|
2008-10-01
|
|
A4Desk Event Calendar - 'eventid' SQL Injection
|
25 |
WEB
|
r45c4l
|
|
2009-02-16
|
|
Clipbucket 1.7 - 'dwnld.php' Directory Traversal
|
26 |
WEB
|
JIKO
|
|
2009-02-10
|
|
Banking@Home 2.1 - 'login.asp' Multiple SQL Injections
|
22 |
WEB
|
Francesco Bianchino
|
|
2014-04-10
|
|
Orbit Open Ad Server 1.1.0 - SQL Injection
|
26 |
WEB
|
High-Tech Bridge SA
|
|
2014-04-10
|
|
XCloner Standalone 3.5 - Cross-Site Request Forgery
|
27 |
WEB
|
High-Tech Bridge SA
|
|
2009-02-09
|
|
Bitrix Site Manager 6/7 - Multiple Input Validation Vulnerabilities
|
28 |
WEB
|
aGGreSSor
|
|
2009-02-05
|
|
glFusion 1.1 - Anonymous Comment 'Username' HTML Injection
|
26 |
WEB
|
Bjarne Mathiesen Schacht
|
|
2009-02-09
|
|
FotoWeb 6.0 - 'Grid.fwx?search' Cross-Site Scripting
|
22 |
WEB
|
Stelios Tigkas
|
|
2009-02-09
|
|
FotoWeb 6.0 - 'Login.fwx?s' Cross-Site Scripting
|
25 |
WEB
|
Stelios Tigkas
|
|
2009-02-06
|
|
Ilch CMS 1.1 - 'HTTP_X_FORWARDED_FOR' SQL Injection
|
25 |
WEB
|
Gizmore
|
|
2009-02-04
|
|
MetaBBS 0.11 - Administration Settings Authentication Bypass
|
26 |
WEB
|
make0day
|
|
2009-02-03
|
|
Simple Machines Forum (SMF) 1.1.7 - '[url]' Tag HTML Injection
|
26 |
WEB
|
Xianur0
|
|
2009-01-30
|
|
E-PHP B2B Trading Marketplace Script - Multiple Cross-Site Scripting Vulnerabilities
|
25 |
WEB
|
SaiedHacker
|
|
2009-01-29
|
|
PerlSoft Gästebuch 1.7b - 'admincenter.cgi' Remote Command Execution
|
27 |
WEB
|
Perforin
|
|
2014-04-09
|
|
Quick.CMS 5.4 - Multiple Vulnerabilities
|
27 |
WEB
|
Shpend Kurtishaj
|
|
2009-01-28
|
|
Autonomy Ultraseek - 'cs.html' Open Redirection
|
31 |
WEB
|
buzzy
|
|
2014-04-09
|
|
csUpload Script Site - Authentication Bypass
|
28 |
WEB
|
Satanic2000
|
|
2009-01-24
|
|
NewsCMSLite - Insecure Cookie Authentication Bypass
|
29 |
WEB
|
FarhadKey
|
|
2009-01-26
|
|
OpenX 2.6.2 - 'MAX_type' Local File Inclusion
|
31 |
WEB
|
Sarid Harper
|
|
2009-01-26
|
|
Lootan - 'login.asp' SQL Injection
|
30 |
WEB
|
Arash Setayeshi
|
|
2009-01-26
|
|
ConPresso CMS 4.07 - Multiple Remote Vulnerabilities
|
29 |
WEB
|
David Vieira-Kurz
|
|
2009-01-26
|
|
LDF - 'login.asp' SQL Injection
|
34 |
WEB
|
Arash Setayeshi
|
|
2009-01-23
|
|
OBLOG - 'err.asp' Cross-Site Scripting
|
30 |
WEB
|
arash.setayeshi
|
|
2009-01-23
|
|
BBSXP 5.13 - 'error.asp' Cross-Site Scripting
|
33 |
WEB
|
arashps0
|
|
2009-01-23
|
|
PHP-Nuke Downloads Module - 'url' SQL Injection
|
32 |
WEB
|
Sina Yazdanmehr
|
|
2009-01-20
|
|
MoinMoin 1.8 - 'AttachFile.py' Cross-Site Scripting
|
26 |
WEB
|
SecureState
|
|
2009-01-20
|
|
Apache JackRabbit 1.4/1.5 Content Repository (JCR) - 'swr.jsp?q' Cross-Site Scripting
