|
2007-03-02
|
|
Woltlab Burning Board 2.3.6 - Multiple HTML Injection Vulnerabilities
|
10 |
WEB
|
Samenspender
|
|
2007-03-01
|
|
Built2go News Manager 1.0 Blog - 'rating.php?nid' Cross-Site Scripting
|
11 |
WEB
|
the_Edit0r
|
|
2007-03-01
|
|
Built2go News Manager 1.0 Blog - 'news.php' Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
the_Edit0r
|
|
2007-03-01
|
|
aWebNews 1.1 - 'listing.php?path_to_news' Remote File Inclusion
|
13 |
WEB
|
mostafa_ragab
|
|
2007-03-01
|
|
S9Y Serendipity 1.1.1 - 'index.php' SQL Injection
|
15 |
WEB
|
Samenspender
|
|
2007-02-27
|
|
WordPress Core 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities
|
14 |
WEB
|
Stefan Friedli
|
|
2007-02-26
|
|
WordPress Core 2.1.1 - 'post.php' Cross-Site Scripting
|
11 |
WEB
|
Samenspender
|
|
2007-02-26
|
|
Pagesetter 6.2/6.3.0 - 'index.php' Local File Inclusion
|
11 |
WEB
|
D. Matscheko
|
|
2007-02-26
|
|
SQLiteManager 1.2 - 'main.php' Multiple HTML Injection Vulnerabilities
|
14 |
WEB
|
Simon Bonnard
|
|
2007-02-26
|
|
PHPBB2 - 'Admin_Ug_Auth.php' Administrative Bypass
|
13 |
WEB
|
Hasadya Raed
|
|
2007-02-26
|
|
Audins Audiens 3.3 - '/system/index.php?Cookie PHPSESSID' SQL Injection
|
13 |
WEB
|
r00t
|
|
2007-02-26
|
|
Audins Audiens 3.3 - 'setup.php?PATH_INFO' Cross-Site Scripting
|
15 |
WEB
|
r00t
|
|
2007-02-26
|
|
Audins Audiens 3.3 - 'unistall.php' Authentication Bypass
|
11 |
WEB
|
r00t
|
|
2013-11-18
|
|
Kaseya < 6.3.0.2 - Arbitrary File Upload
|
13 |
WEB
|
Security-Assessment.com
|
|
2013-11-18
|
|
ManageEngine Desktop Central 8.0.0 build < 80293 - Arbitrary File Upload
|
13 |
WEB
|
Security-Assessment.com
|
|
2013-11-18
|
|
Dahua DVR 2.608.0000.0/2.608.GV00.0 - Authentication Bypass (Metasploit)
|
15 |
WEB
|
Jake Reynolds
|
|
2013-11-18
|
|
LiveZilla 5.0.1.4 - Remote Code Execution
|
13 |
WEB
|
Curesec Research Team
|
|
2013-11-18
|
|
WordPress Theme Make A Statement (MaS) - Cross-Site Request Forgery
|
16 |
WEB
|
DevilScreaM
|
|
2013-11-18
|
|
WordPress Theme Amplus - Cross-Site Request Forgery
|
13 |
WEB
|
DevilScreaM
|
|
2013-11-18
|
|
WordPress Theme Dimension - Cross-Site Request Forgery
|
13 |
WEB
|
DevilScreaM
|
|
2013-11-18
|
|
WordPress Theme Euclid 1.x - Cross-Site Request Forgery
|
12 |
WEB
|
DevilScreaM
|
|
2007-02-26
|
|
SQLiteManager 1.2 - Local File Inclusion
|
12 |
WEB
|
Simon Bonnard
|
|
2007-02-26
|
|
SolarPay - 'index.php' Local File Inclusion
|
13 |
WEB
|
Hasadya Raed
|
|
2007-02-24
|
|
Docebo CMS 3.0.x - '/modules/htmlframechat/index.php' Multiple Cross-Site Scripting Vulnerabilities
|
14 |
WEB
|
r00t
|
|
2007-02-24
|
|
Docebo CMS 3.0.x - 'index.php?searchkey' Cross-Site Scripting
|
16 |
WEB
|
r00t
|
|
2007-02-24
|
|
PhotoStand 1.2 - 'index.php' Cross-Site Scripting
|
10 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/mysqlevents.php?css' Cross-Site Scripting
|
11 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/y_3.php?css' Cross-Site Scripting
|
11 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/y_2.php?css' Cross-Site Scripting
|
13 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/m_4.php?css' Cross-Site Scripting
|
11 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/m_3.php?css' Cross-Site Scripting
|
10 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/m_2.php?css' Cross-Site Scripting
