|
2006-11-12
|
|
DirectAdmin 1.28/1.29 - 'CMD_EMAIL_VACATION_MODIFY' Cross-Site Scripting
|
25 |
WEB
|
Aria-Security Team
|
|
2006-11-12
|
|
DirectAdmin 1.28/1.29 - 'CMD_TICKET' Cross-Site Scripting
|
24 |
WEB
|
Aria-Security Team
|
|
2006-11-12
|
|
DirectAdmin 1.28/1.29 - 'CMD_EMAIL_FORWARDER_MODIFY' Cross-Site Scripting
|
25 |
WEB
|
Aria-Security Team
|
|
2006-11-12
|
|
DirectAdmin 1.28/1.29 - 'CMD_TICKET_CREATE' Cross-Site Scripting
|
20 |
WEB
|
Aria-Security Team
|
|
2006-11-12
|
|
DirectAdmin 1.28/1.29 - 'CMD_SHOW_USER' Cross-Site Scripting
|
20 |
WEB
|
Aria-Security Team
|
|
2006-11-12
|
|
DirectAdmin 1.28/1.29 - 'CMD_SHOW_RESELLER' Cross-Site Scripting
|
15 |
WEB
|
Aria-Security Team
|
|
2006-11-12
|
|
PHPdebug 1.1 - 'Debug_test.php' Remote File Inclusion
|
22 |
WEB
|
Firewall
|
|
2013-10-16
|
|
WebTester 5.x - Multiple Vulnerabilities
|
17 |
WEB
|
X-Cisadane
|
|
2006-11-13
|
|
INFINICART - 'browsesubcat.asp' Multiple SQL Injections
|
20 |
WEB
|
laurent gaffie
|
|
2006-11-13
|
|
INFINICART - 'added_to_cart.asp?ProductID' SQL Injection
|
18 |
WEB
|
laurent gaffie
|
|
2006-11-13
|
|
INFINICART - 'browse_group.asp?groupid' SQL Injection
|
17 |
WEB
|
laurent gaffie
|
|
2006-11-13
|
|
INFINICART - 'login.asp' Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
laurent gaffie
|
|
2006-11-13
|
|
INFINICART - 'sendpassword.asp?email' Cross-Site Scripting
|
24 |
WEB
|
laurent gaffie
|
|
2006-11-13
|
|
INFINICART - 'search.asp?search' Cross-Site Scripting
|
21 |
WEB
|
laurent gaffie
|
|
2006-11-13
|
|
Roundcube Webmail 0.1 - 'index.php' Cross-Site Scripting
|
17 |
WEB
|
RSnake
|
|
2006-11-13
|
|
ASP Portal 2.0/3.x/4.0 - 'Default1.asp' SQL Injection
|
19 |
WEB
|
ajann
|
|
2006-11-14
|
|
20/20 Real Estate 3.2 - 'listings.asp' SQL Injection
|
20 |
WEB
|
Aria-Security Team
|
|
2006-11-13
|
|
cPanel 10 - 'newuser.html' Multiple Cross-Site Scripting Vulnerabilities
|
24 |
WEB
|
Aria-Security Team
|
|
2006-11-13
|
|
cPanel 10 - 'seldir.html?dir' Cross-Site Scripting
|
20 |
WEB
|
Aria-Security Team
|
|
2006-11-11
|
|
WordPress Core 2.0.5 - 'functions.php' Remote File Inclusion
|
22 |
WEB
|
_ANtrAX_
|
|
2013-10-15
|
|
DornCMS Application 1.4 - Multiple Web Vulnerabilities
|
21 |
WEB
|
Vulnerability-Lab
|
|
2013-10-15
|
|
Apple iOS 7.0.2 - Sim Lock Screen Display Bypass
|
20 |
WEB
|
Vulnerability-Lab
|
|
2013-10-15
|
|
UbiDisk File Manager 2.0 iOS - Multiple Web Vulnerabilities
|
20 |
WEB
|
Vulnerability-Lab
|
|
2013-10-15
|
|
OliveOffice Mobile Suite 2.0.3 iOS - Local File Inclusion
|
19 |
WEB
|
Vulnerability-Lab
|
|
2013-10-15
|
|
My File Explorer 1.3.1 iOS - Multiple Web Vulnerabilities
|
22 |
WEB
|
Vulnerability-Lab
|
|
2013-10-15
|
|
Zabbix 2.0.8 - SQL Injection / Remote Code Execution (Metasploit)
|
21 |
WEB
|
Jason Kratzer
|
|
2013-10-15
|
|
Dolibarr ERP/CRM 3.4.0 - 'exportcsv.php?sondage' SQL Injection
|
23 |
WEB
|
drone
|
|
2013-10-15
|
|
WordPress Plugin Dexs PM System - (Authenticated) Persistent Cross-Site Scripting
|
23 |
WEB
|
TheXero
|
|
2006-11-11
|
|
ExoPHPDesk 1.2 - 'Pipe.php' Remote File Inclusion
|
22 |
WEB
|
Firewall1954
|
|
2006-11-10
|
|
Bitweaver 1.x - '/wiki/list_pages.php?sort_mode' SQL Injection
|
24 |
WEB
|
laurent gaffie