|
26 |
WEB
|
Red Hat
|
|
2009-01-20
|
|
Apache JackRabbit 1.4/1.5 Content Repository (JCR) - 'search.jsp?q' Cross-Site Scripting
|
27 |
WEB
|
Red Hat
|
|
2009-01-16
|
|
Blog Manager - 'categoryId' Cross-Site Scripting
|
32 |
WEB
|
Pouya_Server
|
|
2009-01-16
|
|
Blog Manager - 'ItemID' SQL Injection
|
28 |
WEB
|
Pouya_Server
|
|
2009-01-16
|
|
LemonLDAP:NG 0.9.3.1 - User Enumeration / Cross-Site Scripting
|
27 |
WEB
|
clément Oudot
|
|
2009-01-15
|
|
w3bcms - '/admin/index.php' SQL Injection
|
28 |
WEB
|
Pouya_Server
|
|
2009-01-15
|
|
Masir Camp 3.0 - 'SearchKeywords' SQL Injection
|
27 |
WEB
|
Pouya_Server
|
|
2009-01-15
|
|
Active Bids - 'search' SQL Injection
|
26 |
WEB
|
Pouya_Server
|
|
2009-01-15
|
|
Active Bids - 'search' Cross-Site Scripting
|
24 |
WEB
|
Pouya_Server
|
|
2009-01-15
|
|
LinksPro - 'OrderDirection' SQL Injection
|
23 |
WEB
|
Pouya_Server
|
|
2009-01-15
|
|
MKPortal 1.2.1 - '/modules/rss/handler_image.php?i' Cross-Site Scripting
|
24 |
WEB
|
waraxe
|
|
2009-01-15
|
|
MKPortal 1.2.1 - '/modules/blog/index.php' Home Template Textarea SQL Injection
|
25 |
WEB
|
waraxe
|
|
2009-01-14
|
|
Dark Age CMS 2.0 - 'login.php' SQL Injection
|
28 |
WEB
|
darkjoker
|
|
2014-04-07
|
|
XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities
|
27 |
WEB
|
hackerDesk
|
|
2009-01-12
|
|
Ovidentia 6.7.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
29 |
WEB
|
Ivan Sanchez
|
|
2009-01-12
|
|
Comersus Cart 6 - User Email and User Password Unauthorized Access
|
29 |
WEB
|
ajann
|
|
2009-01-12
|
|
Visuplay CMS - Multiple SQL Injections
|
27 |
WEB
|
Joseph Giron
|
|
2009-01-07
|
|
tadbook2 Module for XOOPS - 'open_book.php' SQL Injection
|
33 |
WEB
|
stylextra
|
|
2009-01-07
|
|
Plunet BusinessManager 4.1 - 'pagesUTF8/auftrag_job.jsp?Pfad' Direct Request Information Disclosure
|
31 |
WEB
|
Matteo Ignaccolo
|
|
2009-01-07
|
|
Plunet BusinessManager 4.1 - 'pagesUTF8/Sys_DirAnzeige.jsp?Pfad' Direct Request Information Disclosu
|
25 |
WEB
|
Matteo Ignaccolo
|
|
2009-01-07
|
|
Plunet BusinessManager 4.1 - '/pagesUTF8/auftrag_allgemeinauftrag.jsp' Multiple Cross-Site Scripting
|
23 |
WEB
|
Matteo Ignaccolo
|
|
2014-04-05
|
|
Private Photo+Video 1.1 Pro iOS - Persistent
|
30 |
WEB
|
Vulnerability-Lab
|
|
2014-04-04
|
|
WordPress Plugin XCloner 3.1.0 - Cross-Site Request Forgery
|
28 |
WEB
|
High-Tech Bridge SA
|
|
2009-01-05
|
|
SolucionXpressPro - 'main.php' SQL Injection
|
25 |
WEB
|
Ehsan_Hp200
|
|
2008-12-04
|
|
NPDS < 08.06 - Multiple Input Validation Vulnerabilities
|
29 |
WEB
|
Jean-François Leclerc
|
|
2008-12-29
|
|
