|
2006-11-08
|
|
PHPBuilder 0.0.2 - 'HTM2PHP.php' Directory Traversal
|
6 |
WEB
|
the master
|
|
2006-12-20
|
|
Oracle Portal 9.0.2 - Calendar.jsp Multiple HTTP Response Splitting Vulnerabilities
|
7 |
WEB
|
putosoft softputo
|
|
2006-12-20
|
|
Typo3 3.7/3.8/4.0 - 'Class.TX_RTEHTMLArea_PI1.php' Multiple Remote Command Execution Vulnerabilities
|
7 |
WEB
|
D. Fabian
|
|
2006-12-19
|
|
Mini Web Shop 2.1.c - 'view.php?Viewcategory.php' Cross-Site Scripting
|
7 |
WEB
|
Linux_Drox
|
|
2006-12-19
|
|
osTicket 1.2/1.3 Support Cards - 'view.php' Cross-Site Scripting
|
8 |
WEB
|
Hacker CooL
|
|
2006-12-18
|
|
Knusperleicht Shoutbox 2.6 - 'Shout.php' HTML Injection
|
7 |
WEB
|
IMHOT3B
|
|
2006-12-16
|
|
Contra Haber Sistemi 1.0 - 'Haber.asp' SQL Injection
|
7 |
WEB
|
ShaFuck31
|
|
2013-10-29
|
|
XAMPP for Windows 1.8.2 - Blind SQL Injection
|
7 |
WEB
|
Sebastián Magof
|
|
2006-12-16
|
|
eXtreme-fusion 4.02 - 'Fusion_Forum_View.php' Local File Inclusion
|
7 |
WEB
|
Kacper
|
|
2006-12-16
|
|
Omniture SiteCatalyst - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Hackers Center Security
|
|
2006-12-14
|
|
Moodle 1.5/1.6 - '/mod/forum/discuss.php?navtail' Cross-Site Scripting
|
7 |
WEB
|
Jose Miguel Yanez Venegas
|
|
2006-12-14
|
|
GenesisTrader 1.0 - 'form.php' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Mr_KaLiMaN
|
|
2006-12-14
|
|
GenesisTrader 1.0 - 'form.php' Arbitrary File Source Disclosure
|
7 |
WEB
|
Mr_KaLiMaN
|
|
2013-10-29
|
|
GTX CMS 2013 Optima - SQL Injection
|
7 |
WEB
|
Vulnerability-Lab
|
|
2013-10-29
|
|
Olat CMS 7.8.0.1 - Persistent Cross-Site Scripting
|
7 |
WEB
|
Vulnerability-Lab
|
|
2006-12-13
|
|
Work System eCommerce 3.0.3/3.0.4 - 'forum.php' Remote File Inclusion
|
7 |
WEB
|
the_Edit0r
|
|
2006-12-11
|
|
Lotfian Request For Travel 1.0 - 'ProductDetails.asp' SQL Injection
|
8 |
WEB
|
ajann
|
|
2006-12-11
|
|
Netwin SurgeFTP 2.3a1 - 'SurgeFTPMGR.cgi' Multiple Input Validation Vulnerabilities
|
7 |
WEB
|
Umesh Wanve
|
|
2013-10-29
|
|
Horde Groupware Web Mail Edition 5.1.2 - Cross-Site Request Forgery (1)
|
7 |
WEB
|
Marcela Benetrix
|
|
2006-12-11
|
|
CMS Made Simple 1.0.2 - 'SearchInput' Cross-Site Scripting
|
7 |
WEB
|
Nicokiller
|
|
2006-12-09
|
|
AppIntellect SpotLight CRM - 'login.asp' SQL Injection
|
7 |
WEB
|
ajann
|
|
2006-12-09
|
|
MXBB Profile Control Panel 0.91c - Module Remote File Inclusion
|
7 |
WEB
|
bd0rk
|
|
2006-12-09
|
|
ProNews 1.5 - 'lire-avis.php?aa' Cross-Site Scripting
|
7 |
WEB
|
Mr_KaLiMaN
|
|
2006-12-09
|
|
ProNews 1.5 - 'lire-avis.php?aa' SQL Injection
|
7 |
WEB
|
Mr_KaLiMaN
|
|
2006-12-09
|
|
ProNews 1.5 - '/admin/change.php' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Mr_KaLiMaN
