目录
  1. 1. wordpress历史插件漏洞集合
  2. 2. Joomla历史插件漏洞集合
  3. 3. Drupal历史插件漏洞集合
wordpress、Joomla、Drupal历史插件漏洞合集

wordpress历史插件漏洞集合

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
date:2018-08-18,name:WordPress Dreamsmiths Themes 0.0.1 Arbitrary File Download  
date:2018-07-28,name:WordPress Plugin Responsive Thumbnail Sltrary File Upload (Metasploit)
date:2018-07-27,name:WordPress Gwolle Guestbook 2.5.3 Cross Site Scripting
date:2018-07-27,name:WordPress Strong Testimonials 2.31.4 Cross Site Scripting
date:2018-07-27,name:WordPress Snazzy Maps 1.1.3 Cross Site Scripting
date:2018-07-09,name:wordpress file-away plugin - File Disclosure
date:2018-06-28,name:WordPress 4.9.6 Arbitrary File Deletion
date:2018-06-27,name:WordPress Plugin Advanced Order Export For WooCommerce < 1.5.4 CSV Injection
date:2018-06-26,name:WordPress Comments Import And Export CSV Injection
date:2018-06-26,name:WordPress iThemes Security SQL Injection
date:2018-06-26,name:WordPress Plugin iThemes Security < 7.0.3 SQL Injection
date:2018-06-25,name:WordPress Plugin weixin robot advanced 4.4 Cross-Site-Scripting
date:2018-06-23,name:WordPress Design By SmartCat.Net ImageManager Plugin Remote File Upload Vulnerability
date:2018-06-23,name:WordPress Design By SmartCatDesign.Net ImageManager Plugin Remote File Upload Vulnerability
date:2018-06-21,name:WordPress DrcSystems EthicSolutions Jssor-Slary Plugin Arbitrary File Upload Vulnerability
date:2018-06-13,name:WordPress Tooltipy 5.0 Cross Site Scripting
date:2018-06-13,name:WordPress Redirection 2.7.3 Remote File Inclusion
date:2018-06-13,name:WordPress Tooltipy 5.0 Cross Site Request Forgery
date:2018-06-08,name:WordPress Theme Sydney by aThemes 2018 GravityForms Input Remote File Upload Vulnerability
date:2018-05-30,name:Wordpress Plugin Events Calendar SQL Injection
date:2018-05-30,name:WordPress Headway Theme The Drag and Drop SQL Injection Vulnerability
date:2018-05-25,name:WordPress Peugeot Music 1.0 Shell Upload \/ Cross Site Request Forgery
date:2018-05-24,name:WordPress Plugin Peugeot Music Arbitrary File Upload
date:2018-05-23,name:WordPress Muller Design Studio DiyThemes Rich-Wtor Arbitrary File Upload
date:2018-05-12,name:WordPress WP User Groups 2.0.0 Cross Site Request Forgery
date:2018-05-09,name:Wordpress wp-js-external-link-info redirect
date:2018-05-07,name:WordPress Plugin User Role Editor < 4.25 Privilege Escalation
date:2018-05-06,name:Wordpress Hestia 1.1.73 Theme XSS Vuln
date:2018-04-29,name:WordPress UK Cookie Consent 2.3.9 Cross Site Scripting
date:2018-04-27,name:WordPress WP With Spritz 1.0 File Inclusion
date:2018-04-26,name:WordPress Woo Import Export 1.0 Arbitrary File Deletion
date:2018-04-14,name:Nielsen Wordpress Theme Xss Stored Exploit
date:2018-04-12,name:WordPress Content Injection and Deface
date:2018-04-11,name:WordPress Google Drive 2.2 Remote Code Execution
date:2018-04-11,name:WordPress Plugin WordPress File Upload 4.3.3 Stored XSS
date:2018-04-11,name:WordPress Activity Logs 2.4.0 Cross Site Scripting
date:2018-04-10,name:WordPress Plugin Google Drive 2.2 Remote Code Execution
date:2018-04-10,name:WordPress Plugin Gratifikasi 1.3 Cross Site Scripting (XSS)
date:2018-04-10,name:WordPress Viral Optins Plugin Exploit and File Upload
date:2018-04-01,name:Wordpress Plugin Contact Form 7 to Database Extension 2.10.32 CSV Injection
date:2018-03-28,name:Wordpress Plugin Site Editor 1.1.1 Local File Inclusion
date:2018-03-27,name:WordPress Event Manager 5.8.1.1 Cross Site Scripting
date:2018-03-20,name:WordPress Site Editor 1.1.1 Local File Inclusion
date:2018-03-16,name:WordPress Plugin Duplicator 1.2.32 Cross-Site Scripting
date:2018-03-10,name:Wordpress Theme Distributel SQLi
date:2018-02-16,name:WordPress UltimateMember 2.0 Cross Site Scripting
date:2018-02-16,name:Wordpress 4.9.4 Username Enumeration (perl version)
date:2018-01-31,name:WordPress Propertyhive 1.4.14 Cross Site Scripting
date:2018-01-30,name:WordPress Splashing Images 2.1 Cross Site Scripting \/ PHP Object Injection
date:2018-01-22,name:Wordpress Tips Wp-Config Setup Vulnerable
date:2018-01-22,name:Wordpress linenity theme - Arbitrary file download
date:2018-01-21,name:Wordpress newspro2891 theme - Arbitrary file download
date:2018-01-21,name:Wordpress endlesshorizon theme - Arbitrary file download
date:2018-01-21,name:Wordpress duena theme - Arbitrary file download
date:2018-01-21,name:Wordpress cafesalivation theme - Arbitrary file download
date:2018-01-21,name:Wordpress File Manager plugin Version 5.0.1 SSRF\/XSPA Vulnerability
date:2018-01-21,name:Wordpress liberator theme - Arbitrary file download
date:2018-01-21,name:Wordpress oxygen theme - Arbitrary file download
date:2018-01-20,name:wordpress kap theme arbitrary file download
date:2018-01-15,name:Wordpress wp-File-Manager plugin Version 1.9 SSRF\/XSPA Vulnerability
date:2018-01-11,name:WordPress Smooth Sl6 SQL Injection
date:2018-01-11,name:WordPress Dbox 3D Sl 1.2.2 SQL Injection
date:2018-01-11,name:WordPress MQ ReLinks 1.8 XSS \/ Open Redirection
date:2018-01-11,name:WordPress Download Manager 2.9.60 Cross Site Request Forgery
date:2018-01-11,name:WordPress Testimonial Sl4 SQL Injection
date:2018-01-10,name:WordPress Social Media WAcurax 3.2.5 Cross Site Request Forgery
date:2018-01-10,name:WordPress Plugin Events Calendar event_jection
date:2018-01-09,name:WordPress CMS Tree Page View 1.4 CSRF \/ Privilege Escalation
date:2018-01-08,name:WordPress Plugin LearnDash 2.5.3 Arbitrary File Upload
date:2018-01-07,name:WordPress WpJobBoard 4.4.4 SQL Injection
date:2018-01-04,name:WordPress Smart Google Code Inserter SQL Injection
date:2018-01-03,name:WordPress Plugin Smart Google Code Inserter < 3.5 Authentication Bypass \/ SQL Injection
date:2017-12-22,name:WordPress Feed-Statistics 4.1 Open Redirect
date:2017-12-22,name:WordPress Grifus 4.0.1 Cross Site Scripting
date:2017-12-22,name:WordPress mgl-instagram-gallery Plugin Cross Site Scripting
date:2017-12-21,name:WordPress feed-statistics Plugin Open Redirect Vulnerability
date:2017-12-21,name:WordPress WebConnex Form Management 1.6.3 Cross Site Scripting
date:2017-12-21,name:WordPress Itinerary 1.0.0 Cross Site Scripting
date:2017-12-20,name:WordPress Concours 1.1 Cross Site Scripting
date:2017-12-20,name:WordPress Clean Up Optimizer 4.0.0 SQL Injection
date:2017-12-20,name:WordPress Custom Map 1.1 Cross Site Scripting
date:2017-12-20,name:WordPress Booking Calendar 7.0 \/ 7.1 SQL Injection \/ Local File Inclusion
date:2017-12-20,name:WordPress CSV Import-Export 1.1 Cross Site Scripting
date:2017-12-20,name:WordPress Top-10 2.4.2 SQL Injection
date:2017-12-19,name:WordPress Yakadanda Google+ Hangout Events 0.3.7 XSS
date:2017-12-18,name:WordPress Sagepay Server Gateway For WooCommerce 1.0.7 XSS
date:2017-12-17,name:WordPress Plugins FormCraft - Cross-Site Scripting Image type
date:2017-12-15,name:WordPress Wunderbar Basic 1.1.3 Cross Site Scripting
date:2017-12-15,name:WordPress Pinterest Badge 1.8.0 Cross Site Scripting
date:2017-12-14,name:WordPress WooPay Inicis 1.1.3 Cross Site Scripting
date:2017-12-14,name:WordPress Qiniu Cloudtuchuang 1.8 Cross Site Scripting
date:2017-12-14,name:WordPress WordApp Mobile 2.0.3 Cross Site Scripting
date:2017-12-11,name:Wordpress UserPro 4.9.17 Authentication Bypass
date:2017-12-06,name:WordPress Z-URL Preview 1.6.1 Cross Site Scripting
date:2017-12-06,name:WordPress 3rd-Party Inject Results 0.2 Cross Site Scripting
date:2017-12-06,name:WordPress Smart Marketing SMS And Newsletters Forms 1.1.1 XSS
date:2017-12-06,name:WordPress WP Mailster 1.5.4.0 Cross Site Scripting
date:2017-12-01,name:WordPress WooCommerce 2.0 \/ 3.0 Directory Traversal
date:2017-11-22,name:WordPress Emag Marketplace Connector 1.0 Cross Site Scripting
date:2017-11-22,name:WordPress Advanced Post Type Ratings 1.1 Cross Site Scripting
date:2017-11-22,name:WordPress In Link 1.0 SQL Injection
date:2017-11-22,name:WordPress Breezing Forms 1.2.7.42 Cross Site Scripting
date:2017-11-15,name:WordPress Affiliate Ads For Clickbank Products 1.3 XSS
date:2017-11-15,name:WordPress AMP Toolbox 1.9.4 Cross Site Scripting
date:2017-11-15,name:WordPress DFD Reddcoin Tips 1.1.1 Cross Site Scripting
date:2017-11-14,name:WordPress Boozang 1.0.0 Cross Site Scripting
date:2017-11-14,name:WordPress Cartogiraffe Map 1.0 Cross Site Scripting
date:2017-11-14,name:WordPress Appointments 2.2.2.2 Cross Site Scripting
date:2017-11-13,name:Wordpress < = 4.8.2 SQL Injection POC
date:2017-11-10,name:WordPress Secure HTML5 Ver 3.14 Cross Site Scripting
date:2017-11-09,name:WordPress Ultimate Instagram Feed 1.2 Cross Site Scripting
date:2017-11-07,name:WordPress Duplicator Migration 1.2.28 Cross Site Scripting
date:2017-11-06,name:WordPress Plugin Userpro < 4.9.17.1 Authentication Bypass
date:2017-11-05,name:WordPress Plugins ImageManager- Arbitrary File Upload
date:2017-11-04,name:WordPress Plugin JTRT Responsive Tables 4.1 SQL Injection
date:2017-11-01,name:WordPress User Login History 1.5.2 Cross Site Scripting
date:2017-11-01,name:WordPress SmoothGallery for NextGen Gallery XSS
date:2017-11-01,name:WPBounce WordPress plugin Open Redirect
date:2017-10-20,name:WordPress Car Park Booking SQL Injection
date:2017-10-17,name:WordPress Influencer Marketing And Press Release System 2.2 XSS
date:2017-10-13,name:WordPress Pootle Button 1.1.1 Cross Site Scripting
date:2017-10-12,name:WordPress WP-Contact-W4.1 Cross Site Scripting
date:2017-10-12,name:WordPress PopCash.Net Publisher Code Integration 1.0 Cross Site Scripting
date:2017-10-11,name:WordPress TR Easy Google Analytics 1.0.0 Cross Site Scripting
date:2017-10-11,name:WordPress Simple Login Log 1.1.1 SQL Injection
date:2017-10-11,name:WordPress Ad W0.0 Local File Inclusion
date:2017-10-08,name:WordPress 4.8.2 Activation Key Failed Expiry
date:2017-10-08,name:Gallery by BestWebSoft wordpress \/ FILE UPLOAD
date:2017-10-07,name:WordPress does not hash wp_signups.activation_key SQL injection to create accounts
date:2017-10-05,name:WordPress Smush Image 2.7.4.1 Directory Traversal
date:2017-09-28,name:WordPress Content Audit 1.9.1 Cross Site Request Forgery \/ Cross Site Scripting
date:2017-09-28,name:WordPress Church SQL Injection
date:2017-09-23,name:WordPress Responsive Image Gallery 1.1.8 SQL Injection
date:2017-09-21,name:WordPress 2kb Amazon Affiliates Store 2.1.0 Cross Site Scripting
date:2017-09-09,name:WordPress SB Uploader 4.9 Arbitrary File Upload Vulnerability
date:2017-09-09,name:WordPress Training Membership 1.0.8 Cross Site Scripting
date:2017-09-08,name:Stanford University ( Longevity ) Wordpress Website BruteForce Attack
date:2017-09-07,name:Wordpress cool-flickr-sllugin Cross Site Scripting(xss)
date:2017-09-07,name:Wordpress Contact Form 7 International Sms Integration Plugin Cross Site Scripting
date:2017-09-05,name:WordPress Plugin Participants Database < 1.7.5.10 Cross-Site Scripting
date:2017-08-25,name:WordPress Plugins woocommerce-product-options - Arbitrary File Upload
date:2017-08-19,name:Wordpress MoneyTheme Themes XSS \/ Arbitrary File Upload
date:2017-08-18,name:WordPress share-on-diaspora Plugin Cross Site Scripting (XSS)
date:2017-08-13,name:WordPress FAdvertisement Plugin Sql Injection Vulnerability
date:2017-08-11,name:WordPress Easy Modal 2.0.17 SQL Injection
date:2017-08-11,name:WordPress PressForward 4.3.0 Cross Site Scripting
date:2017-08-11,name:WordPress Podlove Podcast Publisher 2.5.3 SQL Injection
date:2017-08-08,name:WordPress Plugin Easy Modal 2.0.17 SQL Injection
date:2017-08-06,name:WordPress GamePlan Event And Gym Fitness Theme 1.5.13.2 Cross Site Scripting
date:2017-08-01,name:WordPress Logosware Suite Uploader 1.1.6 File Upload
date:2017-07-31,name:WordPress Plugin Logosware Suite Uploader 1.1.6 Remote File Upload
date:2017-07-26,name:WordPress Ultimate Affiliate Pro 3.6 Cross Site Scripting
date:2017-07-26,name:WordPress FormCraft Form Builder 3.2.31 Cross Site Scripting
date:2017-07-21,name:WordPress Task Manager Pro 1.31 Cross Site Scripting
date:2017-07-11,name:Wordpress Plugin How-Interest Cross-Site Scripting
date:2017-06-28,name:WordPress Plugin Ultimate Product Catalogue 4.2.2 SQL Injection
date:2017-06-26,name:WordPress FormCraft Basic 1.0.5 SQL Injection
date:2017-06-21,name:WordPress Download Manager 2.9.46 \/ 2.9.51 Cross Site Scripting
date:2017-06-21,name:WordPress Photo Gallery 1.3.34 \/ 1.3.42 Path Traversal
date:2017-06-13,name:WordPress Plugins WP Checkout - Arbitrary File Upload
date:2017-06-13,name:WordPress Plugins Viral Optins - Arbitrary File Upload
date:2017-06-13,name:WordPress Themes Awake - Cross-Site Scripting
date:2017-06-08,name:WordPress Plugins console contact form - Arbitrary File Upload
date:2017-06-04,name:WordPress Plugins WP Job Manager Locations - Arbitrary File Upload
date:2017-06-03,name:WordPress No External Links 3.5.17 Cross Site Scripting
date:2017-06-03,name:WordPress Tribulant Newsletters 4.6.4.2 XSS \/ File Disclosure
date:2017-06-02,name:WordPress Plugins WP Job Manager - Arbitrary File Upload
date:2017-06-01,name:WordPress Themes U-design File Upload
date:2017-05-31,name:WordPress Simple Slanager 2.2 Cross Site Scripting
date:2017-05-29,name:WordPress Themes Purevision - Arbitrary File Upload
date:2017-05-28,name:WordPress AffiliateWP 2.0.8 Cross Site Scripting
date:2017-05-28,name:WordPress Social-Stream 1.6.0 Twitter API Secret Disclosure
date:2017-05-28,name:WordPress Huge-IT Very 2.0.4 SQL Injection
date:2017-05-28,name:WordPress All In One Schema.org Rich Snippets 1.4.1 XSS
date:2017-05-25,name:Wordpress plugins dopts upload File Vulnerability
date:2017-05-24,name:WordPress Newsletter Supsystic 1.1.7 Cross Site Scripting
date:2017-05-23,name:WordPress rehber Themes File Upload Vulnerability
date:2017-05-22,name:Wordpress plugins wp-mailinglist upload File Vulnerability | CSRF
date:2017-05-18,name:WordPress Revsloit and Mass Shell Upload
date:2017-05-17,name:WordPress EELV Newsletter 4.5 XSS \/ CSRF
date:2017-05-17,name:WordPress PHPMailer Host Header Command Injection
date:2017-05-14,name:Wordpress plugins wpdm-filemanager upload File Vulnerability
date:2017-05-10,name:WordPress Clean Login Cross Site Request Forgery
date:2017-05-10,name:Wordpress Plugin Organizer File 6.x Upload Vulnerability
date:2017-05-05,name:Wordpress Plugins Art Picture Shop File Upload Vulnerability
date:2017-05-05,name:WordPress Core 4.6 Unauthenticated Remote Code Execution Full Advisory
date:2017-05-04,name:WordPress FancyProductDesigner 3.4.2 Stored XSS
date:2017-05-04,name:Wordpress Theme Sehf File Upload Vulnerability | CSRF
date:2017-05-03,name:Wordpress Theme Ebs File Upload Vulnerability | CSRF
date:2017-05-03,name:WordPress 4.6 Unauthenticated Remote Code Execution (RCE) PoC Exploit
date:2017-04-27,name:WordPress Wow Forms 2.1 SQL Injection
date:2017-04-27,name:WordPress KittyCatfish 2.2 SQL Injection
date:2017-04-27,name:WordPress Wow Viral Signups 2.1 SQL Injection
date:2017-04-27,name:WordPress Car Rental System 2.5 SQL Injection
date:2017-04-23,name:Wordpress flash album gallery Plugins SQL Vulnerability.
date:2017-04-22,name:Wordpress newsletter Plugins SQL Vulnerability.
date:2017-04-21,name:WordPress Connection Information Cross Site Request Forgery
date:2017-04-19,name:Wordpress theme 'boldial' - Full Path Disclosure
date:2017-04-13,name:Wordpress pdfjs-viewer-shortcode Plugins Xss \/ Code Execution Vulnerability
date:2017-04-10,name:Wordpress webplayer Plugins SQL Injection Vulnerability
date:2017-04-09,name:Wordpress salient Themes SQL Injection Vulnerability
date:2017-04-08,name:WordPress Gravity Forms Plugin Exploit and File Upload
date:2017-04-05,name:Wordpress dreamwork_manage File Upload Vulnerability
date:2017-03-31,name:Wordpress wp-dreamworkgallery File Upload Vulnerability
date:2017-03-29,name:Wordpress plugins team-admin upload File Vulnerability
date:2017-03-28,name:Wordpress Themes betheme Sh3ll Upload Vulnerability | CSRF
date:2017-03-27,name:Wordpress Themes Multimedia1 Shell Upload Vulnerability | CSRF
date:2017-03-21,name:WordPress Multiple Plugin File Upload
date:2017-03-20,name:Wordpress plugin Sports Rankings and Lists directory
date:2017-03-17,name:WordPress Membership Simplified 1.58 Arbitrary File Download
date:2017-03-16,name:Wordpress Plugin Membership Simplified v1.58 - Arbitrary File Download
date:2017-03-15,name:Wordpress Themes Nunace Shell Upload Vulnerability | CSRF
date:2017-03-14,name:WordPress Print Money v4.91 Plugin Persistent Cross Site Scripting
date:2017-03-13,name:WordPress Chat-Room plugin v0.1.2 directory traversal\/arbitrary file write
date:2017-03-13,name:WordPress plugin Flash Rotator Gallery SQL injection
date:2017-03-11,name:Wordpress Themes Synoptic Shell Upload Vulnerability | CSRF
date:2017-03-10,name:WordPress PICA Photo Gallery 1.0 SQL Injection
date:2017-03-09,name:Unlock Wordpress Admin Login Disable Protection
date:2017-03-09,name:Wordpress Themes Qualifire File Upload Vulnerabilty CSRF
date:2017-03-07,name:WordPress 4.5.3 Audio Playlist Cross Site Scripting
date:2017-03-07,name:WordPress 4.5.3 Press This Function CSRF \/ Denial Of Service
date:2017-03-06,name:WordPress Multiple Plugins - Remote File Upload
date:2017-03-05,name:WordPress VaultPress 1.8.4 Remote Code Execution \/ Man-In-The-Mdate:2017-03-04,name:WordPress Username Enumeration
date:2017-03-03,name:WordPress Global Content Blocks 2.1.5 Cross Site Request Forgery
date:2017-03-03,name:WordPress Magic Fields 1 1.7.1 Cross Site Scripting
date:2017-03-03,name:WordPress Popup By Supsystic 1.7.6 Cross Site Request Forgery
date:2017-03-03,name:WordPress Download Manager 2.8.99 Cross Site Request Forgery
date:2017-03-03,name:WordPress Gwolle Guestbook 1.7.4 Cross Site Request Forgery
date:2017-03-03,name:WordPress Tribulant Slalleries 1.6.3 Cross Site Scripting
date:2017-03-03,name:WordPress Contact Form Manager CSRF \/ XSS
date:2017-03-03,name:WordPress Alpine PhotoTile For Instagram 1.2.7.7 XSS
date:2017-03-03,name:WordPress Atahualpa Theme Cross Site Request Forgery
date:2017-03-03,name:WordPress File Manager 3.0.1 Cross Site Request Forgery
date:2017-03-03,name:WordPress User Login Log 2.2.1 Cross Site Scripting
date:2017-03-03,name:WordPress Google Analytics Dashboard 2.1.1 Cross Site Scripting
date:2017-03-03,name:WordPress Atahualpa Theme Cross Site Scripting
date:2017-03-03,name:WordPress Contact Form 4.0.0 Cross Site Scripting
date:2017-03-03,name:WordPress Simple Ads Manager 2.9.8.125 PHP Object Injection
date:2017-03-03,name:WordPress NewStatPress 1.2.4 Cross Site Scripting
date:2017-03-03,name:WordPress Gwolle Guestbook 1.7.4 Cross Site Scripting
date:2017-03-03,name:WordPress Adminer 1.4.4 Interface Exposure
date:2017-02-28,name:WordPress Kama Click Counter 3.4.9 SQL Injection
date:2017-02-25,name:MyMag wordpress theme Unrestricted File Upload
date:2017-02-24,name:WordPress Mail Masta 1.0 SQL Injection
date:2017-02-17,name:WordPress Plugin Corner Ad 1.0.7 - Cross-Site Scripting
date:2017-02-15,name:WordPress Easy Table 1.6 Cross Site Scripting
date:2017-02-13,name:WordPress 4.7 \/ 4.7.1 Content Injection Gui Exploit
date:2017-02-13,name:Wordpress Themes dance studio 1.0.0 - Arbitrary Shell Upload vulnerbility
date:2017-02-12,name:WordPress 4.7.0\/4.7.1 Plugin Insert PHP - PHP Code Injection
date:2017-02-09,name:WordPress wp-json Content Injection
date:2017-02-02,name:WordPress 4.7.0 \/ 4.7.1 REST API Privilege Escalation
date:2017-02-02,name:WordPress 4.7.0\/4.7.1 Unauthenticated Content Injection
date:2017-01-30,name:WordPress FormBuilder 1.05 Cross Site Request Forgery
date:2017-01-27,name:WordPress InfiniteWP Client 1.5.1.3 \/ 1.6.0 PHP Object Injection
date:2017-01-26,name:CMS Commander Client WordPress Plugin unauthenticated PHP Object injection vulnerability
date:2017-01-26,name:Google Forms WordPress Plugin unauthenticated PHP Object injection vulnerability
date:2017-01-26,name:Wordpress >=4.7 User Enumeration Exploit
date:2017-01-18,name:WordPress WooCommerce Direct Download Local File Inclusion
date:2017-01-14,name:Wordpress cmw-speakers Plugin SQL injection Vulnerability
date:2017-01-11,name:WordPress WP Support Plus Responsive Ticket System 7.1.3 Privilege Escalation
date:2017-01-07,name:Wordpress Plugin slo Arbitrary File Upload
date:2017-01-05,name:WordPress Stop User Enumeration 1.3.4 User Enumeration
date:2016-12-31,name:WordPress Templatic 2.3.6 File Upload
date:2016-12-29,name:WordPress Simply Poll 1.4.1 SQL Injection
date:2016-12-28,name:WordPress Image Sl41 \/ 1.1.89 Arbitrary File Deletion
date:2016-12-23,name:WordPress Copy-Me 1.0.0 Cross Site Request Forgery
date:2016-12-20,name:WordPress Support Plus Responsive Ticket System 7.1.3 SQL Injection
date:2016-12-20,name:WordPress 404 1.0 SQL Injection
date:2016-12-20,name:WordPress Private Messages 1.0.1 SQL Injection
date:2016-12-17,name:WordPress Quiz And Survey Master 4.7.8 \/ 4.5.4 XSS \/ CSRF
date:2016-12-15,name:WordPress MailChimp 3.1.5 \/ 4.0.10 Cross Site Scripting
date:2016-12-13,name:WordPress Google Analytics Counter Tracker 3.1.5 PHP Object Injection
date:2016-12-12,name:WordPress Multisite Post Duplicator 0.9.5.1 Cross Site Request Forgery
date:2016-12-06,name:WordPress Single Personal Message 1.0.3 SQL Injection
date:2016-12-02,name:WordPress WP Vault 0.8.6.6 Local File Inclusion
date:2016-11-30,name:WordPress Insert Html Snippet 1.2 Cross Site Request Forgery
date:2016-11-29,name:WordPress Olimometer 2.56 SQL Injection
date:2016-11-28,name:WordPress Image Gallery 1.9.65 Cross Site Scripting
date:2016-11-26,name:Wordpress Twentyfourteen Theme (Default Theme) Full Path Disclosure
date:2016-11-22,name:WordPress Canvas - Shortcodes 1.92 Cross Site Scripting
date:2016-11-22,name:WordPress Easy Facebook Like Box 4.3.0 CSRF \/ XSS
date:2016-11-22,name:WordPress Check Email 0.3 Cross Site Scripting
date:2016-11-22,name:WordPress Instagram Feed 1.4.6.2 Cross Site Scripting \/ Cross Site Request Forgery
date:2016-11-22,name:WordPress MailChimp 4.0.7 Cross Site Request Forgery \/ Cross Site Scripting
date:2016-11-22,name:Wordpress FancyBox For Wordpress Plugin Full Path Disclosure
date:2016-11-20,name:WordPress Plugin MailChimp 4.0.7 - Cross-Site Request Forgery \/ XSS
date:2016-11-20,name:WordPress Plugin Easy Facebook Like Box 4.3.0- Cross-Site Request Forgery \/ XSS
date:2016-11-19,name:Wordpress Plugin N-Media 1.4 Arbitrary File Download Vulnerability
date:2016-11-19,name:Wordpress ThemeRush Theme Cross Site Scripting
date:2016-11-18,name:WordPress Answer My Question 1.3 SQL Injection
date:2016-11-18,name:WordPress Sirv 1.3.1 SQL Injection
date:2016-11-17,name:WordPress All In One WP Security And Firewall 4.1.9 Cross Site Scripting
date:2016-11-12,name:WordPress Google Maps 6.3.14 Cross Site Request Forgery
date:2016-11-12,name:WordPress W3 Total Cache 0.9.4.1 Cross Site Scripting
date:2016-11-12,name:WordPress W3 Total Cache 0.9.4.1 Race Condition
date:2016-11-12,name:WordPress W3 Total Cache Amazon SNS Push Messages Weak Valdate:2016-11-09,name:WordPress XCloner 3.1.5 Denial Of Service \/ Code Execution
date:2016-11-09,name:WordPress Calendar 1.3.7 Cross Site Scripting
date:2016-11-09,name:WordPress 404 To 301 2.2.8 Cross Site Scripting
date:2016-10-20,name:Wordpress Userpro Remote File Upload
date:2016-10-14,name:WordPress Newsletter 4.6.0 Cross Site Request Forgery \/ Cross Site Scripting
date:2016-10-01,name:WordPress Plugin KBoard - Cross Site Scripting
date:2016-10-01,name:WordPress Plugin KBoard 2.7 - SQL Injection
date:2016-09-22,name:Wordpress W3 Total Cache < = 0.9.4.1 XSS
date:2016-09-20,name:WordPress Neosense Theme 1.7 Shell Upload
date:2016-09-17,name:Wordpress pulgin bordeaux theme upload shell Vulnerability
date:2016-09-11,name:WordPress InfiniteWP Admin Panel 2.8.0 Authorization Bypass
date:2016-09-11,name:WordPress InfiniteWP Admin Panel 2.8.0 Command Injection
date:2016-09-11,name:WordPress Woocommerce 2.6.2 API Cross Site Scripting
date:2016-09-11,name:WordPress MailPoet Newsletters 2.7.2 Cross Site Scripting
date:2016-09-11,name:Image Export WordPress Plugin - Local File Disclosure
date:2016-09-11,name:Meteogalicia Wordpress Wocal File Disclosure
date:2016-09-09,name:WordPress 4.5.3 Cross Site Scripting
date:2016-09-08,name:WordPress Theme cubed_v1.2 CSRF File Upload Vulnerability
date:2016-09-06,name:WordPress RB Agency Plugin 2.4.7 - Local File Disclosure
date:2016-08-29,name:Wordpress Themes Arbitrary File Download timthumb-config.php Vulnerability
date:2016-08-23,name:Wordpress Multi Themes Arbitrary File Download Vulnerability
date:2016-08-22,name:WordPress 4.5.3 Core Ajax Handlers Path Traversal
date:2016-08-16,name:Wordpress Tevolution Plugin 2.3.1 Arbitrary Shell Upload Vulnerability
date:2016-08-16,name:Wordpress Theme Directory Arbitrary Shell Upload Vulnerability
date:2016-08-16,name:WordPress Ajax Load More 2.11.1 Local File Inclusion
date:2016-08-16,name:WordPress Photo Gallery 1.8.5 Cross Site Scripting
date:2016-08-16,name:WordPress Link Library 5.9.12.29 Cross Site Scripting
date:2016-08-16,name:WordPress Email Users 4.8.3 Cross Site Request Forgery
date:2016-08-16,name:WordPress Google Maps 2.1.2 Cross Site Scripting
date:2016-08-16,name:WordPress Photo Gallery 1.8.5 Cross Site Request Forgery
date:2016-08-16,name:WordPress Peters Login Redirect 2.9.0 XSS \/ CSRF
date:2016-08-10,name:WordPress Add From Server 6.2 Cross Site Request Forgery
date:2016-08-08,name:Wordpress force download Arbitrary File Download
date:2016-08-07,name:WordPress Selected Text Sharer 1.0 CSRF \/ XSS
date:2016-08-07,name:WordPress Welcome Announcement 1.0.5 Cross Site Scripting
date:2016-08-07,name:WordPress Store Locator Plus 4.5.09 Cross Site Scripting
date:2016-08-07,name:WordPress Ecwrce Shopping Cart 4.4 \/ 4.4.3 PHP Object Injection
date:2016-08-06,name:WordPress Activity Log 2.3.2 Cross Site Scripting
date:2016-08-06,name:WordPress Landing Pages 2.2.4 Cross Site Scripting
date:2016-08-06,name:WordPress Yoast SEO Cross Site Scripting
date:2016-08-03,name:WordPress Uji Countdown 2.0.6 Cross Site Scripting
date:2016-08-02,name:WordPress ALO EasyMail Newsletter Plugin 2.9.2 CSRF
date:2016-08-02,name:WordPress Booking Calendar Plugin 6.2 - SQL Injection
