|
2007-02-22
|
|
LoveCMS 1.4 - 'step' Remote File Inclusion
|
4 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
Pheap 1.x/2.0 - 'edit.php' Directory Traversal
|
5 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
Plantilla - 'list_main_pages.php?nfolder' Traversal Arbitrary File Access
|
5 |
WEB
|
laurent gaffie
|
|
2013-11-16
|
|
Google Gmail IOS Mobile Application - Persistent Cross-Site Scripting
|
3 |
WEB
|
Ali Raza
|
|
2007-02-22
|
|
Pyrophobia 2.1.3.1 - Traversal Arbitrary File Access
|
5 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
Pyrophobia 2.1.3.1 - Cross-Site Scripting
|
5 |
WEB
|
laurent gaffie
|
|
2007-02-21
|
|
Magic News Plus 1.0.2 - 'n_layouts.php?link_parameters' Cross-Site Scripting
|
5 |
WEB
|
HACKERS PAL
|
|
2007-02-21
|
|
Magic News Plus 1.0.2 - 'news.php?&link_parameters' Cross-Site Scripting
|
4 |
WEB
|
HACKERS PAL
|
|
2007-02-21
|
|
Magic News Plus 1.0.2 - 'preview.php?PHP_script_path' Remote File Inclusion
|
4 |
WEB
|
HACKERS PAL
|
|
2007-02-21
|
|
phpTrafficA 1.4.1 - 'banref.php?lang' Traversal Local File Inclusion
|
5 |
WEB
|
Hamid Ebadi
|
|
2007-02-21
|
|
phpTrafficA 1.4.1 - 'plotStat.php?File' Traversal Local File Inclusion
|
4 |
WEB
|
Hamid Ebadi
|
|
2007-02-21
|
|
CedStat 1.31 - 'index.php' Cross-Site Scripting
|
4 |
WEB
|
sn0oPy
|
|
2007-02-21
|
|
Google Desktop - Cross-Site Scripting
|
4 |
WEB
|
Yair Amit
|
|
2007-02-20
|
|
Design4Online - 'Userpages2 Page.asp' SQL Injection
|
5 |
WEB
|
xoron
|
|
2007-02-20
|
|
AbleDesign MyCalendar 2.20.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
sn0oPy
|
|
2007-02-19
|
|
Powerschool 4.3.6/5.1.2 - JavaScript File Request Information Disclosure
|
5 |
WEB
|
gheetotank
|
|
2013-11-15
|
|
WBR-3406 Wireless Broadband NAT Router - Web-Console Password Change Bypass / Cross-Site Request For
|
4 |
WEB
|
Yakir Wizman
|
|
2007-02-16
|
|
Turuncu Portal 1.0 - 'H_Goster.asp' SQL Injection
|
4 |
WEB
|
chernobiLe
|
|
2007-02-16
|
|
Ezboo Webstats 3.03 - Administrative Authentication Bypass
|
4 |
WEB
|
sn0oPy
|
|
2007-02-16
|
|
Meganoide's News 1.1.1 - 'Include.php' Remote File Inclusion
|
4 |
WEB
|
KaRTaL
|
|
2007-02-16
|
|
CedStat 1.31 - 'index.php?hier' Cross-Site Scripting
|
4 |
WEB
|
sn0oPy
|
|
2007-02-15
|
|
Calendar Express - 'search.php' Cross-Site Scripting
|
4 |
WEB
|
BL4CK
|
|
2007-02-15
|
|
Deskpro 1.1 - 'faq.php' Cross-Site Scripting
|
5 |
WEB
|
BLacK ZeRo
|
|
2007-02-15
|
|
ibProArcade 2.5.9+ - 'Arcade.php' SQL Injection
|
3 |
WEB
|
sp00k
|
|
2007-02-14
|
|
WebTester 5.0.20060927 - 'typeID' SQL Injection
|
3 |
WEB
|
Moran Zavdi
|
|
2007-02-13
|
|
Fullaspsite ASP Hosting Site - 'listmain.asp?cat' SQL Injection
|
3 |
WEB
|
ShaFuck31
|
|
2007-02-13
|
|
Fullaspsite ASP Hosting Site - 'listmain.asp?cat' Cross-Site Scripting
|
4 |
WEB
|
ShaFuck31
|
|
2007-02-13
|
|
TaskFreak! 0.5.5 - 'error.php' Cross-Site Scripting
|
4 |
WEB
|
Spiked
|
|
2007-02-12
|
|
WordPress Core 1.x/2.0.x - 'Templates.php' Cross-Site Scripting
|
3 |
WEB
|
PsychoGun
|
|
2007-02-12
|
|
Community Server - 'SearchResults.aspx' Cross-Site Scripting
|
5 |
WEB
|
BL4CK
|
|
2007-02-12
|
|
EWay 4 - Default.APSX Cross-Site Scripting
|
4 |
WEB
|
BLacK ZeRo
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/wordfilter.php?Admin' Remote File Inclusion
|