|
|
2006-11-10
|
|
Bitweaver 1.x - '/wiki/orphan_pages.php?sort_mode' SQL Injection
|
17 |
WEB
|
laurent gaffie
|
|
2006-11-10
|
|
Bitweaver 1.x - '/fisheye/index.php?sort_mode' SQL Injection
|
20 |
WEB
|
laurent gaffie
|
|
2013-10-14
|
|
aMSN 0.98.9 Web App - Multiple Vulnerabilities
|
20 |
WEB
|
drone
|
|
2013-10-14
|
|
WordPress Plugin Cart66 1.5.1.14 - Multiple Vulnerabilities
|
19 |
WEB
|
absane
|
|
2013-10-14
|
|
StatusNet/Laconica 0.7.4/0.8.2/0.9.0beta3 - Arbitrary File Reading
|
20 |
WEB
|
spiderboy
|
|
2006-11-10
|
|
Bitweaver 1.x - '/fisheye/list_galleries.php?sort_mode' SQL Injection
|
22 |
WEB
|
laurent gaffie
|
|
2006-11-10
|
|
Bitweaver 1.x - '/blogs/list_blogs.php?sort_mode' SQL Injection
|
26 |
WEB
|
laurent gaffie
|
|
2006-11-09
|
|
Omnistar Article Manager - Multiple SQL Injections
|
18 |
WEB
|
Benjamin Moss
|
|
2006-11-09
|
|
LandShop 0.6.3 - 'ls.php' Multiple SQL Injections
|
21 |
WEB
|
laurent gaffie
|
|
2006-11-09
|
|
LandShop 0.6.3 - 'ls.php' Multiple Cross-Site Scripting Vulnerabilities
|
23 |
WEB
|
laurent gaffie
|
|
2006-11-09
|
|
bitweaver 1.x - '/newsletters/edition.php?tk' SQL Injection
|
21 |
WEB
|
laurent gaffie
|
|
2006-11-08
|
|
Speedywiki 2.0/2.1 - Multiple Input Validation Vulnerabilities
|
19 |
WEB
|
laurent gaffie
|
|
2006-11-08
|
|
Portix-PHP 0.4.2 - Multiple SQL Injections
|
24 |
WEB
|
Benjamin Moss
|
|
2006-11-08
|
|
PHPMyChat Plus 1.9 - Multiple Local File Inclusions
|
22 |
WEB
|
ajann
|
|
2006-11-08
|
|
Abarcar Realty Portal 5.1.5/6.0.1 - Multiple SQL Injections
|
18 |
WEB
|
Benjamin Moss
|
|
2006-11-08
|
|
FreeWebShop 2.1/2.2 - 'index.php?cat' Cross-Site Scripting
|
20 |
WEB
|
laurent gaffie
|
|
2006-11-08
|
|
FreeWebShop 2.1/2.2 - 'index.php?page' Traversal Arbitrary File Access
|
19 |
WEB
|
laurent gaffie
|
|
2006-11-08
|
|
Immediacy .NET CMS 5.2 - 'Logon.aspx' Cross-Site Scripting
|
20 |
WEB
|
Gemma Hughes
|
|
2006-11-08
|
|
PHPMyChat 0.14/0.15 - 'Languages.Lib.php' Local File Inclusion
|
18 |
WEB
|
ajann
|
|
2006-11-07
|
|
Kayako SupportSuite 3.0.32 - 'index.php' Cross-Site Scripting
|
19 |
WEB
|
Dr.HAiL
|
|
2006-11-07
|
|
IPManager 2.3 - 'index.php' Cross-Site Scripting
|
16 |
WEB
|
spaceballyopsolo
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_show_page_help.php' Full Path Disclosure
|
17 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_show_ec_products.php' Full Path Disclosure
|
16 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - Multiple Vulnerabilities
|
19 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_links_search.php' SQL Injection
|
18 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_codice_fiscale.php' SQL Injection
|
18 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_users_online.php' SQL Injection
|
19 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_login.php' SQL Injection
|
19 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_show_ec_products.php' SQL Injection
|
18 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_contact_us.php' SQL Injection
|
15 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_links.php' SQL Injection
|
21 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_newsletter.php' SQL Injection
|
