|
2008-07-07
|
|
Zoph 0.7.2.1 - 'search.php?_off' Cross-Site Scripting
|
28 |
WEB
|
Julian Rodriguez
|
|
2008-07-07
|
|
Zoph 0.7.2.1 - SQL Injection
|
25 |
WEB
|
Julian Rodriguez
|
|
2008-07-07
|
|
DodosMail 2.5 - 'dodosmail.php' Local File Inclusion
|
26 |
WEB
|
ahmadbady
|
|
2008-07-02
|
|
Joomla! / Mambo Component com_is 1.0.1 - Multiple SQL Injections
|
27 |
WEB
|
H-T Team
|
|
2008-06-30
|
|
FaName 1.0 - 'page.php?name' Cross-Site Scripting
|
27 |
WEB
|
Jesper Jurcenoks
|
|
2008-06-30
|
|
FaName 1.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
26 |
WEB
|
Jesper Jurcenoks
|
|
2008-06-30
|
|
RSS-aggregator 1.0 - Authentication Bypass
|
31 |
WEB
|
CWH Underground
|
|
2008-06-30
|
|
RSS-aggregator 1.0 - 'IdTag' SQL Injection
|
26 |
WEB
|
CWH Underground
|
|
2008-06-30
|
|
RSS-aggregator 1.0 - 'IdFlux' SQL Injection
|
34 |
WEB
|
CWH Underground
|
|
2014-03-01
|
|
Oracle Demantra 12.2.1 - Database Credentials Disclosure
|
28 |
WEB
|
Portcullis
|
|
2014-03-01
|
|
Oracle Demantra 12.2.1 - Persistent Cross-Site Scripting
|
24 |
WEB
|
Portcullis
|
|
2014-03-01
|
|
Oracle Demantra 12.2.1 - SQL Injection
|
33 |
WEB
|
Portcullis
|
|
2014-03-01
|
|
Oracle Demantra 12.2.1 - Arbitrary File Disclosure
|
20 |
WEB
|
Portcullis
|
|
2014-02-28
|
|
SpagoBI 4.0 - Privilege Escalation
|
30 |
WEB
|
Christian Catalano
|
|
2014-02-28
|
|
webERP 4.11.3 - 'SalesInquiry.php?SortBy' SQL Injection
|
25 |
WEB
|
HauntIT
|
|
2014-02-28
|
|
WordPress Plugin VideoWhisper 4.27.3 - Multiple Vulnerabilities
|
31 |
WEB
|
High-Tech Bridge SA
|
|
2014-02-28
|
|
MICROSENS Profi Line Switch 10.3.1 - Privilege Escalation
|
29 |
WEB
|
SEC Consult
|
|
2014-02-28
|
|
Plex Media Server 0.9.9.2.374-aa23a69 - Multiple Vulnerabilities
|
24 |
WEB
|
SEC Consult
|
|
2014-02-28
|
|
Webuzo 2.1.3 - Multiple Vulnerabilities
|
20 |
WEB
|
Mahendra
|
|
2008-06-26
|
|
The Rat CMS - 'viewarticle2.php?id' SQL Injection
|
20 |
WEB
|
CWH Underground
|
|
2008-06-26
|
|
The Rat CMS - 'viewarticle.php?id' SQL Injection
|
26 |
WEB
|
CWH Underground
|
|
2008-06-26
|
|
The Rat CMS - 'viewarticle2.php?id' Cross-Site Scripting
|
28 |
WEB
|
CWH Underground
|
|
2008-06-26
|
|
The Rat CMS - 'viewarticle.php' Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
CWH Underground
|
|
2014-02-28
|
|
PHP Ticket System Beta 1 - 'get_all_created_by_user.php?id' SQL Injection
|
22 |
WEB
|
HauntIT
|
|
2014-02-28
|
|
PHP-CMDB 0.7.3 - Multiple Vulnerabilities
|
24 |
WEB
|
HauntIT
|
|
2008-06-26
|
|
Commtouch Anti-Spam Enterprise Gateway - Cross-Site Scripting
|
24 |
