|
2008-12-01
|
|
ASP Forum Script - 'default.asp' Query String Cross-Site Scripting
|
6 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
ASP Forum Script - 'messages.asp?forum_id' Cross-Site Scripting
|
5 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
ASP Forum Script - 'new_message.asp?forum_id' Cross-Site Scripting
|
5 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
ASP Forum Script - 'messages.asp?message_id' SQL Injection
|
6 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
PHP JOBWEBSITE PRO - 'forgot.php' Cross-Site Scripting
|
6 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
PHP JOBWEBSITE PRO - 'adname' SQL Injection
|
4 |
WEB
|
Pouya_Server
|
|
2014-03-31
|
|
EMC Cloud Tiering Appliance 10.0 - XML External Entity Arbitrary File Read (Metasploit)
|
5 |
WEB
|
Brandon Perry
|
|
2014-03-31
|
|
WordPress Plugin Ajax Pagination 1.1 - Local File Inclusion
|
4 |
WEB
|
Glyn Wintle
|
|
2014-03-31
|
|
Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities
|
4 |
WEB
|
Vulnerability-Lab
|
|
2014-03-31
|
|
PhotoWIFI Lite 1.0 iOS - Multiple Vulnerabilities
|
4 |
WEB
|
Vulnerability-Lab
|
|
2008-12-01
|
|
Softbiz Classifieds Script - '/admin/index.php?msg' Cross-Site Scripting
|
4 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Softbiz Classifieds Script - '/admin/adminhome.php?msg' Cross-Site Scripting
|
5 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Softbiz Classifieds Script - 'lostpassword.php?msg' Cross-Site Scripting
|
5 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Softbiz Classifieds Script - 'gallery.php?radio' Cross-Site Scripting
|
4 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Softbiz Classifieds Script - '/advertisers/signinform.php?msg' Cross-Site Scripting
|
5 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Softbiz Classifieds Script - 'showcategory.php?radio' Cross-Site Scripting
|
4 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
CodeToad ASP Shopping Cart Script - Cross-Site Scripting
|
5 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Pre Classified Listings 1.0 - 'signup.asp' Cross-Site Scripting
|
5 |
WEB
|
Pouya_Server
|
|
2008-12-01
|
|
Pre Classified Listings 1.0 - 'detailad.asp' SQL Injection
|
5 |
WEB
|
Pouya_Server
|
|
2008-11-28
|
|
RakhiSoftware Shopping Cart - PHPSESSID Cookie Manipulation Full Path Disclosure
|
5 |
WEB
|
Charalambous Glafkos
|
|
2008-11-28
|
|
RakhiSoftware Shopping Cart - 'product.php' Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
Charalambous Glafkos
|
|
2008-11-29
|
|
Basic-CMS - 'q' Cross-Site Scripting
|
5 |
WEB
|
Pouya_Server
|
|
2008-11-29
|
|
Venalsur Booking Centre 2.01 - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Pouya_Server
|
|
2008-11-29
|
|
ParsBlogger - 'blog.asp' Cross-Site Scripting
|
6 |
WEB
|
Pouya_Server
|
|
2008-11-29
|
|
Ocean12 Mailing LisManager Gold 2.04 - 'Email' SQL Injection
|
6 |
WEB
|
Charalambous Glafkos
|
|
2008-11-29
|
|
Ocean12 (Multiple Products) - 'Admin_ID' SQL Injection
|
5 |
WEB
|
Charalambous Glafkos
|
|
2008-11-29
|
|
Ocean12 FAQ Manager Pro - 'Keyword' Cross-Site Scripting
|
5 |
WEB
|
Charalambous Glafkos
|
|
2008-11-27
|
|
AssoCIateD 1.4.4 - 'menu' Cross-Site Scripting
|
5 |
WEB
|
CWH Underground
|
|
2008-11-24
|
|
