| IBMi Navigator HTTP Security Token Bypass CVE-2024-51464 |
| IBMi Navigator Server Side Request Forgery (SSRF) CVE-2024-51463 |
| Adversary3 v3.32 malware vulnerability tool Updated with 700 malware & C2 exploits |
| RansomLord v3.1 Anti-Ransomware Exploitation Tool |
| Microsoft Windows Defender Backdoor:JS/Relvelshe.A / Detection Mitigation Bypass |
| Microsoft Windows Defender Trojan.Win32/Powessere.G / VBScript Detection Bypass |
| Microsoft Windows Defender Trojan.Win32/Powessere.G / Detection Mitigation Bypass Part 3 |
| Microsoft Windows Defender Trojan.Win32/Powessere.G / Detection Mitigation Bypass Part 2 |
| Wyrestorm Apollo VX20 Incorrect Access Control - Credentials Disclosure CVE-2024-25735 |
| Wyrestorm Apollo VX20 Incorrect Access Control - DoS CVE-2024-25736 |
| Wyrestorm Apollo VX20 Account Enumeration CVE-2024-25734 |
| IBM i Access Client Solutions Remote Credential Theft CVE-2024-22318 |
| RansomLord v2 Anti-Ransomware Exploitation Tool |
| Microsoft PowerShell Single Quote Code Execution / Event Log Bypass |
| Microsoft Defender Anti-Malware PowerShell API Arbitrary Code Execution |
| RansomLord v1 Anti-Ransomware exploit tool |
| Windows PowerShell PS1 Trojan File RCE |
| RSA NetWitness Platform EDR Agent Incorrect Access Control - Code Execution CVE-2022-47529 |
| Microsoft Windows Contact file Remote Code Execution (Resurrected) CVE-2022-44666 |
| Adversary3 v1.0 Malware vulnerability intel tool for third-party attackers. |
| Microsoft Windows Defender Detections Bypass |
| Microsoft Windows .Reg File Dialog Spoof Mitigation Bypass |
| Microsoft Internet Explorer ActiveX Control Security Bypass |
| Viruscreds - Database of backdoor passwords used by Malware. Uncovered by the Malvuln project. |
| Windows NT Command-line Interpreter "cmd.exe" Stack Buffer Overflow |
| Launched www.malvuln.com Jan 2, 2021 All about vulnerabilities in Malware. |
| NtFileSins v2.2 Windows NTFS Privileged File Access Enumeration Tool (Python v3) |
| Windows TCPIP Finger Command "finger.exe" C2 Channel and Bypassing Security Software |
| Ericom Access Server for (AccessNow & Ericom Blaze) v9.2.0 Server Side Request Forgery CVE-2020-24548 |
| Microsoft Windows mshta.exe (HTA File) XML External Entity Injection |
| HFS HTTP File Server "hfs.exe" Remote Buffer Overflow DoS CVE-2020-13432 |
| Avaya IP Office v9.1.8.0 - 11 Insecure Transit Password Disclosure CVE-2020-7030 |
| WinGate v9.4.1.5998 Insecure Permissions EoP CVE-2020-13866 |
| Neowise CarbonFTP v1.4 Insecure Proprietary Password Encryption (v2 Exploit) CVE-2020-6857 |
| M$ Windows net use Logon Command Insufficient Authentication Logic Scanner Tool |
| Microsoft Windows net use Command Insufficient Authentication Logic |
| Recon-Informer v1.3 Intel for offensive systems anti-reconnaissance (nmap) tool |
| NTCrackPipe v2.0 Windows Local Account Cracker |
| Neowise CarbonFTP v1.4 Insecure Proprietary Password Encryption CVE-2020-6857 |
| HP System Event Utility Privilege Escalation Vulnerability CVE-2019-18915 |
| Trend Micro Security 2019 (Consumer) Multiple Products Security Bypass Protected Service Tampering CVE-2019-19697 |
| Trend Micro Security (Consumer) Multiple Products Persistent Arbitrary Code Execution CVE-2019-20357 |
| Microsoft Windows VCF Card Mailto Link Denial Of Service |
| Microsoft Windows .Group File URL Field Code Execution |