|
|
2013-10-29
|
|
Stem Innovation - 'IZON' Hard-Coded Credentials
|
7 |
WEB
|
Mark Stanislav
|
|
2013-10-29
|
|
ILIAS eLearning CMS 4.3.4 < 4.4 - Persistent Cross-Site Scripting
|
8 |
WEB
|
Vulnerability-Lab
|
|
2013-10-28
|
|
Onpub CMS 1.4/1.5 - Multiple SQL Injections
|
7 |
WEB
|
Vulnerability-Lab
|
|
2013-10-28
|
|
Pirelli Discus DRG A125g - Password Disclosure
|
7 |
WEB
|
Sebastián Magof
|
|
2013-10-28
|
|
PHP RSS Reader 2010 - SQL Injection
|
6 |
WEB
|
mishal abdullah
|
|
2006-12-09
|
|
KDPics 1.11/1.16 - 'galeries.inc.php3?categories' Cross-Site Scripting
|
7 |
WEB
|
Mr_KaLiMaN
|
|
2006-12-09
|
|
KDPics 1.11/1.16 - 'index.php3?categories' Cross-Site Scripting
|
7 |
WEB
|
Mr_KaLiMaN
|
|
2006-12-09
|
|
AnnonceScriptHP 2.0 - 'voirannonce.php?no' SQL Injection
|
7 |
WEB
|
Mr_KaLiMaN
|
|
2006-12-09
|
|
AnnonceScriptHP 2.0 - 'email.php?id' SQL Injection
|
7 |
WEB
|
Mr_KaLiMaN
|
|
2006-12-09
|
|
AnnonceScriptHP 2.0 - '/admin/admin_config/Aide.php?email' Cross-Site Scripting
|
7 |
WEB
|
Mr_KaLiMaN
|
|
2006-12-09
|
|
AnnonceScriptHP 2.0 - 'membre.dwt.php?email' Cross-Site Scripting
|
7 |
WEB
|
Mr_KaLiMaN
|
|
2006-12-09
|
|
AnnonceScriptHP 2.0 - '/Templates/commun.dwt.php?email' Cross-Site Scripting
|
7 |
WEB
|
Mr_KaLiMaN
|
|
2006-12-09
|
|
AnnonceScriptHP 2.0 - '/Templates/admin.dwt.php?email' Cross-Site Scripting
|
7 |
WEB
|
Mr_KaLiMaN
|
|
2006-12-09
|
|
AnnonceScriptHP 2.0 - 'erreurinscription.php?email' Cross-Site Scripting
|
7 |
WEB
|
Mr_KaLiMaN
|
|
2006-12-09
|
|
AnnonceScriptHP 2.0 - '/admin/admin_membre/fiche_membre.php?idmembre' SQL Injection
|
6 |
WEB
|
Mr_KaLiMaN
|
|
2006-12-09
|
|
Messageriescripthp 2.0 - '/Contact/contact.php' Multiple Cross-Site Scripting Vulnerabilities
|
6 |
WEB
|
Mr_KaLiMaN
|
|
2006-12-09
|
|
Messageriescripthp 2.0 - 'existeemail.php?email' Cross-Site Scripting
|
7 |
WEB
|
Mr_KaLiMaN
|
|
2006-12-09
|
|
Messageriescripthp 2.0 - 'existepseudo.php?pseudo' Cross-Site Scripting
|
7 |
WEB
|
Mr_KaLiMaN
|
|
2006-12-09
|
|
Messageriescripthp 2.0 - 'lire-avis.php?aa' SQL Injection
|
7 |
WEB
|
Mr_KaLiMaN
|
|
2006-12-09
|
|
MaviPortal - 'Arama.asp' Cross-Site Scripting
|
7 |
WEB
|
St@rExT
|
|
2006-12-08
|
|
Cilem Haber Free Edition - 'hata.asp?hata' Cross-Site Scripting
|
7 |
WEB
|
ShaFuck31
|
|
2006-12-08
|
|
cPanel Web Hosting Manager 3.1 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Aria-Security Team
|
|
2006-12-08
|
|
cPanel 11 BoxTrapper - Manage.HTML Cross-Site Scripting
|
7 |
WEB
|
Aria-Security Team
|
|
2006-11-18
|
|
Link CMS - 'prikazInformacije.php?IDStranicaPodaci' SQL Injection
|
7 |
WEB
|
Ivan Markovic
|
|
2006-11-18
|
|
Link CMS - 'navigacija.php?IDMeniGlavni' SQL Injection
|
7 |
WEB
|