date:2016-07-31,name:Insert PHP WordPress Plugin allows authenticated user to execute arbitrary PHP
date:2016-07-31,name:Easy Testimonials WordPress Plugin Stored Cross-Site Scripting
date:2016-07-29,name:WordPress Ultimate Product Catalog 3.9.8 SQL Injection
date:2016-07-27,name:WordPress ColorWay 3.4.1 Cross Site Scripting
date:2016-07-26,name:WordPress Code Snippets 2.6.1 Cross Site Scripting
date:2016-07-26,name:WordPress Contact Form To Email 1.1.47 Cross Site Scripting
date:2016-07-22,name:WordPress WooCommerce 2.6.2 Cross Site Scripting
date:2016-07-22,name:WordPress Paships Pro 1.8.9.3 Cross Site Scripting
date:2016-07-20,name:WordPress Icegram 1.9.18 Cross Site Request Forgery
date:2016-07-20,name:WordPress Ninja Forms 2.9.51 Cross Site Scripting
date:2016-07-20,name:WordPress Ver 1.5.16 SQL Injection
date:2016-07-14,name:WordPress WP No External Links 3.5.15 Cross Site Scripting
date:2016-07-14,name:WordPress Top 10 Popular Posts 2.3.0 Cross Site Scripting
date:2016-07-14,name:WordPress Simple Membership 3.2.8 Cross Site Scripting
date:2016-07-14,name:WordPress Google Forms 0.84 Cross Site Scripting
date:2016-07-13,name:WordPress Easy Forms For MailChimp 6.0.5.5 Local File Inclusion
date:2016-07-13,name:WordPress WP Fastest Cache 0.8.5.9 Local File Inclusion
date:2016-07-13,name:WordPress Email Users 4.8.2 Cross Site Scripting
date:2016-07-13,name:WordPress Master Sl1 Cross Site Scripting
date:2016-07-13,name:WordPress Profile Builder 2.4.0 Cross Site Scripting
date:2016-07-12,name:Wordpress WP Job Manager 1.25 Arbitrary File Upload Vulnerability
date:2016-07-12,name:WordPress Ultimate Member 1.3.64 Local File Inclusion
date:2016-07-12,name:WordPress Live Chat Support 6.2.00 Cross Site Scripting
date:2016-07-12,name:WordPress Activity Log 2.3.1 Persistent Cross Site Scripting
date:2016-07-10,name:WordPress All in One SEO Pack Plugin Persistent Cross-Site Scripting
date:2016-07-09,name:WordPress Lazy Content SlCross Site Request Forgery
date:2016-07-06,name:WordPress CodeCanyon Real3D FlipBook 2.18.8 File Deletion \/ Upload \/ XSS
date:2016-06-30,name:WordPress Ultimate Membership Pro 3.3 SQL Injection
date:2016-06-24,name:WordPress Ultimate Product Catalog 3.8.6 Shell Upload
date:2016-06-23,name:WordPress Contus Vents 1.0 File Upload
date:2016-06-21,name:WordPress Premium SEO Pack 1.9.1.3 wp_options Overwrite
date:2016-06-18,name:WordPress Ultimate Product Catalog 3.8.1 Privilege Escalation
date:2016-06-18,name:WordPress Gravity Forms 1.8.19 Shell Upload
date:2016-06-16,name:WordPress Social Stream 1.5.15 wp_options Overwrite
date:2016-06-08,name:Wordpress Levo-Sl2.3 - Persistent Vulnerability
date:2016-06-08,name:Wordpress Levo-Sl.3 - Arbitrary File Upload Vulnerability
date:2016-06-08,name:WordPress ADS PRO 2.9.22 \u2013 Multi-Purpose Ad Manager Exploit
date:2016-06-08,name:\tWordPress UserPro 2.62 \u2013 User Profiles with Social Login Exploit
date:2016-06-08,name:WordPress Br3 Theme Exploit
date:2016-06-06,name:Levo Sl.3 Stored XSS Wordpress Plugin *youtube
date:2016-06-06,name:Wordpress Levo-Sl.3 Shell Upload by Unprivileged user
date:2016-06-05,name:WordPress Realia 0.8.5 Cross Site Scripting
date:2016-06-05,name:WordPress WP Mobile Detector 3.5 Shell Upload *youtube
date:2016-05-27,name:WordPress Ninja Forms Unauthenticated File Upload
date:2016-05-21,name:WordPress Brafton 3.3.10 Cross Site Scripting
date:2016-05-20,name:Vulnerabilitie XSS in brafton WordPress Plugin
date:2016-05-16,name:Wordpress Easyrotator Plugin File Manipulation Vulnerability
date:2016-05-02,name:WordPress Export to Ghost Unrestricted Export Download
date:2016-04-30,name:WordPress Truemag Theme Cross Site Scripting
date:2016-04-22,name:WordPress iThemes Security Insecure Backup \/ Logfile Generation
date:2016-04-19,name:WordPress Kento Post View Counter Plugin 2.8 - CSRF\/XSS
date:2016-04-19,name:WordPress leenk.me Plugin 2.5.0 - CSRF\/XSS
date:2016-04-18,name:Wordpress Plugins jQuery Html5 File Upload
date:2016-04-17,name:Wordpress Plugin Mega stor - Local File Inclusion
date:2016-04-13,name:WordPress Robo Gallery 2.0.14 Code Execution
date:2016-04-11,name:Wordpress Product Options for WooCommerce Plugin File Upload
date:2016-04-10,name:WordPress Multiple Meta Box 1.0 SQL Injection
date:2016-04-04,name:WordPress Memphis Document Library Plugin 3.1.5 Path Disclosure
date:2016-04-04,name:Wordpress Plugin HB Audio Gallery Lite - Arbitrary File Download
date:2016-03-28,name:WordPress Music Store 1.0.41 Cross Site Scripting
date:2016-03-28,name:WordPress Claptastic Clap! Button 1.3 Cross Site Scripting
date:2016-03-28,name:WordPress CloudFlare 1.3.20 Cross Site Scripting
date:2016-03-28,name:WordPress IMDb Profile W.8 Local File Inclusion
date:2016-03-28,name:WordPress Visual Form Builder 2.8.6 Cross Site Scripting
date:2016-03-28,name:WordPress Photocart Link 1.6 Local File Inclusion
date:2016-03-26,name:WordPress WP External Links 1.80 Cross Site Scripting
date:2016-03-24,name:WordPress Issuu Panel 1.6 Remote \/ Local File Inclusion
date:2016-03-24,name:WordPress Facebook With Login 1.0 Cross Site Scripting \/ SQL Injection
date:2016-03-23,name:WordPress Memphis Document Library 3.1.5 Arbitrary File Download
date:2016-03-23,name:WordPress HB Audio Gallery Lite 1.0.0 Arbitrary File Download
date:2016-03-23,name:WordPress Dharma Booking 2.28.3 Remote \/ Local File Inclusion
date:2016-03-23,name:WordPress Brandfolder 3.0 Remote \/ Local File Inclusion
date:2016-03-22,name:WordPress eBook Download 1.1 Directory Traversal
date:2016-03-22,name:WordPress Import CSV 1.1 Directory Traversal
date:2016-03-22,name:WordPress Abtest Local File Inclusion
date:2016-03-16,name:WordPress Bulletproof 0.53.2 Cross Site Scripting
date:2016-03-12,name:WordPress Email Encoder Bundle 1.4.3 - Stored Cross Site Scripting
date:2016-03-12,name:WordPress WP Mailto Links 2.0.1 - Stored Cross Site Scripting
date:2016-03-09,name:Wordpress ProjectTheme Multiple Vulnerabilities
date:2016-03-08,name:WordPress SP Projects And Document Manager 2.5.9.6 XSS \/ SQL Injection
date:2016-03-04,name:WordPress Bulk Delete 5.5.3 Privilege Escalation
date:2016-03-03,name:WordPress CP Polls 1.0.8 Cross Site Request Forgery \/ Cross Site Scripting
date:2016-03-03,name:WordPress CP Polls 1.0.8 File Upload \/ Cross Site Scripting
date:2016-03-03,name:WordPress CP Polls 1.0.8 Malicious File Download
date:2016-03-02,name:WordPress GravityForms 1.9.15.11 Cross Site Scripting
date:2016-03-01,name:WordPress More Fields 2.1 Cross Site Request Forgery
date:2016-02-28,name:Wordpress Goodnews Themes Reflected Cross Site Scripting
date:2016-02-26,name:Wordpress Ocim MP3 Plugin SQL Injection Vulnerability
date:2016-02-25,name:WordPress Extra User Details Plugin 0.4.2 - Privilege Escalation
date:2016-02-25,name:WordPress User Submitted Posts 20151113 Cross Site Scripting
date:2016-02-15,name:Wordpress Formcraft Plugin File Upload Vulnerability
date:2016-02-12,name:WordPress Duplicator 1.1.0 \/ 1.2.0 Cross Site Request Forgery
date:2016-02-10,name:WordPress WooCommerce 1.5.5 Privilege Escalation
date:2016-02-09,name:WordPress 4.4.2 SSRF and open redirect vulnerability
date:2016-02-08,name:WordPress User Meta Manager 3.4.6 Privilege Escalation
date:2016-02-08,name:Wordpress clikstats plugin Open Redirect
date:2016-02-08,name:Wordpress Newsletter Pro Plugin Open Redirect
date:2016-02-08,name:Wordpress Smallbiz Themes Remote File Uploads Vulnerability
date:2016-02-07,name:WordPress Instagram 1.1.0 Cross Site Scripting
date:2016-02-06,name:WordPress User Meta Manager Plugin [Blind SQLI]
date:2016-02-04,name:WordPress Instagram Plugin 1.1.0 Cross Site Scripting
date:2016-02-01,name:WordPress Comment Rating 1.5.0 Cross Site Scripting
date:2016-01-31,name:Wordpress Download Manager 2.3.0 XSS
date:2016-01-31,name:Wordpress simple add pages or posts CSRF Vulnerability
date:2016-01-29,name:WordPress Appointment Booking Calendar 1.1.24 SQL Injection
date:2016-01-29,name:WordPress Appointment Booking Calendar 1.1.24 Escalation \/ XSS
date:2016-01-27,name:WordPress Easy Gallery 4.1.4 Cross Site Scripting
date:2016-01-26,name:WordPress Appointment Booking Calendar 1.1.23 SQL Injection
date:2016-01-20,name:WordPress Extredj Open Redirection
date:2016-01-15,name:Wordpress Tubepress Plugin v 2 Cross Site Scripting
date:2016-01-14,name:WordPress Commentator 2.5.2 Cross Site Scripting
date:2016-01-14,name:WordPress No External Links 2.6.3 \/ 2.7.1 Open Redirect
date:2016-01-14,name:WordPress Tubepress 2 Cross Site Scripting
date:2016-01-12,name:WordPress JS External Link Info 1.21 Open Redirect
date:2016-01-09,name:WordPress Symposium Pro Social 15.12 XSS \/ CSRF
date:2016-01-09,name:Wordpress AzonPop Plugin SQL Injection
date:2016-01-09,name:Wordpress Feed Statistics Plugin V 1.4.3 Open Redirect
date:2016-01-08,name:WordPress Stanford Theme Cross Site Scripting
date:2015-12-23,name:WordPress Content Text Slost 6.8 Cross Site Scripting
date:2015-12-21,name:WordPress woocommerce plugin v2.4.12 PHP Code Injection Vulnerability
date:2015-12-21,name:Wordpress Gallery Master Persistent XSS Vulnerability
date:2015-12-18,name:WordPress Google Adsense 1.29 Cross Site Scripting
date:2015-12-18,name:WordPress Quotes And Tips 1.19 Cross Site Scripting
date:2015-12-18,name:WordPress PDF And Print 1.7.4 Cross Site Scripting
date:2015-12-18,name:WordPress Portfolio 2.27 Cross Site Scripting
date:2015-12-18,name:WordPress Relevant Related Posts 1.0.7 Cross Site Scripting
date:2015-12-18,name:WordPress User Role 1.4.1 Cross Site Scripting
date:2015-12-18,name:WordPress Twitter 2.37 Cross Site Scripting
date:2015-12-18,name:WordPress Social Essentials Social Stats And Sharing Buttons 1.3.1 XSS
date:2015-12-18,name:WordPress Limit Attempts 1.0.3 Cross Site Request Forgery
date:2015-12-18,name:WordPress Limit Attempts 1.0.3 Cross Site Scripting
date:2015-12-18,name:WordPress Sender 0.7 Cross Site Request Forgery
date:2015-12-18,name:WordPress Sender 0.7 Cross Site Scripting
date:2015-12-17,name:WordPress Google Captcha 1.05 Cross Site Scripting
date:2015-12-17,name:WordPress Simple Booking Calendar 1.3 Cross Site Request Forgery
date:2015-12-17,name:WordPress Symposium 14.05.02 Cross Site Scripting
date:2015-12-17,name:WordPress Google +1 1.1.6 Cross Site Scripting
date:2015-12-17,name:WordPress Facebook Like Button 2.32 Cross Site Scripting
date:2015-12-17,name:WordPress Contact Form To DB 1.4.0 Cross Site Scripting
date:2015-12-17,name:WordPress Google Sitemap 2.9.1 Cross Site Scripting
date:2015-12-17,name:WordPress Donate 2.0.1 Cross Site Scripting
date:2015-12-17,name:WordPress Symposium 14.05.02 Cross Site Request Forgery
date:2015-12-17,name:WordPress Captcha 4.0.2 Cross Site Scripting
date:2015-12-17,name:WordPress Contact Form 3.81 Cross Site Scripting
date:2015-12-17,name:WordPress NextGEN Gallery 2.0.66.16 Cross Site Scripting
date:2015-12-17,name:WordPress Gallery 4.2.1 Cross Site Scripting
date:2015-12-17,name:WordPress Htaccess 1.4 Cross Site Scripting
date:2015-12-17,name:WordPress BestWebSoft Google Maps 1.2.1 Cross Site Scripting
date:2015-12-17,name:WordPress Email Queue 1.0.0 Cross Site Request Forgery
date:2015-12-17,name:WordPress Job Board 1.0.0 Cross Site Scripting
date:2015-12-17,name:Wordpress Begin Themes Open Redirect Vulnerability
date:2015-12-16,name:WordPress Tierra Billboard Manager 1.14 SQL Injection
date:2015-12-15,name:WordPress Admin Management Xtended 2.4.0 Privilege Escalation
date:2015-12-15,name:Wordpress Plugin Tierra Billboard Manager SQL Injection Vulnerability
date:2015-12-14,name:Wordpress Ad King Pro Stored XSS Vulnerability
date:2015-12-12,name:WordPress 4.4 User Enumeration
date:2015-12-11,name:WordPress S3 Vte Shell Upload
date:2015-12-10,name:Wordpress agp font awesome collection Stored XSS
date:2015-12-08,name:WordPress Poll W.7 SQL Injection
date:2015-12-08,name:WordPress Squirrel Theme 1.6.4 Remote File Inclusion
date:2015-12-08,name:Wordpress Content text slost Stored XSS
date:2015-12-06,name:WordPress TheCartPress 1.4.7 Code Execution \/ Local File Disclosure
date:2015-12-05,name:WordPress Advanced Uploader 2.10 Shell Upload
date:2015-12-05,name:Wordpress "Js Support Ticket" File Upload Bypass Extensions
date:2015-12-04,name:WordPress Cool Very 1.9 Command Injection
date:2015-12-03,name:WordPress Gwolle Guestbook 1.5.3 Remote File Inclusion
date:2015-12-03,name:WordPress Role Scoper 1.3.66 Cross Site Scripting
date:2015-12-03,name:WordPress Calls To Action 2.4.3 Cross Site Scripting
date:2015-12-03,name:WordPress Ultimate Member 1.3.28 Cross Site Scripting
date:2015-12-03,name:WordPress Users Ultra 1.5.50 SQL Injection
date:2015-12-03,name:WordPress Users Ultra 1.5.50 Cross Site Scripting
date:2015-11-29,name:WordPress Auto-ThickBox-Plus XSS Vulnerability
date:2015-11-29,name:WordPress theme parallelus-salutation Arbitrary File Download Vulnerability
date:2015-11-21,name:WordPress Category and Page Icons File Upload
date:2015-11-19,name:Wordpress ajax-load-more Authenticated Arbitrary2.8.2 File Upload Vulnerability
date:2015-11-18,name:WordPress Users Ultra 1.5.50 Unrestricted File Upload
date:2015-11-14,name:WordPress i1.wp.com Functionality Abuse
date:2015-11-10,name:WordPress Ajax Load More PHP Upload
date:2015-11-06,name:WordPress Neuvoo-Jobroll 2.0 Cross Site Scripting
date:2015-11-06,name:Wordpress Plugin easy-comment-uploads File Upload Vulendrability
date:2015-10-19,name:WordPress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability
date:2015-10-19,name:WordPress Events Made Easy 1.5.49 CSRF \/ XSS
date:2015-10-16,name:WordPress HUGE IT Very 1.3.6 CSRF Vulnerability
date:2015-10-13,name:WordPress Pie Register 2.0.18 SQL Injection
date:2015-10-13,name:WordPress Pie Register 2.0.18 Cross Site Scripting
date:2015-10-13,name:WordPress Font 7.5 Path Traversal
date:2015-10-08,name:WordPress Support Ticket System 1.2 SQL Injection
date:2015-10-07,name:WordPress U-Design Theme 2.7.9 Cross Site Scripting
date:2015-10-06,name:WordPress ResAds 1.0.1 Cross Site Scripting
date:2015-10-06,name:WordPress Easy2Map 1.2.9 Cross Site Scripting
date:2015-10-06,name:WordPress Payment Form For PayPal Pro 1.0.1 XSS
date:2015-10-06,name:WordPress Easy2Map 1.2.9 Local File Inclusion \/ Directory Traversal
date:2015-09-30,name:WordPress mTheme-Unus Local File Inclusion
date:2015-09-30,name:Wordpress Better-wp-security Plugin Remote Code Execution
date:2015-09-29,name:WordPress Appointment Booking Calendar 1.1.7 SQL Injection
date:2015-09-29,name:Wordpress popup-maker Stored XSS
date:2015-09-26,name:Wordpress wordpress-popup Reflected XSS
date:2015-09-24,name:Wordpress wp-downloadmanager stored XSS
date:2015-09-20,name:WordPress Vertical Image SlCSRF \/ XSS
date:2015-09-15,name:Wordpress Wpages Light XSS
date:2015-09-15,name:Wordpress GigPress XSS
date:2015-09-14,name:Wordpress ver stored XSS
date:2015-09-14,name:Wordpress Ver Stored XSS\/CSRF
date:2015-09-14,name:Wordpress plugin Ultimate Addons Cross Site Scripting
date:2015-09-14,name:Wordpress KVS Player Stored XSS\/CSRF
date:2015-09-10,name:Wordpress Crash Ultimate Addons for Visual Composer vulnerability
date:2015-09-06,name:WordPress eShop Plugin Reflected XSS
date:2015-09-06,name:Wordpress Easy Media Gallery Stored XSS
date:2015-09-03,name:WordPress WP Symposium Plugin Cross Site Scripting
date:2015-09-01,name:WordPress Testimonial Sl1 Cross Site Scripting
date:2015-09-01,name:WordPress sourceAFRICA 0.1.3 Cross Site Scripting
date:2015-08-30,name:WordPress Captain Sl6 Cross Site Scripting
date:2015-08-28,name:Wordpress Responsive Thumbnail Sled XSS
date:2015-08-28,name:NextGen Gallery WordPress Plugin LFI\/Path Traversal
date:2015-08-28,name:WordPress Navis DocumentCloud 0.1 Cross Site Scripting
date:2015-08-28,name:WordPress Private Only 3.5.1 CSRF \/ Cross Site Scripting
date:2015-08-28,name:WordPress Responsive Thumbnail SlShell Upload
date:2015-08-27,name:WordPress YouTube Embed 3.3.2 Cross Site Scripting
date:2015-08-26,name:WordPress Car Rental System SQL Injection
date:2015-08-25,name:Wordpress theme Doraa XSS Vulnerability
date:2015-08-25,name:Wordpress theme Dosimple XSS Vulnerability
date:2015-08-24,name:WordPress Googmonify 0.8.1 Cross Site Request Forgery \/ Cross Site Scripting
date:2015-08-21,name:Wordpress Amazonify Plug-in XSS\/CSRF
date:2015-08-20,name:Wordpress WP Fade in Text News Plugin Cross Site Scripting
date:2015-08-19,name:Wordpress Tag Miner Cross Site Request Forgery
date:2015-08-19,name:Wordpress Maintenance Mode Cross Site Scripting
date:2015-08-19,name:Wordpress 1.5.8 Simple PopUp Plugin Cross Site Scripting
date:2015-08-19,name:Wordpress WP Slin Cross Site Scripting
date:2015-08-18,name:Dorks Multiple Wordpress passwords disclosure
date:2015-08-17,name:Wordpress Tag Miner Cross Site Scripting
date:2015-08-13,name:WordPress OAuth2 Complete 3.1.3 Insecure Random
date:2015-08-09,name:WordPress 3.8.1 \/ 3.8.2 \/ 4.2.2 Cross Site Request Forgery
date:2015-08-08,name:Wordpress Avenir-Soft Direct Download Plug-in XSS\/CSRF
date:2015-08-08,name:WordPress 4.2.3 and earlier SQL Injection Vulnerability
date:2015-08-04,name:WordPress Altos Connect W.0 Cross Site Scripting
date:2015-08-04,name:WordPress Admin Pack By Site Caseiro 1.1 Cross Site Scripting
date:2015-08-04,name:WordPress Database Sync 0.4 Cross Site Scripting
date:2015-08-04,name:WordPress Ninja Forms 2.9.21 Cross Site Scripting
date:2015-08-03,name:WordPress Advance Categorizer 0.3 Cross Site Scripting
date:2015-08-03,name:WordPress 1-Click Retweet\/Share\/Like 5.2 Cross Site Scripting
date:2015-08-03,name:WordPress Chief Editor 3.6.1 Cross Site Scripting
date:2015-08-03,name:WordPress Advertisement Management 1.0 Cross Site Scripting
date:2015-08-03,name:WordPress Customize Youtube V Cross Site Scripting
date:2015-08-03,name:WordPress Copy Or Move Comments 1.0.0 Cross Site Scripting
date:2015-08-03,name:WordPress F\/T\/G Social W3.7 Cross Site Scripting
date:2015-07-29,name:WordPress Flickr Justified Gallery 3.3.6 Cross Site Scripting
date:2015-07-29,name:XSS vulnerability in Wordpress plugin The Holndar
date:2015-07-28,name:WordPress Unite Gallery Lite 1.4.6 CSRF \/ SQL Injection
date:2015-07-28,name:WordPress Music Store 1.0.14 Open Redirect
date:2015-07-27,name:Unite Gallery Lite Wordpress Plugin v1.4.6 Cross-Site Request Forgery & SQL Injection
date:2015-07-25,name:Open Redirect Vulnerability in Music Store Wordpress Plugin v1.0.14
date:2015-07-25,name:Cross-Site Request Forgery & SQL Injection Vulnerabilities in Unite Gallery Lite Wordpress Plugi
date:2015-07-23,name:WordPress Paships Pro 1.8.4.2 Cross Site Scripting
date:2015-07-22,name:WordPress Portfolio 1.0 Cross Site Request Forgery
date:2015-07-21,name:WordPress Mailcwp 1.99 Shell Upload
date:2015-07-17,name:WordPress WP Attachment Export 0.2.3 Arbitrary File Download
date:2015-07-17,name:WordPress BuddyPress Activity Plus 1.5 CSRF \/ File Deletion
date:2015-07-17,name:WordPress Subscribe To Comments 2.1.2 LFI \/ Code Execution
date:2015-07-16,name:Wordpress ibs-mappro Plugin Arbitrary File Download Vulnerability
date:2015-07-15,name:WordPress Plotly 1.0.2 Cross Site Scripting
date:2015-07-15,name:WordPress Image Export 1.1 Arbitrary File Download
date:2015-07-13,name:WordPress CP Contact Form With Paypal 1.1.5 CSRF \/ XSS \/ SQL Injection
date:2015-07-13,name:WordPress GD bbPress Attachments 2.1 Cross Site Scripting
date:2015-07-13,name:WordPress GD bbPress Attachments 2.1 Local File Inclusion
date:2015-07-13,name:WordPress WP-SwimTeam 1.44.10777 Arbitrary File Download
date:2015-07-08,name:WordPress MDC-Youtube-Downloader 2.1.0 File Disclosure
date:2015-07-08,name:WordPress WP-Ecommerce-Shop-Styling 2.5 File Download
date:2015-07-07,name:WordPress easy2map 1.24 SQL Injection
date:2015-06-27,name:WordPress WP-Instance-Rename 1.0 File Download
date:2015-06-25,name:WordPress Nextend Twitter Connect 1.5.1 Cross Site Scripting
date:2015-06-25,name:Wordpress huge-it-sl5 & Persistent JS-HTML Code injection
date:2015-06-24,name:WordPress Nextend Facebook Connect 1.5.4 Cross Site Scripting
date:2015-06-24,name:WordPress Revsltrary File Upload, Download & Cross Site Scripting
date:2015-06-24,name:WordPress Google Analyticator 6.4.9.3 CSRF
date:2015-06-19,name:WordPress Revsl2 XSS \/ Information Disclosure
date:2015-06-16,name:WordPress Yoast 2.1.1 Cross Site Scripting
date:2015-06-16,name:WordPress Users To CSV 1.4.5 Cross Site Request Forgery
date:2015-06-15,name:Yoast Wordpress SEO Plugin <= 2.1.1 Stored Authenticated XSS
date:2015-06-11,name:WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta Shell Upload
date:2015-06-11,name:Wordpress History Collection <=1.1.1 Arbitraty File Download
date:2015-06-09,name:Wordpress Plugin 'WP Mobile Edition' LFI Vulnerability
date:2015-06-06,name:Xloner v3.1.2 wordpress plugin authenticated command execution and XSS
date:2015-06-05,name:WordPress zM Ajax Login & Register Plugin 1.0.9 Local File Inclusion
date:2015-06-02,name:WordPress UserPro 2.33 Cross Site Scripting
date:2015-05-27,name:WordPress Church Admin 0.800 Cross Site Scripting
date:2015-05-27,name:WordPress MailChimp Subscribe Forms 1.1 Remote Code Execution
date:2015-05-27,name:WordPress Estrutura-Basica File Disclosure
date:2015-05-26,name:WordPress plugin "GigPress" SQLi vulnerabilities
date:2015-05-26,name:Wordpress church_admin Stored XSS
date:2015-05-26,name:WordPress plugin "WordPress Landing Pages" Multiple vulnerabilities
date:2015-05-26,name:WordPress plugin "NewStatPress" Multiple vulnerabilities
date:2015-05-23,name:WordPress Very 2.8 Unprotected Mail Page *youtube
date:2015-05-22,name:WordPress WP Photo Album Plus 6.1.2 Cross Site Scripting
date:2015-05-21,name:WordPress FeedWordPress Plugin 2015.0426 SQL Injection
date:2015-05-21,name:WordPress WP Membership Plugin 1.2.3 Multiple Vulnerabilities
date:2015-05-19,name:WordPress Simple Backup Plugin Arbitrary Download
date:2015-05-18,name:WordPress 'WP Security Scan(Acunetix)' Exposure Backup File Unauthorized Control
date:2015-05-18,name:WordPress 'ALL Themes' Developed By "ThemeMakers" File Information Exposure
date:2015-05-18,name:WordPress 'Snapshot Pro' Plugin Exposure Backup File to Unauthorized Control
date:2015-05-18,name:WordPress 'WP Backup Plus' Plugin Exposure Backup File to Unauthorized Control
date:2015-05-18,name:WordPress 'BackupBuddy' Plugin Exposure Backup File to Unauthorized Control
date:2015-05-14,name:WordPress Contact Form To Email Plugin CSRF \/ XSS
date:2015-05-11,name:WordPress Yet Another Related Posts 4.2.4 CSRF \/ XSS \/ Code Execution
date:2015-05-08,name:WordPress Ultimate Profile Builder 2.3.3 CSRF \/ Cross Site Scripting
date:2015-05-08,name:WordPress ClickBank Ads 1.7 CSRF \/ Cross Site Scripting
date:2015-05-08,name:WordPress RevSl95 File Upload \/ Execute
date:2015-05-08,name:WordPress Ad Buttons 2.3.1 CSRF \/ Cross Site Scripting
date:2015-05-08,name:WordPress Twenty Fifteen 4.2.1 Cross Site Scripting
date:2015-05-07,name:Wordpress Freshmail Unauthenticated SQL Injection
date:2015-05-07,name:WordPress Embed-Articles 7.0.3 XSRF \/ XSS
date:2015-05-07,name:WordPress Ad Inserter 1.5.2 XSRF \/ XSS
date:2015-05-06,name:WordPress 4.2.1 XSS \/ Code Execution
date:2015-05-06,name:WordPress eShop 6.3.11 Code Execution
date:2015-05-05,name:WordPress Ultimate Product Catalogue 3.1.2 XSS \/ CSRF \/ File Upload
date:2015-04-29,name:TheCartPress WordPress plugin 1.3.9 Multiple Vulns
date:2015-04-28,name:WordPress Exquisite Ultimate Newspaper 1.3.3 Cross Site Scripting
date:2015-04-28,name:WordPress WooCommerce Amazon Affiliates 7.0 Shell Upload \/ File Disclosure
date:2015-04-28,name:WordPress Premium SEO Pack 1.8.0 Shell Upload \/ File Disclosure
date:2015-04-27,name:WordPress 4.2 Stored XSS
date:2015-04-27,name:WordPress WPshop eCommerce 1.3.9.5 Shell Upload
date:2015-04-27,name:WordPress InBoundio Marketing 2.0 Shell Upload
date:2015-04-27,name:WordPress Ultimate Product Catalogue 3.1.4 Vulnerability
date:2015-04-22,name:WordPress Yoast Google Analytics Cross Site Scripting
date:2015-04-22,name:WordPress Add Link To Facebook 1.215 Cross Site Scripting
date:2015-04-21,name:WordPress Slallery Authenticated File Upload
date:2015-04-20,name:WordPress Creative Contact Form Upload
date:2015-04-20,name:WordPress N-Media Website Contact Form Upload
date:2015-04-20,name:WordPress Reflex Gallery Upload
date:2015-04-20,name:WordPress Citizen Space 1.1 Cross Site Scripting
date:2015-04-20,name:WordPress Content Sl CSRF \/ Cross Site Scripting
date:2015-04-20,name:WordPress Work The Flow Upload
date:2015-04-17,name:Wordpress Ajax Store Locator <= 1.2 SQL Injection Vulnerability
date:2015-04-16,name:WordPress WP Statistics 9.1.2 Cross Site Scripting
date:2015-04-14,name:WordPress MiwoFTP Plugin 1.0.5 CSRF Arbitrary File Deletion Exploit
date:2015-04-14,name:WordPress MiwoFTP Plugin 1.0.5 CSRF Arbitrary File Creation Exploit (RCE)
date:2015-04-14,name:WordPress MiwoFTP Plugin 1.0.5 Multiple CSRF XSS Vulnerabilities
date:2015-04-11,name:WordPress Fusion Engage Local File Disclosure
date:2015-04-11,name:WordPress Duplicator 0.5.14 Cross Site Request Forgery \/ SQL Injection
date:2015-04-09,name:WordPress Windows Desktop And iPhone Photo Uploader File Upload
date:2015-04-08,name:WordPress Shareaholic 7.6.0.3 Cross Site Scripting
date:2015-04-07,name:WordPress Work The Flow 2.5.2 Shell Upload
date:2015-04-04,name:WordPress Simple Ads Manager 2.5.94 \/ 2.5.96 SQL Injection
date:2015-04-04,name:WordPress Simple Ads Manager 2.5.94 \/ 2.5.96 Information Disclosure
date:2015-04-04,name:WordPress Simple Ads Manager 2.5.94 File Upload
date:2015-04-04,name:WordPress PHP Event Calendar 1.5 Arbitrary File Upload
date:2015-04-02,name:WordPress DesignFolio+ Theme File Upload
date:2015-04-02,name:WordPress Ver Verence Integration 4.91.8 Shell Upload
date:2015-04-02,name:WordPress Ver Ventation 3.31.17 Shell Upload
date:2015-04-02,name:WordPress Revolution Sl Upload
date:2015-04-02,name:Wordpress Better-wp-security Plugin Remote Code Execution
date:2015-04-01,name:WordPress Business Intelligence Lite 1.6.1 SQL Injection
date:2015-03-30,name:Wordpress aspose-doc-exporter Plugin Arbitrary File Download Vulnerability