| Microsoft Windows Media Center XXE MotW Bypass (Anniversary Edition) |
| Microsoft Visual Studio 2008 Express IDE XML External Entity Injection 0Day |
| Microsoft Excel 2016 v1901 Import Error XML External Entity Injection 0Day |
| Max Secure Anti Virus Plus v19.0.4.020 Insecure Permissions CVE-2019-19382 |
| NAPC Xinet Elegant 6 Asset Library Web Interface v6.1 SQL Injection Exploit Python3 Version CVE-2019-19245 |
| NAPC Xinet Elegant 6 Asset Library Web Interface v6.1.655 Pre-Auth SQL Injection 0Day CVE-2019-19245 |
| ScanGuard Antivirus (latest version) Insecure Permissions CVE-2019-18895 |
| Trend Micro Anti-Threat Toolkit (ATTK) <= v1.62.0.1218 Remote Code Execution 0day CVE-2019-9491 |
| NtFileSins v2.1 Windows NTFS Privileged File Access Enumeration Tool |
| Microsoft Windows NTFS Privileged File Access Enumeration 0day |
| GGPowerShell Windows PowerShell Unsanitized RCE File Creation Tool |
| Microsoft Windows PowerShell Unsanitized Filename Command Execution 0day |
| Trend Micro Deep Discovery Inspector IDS Percent Encoding IDS Bypass |
| MAPLE Computer WBT SNMP Administrator v2.0.195.15 Unauthenticated Remote Buffer Overflow Code Execution 0day CVE-2019-13577 |
| Microsoft Compiled HTML Help Uncompiled .chm File XML External Entity 0day |
| Microsoft File Checksum Integrity Verifier "fciv.exe" v2.05 DLL Hijack Arbitrary Code Execution 0day |
| Microsoft Internet Explorer Security Feature Bypass Vulnerability CVE-2019-0995 |
| Hosting Controller HC10 HC.Server Service 10.14 Remote Invalid Pointer Write CVE-2019-12323 |
| Microsoft Word (2016) Deceptive File Reference ZDI-CAN-7949 |
| Windows PowerShell Integrated Scripting Environment (ISE) Filename Parsing Flaw Remote Code Execution 0day ZDI-CAN-8005 |
| Microsoft Internet Explorer v11 XML External Entity Injection 0day |
| Microsoft Windows .Reg File Dialog Box Message Spoofing 0day |
| Microsoft Windows ".contact" File HTML Injection Mailto: Link Remote Code Execution 0day ZDI-CAN-7591 |
| Microsoft Windows ".contact" File Insufficient UI Warning Arbitrary Code Execution 0day ZDI-CAN-7591 |
| Microsoft Windows VCF File Insufficient UI Warning Remote Code Execution 0day ZDI-CAN-6920 |
| NEC Univerge Sv9100 WebPro - 6.00 Predictable Session ID / Clear Text Password Storage CVE-2018-11741 / CVE-2018-11742 |
| Cisco Immunet and Cisco AMP for Endpoints System Scan Denial of Service CVE-2018-15437 |
| D-LINK Central WifiManager CWM-100 FTP Server PORT Bounce Scan CVE-2018-15516 |
| D-LINK Central WifiManager CWM-100 Server Side Request Forgery CVE-2018-15517 |
| D-LINK Central WifiManager CWM-100 Trojan File SYSTEM Privilege Escalation CVE-2018-15515 |
| ServersCheck Monitoring Software through 14.3.3 Arbitrary File Write CVE-2018-18552 |
| ServersCheck Monitoring Software through 14.3.3 SQL Injection CVE-2018-18550 |
| ServersCheck Monitoring Software through 14.3.3 Cross Site Scripting CVE-2018-18551 |
| NoMachine <= v5.3.26 Trojan File Remote Code Execution CVE-2018-17980 |
| Microsoft SQL Server REGSRVR XML External Entity Injection CVE-2018-8533 |
| Microsoft SQL Server .XEL File XML External Entity Injection CVE-2018-8527 |
| Microsoft SQL Server .XMLA File XML External Entity Injection CVE-2018-8532 |
| Microsoft .NET Framework CVE-2015-6099 Analysis Whitepaper MS15-118 |
| Microsoft Baseline Security Analyzer v2.3 XML External Entity Injection ZDI-CAN-6307 |
| FsPro Labs Event Log Explorer v4.6.1.2115 XML External Entity Injection CVE-2018-16252 |