Ivan Markovic
|
|
2006-12-06
|
|
Dol Storye - 'Dettaglio.asp' Multiple SQL Injections
|
7 |
WEB
|
WarGame
|
|
2006-12-04
|
|
Vt-Forum Lite 1.3 - 'vf_newtopic.asp' IFRAME Element Cross-Site Scripting
|
7 |
WEB
|
St@rExT
|
|
2006-12-04
|
|
Vt-Forum Lite 1.3 - 'vf_info.asp?StrMes' Cross-Site Scripting
|
7 |
WEB
|
St@rExT
|
|
2006-12-04
|
|
ac4p Mobile - 'polls.php' Multiple Cross-Site Scripting Vulnerabilities (2)
|
7 |
WEB
|
SwEET-DeViL
|
|
2006-12-04
|
|
ac4p Mobile - 'up.php?Taaa' Cross-Site Scripting
|
7 |
WEB
|
SwEET-DeViL
|
|
2006-12-04
|
|
UApplication Uguestbook 1.0 - 'index.asp' SQL Injection
|
7 |
WEB
|
Aria-Security Team
|
|
2006-12-04
|
|
Inside Systems Mail 2.0 - 'error.php' Cross-Site Scripting
|
7 |
WEB
|
Vicente Aguilera Diaz
|
|
2006-12-04
|
|
Cerberus Helpdesk 2.x - 'Spellwin.php' Cross-Site Scripting
|
7 |
WEB
|
En Douli
|
|
2006-12-04
|
|
BlueSocket BSC 2100 5.0/5.1 - Admin.pl Cross-Site Scripting
|
6 |
WEB
|
Jesus Olmos Gonzalez
|
|
2006-12-04
|
|
Metyus Okul Yonetim 1.0 - 'Sistemi Uye_giris_islem.asp' SQL Injection
|
7 |
WEB
|
ShaFuck31
|
|
2006-12-02
|
|
DUdownload 1.0/1.1 - 'detail.asp' Multiple SQL Injections
|
7 |
WEB
|
Aria-Security Team
|
|
2006-12-02
|
|
PHPNews 1.3 - 'Link_Temp.php' Cross-Site Scripting
|
7 |
WEB
|
Detefix
|
|
2006-12-02
|
|
CuteNews 1.3.6 - 'result' Cross-Site Scripting
|
7 |
WEB
|
Detefix
|
|
2006-12-01
|
|
Aspee Ziyaretci Defteri - 'giris.asp' Multiple Field SQL Injections
|
7 |
WEB
|
ShaFuq31
|
|
2006-12-27
|
|
FreeQBoard 1.0/1.1 - 'QB_Path' Multiple Remote File Inclusions
|
7 |
WEB
|
Shell
|
|
2013-10-26
|
|
WordPress Theme Curvo - Cross-Site Request Forgery / Arbitrary File Upload
|
7 |
WEB
|
Byakuya Kouta
|
|
2006-12-01
|
|
DZCP (deV!L_z Clanportal) 1.3.6 - 'Show' SQL Injection
|
7 |
WEB
|
Tim Weber
|
|
2006-12-01
|
|
Invision Gallery 2.0.7 - 'index.php?IMG' SQL Injection
|
7 |
WEB
|
infection
|
|
2006-11-30
|
|
Woltlab Burning Board 2.3.x - 'register.php' Cross-Site Scripting
|
7 |
WEB
|
blueshisha
|
|
2006-11-30
|
|
Seditio1.10 / Land Down 8.0 Under - 'polls.php' SQL Injection
|
7 |
WEB
|
ajann
|
|
2006-11-16
|
|
b2evolution 1.8.2/1.9 - '_referer_spam.page.php' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
lotto fischer
|
|
2006-11-16
|
|
b2evolution 1.8.2/1.9 - '_410_stats_gone.page.php?app_name' Cross-Site Scripting
|
8 |
WEB
|
lotto fischer
|
|
2006-11-16
|
|
b2evolution 1.8.2/1.9 - '_404_not_found.page.php' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
lotto fischer
|
|
2006-11-27
|
|
Evolve Shopping Cart - 'products.asp' SQL Injection
|
8 |
WEB
|
Aria-Security Team
|
|
2006-11-27
|
|
uPhotoGallery 1.1 - 'thumbnails.asp?ci' SQL Injection
|
6 |
WEB
|
Aria-Security Team