WEB
|
Erez Metula
|
|
2014-02-27
|
|
Bluetooth Photo Share Pro 2.0 iOS - Multiple Vulnerabilities
|
27 |
WEB
|
Vulnerability-Lab
|
|
2014-02-27
|
|
GDL 4.2 - Multiple Vulnerabilities
|
27 |
WEB
|
ByEge
|
|
2008-06-23
|
|
A+ PHP Scripts News Management System 0.3 - Multiple Input Validation Vulnerabilities
|
24 |
WEB
|
CraCkEr
|
|
2008-06-23
|
|
Benja CMS 0.1 - '/admin/admin_edit_topmenu.php' Cross-Site Scripting
|
29 |
WEB
|
CWH Underground
|
|
2008-06-23
|
|
Benja CMS 0.1 - '/admin/admin_new_submenu.php' Cross-Site Scripting
|
22 |
WEB
|
CWH Underground
|
|
2008-06-23
|
|
Benja CMS 0.1 - '/admin/admin_edit_submenu.php' Cross-Site Scripting
|
20 |
WEB
|
CWH Underground
|
|
2008-06-23
|
|
Chipmunk Blog - 'cat.php' Cross-Site Scripting
|
22 |
WEB
|
sl4xUz
|
|
2008-06-23
|
|
Chipmunk Blog - 'archive.php' Cross-Site Scripting
|
20 |
WEB
|
sl4xUz
|
|
2008-06-23
|
|
Chipmunk Blog - 'photos.php' Cross-Site Scripting
|
20 |
WEB
|
sl4xUz
|
|
2008-06-23
|
|
Chipmunk Blog - 'comments.php' Cross-Site Scripting
|
29 |
WEB
|
sl4xUz
|
|
2008-06-23
|
|
Chipmunk Blog - 'members.php' Cross-Site Scripting
|
22 |
WEB
|
sl4xUz
|
|
2008-06-22
|
|
Open Digital Assets Repository System 1.0.2 - Remote File Inclusion
|
22 |
WEB
|
CraCkEr
|
|
2008-06-22
|
|
Joomla! Component EXP Shop 1.0 - SQL Injection
|
26 |
WEB
|
His0k4
|
|
2008-06-23
|
|
IDMOS 1.0 - 'site_absolute_path' Multiple Remote File Inclusions
|
22 |
WEB
|
CraCkEr
|
|
2008-06-23
|
|
PEGames - Multiple Cross-Site Scripting Vulnerabilities
|
29 |
WEB
|
CraCkEr
|
|
2008-06-21
|
|
phpAuction - 'profile.php' SQL Injection (2)
|
25 |
WEB
|
Mr.SQL
|
|
2008-06-20
|
|
GL-SH Deaf Forum 6.5.5 - Cross-Site Scripting / Arbitrary File Upload
|
24 |
WEB
|
AmnPardaz
|
|
2008-06-19
|
|
vBulletin 3.7.1 - Moderation Control Panel 'redirect' Cross-Site Scripting
|
25 |
WEB
|
Jessica Hope
|
|
2008-06-18
|
|
KEIL Software PhotoKorn 1.542 - 'index.php' SQL Injection
|
21 |
WEB
|
t@nzo0n
|
|
2008-06-17
|
|
OpenDocMan 1.x - 'out.php' Cross-Site Scripting
|
25 |
WEB
|
Sergi Rosello
|
|
2008-06-16
|
|
SimpleNotes - Multiple Cross-Site Scripting Vulnerabilities
|
24 |
WEB
|
sl4xUz
|
|
2014-02-26
|
|
Piwigo 2.6.1 - Cross-Site Request Forgery
|
22 |
WEB
|
killall-9
|
|
2008-06-13
|
|
vBulletin 3.6.10/3.7.1 - 'redirect' Cross-Site Scripting
|
29 |
WEB
|
anonymous
|
|
2008-06-11
|
|
Flat Calendar 1.1 - Multiple Administrative Scripts Authentication Bypass Vulnerabilities
|
26 |
WEB
|
Crackers_Child
|
|
2008-06-11
|
|
PHPEasyData 1.5.4 - 'annuaire.php' Multiple Cross-Site Scripting Vulnerabilities