date:2015-03-27,name:WordPress Aspose Cloud eBook Generator File Download
date:2015-03-27,name:Wordpress Aspose-Cloud-eBook-Generator Plugin Arbitrary File Download
date:2015-03-26,name:WordPress Marketplace 2.4.0 Add Administrator
date:2015-03-25,name:Wordpress Theme Arbitrary File Download Vulnerability
date:2015-03-24,name:WordPress MP3-Jplayer 2.1 Local File Disclosure
date:2015-03-24,name:WordPress InBoundio Marketing Shell Upload
date:2015-03-24,name:WordPress AB Google Map Travel CSRF \/ XSS
date:2015-03-17,name:WordPress Reflex Gallery 3.1.3 Shell Upload
date:2015-03-17,name:WordPress WPML Missing Authentication
date:2015-03-13,name:WordPress SEO By Yoast 1.7.3.3 SQL Injection
date:2015-03-13,name:WordPress WPML XSS \/ Deletion \/ SQL Injection
date:2015-03-13,name:WordPress Huge IT Sl8 SQL Injection
date:2015-03-12,name:WordPress Daily Edition Theme 1.6.2 Cross Site Scripting
date:2015-03-12,name:WordPress Daily Edition Theme 1.6.2 Path Disclosure
date:2015-03-11,name:WordPress Fraction Theme 1.1.1 Privilege Escalation
date:2015-03-10,name:WordPress Daily Edition 1.6.2 File Upload
date:2015-03-10,name:WordPress Yoast Google Analytics 5.3.2 Cross Site Scripting
date:2015-03-06,name:WordPress Download Manager 2.7.2 Privilege Escalation
date:2015-03-05,name:WordPress Max Banner Ads 1.9 Cross Site Scripting
date:2015-03-05,name:WordPress Newsletter 2.6.x \/ 2.5.x Open Redirect
date:2015-03-04,name:WordPress: Webdorado Spt Calendar <= 1.4.9 SQL Injection
date:2015-03-03,name:WordPress Photocrati Theme 4.x.x SQL Injection
date:2015-03-03,name:WordPress WP All 3.2.3 Shell Upload
date:2015-03-03,name:WordPress Calculated Fields Form 1.0.10 SQL Injection
date:2015-02-28,name:WordPress Media Cleaner 2.2.6 Cross Site Scripting
date:2015-02-25,name:Wordpress force download Local File Download
date:2015-02-24,name:WordPress Easy Social Icons 1.2.2 CSRF \/ XSS
date:2015-02-24,name:WordPress Holding Pattern Theme Arbitrary File Upload
date:2015-02-19,name:WordPress Duplicator 0.5.8 Privilege Escalation
date:2015-02-18,name:WordPress Image Metadata Cruncher CSRF \/ XSS
date:2015-02-17,name:WordPress Fusion 3.1 Arbitrary File Upload
date:2015-02-17,name:WordPress Image Metadata Cruncher Cross Site Scripting
date:2015-02-14,name:WordPress Photo Gallery 1.2.5 Unrestricted File Upload
date:2015-02-14,name:WordPress Fusion 1.9.1 Arbitrary File Upload
date:2015-02-13,name:WordPress Failed Randomness on Windows
date:2015-02-13,name:WordPress Survey And Poll 1.1.7 Blind SQL Injection
date:2015-02-12,name:WordPress Very 2.7 SQL Injection
date:2015-02-12,name:WordPress Ninja Forms 2.8.8 Cross Site Scripting
date:2015-02-10,name:WordPress Contact Form DB 2.8.26 Cross Site Scripting
date:2015-02-10,name:WordPress Cart66 Lite 1.5.4 Cross Site Scripting
date:2015-02-10,name:WordPress Holding Pattern 0.6 Shell Upload
date:2015-02-10,name:WordPress WPLMS 1.8.4.1 Privilege Escalation
date:2015-02-10,name:WordPress WP EasyCart Unrestricted File Upload
date:2015-02-10,name:WordPress Acobot Live Chat And Contact Form 2.0 CSRF \/ XSS
date:2015-02-04,name:WordPress Platform Theme Remote Code Execution
date:2015-02-04,name:WordPress Pixabay Images PHP Code Upload
date:2015-02-03,name:WordPress Quasar Theme 1.9.1 Privilege Escalation
date:2015-01-27,name:WordPress Revolution Sll File Disclosure
date:2015-01-26,name:Wordpress RedSteel Theme Arbitrary File Download Vulnerability
date:2015-01-20,name:WordPress Bretheon Theme Arbitrary File Download
date:2015-01-20,name:WordPress CIP4 Folder Download 1.10 Local File Inclusion
date:2015-01-20,name:WordPress Pixarbay Images 2.3 XSS \/ Bypass \/ Upload \/ Traversal
date:2015-01-18,name:Wordpress Theme Bretheon Arbitrary File Download Vulnerability
date:2015-01-15,name:WordPress Simple Security 1.1.5 Cross Site Scripting
date:2015-01-14,name:Wordpress Photo Gallery Unauthenticated SQL Injection User Enumeration
date:2015-01-13,name:WordPress Pods 2.4.3 CSRF \/ Cross Site Scripting
date:2015-01-13,name:WordPress WP Symposium 14.11 Shell Upload
date:2015-01-09,name:WordPress Shopping Cart 3.0.4 Unrestricted File Upload
date:2015-01-09,name:Wordpress slrox Plugin Cross site scripting vulnerability
date:2015-01-06,name:WordPress Banner Effect Header 1.2.6 XSS \/ CSRF
date:2015-01-05,name:Wordpress Email newsletter 20.9 Cross Site Scripting
date:2015-01-05,name:Wordpress sumome 1.6 Cross Site Scripting
date:2015-01-05,name:Wordpress WP-EMail 2.64 Cross Site Scripting
date:2015-01-05,name:Wordpress Email 1.1 Cross Site Scripting
date:2014-12-31,name:Wordpress 4.1 XSS & CSRF Web Vulnerability
date:2014-12-30,name:WordPress Frontend Uploader 0.9.2 Cross Site Scripting
date:2014-12-30,name:WordPress Dmsguestbook Unauthenticated Data Injection
date:2014-12-29,name:Wordpress RevSlin LFD
date:2014-12-28,name:Wordpress Frontend Uploader Cross Site Scripting(XSS)
date:2014-12-25,name:WordPress Themes download.php File Disclosure
date:2014-12-19,name:WordPress Simplelife 1.2 CSRF \/ XSS
date:2014-12-19,name:WordPress SimpleFlickr 3.0.3 CSRF \/ XSS
date:2014-12-19,name:WordPress PWG Random 1.11 CSRF \/ XSS
date:2014-12-19,name:WordPress iTwitter 0.04 Cross Site Request Forgery \/ Cross Site Scripting
date:2014-12-19,name:WordPress TweetScribe 1.1 CSRF \/ XSS
date:2014-12-19,name:WordPress PictoBrowser 0.3.1 CSRF \/ XSS
date:2014-12-19,name:WordPress gSl.1 CSRF \/ XSS
date:2014-12-19,name:WordPress Twitter 0.7 CSRF \/ XSS
date:2014-12-19,name:WordPress WP Limit Posts Automatically 0.7 CSRF \/ XSS
date:2014-12-19,name:WordPress Twitter LiveBlog 1.1.2 CSRF \/ XSS
date:2014-12-19,name:WordPress twimp-wp Cross Site Request Forgery \/ Cross Site Scripting
date:2014-12-18,name:WordPress Bird Feeder 1.2.3 CSRF \/ XSS
date:2014-12-17,name:WordPress A.F.D. Theme Echelon Arbitrary File Download
date:2014-12-16,name:WordPress O2Tweet 0.0.4 CSRF \/ XSS
date:2014-12-15,name:Wordpress Wp Symposium 14.11 Unauthenticated Shell Upload Exploit
date:2014-12-13,name:WordPress Slial Icons 1.61 CSRF \/ XSS
date:2014-12-13,name:WordPress Timed Popup 1.3 CSRF \/ XSS
date:2014-12-13,name:WordPress WP Construction Mode 1.91 XSS
date:2014-12-09,name:WordPress Ajax Store Locator 1.2 Arbitrary File Download
date:2014-12-04,name:Cart66 Lite WordPress Ecommerce 1.5.1.17 Blind SQL Injection
date:2014-12-04,name:WordPress CM Download Manager 2.0.6 XSS \/ CSRF
date:2014-12-02,name:Wordpress <= v4.0 - Denial of Service
date:2014-12-02,name:WordPress <= v4.0 Denial of Service Exploit
date:2014-12-01,name:WordPress Ad-Manager 1.1.2 Open Redirect
date:2014-11-27,name:Wordpress db-backup plugin File Download Vulnerability
date:2014-11-27,name:WordPress Sexy Squeeze Pages Cross Site Scripting
date:2014-11-27,name:WordPress Html5 Mp3 Player Full Path Disclosure
date:2014-11-25,name:WordPress WP-DB-Backup 2.2.4 Backup Theft
date:2014-11-25,name:WordPress wpDataTables 1.5.3 SQL Injection
date:2014-11-25,name:WordPress wpDataTables 1.5.3 Shell Upload
date:2014-11-23,name:WordPress SP Client Document Manager 2.4.1 SQL Injection
date:2014-11-21,name:WordPress CM Download Manager 2.0.0 Code Injection
date:2014-11-21,name:WordPress 3.9.2 Cross Site Scripting
date:2014-11-14,name:WordPress SupportEzzy Ticket System 1.2.5 Cross Site Scripting
date:2014-11-11,name:Another WordPress Classifieds Cross Site Scripting \/ SQL Injection
date:2014-11-07,name:Joomla\/WordPress XCloner Command Execution \/ Password Disclosure
date:2014-11-06,name:WordPress Bulletproof-Security .51 XSS \/ SQL Injection \/ SSRF
date:2014-11-05,name:WordPress Wordfence Firewall 5.1.2 Cross Site Scripting
date:2014-11-05,name:WordPress Clean And Simple Contact Form 4.4.0 XSS
date:2014-10-27,name:WordPress Count-per-Day Plugin (notes.php) Remote Code Upload
date:2014-10-27,name:WordPress Download Manager Plugin Arbitrary File Download
date:2014-10-27,name:Wordpress gallery-bank Plugin Upload Vulnerability
date:2014-10-25,name:WordPress HT-Poi Plugin Remote File Upload (RFU)
date:2014-10-25,name:WordPress HTML5 and FLash PLayer Plugin SQL Injection
date:2014-10-24,name:WordPress CP Multi View Event Calendar 1.01 SQL Injection
date:2014-10-24,name:WordPress \/ Joomla Creative Contact Form 0.9.7 Shell Upload
date:2014-10-22,name:WordPress Database Manager 2.7.1 Command Injection \/ Credential Leak
date:2014-10-16,name:WordPress WP Google Maps 6.0.26 Cross Site Scripting
date:2014-10-16,name:WordPress MaxButtons 1.26.0 Cross Site Scripting
date:2014-10-10,name:WordPress EWWW Image Optimizer 2.0.1 Cross Site Scripting
date:2014-10-10,name:WordPress Contact Form DB 2.8.13 Cross Site Scripting
date:2014-10-10,name:WordPress Google Calendar Events 2.0.1 Cross Site Scripting
date:2014-10-09,name:Wordpress InfusionSoft Upload
date:2014-10-06,name:WordPress BulletProof Security 50.8 Script Insertion
date:2014-10-02,name:WordPress Content Audit 1.6 Blind SQL Injection
date:2014-10-02,name:WordPress Photo Gallery 1.1.30 Cross Site Scripting
date:2014-10-01,name:WordPress All In One Security And Firewall 3.8.3 XSS
date:2014-09-18,name:WordPress WP-Ban 1.62 Bypass
date:2014-09-18,name:WordPress Login Wh Shortcode 3.1.1 CSRF \/ XSS
date:2014-09-16,name:WordPress Wordfence 5.2.3 Cross Site Scripting \/ Bypass
date:2014-09-13,name:WordPress Photo Album Plus 5.4.4 Cross Site Scripting
date:2014-09-12,name:WordPress Trinity Theme Arbitrary File Download
date:2014-09-09,name:WordPress Antioch Arbitrary File Download
date:2014-09-08,name:Wordpress Authentic Theme Arbitrary File Download Vulnerability
date:2014-09-08,name:Wordpress epic theme Arbitrary File Download Vulnerability
date:2014-09-07,name:Wordpress Like Dislike Counter Plugin SQL Injection Vulnerability
date:2014-09-07,name:WordPress acento theme Arbitrary File Download Vulnerability
date:2014-09-07,name:WordPress FR0_theme theme Arbitrary File Download Vulnerability
date:2014-09-07,name:WordPress lote27 theme Arbitrary File Download Vulnerability
date:2014-09-07,name:WordPress NativeChurch theme Arbitrary File Download Vulnerability
date:2014-09-04,name:WordPress Advanced Access Manager 2.8.2 File Write \/ Code Execution
date:2014-09-03,name:WordPress Huge IT Image Gallery 1.0.0 SQL Injection
date:2014-09-02,name:WordPress CuckooTap Theme & eShop Arbitrary File Download
date:2014-08-28,name:WordPress ShortCode 1.1 Local File Inclusion
date:2014-08-27,name:WordPress WPtouch Mobile 3.4.5 Shell Upload
date:2014-08-26,name:WordPress KenBurner Sltrary File Download
date:2014-08-21,name:WordPress All In One SEO Pack 2.2.2 Cross Site Scripting
date:2014-08-21,name:WordPress Mobile Pack 2.0.1 Information Disclosure
date:2014-08-19,name:WordPress Disqus 2.7.7 Cross Site Request Forgery
date:2014-08-19,name:Wordpress 3.9.1 pluggable.php CSRF vulnerability
date:2014-08-13,name:WordPress Disqus 2.7.5 CSRF \/ Cross Site Scripting
date:2014-08-13,name:WordPress CK-And-SyntaxHighLighter Arbitrary File Upload
date:2014-08-13,name:WordPress 3.9 XMLRPC Denial of Service Exploit
date:2014-08-12,name:WordPress GB Gallery Sl.5 SQL Injection *youtube
date:2014-08-11,name:WordPress 3.9 and Drupal 7.x Denial Of Service Vulnerability *vdate:2014-08-11,name:Wordpress Js plupload Cross Site Scripting
date:2014-08-08,name:WordPress WPSS 0.62 Cross Site Scripting
date:2014-08-08,name:WordPress WPSS 0.62 SQL Injection
date:2014-08-05,name:WordPress MyBand Theme Cross Site Scripting
date:2014-08-04,name:WordPress Gmedia Gallery 1.2.1 Shell Upload
date:2014-08-04,name:WordPress Gamespeed Theme Cross Site Scripting
date:2014-08-03,name:Wordpress SI CAPTCHA Anti-Spam Plugin Cross site scripting
date:2014-08-02,name:Wordpress Sper plugin Cross site scripting
date:2014-07-30,name:WordPress WhyDoWork AdSense 1.2 XSS \/ CSRF
date:2014-07-29,name:WordPress Sllution Responsive 4.1.4 File Download
date:2014-07-29,name:WordPress Lead Octopus Power SQL Injection
date:2014-07-29,name:WordPress FBGorilla SQL Injection
date:2014-07-25,name:WordPress Very 2.5 Cross Site Scripting \/ SQL Injection
date:2014-07-22,name:WordPress Gallery Objects 0.4 SQL Injection
date:2014-07-16,name:Wordpress WPTouch Authenticated File Upload
date:2014-07-15,name:WordPress CopySafe PDF Protection 0.6 Shell Upload
date:2014-07-15,name:WordPress Tery 1.1 Shell Upload \/ XSS
date:2014-07-14,name:DZS Very for WordPress XSS, FPD and RCE vulnerabilities
date:2014-07-13,name:WordPress Download Manager 2.6.8 Shell Upload
date:2014-07-10,name:WordPress BSK PDF Manager 1.3.2 SQL Injection
date:2014-07-07,name:Wordpress MailPoet (wysija-newsletters) Unauthenticated File Upload
date:2014-07-07,name:WordPress NextGEN Gallery 2.0.63 Shell Upload
date:2014-07-02,name:Wordpress blogstand-smart-banner.1.0 Cross Site Scripting
date:2014-06-29,name:Wordpress ml-slCross Site Scripting
date:2014-06-29,name:Wordpress wp-construction-mode.1.8 Cross Site Scripting
date:2014-06-27,name:WordPress Simple Share Buttons Adder 4.4 CSRF \/ XSS
date:2014-06-23,name:Wordpress 3.9.1-CSRF vulnerability
date:2014-06-02,name:WordPress Popup Images Cross Site Scripting
date:2014-06-02,name:WordPress Participants Database 1.5.4.8 SQL Injection
date:2014-06-02,name:WordPress iMember360is 3.9.001 XSS Disclosure Code Execution
date:2014-05-30,name:WordPress DZS Very Cross Site Scripting \/ Content Spoofing
date:2014-05-23,name:WordPress Conversion Ninja Cross Site Scripting
date:2014-05-23,name:WordPress bib2html 0.9.3 Cross Site Scripting
date:2014-05-22,name:WordPress Booking System SQL Injection
date:2014-05-22,name:WordPress Simple Popup Cross Site Scripting
date:2014-05-14,name:WordPress Formrms Remote Code Execution
date:2014-05-13,name:Wordpress Bonuspressx Plugin Cross Site Scripting
date:2014-05-08,name:WordPress Photo-Gallery Cross Site Request Forgery
date:2014-05-02,name:WordPress leaflet maps marker plugin SQL Injection Vulnerability
date:2014-05-02,name:WordPress plugin EZPZ One Click Backup Command Injection
date:2014-04-28,name:NextCellent Gallery 1.9.13 WordPress plugin XSS
date:2014-04-28,name:WordPress Work-The-Flow 1.2.1 Shell Upload
date:2014-04-22,name:WordPress JS External Link Info Cross Site Scripting
date:2014-04-22,name:Wordpress Themes Theagency File Upload Vulnerability
date:2014-04-21,name:WordPress File Disclosure Vulnerability
date:2014-04-15,name:WordPress LineNity Local File Inclusion
date:2014-04-14,name:WordPress Theme LineNity LFI
date:2014-04-03,name:WordPress XCloner 3.1.0 Cross Site Request Forgery
date:2014-03-29,name:WordPress Business Intelligence 1.0.6 Shell Upload
date:2014-03-11,name:Wordpress plugin LayerSlersion 4.6.1 Directory Traversal CSRF
date:2014-03-07,name:WordPress Premium Gallery Manager Shell Upload
date:2014-03-06,name:WordPress Barclaycart Shell Upload
date:2014-03-04,name:WordPress thecotton Themes Remote File Upload Vulnerability
date:2014-03-04,name:WordPress plugin Google Analytics MU 2.3 CSRF
date:2014-03-03,name:WordPress Sixtees Shell Upload
date:2014-02-27,name:WordPress Alpine PhotoTile For Instagram 1.2.6.5 XSS
date:2014-02-27,name:WordPress Ver Live Streaming 4.29.6 Cross Site Scripting
date:2014-02-27,name:WordPress Wtrol 1.0.1 Cross Site Scripting
date:2014-02-27,name:WordPress PrintFriendly 3.3.7 Cross Site Scripting
date:2014-02-27,name:WordPress mp3-jplayer 1.8.7 Cross Site Scripting
date:2014-02-27,name:WordPress BSK PDF Manager 1.3 Cross Site Scripting
date:2014-02-26,name:WordPress Zedity 2.4.0 Cross Site Scripting
date:2014-02-26,name:WordPress Thanks You Counter Button 1.8.7 Cross Site Scripting
date:2014-02-26,name:WordPress EasyMedia Gallery 1.2.29 Cross Site Scripting
date:2014-02-24,name:Media File Renamer V1.7.0 wordpress plugin XSS
date:2014-02-16,name:WordPress WP-Password Plugin XSS Vulnerability
date:2014-02-15,name:Wordpress Plugin Acunetix WP Security Make Backup CSRF
date:2014-02-15,name:Wordpress Plugin Better WP Security multiple vulnerability
date:2014-02-14,name:WordPress Buddypress 1.9.1 Cross Site Scripting
date:2014-02-14,name:WordPress Buddypress 1.9.1 Privilege Escalation
date:2014-02-13,name:Wordpress dzs-vry plugin Cross site scripting Vulnerability
date:2014-02-07,name:WordPress Dandelion Theme Shell Upload
date:2014-02-02,name:Wordpress 3.3.1+dfsg-1 Media Library Persistent XSS
date:2014-01-30,name:Wordpress amerisale-re Arbitrary File Upload Vulnerability
date:2014-01-30,name:WordPress Photocrati Cross Site Scripting
date:2014-01-30,name:Wordpress amerisale-re Remote Shell Upload
date:2014-01-28,name:WordPress SS Downloads Cross Site Scripting
date:2014-01-28,name:WordPress Seo Link Rotator Cross Site Scripting
date:2014-01-28,name:WordPress Infocus Theme Cross Site Scripting
date:2014-01-26,name:Wordpress anti-plagiarism Cross Site Scripting Vulnerability
date:2014-01-24,name:WordPress E-Commerce 3.8.9.5 File Upload \/ XSS \/ CSRF \/ Code Execution
date:2014-01-21,name:WordPress Global Flash Galleries File Upload
date:2014-01-20,name:Wordpress social ring Cross Site Scripting
date:2014-01-14,name:WordPress DT Chocolate Cross Site Scripting
date:2014-01-09,name:WordPress WP-Members 2.8.9 Cross Site Scripting
date:2014-01-04,name:Wordpress intouch Cross Site Scripting Vulnerability
date:2014-01-01,name:WordPress 2.0.11 CSRF in options-discussion.php
date:2013-12-31,name:Wordpress dzs-vry plugin Cross site scripting Vulnerability
date:2013-12-30,name:Wordpress formcraft Plugin Sql Injection
date:2013-12-27,name:WordPress Ad-minister 0.6 Cross Site Scripting
date:2013-12-24,name:Wordpress Recommend to a friend plugin Cross site scripting
date:2013-12-23,name:Wordpress information leakage and backdoor in writing settings
date:2013-12-23,name:Wordpress WP EZLead Pro plugin Cross site scripting
date:2013-12-20,name:Wordpress cevhershare plugin Cross site scripting Vulnerability
date:2013-12-20,name:WordPress URL Redirector Abuse and XSS vulnerabilities
date:2013-12-08,name:WordPress DZS Very 3.1.3 Remote File Disclosure
date:2013-12-08,name:WordPress Page Flip Image Gallery Shell Upload
date:2013-12-06,name:WordPress Easy Career Openings SQL Injection
date:2013-12-03,name:WordPress OptimizePress Theme File Upload
date:2013-12-03,name:WordPress Blooog 1.1 jplayer.swf Cross Site Scripting
date:2013-12-03,name:WordPress Js-Multi-Hotel 2.2.1 Cross Site Scripting
date:2013-12-02,name:WordPress dzs-vry Plugins Remote File Upload Vulnerability
date:2013-12-01,name:Wordpress Orange Themes CSRF File Upload Vulnerability
date:2013-12-01,name:WordPress Folo Theme Cross Site Scripting
date:2013-11-28,name:Wordpress amerisale-re plugin Cross site scripting
date:2013-11-28,name:Wordpress optinfirex plugin Cross site scripting
date:2013-11-26,name:WordPress Blogfolio Shell Upload
date:2013-11-26,name:WordPress Contact Form 7 3.5.2 Shell Upload
date:2013-11-26,name:WordPress Elemin Shell Upload
date:2013-11-26,name:WordPress Pinboard Shell Upload
date:2013-11-26,name:WordPress Blogggie Shell Upload
date:2013-11-26,name:WordPress Folo Shell Upload
date:2013-11-22,name:Wordpress capturapro Plugin Cross site scripting
date:2013-11-21,name:WordPress Suco Shell Upload
date:2013-11-21,name:WordPress iThemes2 Shell Upload
date:2013-11-21,name:WordPress Pretty Photo Cross Site Scripting
date:2013-11-19,name:WordPress Project 10 Themes Remote File Upload Vulnerability
date:2013-11-19,name:WordPress Tweet Blender 4.0.1 Cross Site Scripting
date:2013-11-18,name:WordPress EuclSite Request Forgery
date:2013-11-18,name:WordPress Dimension Cross Site Request Forgery
date:2013-11-18,name:WordPress Amplus Cross Site Request Forgery
date:2013-11-18,name:WordPress Make A Statement Cross Site Request Forgery
date:2013-11-12,name:WordPress Theme Kernel - Arbitrary code execution
date:2013-11-12,name:WordPress Curvo Themes - Arbitrary code execution
date:2013-11-12,name:WordPress Highlight Premium Theme CSRF \/ Shell Upload
date:2013-11-10,name:WordPress Army Knife CSRF File Upload Vulnerability
date:2013-11-09,name:WordPress Theme Kernel Shell Upload
date:2013-11-07,name:WordPress Gallery Bank 2.0.19 Cross Site Scripting
date:2013-11-06,name:Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting
date:2013-11-05,name:LBG Zoom In\/Out Effect SlWordPress XSS and FPD vulnerabilities
date:2013-11-05,name:WordPress ThisWay Shell Upload
date:2013-11-04,name:Wordpress fresh-page plugin site scripting Vulnerability
date:2013-11-02,name:WordPress Think Responsive Themes Arbitrary File Upload Vulnerability
date:2013-11-02,name:WordPress Switchblade Themes Arbitrary File Upload Vulnerability
date:2013-11-01,name:WordPress Cold Fusion theme Arbitrary File Upload Vulnerability
date:2013-10-30,name:WordPress MoneyTheme Cross Site Scripting \/ Shell Upload
date:2013-10-30,name:WordPress Curvo Shell Upload
date:2013-10-27,name:WordPress TimThumb Plugin Remote Code Execution
date:2013-10-27,name:WordPress GeoPlaces 4.x Shell Upload
date:2013-10-24,name:WordPress DailyDeal Themes Shell Upload Vulnerabillity
date:2013-10-24,name:WordPress e-Commerce Payment Gateways Caller Local File Inclusion
date:2013-10-22,name:Wordpress Themes WPLocalPlaces Upload Vulnerability
date:2013-10-22,name:Wordpress vPlugin Xss vulnerabilities
date:2013-10-19,name:Wordpress WooCommerce Plugin 2.0.17 Cross-Site Scripting Vulnerability
date:2013-10-19,name:Wordpress spreadsheet Plugin Cross site scripting
date:2013-10-18,name:WordPress WP Realty Blind SQL Injection
date:2013-10-17,name:WordPress Dexs PM System Cross Site Scripting
date:2013-10-16,name:Wordpress zingiri-forum Plugin SQL Injection Vulnerability
date:2013-10-15,name:WordPress Finalist Cross Site Scripting
date:2013-10-12,name:WordPress Cart66 1.5.1.14 Cross Site Request Forgery \/ Cross Site Scripting
date:2013-10-11,name:WordPress Simple Flash VCross Site Scripting
date:2013-10-08,name:WordPress Woopra Remote Code Execution
date:2013-10-07,name:Wordpress Zoo Realty Plugin Cross site scripting Vulnerability
date:2013-10-04,name:WordPress Slimstat Ex Code Execution
date:2013-10-04,name:WordPress SEO Watcher Remote Code Execution
date:2013-10-04,name:WordPress Semper Fi Cross Site Scripting
date:2013-10-03,name:WordPress Social Hashtag 2.0.0 Cross Site Scripting
date:2013-09-29,name:Wordpress FireStorm Professional Real Estate Plugin Cross site scripting
date:2013-09-25,name:WordPress Sharebar 1.2.5 Cross Site Scripting
date:2013-09-25,name:WordPress Miniaudioplayer Cross Site Scripting
date:2013-09-25,name:Wordpress lbg zoominoutslin Cross site scripting Vulnerability
date:2013-09-25,name:Wordpress simple forum Cross site scripting Vulnerability
date:2013-09-24,name:WordPress Bradesco Gateway Cross Site Scripting
date:2013-09-24,name:WordPress fGallery_Plus Cross Site Scripting
date:2013-09-24,name:Wordpress Lazy SEO plugin Shell Upload Vulnerability
date:2013-09-21,name:WordPress NOSpamPTI 2.1 Blind SQL Injection
date:2013-09-21,name:WordPress Comment Attachment 1.0 <= Cross Site Scripting
date:2013-09-20,name:WordPress RokMicroNews 1.5 XSS & DoS & Shell Upload
date:2013-09-20,name:WordPress Page Showcaser Boxes 1.0 Cross Site Scripting
date:2013-09-19,name:WordPress RokIntroScroller 1.8 XSS \/ DoS \/ Disclosure \/ Upload
date:2013-09-19,name:WordPress Complete Gallery Manager 3.3.3 File Upload
date:2013-09-18,name:WordPress RokNewsPager 1.17 Disclosure \/ Shell Upload \/ XSS \/ DoS
date:2013-09-18,name:WordPress RokStories 1.25 Disclosure \/ Shell Upload \/ XSS \/ DoS
date:2013-09-12,name:WordPress 3.6.1 PHP unserialization & Open Redirect & Privilege Escalation
date:2013-09-09,name:WordPress Event Easy Calendar 1.0.0 XSS \/ CSRF \/ Input Valdate:2013-09-04,name:WordPress NextGen Smooth Gallery Cross Site Scripting
date:2013-09-02,name:WordPress IndiaNIC Testimonial 2.2 XSS & CSRF & SQL Injection
date:2013-08-29,name:WordPress Wordfence 3.8.1 Cross Site Scripting
date:2013-08-29,name:WordPress Encrypted Blog 0.0.6.2 XSS & Open Redirect
date:2013-08-29,name:WordPress silverOrchSite Scripting
date:2013-08-27,name:WordPress Simple Login Registration 1.0.1 Cross Site Scripting
date:2013-08-27,name:WordPress Post-Gallery Cross Site Scripting
date:2013-08-24,name:Wordpress ver-live-streaming-integration Plugin XSS vulnerabilities
date:2013-08-22,name:WordPress BackWPup 3.0.12 Cross Site Scripting
date:2013-08-12,name:WordPress HMS Testimonials 2.0.10 XSS \/ CSRF
date:2013-08-09,name:WordPress HMS Testimonials 2.0.10 XSS & CSRF
date:2013-08-07,name:WordPress Usernoise 3.7.8 Cross Site Scripting
date:2013-08-04,name:WPtouch and WPtouch Pro for WordPress XSS and FPD vulnerabilities
date:2013-07-26,name:WordPress Duplicator 0.4.4 Cross Site Scripting
date:2013-07-23,name:WordPress FlagEm Cross Site Scripting
date:2013-07-19,name:WordPress WooCommerce 2.0.12 Cross Site Scripting
date:2013-07-15,name:Wordpress Plugin Spicy Blogroll File Inclusion Vulnerability
date:2013-07-13,name:WordPress I Love It XSS & Content Spoofing & Path Disclosure
date:2013-07-09,name:WordPress Search N Save XSS & Path Disclosure
date:2013-07-09,name:WordPress JS Restaurant SQL Injection
date:2013-07-03,name:WordPress 3.5.1 Cross Site Scripting
date:2013-07-03,name:WordPress Category-Grallery XSS
date:2013-07-03,name:WordPress Feed SQL Injection
date:2013-07-01,name:WordPress wp-private-messages SQL Injection
date:2013-07-01,name:Xorbin Digital Flash Clock 1.0 For WordPress XSS
date:2013-07-01,name:Xorbin Analog Flash Clock 1.0 For WordPress XSS
date:2013-06-30,name:WordPress Denial of Service .py exploit
date:2013-06-21,name:WordPress Slash WP theme XSS and Content Spoofing vulnerabilities
date:2013-06-18,name:Ultimate WordPress Auction v1.0 Plugin CSRF Vulnerability
date:2013-06-12,name:WordPress WP-SendSMS 1.0 CSRF \/ XSS
date:2013-06-12,name:WordPress 3.5.1 Denial of Service Exploit
date:2013-06-12,name:WordPress 3.5.1 Denial of Service
date:2013-06-11,name:WordPress jobroller Reflected XSS
date:2013-06-11,name:WordPress Ambience Cross Site Scripting
date:2013-06-09,name:WordPress nextgen-gallery Cross Site Scripting
date:2013-06-07,name:WordPress plugin uk-cookie CSRF
date:2013-06-03,name:WordPress AntiVirus FPD and Security bypass vulnerabilities
date:2013-06-01,name:WordPress Plugin 'Feedweb 1.8.8' Cross-site Scripting vulnerability
date:2013-05-28,name:WordPress wp-banners-lite Plugin Cross Site Scripting
