|
2007-03-15
|
|
Horde IMP Webmail 4.0.4 Client - Multiple Input Validation Vulnerabilities
|
20 |
WEB
|
Immerda Project Group
|
|
2007-03-13
|
|
Weekly Drawing Contest 0.0.1 - 'Check_Vote.php' Local File Inclusion
|
21 |
WEB
|
h4ck3r
|
|
2007-03-12
|
|
ClipShare 1.5.3 - 'ADODB-Connection.Inc.php' Remote File Inclusion
|
16 |
WEB
|
RaeD Hasadya
|
|
2013-11-20
|
|
PHP-Nuke 8.2.4 - Multiple Vulnerabilities
|
18 |
WEB
|
Sojobo dev team
|
|
2007-03-10
|
|
SoftNews 4.1/5.5 - '/engine/Ajax/editnews.php?root_dir' Remote File Inclusion
|
17 |
WEB
|
Hasadya Raed
|
|
2007-03-10
|
|
SoftNews 4.1/5.5 - '/engine/init.php?root_dir' Remote File Inclusion
|
16 |
WEB
|
Hasadya Raed
|
|
2007-03-10
|
|
Premod SubDog 2 - '/includes/logger_engine.php?phpbb_root_path' Remote File Inclusion
|
19 |
WEB
|
Hasadya Raed
|
|
2007-03-10
|
|
Premod SubDog 2 - '/includes/themen_portal_mitte.php?phpbb_root_path' Remote File Inclusion
|
19 |
WEB
|
Hasadya Raed
|
|
2007-03-10
|
|
Premod SubDog 2 - '/includes/functions_kb.php?phpbb_root_path' Remote File Inclusion
|
19 |
WEB
|
Hasadya Raed
|
|
2007-03-09
|
|
Duyuru Scripti - 'Goster.asp' SQL Injection
|
16 |
WEB
|
Cr@zy_King
|
|
2007-03-09
|
|
JCCorp URLShrink Free 1.3.1 - 'CreateURL.php' Remote File Inclusion
|
18 |
WEB
|
Hasadya Raed
|
|
2007-03-05
|
|
EPortfolio 1.0 - Client-Side Input Validation
|
21 |
WEB
|
Stefan Friedli
|
|
2013-11-19
|
|
Ruckus Wireless Zoneflex 2942 Wireless Access Point - Authentication Bypass
|
20 |
WEB
|
myexploit
|
|
2007-02-26
|
|
Tyger Bug Tracking System 1.1.3 - 'register.php?PATH_INFO' Cross-Site Scripting
|
17 |
WEB
|
CorryL
|
|
2007-02-26
|
|
Tyger Bug Tracking System 1.1.3 - 'login.php?PATH_INFO' Cross-Site Scripting
|
19 |
WEB
|
CorryL
|
|
2007-02-26
|
|
Tyger Bug Tracking System 1.1.3 - 'ViewBugs.php?s' SQL Injection
|
21 |
WEB
|
CorryL
|
|
2007-03-02
|
|
WordPress Core 2.1.1 - '/wp-includes/theme.php?iz' Arbitrary Command Execution
|
18 |
WEB
|
Ivan Fratric
|
|
2007-03-02
|
|
WordPress Core 2.1.1 - Arbitrary Command Execution
|
18 |
WEB
|
Ivan Fratric
|
|
2007-03-02
|
|
Woltlab Burning Board 2.3.6 - Multiple HTML Injection Vulnerabilities
|
16 |
WEB
|
Samenspender
|
|
2007-03-01
|
|
Built2go News Manager 1.0 Blog - 'rating.php?nid' Cross-Site Scripting
|
18 |
WEB
|
the_Edit0r
|
|
2007-03-01
|
|
Built2go News Manager 1.0 Blog - 'news.php' Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
the_Edit0r
|
|
2007-03-01
|
|
aWebNews 1.1 - 'listing.php?path_to_news' Remote File Inclusion
|
19 |
WEB
|
mostafa_ragab
|
|
2007-03-01
|
|
S9Y Serendipity 1.1.1 - 'index.php' SQL Injection
|
20 |
WEB
|
Samenspender
|
|
2007-02-27
|
|
WordPress Core 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
Stefan Friedli
|
|
2007-02-26
|
|
WordPress Core 2.1.1 - 'post.php' Cross-Site Scripting
|
20 |
WEB
|
Samenspender
|
|
2007-02-26
|
|
Pagesetter 6.2/6.3.0 - 'index.php' Local File Inclusion
|
17 |
WEB
|
D. Matscheko
|
|
2007-02-26
|
|
SQLiteManager 1.2 - 'main.php' Multiple HTML Injection Vulnerabilities
|
19 |
WEB
|
Simon Bonnard
|
|
2007-02-26
|
|
PHPBB2 - 'Admin_Ug_Auth.php' Administrative Bypass
|
21 |
WEB
|
Hasadya Raed
|
|
2007-02-26
|
|
Audins Audiens 3.3 - '/system/index.php?Cookie PHPSESSID' SQL Injection
|
20 |
WEB
|
r00t
|
|
2007-02-26
|
|
Audins Audiens 3.3 - 'setup.php?PATH_INFO' Cross-Site Scripting
|
19 |
WEB