4 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/updatefilter.php?Admin' Remote File Inclusion
|
4 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/updateconf.php?Admin' Remote File Inclusion
|
5 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/readconf.php?Admin' Remote File Inclusion
|
4 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/index.php?adminpath' Remote File Inclusion
|
4 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/verify.php?configpath' Remote File Inclusion
|
4 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/manageTagmins.php?configpath' Remote File Inclusion
|
5 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/editTag.php?configpath' Remote File Inclusion
|
4 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/editTagmin.php?configpath' Remote File Inclusion
|
3 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/delTag.php?configpath' Remote File Inclusion
|
4 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/delTagmin.php?configpath' Remote File Inclusion
|
4 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/ban_watch.php?configpath' Remote File Inclusion
|
5 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/addTagmin.php?configpath' Remote File Inclusion
|
4 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/CONFIG/errmsg.inc.php?configpath' Remote File Inclusion
|
4 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - 'tag_process.php' Multiple Remote File Inclusions
|
5 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - 'tagviewer.php' Multiple Remote File Inclusions
|
5 |
WEB
|
K-159
|
|
2007-02-09
|
|
Atlassian JIRA 3.7.3 - BrowseProject.JSPA Cross-Site Scripting
|
4 |
WEB
|
BL4CK
|
|
2007-02-09
|
|
eXtreme File Hosting - Arbitrary '.RAR' File Upload
|
3 |
WEB
|
hamed bazargani
|
|
2007-02-08
|
|
cPanel 11 - PassWDMySQL Cross-Site Scripting
|
4 |
WEB
|
s3rv3r_hack3r
|
|
2007-02-07
|
|
SYSCP 1.2.15 - System Control Panel CronJob Arbitrary Code Execution
|
5 |
WEB
|
Daniel Schulte
|
|
2013-11-13
|
|
TOSHIBA e-Studio 232/233/282/283 - Cross-Site Request Forgery (Change Admin Password)
|
5 |
WEB
|
Hubert Gradek
|
|
2007-02-06
|
|
MySQLNewsEngine - 'Affichearticles.php3' Remote File Inclusion
|
4 |
WEB
|
Blaster
|
|
2007-02-05
|
|
Coppermine Photo Gallery 1.4.10 - Multiple Local/Remote File Inclusions
|
4 |
WEB
|
anonymous
|
|
2007-02-05
|
|
Adobe ColdFusion 6/7 - User_Agent Error Page Cross-Site Scripting
|
5 |
WEB
|
digi7al64
|
|
2007-02-03
|
|
PortailPHP 2 - '/mod_search/index.php?chemin' Remote File Inclusion
|
4 |
WEB
|
laurent gaffie
|
|
2007-02-03
|
|
PortailPHP 2 - '/mod_news/goodies.php?chemin' Remote File Inclusion
|
4 |
WEB
|
laurent gaffie
|
|
2007-02-03
|
|
PortailPHP 2 - '/mod_news/index.php?chemin' Remote File Inclusion
|
4 |
WEB
|
laurent gaffie
|
|
2007-02-03
|
|
PortailPHP 2 - '/mod_news/goodies.php?chemin' Traversal Arbitrary File Access
|
6 |
WEB
|
laurent gaffie
|
|
2007-02-03
|
|
PortailPHP 2 - '/mod_news/index.php?chemin' Traversal Arbitrary File Access
|
5 |
WEB
|
laurent gaffie
|
|
2007-02-02
|
|
Uebimiau 2.7.10 - 'index.php' Cross-Site Scripting
|
5 |
WEB
|
Doz
|
|
2007-02-02
|
|
PHPProbid 5.24 - 'Lang.php' Remote File Inclusion
|
5 |
WEB
|
Hasadya Raed
|
|
2007-02-02
|
|
EasyMoblog 0.5.1 - Multiple Input Validation Vulnerabilities