COms - 'dynamic.php' Cross-Site Scripting
|
5 |
WEB
|
Pouya_Server
|
|
2008-11-23
|
|
Pilot Group PG Roommate Finder Solution - SQL Injection
|
5 |
WEB
|
ZoRLu
|
|
2008-11-20
|
|
Softbiz Classifieds Script - Cross-Site Scripting
|
5 |
WEB
|
Vahid Ezraeil
|
|
2008-11-19
|
|
Easyedit CMS - 'news.php?intPageID' SQL Injection
|
6 |
WEB
|
d3v1l
|
|
2008-11-19
|
|
Easyedit CMS - 'page.php?intPageID' SQL Injection
|
6 |
WEB
|
d3v1l
|
|
2008-11-19
|
|
Easyedit CMS - 'subcategory.php?intSubCategoryID' SQL Injection
|
7 |
WEB
|
d3v1l
|
|
2008-11-18
|
|
Kimson CMS - 'id' Cross-Site Scripting
|
6 |
WEB
|
md.r00t
|
|
2008-11-17
|
|
BoutikOne CMS - 'search_query' Cross-Site Scripting
|
5 |
WEB
|
d3v1l
|
|
2014-03-29
|
|
ASP-Nuke 2.0.7 - 'gotourl.asp' Open Redirect
|
7 |
WEB
|
felipe andrian
|
|
2008-11-11
|
|
Sun Java System Identity Manager 6.0/7.x - Multiple Vulnerabilities
|
7 |
WEB
|
Richard Brain
|
|
2008-11-10
|
|
Dizi Portali - 'film.asp' SQL Injection
|
7 |
WEB
|
Kaan KAMIS
|
|
2008-11-10
|
|
IBM Tivoli Netcool Service Quality Manager - Cross-Site Scripting / HTML Injection
|
6 |
WEB
|
Francesco Bianchino
|
|
2008-11-08
|
|
Zeeways Shaadi Clone 2.0 - Authentication Bypass (2)
|
6 |
WEB
|
G4N0K
|
|
2008-11-09
|
|
MoinMoin 1.5.8/1.9 - Cross-Site Scripting / Information Disclosure
|
7 |
WEB
|
Xia Shing Zee
|
|
2008-11-07
|
|
TurnkeyForms Software Directory 1.0 - SQL Injection / Cross-Site Scripting
|
7 |
WEB
|
G4N0K
|
|
2008-11-06
|
|
CuteNews aj-fork - 'path' Remote File Inclusion
|
7 |
WEB
|
DeltahackingTEAM
|
|
2014-03-28
|
|
iStArtApp FileXChange 6.2 iOS - Multiple Vulnerabilities
|
6 |
WEB
|
Vulnerability-Lab
|
|
2008-11-04
|
|
DHCart 3.84 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
|
5 |
WEB
|
Lostmon
|
|
2008-11-04
|
|
firmCHANNEL Indoor & Outdoor Digital Signage 3.24 - Cross-Site Scripting
|
5 |
WEB
|
Brad Antoniewicz
|
|
2008-11-02
|
|
YourFreeWorld Downline Builder Pro - 'tr.php' SQL Injection
|
5 |
WEB
|
Hussin X
|
|
2014-03-27
|
|
Joomla! Component Kunena 3.0.4 - Persistent Cross-Site Scripting
|
5 |
WEB
|
Qoppa
|
|
2014-03-27
|
|
LinEx - Password Reset
|
5 |
WEB
|
N B Sri Harsha
|
|
2014-03-27
|
|
ePhone Disk 1.0.2 iOS - Multiple Vulnerabilities
|
6 |
WEB
|
Vulnerability-Lab
|
|
2014-03-27
|
|
Easy FileManager 1.1 iOS - Multiple Vulnerabilities
|
6 |
WEB
|
Vulnerability-Lab
|
|
2014-03-27
|
|
Lazybone Studios WiFi Music 1.0 iOS - Multiple Vulnerabilities
|
6 |
WEB
|
Vulnerability-Lab
|
|
2014-03-27
|
|
FTP Drive + HTTP 1.0.4 iOS - Code Execution
|
4 |
WEB
|
Vulnerability-Lab
|
|
2014-03-27
|
|
Dell SonicWALL EMail Security Appliance Application 7.4.5 - Multiple Vulnerabilities
|
6 |
WEB
|
Vulnerability-Lab
|
|
2008-10-31
|
|
SpitFire Photo Pro - 'pages.php' SQL Injection
|
6 |
WEB
|
Beenu Arora
|
|
2008-10-31
|
|
phpWebSite 0.9.3 - 'links.php' SQL Injection
|
7 |
WEB
|
Beenu Arora
|
|
2008-10-29
|
|
Dorsa CMS - 'Default_.aspx' Cross-Site Scripting
|
5 |
WEB
|
Pouya_Server
|
|
2008-10-29
|
|
Extrakt Framework 0.7 - 'index.php' Cross-Site Scripting
|
6 |
WEB
|
ShockShadow
|
|
2014-03-26
|
|
IBM Tealeaf CX 8.8 - Remote OS Command Injection
|
5 |
WEB
|
drone
|
|
2014-03-26
|
|
Allied Telesis AT-RG634A ADSL Broadband Router - Web Shell
|
5 |
WEB
|
Groundworks Technologies
|
|
2008-10-29
|
|