|
r00t
|
|
2007-02-26
|
|
Audins Audiens 3.3 - 'unistall.php' Authentication Bypass
|
19 |
WEB
|
r00t
|
|
2013-11-18
|
|
Kaseya < 6.3.0.2 - Arbitrary File Upload
|
19 |
WEB
|
Security-Assessment.com
|
|
2013-11-18
|
|
ManageEngine Desktop Central 8.0.0 build < 80293 - Arbitrary File Upload
|
20 |
WEB
|
Security-Assessment.com
|
|
2013-11-18
|
|
Dahua DVR 2.608.0000.0/2.608.GV00.0 - Authentication Bypass (Metasploit)
|
21 |
WEB
|
Jake Reynolds
|
|
2013-11-18
|
|
LiveZilla 5.0.1.4 - Remote Code Execution
|
18 |
WEB
|
Curesec Research Team
|
|
2013-11-18
|
|
WordPress Theme Make A Statement (MaS) - Cross-Site Request Forgery
|
22 |
WEB
|
DevilScreaM
|
|
2013-11-18
|
|
WordPress Theme Amplus - Cross-Site Request Forgery
|
20 |
WEB
|
DevilScreaM
|
|
2013-11-18
|
|
WordPress Theme Dimension - Cross-Site Request Forgery
|
18 |
WEB
|
DevilScreaM
|
|
2013-11-18
|
|
WordPress Theme Euclid 1.x - Cross-Site Request Forgery
|
20 |
WEB
|
DevilScreaM
|
|
2007-02-26
|
|
SQLiteManager 1.2 - Local File Inclusion
|
18 |
WEB
|
Simon Bonnard
|
|
2007-02-26
|
|
SolarPay - 'index.php' Local File Inclusion
|
21 |
WEB
|
Hasadya Raed
|
|
2007-02-24
|
|
Docebo CMS 3.0.x - '/modules/htmlframechat/index.php' Multiple Cross-Site Scripting Vulnerabilities
|
20 |
WEB
|
r00t
|
|
2007-02-24
|
|
Docebo CMS 3.0.x - 'index.php?searchkey' Cross-Site Scripting
|
23 |
WEB
|
r00t
|
|
2007-02-24
|
|
PhotoStand 1.2 - 'index.php' Cross-Site Scripting
|
17 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/mysqlevents.php?css' Cross-Site Scripting
|
20 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/y_3.php?css' Cross-Site Scripting
|
16 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/y_2.php?css' Cross-Site Scripting
|
19 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/m_4.php?css' Cross-Site Scripting
|
17 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/m_3.php?css' Cross-Site Scripting
|
17 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/m_2.php?css' Cross-Site Scripting
|
20 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/js.php?css' Cross-Site Scripting
|
18 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/flatevents.php?css' Cross-Site Scripting
|
19 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - 'showcode.php' Local File Inclusion
|
15 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Pickle 0.3 - 'download.php' Local File Inclusion
|
17 |
WEB
|
laurent gaffie
|
|
2007-02-23
|
|
Simple one-file Gallery - 'gallery.php?f' Cross-Site Scripting
|
19 |
WEB
|
laurent gaffie
|
|
2007-02-23
|
|
Simple one-file Gallery - 'gallery.php?f' Traversal Arbitrary File Access
|
17 |
WEB
|
laurent gaffie
|
|
2007-02-23
|
|
XT:Commerce 3.04 - 'index.php' Local File Inclusion
|
18 |
WEB
|
laurent gaffie
|
|
2007-02-23
|
|
Shop Kit Plus - 'StyleCSS.php' Local File Inclusion
|
17 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
LoveCMS 1.4 - 'id' Cross-Site Scripting
|
14 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
LoveCMS 1.4 - 'load' Traversal Arbitrary File Access
|
19 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
LoveCMS 1.4 - 'step' Traversal Arbitrary File Access
|
19 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
LoveCMS 1.4 - 'step' Remote File Inclusion
|
18 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