|
5 |
WEB
|
Tal Argoni
|
|
2007-01-31
|
|
OpenEMR 2.8.2 - 'Login_Frame.php' Cross-Site Scripting
|
4 |
WEB
|
Michael Melewski
|
|
2007-01-31
|
|
OpenEMR 2.8.2 - 'Import_XML.php' Remote File Inclusion
|
4 |
WEB
|
trzindan
|
|
2013-11-12
|
|
Juniper Junos J-Web - Privilege Escalation
|
5 |
WEB
|
Sense of Security
|
|
2007-01-30
|
|
EncapsCMS 0.3.6 - 'common_foot.php' Remote File Inclusion
|
6 |
WEB
|
Tr_ZiNDaN
|
|
2007-01-27
|
|
MDPro 1.0.76 - 'index.php' SQL Injection
|
4 |
WEB
|
adexior
|
|
2007-01-27
|
|
SpoonLabs Vivvo Article Management CMS 3.40 - 'Show_Webfeed.php' SQL Injection
|
4 |
WEB
|
St[at]rExT
|
|
2007-01-27
|
|
AdMentor - Admin Login SQL Injection
|
5 |
WEB
|
Cr@zy_King
|
|
2007-01-26
|
|
FD Script 1.3.x - 'FName' Information Disclosure
|
4 |
WEB
|
ajann
|
|
2007-01-26
|
|
PHP Membership Manager 1.5 - 'admin.php' Cross-Site Scripting
|
4 |
WEB
|
Doz
|
|
2013-11-10
|
|
WordPress Theme Highlight Premium - Cross-Site Request Forgery / Arbitrary File Upload
|
5 |
WEB
|
DevilScreaM
|
|
2007-01-24
|
|
WordPress Core 1.x/2.0.x - Pingback SourceURI Denial of Service / Information Disclosure
|
5 |
WEB
|
Blake Matheny
|
|
2007-01-24
|
|
Virtual Host Administrator 0.1 - Modules_Dir Remote File Inclusion
|
4 |
WEB
|
Dr Max Virus
|
|
2013-11-08
|
|
Horde Groupware Web Mail Edition 5.1.2 - Cross-Site Request Forgery (2)
|
4 |
WEB
|
Marcela Benetrix
|
|
2013-11-08
|
|
Sagemcom F@st 3184 2.1.11 - Multiple Vulnerabilities
|
4 |
WEB
|
Oz Elisyan
|
|
2013-11-08
|
|
Project'Or RIA 3.4.0 - 'objectDetail.php?objectId' SQL Injection
|
5 |
WEB
|
Vicente Aguilera Diaz
|
|
2013-11-08
|
|
Vivotek IP Cameras - RTSP Authentication Bypass
|
4 |
WEB
|
Core Security
|
|
2013-11-08
|
|
Flatpress 1.0 - Remote Code Execution
|
4 |
WEB
|
Wireghoul
|
|
2013-11-08
|
|
appRain 3.0.2 - Blind SQL Injection
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2013-11-08
|
|
Vanilla Forums 2.0 < 2.0.18.5 - 'class.utilitycontroller.php' PHP Object Injection
|
4 |
WEB
|
EgiX
|
|
2007-01-23
|
|
Vote! Pro 4.0 - Multiple PHP Code Execution Vulnerabilities
|
4 |
WEB
|
r0ut3r
|
|
2007-01-22
|
|
212Cafe Guestbook 4.00 - 'show.php' Cross-Site Scripting
|
5 |
WEB
|
Linux_Drox
|
|
2007-01-22
|
|
Bitweaver 1.3.1 Articles and Blogs - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
CorryL
|
|
2007-01-22
|
|
212Cafe Board 0.08 Beta / 6.30 Beta - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Linux_Drox
|
|
2007-01-22
|
|
Unique Ads - 'Banner.php' SQL Injection
|
5 |
WEB
|
Linux_Drox
|
|
2013-11-08
|
|
RASPcalendar 1.01 (ASP) - Admin Login
|
4 |
WEB
|
Hackeri-AL UAH-Crew
|
|
2007-01-20
|
|
SMF 1.1 - 'index.php' HTML Injection
|
4 |
WEB
|
Aria-Security Team
|
|
2007-01-20
|
|
Easebay Resources Login Manager - Multiple Input Validation Vulnerabilities
|
4 |
WEB
|
Doz
|
|
2007-01-20
|
|
Easebay Resources Paypal Subscription - Manager Multiple Input Validation Vulnerabilities
|
4 |
WEB
|
Doz
|
|
2007-01-17
|
|
MyBloggie 2.1.5 - 'login.php' Cross-Site Scripting
|
4 |
WEB
|
CorryL
|
|
2007-01-17
|
|
MyBloggie 2.1.5 - 'index.php' Cross-Site Scripting
|
4 |
WEB
|
CorryL
|
|
2007-01-16
|
|
Indexu 5.0/5.3 - 'login.php?Error_msg' Cross-Site Scripting
|
4 |
WEB
|
SwEET-DeViL
|
|
2007-01-16
|
|
Indexu 5.0/5.3 - 'mailing_list.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
