|
2008-07-21
|
|
XOOPS 2.0.18 - '/modules/system/admin.php?fct' Traversal Local File Inclusion
|
10 |
WEB
|
Ciph3r
|
|
2008-07-21
|
|
EasyE-Cards 3.10 - SQL Injection / Cross-Site Scripting
|
8 |
WEB
|
Dr.Crash
|
|
2008-07-21
|
|
HiFriend - 'cgi-bin/hifriend.pl' Open Email Relay
|
9 |
WEB
|
Perforin
|
|
2008-07-21
|
|
PHPKF - 'forum_duzen.php' SQL Injection
|
9 |
WEB
|
U238
|
|
2008-07-21
|
|
Flip 3.0 - 'config.php' Remote File Inclusion
|
10 |
WEB
|
Cru3l.b0y
|
|
2008-07-21
|
|
MyBlog 0.9.8 - Multiple Remote Information Disclosure Vulnerabilities
|
10 |
WEB
|
AmnPardaz Security Research Team
|
|
2008-07-21
|
|
Maran PHP Blog - 'comments.php' Cross-Site Scripting
|
10 |
WEB
|
Dr.Crash
|
|
2008-07-21
|
|
EasyPublish 3.0 - 'read' Multiple SQL Injections / Cross-Site Scripting
|
10 |
WEB
|
Dr.Crash
|
|
2008-07-21
|
|
EasyDynamicPages 3.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
Dr.Crash
|
|
2008-07-21
|
|
EasyBookMarker 4.0 - 'ajaxp_backend.php' Cross-Site Scripting
|
9 |
WEB
|
Dr.Crash
|
|
2008-07-18
|
|
PHPFreeChat 1.1 - 'demo21_with_hardocded_urls.php' Cross-Site Scripting
|
9 |
WEB
|
ahmadbady
|
|
2008-07-18
|
|
Def_Blog 1.0.3 - 'comlook.php?article' SQL Injection
|
10 |
WEB
|
CWH Underground
|
|
2008-07-18
|
|
Def_Blog 1.0.3 - 'comaddok.php?article' SQL Injection
|
8 |
WEB
|
CWH Underground
|
|
2008-07-18
|
|
Lemon CMS 1.10 - 'browser.php' Local File Inclusion
|
10 |
WEB
|
Ciph3r
|
|
2008-07-18
|
|
CreaCMS - '/fonctions/get_liste_langue.php?cfg[base_uri_admin]' Remote File Inclusion
|
10 |
WEB
|
Ciph3r
|
|
2008-07-18
|
|
CreaCMS - '/edition_article/edition_article.php?cfg[document_uri]' Remote File Inclusion
|
9 |
WEB
|
Ciph3r
|
|
2008-07-17
|
|
Community CMS 0.1 - 'include.php' Remote File Inclusion
|
9 |
WEB
|
N3TR00T3R
|
|
2008-07-17
|
|
IBS 0.15 - 'Username' Cross-Site Scripting
|
9 |
WEB
|
Cyb3r-1sT
|
|
2014-03-05
|
|
Ilch CMS 2.0 - Persistent Cross-Site Scripting
|
9 |
WEB
|
High-Tech Bridge SA
|
|
2014-03-05
|
|
OpenDocMan 1.2.7 - Multiple Vulnerabilities
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2008-07-15
|
|
Claroline 1.8.9 - '/claroline/redirector.php?url' Arbitrary Site Redirect
|
10 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'work/work.php' Cross-Site Scripting
|
11 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'wiki/wiki.php' Cross-Site Scripting
|
9 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'phpBB/viewtopic.php' Cross-Site Scripting
|
11 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'phpBB/reply.php' Cross-Site Scripting
|
10 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - '/phpBB/newtopic.php' Cross-Site Scripting
|
9 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'group/group_space.php' Cross-Site Scripting
|
11 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'exercise/exercise.php' Cross-Site Scripting
|
10 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'document/document.php' Cross-Site Scripting
|
9 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'course_description/index.php' Cross-Site Scripting
|
10 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'course/index.php' Cross-Site Scripting
|
8 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'calendar/agenda.php' Cross-Site Scripting