Pheap 1.x/2.0 - 'edit.php' Directory Traversal
|
17 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
Plantilla - 'list_main_pages.php?nfolder' Traversal Arbitrary File Access
|
19 |
WEB
|
laurent gaffie
|
|
2013-11-16
|
|
Google Gmail IOS Mobile Application - Persistent Cross-Site Scripting
|
17 |
WEB
|
Ali Raza
|
|
2007-02-22
|
|
Pyrophobia 2.1.3.1 - Traversal Arbitrary File Access
|
16 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
Pyrophobia 2.1.3.1 - Cross-Site Scripting
|
19 |
WEB
|
laurent gaffie
|
|
2007-02-21
|
|
Magic News Plus 1.0.2 - 'n_layouts.php?link_parameters' Cross-Site Scripting
|
20 |
WEB
|
HACKERS PAL
|
|
2007-02-21
|
|
Magic News Plus 1.0.2 - 'news.php?&link_parameters' Cross-Site Scripting
|
18 |
WEB
|
HACKERS PAL
|
|
2007-02-21
|
|
Magic News Plus 1.0.2 - 'preview.php?PHP_script_path' Remote File Inclusion
|
20 |
WEB
|
HACKERS PAL
|
|
2007-02-21
|
|
phpTrafficA 1.4.1 - 'banref.php?lang' Traversal Local File Inclusion
|
19 |
WEB
|
Hamid Ebadi
|
|
2007-02-21
|
|
phpTrafficA 1.4.1 - 'plotStat.php?File' Traversal Local File Inclusion
|
19 |
WEB
|
Hamid Ebadi
|
|
2007-02-21
|
|
CedStat 1.31 - 'index.php' Cross-Site Scripting
|
18 |
WEB
|
sn0oPy
|
|
2007-02-21
|
|
Google Desktop - Cross-Site Scripting
|
16 |
WEB
|
Yair Amit
|
|
2007-02-20
|
|
Design4Online - 'Userpages2 Page.asp' SQL Injection
|
19 |
WEB
|
xoron
|
|
2007-02-20
|
|
AbleDesign MyCalendar 2.20.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
17 |
WEB
|
sn0oPy
|
|
2007-02-19
|
|
Powerschool 4.3.6/5.1.2 - JavaScript File Request Information Disclosure
|
19 |
WEB
|
gheetotank
|
|
2013-11-15
|
|
WBR-3406 Wireless Broadband NAT Router - Web-Console Password Change Bypass / Cross-Site Request For
|
19 |
WEB
|
Yakir Wizman
|
|
2007-02-16
|
|
Turuncu Portal 1.0 - 'H_Goster.asp' SQL Injection
|
19 |
WEB
|
chernobiLe
|
|
2007-02-16
|
|
Ezboo Webstats 3.03 - Administrative Authentication Bypass
|
19 |
WEB
|
sn0oPy
|
|
2007-02-16
|
|
Meganoide's News 1.1.1 - 'Include.php' Remote File Inclusion
|
20 |
WEB
|
KaRTaL
|
|
2007-02-16
|
|
CedStat 1.31 - 'index.php?hier' Cross-Site Scripting
|
20 |
WEB
|
sn0oPy
|
|
2007-02-15
|
|
Calendar Express - 'search.php' Cross-Site Scripting
|
18 |
WEB
|
BL4CK
|
|
2007-02-15
|
|
Deskpro 1.1 - 'faq.php' Cross-Site Scripting
|
21 |
WEB
|
BLacK ZeRo
|
|
2007-02-15
|
|
ibProArcade 2.5.9+ - 'Arcade.php' SQL Injection
|
19 |
WEB
|
sp00k
|
|
2007-02-14
|
|
WebTester 5.0.20060927 - 'typeID' SQL Injection
|
15 |
WEB
|
Moran Zavdi
|
|
2007-02-13
|
|
Fullaspsite ASP Hosting Site - 'listmain.asp?cat' SQL Injection
|
19 |
WEB
|
ShaFuck31
|
|
2007-02-13
|
|
Fullaspsite ASP Hosting Site - 'listmain.asp?cat' Cross-Site Scripting
|
19 |
WEB
|
ShaFuck31
|
|
2007-02-13
|
|
TaskFreak! 0.5.5 - 'error.php' Cross-Site Scripting
|
17 |
WEB
|
Spiked
|
|
2007-02-12
|
|
WordPress Core 1.x/2.0.x - 'Templates.php' Cross-Site Scripting
|
19 |
WEB
|
PsychoGun
|
|
2007-02-12
|
|
Community Server - 'SearchResults.aspx' Cross-Site Scripting
|
19 |
WEB
|
BL4CK
|
|
2007-02-12
|
|
EWay 4 - Default.APSX Cross-Site Scripting
|
17 |
WEB
|
BLacK ZeRo
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/wordfilter.php?Admin' Remote File Inclusion
|
17 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/updatefilter.php?Admin' Remote File Inclusion
|
