|
2008-08-09
|
|
Yogurt Social Network 3.2 rc1 Module for XOOPS - 'friends.php?uid' Cross-Site Scripting
|
30 |
WEB
|
Lostmon
|
|
2008-08-09
|
|
RMSOFT MiniShop 1.0 - 'search.php' Multiple Cross-Site Scripting Vulnerabilities
|
30 |
WEB
|
Lostmon
|
|
2008-08-06
|
|
PHP-Nuke Kleinanzeigen Module - 'lid' SQL Injection
|
33 |
WEB
|
Lovebug
|
|
2008-08-06
|
|
Kshop 2.22 - 'kshop_search.php' Cross-Site Scripting
|
35 |
WEB
|
Lostmon
|
|
2008-08-06
|
|
WebmasterSite (Multiple Products) - Remote Command Execution
|
30 |
WEB
|
otmorozok428
|
|
2008-08-06
|
|
Joomla! / Mambo Component com_utchat 0.2 - Multiple Remote File Inclusions
|
31 |
WEB
|
by_casper41
|
|
2008-08-06
|
|
Quate CMS 0.3.4 - Multiple Cross-Site Scripting Vulnerabilities
|
34 |
WEB
|
CraCkEr
|
|
2008-08-06
|
|
KAPhotoservice - 'search.asp?Filename' Cross-Site Scripting
|
28 |
WEB
|
by_casper41
|
|
2008-08-06
|
|
KAPhotoservice - 'order.asp?page' Cross-Site Scripting
|
34 |
WEB
|
by_casper41
|
|
2008-08-06
|
|
PHPKF-Portal 1.10 - 'anket_yonetim.php?portal_ayarlarportal_dili' Traversal Local File Inclusion
|
29 |
WEB
|
KnocKout
|
|
2008-08-06
|
|
PHPKF-Portal 1.10 - 'baslik.php?tema_dizin' Traversal Local File Inclusion
|
31 |
WEB
|
KnocKout
|
|
2008-08-06
|
|
Battle.net Clan Script 1.5.x - 'index.php' Multiple SQL Injections
|
36 |
WEB
|
Khashayar Fereidani
|
|
2008-08-06
|
|
Chupix CMS Contact Module 0.1 - 'index.php' Multiple Local File Inclusions
|
36 |
WEB
|
casper41
|
|
2008-08-05
|
|
POWERGAP ShopSystem - 's03.php' SQL Injection
|
32 |
WEB
|
Rohit Bansal
|
|
2008-08-05
|
|
Softbiz Image Gallery - 'browsecats.php?msg' Cross-Site Scripting
|
31 |
WEB
|
sl4xUz
|
|
2008-08-05
|
|
Softbiz Image Gallery - 'cleanup.php?msg' Cross-Site Scripting
|
35 |
WEB
|
sl4xUz
|
|
2008-08-05
|
|
Softbiz Image Gallery - 'changepassword.php?msg' Cross-Site Scripting
|
33 |
WEB
|
sl4xUz
|
|
2008-08-05
|
|
Softbiz Image Gallery - 'config.php?msg' Cross-Site Scripting
|
35 |
WEB
|
sl4xUz
|
|
2008-08-05
|
|
Softbiz Image Gallery - 'adminhome.php?msg' Cross-Site Scripting
|
28 |
WEB
|
sl4xUz
|
|
2008-08-05
|
|
Softbiz Image Gallery - 'image_desc.php?latest' Cross-Site Scripting
|
32 |
WEB
|
sl4xUz
|
|
2008-08-05
|
|
Softbiz Image Gallery - 'suggest_image.php' Multiple Cross-Site Scripting Vulnerabilities
|
35 |
WEB
|
sl4xUz
|
|
2008-08-05
|
|
Softbiz Image Gallery - 'images.php' Multiple Cross-Site Scripting Vulnerabilities
|
30 |
WEB
|
sl4xUz
|
|
2008-08-05
|
|
Softbiz Image Gallery - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
30 |
WEB
|
sl4xUz
|
|
2008-08-05
|
|
Crafty Syntax Live Help 2.14.6 - 'livehelp_js.php' Cross-Site Scripting
|
29 |
WEB
|
CoRSaNTuRK
|
|
2008-08-05
|
|
Pluck CMS 4.5.2 - Multiple Cross-Site Scripting Vulnerabilities
|
37 |
WEB
|
Khashayar Fereidani
|
|
2014-03-10
|
|
ownCloud 4.0.x/4.5.x - 'upload.php?Filename' Remote Code Execution
|
29 |
WEB
|
Portcullis
|
|
2014-03-10
|
|
Huawei E5331 MiFi Mobile Hotspot 21.344.11.00.414 - Multiple Vulnerabilities
|
35 |
WEB
|
SEC Consult
|
|
2014-03-10
|
|
Kentico CMS 7.0.75 - User Information Disclosure
|
32 |
WEB
|
Charlie Campbell & Lyndon Mendoza
|
|
2008-08-04
|
|
Pcshey Portal - 'kategori.asp' SQL Injection
|
28 |
WEB
|
U238
|
|
2008-08-04
|
|
UNAK-CMS 1.5 - 'connector.php' Local File Inclusion
|
30 |
WEB
|
Sina Yazdanmehr
|
|
2008-08-04
|
|