Madrese-Portal - 'haber.asp' SQL Injection
|
31 |
WEB
|
Sina Yazdanmehr
|
|
2008-12-29
|
|
ViArt Shop 3.5 - 'manuals_search.php?manuals_search' Cross-Site Scripting
|
26 |
WEB
|
Xia Shing Zee
|
|
2008-12-29
|
|
Mavi Emlak - 'newDetail.asp' SQL Injection
|
30 |
WEB
|
Sina Yazdanmehr
|
|
2009-01-08
|
|
Openfire 3.6.2 - 'log.jsp' Directory Traversal
|
30 |
WEB
|
Federico Muttis
|
|
2009-01-08
|
|
Openfire 3.6.2 - 'log.jsp' Cross-Site Scripting
|
30 |
WEB
|
Federico Muttis
|
|
2009-01-08
|
|
Openfire 3.6.2 - 'user-properties.jsp' Cross-Site Scripting
|
31 |
WEB
|
Federico Muttis
|
|
2009-01-08
|
|
Openfire 3.6.2 - 'group-summary.jsp' Cross-Site Scripting
|
29 |
WEB
|
Federico Muttis
|
|
2008-12-19
|
|
PECL Alternative PHP Cache Local 3 - HTML Injection
|
28 |
WEB
|
Moritz Naumann
|
|
2008-12-18
|
|
Easysitenetwork Jokes Complete Website - 'joke.php' SQL Injection
|
28 |
WEB
|
Ehsan_Hp200
|
|
2008-12-18
|
|
DO-CMS 3.0 - 'p' Multiple SQL Injections
|
32 |
WEB
|
crash over
|
|
2014-04-03
|
|
Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0) - Unvalidated Redirects
|
28 |
WEB
|
Giuseppe D'Amore
|
|
2008-12-17
|
|
PHPcksec 0.2 - 'PHPcksec.php' Cross-Site Scripting
|
28 |
WEB
|
ahmadbady
|
|
2014-04-03
|
|
CMS Made Simple 1.11.10 - Multiple Cross-Site Scripting Vulnerabilities
|
27 |
WEB
|
Blessen Thomas
|
|
2014-04-02
|
|
Kloxo-MR 6.5.0 - Cross-Site Request Forgery
|
26 |
WEB
|
Necmettin COSKUN
|
|
2014-04-02
|
|
Kloxo 6.1.18 Stable - Cross-Site Request Forgery
|
26 |
WEB
|
Necmettin COSKUN
|
|
2014-04-02
|
|
iShare Your Moving Library 1.0 iOS - Multiple Vulnerabilities
|
28 |
WEB
|
Vulnerability-Lab
|
|
2008-12-15
|
|
Injader 2.1.1 - SQL Injection / HTML Injection
|
27 |
WEB
|
anonymous
|
|
2008-12-14
|
|
WebPhotoPro - Multiple SQL Injections
|
26 |
WEB
|
baltazar
|
|
2014-04-02
|
|
CIS Manager CMS - SQL Injection
|
25 |
WEB
|
felipe andrian
|
|
2008-12-13
|
|
ASP-DEV XM Events Diary - 'cat' SQL Injection
|
27 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Octeth Oempro 3.5.5 - Multiple SQL Injections
|
29 |
WEB
|
security curmudgeon
|
|
2008-12-11
|
|
Multiple Ad Server Solutions Products - 'logon_processing.jsp' SQL Injection
|
27 |
WEB
|
3d D3v!L
|
|
2008-12-09
|
|
Professional Download Assistant 0.1 - SQL Injection
|
27 |
WEB
|
ZoRLu
|
|
2008-12-08
|
|
PHPepperShop 1.4 - 'shop/Admin/SHOP_KONFIGURATION.php' Cross-Site Scripting
|
25 |
WEB
|
th3.r00k.ieatpork
|
|
2008-12-08
|
|
PHPepperShop 1.4 - 'shop/Admin/shop_kunden_mgmt.php' Cross-Site Scripting
|
28 |
WEB
|
th3.r00k.ieatpork
|
|
2008-12-08
|
|
PHPepperShop 1.4 - 'shop/kontakt.php' Cross-Site Scripting
|