date:2013-05-27,name:WordPress User Role Editor CSRF
date:2013-05-26,name:WordPress milano Theme Cross Site Scripting
date:2013-05-21,name:WordPress ProPlayer Plugin SQL Injection
date:2013-05-17,name:WordPress plugin wp-cleanfix CSRF
date:2013-05-17,name:WordPress plugin mail-on-update CSRF
date:2013-05-16,name:WordPress wp-FileManager File Download
date:2013-05-15,name:WordPress Newsletter Plugin 3.2.6 (alert) Reflected XSS Vulnerability
date:2013-05-15,name:WordPress Vross Site Scripting
date:2013-05-13,name:WordPress Securimage-WP Plugin v3.2.4 URI-based XSS Vulnerability
date:2013-05-13,name:WordPress Search and Share plugin vulnerabilities
date:2013-05-07,name:WordPress Advanced XML Reader 0.3.4 Plugin XXE 0day *youtube
date:2013-05-02,name:Wordpress W3 Total Cache 0.9.2.8 PHP Code Execution exploit
date:2013-04-21,name:WordPress theme Colormix Multiple vulnerabilities
date:2013-04-12,name:Wordpress Catalog Plugin Xss Vulnerability
date:2013-04-11,name:WordPress Sper 2.1 SQL Injection
date:2013-04-09,name:Wordpress plugins kioskprox XSS Vulnerability
date:2013-04-09,name:Wordpress plugins fbsurveypro XSS Vulnerability
date:2013-04-08,name:Wordpress plugins kioskprox XSS Vulnerability
date:2013-04-07,name:WordPress Trafficanalyzer Plugin XSS Vulnerability
date:2013-03-27,name:WordPress plugin user-photo file upload arbitrary PHP code execution
date:2013-03-27,name:Wordpress trafficanalyzer Plugin XSS
date:2013-03-27,name:Wordpress wp-vando Plugin XSS
date:2013-03-27,name:Wordpress plugin v3 level four storefront SQL injection Vulnerability
date:2013-03-27,name:Wordpress ver-live-streaming-integration Plugin XSS
date:2013-03-26,name:WordPress Mathjax Latex 1.1 Cross Site Request Forgery
date:2013-03-25,name:Wordpress wp-vando Plugin XSS
date:2013-03-23,name:WordPress IndiaNIC FAQS Manager 1.0 SQL Injection
date:2013-03-23,name:WordPress IndiaNIC FAQS Manager 1.0 XSS & CSRF
date:2013-03-22,name:Joomla Component com_wordpress XSS Vulnerability
date:2013-03-20,name:WordPress Occasions 1.0.4 Cross Site Request Forgery
date:2013-03-20,name:WordPress Count Per Day 3.2.5 XSS
date:2013-03-19,name:WordPress Simply Poll Plugin 1.4.1 CSRF and stored XSS
date:2013-03-17,name:WordPress LeagueManager Plugin 3.8 SQL Injection
date:2013-03-17,name:Wordpress o2s-gallery plugin Cross Site Scripting Vulnerability
date:2013-03-17,name:Wordpress bp-gallery plugin 1.2.5 Cross Site Scripting Vulnerability
date:2013-03-17,name:Wordpress WP-e-Commerce plugin 3.8.9.5 Cross Site Scripting Vulnerability
date:2013-03-17,name:Wordpress Image News slin 3.5 Cross Site Scripting Vulnerability
date:2013-03-15,name:WordPress LeagueManager 3.8 SQL Injection
date:2013-03-12,name:WordPress Terillion Reviews Cross Site Scripting
date:2013-03-11,name:WordPress plugin snazzy-archives XSS vulnerability
date:2013-03-10,name:WordPress plugins vulnerable to CVE-2013-1808
date:2013-03-08,name:WordPress Events Manager 5.3.3 Cross Site Scripting
date:2013-03-06,name:WordPress Count-Per-Day 3.2.5 Cross Site Scripting
date:2013-03-05,name:WordPress Caulk Path Disclosure
date:2013-03-05,name:WordPress Counter per Day plugin <= 3.2.3. Path Disclosure and Denial-Of-Service
date:2013-02-28,name:WordPress Comment Rating 2.9.32 SQL Injection & Bypass
date:2013-02-25,name:WordPress plugin smart-flv jwplayer.swf XSS
date:2013-02-21,name:WordPress Pretty Link 1.6.3 Cross Site Scripting
date:2013-02-12,name:Wordpress wp forum server v2 plugin SQL Injection
date:2013-02-12,name:Wordpress simple flash vlugin SQL Injection
date:2013-02-12,name:Wordpress newscast Theme SQL Injection
date:2013-02-12,name:Wordpress image news sllugin SQL Injection
date:2013-02-12,name:Wordpress Xhanch My Prayer Time plugin v2 Plugin SQL Injection
date:2013-02-12,name:Wordpress podpress plugin v2 Plugin SQL Injection
date:2013-02-11,name:Wordpress post2pdf-converter v2 Plugin SQL Injection
date:2013-02-11,name:Wordpress smart-map v2 Plugin SQL Injection
date:2013-02-10,name:Wordpress plugin myftp-ftp-like-plugin-for-wordpress 2 SQL Injection
date:2013-02-10,name:Wordpress theme pinboard 1.0.6 XSS
date:2013-02-08,name:WordPress Audio Player SWF Cross Site Scripting
date:2013-02-07,name:WordPress CommentLuv 2.92.3 Cross Site Scripting
date:2013-02-07,name:WordPress Wysija Newsletters 2.2 SQL Injection
date:2013-02-06,name:Wordpress wp-forum plugin SQL Injection
date:2013-02-03,name:Wordpress dt-chocolate Theme Image Open redirect
date:2013-02-03,name:WordPress theme Flash News Multiple vulnerabilities
date:2013-02-02,name:WordPressSearch plugin SQL Injection Vulnerability
date:2013-02-01,name:Wordpress wp-table-reloaded plugin cross-site scripting in SWF
date:2013-02-01,name:Wordpress simple-shout-box Plugin SQL Injection
date:2013-02-01,name:Wordpress portfolio-slro v3 Plugin SQL Injection
date:2013-01-31,name:Wordpress RLSWordPressSearch plugin SQL Injection
date:2013-01-26,name:WordPress SolveMedia 1.1.0 Cross Site Request Forgery
date:2013-01-25,name:Wordpress Zingiri Web Shop Plugin <= 2.4.0 Multiple XSS Vulnerabilities
date:2013-01-24,name:WordPress Chocolate Theme XSS & Denial Of Service & Shell Upload
date:2013-01-23,name:Cardoza WordPress Poll 34.05 SQL Injection
date:2013-01-22,name:Wordpress Developer Formatter CSRF Vulnerability
date:2013-01-21,name:WordPress Ripe HD FLV Player SQL Injection & Path Disclosure
date:2013-01-15,name:WordPress Daily Edition Mouss XSS & Disclosure & Shell Upload
date:2013-01-15,name:WordPress theme Daily Edition Mouss Multiple vulnerabilities
date:2013-01-14,name:WordPress Floating Tweets 1.0.1 XSS and Directory Traversal
date:2013-01-10,name:Wordpress gallery-3.8.3 plugin Arbitrary File Read Vulnerability
date:2013-01-09,name:WordPress Plugin Google Document Embedder Arbitrary File Disclosure
date:2013-01-08,name:WordPress Spam Free 1.9.2 Filter Bypass
date:2013-01-08,name:XML Sitemap Generator for Wordpress (Google XML Sitemaps) Code Injection
date:2013-01-08,name:WordPress OpenInviter Information Disclosure
date:2013-01-07,name:Wordpress NextGEN Gallery plugin Cross-Site Scripting Vulnerability
date:2013-01-07,name:Wordpress wilderness SQL injection
date:2013-01-03,name:WordPress Advanced Custom Fields Remote File Inclusion
date:2013-01-03,name:WordPress Shopping Cart 8.1.14 Shell Upload & SQL Injection
date:2013-01-03,name:WordPress ReFlex Gallery 1.3 Shell Upload
date:2013-01-03,name:WordPress Xerte Online 0.32 Shell Upload
date:2013-01-03,name:WordPress Uploader 1.0.4 Shell Upload
date:2013-01-02,name:Wordpress Sahifa theme 2.4.0 CSRF and Full Path Disclosure
date:2013-01-01,name:Wordpress plugins WP PHP wl Path Disclosure vulnerability
date:2012-12-31,name:Wordpress plugins NextGEN Public Uploader Full Path Disclosure Vulnerability
date:2012-12-31,name:WordPress Photo Plus & Photo Search XSS & CSRF
date:2012-12-31,name:WordPress SB Uploader 3.9 Shell Upload
date:2012-12-30,name:WordPress themes RocketTheme Multiple vulnerabilities
date:2012-12-28,name:WordPress Asset-Manager PHP File Upload
date:2012-12-25,name:WordPress W3 Total Cache Data Disclosure
date:2012-12-25,name:WordPress Rokbox Themes Content Spoofing and XSS
date:2012-12-23,name:WordPress BuddyPress Cross Site Scripting & Content Spoofing
date:2012-12-21,name:WordPress 3.4.2 Sessions Not Terminated Upon Explicit User Logout
date:2012-12-21,name:BuddyPress for WordPress XSS and CS vulnerabilities
date:2012-12-21,name:Wordpress plugin sintic_gallery Path Disclosure Vulnerability
date:2012-12-18,name:WordPress Rokbox 2.13 Multiple Vulns
date:2012-12-16,name:WordPress RokBox Multiple Vulnerabilities
date:2012-12-13,name:WordPress portable-phpMyAdmin 1.3.0 Authentication Bypass
date:2012-12-09,name:WordPress Simple Gmail Login Path Disclosure
date:2012-12-04,name:WordPress Nest SQL Injection
date:2012-11-30,name:WordPress V Form 0.5 Cross Site Scripting
date:2012-11-30,name:WordPress TimelineJS_Nuweb Local File Inclusion
date:2012-11-30,name:WordPress Toolbox 1.4 SQL Injection
date:2012-11-28,name:WordPress Newstimes Package SQL Injection
date:2012-11-28,name:WordPress myflash Local File Inclusion
date:2012-11-28,name:WordPress starmark Theme Local File Inclusion
date:2012-11-28,name:Wordpress asm theme SQL injection
date:2012-11-28,name:WordPress yaren Tema SQL Injection
date:2012-11-27,name:WordPress wp-imagezoon SQL Injection
date:2012-11-27,name:WordPress cstardesign SQL Injection
date:2012-11-27,name:WordPress oberliga SQL Injection
date:2012-11-27,name:WordPress st_newsletter SQL Injection
date:2012-11-27,name:WordPress weddingsatwork SQL Injection
date:2012-11-27,name:WordPress Shai-Saul SQL Injection
date:2012-11-25,name:Wordpress dailyedition-mouss Theme SQL injection
date:2012-11-24,name:WordPress Zarzadzanie Kontem Shell Upload
date:2012-11-24,name:WordPress Simple SlCross Site Scripting
date:2012-11-24,name:WordPress Plg Novana SQL Injection
date:2012-11-24,name:WordPress Zingiri Web Shop 2.5.0 Shell Upload
date:2012-11-23,name:Wordpress malmonation theme SQL Injection
date:2012-11-23,name:Wordpress magazine-basic-plugin\/ Theme SQL Injection
date:2012-11-23,name:Wordpress plg_novana plugin Sql Injection
date:2012-11-22,name:Wordpress hd-webplayer Theme SQL Injection
date:2012-11-22,name:Wordpress webplayer-plugin Theme SQL Injection
date:2012-11-22,name:Wordpress fs-real-estate-plugin Theme SQL Injection
date:2012-11-21,name:wordpress tdo-mini-forms plugin (rfu\/rfd) Vulnerabilities
date:2012-11-21,name:WordPress FireStorm Real Estate 2.06.08 SQL Injection
date:2012-11-21,name:WordPress Madebymilk SQL Injection
date:2012-11-20,name:Wordpress Facebook Survey v1 SQL Injection Vulnerability
date:2012-11-20,name:WordPress List Communities SQL Injection
date:2012-11-20,name:WordPress ArribaLaEsteban SQL Injection
date:2012-11-19,name:Wordpress Plugins Spotlight Your Upload Vulnerability
date:2012-11-16,name:WordPress Dailyedition-mouss SQL Injection
date:2012-11-16,name:WordPress Tagged Albums SQL Injection
date:2012-11-14,name:WordPress WP E-Commerce 3.8.9 SQL Injection \/ Cross Site Scripting
date:2012-11-13,name:WordPress Related Posts Exit Popup SQL Injection
date:2012-11-10,name:WordPress Eco-Annu SQL Injection
date:2012-11-10,name:WordPress Calendar-Script Blind SQL Injection
date:2012-11-10,name:WordPress swfupload XSS vulnerability
date:2012-11-09,name:Wordpress theme kakao SQL Injection
date:2012-11-09,name:Wordpress theme wilderness SQL Injection
date:2012-11-08,name:WordPress Cardoza Ajax Search 1.1 SQL Injection
date:2012-11-07,name:WordPress Hitasoft FLV Player 1.1 SQL Injection
date:2012-10-31,name:Wordpress FoxyPress Plugin Multiple Vulnerabilities
date:2012-10-27,name:WordPress Easy Webinar Blind SQL Injection
date:2012-10-26,name:WordPress GRAND Flash Album Gallery SQL Injection & Disclosure & File Overwrite
date:2012-10-20,name:WordPress Wordfence Security XSS and IAA vulnerabilities
date:2012-10-18,name:Wordpress Social Discussions Plugin Multiple Vulnerabilities
date:2012-10-17,name:Wordpress Pay With Tweet plugin <= 1.1 Multiple Vulnerabilities
date:2012-10-17,name:Wordpress Plugin BackWPup 1.6.1 Remote auth bypass
date:2012-10-06,name:WordPress Shopp v1.0.17 eCommerce Plugin <= XSS & LFI
date:2012-10-04,name:WordPress Sp1 SQL Injection & XSS
date:2012-10-01,name:wordpressthemesbook Cms Cross-Site Scripting Vulnerability
date:2012-09-28,name:Wordpress phpBAK Red Config Vulnerability
date:2012-09-27,name:WordPress ABC-Test 0.1 Cross Site Scripting
e:2012-09-23,name:MF Gig Calendar Wordpress Plugin Cross-Site Scripting
e:2012-09-23,name:Wordpress Admin name Information Disclosure
te:2012-09-22,name:WordPress Tierra Audio Path Disclosure
te:2012-09-22,name:WordPress Krea3AllMedias SQL Injection
te:2012-09-21,name:Wordpress Download Monitor Download Page Cross-Site Scripting
te:2012-09-20,name:WordPress AdRotate 3.7.3.5 Cross Site Scripting
te:2012-09-20,name:WordPress NextGEN Gallery 1.9.5 Cross Site Scripting
te:2012-09-20,name:WordPress Google Analytics 4.2.4 Cross Site Scripting
te:2012-09-19,name:WordPress TDO Mini Forms Arbitrary File Upload
te:2012-09-18,name:WordPress HD Webplayer 1.1 SQL Injection
te:2012-08-29,name:WordPress Simple Forum Shell Upload
te:2012-08-28,name:WordPress Finder Cross Site Scripting
te:2012-08-28,name:WordPress Count Per Day 3.2.3 Cross Site Scripting
te:2012-08-25,name:WordPress Monsters Editor Shell Upload
te:2012-08-25,name:WordPress SEM WYSIWYG Arbitrary File Upload
te:2012-08-21,name:ShopperPress WordPress Theme 2.7 Cross Site Scripting
te:2012-07-31,name:WordPress Front End Upload 0.5.4.4 Shell Upload
te:2012-07-24,name:Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability
te:2012-07-23,name:WordPress Cimy User Extra Fields 2.3.7 Shell Upload
te:2012-07-17,name:WordPress Count Per Day 3.1.1 Cross Site Scripting
te:2012-07-16,name:WordPress Resume Submissions \/ Job Postings 2.5.1 Shell Upload
te:2012-07-16,name:WordPress WP-Predict 1.0 Blind SQL Injection
te:2012-07-10,name:Wordpress (wp-insert Plugin) Arbitrary File Upload Vulnerability
te:2012-07-10,name:WordPress MoodThingy W.7 SQL Injection
te:2012-07-10,name:Wordpress (editormonkey) [FCKeditor] Arbitrary File Upload Vulnerability
te:2012-06-30,name:WordPress Website FAQ 1.0 SQL Injection
te:2012-06-26,name:WordPress Fancy Gallery 1.2.4 Shell Upload
te:2012-06-26,name:WordPress Flip Book 1.0 Shell Upload
te:2012-06-26,name:WordPress Ajax Multi Upload 1.1 Shell Upload
te:2012-06-26,name:WordPress Schreikasten 0.14.13 Cross Site Scripting
te:2012-06-20,name:WordPress Organizer 1.2.1 Cross Site Scripting \/ Directory Traversal
te:2012-06-20,name:WordPress Lim4wp 1.1.1 Shell Upload
te:2012-06-20,name:WordPress Wp-ImageZoom 1.0.3 File Disclosure
te:2012-06-20,name:WordPress LB Mixed Sl.0 Shell Upload
te:2012-06-20,name:WordPress Famous 2.0.5 Shell Upload
te:2012-06-20,name:WordPress Deep-Blue 1.9.2 Shell Upload
te:2012-06-17,name:WordPress Automatic 2.0.3 Cross Site Request Forgery
ate:2012-06-15,name:WordPress Annonces 1.2.0.1 Shell Upload
ate:2012-06-15,name:WordPress Evarisk 5.1.5.4 Shell Upload
ate:2012-06-15,name:WordPress Invit0r 0.22 Shell Upload
ate:2012-06-13,name:WordPress Foxypress Arbitrary Code Execution
ate:2012-06-13,name:WordPress Top Quark Architecture 2.10 Shell Upload
ate:2012-06-13,name:WordPress Wp-Gpx-Map 1.1.21 Shell Upload
ate:2012-06-13,name:WordPress User Meta 1.1.1 Shell Upload
ate:2012-06-13,name:WordPress Custom Content Type Manager 0.9.5.13-pl Shell Upload
ate:2012-06-13,name:WordPress Front End Upload 0.5.3 Shell Upload
ate:2012-06-13,name:WordPress Omni Secure Files 0.1.13 Shell Upload
ate:2012-06-13,name:WordPress Front File Manager 0.1 Shell Upload
ate:2012-06-13,name:WordPress Easy Contact Forms Export 1.1.0 File Disclosure
ate:2012-06-12,name:WordPress Hungred Post Thumbnail 2.1.9 Shell Upload
ate:2012-06-12,name:WordPress PICA Photo Gallery 1.0 File Disclosure
ate:2012-06-12,name:WordPress PDW File Browser 1.1 Shell Upload
ate:2012-06-12,name:WordPress Picturesurf Gallery 1.2 Shell Upload
ate:2012-06-12,name:WordPress Tinymce Thumbnail Gallery 1.0.7 File Disclosure
ate:2012-06-12,name:WordPress Newsletter 1.5 File Disclosure
ate:2012-06-12,name:WordPress wpStoreCart 2.5.29 Shell Upload
ate:2012-06-12,name:WordPress Simple Download Button Shortcode 1.0 File Disclosure
ate:2012-06-12,name:WordPress RBX Gallery 2.1 Shell Upload
ate:2012-06-12,name:WordPress Thinkun Remind 1.1.3 File Disclosure
ate:2012-06-08,name:WordPress Gallery 3.06 Shell Upload
ate:2012-06-08,name:WordPress MM Forms Community 2.2.5 \/ 2.2.6 Shell Upload
ate:2012-06-08,name:WordPress Ver Ventation 3.17 Shell Upload
ate:2012-06-08,name:WordPress WP-Property 1.35.0 Shell Upload
ate:2012-06-08,name:WordPress Google Maps Via Store Locator Plus Email Spool \/ SQL Injection
ate:2012-06-08,name:WordPress WP Marketplace Shell Upload
ate:2012-06-08,name:WordPress HTML5 AV Manager 0.2.7 Shell Upload
ate:2012-06-08,name:WordPress HT-Poi Shell Upload
ate:2012-06-08,name:WordPress Asset Manager 0.2 Shell Upload
ate:2012-06-08,name:WordPress WP Mass Mail Spoofing
ate:2012-06-08,name:WordPress Comment Extra Fields Shell Upload
ate:2012-06-08,name:WordPress Nmedia WP Member Conversation 1.35.0 Shell Upload
ate:2012-06-08,name:WordPress Nmedia User File Uploader Shell Upload
ate:2012-06-08,name:WordPress Foxypress Shell Upload
ate:2012-06-08,name:WordPress 3.3.2 Cross Site Scripting
ate:2012-05-19,name:WordPress Track That Stat 1.0.8 Cross Site Scripting
ate:2012-05-19,name:WordPress WP-FaceThumb Gallery 0.1 Cross Site Scripting
ate:2012-05-13,name:WordPress 2-Click-Socialmedia-Buttons Cross Site Scripting
ate:2012-05-13,name:WordPress Custom Contact Forms Cross Site Scripting
ate:2012-05-13,name:WordPress Better WP Security Cross Site Scripting
ate:2012-05-13,name:WordPress BulletProof Security Cross Site Scripting
ate:2012-05-13,name:WordPress Bad Behavior Cross Site Scripting
ate:2012-05-04,name:Wordpress WPsc-MijnPress plugin Cross-Site Scripting Vulnerabilities
ate:2012-04-28,name:WordPress 3.3.1 Cross Site Request Forgery
ate:2012-04-28,name:WordPress Organizer 1.2.1 XSS \/ CSRF \/ Shell Upload
ate:2012-04-28,name:WordPress Organizer 1.2.1 Cross Site Scripting \/ Path Disclosure
ate:2012-04-21,name:WordPress Zingiri Tickets File Disclosure
ate:2012-04-21,name:Yahoo Answer Wordpress Auto Poster Cross Site Scripting
ate:2012-04-21,name:WordPress DoS Vulnerability
ate:2012-04-16,name:WordPress All-In-One Event Calendar 1.4 Cross Site Scripting
ate:2012-04-15,name:Wordpress taggator plugin Sql Injection Vulnerabilities
ate:2012-04-01,name:WordPress Deans With Pwwangs Code Shell Upload
ate:2012-04-01,name:WordPress Integrator 1.32 Cross Site Scripting
ate:2012-03-14,name:WordPress 3.3.1 Post-Auth Cross Site Scripting
ate:2012-03-14,name:WordPress 3.3.1 Post-Auth Information Disclosure
ate:2012-03-14,name:WordPress 3.3.1 Post-Auth SQL Injection
ate:2012-03-14,name:WordPress 3.3.1 User Count Enumeration
ate:2012-01-29,name:WordPress Slallery 2 Cross SIte Scripting
ate:2012-01-29,name:WordPress <= 3.3.1 Multiple Vulnerabilities
ate:2012-01-29,name:WordPress Kish Guest Posting 1.0 Shell Upload
ate:2012-01-28,name:AllWebMenus < 1.1.9 WordPress Menu Plugin Arbitrary File Upload
ate:2012-01-22,name:WordPress Shortcode Redirect 1.0.01 Stored Cross Site Scripting
ate:2012-01-22,name:WordPress Mingle Forum 1.0.32.1 Cross Site Scripting \/ SQL Injection
ate:2012-01-22,name:Wordpress uCan Post plugin <= 1.0.09 Stored XSS
ate:2012-01-22,name:WordPress uCan Post 1.0.09 Cross Site Scripting
ate:2012-01-18,name:WordPress myEASYbackup 1.0.8.1 Directory Traversal
ate:2012-01-17,name:WordPress wp-autoyoutube plugin Blind SQL Injection Vulnerability
ate:2012-01-17,name:WordPress Yousaytoo Auto Publishing Cross Site Scripting
ate:2012-01-17,name:Wordpress Age Verification Plugin <= 0.4 Open Redirect
ate:2012-01-10,name:Wordpress Pay With Tweet Plugin <= 1.1 Multiple Vulnerabilities
ate:2012-01-09,name:WordPress Comment Rating Cross Site Scripting \/ SQL Injection
ate:2012-01-03,name:WordPress CartPress 1.6 Cross Site Scripting
ate:2012-01-03,name:WordPress LivePHP Cross Site Scripting
ate:2012-01-02,name:WordPress Facebook Page Promoter Lightbox Cross Site Scripting
ate:2012-01-02,name:WordPress Whois Search Cross Site Scripting
ate:2011-12-19,name:WordPress Jetpack SQL Injection
ate:2011-12-19,name:WordPress Flexible Custom Post Type Cross Site Scripting
ate:2011-12-19,name:WordPress AdRotate 3.6.6 SQL Injection
ate:2011-11-21,name:WordPress Zingiri 2.2.3 Code Execution
ate:2011-11-01,name:WordPress Classipress Theme 3.1.4 Cross Site Scripting
ate:2011-10-29,name:WordPress Contact Form 2.7.5 SQL Injection \/ Patch
ate:2011-10-15,name:WordPress Photo Album Plus 4.1.1 SQL Injection
ate:2011-10-15,name:WordPress Pretty Link 1.4.56 Cross Site Scripting
ate:2011-10-15,name:WordPress GD Star Rating 1.9.10 SQL Injection
ate:2011-10-15,name:WordPress WP-SpamFree SQL Injection
ate:2011-10-13,name:WordPress Vodpod Very 3.1.5 Cross-site Scripting
ate:2011-10-02,name:WordPress WP Bannerize 2.8.7 SQL Injection
ate:2011-10-02,name:WordPress Mingle Forum 1.0.31 SQL Injection
ate:2011-10-02,name:WordPress + Buddypress + Blogs Mu Theme Cross Site Scripting
ate:2011-10-02,name:WordPress CevherShare 2.0 SQL Injection
ate:2011-10-02,name:WordPress Link Library 5.2.1 SQL Injection
ate:2011-10-02,name:WordPress AdRotate 3.6.5 SQL Injection
ate:2011-10-02,name:WordPress Mailing List 1.3.2 Remote File Inclusion
ate:2011-10-02,name:WordPress Relocate Upload 0.14 Remote File Inclusion
ate:2011-09-22,name:WordPress Zingiri Web Shop 2.2.0 Remote File Inclusion
ate:2011-09-22,name:WordPress AllWebMenus 1.1.3 Remote File Inclusion
ate:2011-09-22,name:WordPress Filedownload 0.1 File Disclosure
ate:2011-09-22,name:WordPress Count Per Day 2.17 SQL Injection
ate:2011-09-20,name:WordPress WP e-Commerce 3.8.6 SQL Injection
ate:2011-09-20,name:WordPress 3.0.4 Blind SQL Injection
ate:2011-09-20,name:WordPress 3.0.4 comment_post_SQL Injection
ate:2011-09-12,name:WordPress SCORM Cloud 1.0.6.6 SQL Injection
ate:2011-09-12,name:WordPress Eventify Simple Events 1.7.f SQL Injection
ate:2011-09-12,name:WordPress Tweet Old Post 3.2.5 SQL Injection
ate:2011-09-12,name:WordPress Community Events 1.2.1 SQL Injection
ate:2011-09-12,name:WordPress Post Highlights 2.2 SQL Injection
ate:2011-09-12,name:WordPress KNR Author List W.0 SQL Injection
ate:2011-09-09,name:WordPress Zotpress 4.4 SQL Injection
ate:2011-09-09,name:WordPress oQey Gallery 0.4.8 SQL Injection
ate:2011-09-09,name:WordPress Donation 1.0 SQL Injection
ate:2011-09-02,name:WordPress Evarisk 5.1.3.6 SQL Injection
ate:2011-09-02,name:WordPress iCopyright Article Tools 1.1.4 SQL Injection
ate:2011-09-02,name:WordPress Profiles 2.0 RC1 SQL Injection
ate:2011-09-02,name:WordPress mySTAT 2.6 SQL Injection
ate:2011-09-02,name:WordPress Facebook Promotions 1.3.3 SQL Injection
ate:2011-09-02,name:WordPress Collision Testimonials 3.0 SQL Injection
ate:2011-09-02,name:WordPress oQey Headers 0.3 SQL Injection
ate:2011-09-02,name:WordPress SH Sl.1.4 SQL Injection
ate:2011-09-02,name:WordPress Super CAPTCHA 2.2.4 SQL Injection
ate:2011-09-01,name:WordPress MM Forms Community 1.2.3 SQL Injection
ate:2011-09-01,name:WordPress 3.1 \/ 3.2.1 Cross Site Scripting
ate:2011-09-01,name:WordPress SendIt 1.5.9 Blind SQL Injection
ate:2011-08-26,name:WordPress MM Duplicate 1.2 SQL Injection
ate:2011-08-24,name:WordPress Allow PHP In Posts And Pages 2.0.0.RC1 SQL Injection
ate:2011-08-19,name:WordPress WP DS FAQ 1.3.2 SQL Injection
ate:2011-08-19,name:WordPress WP Forum 1.7.8 SQL Injection
ate:2011-08-19,name:WordPress Global Content Blocks 1.2 SQL Injection
ate:2011-08-19,name:WordPress Menu Creator 1.1.7 SQL Injection
ate:2011-08-19,name:WordPress Ajax Gallery 3.0 SQL Injection
ate:2011-08-12,name:eShop 6.2.8 For WordPress Cross Site Scripting
ate:2011-08-06,name:WordPress e-Commerce 3.8.5 Cross Site Scripting
ate:2011-07-27,name:WordPress WPtouch 1.9.32 URL Redirect
ate:2011-07-25,name:WordPress e-Commerce 3.8.4 SQL Injection
ate:2011-07-25,name:WordPress bSuite 4.0.7 Cross Site Scripting
ate:2011-07-03,name:WordPress Pretty Link Like 1.4.56 SQL Injection
ate:2011-07-03,name:WordPress Beer Recipes 1.0 Cross Site Scripting
ate:2011-06-22,name:WordPress Wysi 0.0.2 Shell Upload
ate:2011-06-16,name:WordPress Events Manager 3.1.2 SQL Injection
ate:2011-06-16,name:WordPress Star Rating SQL Injection
ate:2011-06-16,name:Multiple WordPress Themes Cross Site Scripting
ate:2011-05-23,name:WordPress EditorMonkey (FCKeditor) Remote File Upload
ate:2011-05-08,name:Daily Maui Photo WdPress Plugin 0.2 Cross Site Scripting
ate:2011-04-29,name:WP Photo Album WordPress Plugin 1.5.1 Cross Site Scripting
ate:2011-04-29,name:Wordpress Insufficient Anti-automation Vulnerability
ate:2011-04-29,name:Wordpress Abuse of Functionality Vulnerability
ate:2011-04-29,name:Universal Post Manager WordPress Plugin 1.0.9 XSS \/ Path Disclosure
ate:2011-04-29,name:WP-StarsRateBox WordPress Plugin 1.1 XSS \/ SQL Injection
ate:2011-04-29,name:SocialGress Plugin 2.3 Cross Site Scripting
ate:2011-04-20,name:Universal Post Manager WordPress Plugin 1.0.9 SQL Injection
ate:2011-04-20,name:WordPress Spellchecker Local File Inclusion \/ Remote File Inclusion
ate:2011-04-13,name:Live Wire 2.0 For WordPress Cross Site Scripting \/ Denial Of Service
ate:2011-04-07,name:WordPress AdWizz 1.0 Cross Site Scripting
ate:2011-03-18,name:Cool Very 1.3 WordPress Plugin Path Disclosure
ate:2011-03-10,name:WP Forum WordPress Plugin 1.7.8 SQL Injection
ate:2011-03-10,name:NextGEN Gallery WordPress Plugin 1.7.3 Path Disclosure
ate:2011-03-10,name:Mingle Forum WordPress Plugin 1.0.28 Cross Site Scripting \/ Path Disclosure
ate:2011-03-02,name:WordPress IGIT Posts Sl Cross Site Scripting
ate:2011-03-02,name:WordPress PG Flash Gallery 4.1.1 Cross Site Scripting
ate:2011-03-02,name:WordPress YT-Audio 1.7 Cross Site Scripting
ate:2011-03-02,name:WordPress WPhone 1.5.2 Cross Site Scripting
ate:2011-03-02,name:WordPress PhotoSmash 1.0.2 Cross Site Scripting
ate:2011-03-01,name:WordPress jQuery Mega Menu 1.0 Local File Inclusion
ate:2011-03-01,name:WordPress OPS Old Post Spinner 2.2 Local File Inclusion
ate:2011-03-01,name:WordPress ComicPress Manager 1.4.9.9 Cross Site Scripting
ate:2011-03-01,name:WordPress Zotpress 2.6 Cross Site Scripting
ate:2011-03-01,name:WordPress Uploadify 1.0 Shell Upload
ate:2011-03-01,name:SQL Injection in WP Forum Server wordpress plugin
ate:2011-02-22,name:WordPress User Photo Component Shell Upload
ate:2011-02-03,name:WordPress TagNinja 1.0 Cross Site Scripting
ate:2011-02-03,name:WordPress RSS Feed Reader For WordPress 0.1 Cross Site Scripting
ate:2011-02-03,name:WordPress WP Featured Post With Thumbnail 3.0 Cross Site Scripting
ate:2011-02-03,name:WordPress WP Publication Archive 2.0.1 Local File Inclusion
ate:2011-01-11,name:WordPress Feed List 2.61.01 Cross Site Scripting
ate:2011-01-04,name:WordPress Survery And Quiz Tool 1.2.1 XSS
ate:2011-01-02,name:Embedded VPress Plugin Cross Site Vulnerability (XSS)
ate:2011-01-01,name:WordPress Accept Signups 0.1 Cross Site Scripting
ate:2010-12-23,name:Embedded VPress Plugin Cross Site Scripting