| Argus Surveillance DVR - 4.0.0.0 Unauthenticated Directory Traversal File Disclosure CVE-2018-15745 |
| Argus Surveillance DVR - 4.0.0.0 SYSTEM Privilege Escalation |
| Microsoft DirectX SDK (June 2010) Xact3.exe Trojan File Remote Code Execution |
| Microsoft Windows "dnslint.exe" DNS Tool Forced drive-by Download |
| Microsoft Windows Enterprise Mode Site List Manager XML External Entity Injection |
| Microsoft Windows ".library-ms" Filetype Information Disclosure |
| Microsoft Windows Enhanced Mitigation Toolkit Experience (EMET) XML External Entity Injection |
| Windows System Information Console .MSC XML External Entity Injection CVE-2017-8710 |
| PolarisOffice 2017 v8 Trojan File Remote Code Execution CVE-2018-12589 |
| TrendMicro OfficeScan XG v11.0 Unauthorized Change Protection Bypass CVE-2018-10507 |
| Microsoft Windows "FxCop" v10-12 XML External Entity Injection |
| Easy Hosting Control Panel v0.37.12.b XSS Add FTP Backdoor Account CVE-2018-6361 |
| Easy Hosting Control Panel v0.37.12.b Unverified Password Change CVE-2018-6617 |
| Easy Hosting Control Panel v0.37.12.b Cleartext Password Storage CVE-2018-6618 |
| Easy Hosting Control Panel v0.37.12.b Cross Site Scripting - Cookie Theft CVE-2018-6362 |
| Easy Hosting Control Panel v0.37.12.b Multiple Cross Site Request Forgery(s) CVE-2018-6458 |
| Easy Hosting Control Panel v0.37.12.b Insecure Crypto CVE-2018-6619 |
| DeviceLock Plug and Play Auditor v5.72 Unicode Buffer Overflow (SEH) CVE-2018-10655 |
| Microsoft (Win 10) InternetExplorer v11.371.16299 Denial Of Service |
| Sophos Endpoint Protection v10.7 Enhanced Tamper Protection Bypass CVE-2018-4863 |
| Sophos Endpoint Protection Control Panel v10.7 Insecure Crypto CVE-2018-9233 |
| Microsoft Exchange Server Open Redirect CVE-2016-3378 / MS16-108 |
| DEWESoft X3 SP1 (64-bit) installer Remote Internal Command Access CVE-2018-7756 |
| Weblog Expert Web Server Enterprise v9.4 Authentication Bypass CVE-2018-7581 |
| Weblog Expert Web Server Enterprise v9.4 Denial Of Service CVE-2018-7582 |
| Softros Network Time System (Server) v2.3.4 11 Byte Denial Of Service CVE-2018-7658 |
| DualDesk v20 Proxy.exe Server Denial Of Service CVE-2018-7583 |
| SEGGER embOS/IP FTP Server v3.22 FTP Commands Denial Of Service CVE-2018-7449 |
| NTCrackPipe 1.0 Local Windows Account Cracker |
| NAT32 Build (22284) Remote Code Execution CVE-2018-6940 |
| NAT32 Build (22284) Remote Code Execution - CSRF CVE-2018-6941 |
| CloudMe Sync <= v1.10.9 Unauthenticated Remote Buffer Overflow CVE-2018-6892 |
| CVS Suite 2009R2 Insecure Library Loading CVE-2018-6461 |
| Adminer <= v4.3.1 Server Side Request Forgery |
| BarcodeWiz ActiveX Control < 6.7 Buffer Overflow CVE-2018-5221 |
| Oracle JDeveloper Directory Traversal CVE-2017-10273 |
| Froxlor v0.9.37 HTML Injection |
| Abyss Web Server < v2.11.6 Memory Heap Corruption |
| Artica Web Proxy v3.06 Remote Code Execution CVE-2017-17055 |
| Mist Server v2.12 Unauthenticated Persistent XSS CVE-2017-16884 |
| Symantec Endpoint Protection (SEP) v12.1 Tamper-protection Bypass CVE-2017-6331 / SSG16-041 |
| Avaya Office (IPO) SoftConsole Remote SEH Buffer Overflow 0day CVE-2017-11309 / ASA-2017-307 |
| Avaya Office IPO Remote ActiveX Remote ActiveX Buffer Overflow 0day CVE-2017-12969 / ASA-2017-313 |
| Microsoft Windows Game Definition File Editor v6.3.9600 XML External Entity |