|
|
2006-11-27
|
|
uPhotoGallery 1.1 - 'Slideshow.asp?ci' SQL Injection
|
7 |
WEB
|
Aria-Security Team
|
|
2006-11-27
|
|
Click Gallery - Multiple Input Validation Vulnerabilities
|
7 |
WEB
|
Aria-Security Team
|
|
2006-11-27
|
|
Clickblog - 'Displaycalendar.asp' SQL Injection
|
7 |
WEB
|
Aria-Security Team
|
|
2006-11-27
|
|
ClickContact - 'default.asp' Multiple SQL Injections
|
7 |
WEB
|
Aria-Security Team
|
|
2006-11-25
|
|
fipsShop - Multiple SQL Injections
|
6 |
WEB
|
Aria-Security Team
|
|
2006-11-25
|
|
cPanel WebHost Manager 3.1 - 'park?ndomain' Cross-Site Scripting
|
7 |
WEB
|
Aria-Security Team
|
|
2006-11-25
|
|
cPanel WebHost Manager 3.1 - 'dofeaturemanager?feature' Cross-Site Scripting
|
7 |
WEB
|
Aria-Security Team
|
|
2006-11-25
|
|
cPanel WebHost Manager 3.1 - 'editzone?domain' Cross-Site Scripting
|
7 |
WEB
|
Aria-Security Team
|
|
2006-11-25
|
|
cPanel WebHost Manager 3.1 - 'domts2?domain' Cross-Site Scripting
|
7 |
WEB
|
Aria-Security Team
|
|
2006-11-25
|
|
cPanel WebHost Manager 3.1 - 'editpkg?pkg' Cross-Site Scripting
|
7 |
WEB
|
Aria-Security Team
|
|
2006-11-25
|
|
cPanel WebHost Manager 3.1 - 'addon_configsupport.cgi?supporturl' Cross-Site Scripting
|
7 |
WEB
|
Aria-Security Team
|
|
2006-11-25
|
|
cPanel WebHost Manager 3.1 - 'dochangeemail?email' Cross-Site Scripting
|
7 |
WEB
|
Aria-Security Team
|
|
2006-11-25
|
|
cPanel 11 Beta - Multiple Cross-Site Scripting Vulnerabilities
|
6 |
WEB
|
Aria-Security Team
|
|
2006-11-25
|
|
SIAP CMS - 'login.asp' SQL Injection
|
5 |
WEB
|
nagazakig74
|
|
2006-11-24
|
|
Fixit iDms Pro Image Gallery - 'showfile.asp?fid' SQL Injection
|
7 |
WEB
|
Aria-Security Team
|
|
2006-11-24
|
|
Fixit iDms Pro Image Gallery - 'filelist.asp' Multiple SQL Injections
|
7 |
WEB
|
Aria-Security Team
|
|
2006-11-24
|
|
MMGallery 1.55 - 'Thumbs.php' Cross-Site Scripting
|
7 |
WEB
|
Al7ejaz Hacker
|
|
2006-11-24
|
|
ASP ListPics 5.0 - 'Listpics.asp' SQL Injection
|
7 |
WEB
|
Aria-Security Team
|
|
2006-11-24
|
|
Simple PHP Gallery 1.1 - 'System SP_Index.php' Cross-Site Scripting
|
7 |
WEB
|
Al7ejaz Hacker
|
|
2006-11-24
|
|
MidiCart ASP - 'Item_Show.asp?ID2006quant' SQL Injection
|
7 |
WEB
|
Aria-Security Team
|
|
2006-11-23
|
|
Active PHP BookMarks 1.1.2 - Multiple Remote File Inclusions
|
7 |
WEB
|
ThE-LoRd-Of-CrAcKiNg
|
|
2006-11-22
|
|
PMOS Help Desk 2.3 - 'ticket.php?email' Cross-Site Scripting
|
7 |
WEB
|
SwEET-DeViL
|
|
2006-11-22
|
|
PMOS Help Desk 2.3 - 'ticketview.php' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
SwEET-DeViL
|
|
2006-11-21
|
|
My Little Weblog 2006.11.21 - 'Weblog.php' Cross-Site Scripting
|
7 |
WEB
|
the_Edit0r
|
|
2006-11-21
|
|