ate:2010-12-13,name:Vulnerabilities in Register Plus for WordPress
ate:2010-11-05,name:cforms WordPress Plugin Cross Site Scripting Vulnerability
ate:2010-10-29,name:WordPress 3.0.1 plugin myLDlinker ( SQL Injection Vulnerability )
ate:2010-08-18,name:WordPress 3.0.1 - Cross Site Scripting Issue
ate:2010-07-05,name:WP-UserOnline 2.62 for WordPress cross site scripting and path disclosure
ate:2010-06-30,name:Cimy Counter for WordPress Vulnerabilities
ate:2010-06-13,name:Gigya Socializes 1.1.8 and below for WordPress cross site scripting
ate:2010-05-14,name:Events Manager Wordpress plugins 2.1 remote blind SQL injection
ate:2010-04-03,name:WordPress Plugin: My Category Order <= 2.8 SQL Injection
ate:2010-02-28,name:WordPress 0.16 Copperleaf Photolog SQL injection
ate:2010-02-06,name:The Wordpress Calendar remote SQL injection
ate:2009-12-30,name:WordPress and Pyrmont V2. SQL Injection Vulnerability
ate:2009-12-10,name:WP-Cumulus for WordPress - XSS, FPD
ate:2009-11-27,name:WordPress 2.7.1 security bypass vulnerability admin
ate:2009-11-16,name:WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution
ate:2009-10-28,name:Wordpress Resource Exhaustion - Denial of Service Vulnerability
ate:2009-09-12,name:Nextgen gallery 0.96 wordpress plugin XSS Vulnerability
ate:2009-08-27,name:WordPress SQL Injection(wp-content-simple-forum)
ate:2009-08-24,name:Wordpress Plugin WP-Syntax <= 0.9.1 Remote Command Execution
ate:2009-08-14,name:WordPress <= 2.8.3 Remote Admin Reset Password Vulnerability
ate:2009-07-16,name:WordPress Privileges Unchecked in admin.php and Multiple Information Disclosures
ate:2009-07-15,name:WordPress Plugin Related Sites 2.1 Blind SQL Injection Vulnerability
ate:2009-07-11,name:WordPress Plugin DM Albums 1.9.2 Remote File Inclusion Vuln
ate:2009-07-11,name:WordPress Privileges Unchecked in admin.php and Multiple Information
ate:2009-06-23,name:WordPress Plugin Photoracer 1.0 (njection Vulnerability
ate:2009-05-20,name:Wordpress Plugin e-Commerce <= 3.4 Arbitrary File Upload Exploit
ate:2009-03-23,name:WordPress MU HTTP Header XSS Vulnerability
ate:2009-03-23,name:Wordpress Plugin fMoblog 2.1 (njection Vulnerability
ate:2009-01-03,name:Wordpress Plugin Page Flip Image Gallery <= 0.2.2 Remote FD Vuln
ate:2008-12-23,name:Wordpress MU < 1.3.2 active_plugins option Code Execution Exploit
ate:2008-12-02,name:WordPress XSS vulnerability in RSS Feed Generator
date:2008-10-25,name:Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection Vuln
date:2008-10-22,name:Exploiting the SpamBam plugin for wordpress
date:2008-10-06,name:WordPress MU < 2.6 wpmu-blogs.php Crose Site Scrpting vulnerability
date:2008-10-05,name:WordPress MU < 2.6 wpmu-blogs.php Crose Site Scrpting vulnerability
date:2008-09-18,name:Wordpress user_login Column SQL Truncation Vulnerability
date:2008-08-02,name:Wordpress Plugin Download Manager 0.2 Arbitrary File Upload Exploit
date:2008-06-15,name:XSS - NEXTGEN GALLERY 0.96 WORDPRESS PLUGIN
date:2008-06-02,name:vuln in WordPress plugin Upload File(UP)
date:2008-06-02,name:Wordpress Malicious File Execution Vulnerability
date:2008-03-25,name:WordPress Multiple Cross-Site Scripting Vulnerabilities
date:2008-03-10,name:Wordpress Plugin Sniplets 1.1.2 Multiple Vulnerabilities
date:2008-03-09,name:WordPress album PHOTO SQL Injection
date:2008-03-06,name:Search Unleashed 0.2.10 JavaScript injection (Wordpress plugin)
date:2008-03-06,name:Wordpress Plugin (wp-people) SQL Injection
date:2008-02-19,name:Wordpress Pluging wp-footnotes 2.2 (admin_panel.php) Multiple Vulnerabilites
date:2008-02-15,name:Wordpress Plugin dmsguestbook 1.7.0 Multiple Remote Vulnerabilities
date:2008-01-21,name:Multiple Vulnerabilities in Wordpress and other Web applications
date:2007-12-16,name:WordPress Charset SQL injection vulnerability (re-resend)
date:2007-11-24,name:Wordpress Cookie Authentication Vulnerability
date:2007-10-12,name:2 vanilla XSS on Wordpress \wp-register.php\
date:2007-07-17,name:Redirection Vulnerability in wp-pass.php, WordPress 2.2.1
date:2007-06-28,name:Persistent cross-site scripting in wordpress.com dashboard
date:2007-06-27,name:Wordpress default theme XSS (admin) and other problems
date:2007-05-20,name:Wordpress All versions XSS
date:2007-05-12,name:wordpress plugins wordTube <= 1.43 (wpPATH) Remote File Inclusion Vulnerability
date:2007-04-13,name:WordPress XSS under function wp_title()
date:2007-02-05,name:Multiple Remote Vulnerabilities in Wordpress
date:2007-01-19,name:WordPress CSRF Protection XSS Vulnerability
date:2007-01-19,name:Wordpress <= 2.x dictionnary & Bruteforce attack
date:2007-01-19,name:WordPress Trackback Charset Decoding SQL Injection Vulnerability
date:2007-01-07,name:Enigma WordPress Brrddir) Remote File Include
date:2006-08-23,name:Wordpress WP-DB Backup Plugin Directory Traversal Vulnerability
date:2006-07-13,name:WordPress 2.0.3 SQL Error and Full Path Disclosure
date:2006-01-05,name:Full path disclosure on WordPress < 1.5.2}

Joomla历史插件漏洞集合

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
date:2018-06-28,name:joomla jsn gruve pro 2.1.0 Directory traversal Vulnerability  
date:2018-06-24,name:Joomla com_regionalm Icta Regional Museum SQL Injection Vulnerability
date:2018-06-24,name:Joomla Com_Techedu Courseview Developed in Association with Icta SriLanka SQL Injection Vulnerabilit
date:2018-06-20,name:Joomla! Component Jomres 9.11.2 Cross-Site Request Forgery (Add User)
date:2018-06-18,name:Joomla Jomres 9.11.2 Cross Site Request Forgery
date:2018-06-14,name:Joomla Component Ek rishta 2.10 SQL Injection
date:2018-06-12,name:Joomla! Component EkRishta 2.10 username SQL Injection
date:2018-06-11,name:Joomla com_rsfiles Local File Disclosure Vulnerability
date:2018-06-06,name:Joomla! Component dj-imageslider 3.2.3-3.1.0 - Arbitrary File Upload Vulnerability
date:2018-05-30,name:Joomla! Component jCart for OpenCart 2.3.0.2 Cross-Site Request Forgery
date:2018-05-24,name:Joomla Content Editor JCE ImageManager Vulnerability Mass Auto Exploiter
date:2018-05-21,name:Joomla EkRishta 2.10 Cross Site Scripting \/ SQL Injection
date:2018-05-11,name:Joomla com_training SQL Injection Vulnerability
date:2018-04-17,name:Joomla! Component jDownloads 3.2.58 Cross Site Scripting
date:2018-04-13,name:Joomla Convert Forms 2.0.3 CSV Injection
date:2018-04-09,name:Joomla com_foxcontact Shell Upload Vulnerability Exploit
date:2018-04-06,name:Joomla JS Jobs 1.2.0 Cross Site Scripting
date:2018-03-31,name:Joomla! Component Acymailing Starter 5.9.5 CSV Macro Injection
date:2018-03-30,name:Joomla Component Fields SQLi Remote Code Execution
date:2018-03-06,name:Joomla com_scatalog 2.0 SQL Injection Vulnerability
date:2018-03-06,name:Joomla com_jomestate 1.0 Sql injection Vulnerability
date:2018-03-06,name:Joomla com_pricelist SQL Injection Vulnerability
date:2018-03-06,name:Joomla com_niceajaxpoll 1.4.0 Sql injection Vulnerability
date:2018-03-06,name:Joomla com_subcategory 1.2.15 SQL Injection Vulnerability
date:2018-03-06,name:Joomla! Component Joomanager 2.0.0 com_Joomanager Arbitrary File Download
date:2018-03-05,name:Joomla com_fireboard SQL Injection Vulnerability
date:2018-03-03,name:Joomla! 3.7 SQL Injection
date:2018-02-28,name:Joomla! Component K2 2.8.0 Arbitrary File Download
date:2018-02-28,name:Joomla kunena_com - SQL Injection Vulnerability
date:2018-02-23,name:Joomla! Component OS Property Real Estate 3.12.7 SQL Injection
date:2018-02-23,name:Joomla! Component Proclaim 9.1.1 Backup File Download
date:2018-02-23,name:Joomla! Component PrayerCenter 3.0.2 sessionid SQL Injection
date:2018-02-23,name:Joomla! Component Proclaim 9.1.1 Arbitrary File Upload
date:2018-02-23,name:Joomla! Component CheckList 1.1.1 SQL Injection
date:2018-02-23,name:Joomla! Component Alexandria Book Library 3.1.2 letter SQL Injection
date:2018-02-23,name:Joomla! Component Ek Rishta 2.9 SQL Injection
date:2018-02-22,name:Joomla! Component CW Tags 2.0.6 SQL Injection
date:2018-02-17,name:Joomla! JquickContact 1.3.2.2.1 SQL Injection
date:2018-02-17,name:Joomla! Google Map Landkarten 4.2.3 SQL Injection
date:2018-02-17,name:Joomla! Gallery WD 1.3.6 SQL Injection
date:2018-02-17,name:Joomla! Saxum Numerology 3.0.4 SQL Injection
date:2018-02-17,name:Joomla! SquadManagement 1.0.3 SQL Injection
date:2018-02-17,name:Joomla! Timetable Responsive Schedule For Joomla 1.5 SQL Injection
date:2018-02-17,name:Joomla ccNewsletter 2.x.x SQL Injection
date:2018-02-17,name:Joomla! MediaLibrary Free 4.0.12 SQL Injection
date:2018-02-17,name:Joomla! SimpleCalendar 3.1.9 SQL Injection
date:2018-02-17,name:Joomla! JTicketing 2.0.16 SQL Injection
date:2018-02-17,name:Joomla! JS Jobs 1.1.9 SQL Injection
date:2018-02-17,name:Joomla! JGive 2.0.9 SQL Injection
date:2018-02-17,name:Joomla! InviteX 3.0.5 SQL Injection
date:2018-02-17,name:Joomla! JS Autoz 1.0.9 SQL Injection
date:2018-02-17,name:Joomla! Solidres 2.5.1 SQL Injection
date:2018-02-17,name:Joomla! Project Log 1.5.3 SQL Injection
date:2018-02-17,name:Joomla! Realpin 1.5.04 SQL Injection
date:2018-02-17,name:Joomla! Saxum Astro 4.0.14 SQL Injection
date:2018-02-06,name:Joomla! Component JSP Tickets 1.1 SQL Injection
date:2018-02-06,name:Joomla! Component jLike 1.0 Information Leak
date:2018-02-06,name:Joomla! Component Zh GoogleMap 8.4.0.0 SQL Injection
date:2018-02-06,name:Joomla! Component Zh YandexMap 6.2.1.0 id SQL Injection
date:2018-02-06,name:Joomla! Component Zh BaiduMap 3.0.0.1 SQL Injection
date:2018-02-03,name:Joomla! JEXTN Reverse Auction 3.1.0 SQL Injection
date:2018-02-03,name:Joomla! JMS Music 1.1.1 SQL Injection
date:2018-02-03,name:Joomla! JE PayperVideo 3.0.0 SQL Injection
date:2018-02-02,name:joomla! com_joomlabook components SQL Injection
date:2018-01-31,name:Joomla! Visual Calendar 3.1.3 SQL Injection
date:2018-01-31,name:Joomla! Picture Calendar For Joomla 3.1.4 Directory Traversal
date:2018-01-30,name:Joomla JEXTN FAQ Pro 4.0.0 - SQL Injection
date:2018-01-29,name:Joomla! Jtag Members Directory 5.3.7 Arbitrary File Download
date:2018-01-29,name:Joomla! JS Support Ticket 1.1.0 Cross Site Request Forgery
date:2018-01-27,name:VirtueMart2.6.12.2 Joomla 2.5.27 Stable Full Package Sql Vulnerability
date:2018-01-11,name:Joomla! Easydiscuss Cross Site Scripting
date:2018-01-05,name:Joomla JMultipleHotelReservation 6.0.5 SQL Injection
date:2018-01-05,name:Joomla Ad Agency 6.0.9 SQL Injection
date:2018-01-05,name:Joomla JUX Real Estate 3.3.0 SQL Injection
date:2018-01-05,name:Joomla J-BusinessDirectory 4.7.3 SQL Injection
date:2018-01-04,name:Joomla EXP Auto 4.2.3 SQL Injection
date:2018-01-03,name:Joomla JomDirectory 4.4 SQL Injection
date:2018-01-03,name:Joomla VP Conversion Tracking 1.7 SQL Injection
date:2017-12-31,name:Joomla YouBumpit 2.0 SQL Injection
date:2017-12-30,name:Joomla Varista Education 2.9 SQL Injection
date:2017-12-30,name:Joomla JomEvents 3.7 SQL Injection
date:2017-12-30,name:Joomla Jtag Minicart 4.1.0 SQL Injection
date:2017-12-30,name:Joomla Jtag Members Directory 5.3.7 SQL Injection
date:2017-12-30,name:Joomla JomEstate PRO 3.7 SQL Injection
date:2017-12-30,name:Joomla JomHoliday 4.0 SQL Injection
date:2017-12-30,name:Joomla SP Movie Database 1.4 SQL Injection
date:2017-12-26,name:Joomla! Component JEXTN FAQ Pro 4.0.0 id SQL Injection
date:2017-12-22,name:Joomla JB Bus 2.3.0 SQL Injection
date:2017-12-22,name:Joomla JB Tour Booking 2.2.2 SQL Injection
date:2017-12-19,name:Joomla! My Projects 2.0 SQL Injection
date:2017-12-19,name:Joomla! Guru Pro SQL Injection
date:2017-12-19,name:Joomla! JB Visa 1.0 SQL Injection
date:2017-12-19,name:Joomla! User Bench 1.0 SQL Injection
date:2017-12-17,name:Joomla Component JBcatalog - Arbitrary File Upload
date:2017-12-15,name:Joomla! JEXTN Question And Answer 3.1.0 SQL Injection
date:2017-12-15,name:Joomla! JEXTN Video Gallery 3.0.5 SQL Injection
date:2017-12-13,name:Joomla Com_fabrik Upload Shell
date:2017-12-13,name:Joomla JBuildozer 1.4.1 SQL Injection
date:2017-10-31,name:Joomla! Component NS Download Shop 2.2.6 id SQL Injection
date:2017-10-31,name:Joomla! Component Zh YandexMap 6.1.1.0 placemarklistid SQL Injection
date:2017-10-01,name:Joomla NS Download Shop 2.2.6 SQL Injection
date:2017-10-01,name:Joomla Zh YandexMap 6.1.1.0 SQL Injection
date:2017-09-25,name:Joomla! 3.7.5 LDAP Injection
date:2017-09-12,name:Huge-IT Video Gallery v1.0.9 for Joomla Unauthenticated SQL Injection
date:2017-09-12,name:Huge-IT Catalog v1.0.7 for Joomla Unauthenticated SQL Injection
date:2017-09-03,name:Joomla Pinboard Romet File Upload
date:2017-09-01,name:Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.6 - SQL Injection
date:2017-08-31,name:Joomla! Component Quiz Deluxe 3.7.4 SQL Injection
date:2017-08-31,name:Joomla! Component Joomanager 2.0.0 Arbitrary File Download
date:2017-08-22,name:Joomla Ajax Quiz 1.8 SQL Injection
date:2017-08-21,name:Joomla Component Calendar Planner 1.0.1 - SQL Injection
date:2017-08-20,name:Joomla Component com_annonces Upload Shell
date:2017-08-20,name:Joomla com_eportfolio Upload Vulnerability
date:2017-08-19,name:Joomla! Component Appointment 1.1 - SQL Injection
date:2017-08-19,name:Joomla! Component Calendar Planner 1.0.1 - SQL Injection
date:2017-08-19,name:Joomla! Component SP Movie Database 1.3 - SQL Injection
date:2017-08-19,name:Joomla! Component Zap Calendar Lite 4.3.4 - SQL Injection
date:2017-08-19,name:Joomla! Component KissGallery 1.0.0 - SQL Injection
date:2017-08-19,name:Joomla! Component Twitch Tv 1.1 - SQL Injection
date:2017-08-18,name:Joomla com_jumi Remote SQL Injection
date:2017-08-18,name:Joomla com_weblinks Shell Upload Vulnerability
date:2017-08-04,name:Joomla! Component StreetGuessr Game 1.1.8 SQL Injection
date:2017-08-03,name:Joomla Component Ultimate Property Listing 1.0.2 - SQL Injection
date:2017-08-02,name:Joomla! Component Event Registration Pro Calendar 4.1.3 - SQL Injection
date:2017-08-02,name:Joomla! Component LMS King Professional 3.2.4.0 - SQL Injection
date:2017-08-02,name:Joomla! Component Ultimate Property Listing 1.0.2 - SQL Injection
date:2017-08-02,name:Joomla! Component SIMGenealogy 2.1.5 - SQL Injection
date:2017-08-02,name:Joomla! Component PHP-Bridge 1.2.3 - SQL Injection
date:2017-07-29,name:Joomla! Component CCNewsLetter 2.1.9 - &#039;sbid&#039; Parameter SQL Injection
date:2017-07-21,name:Joomla JoomRecipe 1.0.4 Component - Blind SQL Injection Vulnerability
date:2017-07-10,name:Joomla Akobook Component Cross-Site Scripting
date:2017-06-29,name:Joomla SocialPinBoard Arbitrary File Upload
date:2017-06-16,name:Joomla! Component JoomRecipe 1.0.3 SQL Injection
date:2017-06-11,name:Joomla COM_ALPHACONTENT 4.0.11 SQL injection Vulnerability *youtube
date:2017-06-11,name:Joomla COM_FWZ_EVENTS 1.0 SQL injection Vulnerability
date:2017-05-31,name:Se*y Exploit Joomla File Upload
date:2017-05-31,name:Joomla 3.x Proof Of Concept Shell Upload
date:2017-05-29,name:Joomla VideoFlow 1.2.0 SQL Injection Vulnerability
date:2017-05-25,name:Joomla VideoFlow 1.2.0 - SQL Injection
date:2017-05-24,name:Joomla VideoFlow 1.2.0 SQL Injection
date:2017-05-20,name:Joomla 3.7.0 Fields SQL Injection
date:2017-05-19,name:Joomla Component SIMGallery 6.0.0 - Full Path Disclosure
date:2017-05-02,name:Joomla com_tag Component - &#039;Tag&#039; Parameter Sql Injection Vulnerability
date:2017-05-01,name:Joomla Component JGrid 4.44 - SQL Injection
date:2017-04-27,name:Joomla jDBexport 3.2.10 Cross Site Scripting \/ Path Disclosure
date:2017-04-27,name:Joomla MyPortfolio 3.0.2 SQL Injection
date:2017-04-15,name:Joomla com_phocadownload SQL Vulnerability
date:2017-04-08,name:Joomla com_winners - &#039;id&#039; Parameter SQL Injection
date:2017-04-03,name:Joomla Component JobGrok Listing 3.1-1.2.58 - SQL Injection
date:2017-04-03,name:Joomla Component JobGrok Application 3.1-1.2.55 - SQL Injection
date:2017-03-24,name:Joomla FocalPoint 1.2.3 SQL Injection
date:2017-03-23,name:Joomla Component FocalPoint 1.2.3 - SQL Injection
date:2017-03-22,name:Joomla Extra Search 2.2.8 SQL Injection
date:2017-03-21,name:Joomla JooCart 2.x SQL Injection
date:2017-03-20,name:Joomla jCart For OpenCart 2.0 SQL Injection
date:2017-03-16,name:Joomla Vik Appointments 1.5 SQL Injection
date:2017-03-16,name:Joomla Vik Rent Car 1.11 SQL Injection
date:2017-03-16,name:Joomla Vik Rent Items 1.3 SQL Injection
date:2017-03-15,name:Joomla Advertisement Board 3.0.4 SQL Injection
date:2017-03-15,name:Joomla Simple Membership 3.3.3 SQL Injection
date:2017-03-14,name:Joomla ALFContact 3.2.3 SQL Injection
date:2017-03-13,name:Joomla com_kide Component &#039;view&#039; Parameter Sql Injection Vulnerability
date:2017-03-13,name:Joomla com_carocci Component &#039;isbn&#039; Parameter Sql Injection Vulnerability
date:2017-03-11,name:Joomla com_product 2.2 SQL injection Vulnerability
date:2017-03-08,name:Joomla Akeeba Backup 5.2.5 Directory Traversal
date:2017-03-07,name:Joomla Component Akeeba Backup 5.2.5 - Directory Traversal
date:2017-03-04,name:Joomla Abstract 2.1 SQL Injection
date:2017-03-04,name:Joomla Guesser 1.0.4 SQL Injection
date:2017-03-04,name:Joomla Recipe Manager 2.2 SQL Injection
date:2017-03-04,name:Joomla StreetGuessr Game 1.0 SQL Injection
date:2017-03-02,name:Joomla com_jdownloads Component - &#039;cid&#039; Parameter Sql Injection Vulnerability
date:2017-03-02,name:Joomla com_webgrouper Component - &#039;Itemid&#039; Parameter Sql Injection Vulnerability
date:2017-03-01,name:Joomla com_frontpage Component &#039;Itemid&#039; Parameter Sql Injection Vulnerability
date:2017-03-01,name:Joomla com_filecabinet Component &#039;id&#039; Parameter Sql Injection Vulnerability
date:2017-03-01,name:Joomla com_phocadownload Component &#039;id&#039; Parameter Sql Injection Vulnerability
date:2017-02-28,name:Joomla Spinner 360 1.3.0 SQL Injection
date:2017-02-26,name:Joomla com_remository Component &#039;id&#039; Parameter Sql Injection Vulnerability
date:2017-02-26,name:Joomla com_k2 Component &#039;id&#039; Parameter Sql Injection Vulnerability
date:2017-02-26,name:Joomla com_onlinejudge Component - &#039;Itemid&#039; Parameter Sql Injection Vulnerability
date:2017-02-26,name:Joomla com_fsf Component &#039;catid&#039; Parameter Sql Injection Vulnerability
date:2017-02-26,name:Joomla com_publication Component &#039;sid&#039; Parameter Sql Injection Vulnerability
date:2017-02-25,name:Joomla com_jumi - SQL Injection Exploit
date:2017-02-25,name:Joomla com_comprofiler Component Sql Injection Vulnerability
date:2017-02-25,name:Joomla com_wisroyq Component - &#039;Pid&#039; Parameter Sql Injection Vulnerability
date:2017-02-25,name:Joomla com_sgpprojects Component Sql Injection Vulnerability
date:2017-02-25,name:Joomla com_glossary Component &#039;id&#039; Parameter Sql Injection Vulnerability
date:2017-02-25,name:Joomla com_civicrm Component &#039;id&#039; Parameter Sql Injection Vulnerability
date:2017-02-25,name:Joomla GPS Tools 4.0.1 SQL Injection
date:2017-02-25,name:Joomla AJAX Search For K2 2.2 SQL Injection
date:2017-02-25,name:Joomla Community Surveys 4.3 SQL Injection
date:2017-02-25,name:Joomla Community Quiz 4.3.5 SQL Injection
date:2017-02-25,name:Joomla JO Facebook Gallery 4.5 SQL Injection
date:2017-02-25,name:Joomla Community Polls 4.5.0 SQL Injection
date:2017-02-25,name:Joomla JooDatabase 3.1.0 SQL Injection
date:2017-02-25,name:Joomla Intranet Attendance Track 2.6.5 SQL Injection
date:2017-02-24,name:Joomla J-CruiseReservation Standard 3.0 SQL Injection
date:2017-02-24,name:Joomla VehicleManager 3.9 SQL Injection
date:2017-02-24,name:Joomla RealEstateManager 3.9 SQL Injection
date:2017-02-24,name:Joomla MultiTier 3.1 SQL Injection
date:2017-02-24,name:Joomla MediaLibrary Basic 3.5 SQL Injection
date:2017-02-24,name:Joomla UserExtranet 1.3.1 SQL Injection
date:2017-02-24,name:Joomla BookLibrary 3.6.1 SQL Injection
date:2017-02-24,name:Joomla Eventix Events Calendar 1.0 SQL Injection
date:2017-02-24,name:Joomla J-BusinessDirectory 4.6.8 SQL Injection
date:2017-02-24,name:Joomla AppointmentBookingPro 4.0.1 SQL Injection
date:2017-02-22,name:Joomla Component com_digistore &#039;cid&#039; Parameter Sql Injection Vulnerability
date:2017-02-22,name:Joomla Component com_redshop &#039;Pid&#039; Parameter Sql Injection Vulnerability
date:2017-02-22,name:Joomla Component com_fabrik XSS Injection Vulnerability
date:2017-02-21,name:Joomla Anief 1.5 SQL Injection
date:2017-02-21,name:Joomla DJCatalog2 1.5 SQL Injection
date:2017-02-20,name:Joomla Component Com_rsgallery2 &#039;gid&#039; Parameter Sql Injection Vulnerability
date:2017-02-19,name:Joomla Component com_djcatalog2 &#039;cid&#039; Parameter Sql Injection Vulnerability
date:2017-02-19,name:Joomla Component com_maxcomment Sql Injection Vulnerability
date:2017-02-18,name:Joomla com_media Upload Vulnerability
date:2017-02-18,name:Joomla Component com_dcrc &#039;pid&#039; Parameter Sql Injection Vulnerability
date:2017-02-18,name:Joomla Component com_topics &#039;id&#039; Parameter Sql Injection Vulnerability
date:2017-02-18,name:Joomla Component com_docman &#039;gid&#039; Parameter Sql Injection Vulnerability
date:2017-02-15,name:Joomla Music Collection 3.0.3 SQL Injection
date:2017-02-14,name:Joomla Hbooking 1.9.9 SQL Injection
date:2017-02-14,name:Joomla JE Auto 1.5 SQL Injection
date:2017-02-14,name:Joomla JE Auction 1.6 SQL Injection
date:2017-02-14,name:Joomla JE Tour 2.0 SQL Injection
date:2017-02-14,name:Joomla JE Video Rate 1.0 SQL Injection
date:2017-02-14,name:Joomla JE Classify Ads 1.2 SQL Injection
date:2017-02-14,name:Joomla JE Quiz 2.3 SQL Injection
date:2017-02-14,name:Joomla JE Directory Ads 1.7 SQL Injection
date:2017-02-14,name:Joomla JE K2 Multiple Form Story 1.3 SQL Injection
date:2017-02-14,name:Joomla JE Form Creator 1.8 SQL Injection
date:2017-02-14,name:Joomla JE Ticket System 1.2 SQL Injection
date:2017-02-14,name:Joomla JE Grid Folio SQL Injection
date:2017-02-14,name:Joomla JE Portfolio Creator 1.2 SQL Injection
date:2017-02-14,name:Joomla JE Property Finder 1.6.3 SQL Injection
date:2017-02-14,name:Joomla JE Gallery 1.3 SQL Injection
date:2017-02-14,name:Joomla JE Messanger SQL Injection
date:2017-02-14,name:Joomla JE QuoteForm SQL Injection
date:2017-02-14,name:Joomla Component GeoContent 4.5 - Cross-site scripting
date:2017-02-14,name:Joomla JE Awd Song 1.8 SQL Injection
date:2017-02-14,name:Joomla Component GameServer! 3.4 - SQL Injection
date:2017-02-14,name:Joomla Component Fastball 3.2.8 - SQL Injection
date:2017-02-13,name:Joomla Component onisMusic 2 - SQL Injection
date:2017-02-13,name:Joomla Component onisQuotes 2.5 - SQL Injection
date:2017-02-13,name:Joomla Component onisPetitions 2.5 - SQL Injection
date:2017-02-13,name:Joomla Component Sports Predictions 2.1.0.4 - Cross-site scripting
date:2017-02-13,name:Joomla Component Soccer Bet 4.1.5 - SQL Injection
date:2017-02-13,name:Joomla Component Vik Booking 1.7 - SQL Injection
date:2017-02-13,name:Joomla Component Sponsor Wall 7.0 - SQL Injection
date:2017-02-11,name:Joomla com_joominaflileselling 2.2 SQL injection Vulnerability
date:2017-01-30,name:Joomla Store Locator 2.3.1.0 Cross Site Scripting
date:2017-01-28,name:Joomla Component Store Locator 2.3.1.0 - Cross-site scripting
date:2017-01-28,name:Joomla Component JTAG Calendar 6.2.4 - SQL Injection
date:2017-01-26,name:Joomla! &lt; 2.5.2 - Admin Creation
date:2017-01-26,name:Joomla! &lt; 3.6.4 - Admin TakeOver
date:2017-01-08,name:F3D4\u0130&#039;s Joomla Arbitrary File Upload Vulnerability
date:2017-01-03,name:Joomla com_remository Remote Upload File
date:2016-12-30,name:Joomla aWeb Cart Watching System For Virtuemart 2.6.0 SQL Injection
date:2016-12-30,name:Joomla! Blog Calendar SQL Injection
date:2016-12-27,name:Joomla Blog Calendar SQL Injection
date:2016-12-21,name:Syrian&#039;s joomla 1.6.x Download Database Backup
date:2016-12-20,name:Joomla RPL 8.9.2 SQL Injection
date:2016-12-17,name:Joomla com_rpl SQL injection Vulnerability
date:2016-12-13,name:Joomla extension DT Register SQL injection
date:2016-11-22,name:Joomla K2 2.7.1 Shell Upload \/ Cross Site Request Forgery
date:2016-10-27,name:Joomla (&lt; 3.6.4) Account Creation\/Elevated Privileges write-up and exploit
date:2016-10-11,name:Joomla Virtuemart 2.6. com_devn_vmattribute Arbitrary File Upload Vulnerability
date:2016-10-03,name:Joomla DVFolderContent 1.0.2 Local File Disclosure
date:2016-09-28,name:Joomla com_remository Component - Full Path Disclosure Vulnerability
date:2016-09-27,name:Joomla Event Booking 2.10.1 SQL Injection
date:2016-09-23,name:Joomla Huge-IT Video Gallery 1.0.9 SQL Injection
date:2016-09-21,name:Joomla! session id not hashed
date:2016-09-16,name:Joomla com_cckjseblod Config File Download Vulnerability
date:2016-09-13,name:Joomla jVoteSystem Component 2.56 SQL Injection
date:2016-09-13,name:Joomla jVoteSystem 2.56 Component Cross Site Scripting
date:2016-09-11,name:Joomla com_alberghi Arbitrary File Upload Vulnerability
date:2016-08-31,name:Joomla com_jsjobs SQL injection Vulnerability
date:2016-08-31,name:Joomla com_offices SQL injection Vulnerability
date:2016-08-17,name:Joomla com aceftp Arbitrary File Download Vulnerability
date:2016-08-16,name:Joomla AceFTP Arbitrary File Download
date:2016-08-11,name:Joomla com_registrationpro SQL injection Vulnerability
date:2016-08-06,name:K2 Joomla! Extension Cross Site Scripting
date:2016-08-04,name:Joomla com_videoflow SQL injection Vulnerability
date:2016-08-02,name:Joomla com_breezingforms Arbitrary File Upload
date:2016-07-28,name:Huge IT Joomla Catalog Extension 1.0.4 XSS \/ SQL Injection
date:2016-07-28,name:Joomla com_seyret SQL Injection
date:2016-07-26,name:Joomla Huge IT Gallery 1.1.5 Cross Site Scripting \/ SQL Injection
date:2016-07-25,name:Joomla com_showdown SQL injection Vulnerability
date:2016-07-19,name:Joomla com_aicontactsafe Arbitrary File Upload \/ SQL injection Vulnerability
date:2016-07-17,name:Joomla com_music SQL injection Vulnerability
date:2016-07-17,name:Joomla Component com_jcalpro XSS
date:2016-07-15,name:Joomla Guru Pro SQL Injection
date:2016-07-15,name:Joomla Zh GoogleMap 8.1.2.0 Blind SQL Injection
date:2016-07-13,name:Joomla com_ jomres SQL injection Vulnerability
date:2016-07-12,name:Joomla com_jbusinessdirectory SQL injection