| Webmin v1.850 Remote Code Execution / SSRF CVE-2017-15644 / CVE-2017-15645 / CVE-2017-15646 |
| Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Remote Memory Corruption CVE-2017-14089 |
| Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Remote Encryption Key Disclosure CVE-2017-14083 |
| Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Change Prevention Image File Execution Bypass |
| Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Start Remote Process Code Execution / INI Corruption CVE-2017-14086 |
| Trend Micro OfficeScan v11.0 and XG (12.0)* CURL (MITM) Remote Code Execution CVE-2017-14084 |
| Trend Micro OfficeScan v11.0 and XG (12.0)* Host Header Injection CVE-2017-14087 |
| Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized NT Domain / PHP Information Disclosures CVE-2017-14085 |
| Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Server Side Request Forgery |
| Mako Web Server v2.5 Multiple Unauthenticated Vulnerabilities |
| Mongoose Web Server v6.5 CSRF Command Execution CVE-2017-11567 |
| Apache2Triad Web Server Multiple Vulnerabilities CVE-2017-12965 | CVE-2017-12970 | CVE-2017-12971 |
| Yaws Web Server v1.91 Unauthenticated Remote File Disclosure CVE-2017-10974 |
| Firefox v54.0.1 Denial Of Service |
| MySQL G0ld Brute Forcing Utility |
| BIND Local Privilege Escalation CVE-2017-3141 |
| subsonic v6.1.1 XML External Entity CVE-2017-9355 |
| subsonic v6.1.1 Server Side Request Forgery CVE-2017-9413 |
| subsonic v6.1.1 Password Reset CVE-2017-9415 |
| subsonic v6.1.1 Persistent XSS CVE-2017-9024 |
| ampache v3.8.2 Cross Site Scripting |
| Secure Auditor - v3.0 Directory Traversal CVE-2017-9024 |
| Pegasus "winpm-32.exe" v4.72 Mailto: Link Remote Code Execution CVE-2017-9046 |
| Mantis Bug Tracker 1.3.10 / v2.3.0 CSRF Permalink Injection CVE-2017-9046 |
| Mailcow v0.14 CSRF Password Reset / Add Admin / Delete Domains CVE-2017-8928 |
| Mantis Bug Tracker v1.3.0 / 2.3.0 Pre-Auth Remote Password Reset CVE-2017-7615 |
| concrete5 v8.1.0 Host Header Injection CVE-2017-7455 |
| Adobe Creative Cloud Desktop Application <= v4.0.0.185 Privilege Escalation CVE-2017-7455 |
| Moxa MXview v2.8 Remote Private Key Disclosure CVE-2017-7455 |
| Moxa MXview v2.8 Denial Of Service CVE-2017-7456 |
| Moxa MX AOPC-Server v1.5 XML External Entity Injection CVE-2017-7457 |
| Spiceworks v7.5 Remote File Overwrite / Upload CVE-2017-7237 |
| Splunk Enterprise Information Theft CVE-2017-5607 |
| DzSoft PHP Editor v4.2.7 File Enumeration |
| ExtraPuTTY v029_RC2 TFTP Denial Of Service CVE-2017-7183 |
| Microsoft Windows DVD Maker XML External Entity File Disclosure CVE-2017-0045 / MS17-020 |
| MobaXterm Personal Edition v9.4 Path Traversal Remote File Disclosure CVE-2017-6805 |
| FTP Voyager Scheduler v16.2.0 CSRF Remote Command Execution CVE-2017-6803 |
| EasyCom PHP API Stack Buffer Overflow CVE-2017-5358 |
| EasyCom SQL iPlug Denial Of Service CVE-2017-5359 |
| Sawmill Enterprise v8.7.9 Pass The Hash Authentication Bypass CVE-2017-5496 |
| PHPShell v2.4 Session Fixation |
| PHPShell v2.4 Cross Site Scripting |
| Mailenable Multiple Privilege Escalation |
| Ghostscript 9.20 Filename Command Execution |
| PEAR Base System v1.10.1 Arbitrary File Download CVE-2017-5630 |
| PEAR HTTP_Upload v1.0.0b3 Arbitrary File Upload |
| NTOPNG Web Interface v2.4 CSRF Token Bypass CVE-2017-5473 |
| Java SE Mission Control Insecure Transport MITM CVE-2016-8328 |