Meeting Room Booking System (MRBS) 1.2.6 - 'help.php' Cross-Site Scripting
|
31 |
WEB
|
sl4xUz
|
|
2008-08-04
|
|
Meeting Room Booking System (MRBS) 1.2.6 - 'report.php' Cross-Site Scripting
|
34 |
WEB
|
sl4xUz
|
|
2008-08-04
|
|
Meeting Room Booking System (MRBS) 1.2.6 - 'search.php' Cross-Site Scripting
|
31 |
WEB
|
sl4xUz
|
|
2008-08-04
|
|
Meeting Room Booking System (MRBS) 1.2.6 - 'month.php' Cross-Site Scripting
|
29 |
WEB
|
sl4xUz
|
|
2008-08-04
|
|
Meeting Room Booking System (MRBS) 1.2.6 - 'week.php' Cross-Site Scripting
|
32 |
WEB
|
sl4xUz
|
|
2008-08-04
|
|
Meeting Room Booking System (MRBS) 1.2.6 - 'day.php' Cross-Site Scripting
|
28 |
WEB
|
sl4xUz
|
|
2008-08-04
|
|
Keld PHP-MySQL News Script 0.7.1 - 'login.php' SQL Injection
|
27 |
WEB
|
crimsoN_Loyd9
|
|
2008-08-02
|
|
Pligg CMS 9.9.5 - 'CAPTCHA' Registration Automation Security Bypass
|
30 |
WEB
|
Micheal Brooks
|
|
2008-08-04
|
|
Homes 4 Sale - 'results.php' Cross-Site Scripting
|
34 |
WEB
|
Ghost Hacker
|
|
2008-08-01
|
|
PHP-Nuke Book Catalog Module 1.0 - 'catid' SQL Injection
|
28 |
WEB
|
H4ckCity Security Team
|
|
2008-08-01
|
|
freeForum 1.7 - 'acuparam' Cross-Site Scripting
|
32 |
WEB
|
ahmadbady
|
|
2008-07-31
|
|
common Solutions csphonebook 1.02 - 'index.php' Cross-Site Scripting
|
31 |
WEB
|
Ghost Hacker
|
|
2008-07-31
|
|
H0tturk Panel - 'gizli.php' Remote File Inclusion
|
29 |
WEB
|
U238
|
|
2014-03-09
|
|
ClipSharePro 4.1 - Local File Inclusion
|
28 |
WEB
|
Saadi Siddiqui
|
|
2008-07-30
|
|
DEV Web Management System 1.5 - Multiple Input Validation Vulnerabilities
|
29 |
WEB
|
Dr.Crash
|
|
2008-07-30
|
|
MJGUEST 6.8 - 'Guestbook.js.php' Cross-Site Scripting
|
29 |
WEB
|
DSecRG
|
|
2008-05-11
|
|
ScrewTurn Software ScrewTurn Wiki 2.0.x - 'System Log' Page HTML Injection
|
24 |
WEB
|
Portcullis
|
|
2008-07-29
|
|
MiniBB RSS 2.0 Plugin - Multiple Remote File Inclusions
|
27 |
WEB
|
Ghost Hacker
|
|
2008-07-28
|
|
Owl Intranet Engine 0.95 - 'register.php' Cross-Site Scripting
|
29 |
WEB
|
Fabian Fingerle
|
|
2008-07-28
|
|
Jamroom 3.3.8 - Cookie Authentication Bypass
|
36 |
WEB
|
GulfTech Security
|
|
2008-07-28
|
|
Web Wiz Forum 9.5 - 'admin_category_details.asp?mode' Cross-Site Scripting
|
27 |
WEB
|
CSDT
|
|
2008-07-28
|
|
Web Wiz Forum 9.5 - 'admin_group_details.asp?mode' Cross-Site Scripting
|
29 |
WEB
|
CSDT
|
|
2008-07-27
|
|
Greatclone GC Auction Platinum - 'category.php' SQL Injection
|
30 |
WEB
|
Hussin X
|
|
2008-07-26
|
|
Willoughby TriO 2.1 - SQL Injection
|
30 |
WEB
|
dun
|
|
2008-07-25
|
|
EZContents - 'minicalendar.php' Remote File Inclusion
|
25 |
WEB
|
HACKERS PAL
|
|
2014-03-07
|
|
Ajax File Manager - Directory Traversal
|
25 |
WEB
|
Eduardo Alves
|
|
2008-07-24
|
|
AtomPhotoBlog 1.15 - 'atomPhotoBlog.php' SQL Injection
|
36 |
WEB
|
Mr.SQL
|
|
2008-07-23
|
|
EMC Centera Universal Access 4.0_4735.p4 - 'Username' SQL Injection
|
36 |
WEB
|
Lars Heidelberg
|
|
2008-07-22
|
|
Pre Survey Generator - 'default.asp' SQL Injection
|
32 |
WEB
|
DreamTurk
|
|
2008-07-22
|
|
Claroline 1.8 - '/tracking/toolaccess_details.php?toolId' Cross-Site Scripting
|
30 |
WEB
|
DSecRG
|
|
2008-07-22
|
|
Claroline 1.8 - '/tracking/courseLog.php?view' Cross-Site Scripting
|
30 |
WEB
|
DSecRG
|
|
2008-07-22
|
|
Claroline 1.8 - 'user/user.php' Query String Cross-Site Scripting
|
32 |
WEB
|
DSecRG
|
|
2008-07-22
|
|
Claroline 1.8 - 'learnPath/calendar/myagenda.php' Query String Cross-Site Scripting