17 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_edit_user.php' SQL Injection
|
15 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_forum_view.php' SQL Injection
|
14 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_news.php' SQL Injection
|
19 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_dpage.php' SQL Injection
|
18 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'load_page' Remote File Inclusion
|
19 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_links_search.php' Cross-Site Scripting
|
18 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_users_online.php' Cross-Site Scripting
|
17 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_show_ec_products.php' Cross-Site Scripting
|
21 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_dpage.php' Cross-Site Scripting
|
17 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_forum_view.php' Cross-Site Scripting
|
18 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
Xoops 2.0.5 - 'NewList.php' Cross-Site Scripting
|
22 |
WEB
|
CvIr.System
|
|
2006-11-06
|
|
@cid Stats 2.3 - 'Install.php3' Remote File Inclusion
|
21 |
WEB
|
Mahmood_ali
|
|
2006-11-04
|
|
PHPKit 1.6.1 - 'popup.php' SQL Injection
|
18 |
WEB
|
x23
|
|
2006-11-04
|
|
IF-CMS - 'index.php' Cross-Site Scripting
|
19 |
WEB
|
Benjamin Moss
|
|
2006-11-03
|
|
Advanced Guestbook 2.3.1 - 'admin.php' Remote File Inclusion
|
19 |
WEB
|
BrokeN-ProXy
|
|
2006-11-03
|
|
Simplog 0.9.3 - 'archive.php?PID' Cross-Site Scripting
|
21 |
WEB
|
Benjamin Moss
|
|
2006-11-03
|
|
Simplog 0.9.3 - 'BlogID' Multiple SQL Injections
|
20 |
WEB
|
Benjamin Moss
|
|
2006-11-03
|
|
ac4p Mobile - '/cp/index.php?pagenav' Cross-Site Scripting
|
18 |
WEB
|
AL-garnei
|
|
2006-11-03
|
|
ac4p Mobile - 'up.php' Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
AL-garnei
|
|
2006-11-03
|
|
ac4p Mobile - 'send.php?cats' Cross-Site Scripting
|
20 |
WEB
|
AL-garnei
|
|
2006-11-03
|
|
ac4p Mobile - 'polls.php' Multiple Cross-Site Scripting Vulnerabilities (1)
|
17 |
WEB
|
AL-garnei
|
|
2006-11-03
|
|
ac4p Mobile - 'MobileNews.php' Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
AL-garnei
|
|
2006-11-03
|
|
ac4p Mobile - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
15 |
WEB
|
AL-garnei
|
|
2006-11-07
|
|
NewP News Publishing System 1.0 - 'Class.Database.php' Remote File Inclusion
|
17 |
WEB
|
navairum
|
|
2006-11-02
|
|
FreeWebShop 2.2 - 'index.php' SQL Injection
|
17 |
WEB
|
Spiked
|
|
2006-11-02
|
|
RunCMS 1.x - Avatar Arbitrary File Upload
|
18 |
WEB
|
securfrog
|
|
2006-11-08
|
|
KnowledgeBuilder 2.2 - 'visEdit_Control.Class.php' Remote File Inclusion
|
22 |
WEB
|
igi
|
|
2006-11-01
|
|
RSSonate - 'Project_Root' Remote File Inclusion
|
21 |
WEB
|
Arab4services
|
|
2006-10-31
|
|
Mirapoint Web Mail - 'Expression()' HTML Injection
|
19 |
WEB
|
LegendaryZion
|
|
2006-10-31
|
|
iPlanet Messaging Server - Messenger Express Expression() HTML Injection
|
20 |
WEB
|
LegendaryZion
|
|
2006-10-31
|
|
Netquery 4.0 - 'NQUser.php' Cross-Site Scripting
|
19 |
WEB
|
Tal Argoni
|
|
2006-10-30
|
|
The Search Engine Project 0.942 - 'Configfunction.php' Remote File Inclusion
|
35 |
WEB
|
Cyber Security
|
|
2006-10-31
|