26 |
WEB
|
th3.r00k.ieatpork
|
|
2008-12-08
|
|
PHPepperShop 1.4 - 'index.php' Cross-Site Scripting
|
28 |
WEB
|
th3.r00k.ieatpork
|
|
2008-12-08
|
|
PrestaShop 1.1 - 'order.php?PATH_INFO' Cross-Site Scripting
|
26 |
WEB
|
th3.r00k.ieatpork
|
|
2008-12-08
|
|
PrestaShop 1.1 - '/admin/login.php?PATH_INFO' Cross-Site Scripting
|
26 |
WEB
|
th3.r00k.ieatpork
|
|
2008-12-06
|
|
TWiki 4.x - 'URLPARAM' Cross-Site Scripting
|
24 |
WEB
|
Marc Schoenefeld
|
|
2008-12-06
|
|
TWiki 4.x - 'SEARCH' Remote Command Execution
|
25 |
WEB
|
Troy Bollinge
|
|
2014-04-01
|
|
Alienvault 4.5.0 - (Authenticated) SQL Injection (Metasploit)
|
24 |
WEB
|
Brandon Perry
|
|
2008-12-04
|
|
PHPSTREET WebBoard 1.0 - 'show.php' SQL Injection
|
24 |
WEB
|
CWH Underground
|
|
2008-12-04
|
|
RevSense 1.0 - SQL Injection / Cross-Site Scripting
|
23 |
WEB
|
Pouya_Server
|
|
2008-12-03
|
|
Yappa-ng - Query String Cross-Site Scripting
|
23 |
WEB
|
Pouya_Server
|
|
2008-12-03
|
|
Yappa-ng - 'index.php?album' Cross-Site Scripting
|
25 |
WEB
|
Pouya_Server
|
|
2014-04-01
|
|
Horde Webmail 5.1 - Open Redirect
|
23 |
WEB
|
felipe andrian
|
|
2008-12-02
|
|
Orkut Clone - 'profile_social.php?id' Cross-Site Scripting
|
32 |
WEB
|
d3b4g
|
|
2008-12-02
|
|
Orkut Clone - 'profile_social.php?id' SQL Injection
|
25 |
WEB
|
d3b4g
|
|
2008-12-02
|
|
Jbook - SQL Injection
|
27 |
WEB
|
Pouya_Server
|
|
2008-12-02
|
|
Z1Exchange 1.0 - 'id' Cross-Site Scripting
|
25 |
WEB
|
Pouya_Server
|
|
2008-12-02
|
|
Z1Exchange 1.0 - 'id' SQL Injection
|
27 |
WEB
|
Pouya_Server
|
|
2008-12-02
|
|
Fantastico - 'index.php' Local File Inclusion
|
28 |
WEB
|
Super-Crystal
|
|
2008-12-01
|
|
IBM Rational ClearCase 7/8 - Cross-Site Scripting
|
26 |
WEB
|
IBM
|
|
2008-12-01
|
|
Pre ASP Job Board - 'emp_login.asp' Cross-Site Scripting
|
30 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
ASP Forum Script - 'default.asp' Query String Cross-Site Scripting
|
27 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
ASP Forum Script - 'messages.asp?forum_id' Cross-Site Scripting
|
27 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
ASP Forum Script - 'new_message.asp?forum_id' Cross-Site Scripting
|
31 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
ASP Forum Script - 'messages.asp?message_id' SQL Injection
|
32 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
PHP JOBWEBSITE PRO - 'forgot.php' Cross-Site Scripting
|
30 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
PHP JOBWEBSITE PRO - 'adname' SQL Injection
|
25 |
WEB
|
Pouya_Server
|
|
2014-03-31
|
|
EMC Cloud Tiering Appliance 10.0 - XML External Entity Arbitrary File Read (Metasploit)