date:2016-07-12,name:Joomla Branch 3.0 SQL Injection
date:2016-07-12,name:Joomla XMap 2.3.4 SQL Injection
date:2016-07-12,name:Joomla Services SQL Injection
date:2016-07-12,name:Joomla Forms 1.3.1 SQL Injection
date:2016-07-10,name:Joomla com_threate 1.1.4 SQL injection
date:2016-07-09,name:Joomla Topics 1.5.12 SQL Injection
date:2016-07-02,name:Joomla com_jotloader - Full Path Disclosure Vulnerability
date:2016-07-01,name:Joomla com_smartformer 2.4.1 Shell Upload
date:2016-06-22,name:Joomla Publisher 3.0.11 SQL Injection
date:2016-06-20,name:Joomlaxtc Template Burgertime Cross Site Scripting Stored Vulnerability
date:2016-06-19,name:Joomla com_bt_media - SQL Injection
date:2016-06-16,name:Joomla En-Masse 6.4 SQL Injection
date:2016-06-15,name:Joomla Catfiltering 1.5.4 SQL Injection
date:2016-06-15,name:Joomla com_catfiltering - SQL Injection
date:2016-06-15,name:Joomla com_affiliate - SQL Injection
date:2016-06-13,name:Joomla com_payplans - SQL Injection
date:2016-06-11,name:Joomla com_maqmahelpdesk - XSS Vulnerability
date:2016-06-08,name:Joomla com_availcal - SQL Injection
date:2016-06-08,name:Joomla JobGrokApp 3.1-1.2.55 SQL Injection
date:2016-06-08,name:Joomla com_joomdoc - Full Path Disclosure Vulnerability
date:2016-06-05,name:Joomla Jumi 3.0.5 Cross Site Scripting
date:2016-06-02,name:Joomla SecurityCheck 2.8.9 Cross Site Scripting \/ SQL Injection
date:2016-05-31,name:Joomla Simple Calendar 0.7.6b SQL Injection
date:2016-05-17,name:Joomla com_ksadvertiser Advertiser Remote File &amp; Bypass Upload shell
date:2016-05-17,name:Joomla Component com_foxcontact Arbitrary File Upload shell Vulnerability
date:2016-05-13,name:Joomla com property unrestricted file upload image php
date:2016-05-13,name:Joomla Component com_smartformer shell upload Vulnerability
date:2016-05-13,name:Joomla com_garyscookbook file upload
date:2016-05-11,name:Joomla Simple Photo Gallery - SQL injection
date:2016-05-11,name:Joomla Event Manager (com_jem) - Cross Site Scripting
date:2016-04-11,name:Joomla com_simpleimageupload Image Upload - Arbitrary File Upload
date:2016-03-23,name:Joomla iCagenda 3.5.15 Cross Site Scripting
date:2016-03-23,name:Joomla Easy Youtube Gallery 1.0.2 SQL Injection
date:2016-02-10,name:Joomla Subcategory 1.2.15 SQL Injection
date:2016-02-10,name:Joomla Scatalog 2.0 SQL Injection
date:2016-02-08,name:Joomla Pricelist 3.2.1 SQL Injection
date:2016-01-29,name:Joomla Component com_hotel XSS
date:2016-01-27,name:Joomla com_hotelguide Sql injection
date:2016-01-24,name:Joomla com_abook Sql Injection
date:2016-01-21,name:Joomla com_hotproperty SQL Injection
date:2016-01-20,name:Joomla Fsave 2.0 Local File Disclosure
date:2016-01-20,name:Joomla com_furniture SQL Injection
date:2016-01-19,name:Joomla com_jumi Remote SQL Injection Exploit
date:2016-01-19,name:Joomla com_igallery Sql Injection
date:2015-12-21,name:Joomla Object Injection RCE Vulnerability (py Exploit)
date:2015-12-16,name:Joomla 1.5 - 3.4.5 Object Injection Remote Command Execution Exploit
date:2015-12-15,name:Joomla Shape 5 MP3 Player 2.0 Local File Disclosure
date:2015-12-15,name:Joomla Critical 0-day Remote Command Execution Vulnerability
date:2015-12-11,name:Joomla Nice Ajax Poll 1.4.0 SQL Injection
date:2015-12-03,name:Joomla dtracker exploit SQL Injection
date:2015-12-02,name:Joomla Dom_asbcgraph SQLi
date:2015-11-23,name:Joomla com_autostand File Upload Vulnerability
date:2015-11-23,name:Joomla com_media Remot File Upload Vulnerability
date:2015-11-21,name:Joomla Content History SQL Injection Remote Code Execution
date:2015-11-11,name:Joomla Cryptography Fails
date:2015-11-01,name:Joomla com_ebcontent SQL injection
date:2015-11-01,name:Joomla cckjseblod exploit LFD
date:2015-10-30,name:Joomla JNews SQL Injection
date:2015-10-23,name:Joomla SQL Injection Vulnerability in Full Administrative Access
date:2015-10-23,name:Realtyna RPL 8.9.2 Joomla Extension Persistent XSS And CSRF Vulnerabilities
date:2015-10-23,name:Realtyna RPL 8.9.2 Joomla Extension Multiple SQL Injection Vulnerabilities
date:2015-10-11,name:Joomla! CMS 3.4.3 Cross Site Scripting
date:2015-10-07,name:Joomla Komento Cross Site Scripting
date:2015-10-05,name:Joomla jetext LFD
date:2015-09-21,name:Joomla vnmshop SQL Injection
date:2015-09-01,name:Joomla GoogleSearch (CSE) 3.0.2 Cross Site Scripting
date:2015-08-17,name:Joomla com_memorix component SQL Injection vulnerability
date:2015-08-01,name:Vulnerability in VirtueMart for Joomla
date:2015-07-22,name:Joomla Helpdesk Pro XSS \/ File Disclosure \/ SQL Injection
date:2015-07-14,name:Joomla com_docman Full Path Disclosure &amp; Local File Disclosure\/Include
date:2015-07-13,name:Joomla J2Store 3.1.6 SQL Injection
date:2015-06-28,name:Joomla Simple Image Upload 1.0 Shell Upload
date:2015-06-25,name:Joomla Simple Image Upload Arbitrary File Upload
date:2015-04-02,name:Joomla Simple Photo Gallery Shell Upload
date:2015-03-30,name:Joomla Gallery WD SQL Injection
date:2015-03-25,name:Joomla Spider Random Article SQL Injection
date:2015-03-25,name:Joomla Random Article SQL Injection
date:2015-03-19,name:Joomla ECommerce-WD 1.2.5 SQL Injection
date:2014-11-20,name:Joomla Simple Email Form 1.8.5 Cross Site Scripting
date:2014-11-18,name:Joomla HD FLV 2.1.0.1 Arbitrary File Download
date:2014-11-14,name:Joomla Eventbooking Cross Site Scripting
date:2014-11-14,name:Joomla HD FLV 2.1.0.1 SQL Injection
date:2014-11-07,name:Joomla\/WordPress XCloner Command Execution \/ Password Disclosure
date:2014-10-24,name:WordPress \/ Joomla Creative Contact Form 0.9.7 Shell Upload
date:2014-09-23,name:Joomla Mac Gallery &lt;= 1.5 Arbitrary File Download
date:2014-09-13,name:Joomla Spider Form Maker 4.3 SQL Injection
date:2014-09-08,name:Joomla Spider Calendar &lt;= 3.2.6 SQL Injection Exploit
date:2014-08-27,name:Joomla Spider 2.8.3 SQL Injection
date:2014-07-31,name:Joomla Kunena Forum 3.0.5 Cross Site Scripting
date:2014-07-31,name:Joomla Kunena Forum 3.0.5 SQL Injection
date:2014-07-17,name:Joomla Youtube Gallery 4.1.7 SQL Injection
date:2014-07-08,name:Joomla JChatSocial 2.2 Cross Site Scripting
date:2014-04-16,name:Joomla SMF Cross Site Scripting
date:2014-04-15,name:Joomla BeaconDecode Cross Site Scripting
date:2014-04-15,name:Joomla EWriting Cross Site Scripting
date:2014-04-09,name:Joomla Inneradmission SQL Injection
date:2014-03-28,name:Joomla Kunena 3.0.4 Cross Site Scripting
date:2014-03-16,name:Joomla AJAX Shoutbox SQL Injection
date:2014-03-16,name:Joomla Youtube Gallery 3.4.0 Cross Site Scripting
date:2014-03-16,name:Joomla Pbbooking 2.4 Cross Site Scripting
date:2014-03-16,name:Joomla Freichat Cross Site Scripting
date:2014-03-16,name:Joomla Multi Calendar 4.0.2 Cross Site Scripting
date:2014-03-16,name:Joomla eXtplorer 2.1.3 Cross Site Scripting
date:2014-03-04,name:Joomla 3.2.2 Cross Site Scripting
date:2014-02-26,name:Joomla-Base XSS \/ XML Injection \/ Denial Of Service
date:2014-02-24,name:JoomLeague for Joomla Multiple vulnerabilities
date:2014-02-15,name:Joomla JomSocial Remote Code Execution Vulnerability
date:2014-01-26,name:Joomla Music Collection XSS &amp; FPD
date:2014-01-26,name:Joomla iRecommend XSS &amp; FPD
date:2014-01-24,name:Joomla StackIdeas Extensions Multiple Vulnerabilities
date:2014-01-24,name:Joomla JV Comment 3.0.2 SQL Injection
date:2014-01-24,name:Joomla Komento 1.7.2 Cross Site Scripting
date:2014-01-22,name:Joomla Zap Weather FPD &amp; Zap Calendar XSS
date:2014-01-17,name:Sexy Polling Joomla Extension SQL Injection
date:2014-01-11,name:Joomla com_aclassfb File Upload Vulnerability
date:2014-01-10,name:Joomla Melody Cross Site Scripting
date:2014-01-08,name:Joomla Aclsfgpl Shell Upload
date:2013-12-08,name:Joomla Flexicontent Remote Code Execution
date:2013-12-05,name:Joomla Hotornot2 Shell Upload
date:2013-12-03,name:Joomla Alphauserpoints phpThumb.php Shell Upload
date:2013-12-01,name:Joomla com_jmultimedia Remote Command Execution
date:2013-11-01,name:Joomla Joomleague Shell Upload
date:2013-10-23,name:Joomla component com_maian15 remode code injection
date:2013-09-27,name:joomla com_seminar Cross site scripting Vulnerability
date:2013-09-24,name:Joomla JVideoClip Blind SQL Injection
date:2013-08-30,name:Joomla com_pccookbook Components Sql Injection vulnerability
date:2013-08-24,name:Joomla Virtuemart 2.0.22a SQL Injection
date:2013-08-19,name:Joomla com_jdownloads Cross Site Scripting
date:2013-08-15,name:Joomla Media Manager File Upload Vulnerability
date:2013-08-09,name:Joomla redSHOP 1.2 SQL Injection
date:2013-08-06,name:Joomla com_sectionex v2.5.96 SQL Injection vulnerabilities
date:2013-08-06,name:Joomla 3.1.5 Cross Site Scripting
date:2013-08-01,name:Joomla Component com_easybookreloaded Sql Injection Vulnerability
date:2013-07-29,name:Joomla Googlemaps 3.2 Cross Site Scripting \/ Denial Of Service
date:2013-07-17,name:Joomla Googlemaps XSS \/ XML Injection \/ Path Disclosure \/ DoS
date:2013-07-11,name:Joomla AICONTACTSAFE 2.0.19 Cross Site Scripting
date:2013-07-10,name:Joomla Attachments Shell Upload
date:2013-07-01,name:Xorbin Analog Flash Clock 1.0 For Joomla XSS
date:2013-06-27,name:Joomla com_g2bridge Components Local File Include vulnerability
date:2013-06-20,name:Joomla Rokdownloads Shell Upload
date:2013-06-19,name:Joomla 1.5.26, 2.5.11, 3.1.1 crypto vulnerability
date:2013-06-16,name:Joomla com_extplorer Components shell upload Vulnerability
date:2013-05-15,name:Joomla Jnews 8.0.1 Cross Site Scripting
date:2013-05-14,name:Joomla Phocagallery 3.0.0 \/ 4.0.0 Cross Site Scripting
date:2013-05-13,name:Joomla Component com_s5clanroster Sql Injection Vulnerability
date:2013-05-13,name:Joomla Component com_shohada Local File Inclusion
date:2013-05-13,name:Joomla Component com_myalbum Blind Injection Vulnerability
date:2013-05-09,name:Joomla DJ Classifieds Extension 2.0 SQL Injection
date:2013-04-30,name:Joomla! &lt;= 3.0.3 (remember.php) PHP Object Injection Vulnerability
date:2013-04-23,name:Joomla com_civicrm Exploitation Tool with MultiThread *youtube
date:2013-04-21,name:Joomla component com_civicrm remode code injection exploit
date:2013-04-06,name:Joomla GPL Template Cross Site Scripting
date:2013-03-27,name:Joomla Component JCE File Upload Remote Code Execution
date:2013-03-22,name:Joomla Component com_wordpress XSS Vulnerability
date:2013-03-18,name:Joomla Component RSfiles &lt;= (cid) SQL injection Vulnerability
date:2013-03-18,name:Joomla com_preachit XSS Vulnerability
date:2013-02-28,name:Joomla! 3.0.2 PHP Object Injection
date:2013-01-21,name:Joomla Collector Shell Upload
date:2013-01-19,name:Joomla com_picaweb SQL injection
date:2013-01-09,name:Joomla Incapsula Component &lt;= 1.4.6_b Reflected Cross-Site Scripting
date:2013-01-08,name:Joomla Ignite Gallery 0.8.3.1 SQL Injection
date:2013-01-08,name:Joomla LiveChat 2.0 XSS &amp; SQL Injection
date:2012-12-28,name:Joomla bch and Content Shell Upload
date:2012-12-28,name:Joomla Aclassif Cross Site Scripting
date:2012-12-19,name:Joomla Component bit LFI Vulnerability
date:2012-12-19,name:Joomla Component RPX LFI Vulnerability
date:2012-12-19,name:Joomla Component ztautolink LFI Vulnerability
date:2012-12-12,name:Joomla Jooproperty SQL Injection &amp;Cross Site Scripting
date:2012-11-28,name:Joomla Community Builder Enhenced (CBE) Component LFI\/RCE
date:2012-11-14,name:joomla com_autostand shell upload vulnerability
date:2012-11-04,name:Joomla com_parcoauto SQL injection Vulnerability
date:2012-11-01,name:Joomla 2.5.6 Multiple Cross-site scripting vulnerabilities
date:2012-10-31,name:Joomla com_quiz sql\/xss Vulnerability
date:2012-10-23,name:Joomla SQLReport Password Disclosure
date:2012-10-20,name:Joomla Tag SQL Injection
date:2012-10-20,name:Joomla Freestyle Support 1.9 SQL Injection
date:2012-10-20,name:Joomla Commedia 3.1 SQL Injection
date:2012-09-30,name:joomla FreiChat upload shell
date:2012-09-27,name:Joomla Component com_joomla_flash_uploader Remote File Upload
te:2012-09-23,name:Joomla <= 1.0.9 Weblinks blind SQL injection \/ admin credentials
te:2012-09-22,name:Mambo \/ Joomla FCKEditor Local File Inclusion
te:2012-09-18,name:Joomla Spider Calendar Lite SQL Injection
te:2012-08-29,name:Joomla com_ornekek SQL Vulnerability
te:2012-08-29,name:Joomla com_weblinks SQL Vulnerability
te:2012-08-28,name:Joomla Komento SQL Injection
te:2012-08-25,name:Joomla 1.7 \/ 2.5 Civicrm Arbitrary File Upload
te:2012-08-14,name:Joomla com_fireboard SQL Injection Vulnerabilit
te:2012-08-07,name:Joomla com_package SQL Injection Vulnerability
te:2012-08-07,name:Joomla Photo SQL Injection
te:2012-08-07,name:Joomla Enmasse SQL Injection
te:2012-08-07,name:Joomla com_agileplmform file upload vulnerability
te:2012-08-07,name:Joomla Nice Ajax Poll 1.3.0 SQL Injection
te:2012-08-07,name:Joomla Joomgalaxy 1.2.0.4 Shell Upload and SQL Injection
te:2012-08-06,name:Joomla Move 1.0 SQL Injection
te:2012-07-31,name:Joomla Odudeprofile 2.x SQL Injection
te:2012-07-24,name:Joomla Hello Local File Inclusion
te:2012-07-16,name:Joomla KSAdvertiser Shell Upload
te:2012-06-25,name:Joomla Szallasok SQL Injection
te:2012-06-20,name:Joomla hwdVideoShare Shell Upload
te:2012-06-17,name:Joomla Dione FileUploader 1.0.1 Shell Upload
te:2012-06-17,name:Joomla Maian Media 1.5.8.x Shell Upload
ate:2012-06-13,name:Joomla Joomsport SQL Injection \/ Shell Upload
ate:2012-06-13,name:Joomla Alphacontent SQL Injection
ate:2012-06-08,name:Joomla com_eslamiat Sql Injection Vulnerability
ate:2012-05-12,name:Joomla 2.5.4 Cross Site Scripting
ate:2012-05-04,name:Joomla 1.5.26 ja_purity Cross Site Scripting
ate:2012-04-28,name:Joomla Video Gallery Local File Inclusion \/ SQL Injection
ate:2012-04-28,name:Joomla CCNewsLetter 1.0.7 SQL Injection
ate:2012-04-21,name:Joomla JA T3-Framework Directory Traversal
ate:2012-04-21,name:Joomla com_ponygallery SQL Injection
ate:2012-04-21,name:Joomla! Plugin Beatz 1.x <= Multiple Cross Site Scripting Vulnerabilities
ate:2012-03-20,name:Joomla Time Based SQL Injection
ate:2012-03-20,name:Joomla Component com_golfstats (uid) SQL Injection Vulnerability
ate:2012-02-23,name:Joomla Dtregister SQL Injection
ate:2012-02-22,name:Joomla XVS Local File Inclusion
ate:2012-02-22,name:Joomla X-Shop SQL Injection
ate:2012-02-22,name:Joomla Xcomp Local File Inclusion
ate:2012-02-04,name:Joomla modules (mod_currencyconverter) XSS Vulnerability
ate:2012-02-04,name:Joomla com_bbs SQL Injection
ate:2012-02-04,name:Joomla com_cmotour SQL Injection
ate:2012-02-04,name:Joomla com_firmy SQL Injection
ate:2012-02-03,name:Joomla Visa SQL Injection \/ Local File Inclusion
ate:2012-01-29,name:Joomla Sadnews Local File Inclusion
ate:2012-01-29,name:Joomla Funny News Local File Inclusion
ate:2012-01-29,name:Joomla Autographbook Local File Inclusion
ate:2012-01-28,name:Joomla Component com_br LFI Vulnerability
ate:2012-01-28,name:Joomla com_boss Local File Inclusion
ate:2012-01-27,name:Joomla com_full SQL Injection
ate:2012-01-27,name:Joomla com_some Local File Inclusion
ate:2012-01-27,name:Joomla com_car SQL Injection
ate:2012-01-22,name:Joomla KP Local File Inclusion
ate:2012-01-22,name:Joomla Sanpham SQL Injection
ate:2012-01-22,name:Joomla Bulkenquery Local File Inclusion
ate:2012-01-18,name:Joomla Discussions Component (com_discussions) SQL Injection
ate:2012-01-17,name:Joomla Contushdvideoshare SQL Injection
ate:2012-01-02,name:Joomla Simple File Upload 1.3 Remote Code Execution
ate:2012-01-02,name:Simple File Upload v1.3 (module for joomla) Remote Code Execution Exploit
ate:2012-01-02,name:Joomla Component Jobprofile (com_jobprofile) SQL Injection Vulnerability
ate:2011-12-24,name:Joomla Dshop SQL Injection
ate:2011-12-24,name:Joomla Tsonymf SQL Injection
ate:2011-12-24,name:Joomla Caproductprices SQL Injection
ate:2011-11-21,name:Joomla Content Blind SQL Injection
ate:2011-11-21,name:Joomla ALFContact 1.9.3 Cross Site Scripting
ate:2011-11-09,name:Joomla Autartimonial SQL Injection
ate:2011-11-09,name:Joomla VideoWhisper 2 Way Video Chat Cross Site Scripting
ate:2011-11-09,name:Joomla NeoRecruit SQL Injection
ate:2011-11-09,name:Joomla PaymentsPlus Blind SQL Injection
ate:2011-11-09,name:Canteen Joomla Component 1.0 Multiple Remote Vulnerabilities
ate:2011-11-09,name:Joomla Component com_wmtpic SQL Injection Vulnerability
ate:2011-11-09,name:Joomla HM Community SQL Injection \/ Cross Site Scripting
ate:2011-11-09,name:Joomla Alameda 1.0 SQL Injection
ate:2011-11-01,name:Joomla Techfolio 1.0 SQL Injection
ate:2011-10-30,name:Joomla YJ Contact Local File Inclusion
ate:2011-10-15,name:Joomla Directory Tree SQL Injection
ate:2011-10-15,name:Joomla Camelcitydb2 2.2 SQL Injection
ate:2011-10-15,name:Joomla Component Multiple Blind SQL Injection Vulnerabilities
ate:2011-10-15,name:Joomla Slideshow SQL Injection
ate:2011-10-15,name:Joomla Restaurant Guide Cross Site Scripting \/ Local File Inclusion \/ SQL Injection
ate:2011-10-15,name:Amblog 1.0 Joomla Component Multiple SQL Injection Vulnerabilities
ate:2011-10-15,name:TimeTrack 1.2.4 Joomla Component Multiple SQL Injection Vulnerabilities
ate:2011-10-15,name:Joomla Component (com_sgicatalog) <= SQL Injection Vulnerability
ate:2011-10-15,name:Joomla Component (com_expedition) <= SQL Injection Vulnerability
ate:2011-10-10,name:Joomla Barter Site Cross Site Scripting \/ SQL Injection
ate:2011-10-10,name:JE Guestbook 1.0 Joomla Component Multiple Remote Vulnerabilities
ate:2011-10-10,name:Joomla com_clubmanager SQL Injection
ate:2011-10-10,name:Joomla Component Time Returns (com_timereturns) SQL Injection Vulnerability
ate:2011-10-10,name:Joomla Time Returns SQL Injection
ate:2011-10-10,name:Joomla Estate Agent SQL Injection
ate:2011-10-10,name:Joomla Component ccinvoices SQL Injection Vulnerability
ate:2011-10-10,name:Joomla! 1.7.0 Cross Site Scripting
ate:2011-10-02,name:Joomla Component (com_biitatemplateshop) SQL Injection
ate:2011-08-19,name:Joomla JoomTouch 1.0.2 Local File Inclusion
ate:2011-08-12,name:TNR Enhanced Joomla Search 3.0.0 SQL Injection
ate:2011-08-06,name:Joomla Astra SQL Injection
ate:2011-08-03,name:Joomla obSuggest Local File Inclusion
ate:2011-08-03,name:Joomla Component Testimonialku 2.1 Persistent XSS Vulnerability
ate:2011-07-27,name:Joomla! 1.7.0-RC \/ 1.6.x Cross Site Scripting
ate:2011-07-27,name:Joomla Component (com_pobierz) Remote File Disclouse
ate:2011-07-25,name:Joomla Appointment Booking Pro Arbitrary File Reading
ate:2011-07-15,name:Joomla SOBI2 2.9.3.2 SQL Injection
ate:2011-07-15,name:Joomla Xmap 1.2.11 Blind SQL Injection
ate:2011-07-14,name:Joomla mdigg SQL Injection
ate:2011-07-03,name:Joomla CSVUploader SQL Injection
ate:2011-07-03,name:JoomlaXi Cross Site Scripting
ate:2011-07-03,name:Joomla Morfeoshow SQL Injection
ate:2011-07-01,name:Joomla Calc Builder Blind SQL Injection
ate:2011-06-30,name:Joomla A Cool Debate 1.0.3 Local File Inclusion
ate:2011-06-22,name:Joomla Minitek FAQ Book 1.3 SQL Injection
ate:2011-06-04,name:Joomla CCBoard SQL Injection \/ Shell Upload
ate:2011-06-02,name:Joomla JMSFileSeller Local File Inclusion
ate:2011-06-02,name:Joomla Shop SQL Injection
ate:2011-05-19,name:Joomla versioning SQLi Vulnerability
ate:2011-05-19,name:Joomla Hello SQL Injection
ate:2011-05-08,name:JS Calendar 1.5.1 Joomla Component Multiple Remote Vulnerabilities
ate:2011-04-20,name:Joomla Phocadownload Local File Inclusion
ate:2011-04-20,name:Joomla Virtuemart Latestprod Remote File Inclusion
ate:2011-04-18,name:Joomla Virtuemart Featureprod Remote File Inclusion
ate:2011-04-13,name:Joomla Extensions 1.6.0 SQL Injection
ate:2011-03-21,name:Joomla Book Library SQL Injection
ate:2011-03-18,name:Joomla! 1.6.0 Cross Site Scripting (XSS) Vulnerability
ate:2011-03-18,name:Joomla! 1.6.0 SQL Injection Vulnerability
ate:2011-03-10,name:Joomla Jsjobs Blind SQL Injection
ate:2011-03-01,name:Joomla MyGarage SQL Injection
ate:2011-02-22,name:Joomla Component JE Event Calendar LFI Vulnerability
ate:2011-02-22,name:Joomla Component JE Quote Form LFI Vulnerability
ate:2011-02-12,name:Joomla! 1.5 \/ 1.6 JFilterinput Cross Site Scripting Bypass
ate:2011-01-25,name:allCineVid Joomla Component 1.0.0 Blind SQL Injection Vulnerability
ate:2011-01-25,name:Joomla allCineVid 1.0.0 Blind SQL Injection
ate:2011-01-22,name:Joomla People 1.0.0 SQL Injection
ate:2011-01-22,name:Joomla People Component 1.0.0 Local File Inclusion
ate:2011-01-22,name:People Joomla Component 1.0.0 Local File Inclusion Vulnerability
ate:2011-01-22,name:Joomla! 1.0.x ~ 1.0.15 Cross Site Scripting (XSS) Vulnerability
ate:2011-01-11,name:Joomla 1.0.15 Cross Site Scripting
ate:2011-01-11,name:JQuarks4s Joomla Component 1.0.0 Blind SQL Injection Vulnerability
ate:2011-01-01,name:Joomla Ads Manager Remote File Inclusion
ate:2010-12-23,name:Joomla XGallery 1.0 Local File Inclusion
ate:2010-12-23,name:The Joomla Hacking Compendium 1.0
ate:2010-12-23,name:Joomla Jotloader 2.2.1 Local File Inclusion
ate:2010-12-23,name:Joomla Component RokQuickCart LFI
ate:2010-12-23,name:Joomla Component (com_lyftenbloggie) XSS\/HTML Vulnerability
ate:2010-12-13,name:Joomla 1.5.22 Cross Site Scripting
ate:2010-12-13,name:Joomla Billy Portfolio 1.1.2 Blind SQL Injection
ate:2010-12-13,name:Joomla JE Messenger 1.0 Shell Upload
ate:2010-12-13,name:Joomla JE Auto 1.0 SQL Injection
ate:2010-12-13,name:Joomla Component Social User List SQL Injection
ate:2010-12-05,name:Joomla JE Ajax Event Calendar SQL Injection
ate:2010-12-03,name:Joomla Component (com_annuaire) SQL Injection Vulnerability
ate:2010-12-03,name:Joomla Component (com_competitions) SQL Injection
ate:2010-12-03,name:Joomla Component (com_competitions) XSS\/HTML Vulnerability
ate:2010-12-03,name:Joomla Component (com_storedirectory) SQL Injection Vulnerability
ate:2010-12-03,name:Joomla Component (com_catalogue) SQL Injection Vulnerability
ate:2010-12-03,name:Joomla Component (com_catalogue) LFI Vulnerability
ate:2010-11-28,name:Joomla Component Joomap 1.5 LFI
ate:2010-11-26,name:Joomla Component (btg_pretraga) XSS\/HTML Vulnerability
ate:2010-11-26,name:Joomla Component (btg_vidi_oglas) XSS\/HTML Vulnerability
ate:2010-11-25,name:Joomla Component flipwall SQL Injection Vulnerability
ate:2010-11-25,name:Joomla Component sponsorwall SQL Injection Vulnerability
ate:2010-11-25,name:Joomla Component (com_jeajaxeventcalendar) Blind SQLi Vulnerability
ate:2010-11-25,name:Joomla Component (com_jeajaxeventcalendar) LFI Vulnerability
ate:2010-11-25,name:Joomla Component com_news_portal Local File Inclusion Vulnerability
ate:2010-11-25,name:Joomla Component com_ninjarsssyndicator Local File Inclusion Vulnerability
ate:2010-11-24,name:Joomla Component com_jsupport SQL Injection Vulnerability
ate:2010-11-24,name:Joomla Component com_jsupport Critical XSS Vulnerability
ate:2010-11-16,name:Joomla Component com_alfurqan15x SQL injection
ate:2010-11-16,name:Joomla Component (com_maianmedia) SQL Injection Vulnerability
ate:2010-11-16,name:Joomla Component Phocadownload RFI Vulnerability
ate:2010-11-16,name:Joomla Component Jcomments RFI Vulnerability
ate:2010-11-16,name:Joomla Component AutoArticles 3000 Blind SQL Injection
ate:2010-11-16,name:Joomla Component Joomla! 1.6 b13 grants SQL Injection
ate:2010-11-16,name:The Joomla swMenuPro component remote file inclusion vulnerability
ate:2010-11-16,name:The Joomla Wisroyq component local file inclusion vulnerability
ate:2010-11-05,name:The Joomla User component 1.5 local file inclusion vulnerability
ate:2010-11-05,name:The Joomla Xplorer component 1.6.2 remote file inclusion vulnerability
ate:2010-11-05,name:The Joomla Smartformer component 2.4 remote file inclusion vulnerability
ate:2010-11-04,name:Joomla 1.5.21 Potential SQL Injection Flaws
ate:2010-11-04,name:Joomla! CMS 1.5.20 remote SQL injection
ate:2010-11-04,name:Joomla Component com_faqs Remote SQL Injection Vulnerability
ate:2010-11-04,name:Joomla Component com_mailchimpccnewsletter LFI Vulnerability
ate:2010-11-04,name:The Joomla Jcars component remote SQL injection vulnerability
ate:2010-10-31,name:Joomla Component com_projects LFI & SQL Vulnerability
ate:2010-10-31,name:The Joomla Calendrier component remote file inclusion vulnerability
ate:2010-10-29,name:The Joomla Pinboard component remote file inclusion vulnerability
ate:2010-10-15,name:Joomla Component com_jstore LFI Vulnerability
ate:2010-10-15,name:Joomla Component com_rwcards RFI Vulnerability
ate:2010-10-15,name:Joomla Component com_pollxt LFI Vulnerability
ate:2010-10-14,name:Joomla! 1.5.20 <= Cross Site Scripting (XSS) Vulnerability
ate:2010-10-14,name:Joomla Component com_mgm RFI Vulnerability
ate:2010-10-14,name:Joomla Component com_pollx LFI Vulnerability
ate:2010-10-14,name:Joomla Component com_jcs RFI Vulnerability
ate:2010-10-14,name:Joomla Component com_jeformcr LFI Vulnerability
ate:2010-10-14,name:Joomla Component com_joomlapicasa2 LFI Vulnerability
ate:2010-10-14,name:Joomla Component com_lurm RFI Vulnerability
ate:2010-10-14,name:The Joomla Bsadv component local file inclusiond directory traversal
ate:2010-10-06,name:Joomla Component com_jeeventcalendar - Local File Inclusion
ate:2010-10-06,name:The Joomla JE Guestbook component 1.0 local file inclusiond remote blind SQL injection
ate:2010-09-28,name:Joomla (com_content) Component com_ezautos File Upload Vulnerability
ate:2010-09-28,name:The Joomla TimeTrack component 1.2.4 multiple remote SQL injection
ate:2010-09-27,name:The Joomla EZ Autos component remote SQL injection vulnerability
ate:2010-09-22,name:The Joomla Spain component remote SQL injection vulnerability
ate:2010-09-22,name:JPhone 1.0 Alpha 3 Component Joomla Local File Inclusion
ate:2010-09-20,name:Joomla Component com_nkc 2.0.b Beta SQL Injection Vulnerability
ate:2010-09-20,name:Joomla Component (com_profil) Blind Injection Vulnerability
ate:2010-09-14,name:The Joomla NKC component 2.0.b Beta remote SQL injection
ate:2010-09-14,name:The Joomla Aardvertiser component 2.1 remote blind SQL injection
ate:2010-09-13,name:The Joomla Clantools component 1.5 remote blind SQL injection vulnerability
ate:2010-09-13,name:The Joomla Clantools component 1.5 remote blind SQL injection
ate:2010-09-13,name:The Joomla Clantools component 1.2.3 blind SQL injection
ate:2010-09-13,name:iJoomla Magazine 3.0.1 remote file inclusion vulnerability.