|
PHP-Nuke 7.x Journal Module - 'search.php' SQL Injection
|
22 |
WEB
|
Paisterist
|
|
2006-10-31
|
|
Easy Web Portal 2.1.2 - Multiple Remote File Inclusions
|
18 |
WEB
|
MEFISTO
|
|
2005-10-30
|
|
phpFaber CMS 1.3.36 - 'Htmlarea.php' Cross-Site Scripting
|
16 |
WEB
|
Vigilon
|
|
2006-10-30
|
|
Foresite CMS - 'Index_2.php' Cross-Site Scripting
|
19 |
WEB
|
David Vieira-Kurz
|
|
2006-10-30
|
|
Evandor Easy notesManager 0.0.1 - Search Page SQL Injection
|
16 |
WEB
|
poplix
|
|
2006-10-30
|
|
Evandor Easy notesManager 0.0.1 - 'login.php?Username' SQL Injection
|
20 |
WEB
|
poplix
|
|
2006-10-30
|
|
Freenews 1.1 - 'Aff_News.php' Remote File Inclusion
|
17 |
WEB
|
MoHaNdKo
|
|
2006-10-30
|
|
Exhibit Engine 1.22 - 'fstyles.php?toroot' Remote File Inclusion
|
18 |
WEB
|
Cyber Security
|
|
2006-10-30
|
|
Exhibit Engine 1.22 - 'fetchsettings.php?toroot' Remote File Inclusion
|
22 |
WEB
|
Cyber Security
|
|
2006-10-30
|
|
Actionpoll 1.1.1 - '/db/PollDB.php?CONFIG_DATAREADERWRITER' Remote File Inclusion
|
17 |
WEB
|
Cyber Security
|
|
2006-10-30
|
|
Actionpoll 1.1.1 - '/db/DataReaderWriter.php?CONFIG_DB' Remote File Inclusion
|
17 |
WEB
|
Cyber Security
|
|
2006-10-30
|
|
PunBB 1.x - SQL Injection
|
19 |
WEB
|
nmsh_sa
|
|
2006-10-28
|
|
Web Wiz Forum 6.34/7.x - 'search.asp' SQL Injection
|
23 |
WEB
|
almaster
|
|
2006-10-27
|
|
PLS-Bannieres 1.21 - 'Bannieres.php' Remote File Inclusion
|
23 |
WEB
|
Mahmood_ali
|
|
2006-10-27
|
|
TorrentFlux 2.1 - 'dir.php' Directory Traversal
|
20 |
WEB
|
Christopher
|
|
2006-10-30
|
|
IG Shop 1.4 - 'Change_Pass.php' Cross-Site Scripting
|
20 |
WEB
|
SnipEr.X
|
|
2006-10-27
|
|
PHPTreeView 1.0 - 'TreeViewClass.php' Remote File Inclusion
|
19 |
WEB
|
Prince Islam
|
|
2006-10-26
|
|
PHPLeague 0.81 - '/consult/miniseul.php?cheminmini' Remote File Inclusion
|
20 |
WEB
|
ajaan
|
|
2006-10-26
|
|
MAXdev MD-Pro 1.0.76 - 'user.php' Cross-Site Scripting
|
20 |
WEB
|
r00t
|
|
2006-10-25
|
|
PHPMyConferences 8.0.2 - 'Init.php' Remote File Inclusion
|
20 |
WEB
|
The-0utl4w
|
|
2006-10-25
|
|
Comment IT 0.2 - 'PathToComment' Remote File Inclusion
|
17 |
WEB
|
Cold Zero
|
|
2006-10-24
|
|
Simpnews 2.x - 'pwlost.php' Cross-Site Scripting
|
18 |
WEB
|
security@vigilon.com
|
|
2006-10-24
|
|
Simpnews 2.x - 'index.php' Cross-Site Scripting
|
18 |
WEB
|
security@vigilon.com
|
|
2006-10-24
|
|
Snitz Forums 2000 3.4.6 - 'Pop_Mail.asp' SQL Injection
|
21 |
WEB
|
Arham Muhammad
|
|
2013-10-10
|
|
Imperva SecureSphere Web Application Firewall MX 9.5.6 - Blind SQL Injection
|
24 |
WEB
|
Giuseppe D'Amore
|
|
2006-10-24
|
|
Crafty Syntax Live Help 2.9.9 - Multiple Remote File Inclusions
|
18 |
WEB
|
Crackers_Child
|
|
2006-10-23
|
|
WikiNi 0.4.x - 'Waka.php' Multiple HTML Injection Vulnerabilities
|
22 |
WEB
|
Raphael Huck
|
|
2006-10-23
|
|
Shop-Script - Multiple HTTP Response Splitting Vulnerabilities
|
19 |
WEB
|
Debasis Mohanty
|
|
2006-10-23
|
|
cPanel 10.9 - 'editzonetemplate?template' Cross-Site Scripting
|
17 |
WEB
|
Crackers_Child
|
|
2006-10-23
|
|
cPanel 10.9 - 'dosetmytheme?theme' Cross-Site Scripting
|
19 |
WEB
|
Crackers_Child
|
|
2006-10-23
|
|
Zwahlen's Online Shop 5.2.2 - 'Cat' Cross-Site Scripting
|
19 |
WEB
|
MC.Iglo
|