|
12 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/js.php?css' Cross-Site Scripting
|
9 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/flatevents.php?css' Cross-Site Scripting
|
10 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - 'showcode.php' Local File Inclusion
|
10 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Pickle 0.3 - 'download.php' Local File Inclusion
|
10 |
WEB
|
laurent gaffie
|
|
2007-02-23
|
|
Simple one-file Gallery - 'gallery.php?f' Cross-Site Scripting
|
11 |
WEB
|
laurent gaffie
|
|
2007-02-23
|
|
Simple one-file Gallery - 'gallery.php?f' Traversal Arbitrary File Access
|
12 |
WEB
|
laurent gaffie
|
|
2007-02-23
|
|
XT:Commerce 3.04 - 'index.php' Local File Inclusion
|
9 |
WEB
|
laurent gaffie
|
|
2007-02-23
|
|
Shop Kit Plus - 'StyleCSS.php' Local File Inclusion
|
10 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
LoveCMS 1.4 - 'id' Cross-Site Scripting
|
10 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
LoveCMS 1.4 - 'load' Traversal Arbitrary File Access
|
11 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
LoveCMS 1.4 - 'step' Traversal Arbitrary File Access
|
10 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
LoveCMS 1.4 - 'step' Remote File Inclusion
|
9 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
Pheap 1.x/2.0 - 'edit.php' Directory Traversal
|
10 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
Plantilla - 'list_main_pages.php?nfolder' Traversal Arbitrary File Access
|
12 |
WEB
|
laurent gaffie
|
|
2013-11-16
|
|
Google Gmail IOS Mobile Application - Persistent Cross-Site Scripting
|
10 |
WEB
|
Ali Raza
|
|
2007-02-22
|
|
Pyrophobia 2.1.3.1 - Traversal Arbitrary File Access
|
11 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
Pyrophobia 2.1.3.1 - Cross-Site Scripting
|
14 |
WEB
|
laurent gaffie
|
|
2007-02-21
|
|
Magic News Plus 1.0.2 - 'n_layouts.php?link_parameters' Cross-Site Scripting
|
12 |
WEB
|
HACKERS PAL
|
|
2007-02-21
|
|
Magic News Plus 1.0.2 - 'news.php?&link_parameters' Cross-Site Scripting
|
11 |
WEB
|
HACKERS PAL
|
|
2007-02-21
|
|
Magic News Plus 1.0.2 - 'preview.php?PHP_script_path' Remote File Inclusion
|
13 |
WEB
|
HACKERS PAL
|
|
2007-02-21
|
|
phpTrafficA 1.4.1 - 'banref.php?lang' Traversal Local File Inclusion
|
14 |
WEB
|
Hamid Ebadi
|
|
2007-02-21
|
|
phpTrafficA 1.4.1 - 'plotStat.php?File' Traversal Local File Inclusion
|
12 |
WEB
|
Hamid Ebadi
|
|
2007-02-21
|
|
CedStat 1.31 - 'index.php' Cross-Site Scripting
|
11 |
WEB
|
sn0oPy
|
|
2007-02-21
|
|
Google Desktop - Cross-Site Scripting
|
10 |
WEB
|
Yair Amit
|
|
2007-02-20
|
|
Design4Online - 'Userpages2 Page.asp' SQL Injection
|
13 |
WEB
|
xoron
|
|
2007-02-20
|
|
AbleDesign MyCalendar 2.20.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
12 |
WEB
|
sn0oPy
|
|
2007-02-19
|
|
Powerschool 4.3.6/5.1.2 - JavaScript File Request Information Disclosure
|
13 |
WEB
|
gheetotank
|
|
2013-11-15
|
|
WBR-3406 Wireless Broadband NAT Router - Web-Console Password Change Bypass / Cross-Site Request For
|
14 |
WEB
|
Yakir Wizman
|
|
2007-02-16
|
|
Turuncu Portal 1.0 - 'H_Goster.asp' SQL Injection
|
14 |
WEB
|
chernobiLe
|
|
2007-02-16
|
|
Ezboo Webstats 3.03 - Administrative Authentication Bypass
|
14 |
WEB
|
sn0oPy
|
|
2007-02-16