| dirList v0.3.0 Arbitrary File Upload |
| BoZoN 2.4 Remote Command Execution |
| XAMPP Control Panel Memory Corruption Denial Of Service |
| Adobe Animate <= v15.2.1.95 Memory Corruption Vulnerability CVE-2016-7866 / APSB16-38 |
| Symantec VIP Access Desktop Arbitrary DLL Execution CVE-2016-6593 |
| Microsoft PowerShell XML External Entity |
| Apache CouchDB Local Privilege Escalation CVE-2016-8742 |
| Microsoft Windows Media Center "ehshell.exe" XML External Entity |
| Microsoft Excel Starter 2010 XML External Entity |
| Microsoft MSINFO32.EXE ".NFO" Files XML External Entity |
| Microsoft Authorization Manager "azman" XML External Entity |
| Microsoft Event Viewer v1.0 XML External Entity CVE-2019-0948 |
| Core FTP LE v2.2 Remote SSH/SFTP Buffer Overflow |
| EasyPHP Devserver CSRF / Remote Command Execution |
| Putty Cleartext Password Storage |
| ScriptCase PHP RAD Tool Command Execution / SQL Injection / XSS / CSRF / User Enum |
| Intel Security Application Local Management Service Privilege Escalation |
| WinaXe v7.7 FTP 'Server Ready' CMD Remote Buffer Overflow |
| Axessh 4.2.2 Remote Denial Of Service |
| Rapid PHP Editor IDE Remote Command Execution |
| Hewlett Packard TouchSmart Calendar Privilege Escalation |
| Puppet Enterprise Web Interface Authentication Redirect CVE-2016-5715 |
| Puppet Enterprise Web Interface User Enumeration |
| Oracle Netbeans IDE v8.1 Import Directory Traversal CVE-2016-5537 |
| Nagios XI V5.2.9 Multiple Vulnerabilities |
| ZendStudio IDE v13.5.1 Privilege Escalation |
| Snort v2.9.7.0-WIN32 DLL Loading Vulnerability CVE-2016-1417 |
| TeempIp XSS Cookie Theft |
| Necroscan <= v0.9.1 Local Buffer Overflow |
| Lepton CMS PHP Code Injection |
| Lepton CMS Directory Traversal |
| WSO2 Identity Server v5.1.0 XML External Entity CVE-2016-4312 | CVE-2016-4311 |
| WSO2 Carbon Server v4.4.5 Local File Inclusion Credentials Exposure CVE-2016-4314 |
| WSO2 Carbon Server v4.4.5 Persistent XSS Cookie Theft CVE-2016-4316 |
| WSO2 Carbon Server v4.4.5 Cross Site Request Forgery DOS CVE-2016-4315 |
| Nagios Network Analyzer Cross Site Scripting (XSS) |
| Nagios Network Analyzer Cross Site Request Forgerys |
| Microsoft Process Kill Utility "kill.exe" Local Buffer Overflow |
| WebCalendar v1.2.7 PHP Code Injection |
| WebCalendar v1.2.7 Cross Site Request Forgery Token Bypass |
| Symantec SEPM Multiple Vulnerabilities CVE-2016-3652 | CVE-2016-3653 | CVE-2016-5304 |
| MyLittleForum v2.3.5 PHP Command Injection |
| Symphony CMS Session Fixation CVE-2016-4309 |
| sNews CMS Remote Command Execution CSRF / XSS |
| Oracle Orakill.exe Local Buffer Overflow |
| SimpleSAMLphp Link Injection |
| AjaxExplorer v1.10.3.2 Remote CMD Execution / CSRF / Persistent XSS |
| VMWare vSphere Web Client Flash Based Cross Site Scripting CVE-2016-2078 |
| dns_dhcp Web Interface SQL Injection |
| eXtplorer v2.1.9 Archive Path Traversal CVE-2016-4313 |
| PHPBack v1.3.0 SQL Injection |
| WPN-XM v0.8.6 Cross Site Scripting |
| WPN-XM v0.8.6 CSRF - Unauthorized MySQL / PHP.INI Tampering |
| op5 v7.1.9 Remote Command Execution |
| AbsoluteTelnet DLL Loading Vulnerability |
| Xoops 2.5.7.2 Directory Traversal Bypass |
| Xoops 2.5.7.2 CSRF - Remote Arbitrary User Deletions |
| Xoops 2.5.7.2 Weak Crypto |
| Microsoft PowerPointViewer DLL Load Vuln Code Execution |
| Coppermine 1.5.40 Weak Crypto |
| phpMyBackupPro v.2.5 Remote Code Execution / CSRF |