CuteNews 1.4.5 - 'rss_title' Cross-Site Scripting
|
7 |
WEB
|
Alireza Hassani
|
|
2006-11-21
|
|
CuteNews 1.4.5 - 'show_news.php' Cross-Site Scripting
|
6 |
WEB
|
Alireza Hassani
|
|
2006-11-21
|
|
Seditio 1.10 - 'Users.Profile.Inc.php' SQL Injection
|
7 |
WEB
|
Mustafa Can Bjorn
|
|
2006-11-21
|
|
CreaDirectory 1.2 - 'search.asp?search' Cross-Site Scripting
|
7 |
WEB
|
laurent gaffie
|
|
2006-11-21
|
|
CreaDirectory 1.2 - 'addlisting.asp?cat' Cross-Site Scripting
|
7 |
WEB
|
laurent gaffie
|
|
2006-11-21
|
|
CreaDirectory 1.2 - 'search.asp?category' SQL Injection
|
7 |
WEB
|
laurent gaffie
|
|
2006-11-21
|
|
JiRos Link Manager 1.0 - 'viewlinks.asp?categoryId' SQL Injection
|
7 |
WEB
|
laurent gaffie
|
|
2006-11-21
|
|
JiRos Link Manager 1.0 - 'openlink.asp?LinkID' SQL Injection
|
7 |
WEB
|
laurent gaffie
|
|
2006-11-21
|
|
Link Exchange Lite 1.0 - Multiple SQL Injections
|
7 |
WEB
|
laurent gaffie
|
|
2013-10-24
|
|
WordPress Theme SAICO 1.0 < 1.0.2 - Arbitrary File Upload
|
7 |
WEB
|
Byakuya Kouta
|
|
2006-11-20
|
|
Wabbit PHP Gallery 0.9 - 'Dir' Directory Traversal
|
7 |
WEB
|
the_Edit0r
|
|
2006-11-20
|
|
Klf-Realty 2.0 - 'detail.asp?property_id' SQL Injection
|
7 |
WEB
|
laurent gaffie
|
|
2006-11-20
|
|
Klf-Realty 2.0 - 'search_listing.asp' Multiple SQL Injections
|
7 |
WEB
|
laurent gaffie
|
|
2006-11-20
|
|
The Classified Ad System 3.0 - 'default.asp' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
laurent gaffie
|
|
2006-11-20
|
|
Rapid Classified 3.1 - 'advsearch.asp' Cross-Site Scripting
|
7 |
WEB
|
laurent gaffie
|
|
2006-11-20
|
|
Rapid Classified 3.1 - 'reply.asp' Cross-Site Scripting
|
8 |
WEB
|
laurent gaffie
|
|
2006-11-20
|
|
Rapid Classified 3.1 - 'search.asp' Cross-Site Scripting
|
7 |
WEB
|
laurent gaffie
|
|
2006-11-20
|
|
Rapid Classified 3.1 - 'view_print.asp' Cross-Site Scripting
|
7 |
WEB
|
laurent gaffie
|
|
2006-11-20
|
|
Rapid Classified 3.1 - 'viewad.asp' SQL Injection
|
8 |
WEB
|
laurent gaffie
|
|
2013-10-22
|
|
ARRIS DG860A - NVRAM Backup Password Disclosure
|
7 |
WEB
|
Justin Oberdorf
|
|
2006-11-20
|
|
Vikingboard 0.1.2 - 'admin.php?act' Traversal Arbitrary File Access
|
7 |
WEB
|
laurent gaffie
|
|
2006-11-20
|
|
Gnews Publisher - Multiple SQL Injections
|
7 |
WEB
|
Aria-Security Team
|
|
2006-11-20
|
|
Enthrallweb eHomes - 'result.asp' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
laurent gaffie
|
|
2006-11-20
|
|
Enthrallweb eHomes - 'result.asp' Multiple SQL Injections
|
7 |
WEB
|
laurent gaffie
|
|
2006-11-20
|
|
Enthrallweb eHomes - 'compareHomes.asp' Multiple SQL Injections
|
6 |
WEB
|
laurent gaffie
|
|
2006-11-20
|
|
Enthrallweb eHomes - 'homeDetail.asp?AD_ID' SQL Injection
|
6 |
WEB
|
laurent gaffie
|