|
9 |
WEB
|
Digital Security Research Group
|
|
2008-07-15
|
|
Claroline 1.8.9 - 'announcements/announcements.php' Cross-Site Scripting
|
8 |
WEB
|
Digital Security Research Group
|
|
2008-07-16
|
|
OpenPro 1.3.1 - 'search_wA.php' Remote File Inclusion
|
8 |
WEB
|
Ghost Hacker
|
|
2008-07-16
|
|
Evaria ECMS 1.1 - 'DOCUMENT_ROOT' Multiple Remote File Inclusions
|
9 |
WEB
|
ahmadbady
|
|
2008-07-15
|
|
WordPress Core 2.5.1 - 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
anonymous
|
|
2008-07-14
|
|
Pubs Black Cat [The Fun] - 'browse.groups.php' SQL Injection
|
10 |
WEB
|
RMx
|
|
2008-07-11
|
|
Hudson 1.223 - 'q' Cross-Site Scripting
|
9 |
WEB
|
syniack
|
|
2008-07-11
|
|
IBM Maximo 4.1/5.2 - '/debug.jsp' HTML Injection / Information Disclosure
|
9 |
WEB
|
Deniz Cevik
|
|
2008-07-10
|
|
eSyndiCat 2.2 - 'register.php' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Fugitif
|
|
2014-03-03
|
|
SpagoBI 4.0 - Arbitrary Cross-Site Scripting / Arbitrary File Upload
|
10 |
WEB
|
Christian Catalano
|
|
2014-03-03
|
|
SpagoBI 4.0 - Persistent HTML Script Insertion
|
8 |
WEB
|
Christian Catalano
|
|
2014-03-03
|
|
SpagoBI 4.0 - Persistent Cross-Site Scripting
|
10 |
WEB
|
Christian Catalano
|
|
2014-03-03
|
|
couponPHP CMS 1.0 - Multiple Persistent Cross-Site Scripting / SQL Injections
|
11 |
WEB
|
LiquidWorm
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/email.list.search.php?CONFIG[includes]' Remote File Inclusion
|
10 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/prepend.php?CONFIG[includes]' Remote File Inclusion
|
7 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/cachedConfig.php?CONFIG[pear_dir]' Remote File Inclusion
|
10 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/prepend.php?CONFIG[pear_dir]' Remote File Inclusion
|
9 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/pear/File.php?CONFIG[pear_dir]' Remote File Inclusion
|
8 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/pear/Log.php?CONFIG[pear_dir]' Remote File Inclusion
|
9 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/pear/System.php?CONFIG[pear_dir]' Remote File Inclusion
|
9 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/pear/Console/Getopt.php?CONFIG[pear_dir]' Remote File Inclusion
|
7 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/pear/Mail/mimeDecode.php?CONFIG[pear_dir]' Remote File Inclusion
|
9 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/pear/XML/Tree.php?CONFIG[pear_dir]' Remote File Inclusion
|
10 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/pear/XML/parser.php?CONFIG[pear_dir]' Remote File Inclusion
|
12 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/pear/Net/Socket.php?CONFIG[pear_dir]' Remote File Inclusion
|
11 |
WEB
|
CraCkEr
|
|
2008-07-10
|
|
V-Webmail 1.6.4 - '/includes/pear/Mail/RFC822.php?CONFIG[pear_dir]' Remote File Inclusion
|
8 |
WEB
|
CraCkEr
|
|
2008-07-09
|
|
TGS Content Management 0.3.2r2 - 'login.php' Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
Julian Rodriguez
|
|
2008-07-09
|
|
TGS Content Management 0.3.2r2 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
Julian Rodriguez
|
|
2008-07-09
|
|
Xomol CMS 1.2 - '/index.php' HTML Injection / Cross-Site Scripting
|
10 |
