comment Moderation 6.x Cross Site Request Forgery  
date:2012-06-04,name:Drupal Amadou 6.x Cross Site Scripting  
date:2012-05-28,name:Drupal Taxonomy List 6.x Cross Site Scripting  
date:2012-05-28,name:Drupal BrowserID 7.x Cross Site Request Forgery  
date:2012-05-28,name:Drupal Search API 7.x Cross Site Scripting  
date:2012-05-20,name:Drupal Hostmaster 6.x Cross Site Scripting \/ Access Bypass  
date:2012-05-20,name:Drupal Aberdeen 6.x Cross Site Scripting  
date:2012-05-19,name:Drupal Post Affiliate Pro 6.x Cross Site Scripting \/ Access Bypass  
date:2012-05-19,name:Drupal Advertisement 6.x Cross Site Scripting  
date:2012-05-19,name:Drupal Ubercart Product Keys 6.x Access Bypass  
date:2012-05-19,name:Drupal Smart Breadcrumb 6.x Cross Site Scripting  
date:2012-05-13,name:Drupal Take Control 6.x Cross Site Request Forgery  
date:2012-05-13,name:Drupal Glossary 6.x Cross Site Scripting  
date:2012-05-12,name:Drupal Core 7.x Multiple Vulnerabilities  
date:2012-05-04,name:Drupal Glossify Internal Links Auto SEO 6.x Cross Site Scripting  
date:2012-05-04,name:Drupal Node Gallery 6.x Cross Site Request Forgery  
date:2012-05-04,name:Drupal Taxonomy Grid 6.x Cross Site Scripting  
date:2012-05-04,name:Drupal cctags 6.x \/ 7.x Cross Site Scripting  
date:2012-04-28,name:Drupal Site Documentation 6.x Information Disclosure  
date:2012-04-28,name:Drupal Ubercart 6.x \/ 7.x XSS \/ PHP Code Execution  
date:2012-04-28,name:Drupal RealName 6.x Cross Site Scripting  
date:2012-04-28,name:Drupal Creative Commons 6.x Cross Site Scripting  
date:2012-04-28,name:Drupal Linkit 7.x Access Bypass  
date:2012-04-28,name:Drupal Spaces 6.x Access Bypass  
date:2012-04-01,name:Drupal Activity 6.x XSS Proof Of Concept  
date:2012-03-26,name:Drupal FCKEditor\/CKEditor remote code execution  
date:2012-03-19,name:Drupal 7.x Search Module Full Path Disclosure  
date:2012-01-22,name:Drupal CKEditor 3.6.2 Cross Site Scripting  
date:2012-01-10,name:VBDrupal Cross Site Scripting  
date:2011-12-24,name:Drupal 6.22 \/ SuperCron 6.x-1.3 Cross Site Scripting  
date:2011-11-21,name:Drupal String Overrides Cross Site Scripting  
date:2011-07-03,name:Drupal 6.22 Cross Site Scripting  
date:2011-06-02,name:Drupal With Webform Cross Site Scripting  
date:2011-01-22,name:Drupal 5.x, 6.x  <= Stored Cross Site Scripting Vulnerability  
date:2010-07-19,name:Drupal 6.16 with OG Menu 6.x-2.0 cross site scripting  
date:2010-05-21,name:Drupal 6.16 with Context 6.x-2.0-rc3 XSS  
date:2010-05-20,name:The Drupal Storm module 1.32 cross site scripting  
date:2010-04-30,name:Drupal 6.16 with Better Formats 6.x-1.2 cross site scripting  
date:2010-02-20,name:Drupal 6.15 with Twitter module version 6.x-2.6 clear text credential storage  
date:2010-02-06,name:Drupal's MP3 Player module 6.x-1.0-beta1 cross site scripting  
date:2010-01-23,name:Drupal Node Blocks contributed module (6.x-1.3 and 5.x-1.1) XSS  
date:2009-12-19,name:Drupal 6.14 Sections 6.x-1.2 multiple cross site scripting  
date:2009-06-12,name:Drupal Taxonomy Manager Module XSS Vulnerability  
date:2009-06-12,name:Drupal 6 Views Module XSS Vulnerability  
date:2009-06-12,name:Drupal Nodequeue Module XSS Vulnerability  
date:2009-06-11,name:Drupal Flag Module Multiple Vulnerabilities  
date:2009-06-04,name:Drupal Embedded Media Field Module Multiple XSS  
date:2009-06-03,name:Drupal 6 Content Access Module XSS  
date:2009-05-20,name:Drupal 6 CCK Module XSS Vulnerability  
date:2009-05-13,name:Drupal 5.17 Taxonomy Module XSS Vulnerability  
date:2009-03-03,name:Drupal Protected Node Module XSS Vulnerability  
date:2009-02-16,name:LFI in Drupal CMS  
date:2009-02-09,name:Drupal Link Module XSS Vulnerability  
date:2008-09-27,name:Drupal Brilliant Gallery module SQL injection vulnerability  
date:2008-09-27,name:Drupal Ajax Checklist Module SQL Injection Vulnerability  
date:2008-09-21,name:drupal: Session hijacking vulnerability  
date:2008-09-21,name:Drupal Link to Us Module Contains XSS Vulnerability  
date:2007-01-19,name:Drupal 4.6.11 \/ 4.7.5 fixes DoS issue  
date:2006-10-26,name:Drupal 4.6.10 \/ 4.7.4 fixes multiple XSS issues  
date:2006-10-26,name:Drupal 4.6.10 \/ 4.7.4 fixes HTML attribute injection issue  
date:2006-10-26,name:Drupal 4.6.10 \/ 4.7.4 fixes CRF issue  
date:2006-06-08,name:Drupal 4.6.8 \/ 4.7.2 fixes XSS issue  
date:2006-06-08,name:Drupal 4.6.8 \/ 4.7.2 fixes arbitrary file execution issue  
date:2006-03-23,name:Drupal 4.6.6 \/ 4.5.8 fixes XSS issue  
date:2006-03-23,name:Drupal 4.6.6 \/ 4.5.8 fixes session fixation issue  
date:2006-03-23,name:Drupal 4.6.6 \/ 4.5.8 fixes mail header injection issue  
date:2006-03-23,name:Drupal 4.6.6 \/ 4.5.8 fixes access control issue  
date:2005-12-12,name:Drupal 4.6.4 \/ 4.5.6 fixes XSS and HTTP header injection issue  

Comments


网络安全研究员、渗透测试工程师、F11攻防小组创始人
文能社会工程学,武能过狗拿shell
日的了站,做的了饭。
人生格言:即使是咸鱼,也一定是最咸的那条