|
2008-12-08
|
|
PHPepperShop 1.4 - 'shop/Admin/shop_kunden_mgmt.php' Cross-Site Scripting
|
9 |
WEB
|
th3.r00k.ieatpork
|
|
2008-12-08
|
|
PHPepperShop 1.4 - 'shop/kontakt.php' Cross-Site Scripting
|
9 |
WEB
|
th3.r00k.ieatpork
|
|
2008-12-08
|
|
PHPepperShop 1.4 - 'index.php' Cross-Site Scripting
|
9 |
WEB
|
th3.r00k.ieatpork
|
|
2008-12-08
|
|
PrestaShop 1.1 - 'order.php?PATH_INFO' Cross-Site Scripting
|
9 |
WEB
|
th3.r00k.ieatpork
|
|
2008-12-08
|
|
PrestaShop 1.1 - '/admin/login.php?PATH_INFO' Cross-Site Scripting
|
7 |
WEB
|
th3.r00k.ieatpork
|
|
2008-12-06
|
|
TWiki 4.x - 'URLPARAM' Cross-Site Scripting
|
8 |
WEB
|
Marc Schoenefeld
|
|
2008-12-06
|
|
TWiki 4.x - 'SEARCH' Remote Command Execution
|
8 |
WEB
|
Troy Bollinge
|
|
2014-04-01
|
|
Alienvault 4.5.0 - (Authenticated) SQL Injection (Metasploit)
|
8 |
WEB
|
Brandon Perry
|
|
2008-12-04
|
|
PHPSTREET WebBoard 1.0 - 'show.php' SQL Injection
|
8 |
WEB
|
CWH Underground
|
|
2008-12-04
|
|
RevSense 1.0 - SQL Injection / Cross-Site Scripting
|
8 |
WEB
|
Pouya_Server
|
|
2008-12-03
|
|
Yappa-ng - Query String Cross-Site Scripting
|
8 |
WEB
|
Pouya_Server
|
|
2008-12-03
|
|
Yappa-ng - 'index.php?album' Cross-Site Scripting
|
9 |
WEB
|
Pouya_Server
|
|
2014-04-01
|
|
Horde Webmail 5.1 - Open Redirect
|
8 |
WEB
|
felipe andrian
|
|
2008-12-02
|
|
Orkut Clone - 'profile_social.php?id' Cross-Site Scripting
|
9 |
WEB
|
d3b4g
|
|
2008-12-02
|
|
Orkut Clone - 'profile_social.php?id' SQL Injection
|
8 |
WEB
|
d3b4g
|
|
2008-12-02
|
|
Jbook - SQL Injection
|
8 |
WEB
|
Pouya_Server
|
|
2008-12-02
|
|
Z1Exchange 1.0 - 'id' Cross-Site Scripting
|
8 |
WEB
|
Pouya_Server
|
|
2008-12-02
|
|
Z1Exchange 1.0 - 'id' SQL Injection
|
9 |
WEB
|
Pouya_Server
|
|
2008-12-02
|
|
Fantastico - 'index.php' Local File Inclusion
|
8 |
WEB
|
Super-Crystal
|
|
2008-12-01
|
|
IBM Rational ClearCase 7/8 - Cross-Site Scripting
|
8 |
WEB
|
IBM
|
|
2008-12-01
|
|
Pre ASP Job Board - 'emp_login.asp' Cross-Site Scripting
|
9 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
ASP Forum Script - 'default.asp' Query String Cross-Site Scripting
|
12 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
ASP Forum Script - 'messages.asp?forum_id' Cross-Site Scripting
|
8 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
ASP Forum Script - 'new_message.asp?forum_id' Cross-Site Scripting
|
9 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
ASP Forum Script - 'messages.asp?message_id' SQL Injection
|
10 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
PHP JOBWEBSITE PRO - 'forgot.php' Cross-Site Scripting
|
11 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
PHP JOBWEBSITE PRO - 'adname' SQL Injection
|
7 |
WEB
|
Pouya_Server
|
|
2014-03-31
|
|
EMC Cloud Tiering Appliance 10.0 - XML External Entity Arbitrary File Read (Metasploit)
|
7 |
WEB
|
Brandon Perry
|
|
2014-03-31
|
|
WordPress Plugin Ajax Pagination 1.1 - Local File Inclusion
|
9 |
WEB
|
Glyn Wintle
|
|
2014-03-31
|
|
Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities
|
9 |
WEB
|
Vulnerability-Lab
|
|
2014-03-31
|
|
PhotoWIFI Lite 1.0 iOS - Multiple Vulnerabilities
|
7 |
WEB
|
Vulnerability-Lab
|
|
2008-12-01
|
|
Softbiz Classifieds Script - '/admin/index.php?msg' Cross-Site Scripting
|