|
|
Meganoide's News 1.1.1 - 'Include.php' Remote File Inclusion
|
15 |
WEB
|
KaRTaL
|
|
2007-02-16
|
|
CedStat 1.31 - 'index.php?hier' Cross-Site Scripting
|
13 |
WEB
|
sn0oPy
|
|
2007-02-15
|
|
Calendar Express - 'search.php' Cross-Site Scripting
|
13 |
WEB
|
BL4CK
|
|
2007-02-15
|
|
Deskpro 1.1 - 'faq.php' Cross-Site Scripting
|
15 |
WEB
|
BLacK ZeRo
|
|
2007-02-15
|
|
ibProArcade 2.5.9+ - 'Arcade.php' SQL Injection
|
11 |
WEB
|
sp00k
|
|
2007-02-14
|
|
WebTester 5.0.20060927 - 'typeID' SQL Injection
|
9 |
WEB
|
Moran Zavdi
|
|
2007-02-13
|
|
Fullaspsite ASP Hosting Site - 'listmain.asp?cat' SQL Injection
|
13 |
WEB
|
ShaFuck31
|
|
2007-02-13
|
|
Fullaspsite ASP Hosting Site - 'listmain.asp?cat' Cross-Site Scripting
|
10 |
WEB
|
ShaFuck31
|
|
2007-02-13
|
|
TaskFreak! 0.5.5 - 'error.php' Cross-Site Scripting
|
10 |
WEB
|
Spiked
|
|
2007-02-12
|
|
WordPress Core 1.x/2.0.x - 'Templates.php' Cross-Site Scripting
|
12 |
WEB
|
PsychoGun
|
|
2007-02-12
|
|
Community Server - 'SearchResults.aspx' Cross-Site Scripting
|
14 |
WEB
|
BL4CK
|
|
2007-02-12
|
|
EWay 4 - Default.APSX Cross-Site Scripting
|
12 |
WEB
|
BLacK ZeRo
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/wordfilter.php?Admin' Remote File Inclusion
|
12 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/updatefilter.php?Admin' Remote File Inclusion
|
13 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/updateconf.php?Admin' Remote File Inclusion
|
12 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/readconf.php?Admin' Remote File Inclusion
|
14 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/index.php?adminpath' Remote File Inclusion
|
12 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/verify.php?configpath' Remote File Inclusion
|
12 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/manageTagmins.php?configpath' Remote File Inclusion
|
12 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/editTag.php?configpath' Remote File Inclusion
|
13 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/editTagmin.php?configpath' Remote File Inclusion
|
13 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/delTag.php?configpath' Remote File Inclusion
|
14 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/delTagmin.php?configpath' Remote File Inclusion
|
12 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/ban_watch.php?configpath' Remote File Inclusion
|
13 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/addTagmin.php?configpath' Remote File Inclusion
|
12 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/CONFIG/errmsg.inc.php?configpath' Remote File Inclusion
|
12 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - 'tag_process.php' Multiple Remote File Inclusions
|
14 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - 'tagviewer.php' Multiple Remote File Inclusions
|
14 |
WEB
|
K-159
|
|
2007-02-09
|
|
Atlassian JIRA 3.7.3 - BrowseProject.JSPA Cross-Site Scripting
|
15 |
WEB
|
BL4CK
|
|
2007-02-09
|
|
eXtreme File Hosting - Arbitrary '.RAR' File Upload
|
9 |
WEB
|
hamed bazargani
|
|
2007-02-08
|
|
cPanel 11 - PassWDMySQL Cross-Site Scripting
|
13 |
WEB
|
s3rv3r_hack3r
|
|
2007-02-07
|
|
SYSCP 1.2.15 - System Control Panel CronJob Arbitrary Code Execution
|
13 |
WEB
|
Daniel Schulte
|
|
2013-11-13
|
|