| phpMyBackupPro v.2.5 Unrestricted File Upload |
| phpMyBackupPro v.2.5 Cross Site Scripting |
| CyberCop Scanner Smbgrind v5.5 Local Buffer Overflow |
| dotDefender Firewall Cross Site Request Forgery Settings Tampering |
| dotDefender Firewall Vulnerable Flash XSS |
| Mezzanine CMS 4.1.0 Unrestricted File Upload |
| Mezzanine CMS 4.1.0 Cross Site Scripting |
| XMB - eXtreme Message Board v1.9.11.13 Weak Crypto |
| Java Platform SE 6 U24 HtmlConverter.exe Local Buffer Overflow |
| FTPShell Client v5.24 Local Buffer Overflow |
| AccessDiver V4.301 Local Buffer Overflow |
| phpback v1.1 Cross Site Scripting |
| ZEN-PHOTO-1.4.10 Local File Inclusion |
| ZEN-PHOTO-1.4.10 Cross Site Scripting |
| IBM i Access Buffer Overflow Code Execution CVE-2015-2023 |
| IBM i Access Buffer Overflow Denial Of Service CVE-2015-7422 |
| CF Image Host PHP Command Injection |
| b374k Web Shell CSRF Command Injection |
| Microsoft .NET Framework Elevation of Privilege CVE-2015-6099 / MS15-118 |
| TCPing 2.1.0 Local Buffer Overflow |
| PHP Server Monitor 3.1.1 Privilege Escalation |
| PHP Server Monitor 3.1.1 Cross Site Request Forgery |
| Blat.exe v2.7.6 SMTP/NNTP Mailer Local Buffer Overflow |
| Adobe Workgroup Helper Stack Buffer Overflow |
| Zope Management Interface Cross Site Request Forgery CVE-2015-7293 |
| LanWhoIs.exe 1.0.1.120 Local Stack Buffer Overflow |
| LanSpy 2.0.0.155 Local Buffer Overflow |
| MakeSFX.exe v1.44 Local Buffer Overflow |
| Git-1.9.5 ssh-agent.exe Local Buffer Overflow |
| FortiManager Multiple Cross Site Scripting CVE-2015-8037 | CVE-2015-8038 |
| Microsoft Exchange OWA Information Disclosure CVE-2015-2505 / MS15-103 |
| Openfire 3.10.2 Unrestricted File Upload |
| Openfire 3.10.2 Remote File Inclusion |
| Openfire 3.10.2 Privilege Escalation CVE-2015-7707 |
| Openfire 3.10.2 Cross Site Scripting CVE-2015-6972 |
| Openfire 3.10.2 Cross Site Request Forgery CVE-2015-6973 |
| Checkpoint IKEView NGX R60 Local Stack Buffer Overflow |
| Checkpoint IKEView Fox beta 1 Local Stack Buffer Overflow |
| JSPMySQL Administrador CVE-2015-6944 | CVE-2015-6945 |
| Trend Micro DDI Cross Site Scripting CVE-2015-2872 |
| Trend Micro DDI Authentication Bypass CVE-2015-2873 |
| PHP File Navigator Persistent & Reflected XSS |
| PHP File Navigator Privilege Escalation |
| PHP File Navigator CSRF |
| phpIPAM XSS CVE-2015-6529 |
| FortiSandbox WebUI Cross Site Scripting CVE-2015-7360 |
| PHP FileManager Remote Command Execution CVE-2015-5958 |
| Hawkeye-G Request Forgery System Tampering CVE-2015-2878 |
| Open Web Analytics Insecure Crypto, Password Disclosure & XSS |
| Symantec EP Local Denial Of Service |
| PHPLiteAdmin CSRF & XSS CVE-2015-6518 |
| Novius-OS Persistent XSS, Local File Inclusion & Open Redirect CVE-2015-5354 | CVE-2015-5353 |
| GeniXCMS XSS CVE-2015-5066 |
| MySQL Lite Administrator Cross Site Scripting CVE-2015-5064 |
| ZCMS 1.1 SQL Injection & Persistent XSS CVE-2015-7346 | CVE-2015-7347 |
| SilverStripe CMS Open Redirect & XSS CVE-2015-5063 | CVE-2015-5062 |
| Symphony CMS Cross Site Scripting CVE-2015-4661 |
| VFront CSRF & Persistent XSS |
| Enhanced SQL Portal Cross Site Scripting CVE-2015-4660 |
| Sypex Dumper Cross Site Scripting |
| JSPMyAdmin SQL Injection, CSRF & XSS |
| DbNinja Flash Based XSS |
| Webgrind XSS |
| Sidu XSS |
| SQLBuddy Local File Inclusion |
| Wing FTP Add User Request Forgery |
| Wing FTP Admin XSS |