SwEET-DeViL
|
|
2007-01-16
|
|
Indexu 5.0/5.3 - 'new.php' Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
SwEET-DeViL
|
|
2007-01-16
|
|
Indexu 5.0/5.3 - 'power_search.php' Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
SwEET-DeViL
|
|
2007-01-16
|
|
Indexu 5.0/5.3 - 'register.php' Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
SwEET-DeViL
|
|
2007-01-16
|
|
Indexu 5.0/5.3 - 'search.php?keyword' Cross-Site Scripting
|
4 |
WEB
|
SwEET-DeViL
|
|
2007-01-16
|
|
Indexu 5.0/5.3 - 'send_pwd.php' Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
SwEET-DeViL
|
|
2013-11-07
|
|
WordPress Theme Kernel - Arbitrary File Upload
|
4 |
WEB
|
link_satisi
|
|
2007-01-16
|
|
Indexu 5.0/5.3 - 'Sendmail.php' Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
SwEET-DeViL
|
|
2007-01-16
|
|
Indexu 5.0/5.3 - 'tell_friend.php' Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
SwEET-DeViL
|
|
2007-01-16
|
|
Indexu 5.0/5.3 - 'user_detail.php?u' Cross-Site Scripting
|
4 |
WEB
|
SwEET-DeViL
|
|
2007-01-16
|
|
Indexu 5.0/5.3 - 'suggest_category.php?Error_msg' Cross-Site Scripting
|
4 |
WEB
|
SwEET-DeViL
|
|
2007-01-16
|
|
Indexu 5.0/5.3 - 'upgrade.php?gateway' Cross-Site Scripting
|
4 |
WEB
|
SwEET-DeViL
|
|
2013-11-07
|
|
Microweber 0.905 - Error-Based SQL Injection
|
4 |
WEB
|
Zy0d0x
|
|
2007-01-16
|
|
Scriptme SmE 1.21 - File Mailer Login SQL Injection
|
4 |
WEB
|
CorryL
|
|
2007-01-16
|
|
DT_Guestbook 1.0 - 'index.php' Cross-Site Scripting
|
4 |
WEB
|
Jesper Jurcenoks
|
|
2007-01-15
|
|
Jax Petition 3.06 Book - 'smileys.php?languagepack' Local File Inclusion
|
4 |
WEB
|
ilker Kandemir
|
|
2007-01-15
|
|
Jax Petition Book 3.06 - 'jax_petitionbook.php?languagepack' Local File Inclusion
|
4 |
WEB
|
ilker Kandemir
|
|
2007-01-15
|
|
Liens_Dynamiques 2.1 - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
sn0oPy
|
|
2007-01-15
|
|
Liens_Dynamiques 2.1 - 'AdminLien.php' Security Restriction Bypass
|
4 |
WEB
|
sn0oPy
|
|
2007-01-15
|
|
InstantASP 4.1 - 'Members1.aspx' Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Doz
|
|
2007-01-15
|
|
InstantASP 4.1 - 'Logon.aspx?sessionid' Cross-Site Scripting
|
4 |
WEB
|
Doz
|
|
2007-01-13
|
|
PHP-Nuke 7.x - 'Block-Old_Articles.php' SQL Injection
|
3 |
WEB
|
Paisterist
|
|
2007-01-12
|
|
All In One Control Panel 1.3.x - 'cp_downloads.php?did' SQL Injection
|
4 |
WEB
|
Coloss
|
|
2007-01-12
|
|
Ezboxx 0.7.6 Beta - Multiple Input Validation Vulnerabilities
|
4 |
WEB
|
Doron P
|
|
2007-01-11
|
|
phpBB 2.0.21 - 'privmsg.php' HTML Injection
|
3 |
WEB
|
Demential
|
|
2007-01-09
|
|
Edit-X - 'Edit_Address.php' Remote File Inclusion
|
4 |
WEB
|
IbnuSina
|
|
2007-01-07
|
|
Easy Banner Pro 2.8 - 'info.php' Remote File Inclusion
|
4 |
WEB
|
rUnViRuS
|
|
2013-11-04
|
|
Apache Tomcat 5.5.25 - Cross-Site Request Forgery
|
4 |
WEB
|
Ivano Binetti
|
|
2007-01-09
|
|
Magic Photo Storage Website - '/user/user_membership_password.php?_config[site_path]' Remote File In
|
4 |
WEB
|
IbnuSina
|
|
2007-01-09
|
|
Magic Photo Storage Website - '/user/user_extend.php?_config[site_path]' Remote File Inclusion
|
4 |
WEB
|
IbnuSina
|
|
2007-01-09
|
|
Magic Photo Storage Website - '/user/user_email.php?_config[site_path]' Remote File Inclusion
|
3 |
WEB
|
IbnuSina
|