|
27 |
WEB
|
Sylvain THUAL
|
|
2008-06-11
|
|
PHPEasyData 1.5.4 - 'last_records.php?annuaire' Cross-Site Scripting
|
26 |
WEB
|
Sylvain THUAL
|
|
2008-06-11
|
|
PHPEasyData 1.5.4 - '/admin/login.php?Username' SQL Injection
|
24 |
WEB
|
Sylvain THUAL
|
|
2008-06-11
|
|
PHPEasyData 1.5.4 - 'annuaire.php?annuaire' SQL Injection
|
25 |
WEB
|
Sylvain THUAL
|
|
2008-06-10
|
|
Noticia Portal - 'detalle_noticia.php' SQL Injection
|
23 |
WEB
|
t@nzo0n
|
|
2014-02-25
|
|
Private Camera Pro 5.0 iOS - Multiple Vulnerabilities
|
24 |
WEB
|
Vulnerability-Lab
|
|
2014-02-25
|
|
Sendy 1.1.8.4 - SQL Injection
|
27 |
WEB
|
Hurley
|
|
2014-02-25
|
|
WiFiles HD 1.3 iOS - Local File Inclusion
|
21 |
WEB
|
Vulnerability-Lab
|
|
2014-02-25
|
|
Technicolor TC7200 - Credentials Disclosure
|
26 |
WEB
|
Jeroen - IT Nerdbox
|
|
2008-06-10
|
|
Hot Links SQL-PHP - Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
sl4xUz
|
|
2008-06-10
|
|
Tornado Knowledge Retrieval System 4.2 - 'p' Cross-Site Scripting
|
28 |
WEB
|
Unohope
|
|
2008-06-09
|
|
Real Estate Website 1.0 - 'location.asp' Multiple Input Validation Vulnerabilities
|
23 |
WEB
|
JosS
|
|
2008-06-06
|
|
SchoolCenter 7.5 - Multiple Cross-Site Scripting Vulnerabilities
|
24 |
WEB
|
Doz
|
|
2008-06-05
|
|
SamTodo 1.1 - 'completed' Cross-Site Scripting
|
26 |
WEB
|
David Sopas Ferreira
|
|
2008-06-05
|
|
SamTodo 1.1 - 'tid' Cross-Site Scripting
|
22 |
WEB
|
David Sopas Ferreira
|
|
2008-06-04
|
|
PHP Address Book 3.1.5 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities
|
25 |
WEB
|
CWH Underground
|
|
2008-06-04
|
|
WyMIEN PHP 1.0 - 'index.php' Cross-Site Scripting
|
28 |
WEB
|
ZoRLu
|
|
2014-02-24
|
|
Ganib Project Management 2.3 - SQL Injection
|
26 |
WEB
|
drone
|
|
2008-06-02
|
|
Te Ecard - 'id' Multiple SQL Injections
|
20 |
WEB
|
Ugurcan Engyn
|
|
2008-06-02
|
|
Joomla! / Mambo Component Joo!BB 0.5.9 - 'forum' SQL Injection
|
20 |
WEB
|
His0k4
|
|
2008-06-02
|
|
i-pos StoreFront 1.3 - 'index.asp' SQL Injection
|
25 |
WEB
|
KnocKout
|
|
2008-06-02
|
|
OtomiGenX 2.2 - 'userAccount' SQL Injection
|
26 |
WEB
|
hadihadi
|
|
2008-05-30
|
|
CMS Easyway - 'mid' SQL Injection
|
19 |
WEB
|
Lidloses_Auge
|
|
2008-05-31
|
|
TorrentTrader Classic 1.x - 'scrape.php' SQL Injection
|
20 |
WEB
|
Charles Vaughn
|
|
2008-05-30
|
|
DotNetNuke 4.8.3 - 'Default.aspx' Cross-Site Scripting
|
23 |
WEB
|
AmnPardaz Security Research Team
|
|
2008-05-29
|
|
dvbbs 8.2 - 'login.asp' Multiple SQL Injections
|
26 |
WEB
|
hackerbinhphuoc
|
|
2008-05-29
|
|