WEB
|
Julian Rodriguez
|
|
2008-07-09
|
|
PageFusion 1.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
Julian Rodriguez
|
|
2008-07-08
|
|
vBulletin 3.7.1 - 'admincp/faq.php?Injection adminlog.php' Cross-Site Scripting
|
12 |
WEB
|
Jessica Hope
|
|
2008-07-07
|
|
Fuzzylime (cms) 3.01 - 'blog.php' Local File Inclusion
|
9 |
WEB
|
Cod3rZ
|
|
2008-07-07
|
|
PHP-Nuke 4ndvddb 0.91 Module - 'id' SQL Injection
|
10 |
WEB
|
Lovebug
|
|
2008-07-07
|
|
Zoph 0.7.2.1 - 'search.php?_off' Cross-Site Scripting
|
13 |
WEB
|
Julian Rodriguez
|
|
2008-07-07
|
|
Zoph 0.7.2.1 - SQL Injection
|
10 |
WEB
|
Julian Rodriguez
|
|
2008-07-07
|
|
DodosMail 2.5 - 'dodosmail.php' Local File Inclusion
|
11 |
WEB
|
ahmadbady
|
|
2008-07-02
|
|
Joomla! / Mambo Component com_is 1.0.1 - Multiple SQL Injections
|
11 |
WEB
|
H-T Team
|
|
2008-06-30
|
|
FaName 1.0 - 'page.php?name' Cross-Site Scripting
|
12 |
WEB
|
Jesper Jurcenoks
|
|
2008-06-30
|
|
FaName 1.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
Jesper Jurcenoks
|
|
2008-06-30
|
|
RSS-aggregator 1.0 - Authentication Bypass
|
10 |
WEB
|
CWH Underground
|
|
2008-06-30
|
|
RSS-aggregator 1.0 - 'IdTag' SQL Injection
|
12 |
WEB
|
CWH Underground
|
|
2008-06-30
|
|
RSS-aggregator 1.0 - 'IdFlux' SQL Injection
|
14 |
WEB
|
CWH Underground
|
|
2014-03-01
|
|
Oracle Demantra 12.2.1 - Database Credentials Disclosure
|
11 |
WEB
|
Portcullis
|
|
2014-03-01
|
|
Oracle Demantra 12.2.1 - Persistent Cross-Site Scripting
|
9 |
WEB
|
Portcullis
|
|
2014-03-01
|
|
Oracle Demantra 12.2.1 - SQL Injection
|
9 |
WEB
|
Portcullis
|
|
2014-03-01
|
|
Oracle Demantra 12.2.1 - Arbitrary File Disclosure
|
8 |
WEB
|
Portcullis
|
|
2014-02-28
|
|
SpagoBI 4.0 - Privilege Escalation
|
11 |
WEB
|
Christian Catalano
|
|
2014-02-28
|
|
webERP 4.11.3 - 'SalesInquiry.php?SortBy' SQL Injection
|
10 |
WEB
|
HauntIT
|
|
2014-02-28
|
|
WordPress Plugin VideoWhisper 4.27.3 - Multiple Vulnerabilities
|
9 |
WEB
|
High-Tech Bridge SA
|
|
2014-02-28
|
|
MICROSENS Profi Line Switch 10.3.1 - Privilege Escalation
|
10 |
WEB
|
SEC Consult
|
|
2014-02-28
|
|
Plex Media Server 0.9.9.2.374-aa23a69 - Multiple Vulnerabilities
|
8 |
WEB
|
SEC Consult
|
|
2014-02-28
|
|
Webuzo 2.1.3 - Multiple Vulnerabilities
|
8 |
WEB
|
Mahendra
|
|
2008-06-26
|
|
The Rat CMS - 'viewarticle2.php?id' SQL Injection
|
9 |
WEB
|
CWH Underground
|
|
2008-06-26
|
|
The Rat CMS - 'viewarticle.php?id' SQL Injection
|
11 |
WEB
|
CWH Underground
|
|
2008-06-26
|
|
The Rat CMS - 'viewarticle2.php?id' Cross-Site Scripting
|
9 |
WEB
|
CWH Underground
|
|
2008-06-26
|
|
The Rat CMS - 'viewarticle.php' Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
CWH Underground
|
|
2014-02-28
|
|
PHP Ticket System Beta 1 - 'get_all_created_by_user.php?id' SQL Injection
|
9 |
WEB
|
HauntIT
|
|
2014-02-28
|
|
PHP-CMDB 0.7.3 - Multiple Vulnerabilities
|
9 |
WEB
|
HauntIT
|
|
2008-06-26
|
|
Commtouch Anti-Spam Enterprise Gateway - Cross-Site Scripting
|
8 |
WEB
|
Erez Metula
|
|
2014-02-27
|
|
Bluetooth Photo Share Pro 2.0 iOS - Multiple Vulnerabilities
|
11 |
WEB
|
Vulnerability-Lab
|
|
2014-02-27
|
|
GDL 4.2 - Multiple Vulnerabilities
|
9 |
WEB
|
ByEge
|
|
2008-06-23
|
|
A+ PHP Scripts News Management System 0.3 - Multiple Input Validation Vulnerabilities