8 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Softbiz Classifieds Script - '/admin/adminhome.php?msg' Cross-Site Scripting
|
8 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Softbiz Classifieds Script - 'lostpassword.php?msg' Cross-Site Scripting
|
8 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Softbiz Classifieds Script - 'gallery.php?radio' Cross-Site Scripting
|
8 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Softbiz Classifieds Script - '/advertisers/signinform.php?msg' Cross-Site Scripting
|
9 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Softbiz Classifieds Script - 'showcategory.php?radio' Cross-Site Scripting
|
8 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
CodeToad ASP Shopping Cart Script - Cross-Site Scripting
|
8 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Pre Classified Listings 1.0 - 'signup.asp' Cross-Site Scripting
|
9 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Pre Classified Listings 1.0 - 'detailad.asp' SQL Injection
|
10 |
WEB
|
Pouya_Server
|
|
2008-11-28
|
|
RakhiSoftware Shopping Cart - PHPSESSID Cookie Manipulation Full Path Disclosure
|
10 |
WEB
|
Charalambous Glafkos
|
|
2008-11-28
|
|
RakhiSoftware Shopping Cart - 'product.php' Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
Charalambous Glafkos
|
|
2008-11-29
|
|
Basic-CMS - 'q' Cross-Site Scripting
|
10 |
WEB
|
Pouya_Server
|
|
2008-11-29
|
|
Venalsur Booking Centre 2.01 - Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Pouya_Server
|
|
2008-11-29
|
|
ParsBlogger - 'blog.asp' Cross-Site Scripting
|
9 |
WEB
|
Pouya_Server
|
|
2008-11-29
|
|
Ocean12 Mailing LisManager Gold 2.04 - 'Email' SQL Injection
|
9 |
WEB
|
Charalambous Glafkos
|
|
2008-11-29
|
|
Ocean12 (Multiple Products) - 'Admin_ID' SQL Injection
|
9 |
WEB
|
Charalambous Glafkos
|
|
2008-11-29
|
|
Ocean12 FAQ Manager Pro - 'Keyword' Cross-Site Scripting
|
10 |
WEB
|
Charalambous Glafkos
|
|
2008-11-27
|
|
AssoCIateD 1.4.4 - 'menu' Cross-Site Scripting
|
11 |
WEB
|
CWH Underground
|
|
2008-11-24
|
|
COms - 'dynamic.php' Cross-Site Scripting
|
9 |
WEB
|
Pouya_Server
|
|
2008-11-23
|
|
Pilot Group PG Roommate Finder Solution - SQL Injection
|
11 |
WEB
|
ZoRLu
|
|
2008-11-20
|
|
Softbiz Classifieds Script - Cross-Site Scripting
|
12 |
WEB
|
Vahid Ezraeil
|
|
2008-11-19
|
|
Easyedit CMS - 'news.php?intPageID' SQL Injection
|
12 |
WEB
|
d3v1l
|
|
2008-11-19
|
|
Easyedit CMS - 'page.php?intPageID' SQL Injection
|
12 |
WEB
|
d3v1l
|
|
2008-11-19
|
|
Easyedit CMS - 'subcategory.php?intSubCategoryID' SQL Injection
|
13 |
WEB
|
d3v1l
|
|
2008-11-18
|
|
Kimson CMS - 'id' Cross-Site Scripting
|
12 |
WEB
|
md.r00t
|
|
2008-11-17
|
|
BoutikOne CMS - 'search_query' Cross-Site Scripting
|
10 |
WEB
|
d3v1l
|
|
2014-03-29
|
|
ASP-Nuke 2.0.7 - 'gotourl.asp' Open Redirect
|
12 |
WEB
|
felipe andrian
|
|
2008-11-11
|
|
Sun Java System Identity Manager 6.0/7.x - Multiple Vulnerabilities
|
12 |
WEB
|
Richard Brain
|
|
2008-11-10
|
|
Dizi Portali - 'film.asp' SQL Injection
|
13 |
WEB
|
Kaan KAMIS
|
|
2008-11-10
|
|
IBM Tivoli Netcool Service Quality Manager - Cross-Site Scripting / HTML Injection
|
12 |
WEB
|
Francesco Bianchino
|
|
2008-11-08
|
|
Zeeways Shaadi Clone 2.0 - Authentication Bypass (2)
|
11 |