22 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/updateconf.php?Admin' Remote File Inclusion
|
16 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/readconf.php?Admin' Remote File Inclusion
|
20 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/index.php?adminpath' Remote File Inclusion
|
19 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/verify.php?configpath' Remote File Inclusion
|
17 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/manageTagmins.php?configpath' Remote File Inclusion
|
20 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/editTag.php?configpath' Remote File Inclusion
|
18 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/editTagmin.php?configpath' Remote File Inclusion
|
18 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/delTag.php?configpath' Remote File Inclusion
|
20 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/delTagmin.php?configpath' Remote File Inclusion
|
18 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/ban_watch.php?configpath' Remote File Inclusion
|
17 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/addTagmin.php?configpath' Remote File Inclusion
|
17 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - '/CONFIG/errmsg.inc.php?configpath' Remote File Inclusion
|
18 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - 'tag_process.php' Multiple Remote File Inclusions
|
24 |
WEB
|
K-159
|
|
2007-02-12
|
|
Tagit! Tagit2b 2.1.B Build 2 - 'tagviewer.php' Multiple Remote File Inclusions
|
22 |
WEB
|
K-159
|
|
2007-02-09
|
|
Atlassian JIRA 3.7.3 - BrowseProject.JSPA Cross-Site Scripting
|
22 |
WEB
|
BL4CK
|
|
2007-02-09
|
|
eXtreme File Hosting - Arbitrary '.RAR' File Upload
|
16 |
WEB
|
hamed bazargani
|
|
2007-02-08
|
|
cPanel 11 - PassWDMySQL Cross-Site Scripting
|
22 |
WEB
|
s3rv3r_hack3r
|
|
2007-02-07
|
|
SYSCP 1.2.15 - System Control Panel CronJob Arbitrary Code Execution
|
18 |
WEB
|
Daniel Schulte
|
|
2013-11-13
|
|
TOSHIBA e-Studio 232/233/282/283 - Cross-Site Request Forgery (Change Admin Password)
|
21 |
WEB
|
Hubert Gradek
|
|
2007-02-06
|
|
MySQLNewsEngine - 'Affichearticles.php3' Remote File Inclusion
|
22 |
WEB
|
Blaster
|
|
2007-02-05
|
|
Coppermine Photo Gallery 1.4.10 - Multiple Local/Remote File Inclusions
|
18 |
WEB
|
anonymous
|
|
2007-02-05
|
|
Adobe ColdFusion 6/7 - User_Agent Error Page Cross-Site Scripting
|
18 |
WEB
|
digi7al64
|
|
2007-02-03
|
|
PortailPHP 2 - '/mod_search/index.php?chemin' Remote File Inclusion
|
22 |
WEB
|
laurent gaffie
|
|
2007-02-03
|
|
PortailPHP 2 - '/mod_news/goodies.php?chemin' Remote File Inclusion
|
23 |
WEB
|
laurent gaffie
|
|
2007-02-03
|
|
PortailPHP 2 - '/mod_news/index.php?chemin' Remote File Inclusion
|
21 |
WEB
|
laurent gaffie
|
|
2007-02-03
|
|
PortailPHP 2 - '/mod_news/goodies.php?chemin' Traversal Arbitrary File Access
|
24 |
WEB
|
laurent gaffie
|
|
2007-02-03
|
|
PortailPHP 2 - '/mod_news/index.php?chemin' Traversal Arbitrary File Access
|
23 |
WEB
|
laurent gaffie
|
|
2007-02-02
|
|
Uebimiau 2.7.10 - 'index.php' Cross-Site Scripting
|
26 |
WEB
|
Doz
|
|
2007-02-02
|
|
PHPProbid 5.24 - 'Lang.php' Remote File Inclusion
|
22 |
WEB
|
Hasadya Raed
|
|
2007-02-02
|
|
EasyMoblog 0.5.1 - Multiple Input Validation Vulnerabilities
|
22 |
WEB
|
Tal Argoni
|
|
2007-01-31
|
|
OpenEMR 2.8.2 - 'Login_Frame.php' Cross-Site Scripting
|
16 |
WEB
|
Michael Melewski
|