|
32 |
WEB
|
DSecRG
|
|
2008-07-21
|
|
AlphAdmin CMS 1.0.5_03 - 'aa_login' Cookie Authentication Bypass
|
29 |
WEB
|
Ciph3r
|
|
2008-07-21
|
|
eSyndiCat 1.6 - 'admin_lng' Cookie Authentication Bypass
|
25 |
WEB
|
Ciph3r
|
|
2008-07-21
|
|
RunCMS 1.6.1 - 'bbPath[root_theme]' Remote File Inclusion
|
29 |
WEB
|
Ciph3r
|
|
2008-07-21
|
|
RunCMS 1.6.1 - 'bbPath[path]' Remote File Inclusion
|
34 |
WEB
|
Ciph3r
|
|
2008-07-21
|
|
XOOPS 2.0.18 - '/modules/system/admin.php?fct' Cross-Site Scripting
|
27 |
WEB
|
Ciph3r
|
|
2008-07-21
|
|
XOOPS 2.0.18 - '/modules/system/admin.php?fct' Traversal Local File Inclusion
|
29 |
WEB
|
Ciph3r
|
|
2008-07-21
|
|
EasyE-Cards 3.10 - SQL Injection / Cross-Site Scripting
|
27 |
WEB
|
Dr.Crash
|
|
2008-07-21
|
|
HiFriend - 'cgi-bin/hifriend.pl' Open Email Relay
|
30 |
WEB
|
Perforin
|
|
2008-07-21
|
|
PHPKF - 'forum_duzen.php' SQL Injection
|
26 |
WEB
|
U238
|
|
2008-07-21
|
|
Flip 3.0 - 'config.php' Remote File Inclusion
|
34 |
WEB
|
Cru3l.b0y
|
|
2008-07-21
|
|
MyBlog 0.9.8 - Multiple Remote Information Disclosure Vulnerabilities
|
32 |
WEB
|
AmnPardaz Security Research Team
|
|
2008-07-21
|
|
Maran PHP Blog - 'comments.php' Cross-Site Scripting
|
29 |
WEB
|
Dr.Crash
|
|
2008-07-21
|
|
EasyPublish 3.0 - 'read' Multiple SQL Injections / Cross-Site Scripting
|
30 |
WEB
|
Dr.Crash
|
|
2008-07-21
|
|
EasyDynamicPages 3.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities
|
29 |
WEB
|
Dr.Crash
|
|
2008-07-21
|
|
EasyBookMarker 4.0 - 'ajaxp_backend.php' Cross-Site Scripting
|
31 |
WEB
|
Dr.Crash
|
|
2008-07-18
|
|
PHPFreeChat 1.1 - 'demo21_with_hardocded_urls.php' Cross-Site Scripting
|
29 |
WEB
|
ahmadbady
|
|
2008-07-18
|
|
Def_Blog 1.0.3 - 'comlook.php?article' SQL Injection
|
30 |
WEB
|
CWH Underground
|
|
2008-07-18
|
|
Def_Blog 1.0.3 - 'comaddok.php?article' SQL Injection
|
27 |
WEB
|
CWH Underground
|
|
2008-07-18
|
|
Lemon CMS 1.10 - 'browser.php' Local File Inclusion
|
27 |
WEB
|
Ciph3r
|
|
2008-07-18
|
|
CreaCMS - '/fonctions/get_liste_langue.php?cfg[base_uri_admin]' Remote File Inclusion
|
27 |
WEB
|
Ciph3r
|
|
2008-07-18
|
|
CreaCMS - '/edition_article/edition_article.php?cfg[document_uri]' Remote File Inclusion
|
30 |
WEB
|
Ciph3r
|
|
2008-07-17
|
|
Community CMS 0.1 - 'include.php' Remote File Inclusion
|
29 |
WEB
|
N3TR00T3R
|
|
2008-07-17
|
|
IBS 0.15 - 'Username' Cross-Site Scripting
|
33 |
WEB
|
Cyb3r-1sT
|
|
2014-03-05
|
|
Ilch CMS 2.0 - Persistent Cross-Site Scripting
|
25 |
WEB
|
High-Tech Bridge SA
|
|
2014-03-05
|
|
OpenDocMan 1.2.7 - Multiple Vulnerabilities
|
24 |
WEB
|
High-Tech Bridge SA
|
|
2008-07-15
|
|
Claroline 1.8.9 - '/claroline/redirector.php?url' Arbitrary Site Redirect
|
25 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'work/work.php' Cross-Site Scripting
|
28 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'wiki/wiki.php' Cross-Site Scripting
|
27 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'phpBB/viewtopic.php' Cross-Site Scripting
|
28 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'phpBB/reply.php' Cross-Site Scripting
|
29 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - '/phpBB/newtopic.php' Cross-Site Scripting
|
29 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'group/group_space.php' Cross-Site Scripting
|