|
23 |
WEB
|
Brandon Perry
|
|
2014-03-31
|
|
WordPress Plugin Ajax Pagination 1.1 - Local File Inclusion
|
28 |
WEB
|
Glyn Wintle
|
|
2014-03-31
|
|
Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities
|
25 |
WEB
|
Vulnerability-Lab
|
|
2014-03-31
|
|
PhotoWIFI Lite 1.0 iOS - Multiple Vulnerabilities
|
31 |
WEB
|
Vulnerability-Lab
|
|
2008-12-01
|
|
Softbiz Classifieds Script - '/admin/index.php?msg' Cross-Site Scripting
|
30 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Softbiz Classifieds Script - '/admin/adminhome.php?msg' Cross-Site Scripting
|
27 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Softbiz Classifieds Script - 'lostpassword.php?msg' Cross-Site Scripting
|
27 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Softbiz Classifieds Script - 'gallery.php?radio' Cross-Site Scripting
|
22 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Softbiz Classifieds Script - '/advertisers/signinform.php?msg' Cross-Site Scripting
|
25 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Softbiz Classifieds Script - 'showcategory.php?radio' Cross-Site Scripting
|
27 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
CodeToad ASP Shopping Cart Script - Cross-Site Scripting
|
29 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Pre Classified Listings 1.0 - 'signup.asp' Cross-Site Scripting
|
27 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Pre Classified Listings 1.0 - 'detailad.asp' SQL Injection
|
29 |
WEB
|
Pouya_Server
|
|
2008-11-28
|
|
RakhiSoftware Shopping Cart - PHPSESSID Cookie Manipulation Full Path Disclosure
|
30 |
WEB
|
Charalambous Glafkos
|
|
2008-11-28
|
|
RakhiSoftware Shopping Cart - 'product.php' Multiple Cross-Site Scripting Vulnerabilities
|
27 |
WEB
|
Charalambous Glafkos
|
|
2008-11-29
|
|
Basic-CMS - 'q' Cross-Site Scripting
|
23 |
WEB
|
Pouya_Server
|
|
2008-11-29
|
|
Venalsur Booking Centre 2.01 - Multiple Cross-Site Scripting Vulnerabilities
|
27 |
WEB
|
Pouya_Server
|
|
2008-11-29
|
|
ParsBlogger - 'blog.asp' Cross-Site Scripting
|
29 |
WEB
|
Pouya_Server
|
|
2008-11-29
|
|
Ocean12 Mailing LisManager Gold 2.04 - 'Email' SQL Injection
|
29 |
WEB
|
Charalambous Glafkos
|
|
2008-11-29
|
|
Ocean12 (Multiple Products) - 'Admin_ID' SQL Injection
|
26 |
WEB
|
Charalambous Glafkos
|
|
2008-11-29
|
|
Ocean12 FAQ Manager Pro - 'Keyword' Cross-Site Scripting
|
30 |
WEB
|
Charalambous Glafkos
|
|
2008-11-27
|
|
AssoCIateD 1.4.4 - 'menu' Cross-Site Scripting
|
30 |
WEB
|
CWH Underground
|
|
2008-11-24
|
|
COms - 'dynamic.php' Cross-Site Scripting
|
29 |
WEB
|
Pouya_Server
|