WEB
|
G4N0K
|
|
2008-11-09
|
|
MoinMoin 1.5.8/1.9 - Cross-Site Scripting / Information Disclosure
|
13 |
WEB
|
Xia Shing Zee
|
|
2008-11-07
|
|
TurnkeyForms Software Directory 1.0 - SQL Injection / Cross-Site Scripting
|
13 |
WEB
|
G4N0K
|
|
2008-11-06
|
|
CuteNews aj-fork - 'path' Remote File Inclusion
|
14 |
WEB
|
DeltahackingTEAM
|
|
2014-03-28
|
|
iStArtApp FileXChange 6.2 iOS - Multiple Vulnerabilities
|
12 |
WEB
|
Vulnerability-Lab
|
|
2008-11-04
|
|
DHCart 3.84 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
|
11 |
WEB
|
Lostmon
|
|
2008-11-04
|
|
firmCHANNEL Indoor & Outdoor Digital Signage 3.24 - Cross-Site Scripting
|
10 |
WEB
|
Brad Antoniewicz
|
|
2008-11-02
|
|
YourFreeWorld Downline Builder Pro - 'tr.php' SQL Injection
|
11 |
WEB
|
Hussin X
|
|
2014-03-27
|
|
Joomla! Component Kunena 3.0.4 - Persistent Cross-Site Scripting
|
9 |
WEB
|
Qoppa
|
|
2014-03-27
|
|
LinEx - Password Reset
|
9 |
WEB
|
N B Sri Harsha
|
|
2014-03-27
|
|
ePhone Disk 1.0.2 iOS - Multiple Vulnerabilities
|
11 |
WEB
|
Vulnerability-Lab
|
|
2014-03-27
|
|
Easy FileManager 1.1 iOS - Multiple Vulnerabilities
|
12 |
WEB
|
Vulnerability-Lab
|
|
2014-03-27
|
|
Lazybone Studios WiFi Music 1.0 iOS - Multiple Vulnerabilities
|
11 |
WEB
|
Vulnerability-Lab
|
|
2014-03-27
|
|
FTP Drive + HTTP 1.0.4 iOS - Code Execution
|
9 |
WEB
|
Vulnerability-Lab
|
|
2014-03-27
|
|
Dell SonicWALL EMail Security Appliance Application 7.4.5 - Multiple Vulnerabilities
|
12 |
WEB
|
Vulnerability-Lab
|
|
2008-10-31
|
|
SpitFire Photo Pro - 'pages.php' SQL Injection
|
11 |
WEB
|
Beenu Arora
|
|
2008-10-31
|
|
phpWebSite 0.9.3 - 'links.php' SQL Injection
|
10 |
WEB
|
Beenu Arora
|
|
2008-10-29
|
|
Dorsa CMS - 'Default_.aspx' Cross-Site Scripting
|
10 |
WEB
|
Pouya_Server
|
|
2008-10-29
|
|
Extrakt Framework 0.7 - 'index.php' Cross-Site Scripting
|
11 |
WEB
|
ShockShadow
|
|
2014-03-26
|
|
IBM Tealeaf CX 8.8 - Remote OS Command Injection
|
10 |
WEB
|
drone
|
|
2014-03-26
|
|
Allied Telesis AT-RG634A ADSL Broadband Router - Web Shell
|
9 |
WEB
|
Groundworks Technologies
|
|
2008-10-29
|
|
KKE Info Media Kmita Gallery - Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
cize0f
|
|
2008-10-28
|
|
KKE Info Media Kmita Catalogue 2 - 'search.php' Cross-Site Scripting
|
11 |
WEB
|
cize0f
|
|
2008-10-28
|
|
Elkagroup Image Gallery 1.0 - 'view.php' SQL Injection
|
10 |
WEB
|
G4N0K
|
|
2008-10-28
|
|
H&H Solutions WebSoccer 2.80 - 'id' SQL Injection
|
11 |
WEB
|
d3v1l
|
|
2008-10-28
|
|
H2O-CMS 3.4 - PHP Code Injection / Cookie Authentication Bypass
|
9 |
WEB
|
StAkeR
|
|
2008-10-27
|
|
Microsoft Internet Explorer 6 - ' ' Address Bar URI Spoofing
|
10 |
WEB
|
Amit Klein
|
|
2008-10-28
|
|
PHP-Nuke Nuke League Module - 'tid' Cross-Site Scripting
|
12 |
WEB
|
Ehsan_Hp200
|
|
2008-10-27
|
|
All In One 1.4 Control Panel - 'cp_polls_results.php' SQL Injection
|
9 |
WEB
|
ExSploiters
|
|
2008-10-27
|
|
bcoos 1.0.13 - 'click.php' SQL Injection
|
10 |
WEB
|
DeltahackingTEAM
|
|
2008-10-27
|
|
MyBB 1.4.2 - 'moderation.php' Cross-Site Scripting
|
10 |
WEB
|
Kellanved
|
|
2008-10-27
|
|
Tandis CMS 2.5 - 'index.php' Multiple SQL Injections
|
10 |
WEB
|
G4N0K
|
|
2008-10-27
|
|
bcoos 1.0.13 - 'common.php' Remote File Inclusion
|
10 |
WEB
|
Cru3l.b0y