|
10 |
WEB
|
CraCkEr
|
|
2008-06-23
|
|
Benja CMS 0.1 - '/admin/admin_edit_topmenu.php' Cross-Site Scripting
|
9 |
WEB
|
CWH Underground
|
|
2008-06-23
|
|
Benja CMS 0.1 - '/admin/admin_new_submenu.php' Cross-Site Scripting
|
10 |
WEB
|
CWH Underground
|
|
2008-06-23
|
|
Benja CMS 0.1 - '/admin/admin_edit_submenu.php' Cross-Site Scripting
|
8 |
WEB
|
CWH Underground
|
|
2008-06-23
|
|
Chipmunk Blog - 'cat.php' Cross-Site Scripting
|
10 |
WEB
|
sl4xUz
|
|
2008-06-23
|
|
Chipmunk Blog - 'archive.php' Cross-Site Scripting
|
9 |
WEB
|
sl4xUz
|
|
2008-06-23
|
|
Chipmunk Blog - 'photos.php' Cross-Site Scripting
|
8 |
WEB
|
sl4xUz
|
|
2008-06-23
|
|
Chipmunk Blog - 'comments.php' Cross-Site Scripting
|
11 |
WEB
|
sl4xUz
|
|
2008-06-23
|
|
Chipmunk Blog - 'members.php' Cross-Site Scripting
|
9 |
WEB
|
sl4xUz
|
|
2008-06-22
|
|
Open Digital Assets Repository System 1.0.2 - Remote File Inclusion
|
9 |
WEB
|
CraCkEr
|
|
2008-06-22
|
|
Joomla! Component EXP Shop 1.0 - SQL Injection
|
10 |
WEB
|
His0k4
|
|
2008-06-23
|
|
IDMOS 1.0 - 'site_absolute_path' Multiple Remote File Inclusions
|
9 |
WEB
|
CraCkEr
|
|
2008-06-23
|
|
PEGames - Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
CraCkEr
|
|
2008-06-21
|
|
phpAuction - 'profile.php' SQL Injection (2)
|
10 |
WEB
|
Mr.SQL
|
|
2008-06-20
|
|
GL-SH Deaf Forum 6.5.5 - Cross-Site Scripting / Arbitrary File Upload
|
10 |
WEB
|
AmnPardaz
|
|
2008-06-19
|
|
vBulletin 3.7.1 - Moderation Control Panel 'redirect' Cross-Site Scripting
|
8 |
WEB
|
Jessica Hope
|
|
2008-06-18
|
|
KEIL Software PhotoKorn 1.542 - 'index.php' SQL Injection
|
7 |
WEB
|
t@nzo0n
|
|
2008-06-17
|
|
OpenDocMan 1.x - 'out.php' Cross-Site Scripting
|
8 |
WEB
|
Sergi Rosello
|
|
2008-06-16
|
|
SimpleNotes - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
sl4xUz
|
|
2014-02-26
|
|
Piwigo 2.6.1 - Cross-Site Request Forgery
|
9 |
WEB
|
killall-9
|
|
2008-06-13
|
|
vBulletin 3.6.10/3.7.1 - 'redirect' Cross-Site Scripting
|
8 |
WEB
|
anonymous
|
|
2008-06-11
|
|
Flat Calendar 1.1 - Multiple Administrative Scripts Authentication Bypass Vulnerabilities
|
9 |
WEB
|
Crackers_Child
|
|
2008-06-11
|
|
PHPEasyData 1.5.4 - 'annuaire.php' Multiple Cross-Site Scripting Vulnerabilities
|
12 |
WEB
|
Sylvain THUAL
|
|
2008-06-11
|
|
PHPEasyData 1.5.4 - 'last_records.php?annuaire' Cross-Site Scripting
|
8 |
WEB
|
Sylvain THUAL
|
|
2008-06-11
|
|
PHPEasyData 1.5.4 - '/admin/login.php?Username' SQL Injection
|
9 |
WEB
|
Sylvain THUAL
|
|
2008-06-11
|
|
PHPEasyData 1.5.4 - 'annuaire.php?annuaire' SQL Injection
|
9 |
WEB
|
Sylvain THUAL
|
|
2008-06-10
|
|
Noticia Portal - 'detalle_noticia.php' SQL Injection
|
9 |
WEB
|
t@nzo0n
|
|
2014-02-25
|
|
Private Camera Pro 5.0 iOS - Multiple Vulnerabilities
|
11 |
WEB
|
Vulnerability-Lab
|
|
2014-02-25
|
|
Sendy 1.1.8.4 - SQL Injection
|
8 |
WEB
|
Hurley
|
|
2014-02-25
|
|
WiFiles HD 1.3 iOS - Local File Inclusion
|
9 |
WEB
|
Vulnerability-Lab
|
|
2014-02-25
|
|
Technicolor TC7200 - Credentials Disclosure
|
10 |
WEB
|
Jeroen - IT Nerdbox
|
|
2008-06-10
|
|
Hot Links SQL-PHP - Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
sl4xUz
|
|
2008-06-10
|
|
Tornado Knowledge Retrieval System 4.2 - 'p' Cross-Site Scripting
|
10 |
WEB
|
Unohope
|