Proje ASP Portal 2.0 - 'id' Multiple SQL Injections
|
25 |
WEB
|
Ugurcan Engin
|
|
2008-05-29
|
|
JustPORTAL 1.0 - 'site' Multiple SQL Injections
|
23 |
WEB
|
Ugurcan Engin
|
|
2008-05-28
|
|
Calcium 3.10/4.0.4 - 'Calcium40.pl' Cross-Site Scripting
|
25 |
WEB
|
Marvin Simkin
|
|
2008-05-28
|
|
Joomla! / Mambo Component Artists - 'idgalery' SQL Injection
|
25 |
WEB
|
Cr@zy_King
|
|
2008-05-27
|
|
Tr Script News 2.1 - 'news.php' Cross-Site Scripting
|
20 |
WEB
|
ZoRLu
|
|
2008-05-26
|
|
The Campus Request Repairs System 1.2 - 'sentout.asp' Unauthorized Access
|
18 |
WEB
|
Unohope
|
|
2008-05-26
|
|
Campus Bulletin Board 3.4 - '/post3/book.asp?review' SQL Injection
|
27 |
WEB
|
Unohope
|
|
2008-05-26
|
|
Campus Bulletin Board 3.4 - '/post3/view.asp?id' SQL Injection
|
38 |
WEB
|
Unohope
|
|
2008-05-26
|
|
Campus Bulletin Board 3.4 - '/post3/book.asp?review' Cross-Site Scripting
|
23 |
WEB
|
Unohope
|
|
2008-05-26
|
|
ClassSystem 2.0/2.3 - 'class/ApplyDB.php' Unrestricted Arbitrary File Upload / Arbitrary Code Execut
|
28 |
WEB
|
Unohope
|
|
2008-05-26
|
|
ClassSystem 2.0/2.3 - 'MessageReply.php?teacher_id' SQL Injection
|
23 |
WEB
|
Unohope
|
|
2008-05-26
|
|
ClassSystem 2.0/2.3 - 'HomepageMain.php?teacher_id' SQL Injection
|
23 |
WEB
|
Unohope
|
|
2008-05-26
|
|
ClassSystem 2.0/2.3 - 'HomepageTop.php?teacher_id' SQL Injection
|
20 |
WEB
|
Unohope
|
|
2008-05-26
|
|
PHPFix 2.0 - '/auth/00_pass.php?account' SQL Injection
|
26 |
WEB
|
Unohope
|
|
2008-05-26
|
|
PHPFix 2.0 - '/fix/browse.php?kind' SQL Injection
|
20 |
WEB
|
Unohope
|
|
2008-05-26
|
|
Excuse Online - 'pwd.asp' SQL Injection
|
19 |
WEB
|
Unohope
|
|
2008-05-26
|
|
AbleSpace 1.0 - 'adv_cat.php' SQL Injection
|
23 |
WEB
|
Jasbi
|
|
2008-05-26
|
|
miniCWB 2.1.1 - 'connector.php' Multiple Cross-Site Scripting Vulnerabilities
|
25 |
WEB
|
CWH Underground
|
|
2008-05-24
|
|
Horde Multiple Product - 'day.php?Timestamp' Cross-Site Scripting
|
23 |
WEB
|
Ivan Sanchez
|
|
2008-05-24
|
|
Horde Multiple Product - 'week.php?Timestamp' Cross-Site Scripting
|
23 |
WEB
|
Ivan Sanchez
|
|
2008-05-24
|
|
Horde Multiple Product - 'workweek.php?Timestamp' Cross-Site Scripting
|
23 |
WEB
|
Ivan Sanchez
|
|
2008-05-24
|
|
DZOIC Handshakes 3.5 - 'fname' SQL Injection
|
21 |
WEB
|
Ali Jasbi
|
|
2008-05-24
|
|
WordPress Plugin Upload File - 'wp-uploadfile.php' SQL Injection
|
24 |
WEB
|
eserg.ru
|
|
2008-05-22
|
|
Apple Safari Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities
|
23 |
WEB
|
Omer Singer
|
|
2014-02-22
|
|
WordPress Plugin AdRotate 3.9.4 - 'clicktracker.ph?track' SQL Injection