ate:2010-09-03,name:The Joomla JE FAQ component remote blind SQL injection vulnerability
ate:2010-09-03,name:The Joomla PicSell component file disclosure vulnerability
ate:2010-08-29,name:Joomla! Component com_bc Cross Script Scripting (XSS) Vulnerability
ate:2010-08-27,name:The Joomla BCAccount component persistent cross site scripting
ate:2010-08-27,name:The Joomla Newspaper component remote SQL injection vulnerability.
ate:2010-08-27,name:The Joomla Lesson component remote SQL injection
ate:2010-08-27,name:The Joomla Extcalendar component remote blind SQL injection
ate:2010-08-27,name:The Joomla Dirfrm component remote SQL injection
ate:2010-08-27,name:The Mambo \/ Joomla HeXimage component 2.1.2 remote SQL injection
ate:2010-08-18,name:The Joomla cgTestimonial component 2.2 cross site scriptingd shell upload
ate:2010-08-10,name:The Joomla Rokin component cross site scripting vulnerability.
ate:2010-08-10,name:The Joomla Neorecruit component 1.4 remote SQL injection vulnerability.
ate:2010-08-10,name:Joomla \com_youtube\ SQL Injection Vulnerability
ate:2010-08-10,name:Joomla Visites 1.1 RC2 Remote File Inclusion Vulnerability
ate:2010-08-10,name:Joomla Component Foobla Suggestions Local File Inclusion
ate:2010-08-10,name:Joomla Component (com_staticxt) SQL Injection Vulnerability
ate:2010-08-10,name:TTVideo 1.0 Joomla Component SQL Injection Vulnerability
ate:2010-08-05,name:Joomla TTVideo component 1.0 remote SQL injection
ate:2010-07-28,name:Joomla Music Manager Component LFI Vulnerability
ate:2010-07-28,name:Joomla BookLibrary From Same Author Module \id\ SQL Injection
ate:2010-07-28,name:ArtForms 2.1b7.2 RC2 Joomla Component Multiple Remote Vulnerabilities
ate:2010-07-28,name:Joomla Ozio Gallery remote SQL injection
ate:2010-07-27,name:The Joomla Joomdle components 0.24 remote SQL injection
ate:2010-07-27,name:Joomla Component (com_quickfaq) BSQL-i Vulnerability
ate:2010-07-27,name:Joomla Component Joomdle SQL vulnerability
ate:2010-07-27,name:Joomla Component com_golfcourseguide SQL Injection Vulnerability
ate:2010-07-27,name:Joomlas 1.5.19 and below cross site scripting
ate:2010-07-19,name:Joomla Component Realtyna Translator Local File Inclusion Vulnerability
ate:2010-07-19,name:Joomla jesectionfinder LFI Vulnerability
ate:2010-07-13,name:Joomla Component com_weblinks Sql Injection Vulnerability
ate:2010-07-13,name:Joomla Component com_xmap Sql Injection Vulnerability
ate:2010-07-13,name:Joomla Component com_redshop 1.0 (pid) SQL Injection Vulnerability
ate:2010-07-13,name:The Joomla Jobs Pro component remote blind SQL injection
ate:2010-07-12,name:The Joomla JPodium component remote SQL injection
ate:2010-07-05,name:The Joomla Eventcal component 1.6.4 remote blind SQL injection
ate:2010-07-04,name:Joomla com_awd_song persistent xss Vulnerability
ate:2010-07-04,name:Joomla Component com_gamesbox 1.0.2 (id) SQL Injection Vulnerability
ate:2010-07-04,name:Joomla Component JFaq 1.2 Multiple Vulnerabilities
ate:2010-07-04,name:Joomla JE Ajax event calendar SQL Vulnerable
ate:2010-07-04,name:Joomla Component com_donateprocess 0.8.5 (project_id) SQL Injection Vulnerability
ate:2010-06-30,name:Joomla Component RSComments 1.0.0 Multiple XSS
ate:2010-06-30,name:Joomla Component Picasa2Gallery LFI vulnerability
ate:2010-06-30,name:Joomla Component com_ybggal 1.0 (catid) SQL Injection Vulnerability
ate:2010-06-30,name:Joomla Component com_ybggal 1.0 (catid) SQL Injection Vulnerability
ate:2010-06-15,name:Joomla Component com_bfsurvey (tamlyncreative 1.3.0) Local File Inlusion
ate:2010-06-15,name:Joomla! BF Survey Pro 'catid' Parameter SQL Injection Vulnerability
ate:2010-06-13,name:The Joomla DJ Art Gallery component 0.9.1 SQL Inj and XSS
ate:2010-06-05,name:Joomla component SimpleDownload Local File Inclusion
ate:2010-06-04,name:The Joomla ChronoForms component blind SQL injection
ate:2010-06-04,name:The Joomla JS Jobs component 1.0.5.8 remote SQL injection
ate:2010-06-04,name:Joomla Component BF Quiz SQL Injection Vulnerability
ate:2010-06-04,name:Joomla Component com_jejob 1.0 (catid) SQL Injection Vulnerability
ate:2010-06-04,name:Joomla Component Reservations XSS Vulnerability
ate:2010-06-04,name:Joomla Component My Car Multiple Vulnerabilities
ate:2010-06-04,name:Joomla Component MediQnA LFI vulnerability
ate:2010-05-30,name:Joomla Component com_konsultasi (sid) SQL Injection Vulnerability
ate:2010-05-30,name:Joomla Component MS Comment 0.8.0 LFI Vulnerability
ate:2010-05-30,name:Joomla Component ActiveHelper LiveHelp 2.0.3 XSS Vulnerabilities
ate:2010-05-30,name:Joomla Component FDione Form Wizard lfi vulnerability
ate:2010-05-29,name:Joomla Component Percha Gallery 1.6 Local File Inclusion Vulnerability
ate:2010-05-29,name:Joomla Component Percha Fields Attach 1.0 Local File Inclusion Vulnerability
ate:2010-05-29,name:Joomla Component Percha Downloads Attach 1.1 Local File Inclusion Vulnerability
ate:2010-05-28,name:Joomla Component Percha Image Attach 1.1 Local File Inclusion Vulnerability
ate:2010-05-28,name:Joomla Component Percha Categories 0.6 Tree Local File Inclusion Vulnerability
ate:2010-05-28,name:Joomla Component redTWITTER Local File Inclusion Vulnerability
ate:2010-05-28,name:Joomla Component BeeHeard Lite Local File Inclusion Vulnerability
ate:2010-05-24,name:Joomla Component Gadget Factory Local File Inclusion Vulnerability
ate:2010-05-24,name:Joomla Component Love Factory Local File Inclusion Vulnerability
ate:2010-05-24,name:Joomla Component Deluxe Blog Factory Local File Inclusion Vulnerability
ate:2010-05-24,name:Joomla Component OrgChart 1.0.0 Local File Inclusion Vulnerability
ate:2010-05-21,name:Joomla Component ActiveHelper LiveHelp XSS Vulnerabilities
ate:2010-05-21,name:The Joomla Job component local file inclusion
ate:2010-05-21,name:The Joomla Classifieds component remote SQL injection
ate:2010-05-21,name:The Joomla Hotproperty component cross site scripting
ate:2010-05-21,name:The Joomla Zelig component remote SQL injection
ate:2010-05-21,name:The Joomla Store component cross site scripting
ate:2010-05-21,name:The Joomla Event component local file inclusion
ate:2010-05-21,name:The Joomla Product component local file inclusion
ate:2010-05-20,name:The Joomla Camp component remote SQL injection
ate:2010-05-20,name:The Joomla Simple Download component local file inclusion
ate:2010-05-20,name:The Joomla 3d User Cloud module cross site scripting
ate:2010-05-14,name:Joomla (com_aardvertiser) V2.0 Local File Inclusion
ate:2010-05-14,name:The Joomla Camp26 Visitor Data component 1.1 code execution
ate:2010-05-13,name:Joomla Component Online Market 2.0 Local File Inclusion Vulnerability
ate:2010-05-13,name:Joomla Component MT Fire Eagle 1.2 Local File Inclusion Vulnerability
ate:2010-05-13,name:Joomla Component Online Exam 1.5.0 Local File Inclusion Vulnerability
ate:2010-05-06,name:Joomla Component QPersonel 1.0.2 SQL Injection Vulnerability
ate:2010-05-06,name:Joomla Component Arcade Games 1.0 Local File Inclusion Vulnerability
ate:2010-05-06,name:Joomla Component graphics (com_graphics) 1.0.6\/1.5.0 LFI Vulnerability
ate:2010-05-06,name:Joomla 1.6.0-Alpha2 cross site scripting
ate:2010-05-05,name:Joomla Component ZiMB Manager 0.1 Local File Inclusion Vulnerability
ate:2010-05-05,name:Joomla Component ZiMB Comment 0.8.1 Local File Inclusion Vulnerability
ate:2010-05-05,name:Joomla Component JA Comment Local File Inclusion Vulnerability
ate:2010-05-05,name:Joomla Component Media Mall Factory 1.0.4 Blind SQLi Vulnerability
ate:2010-04-30,name:Joomla Component PowerMail Pro 1.5.3 Local File Inclusion Vulnerability
ate:2010-04-30,name:The Joomla SmartSite component local file inclusion
ate:2010-04-30,name:The Joomla NoticeBoard component 1.3 local file inclusion
ate:2010-04-30,name:The Joomla Ultimate Portfolio component 1.0 local file inclusion
ate:2010-04-30,name:Joomla ABC component 1.1.7 remote SQL injection
ate:2010-04-30,name:Joomla Freestyle FAQ Lite Component 1.3 (faqid) SQL Injection
ate:2010-04-30,name:Joomla Component Matamko 1.01 Local File Inclusion Vulnerability
ate:2010-04-30,name:Joomla Component com_joltcard SQL Injection Vulnerability
ate:2010-04-30,name:Joomla Component com_radio SQL injection vulnerability
ate:2010-04-30,name:Joomla Component AWDwall-Joomla 1.5.4 LFI & SQLi [cbuser] Vulnerability
ate:2010-04-30,name:Joomla Component MMS Blog 2.3.0 Local File Inclusion Vulnerability
ate:2010-04-26,name:Joomla! Joaktree 1.0 component SQL injection vulnerability
ate:2010-04-26,name:Joomla Component MojoBlog Multiple Remote File Include vulnerability
ate:2010-04-26,name:Joomla Component Quick News SQL injection vulnerability
ate:2010-04-26,name:The Joomla Portfolio component local file inclusion
ate:2010-04-25,name:Joomla Component RokModule 1.1 Blind SQLi [moduleid] Vulnerability
ate:2010-04-25,name:Joomla Component Jfeedback! 1.2 Local File Inclusion Vulnerability
ate:2010-04-25,name:Joomla Component com_sermonspeaker SQL Injection Vulnerability
ate:2010-04-21,name:The Joomla JTM Reseller component 1.9 Beta remote SQL injection
ate:2010-04-21,name:Joomla Component AlphaUserPoints 1.5.5 Local File Inclusion Vulnerability
ate:2010-04-21,name:Joomla Component Preventive And Reservation 1.0.5 Local File Inclusion Vulnerability
ate:2010-04-21,name:Joomla Component Sweetykeeper Local File Inclusion Vulnerability
ate:2010-04-21,name:Joomla Component Horoscope 1.5.0 Local File Inclusion Vulnerability
ate:2010-04-21,name:Joomla Component Web TV 1.0 Local File Inclusion Vulnerability
ate:2010-04-21,name:Joomla Component JProject Manager 1.0 Local File Inclusion Vulnerability
ate:2010-04-21,name:Joomla Component Multi-Venue Restaurant Menu Manager 1.5.2 SQL Injection
ate:2010-04-21,name:The Joomla Contact Us Draw Root Map component 1.1 local file inclusion
ate:2010-04-21,name:The Joomla Contact Us Google Map component 1.2 local file inclusion
ate:2010-04-21,name:Joomla Component com_hdflvplayer 1.3 SQL injection exploit - (id)
ate:2010-04-21,name:Joomla Component VJDEO 1.0.1 LFI Vulnerability
ate:2010-04-21,name:Joomla Component com_loginbox LFI Vulnerability
ate:2010-04-21,name:Joomla Component com_ckforms 1.3.3 Multiple Vulns.
ate:2010-04-21,name:The Joomla Easy Ad Banner component 0.25 local file inclusion vulnerability
ate:2010-04-21,name:The Joomla AddressBook component 1.5.0 local file inclusion vulnerability
ate:2010-04-21,name:The Joomla FLEXIcontent component 1.5 local file inclusion vulnerability
ate:2010-04-21,name:Joomla Component Jvehicles (aid) SQL Injection Vulnerability
ate:2010-04-21,name:Joomla Component com_jp_jobs 1.2.0 (id) SQL Injection Vulnerability
ate:2010-04-13,name:Joomla Component webERPcustomer 1.2.1 Local File Inclusion
ate:2010-04-13,name:Joomla Magic Updater (com_joomlaupdater) LFI Vulnerability
ate:2010-04-13,name:Joomla Component Picasa 2.0 LFI Vulnerability
ate:2010-04-13,name:Joomla Component JInventory 1.23.02 Local File Inclusion
ate:2010-04-13,name:Joomla Component DW Graph Local File Inclusion
ate:2010-04-13,name:Joomla Component JA Voice LFI vulnerability
ate:2010-04-13,name:The Joomla Agenda component 1.0.1 remote SQL injection
ate:2010-04-13,name:The Joomla HuruHelpDesk component remote SQL injection
ate:2010-04-13,name:The Joomla Webee 2.0 local file inclusion
ate:2010-04-07,name:Joomla component jp_jobs 1.4.1 SQL Injection vulnerability
ate:2010-04-07,name:Joomla Component redSHOP 1.0.x Local File Inclusion Vulnerability
ate:2010-04-07,name:Joomla Component XOBBIX 1.0.x [prodid] SQL Injection Vulnerability
ate:2010-04-07,name:Joomla Component com_bca-rss-syndicator local file inclusion
ate:2010-04-07,name:Joomla Component com_svmap 1.1.1 local file inclusion
ate:2010-04-07,name:Joomla Component News Portal 1.5.0 Local File Inclusion Vulnerability
ate:2010-04-07,name:Joomla Component J!WHMCS Integrator 1.5.0 Local File Inclusion Vulnerability
ate:2010-04-07,name:Joomla Component Saber Cart 1.0.0.12 Local File Inclusion Vulnerability
ate:2010-04-07,name:Joomla Component Joomla Flickr Local File Inclusion Vulnerability
ate:2010-04-07,name:Joomla Component Juke Box Local File Inclusion Vulnerability
ate:2010-04-07,name:Joomla Component Highslide JS 1.5 Local File Inclusion Vulnerability
ate:2010-04-07,name:Joomla Component Appointment 1.5 Local File Inclusion Vulnerability
ate:2010-04-07,name:Joomla Component Affiliate Feeds 880 Local File Inclusion Vulnerability
ate:2010-04-07,name:Joomla Component Fabrik 2.0 Local File Inclusion Vulnerability
ate:2010-04-03,name:joomla component & plugin JE Tooltip Local File Inclusion
ate:2010-04-03,name:Joomla Component com_adds Blind SQL Injection Vulnerability
ate:2010-04-03,name:Joomla Component com_agency SQL Injection Vulnerability
ate:2010-04-03,name:Joomla Component com_tariff SQL Injection Vulnerability
ate:2010-04-03,name:Joomla Component com_units SQL Injection Vulnerability
ate:2010-04-03,name:Joomla Component com_solution SQL Injection Vulnerability
ate:2010-04-03,name:Joomla Component dcsFlashGames SQL Vulnerability ( catid )
ate:2010-03-28,name:Joomla component com_universal <= Remote File Inclusion Vulnerability
ate:2010-03-28,name:Joomla Component com_software SQL Injection Vulnerability
ate:2010-03-28,name:Joomla Component com_wallpapers SQL Injection Vulnerability
ate:2010-03-28,name:Joomla Component com_communitypolls LFI Vulnerability
ate:2010-03-28,name:Joomla Component com_rokdownloads Local File Inclusion Vulnerability
ate:2010-03-28,name:Joomla component com_extplorer_2.0.1_pt-BR <= Multiple Vulnerability
ate:2010-03-28,name:Joomla component com_jwmmxtd <= Remote File Inclusion
ate:2010-03-28,name:The Joomla SMEStorage component local file inclusion
ate:2010-03-28,name:The Joomla CB component remote SQL injection
ate:2010-03-28,name:The Joomla J!Research component local file inclusion
ate:2010-03-28,name:The Joomla CX component remote SQL injection
ate:2010-03-28,name:The Joomla GDS component remote SQL injection
ate:2010-03-23,name:Joomla Component com_cartweberp 1.56.75 Local File Inlusion
ate:2010-03-23,name:Joomla Component com_tpjobs Blind SQL injection Vulnerability
ate:2010-03-23,name:The Joomla VXDate comp xss, path disclosure and SQL injection
ate:2010-03-16,name:The Joomla NFN Address Book component remote SQL injection
ate:2010-03-16,name:The Joomla GCalendar component 2.1.5 local file inclusion vulnerability
ate:2010-03-16,name:The Joomla D-Greinar component cross site scripting
ate:2010-03-16,name:The Joomla Juliaportfolio component local file inclusion
ate:2010-03-16,name:Joomla Component com_party SQL Injection Vulnerability
ate:2010-03-15,name:Joomla Component com_color SQL Injection Vulnerability
ate:2010-03-15,name:Joomla Component com_gigfe Remote SQL Injection
ate:2010-03-15,name:Joomla Component com_blog Remote SQL Injection
ate:2010-03-15,name:Joomla Component com_hotbrackets Blind SQL injection Vulnerability
ate:2010-03-15,name:Joomla Component com_jashowcase Directory Travel
ate:2010-03-15,name:Joomla Component com_jvideodirect Direcotry Travel
ate:2010-03-15,name:Joomla Component com_jcollection Direcotry Travel
ate:2010-03-10,name:Joomla (com_autartitarot) Directory Traversal Vulnerability
ate:2010-03-09,name:Core Design Scriptegrator plugin for Joomla! 1.5 file inclusion
ate:2010-03-09,name:Joomla (JE Quiz component 1.0) BLIND SQL Injection Vulnerability
ate:2010-03-02,name:The Joomla JoomlaConnect_be component remote SQL injection
ate:2010-03-02,name:Joomla 1.5.15 Persistant XSS in 'Author Alias'
ate:2010-03-02,name:Joomla Component com_perchagallery 1.4 SQL Injection Vulnerability
ate:2010-02-23,name:The Joomla ACStartSeite component SQL injection vulnerability
ate:2010-02-23,name:The Joomla RWCards component local file inclusion vulnerability
ate:2010-02-20,name:Joomla Jw_allVideos 1.0 remote file download vulnerability
ate:2010-02-20,name:Joomla Component com_simplefaq (catid) Blind Sql Injection Vulnerability
ate:2010-02-20,name:Joomla (jw_allvideos Plugin) 1.0 Remote File Download Vulnerability
ate:2010-02-14,name:Joomla (com_photoblog) Blind Sql Injection Vulnerability
ate:2010-02-06,name:Joomla (com_gambling) SQL Injection Vulnerabilities
ate:2010-02-06,name:The Joomla RSGallery2 component remote SQL injection
ate:2010-02-06,name:Joomla (com_casino) 1.0 SQL Injection Vulnerabilities
ate:2010-02-06,name: The Joomla jVideoDirect component 1.1 RC3b blind SQL injection
ate:2010-02-06,name:Joomla (com_mochigames) SQL Injection Vulnerability
ate:2010-01-29,name:The Joomla Tennis Ladders component remote blind SQL injection
ate:2010-01-29,name:Joomla Component com_libros SQL Injection Vulnerability
ate:2010-01-28,name:Joomla Component com_biographies Local File Include
ate:2010-01-28,name:Joomla Component com_iotaPhotoGallery SQL Injection vulnerability
ate:2010-01-28,name:Joomla Component com_gurujibook SQL Injection vulnerability
ate:2010-01-28,name:The Joomla Upcoming News component remote SQL injection
ate:2010-01-28,name:The Joomla Gameserver component 1.2 remote SQL injection
ate:2010-01-28,name:Joomla Component com_marketplace v1.2 Cross Site Scripting Vulnerability
ate:2010-01-23,name:Joomla Component com_articlemanager SQL Injection Vulnerability
ate:2010-01-23,name:The Joomla ACProjects component remote SQL injection
ate:2010-01-23,name:The Joomla ACProjects component SQL injection vulnerability
ate:2010-01-22,name:The Joomla Prime component directory traversal
ate:2010-01-22,name:The Joomla Uploader component shell upload
ate:2010-01-14,name:Joomla Component com_jsjobs Multiple SQL injection vulnerability
ate:2010-01-14,name:Joomla Component com_jphoto SQL injection vulnerability
ate:2010-01-14,name:Mamboleto Joomla! component Remote File Include Vulneralbility
ate:2010-01-13,name:Joomla Component com_biblestudy Local File Inlusion
ate:2010-01-13,name:Joomla Component com_dhforum SQL Injection Vulnerability
ate:2010-01-13,name:Joomla Component com_artistavenue Cross Site Scripting Vulnerability
ate:2010-01-13,name:Joomla Component com_facileforms Cross Site Scripting Vulnerabilities
ate:2010-01-13,name:Joomla Component com_king Blind SQL Injection Vulnerability
ate:2010-01-07,name:Joomla Jembed component remote blind SQL injection
ate:2010-01-07,name:Joomla Bamboo Simpla Admin Template suffer from REMOTe sql injection
ate:2010-01-07,name:Joomla Component com_beeheard Blind SQL injection Vulnerability
ate:2010-01-07,name:The Joomla J-Projects component remote blind SQL injection
ate:2010-01-07,name:Joomla Compenent Com_joomlub (aid) Remote SQL Injection Vulnerabilities
ate:2010-01-07,name:The Joomla StaticXT component cross site scripting
ate:2010-01-06,name:Joomla Component com_jcalpro Remote FiLe include RFI
ate:2009-12-30,name:Joomla Component com_joomportfolio Blind SQL Injection Vulnerability
ate:2009-12-30,name:Joomla Component com_calendario Blind SQL injection Vulnerability
ate:2009-12-30,name:Joomla Component com_qpersonel Cross Site Scripting Vulnerabilities
ate:2009-12-30,name:Joomla Component com_oprykningspoint_mc Cross Site Scripting Vulnerabilities
ate:2009-12-30,name:Joomla Component com_trabalhe_conosco Cross Site Scripting Vulnerabilities
ate:2009-12-30,name:Joomla Component com_if_nexus Remote File Include
ate:2009-12-10,name:The Joomla Lyftenbloggie component 1.0.4 SQL injection vulnerability
ate:2009-12-01,name:Joomla Component com_virtuemart SQL injection vulnerability
ate:2009-11-30,name:The Joomla G Calendar component 1.1.2 remote SQL injection
ate:2009-11-30,name:Joomla Component Com_Joomclip (cat) SQL injection
ate:2009-11-27,name:Joomla Extion iF Portfolio Nexus remote SQL injection
ate:2009-11-13,name:Joomla Component com_photoblog SQL injection vulnerability
ate:2009-10-28,name:Joomla Component com_ajaxchat Remote File Include vulnerability \t
ate:2009-10-28,name:The Joomla JShop component remote SQL injection
ate:2009-10-28,name:Joomla Book Library component 1.0 remote file inclusion
ate:2009-10-14,name:Joomla Component com_soundset (cat_id) Remote SQL Injection Vulnerability
ate:2009-10-14,name:Joomla Component com_cbresumebuilder (group_id) Remote SQL Injection Vulnerability
ate:2009-10-04,name:The Joomla IRCm Basic component remote SQL injection
ate:2009-10-03,name:Joomla Component com_sportfusion Remote SQL injection vuln
ate:2009-10-03,name:Joomla Component com_fastball Remote SQL injection vulnerability - (league)\t
ate:2009-10-03,name:Joomla com_mytube (user_id) Blind SQL Injection Exploit
ate:2009-10-03,name:Mambo\/Joomla com_tupinambis 1.0 SQL Injection
ate:2009-10-03,name:Joomla Component com_facebook SQL injection vulnerability
ate:2009-09-29,name:Joomla Component idoblog 1.1b30 (com_idoblog) SQL Injection Vuln
ate:2009-09-28,name:Joomla Hotel Booking System Component XSS\/SQL Injection Multiple Vulnerability
ate:2009-09-28,name:Joomla Component AlphaUserPoints SQL Injection Exploit
ate:2009-09-28,name:Joomla Component Turtushout 0.11 (Name) SQL Injection Vulnerability
ate:2009-09-28,name:Joomla com_jinc (newsid) Blind SQL Injection Vulnerability
ate:2009-09-28,name:Joomla com_jbudgetsmagic (bid) Remote SQL Injection Vulnerability
ate:2009-09-28,name:Joomla com_surveymanager (stype) SQL Injection Vulnerability
ate:2009-09-26,name:Joomla Component com_album 1.14 Directory Traversal Vulnerability
ate:2009-09-26,name:Joomla Component com_jreservation 1.5 (pid) Blind SQL Injection Exploit
ate:2009-09-23,name:The Joomla DJ Catalog component SQL injection
ate:2009-09-23,name:The Joomla Foobla Suggestions component remote SQL injection
ate:2009-09-23,name:IXXO Cart! Standalone and Joomla Component SQL Injection
ate:2009-09-23,name:Joomla Jlord RSS component remote blind SQL injection
ate:2009-09-17,name:Joomla Component com_digifolio 1.52 (id) SQL Injection Vulnerability
ate:2009-09-15,name:Joomla Almond Classifieds 7.5 (com_aclassf) Multiple Vulnerabilities
ate:2009-09-11,name:Joomla Component jabode (id) Remote SQL Injection Vulnerability
ate:2009-09-04,name:Joomla Component com_gameserver 1.0 (id) SQL Injection Vulnerability
ate:2009-09-04,name:Joomla Component Agora 3.0.0b (com_agora) LFI Vulnerability
ate:2009-09-04,name:Joomla Component com_artportal 1.0 (portalid) SQL Injection Vulns
ate:2009-08-27,name:joomla com_simpleshop SQL Injection(section)
ate:2009-08-20,name:Joomla Component com_jfusion (Itemid) Blind SQL Injection Vuln
ate:2009-08-13,name:Joomla Component com_content 1.0.0 (ItemID) SQL Injection Vuln
ate:2009-08-05,name:Joomla Live Chat SQL Injection
ate:2009-08-05,name:Joomla Component Akobook 2.3 (gbid) SQL Injection Vulnerability
ate:2009-08-05,name:Joomla Component com_media_library 1.5.3 RFI Vulnerability
ate:2009-08-05,name:Joomla Component com_realestatemanager 1.0 RFI Vulnerability
ate:2009-08-05,name:Joomla Component com_vehiclemanager 1.0 RFI Vulnerability
ate:2009-08-05,name:Joomla com_booklibrary_1.5.2.4 Remote File Include
ate:2009-08-05,name:Joomla Component com_amocourse (catid) SQL-injection Vulnerability
ate:2009-08-05,name:Joomla Component com_pinboard (task) SQL Injection Exploit
ate:2009-08-05,name:Joomla Component Joomlaequipment 2.0.4 (com_juser) SQL Injection
ate:2009-07-27,name:Joomla Almond Classifieds 5.6.2 Blind SQL Injection Vuln
ate:2009-07-16,name:Joomla Component Ice Gallery 0.5b2 (catid) Blind SQL Injection Vuln
ate:2009-07-15,name:Joomla Component com_php (id) Blind SQL Injection Vulnerability
ate:2009-07-11,name:Joomla Component com_K2 <= 1.0.1b (category) SQL Injection Vuln
ate:2009-07-11,name:Joomla com_bookflip (book_id) Remote SQL Injection Vulnerability
ate:2009-07-10,name:Joomla Component Boy Scout Advancement <= v-0.3 Sql Injection
ate:2009-07-03,name:Joomla Component DBQuery <= 1.4.1.1 RFI Vulnerability
ate:2009-07-02,name:Joomla Casino 0.3.1 Multiple SQL Injection Exploits
ate:2009-06-23,name:Joomla Component com_jumi (fileid) Blind SQL Injection Exploit
ate:2009-06-23,name:Joomla Component com_ijoomla_rss Blind SQL Injection Exploit
ate:2009-06-23,name:Joomla Component com_Projectfork 2.0.10 Local File Inclusion Vuln
ate:2009-06-22,name:Joomla Component com_school 1.4 (classid) SQL Injection Vulnerability
ate:2009-06-12,name:Joomla Component MooFAQ (com_moofaq) LFI Vulnerability
ate:2009-06-05,name:Joomla Component AgoraGroup 0.3.5.3 Blind SQL Injection Vulnerability
ate:2009-06-04,name:Joomla Component ArtForms 2.1 b7 Remote File Inclusion Vulnerabilities
ate:2009-05-27,name:Joomla Component 'Boy Scout Advancement' <= v-0.3 Multiple SQL Injection
ate:2009-05-26,name:Joomla com_gsticketsystem (catid) Blind SQL Injection Exploit
ate:2009-05-05,name:Joomla Component MailTo (article) SQL Injection Vulnerability
ate:2009-05-05,name:Joomla Component Cmimarketplace (viewit) Directory Traversal Vuln
ate:2009-04-26,name:Joomla Component rsmonials Remote Cross Site Scxripting Exploit
ate:2009-04-13,name:Joomla Component Webhosting (catid) Blind SQL Injection Exploit
ate:2009-04-13,name:Joomla Component com_bookjoomlas 0.1 SQL Injection Vulnerability
ate:2009-04-09,name:Joomla Component com_bookjoomlas SQL Injection Vulnerability
ate:2009-03-31,name:Joomla Component MyAlbum 1.0 (album) SQL Injection Vulnerability
ate:2009-03-23,name:Joomla Component VirtueMart Google Base 1.1 RFI Vulnerability
ate:2009-03-23,name:Joomla Component Flash Tree Gallery 1.0 RFI Vulnerability
ate:2009-03-22,name:Joomla Component versioning 1.0.2 (id) SQL Injection Vulnerability
ate:2009-03-14,name:Joomla Component prayercenter <= 1.4.9 (id) SQL Injection Vulnerability
ate:2009-03-14,name:Joomla Component com_mycontent 1.1.13 Blind SQL Injection Exploit
ate:2009-03-06,name:Joomla Component ongumatimesheet20 4b RFI Vulnerability
ate:2009-03-06,name:Joomla Component Volunteer 2.0 (job_id) SQL Injection Vulnerability
ate:2009-03-03,name:gigCalendar 1.0 (banddetails.php) Joomla Component SQL Injection
ate:2009-02-27,name:Joomla Component com_gigcal (gigcal_gigs_id) SQL Injection Vuln
ate:2009-02-26,name:Joomla com_phocadocumentation (id) Remote SQL Injection Exploit
ate:2009-02-26,name:gigCalendar Joomla Component 1.0 SQL Injection
ate:2009-02-26,name:gigCalendar 1.0 (venuedetails.php) Joomla Component SQL Injection
ate:2009-02-22,name:Joomla Component Kbase 1.0 Remote SQL Injection Vulnerability
ate:2009-02-22,name:Joomla Dada Mail Manager Component 2.6 Remote File Inclusion Vulnerability
ate:2009-02-22,name:Joomla Component ownbiblio 1.5.3 (catid) SQL Injection Vulnerability
ate:2009-02-22,name:Joomla Component mad4joomla SQL Injection Vulnerability
ate:2009-02-22,name:Joomla Component Ignite Gallery 0.8.3 SQL Injection Vulnerability
ate:2009-02-22,name:Joomla Component RWCards 3.0.11 Local File Inclusion Vulnerability
ate:2009-02-22,name:Joomla Component com_joomradio SQL Injection
ate:2009-02-17,name:Joomla Component Thyme 1.0 (event) SQL Injection Vulnerability
ate:2009-02-16,name:Joomla Component Portfol (vcatid) SQL Injection Vulnerability
ate:2009-02-10,name:Joomla Component Joomtracker 1.01 Remote SQL injection Vulnerability
ate:2009-02-10,name:Joomla Component Daily Message 1.0.3 (id) SQL Injection Vuln
ate:2009-02-10,name:Joomla Component ionFiles 4.4.2 File Disclosure Vulnerability
ate:2009-02-09,name:Joomla com_Eventing 1.6.x Blind SQL Injection Exploit
ate:2009-02-09,name:Joomla Component RD-Autos 1.5.2 (id) SQL Injection Vulnerability
ate:2009-02-09,name:Joomla Component Tech Article 1.x (item) SQL Injection Vulnerability
ate:2009-02-05,name:Joomla com_pcchess (game_id) Blind SQL Injection Exploit
ate:2009-02-05,name:Joomla Com BazaarBuilder Shopping Cart v.5.0 SQL Injection Exploit
ate:2009-02-05,name:Joomla com_flashmagazinedeluxe (mag_id) SQL Injection Vulnerability
ate:2009-02-05,name:Joomla com_pccookbook (recipe_id) Blind SQL Injection Exploit
ate:2009-01-26,name:Joomla component beamospetition 1.0.12 Sql Injection
ate:2009-01-19,name:Joomla <= 1.5.8 (xstandard editor) Local Directory Traversal Vulnerability
ate:2009-01-10,name:joomla com_lowcosthotels sql injection
ate:2009-01-10,name:Joomla Component com_tophotelmodule 1.0 Blind SQL Injection Vuln
ate:2009-01-10,name:Joomla Component com_hbssearch 1.0 Blind SQL Injection Vuln
ate:2009-01-09,name:Joomla Component PAX Gallery 0.1 Blind SQL Injection Vulnerability
ate:2009-01-03,name:Joomla Component Clickheat 1.0.1 Multiple RFI Vulnerabilities
ate:2009-01-03,name:Joomla Component Feederator 1.0.5 Multiple RFI Vulnerabilities
ate:2009-01-03,name:Joomla Component mdigg 2.2.8 Blind SQL Injection Exploit
ate:2008-12-23,name:Joomla 1.0.13 - 1.0.14 \/ (remote) PHP file inclusion possible if old configuration.php
ate:2008-12-23,name:Joomla com_books(book_id) SQL injection Vulnerability
ate:2008-12-22,name:Joomla Component com_jmovies 1.1 (id) SQL Injection Exploit
ate:2008-12-17,name:Joomla: Session hijacking vulnerability
ate:2008-12-17,name:Joomla Component Contact Info 1.0 SQL Injection Vulnerability
ate:2008-12-11,name:Joomla Component GameQ
ate:2008-12-11,name:Joomla Component mydyngallery
ate:2008-12-02,name:Joomla Component Xe webtv (id) Blind SQL Injection Exploit
ate:2008-12-01,name:Joomla Component com_datsogallery 1.6 Blind SQL Injection Exploit
ate:2008-11-20,name:Joomla Simple RSS Reader Component 1.0 Remote File Inclusion Vulnerability
ate:2008-11-20,name:Joomla Component JooBlog 0.1.1 (PostID) SQL Injection Vulnerability
ate:2008-11-20,name:Joomla Component JooBlog 0.1.1 (PostID) SQL Injection Vuln.