28 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'exercise/exercise.php' Cross-Site Scripting
|
29 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'document/document.php' Cross-Site Scripting
|
29 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'course_description/index.php' Cross-Site Scripting
|
27 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'course/index.php' Cross-Site Scripting
|
28 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'calendar/agenda.php' Cross-Site Scripting
|
30 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'announcements/announcements.php' Cross-Site Scripting
|
23 |
WEB
|
Digital Security Research Group
|
|
2008-07-16
|
|
OpenPro 1.3.1 - 'search_wA.php' Remote File Inclusion
|
29 |
WEB
|
Ghost Hacker
|
|
2008-07-16
|
|
Evaria ECMS 1.1 - 'DOCUMENT_ROOT' Multiple Remote File Inclusions
|
32 |
WEB
|
ahmadbady
|
|
2008-07-15
|
|
WordPress Core 2.5.1 - 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities
|
23 |
WEB
|
anonymous
|
|
2008-07-14
|
|
Pubs Black Cat [The Fun] - 'browse.groups.php' SQL Injection
|
28 |
WEB
|
RMx
|
|
2008-07-11
|
|
Hudson 1.223 - 'q' Cross-Site Scripting
|
29 |
WEB
|
syniack
|
|
2008-07-11
|
|
IBM Maximo 4.1/5.2 - '/debug.jsp' HTML Injection / Information Disclosure
|
27 |
WEB
|
Deniz Cevik
|
|
2008-07-10
|
|
eSyndiCat 2.2 - 'register.php' Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
Fugitif
|
|
2014-03-03
|
|
SpagoBI 4.0 - Arbitrary Cross-Site Scripting / Arbitrary File Upload
|
28 |
WEB
|
Christian Catalano
|
|
2014-03-03
|
|
SpagoBI 4.0 - Persistent HTML Script Insertion
|
28 |
WEB
|
Christian Catalano
|
|
2014-03-03
|
|
SpagoBI 4.0 - Persistent Cross-Site Scripting
|
27 |
WEB
|
Christian Catalano
|
|
2014-03-03
|
|
couponPHP CMS 1.0 - Multiple Persistent Cross-Site Scripting / SQL Injections
|
31 |
WEB
|
LiquidWorm
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/email.list.search.php?CONFIG[includes]' Remote File Inclusion
|
26 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/prepend.php?CONFIG[includes]' Remote File Inclusion
|
26 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/cachedConfig.php?CONFIG[pear_dir]' Remote File Inclusion
|
33 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/prepend.php?CONFIG[pear_dir]' Remote File Inclusion
|
29 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/pear/File.php?CONFIG[pear_dir]' Remote File Inclusion
|
26 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/pear/Log.php?CONFIG[pear_dir]' Remote File Inclusion
|
27 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/pear/System.php?CONFIG[pear_dir]' Remote File Inclusion
|
29 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/pear/Console/Getopt.php?CONFIG[pear_dir]' Remote File Inclusion
|
28 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/pear/Mail/mimeDecode.php?CONFIG[pear_dir]' Remote File Inclusion
|
28 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/pear/XML/Tree.php?CONFIG[pear_dir]' Remote File Inclusion
|
29 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/pear/XML/parser.php?CONFIG[pear_dir]' Remote File Inclusion
|
28 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/pear/Net/Socket.php?CONFIG[pear_dir]' Remote File Inclusion
|
33 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/pear/Mail/RFC822.php?CONFIG[pear_dir]' Remote File Inclusion
|
26 |
WEB
|
CraCkEr
|