|
23 |
WEB
|
High-Tech Bridge SA
|
|
2014-02-22
|
|
ILIAS 4.4.1 - Multiple Vulnerabilities
|
20 |
WEB
|
HauntIT
|
|
2008-05-22
|
|
AbleDating 2.4 - 'search_results.php?keyword' Cross-Site Scripting
|
21 |
WEB
|
Ali Jasbi
|
|
2008-05-22
|
|
AbleDating 2.4 - 'search_results.php?keyword' SQL Injection
|
19 |
WEB
|
Ali Jasbi
|
|
2008-05-22
|
|
BMForum 5.6 - 'bsd01header.php' Cross-Site Scripting
|
23 |
WEB
|
CWH Underground
|
|
2008-05-22
|
|
BMForum 5.6 - 'bsd01footer.php' Cross-Site Scripting
|
21 |
WEB
|
CWH Underground
|
|
2008-05-22
|
|
BMForum 5.6 - 'index.php' Cross-Site Scripting
|
23 |
WEB
|
CWH Underground
|
|
2008-05-22
|
|
phpSQLiteCMS 1 RC2 - '/cms/includes/login.inc.php' Multiple Cross-Site Scripting Vulnerabilities
|
24 |
WEB
|
CWH Underground
|
|
2008-05-22
|
|
phpSQLiteCMS 1 RC2 - '/cms/includes/header.inc.php' Multiple Cross-Site Scripting Vulnerabilities
|
27 |
WEB
|
CWH Underground
|
|
2008-05-22
|
|
PHPFreeForum 1.0 rc2 - '/part/menu.php' Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
tan_prathan
|
|
2008-05-22
|
|
PHPFreeForum 1.0 rc2 - 'error.php?message' Cross-Site Scripting
|
25 |
WEB
|
tan_prathan
|
|
2008-05-21
|
|
SAP Web Application Server 7.0 - '/sap/bc/gui/sap/its/webgui/' Cross-Site Scripting
|
23 |
WEB
|
DSecRG
|
|
2008-05-20
|
|
eCMS 0.4.2 - Multiple Vulnerabilities
|
24 |
WEB
|
hadihadi
|
|
2008-05-20
|
|
DizaynPlus Nobetci Eczane Takip 1.0 - 'ayrinti.asp' SQL Injection
|
23 |
WEB
|
U238
|
|
2008-05-20
|
|
Site Tanitimlari Scripti - Multiple SQL Injections
|
22 |
WEB
|
fahn zichler
|
|
2008-05-20
|
|
Web Slider 0.6 - 'slide' SQL Injection
|
21 |
WEB
|
fahn zichler
|
|
2008-05-20
|
|
Starsgames Control Panel 4.6.2 - 'index.php' Cross-Site Scripting
|
28 |
WEB
|
CWH Underground
|
|
2008-05-20
|
|
AppServ Open Project 2.5.10 - 'appservlang' Cross-Site Scripting
|
24 |
WEB
|
CWH Underground
|
|
2008-05-19
|
|
cPanel 11.21 - 'wwwact' Privilege Escalation
|
22 |
WEB
|
Ali Jasbi
|
|
2008-05-19
|
|
bcoos 1.0.13 - 'file' Local File Inclusion
|
28 |
WEB
|
Lostmon
|
|
2008-05-17
|
|
PHP-Nuke 'KuiraniKerim' Module - 'sid' SQL Injection
|
22 |
WEB
|
Lovebug
|
|
2008-05-16
|
|
Digital Hive 2.0 - 'base_include.php' Local File Inclusion
|
22 |
WEB
|
ZoRLu
|
|
2008-05-16
|
|
AN Guestbook 0.4 - 'send_email.php' Cross-Site Scripting
|
22 |
WEB
|
ZoRLu
|
|
2008-05-16
|
|
ACGV News 0.9.1 - 'glossaire.php?id' Cross-Site Scripting
|
24 |
WEB
|
ZoRLu
|
|
2008-05-16
|
|
ACGV News 0.9.1 - 'glossaire.php?id' SQL Injection
|
22 |
WEB
|
ZoRLu
|