date:2008-10-25,name:Joomla Component JPad 1.0 SQL Injection Vulnerability (postauth)
date:2008-10-25,name:Joomla Component imagebrowser <= 0.1.5 RC2 Directory Traversal Vuln
date:2008-10-25,name:Joomla Component ds-syndicate (feed_id) SQL Injection Vulnerability
date:2008-10-22,name:Joomla Component actualite 1.0 (id) SQL Injection Vulnerability
date:2008-09-21,name:joomla multiple vuln.
date:2008-09-11,name:Joomla Weak Random Password Reset Token Vulnerability
date:2008-08-19,name:Joomla 1.5.x (Token) Remote Admin Change Password Vulnerability
date:2008-08-16,name:Joomla Component netinvoice 1.2.0 SP1 SQL Injection Vulnerability
date:2008-07-28,name:Joomla Component DT Register Remote SQL injection Vulnerability
date:2008-07-04,name:Joomla Component Com_Facileforms
date:2008-06-03,name:Joomla Component xsstream-dm 0.01 Beta SQL Injection
date:2008-04-27,name:Pu Arcade component for Joomla - SQL injection
date:2008-03-06,name:joomla SQL Injection(com_facileforms)
date:2008-03-06,name:joomla SQL Injection(com_salesrep)
date:2008-03-06,name:joomla SQL Injection(com_detail)
date:2008-03-06,name:joomla SQL Injection (cat)(com_downloads)
date:2008-02-19,name:joomla SQL Injection(com_filebase)
date:2008-02-19,name:joomla SQL Injection(com_sg)
date:2008-02-19,name:joomla SQL Injection( com_scheduling)
date:2008-02-19,name:Default Multiple Joomla! Component com_rapidrecipe \user_id=\ Remote SQL Inj.
date:2008-01-17,name:Multiple CSRF in Joomla all versions - Complete compromise
date:2007-12-15,name:Blind Sql-Injection in Joomla 1.5 RC3
date:2007-10-14,name:wmtrssreader joomla component 1.0 Remote File Include Vulnerability
date:2007-10-14,name:Joomla! swMenuFree 4.6 Component Remote File Include
date:2007-09-12,name:Multiple vulnerabilities in Joomla 1.5 RC 1
date:2007-08-14,name:Joomla J! Reactions Component Remote File include Bug
date:2007-08-14,name:Remote command execution in Joomla! CMS
date:2007-07-14,name:All Of the Mambo & Joomla Script Remote File Inclussion Bugs..
date:2007-04-26,name:Joomla\/Mambo Jambook v1.0 beta7 Rfi Vuln.
date:2007-03-09,name:Secunia Research: Joomla BSQ Sitestats Component MultipleVulnerabilities
date:2006-10-12,name:VirtueMart Joomla eCommerce Edition CMS Multiple XSS Vulnerabilities
date:2006-09-12,name:Mambo\/Joomla com_comprofiler Components <== v1.0 RC 2 Multiple Remote File Include Vulnerabilities
date:2006-09-02,name:Joomla Rssxt <= 1.0 Remote File Include Vulnerability (update)
date:2006-09-02,name:Joomla Kochsuite Component <= 0.9.4 (config.kochsuite.php) Remote File Inclusion Vulnerability
date:2006-09-02,name:Joomla MamboWiki Component <= 0.9.4 Remote File Inclusion Vulnerability
date:2006-08-23,name:Mambo\/Joomla Component Remository v3.25 (mosConfig_absolute_path) Remote File Inclusion Vulnerabilit
date:2006-08-13,name:Savant2 Remote File Include Vulnerability [For Mambo, Joomla]
date:2006-07-25,name:Multiple Mambo\/Joomla Component Remote File Include Vulnerabilities
date:2006-07-25,name:pc_cookbook Mambo\/Joomla Component <= v0.3 Remote File Include Vulnerabilities
date:2006-06-15,name:Joomla! 1.0 Remote File Inclusion
date:2006-06-08,name:Joomla\/Mambo CMS Component SimpleBoard 1.1 XSS-Vulnerabilities
date:2006-03-07,name:JOOMLA CMS 1.0.7 DoS & path disclosing

Drupal历史插件漏洞集合

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
date:2018-06-22,name:Drupal 7 ItalianGov Fi.it Scrivi Al Comune Arbitrary File Upload Vulnerability  
date:2018-06-02,name:Drupal PaisDigital ArgentinaGov Municipality ContactForm Arbitrary File Upload Vulnerability
date:2018-05-22,name:Drupal Exploiter on subdomains brute-forcing (RCE)
date:2018-04-23,name:Drupal Avatar Uploader 7.x-1.0-beta8 Arbitary File Download
date:2018-04-14,name:Drupal 0day Remote PHP Code Execution (Perl)
date:2018-04-13,name:Drupal 0day Remote PHP Code Execution (Python)
date:2018-04-13,name:Drupal 0day Remote PHP Code Execution (curl)
date:2018-04-13,name:Drupal Drupalgeddon2 Remote Code Execution (Ruby)
date:2018-03-30,name:Drupal 7.0 &lt; 7.31 Drupalgeddon SQL Injection (Admin Session)
date:2017-06-08,name:Drupal Public Download Count Module - Open Redirect
date:2017-05-16,name:Drupal comment-form Upload Dangerous File
date:2017-03-10,name:Drupal 7.x Module Services Remote Code Execution
date:2016-07-25,name:Drupal CODER Module 2.5 - Remote Command Execution
date:2016-07-21,name:Drupal RESTWS Module 7.x - Remote PHP Code Execution
date:2016-07-19,name:Drupal 8.1.6 HTTP traffic to an arbitrary proxy server
date:2016-07-17,name:Drupal Webform Multiple File Upload - Remote code execution
date:2016-07-05,name:Drupal 6.22 - menupereid SQL injection Vulnerability
date:2016-02-21,name:Drupal 8.0.x-dev Cross Site Scripting
date Process MiTM
date:2015-10-11,name:Drupal 8.0.0 Beta 14 Cross Site Scripting
date:2014-12-02,name:Drupal 7.34 Memory Exhaustion
date:2014-11-04,name:Drupal &lt; 7.32 Pre Auth SQL Injection Vulnerability
date:2014-10-18,name:Drupal HTTP Parameter Key\/Value SQL Injection
date:2014-10-16,name:Drupal 7.31 CORE pre Auth SQL Injection Vulnerability *youtube
date:2014-10-16,name:Drupal 7.x SQL Injection Exploit
date:2014-08-11,name:WordPress 3.9 and Drupal 7.x Denial Of Service Vulnerability *video
date:2014-05-11,name:Drupal Flag 7.x-3.5 Command Execution
date:2014-04-03,name:Drupal 7.26 Custom Search 7.x-1.13 Cross Site Scripting
date:2014-03-13,name:Drupal SexyBookmarks 6.x Information Disclosure
date:2014-03-13,name:Drupal Webform Template 7.x Access Bypass
date:2014-03-06,name:Drupal Masquerade 6.x \/ 7.x Access Bypass
date:2014-03-06,name:Drupal NewsFlash 6.x \/ 7.x Cross Site Scripting
date:2014-02-27,name:Drupal Mime Mail 6.x \/ 7.x Access Bypass
date:2014-02-27,name:Drupal Content Locking 6.x \/ 7.x CSRF
date:2014-02-27,name:Drupal Project Issue File Review 6.x Cross Site Scripting
date:2014-02-27,name:Drupal Open Omega 7.x Access Bypass
date:2014-02-20,name:Drupal Maestro 7.x Cross Site Scripting
date:2014-02-20,name:Drupal Slickgrid 7.x Access Bypass
date:2014-02-13,name:Drupal Webform Validation 6.x \/ 7.x Cross Site Scripting
date:2014-02-13,name:Drupal Webform 6.x \/ 7.x Cross Site Scripting
date:2014-02-13,name:Drupal Image Resize Filter 6.x \/ 7.x Denial Of Service
date:2014-02-13,name:Drupal Commons 7.x Cross Site Scripting
date:2014-02-13,name:Drupal MAYO 7.x Cross Site Scripting
date:2014-02-13,name:Drupal Chaos Tool Suite 6.x \/ 7.x Access Bypass
date:2014-02-07,name:Drupal Push Notifications 7.x Information Disclosure
date:2014-02-07,name:Drupal Modal Frame API 6.x Cross Site Scripting
date:2014-02-06,name:Drupal 6 Modal Frame API Cross Site Scripting
date:2014-01-30,name:Drupal Tribune 6.x \/ 7.x Cross Site Scripting
date:2014-01-30,name:Drupal Services 7.x Access Bypass
date:2014-01-27,name:Drupal Event calendar module Cross Site Scripting (XSS)
date:2014-01-23,name:Drupal Leaflet 7.x Access Bypass
date:2014-01-23,name:Drupal Secure Cookie Data 7.x Information Disclosure
date:2014-01-23,name:Drupal Doubleclick For Publishers 7.x Cross Site Scripting
date:2014-01-23,name:Drupal Language Switcher Dropdown 7.x Open Redirect
date:2014-01-16,name:Drupal 6.x \/ 7.x Impersonation \/ Access Bypass \/ Hardening
date:2014-01-16,name:Drupal Anonymous Posting 7.x Cross Site Scripting
date:2014-01-09,name:Drupal Media 7.x Access Bypass
date:2013-12-19,name:Drupal 7.x Ubercart Session Fixation Vulnerability
date:2013-11-21,name:Drupal 6.x\/7.x core Multiple vulnerabilities
date:2013-11-21,name:Drupal Invitation 7.x Access Bypass
date:2013-11-21,name:Drupal Entity Reference 7.x Access Bypass
date:2013-11-21,name:Drupal 6.x \/ 7.x PRNG \/ XSS \/ Open Redirect
date:2013-11-21,name:Drupal EU Cookie Compliance 7.x CSRF
date:2013-11-14,name:Drupal GCC 7.x Access Bypass
date:2013-11-14,name:Drupal Misery 6.x \/ 7.x Denial Of Service
date:2013-11-14,name:Drupal Revisioning 7.x Access Bypass
date:2013-11-07,name:Drupal 7.x Payment for Webform Access Bypass
date:2013-10-31,name:Drupal Monster Menus 7.x Access Bypass
date:2013-10-31,name:Drupal Feed Element Mapper 6.x Cross Site Scripting
date:2013-10-31,name:Drupal FileField Sources 6.x \/ 7.x Access Bypass
date:2013-10-31,name:Drupal Quiz 6.x Access Bypass
date:2013-10-17,name:Drupal Context Mulitple Vulnerabilities
date:2013-10-17,name:Drupal Simplenews Cross Site Scripting
date:2013-10-03,name:Drupal Quick Tabs 6.x \/ 7.x Access Bypass
date:2013-10-01,name:Drupal Imagecache security vulnarability (DDOS attack) *youtube
date:2013-09-19,name:Drupal Google Site Search 6.x \/ 7.x Cross Site Scripting
date:2013-09-13,name:Drupal MediaFront 6.x \/ 7.x Cross Site Scripting
date:2013-09-13,name:Drupal Click2Sell Suite 6.x XSS \/ CSRF
date:2013-09-13,name:Drupal jQuery Countdown 7.x Cross Site Scripting
date:2013-09-06,name:Drupal Make Meeting Scheduler 6.x Access Bypass
date:2013-09-06,name:Drupal Core 6.x \/ 7.x Information Disclosure
date:2013-08-29,name:Drupal Flag 7.x Cross Site Scripting
date:2013-08-22,name:Drupal Zen 7.x Cross Site Scripting
date:2013-08-15,name:Drupal 7.22 \/ 6.28 Cross Site Scripting
date:2013-08-15,name:Drupal BOTCHA Spam Prevention 7.x Information Disclosure
date:2013-08-15,name:Drupal Password Policy 6.x \/ 7.x Cross Site Scripting
date:2013-08-15,name:Drupal Entity API 7.x Access Bypass
date:2013-08-08,name:Drupal RESTful Web Services 7.x Access Bypass
date:2013-08-08,name:Drupal Authenticated User Page Caching 7.x Information Disclosure
date:2013-08-08,name:Drupal Mozilla Persona 7.x Cross Site Request Forgery
date:2013-08-08,name:Drupal Organic Groups 7.x Access Bypass \/ Information Disclosure
date:2013-08-08,name:Drupal Monster Menus 6.x \/ 7.x Access Bypass
date:2013-07-26,name:Drupal Scald 6.x \/ 7.x Cross Site Scripting
date:2013-07-19,name:Drupal MRBS 6.x \/ 7.x CSRF \/ SQL Injection
date:2013-07-11,name:Drupal TinyBox 7.x Cross Site Scripting
date:2013-07-11,name:Drupal Stage File Proxy 7.x Denial Of Service
date:2013-07-11,name:Drupal Hatch 7.x Cross Site Scripting
date:2013-06-29,name:Drupal 7.x Fonecta verify Cross Site Scripting
date:2013-06-29,name:Drupal 7.x Exposed Filter Data Cross Site Scripting
date:2013-06-27,name:Drupal 7.x Apache Solr Autocomplete Cross Site Scripting
date:2013-06-27,name:Drupal 7.x Fast Permissions Administration Access bypass
date:2013-06-20,name:Drupal Login Security 6.x \/ 7.x DoS \/ Bypass
date:2013-06-13,name:Drupal Display Suite 7.x Cross Site Scripting
date:2013-06-06,name:Drupal Services 6.x \/ 7.x Cross Site Request Forgery
date:2013-05-30,name:Drupal 7.x Node access user reference
date:2013-05-30,name:Drupal 7.x Edit Limit access bypass
date:2013-05-30,name:Drupal 6.x Webform XSS
date:2013-05-18,name:CKEditor &lt;4.1 Drupal 6.x &amp; 7.x Persistent XSS
date:2013-05-16,name:Drupal 6.x\/7.x Google Authenticator login Access Bypass
date:2013-05-08,name:Drupal Htmlarea Modules (4.7.x-1.x) Arbitary File Upload Vulnerabilities
date:2013-04-18,name:Drupal AWTNF 6.x \/ 7.x Access Bypass
date:2013-04-18,name:Drupal MP3 Players 6.x Cross Site Scripting
date:2013-04-18,name:Drupal elFinder File Mapper 6.x &amp; 7.x CSRF
date:2013-04-11,name:Drupal RESTful Web Services 7.x Denial Of Service
date:2013-04-04,name:Drupal Commerce Skrill 7.x Access Bypass
date:2013-04-04,name:Drupal Chaos Tool Suite 7.x Access Bypass
date:2013-03-28,name:Drupal Common Groups 7.x Access Bypass &amp; Privilege Escalation
date:2013-03-28,name:Drupal Common Wikis 7.x Access Bypass &amp; Privilege Escalation
date:2013-03-28,name:Drupal Rules 7.x Cross Site Scripting
date:2013-03-28,name:Drupal Zero Point 7.x Cross Site Scripting
date:2013-03-21,name:Drupal Views 7.x Cross Site Scripting
date:2013-03-14,name:Drupal Node Parameter Control 6.x Access Bypass
date:2013-03-02,name:Drupal Premium Responsive 7.x Cross Site Scripting
date:2013-02-28,name:Drupal Fresh Theme 7.x Cross Site Scripting
date:2013-02-28,name:Drupal Clean 7.x Cross Site Scripting
date:2013-02-28,name:Drupal Creative Theme 7.x Cross Site Scripting
date:2013-02-28,name:Drupal Professional 7.x Cross Site Scripting
date:2013-02-28,name:Drupal Best Responsive 7.x Cross Site Scripting
date:2013-02-28,name:Drupal Company Theme 7.x Cross Site Scripting
date:2013-02-14,name:Drupal Banckle Chat 7.x Access Bypass
date:2013-02-14,name:Drupal Manager Change For Organic Groups 7.x Cross Site Scripting
date:2013-01-31,name:Drupal Google Authenticator (third-party module)
date:2013-01-31,name:Drupal 7.x Boxes Cross Site Scripting
date:2013-01-31,name:Drupal Drush Debian Packaging Information Disclosure
date:2013-01-31,name:Drupal 6.x email2image Access bypass
date:2013-01-25,name:Drupal CurvyCorners Cross-site Scripting
date:2013-01-24,name:Drupal Video 7.x PHP Code Execution
date:2013-01-24,name:Drupal Search API Sorts 7.x Cross Site Scripting
date:2013-01-24,name:Drupal User Relationships 6.x \/ 7.x Cross Site Scripting
date:2013-01-24,name:Drupal CurvyCorners 6.x \/ 7.x Cross Site Scripting
date:2013-01-24,name:Drupal Keyboard Shortcut Utility 7.x Access Bypass
date:2013-01-17,name:Drupal Live CSS 6.x \/ 7.x PHP Code Execution
date:2013-01-17,name:Drupal Core 6.x \/ 7.x Cross Site Scripting &amp; Access Bypass
date:2013-01-17,name:Drupal Mark Complete 7.x Cross Site Request Forgery
date:2013-01-10,name:Drupal Payment 7.x Access Bypass
date:2013-01-08,name:Drupal 6.x-&gt;7.18 getimagesize() &lt;= Multiple Vulnerabilities
date:2012-12-20,name:Drupal Core 6.x &amp; 7.x Access Bypass &amp; Code Execution
date:2012-12-06,name:Drupal Nodeword D6 Meta Tags 6.x Information Disclosure
date:2012-11-30,name:Drupal Email Field 6.x XSS &amp; Access Bypass
date:2012-11-25,name:TYPO3 CMS, TinyMCE, Liferay Portal, Drupal swfupload XSS
date:2012-11-15,name:Drupal RESTful Web Services 7.x Cross Site Request Forgery
date:2012-11-15,name:Drupal Smiley \/ Smileys 6.x Cross Site Scripting
date:2012-11-15,name:Drupal User Read-Only 6.x \/ 7.x Access Bypass
date:2012-11-08,name:Drupal OM Maximenu 6.x \/ 7.x Cross Site Scripting
date:2012-11-08,name:Drupal Webform CiviCRM Integration 7.x Access Bypass
date:2012-10-26,name:Drupal MailChimp 7.x Cross Site Scripting
date:2012-10-11,name:Drupal Feeds 7.x Access Bypass
date:2012-10-11,name:Drupal Mandrill 7.x Information Disclosure
date:2012-10-11,name:Drupal ShareThis 7.x Cross Site Scripting
date:2012-10-11,name:Drupal Basic Webmail 6.x XSS &amp; Information Disclosure
date:2012-10-04,name:Drupal Twitter Pull 6.x &amp; 7.x Cross Site Scripting
date:2012-10-04,name:Drupal Commerce Extra Panes 7.x Cross Site Request Forgery
date:2012-09-27,name:Drupal Organic Groups 7.x Access Bypass
date:2012-09-19,name:Drupal Heartbeat 6.x 7.x Cross Site Request Forgery
date:2012-09-19,name:Drupal Exposed Filter Data 6.x Cross Site Scripting
date:2012-09-18,name:Drupal Email Field 6.x \/ 7.x Access Bypass
date:2012-09-18,name:Drupal Announcements 6.x Access Bypass
date:2012-09-18,name:Drupal Activism 6.x Access Bypass
date:2012-09-18,name:Drupal Taxonomy Image 6.x Cross Site Scripting \/ PHP Code Execution
date:2012-09-18,name:Drupal Javascript Tool 7.x File Access
date:2012-08-20,name:Drupal Elegant Theme 7.x Cross Site Scripting
date:2012-08-20,name:Drupal Custom Publishing Options 6.x XSS
date:2012-08-20,name:Drupal Hotblocks 6.x Cross Site Scripting
date:2012-08-07,name:Drupal Excluded Users 6.x Cross Site Scripting
date:2012-08-07,name:Drupal Monthly Archive by Node Type 6.x Access Bypass
date:2012-07-31,name:Drupal Location 6.x \/ 7.x Access Bypass
date:2012-07-31,name:Drupal Secure Login 7.x Open Redirect
date:2012-07-31,name:Drupal Gallery Formatter 7.x Cross Site Scripting
date:2012-07-31,name:Drupal Subuser 6.x Bypass \/ CSRF
date:2012-07-24,name:Drupal Campaign Monitor 6.x Cross Site Scripting
date:2012-07-16,name:Drupal Book Block 6.x-1.0-beta1 Cross Site Scripting
date:2012-07-16,name:Drupal Book Block Module V.6.x-1.0-beta1 XSS Vulnerability
date:2012-06-26,name:Drupal Drag And Drop 6.x-1.5 Shell Upload
date:2012-06-25,name:Drupal 7.x-1.3 Privatemsg Cross Site Scripting
date:2012-06-17,name:Drupal Ubercart AJAX Cart 6.x Information Disclosure
date:2012-06-15,name:Drupal SimpleMeta 6.x Cross Site Request Forgery
date:2012-06-15,name:Drupal Janrain Capture 6.x \/ 7.x Open Redirect
date:2012-06-15,name:Drupal Node Hierarchy 6.x Cross Site Request Forgery
date:2012-06-15,name:Drupal Global Redirect 6.x \/ 7.x Open Redirect
date:2012-06-15,name:Drupal Protected Node 6.x Access Bypass
date:2012-06-08,name:Drupal Tokenauth 6.x Access Bypass
date:2012-06-08,name:Drupal Maestro 7.x Cross Site Scripting \/ Cross Site Request Forgery
date:2012-06-08,name:Drupal Protest 6.x \/ 7.x Cross Site Scripting
date:2012-06-08,name:Drupal Authoring HTML 6.x Cross Site Scripting
date:2012-06-08,name:Drupal Node Embed 6.x \/ 7.x Access Bypass
date:2012-06-08,name:Drupal Organic Groups 6.x Cross Site Scripting \/ Access Bypass
date:2012-06-08,name:Drupal Simplenews 6.x \/ 7.x Information Disclosure
date:2012-06-04,name:Drupal Counter 6.x SQL Injection
date:2012-06-04,name:Drupal Mobile Tools 6.x Cross Site Scripting
date:2012-06-04,name:Drupal Comment Moderation 6.x Cross Site Request Forgery
date:2012-06-04,name:Drupal Amadou 6.x Cross Site Scripting
date:2012-05-28,name:Drupal Taxonomy List 6.x Cross Site Scripting
date:2012-05-28,name:Drupal BrowserID 7.x Cross Site Request Forgery
date:2012-05-28,name:Drupal Search API 7.x Cross Site Scripting
date:2012-05-20,name:Drupal Hostmaster 6.x Cross Site Scripting \/ Access Bypass
date:2012-05-20,name:Drupal Aberdeen 6.x Cross Site Scripting
date:2012-05-19,name:Drupal Post Affiliate Pro 6.x Cross Site Scripting \/ Access Bypass
date:2012-05-19,name:Drupal Advertisement 6.x Cross Site Scripting
date:2012-05-19,name:Drupal Ubercart Product Keys 6.x Access Bypass
date:2012-05-19,name:Drupal Smart Breadcrumb 6.x Cross Site Scripting
date:2012-05-13,name:Drupal Take Control 6.x Cross Site Request Forgery
date:2012-05-13,name:Drupal Glossary 6.x Cross Site Scripting
date:2012-05-12,name:Drupal Core 7.x Multiple Vulnerabilities
date:2012-05-04,name:Drupal Glossify Internal Links Auto SEO 6.x Cross Site Scripting
date:2012-05-04,name:Drupal Node Gallery 6.x Cross Site Request Forgery
date:2012-05-04,name:Drupal Taxonomy Grid 6.x Cross Site Scripting
date:2012-05-04,name:Drupal cctags 6.x \/ 7.x Cross Site Scripting
date:2012-04-28,name:Drupal Site Documentation 6.x Information Disclosure
date:2012-04-28,name:Drupal Ubercart 6.x \/ 7.x XSS \/ PHP Code Execution
date:2012-04-28,name:Drupal RealName 6.x Cross Site Scripting
date:2012-04-28,name:Drupal Creative Commons 6.x Cross Site Scripting
date:2012-04-28,name:Drupal Linkit 7.x Access Bypass
date:2012-04-28,name:Drupal Spaces 6.x Access Bypass
date:2012-04-01,name:Drupal Activity 6.x XSS Proof Of Concept
date:2012-03-26,name:Drupal FCKEditor\/CKEditor remote code execution
date:2012-03-19,name:Drupal 7.x Search Module Full Path Disclosure
date:2012-01-22,name:Drupal CKEditor 3.6.2 Cross Site Scripting
date:2012-01-10,name:VBDrupal Cross Site Scripting
date:2011-12-24,name:Drupal 6.22 \/ SuperCron 6.x-1.3 Cross Site Scripting
date:2011-11-21,name:Drupal String Overrides Cross Site Scripting
date:2011-07-03,name:Drupal 6.22 Cross Site Scripting
date:2011-06-02,name:Drupal With Webform Cross Site Scripting
date:2011-01-22,name:Drupal 5.x, 6.x <= Stored Cross Site Scripting Vulnerability
date:2010-07-19,name:Drupal 6.16 with OG Menu 6.x-2.0 cross site scripting
date:2010-05-21,name:Drupal 6.16 with Context 6.x-2.0-rc3 XSS
date:2010-05-20,name:The Drupal Storm module 1.32 cross site scripting
date:2010-04-30,name:Drupal 6.16 with Better Formats 6.x-1.2 cross site scripting
date:2010-02-20,name:Drupal 6.15 with Twitter module version 6.x-2.6 clear text credential storage
date:2010-02-06,name:Drupal's MP3 Player module 6.x-1.0-beta1 cross site scripting
date:2010-01-23,name:Drupal Node Blocks contributed module (6.x-1.3 and 5.x-1.1) XSS
date:2009-12-19,name:Drupal 6.14 Sections 6.x-1.2 multiple cross site scripting
date:2009-06-12,name:Drupal Taxonomy Manager Module XSS Vulnerability
date:2009-06-12,name:Drupal 6 Views Module XSS Vulnerability
date:2009-06-12,name:Drupal Nodequeue Module XSS Vulnerability
date:2009-06-11,name:Drupal Flag Module Multiple Vulnerabilities
date:2009-06-04,name:Drupal Embedded Media Field Module Multiple XSS
date:2009-06-03,name:Drupal 6 Content Access Module XSS
date:2009-05-20,name:Drupal 6 CCK Module XSS Vulnerability
date:2009-05-13,name:Drupal 5.17 Taxonomy Module XSS Vulnerability
date:2009-03-03,name:Drupal Protected Node Module XSS Vulnerability
date:2009-02-16,name:LFI in Drupal CMS
date:2009-02-09,name:Drupal Link Module XSS Vulnerability
date:2008-09-27,name:Drupal Brilliant Gallery module SQL injection vulnerability
date:2008-09-27,name:Drupal Ajax Checklist Module SQL Injection Vulnerability
date:2008-09-21,name:drupal: Session hijacking vulnerability
date:2008-09-21,name:Drupal Link to Us Module Contains XSS Vulnerability
date:2007-01-19,name:Drupal 4.6.11 \/ 4.7.5 fixes DoS issue
date:2006-10-26,name:Drupal 4.6.10 \/ 4.7.4 fixes multiple XSS issues
date:2006-10-26,name:Drupal 4.6.10 \/ 4.7.4 fixes HTML attribute injection issue
date:2006-10-26,name:Drupal 4.6.10 \/ 4.7.4 fixes CRF issue
date:2006-06-08,name:Drupal 4.6.8 \/ 4.7.2 fixes XSS issue
date:2006-06-08,name:Drupal 4.6.8 \/ 4.7.2 fixes arbitrary file execution issue
date:2006-03-23,name:Drupal 4.6.6 \/ 4.5.8 fixes XSS issue
date:2006-03-23,name:Drupal 4.6.6 \/ 4.5.8 fixes session fixation issue
date:2006-03-23,name:Drupal 4.6.6 \/ 4.5.8 fixes mail header injection issue
date:2006-03-23,name:Drupal 4.6.6 \/ 4.5.8 fixes access control issue
date:2005-12-12,name:Drupal 4.6.4 \/ 4.5.6 fixes XSS and HTTP header injection issue
文章作者: laolisafe
文章链接: https://laolisafe.com/a/34829.html
版权声明: 本博客所有文章除特别声明外,均采用 CC BY-NC-SA 4.0 许可协议。转载请注明来自 大老李的Blog
打赏
  • 微信
  • 支付宝

评论