KKE Info Media Kmita Gallery - Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
cize0f
|
|
2008-10-28
|
|
KKE Info Media Kmita Catalogue 2 - 'search.php' Cross-Site Scripting
|
5 |
WEB
|
cize0f
|
|
2008-10-28
|
|
Elkagroup Image Gallery 1.0 - 'view.php' SQL Injection
|
5 |
WEB
|
G4N0K
|
|
2008-10-28
|
|
H&H Solutions WebSoccer 2.80 - 'id' SQL Injection
|
5 |
WEB
|
d3v1l
|
|
2008-10-28
|
|
H2O-CMS 3.4 - PHP Code Injection / Cookie Authentication Bypass
|
4 |
WEB
|
StAkeR
|
|
2008-10-27
|
|
Microsoft Internet Explorer 6 - ' ' Address Bar URI Spoofing
|
5 |
WEB
|
Amit Klein
|
|
2008-10-28
|
|
PHP-Nuke Nuke League Module - 'tid' Cross-Site Scripting
|
6 |
WEB
|
Ehsan_Hp200
|
|
2008-10-27
|
|
All In One 1.4 Control Panel - 'cp_polls_results.php' SQL Injection
|
5 |
WEB
|
ExSploiters
|
|
2008-10-27
|
|
bcoos 1.0.13 - 'click.php' SQL Injection
|
5 |
WEB
|
DeltahackingTEAM
|
|
2008-10-27
|
|
MyBB 1.4.2 - 'moderation.php' Cross-Site Scripting
|
5 |
WEB
|
Kellanved
|
|
2008-10-27
|
|
Tandis CMS 2.5 - 'index.php' Multiple SQL Injections
|
5 |
WEB
|
G4N0K
|
|
2008-10-27
|
|
bcoos 1.0.13 - 'common.php' Remote File Inclusion
|
5 |
WEB
|
Cru3l.b0y
|
|
2008-10-27
|
|
phpMyAdmin 3.0.1 - 'pmd_pdf.php' Cross-Site Scripting
|
5 |
WEB
|
Hadi Kiamarsi
|
|
2008-10-24
|
|
iPeGuestbook 1.7/2.0 - 'pg' Cross-Site Scripting
|
5 |
WEB
|
Ghost Hacker
|
|
2008-10-23
|
|
Adam Wright HTMLTidy 0.5 - 'html-tidy-logic.php' Cross-Site Scripting
|
5 |
WEB
|
ShockShadow
|
|
2008-10-23
|
|
ClipShare Pro 4.0 - 'fullscreen.php' Cross-Site Scripting
|
3 |
WEB
|
ShockShadow
|
|
2008-10-23
|
|
Jetbox CMS 2.1 - 'liste' Cross-Site Scripting
|
4 |
WEB
|
Omer Singer
|
|
2008-10-23
|
|
UC Gateway Investment SiteEngine 5.0 - 'announcements.php' SQL Injection
|
5 |
WEB
|
xuanmumu
|
|
2008-10-23
|
|
UC Gateway Investment SiteEngine 5.0 - 'api.php' Open Redirection
|
4 |
WEB
|
xuanmumu
|
|
2008-10-23
|
|
Osprey 1.0a4.1 - 'ListRecords.php' Multiple Remote File Inclusions
|
4 |
WEB
|
BoZKuRTSeRDaR
|
|
2014-03-26
|
|
OpenCart 1.5.6.1 - 'openbay' Multiple SQL Injections
|
6 |
WEB
|
Saadi Siddiqui
|
|
2014-03-26
|
|
InterWorx Control Panel 5.0.13 build 574 - 'xhr.php?i' SQL Injection
|
4 |
WEB
|
Eric Flokstra
|
|
2014-03-25
|
|
qEngine CMS 6.0.0 - Multiple Vulnerabilities
|
4 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Kemana Directory 1.5.6 - 'qvc_init()' Cookie Poisoning CAPTCHA Bypass
|
5 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Kemana Directory 1.5.6 - Database Backup Disclosure
|
4 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Kemana Directory 1.5.6 - 'task.php' Local File Inclusion
|
4 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Kemana Directory 1.5.6 - Remote Code Execution
|
5 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Kemana Directory 1.5.6 - kemana_admin_passwd Cookie User Password Hash Disclosure
|
4 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Cart Engine 3.0.0 - Database Backup Disclosure
|
5 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Cart Engine 3.0.0 - 'task.php' Local File Inclusion
|
5 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Cart Engine 3.0.0 - Remote Code Execution
|
4 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Getsimple CMS 3.3.1 - Persistent Cross-Site Scripting