|
|
2008-10-27
|
|
phpMyAdmin 3.0.1 - 'pmd_pdf.php' Cross-Site Scripting
|
10 |
WEB
|
Hadi Kiamarsi
|
|
2008-10-24
|
|
iPeGuestbook 1.7/2.0 - 'pg' Cross-Site Scripting
|
10 |
WEB
|
Ghost Hacker
|
|
2008-10-23
|
|
Adam Wright HTMLTidy 0.5 - 'html-tidy-logic.php' Cross-Site Scripting
|
11 |
WEB
|
ShockShadow
|
|
2008-10-23
|
|
ClipShare Pro 4.0 - 'fullscreen.php' Cross-Site Scripting
|
9 |
WEB
|
ShockShadow
|
|
2008-10-23
|
|
Jetbox CMS 2.1 - 'liste' Cross-Site Scripting
|
9 |
WEB
|
Omer Singer
|
|
2008-10-23
|
|
UC Gateway Investment SiteEngine 5.0 - 'announcements.php' SQL Injection
|
11 |
WEB
|
xuanmumu
|
|
2008-10-23
|
|
UC Gateway Investment SiteEngine 5.0 - 'api.php' Open Redirection
|
9 |
WEB
|
xuanmumu
|
|
2008-10-23
|
|
Osprey 1.0a4.1 - 'ListRecords.php' Multiple Remote File Inclusions
|
8 |
WEB
|
BoZKuRTSeRDaR
|
|
2014-03-26
|
|
OpenCart 1.5.6.1 - 'openbay' Multiple SQL Injections
|
11 |
WEB
|
Saadi Siddiqui
|
|
2014-03-26
|
|
InterWorx Control Panel 5.0.13 build 574 - 'xhr.php?i' SQL Injection
|
10 |
WEB
|
Eric Flokstra
|
|
2014-03-25
|
|
qEngine CMS 6.0.0 - Multiple Vulnerabilities
|
9 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Kemana Directory 1.5.6 - 'qvc_init()' Cookie Poisoning CAPTCHA Bypass
|
11 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Kemana Directory 1.5.6 - Database Backup Disclosure
|
10 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Kemana Directory 1.5.6 - 'task.php' Local File Inclusion
|
10 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Kemana Directory 1.5.6 - Remote Code Execution
|
11 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Kemana Directory 1.5.6 - kemana_admin_passwd Cookie User Password Hash Disclosure
|
9 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Cart Engine 3.0.0 - Database Backup Disclosure
|
10 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Cart Engine 3.0.0 - 'task.php' Local File Inclusion
|
10 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Cart Engine 3.0.0 - Remote Code Execution
|
10 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Getsimple CMS 3.3.1 - Persistent Cross-Site Scripting
|
7 |
WEB
|
Jeroen - IT Nerdbox
|
|
2008-10-21
|
|
Bahar Download Script 2.0 - 'aspkat.asp' SQL Injection
|
8 |
WEB
|
CyberGrup Lojistik
|
|
2008-10-21
|
|
PHPhotoGallery 0.92 - 'index.php' SQL Injection
|
8 |
WEB
|
KnocKout
|
|
2008-10-21
|
|
Dizi Portali - 'diziler.asp' SQL Injection
|
9 |
WEB
|
CyberGrup Lojistik
|
|
2008-10-20
|
|
PHP-Nuke Sarkilar Module - 'id' SQL Injection
|
8 |
WEB
|
r45c4l
|
|
2008-10-20
|
|
Jetbox CMS 2.1 - '/admin/cms/nav.php?nav_id' SQL Injection
|
9 |
WEB
|
Omer Singer
|
|
2008-10-20
|
|
Jetbox CMS 2.1 - '/admin/cms/images.php?orderby' SQL Injection
|
9 |
WEB
|
Omer Singer
|
|
2008-10-17
|
|
FlashChat - 'connection.php' Role Filter Security Bypass
|
10 |
WEB
|
eLiSiA
|
|
2008-10-16
|
|
Habari 0.5.1 - 'habari_username' Cross-Site Scripting
|
10 |
WEB
|
faithlove
|
|
2008-10-14
|
|
SweetCMS 1.5.2 - 'index.php' SQL Injection
|
9 |
WEB
|
Dapirates
|
|
2008-10-14
|
|
Elxis CMS 2008.1 - PHPSESSID Variable Session Fixation
|
7 |
WEB
|
faithlove
|
|
2008-10-14
|
|
Elxis CMS 2008.1 - '/modules/mod_language.php' Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
faithlove
|