TOSHIBA e-Studio 232/233/282/283 - Cross-Site Request Forgery (Change Admin Password)
|
15 |
WEB
|
Hubert Gradek
|
|
2007-02-06
|
|
MySQLNewsEngine - 'Affichearticles.php3' Remote File Inclusion
|
14 |
WEB
|
Blaster
|
|
2007-02-05
|
|
Coppermine Photo Gallery 1.4.10 - Multiple Local/Remote File Inclusions
|
13 |
WEB
|
anonymous
|
|
2007-02-05
|
|
Adobe ColdFusion 6/7 - User_Agent Error Page Cross-Site Scripting
|
13 |
WEB
|
digi7al64
|
|
2007-02-03
|
|
PortailPHP 2 - '/mod_search/index.php?chemin' Remote File Inclusion
|
15 |
WEB
|
laurent gaffie
|
|
2007-02-03
|
|
PortailPHP 2 - '/mod_news/goodies.php?chemin' Remote File Inclusion
|
16 |
WEB
|
laurent gaffie
|
|
2007-02-03
|
|
PortailPHP 2 - '/mod_news/index.php?chemin' Remote File Inclusion
|
12 |
WEB
|
laurent gaffie
|
|
2007-02-03
|
|
PortailPHP 2 - '/mod_news/goodies.php?chemin' Traversal Arbitrary File Access
|
15 |
WEB
|
laurent gaffie
|
|
2007-02-03
|
|
PortailPHP 2 - '/mod_news/index.php?chemin' Traversal Arbitrary File Access
|
15 |
WEB
|
laurent gaffie
|
|
2007-02-02
|
|
Uebimiau 2.7.10 - 'index.php' Cross-Site Scripting
|
15 |
WEB
|
Doz
|
|
2007-02-02
|
|
PHPProbid 5.24 - 'Lang.php' Remote File Inclusion
|
13 |
WEB
|
Hasadya Raed
|
|
2007-02-02
|
|
EasyMoblog 0.5.1 - Multiple Input Validation Vulnerabilities
|
14 |
WEB
|
Tal Argoni
|
|
2007-01-31
|
|
OpenEMR 2.8.2 - 'Login_Frame.php' Cross-Site Scripting
|
12 |
WEB
|
Michael Melewski
|
|
2007-01-31
|
|
OpenEMR 2.8.2 - 'Import_XML.php' Remote File Inclusion
|
12 |
WEB
|
trzindan
|
|
2013-11-12
|
|
Juniper Junos J-Web - Privilege Escalation
|
14 |
WEB
|
Sense of Security
|
|
2007-01-30
|
|
EncapsCMS 0.3.6 - 'common_foot.php' Remote File Inclusion
|
14 |
WEB
|
Tr_ZiNDaN
|
|
2007-01-27
|
|
MDPro 1.0.76 - 'index.php' SQL Injection
|
10 |
WEB
|
adexior
|
|
2007-01-27
|
|
SpoonLabs Vivvo Article Management CMS 3.40 - 'Show_Webfeed.php' SQL Injection
|
12 |
WEB
|
St[at]rExT
|
|
2007-01-27
|
|
AdMentor - Admin Login SQL Injection
|
13 |
WEB
|
Cr@zy_King
|
|
2007-01-26
|
|
FD Script 1.3.x - 'FName' Information Disclosure
|
11 |
WEB
|
ajann
|
|
2007-01-26
|
|
PHP Membership Manager 1.5 - 'admin.php' Cross-Site Scripting
|
10 |
WEB
|
Doz
|
|
2013-11-10
|
|
WordPress Theme Highlight Premium - Cross-Site Request Forgery / Arbitrary File Upload
|
12 |
WEB
|
DevilScreaM
|
|
2007-01-24
|
|
WordPress Core 1.x/2.0.x - Pingback SourceURI Denial of Service / Information Disclosure
|
13 |
WEB
|
Blake Matheny
|
|
2007-01-24
|
|
Virtual Host Administrator 0.1 - Modules_Dir Remote File Inclusion
|
12 |
WEB
|
Dr Max Virus
|
|
2013-11-08
|
|
Horde Groupware Web Mail Edition 5.1.2 - Cross-Site Request Forgery (2)
|
13 |
WEB
|
Marcela Benetrix
|
|
2013-11-08
|
|
Sagemcom F@st 3184 2.1.11 - Multiple Vulnerabilities
|
14 |
WEB
|
Oz Elisyan
|
|
2013-11-08
|
|
Project'Or RIA 3.4.0 - 'objectDetail.php?objectId' SQL Injection
|
13 |
WEB
|
Vicente Aguilera Diaz
|
|
2013-11-08
|
|
Vivotek IP Cameras - RTSP Authentication Bypass
|
14 |
WEB
|
Core Security
|
|
2013-11-08
|
|
Flatpress 1.0 - Remote Code Execution
|
15 |
WEB
|
Wireghoul
|
|
2013-11-08
|
|
appRain 3.0.2 - Blind SQL Injection
|
12 |
WEB
|
High-Tech Bridge SA
|
|
2013-11-08
|
|
Vanilla Forums 2.0 < 2.0.18.5 - 'class.utilitycontroller.php' PHP Object Injection
|
12 |
WEB
|
EgiX
|