|
4 |
WEB
|
Jeroen - IT Nerdbox
|
|
2008-10-21
|
|
Bahar Download Script 2.0 - 'aspkat.asp' SQL Injection
|
4 |
WEB
|
CyberGrup Lojistik
|
|
2008-10-21
|
|
PHPhotoGallery 0.92 - 'index.php' SQL Injection
|
4 |
WEB
|
KnocKout
|
|
2008-10-21
|
|
Dizi Portali - 'diziler.asp' SQL Injection
|
4 |
WEB
|
CyberGrup Lojistik
|
|
2008-10-20
|
|
PHP-Nuke Sarkilar Module - 'id' SQL Injection
|
3 |
WEB
|
r45c4l
|
|
2008-10-20
|
|
Jetbox CMS 2.1 - '/admin/cms/nav.php?nav_id' SQL Injection
|
4 |
WEB
|
Omer Singer
|
|
2008-10-20
|
|
Jetbox CMS 2.1 - '/admin/cms/images.php?orderby' SQL Injection
|
5 |
WEB
|
Omer Singer
|
|
2008-10-17
|
|
FlashChat - 'connection.php' Role Filter Security Bypass
|
5 |
WEB
|
eLiSiA
|
|
2008-10-16
|
|
Habari 0.5.1 - 'habari_username' Cross-Site Scripting
|
5 |
WEB
|
faithlove
|
|
2008-10-14
|
|
SweetCMS 1.5.2 - 'index.php' SQL Injection
|
6 |
WEB
|
Dapirates
|
|
2008-10-14
|
|
Elxis CMS 2008.1 - PHPSESSID Variable Session Fixation
|
5 |
WEB
|
faithlove
|
|
2008-10-14
|
|
Elxis CMS 2008.1 - '/modules/mod_language.php' Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
faithlove
|
|
2008-10-14
|
|
Webscene eCommerce - 'productlist.php' SQL Injection
|
5 |
WEB
|
Angela Chang
|
|
2008-10-13
|
|
ASP Indir Iltaweb Alisveris Sistemi - 'xurunler.asp' SQL Injection
|
4 |
WEB
|
tRoot
|
|
2014-03-24
|
|
BigDump 0.35b - Arbitrary File Upload
|
4 |
WEB
|
felipe andrian
|
|
2008-10-11
|
|
EEB-CMS 0.95 - 'index.php' Cross-Site Scripting
|
6 |
WEB
|
d3v1l
|
|
2008-10-11
|
|
Joomla! Component com_jeux - 'id' SQL Injection
|
5 |
WEB
|
H!tm@N
|
|
2008-10-08
|
|
DFFFrameworkAPI - 'DFF_config[dir_include]' Multiple Remote File Inclusions
|
5 |
WEB
|
GoLd_M
|
|
2008-10-08
|
|
Opera Web Browser 8.51 - URI redirection Remote Code Execution
|
5 |
WEB
|
MATASANOS
|
|
2008-10-06
|
|
PHP Web Explorer 0.99b - 'edit.php?File' Traversal Local File Inclusion
|
5 |
WEB
|
Pepelux
|
|
2008-10-06
|
|
PHP Web Explorer 0.99b - 'main.php?refer' Traversal Local File Inclusion
|
4 |
WEB
|
Pepelux
|
|
2008-10-06
|
|
Simple Machines Forum (SMF) 1.1.6 - 'POST' Filter Security Bypass
|
5 |
WEB
|
WHK
|
|
2008-10-03
|
|
AmpJuke 0.7.5 - 'index.php' SQL Injection
|
5 |
WEB
|
S_DLA_S
|
|
2008-10-05
|
|
VeriSign Kontiki Delivery Management System 5.0 - 'action' Cross-Site Scripting
|
7 |
WEB
|
Mazin Faour
|
|
2008-10-03
|
|
Website Directory - 'index.php' Cross-Site Scripting
|
5 |
WEB
|
Ghost Hacker
|
|
2008-10-02
|
|
Dreamcost HostAdmin 3.1 - 'index.php' Cross-Site Scripting
|
5 |
WEB
|
Am!r
|
|
2008-10-01
|
|
WikyBlog 1.7.1 - Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
Omer Singer
|
|
2008-10-01
|
|
H-Sphere WebShell 4.3.10 - 'actions.php' Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
C1c4Tr1Z
|
|
2008-10-01
|
|
Celoxis - Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
teuquooch1seero
|
|
2008-09-30
|
|
A4Desk Event Calendar - 'v' Remote File Inclusion
|
5 |
WEB
|
Lo$er
|
|
2008-09-29
|
|
WordPress MU 1.2/1.3 - '/wp-admin/wpmu-blogs.php' Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
Juan Galiana Lara
|
|
2008-09-29
|
|
CAcert - 'analyse.php' Cross-Site Scripting
|
5 |
WEB
|
Alexander Klink
|
|
2008-09-29
|
|
PHPJabbers Post Comments 3.0 - Cookie Authentication Bypass
|
5 |
WEB
|
Crackers_Child
|
