|
2006-11-15
|
|
CandyPress Store 3.5.2 14 - 'openPolicy.asp?policy' SQL Injection
|
23 |
WEB
|
laurent gaffie
|
|
2013-10-18
|
|
Elite Graphix ElitCMS 1.01 / PRO - Multiple Web Vulnerabilities
|
21 |
WEB
|
Vulnerability-Lab
|
|
2006-11-14
|
|
MGinternet Property Site Manager - 'admin_login.asp' Multiple SQL Injections
|
31 |
WEB
|
laurent gaffie
|
|
2006-11-14
|
|
MGinternet Property Site Manager - 'listings.asp' Multiple SQL Injections
|
25 |
WEB
|
laurent gaffie
|
|
2006-11-14
|
|
MGinternet Property Site Manager - 'detail.asp?p' SQL Injection
|
26 |
WEB
|
laurent gaffie
|
|
2006-11-14
|
|
MGinternet Property Site Manager - 'listings.asp?s' Cross-Site Scripting
|
21 |
WEB
|
laurent gaffie
|
|
2006-11-14
|
|
Mega Mall - 'order-track.php?orderNo' SQL Injection
|
20 |
WEB
|
laurent gaffie
|
|
2006-11-14
|
|
Mega Mall - 'product_review.php' Multiple SQL Injections
|
20 |
WEB
|
laurent gaffie
|
|
2006-11-14
|
|
Evolve Merchant - 'viewcart.asp' SQL Injection
|
24 |
WEB
|
laurent gaffie
|
|
2006-11-14
|
|
Inventory Manager - Multiple Input Validation Vulnerabilities
|
22 |
WEB
|
laurent gaffie
|
|
2013-10-17
|
|
Woltlab Burning Board Regenbogenwiese 2007 Addon - SQL Injection
|
19 |
WEB
|
Easy Laster
|
|
2013-10-17
|
|
WordPress Plugin Realty - Blind SQL Injection
|
22 |
WEB
|
Napsterakos
|
|
2013-10-17
|
|
WordPress Plugin Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting
|
19 |
WEB
|
Zy0d0x
|
|
2013-10-17
|
|
Zikula CMS 1.3.5 - Multiple Vulnerabilities
|
24 |
WEB
|
Vulnerability-Lab
|
|
2006-11-14
|
|
Plesk 7.5/8.0 - 'login_up.php3' Cross-Site Scripting
|
21 |
WEB
|
David Vieira-Kurz
|
|
2006-11-14
|
|
Plesk 7.5/8.0 - 'get_password.php' Cross-Site Scripting
|
24 |
WEB
|
David Vieira-Kurz
|
|
2006-11-14
|
|
Car Site Manager - '/csm/asp/listings.asp' Multiple Cross-Site Scripting Vulnerabilities
|
23 |
WEB
|
laurent gaffie
|
|
2006-11-14
|
|
Car Site Manager - '/csm/asp/detail.asp?p' SQL Injection
|
23 |
WEB
|
laurent gaffie
|
|
2006-11-14
|
|
Car Site Manager - '/csm/asp/listings.asp' Multiple SQL Injections
|
19 |
WEB
|
laurent gaffie
|
|
2006-11-14
|
|
Pilot Cart 7.2 - 'Pilot.asp' SQL Injection
|
21 |
WEB
|
laurent gaffie
|
|
2006-11-14
|
|
DMXReady Site Engine Manager 1.0 - 'index.asp' SQL Injection
|
25 |
WEB
|
Aria-Security Team
|
|
2006-11-14
|
|
ASPIntranet 2.1 - 'default.asp' SQL Injection
|
21 |
WEB
|
Aria-Security Team
|
|
2006-11-14
|
|
SiteXpress E-Commerce System - 'Dept.asp' SQL Injection
|
23 |
WEB
|
Aria-Security Team
|
|
2006-11-15
|
|
SitesOutlet eCommerce Kit - Multiple SQL Injections
|
21 |
WEB
|
laurent gaffie
|
|
2006-11-14
|
|
FunkyASP Glossary 1.0 - 'Glossary.asp' SQL Injection
|
20 |
WEB
|
saps.audit
|
|
2006-11-12
|
|
DirectAdmin 1.28/1.29 - 'CMD_FTP_SHOW' Cross-Site Scripting
|
24 |
WEB
|
Aria-Security Team
|
|
2006-11-12
|
|
DirectAdmin 1.28/1.29 - 'CMD_EMAIL_LIST' Cross-Site Scripting
|
32 |
WEB
|
Aria-Security Team
|
|
2006-11-12
|
|
DirectAdmin 1.28/1.29 - 'CMD_EMAIL_VACATION_MODIFY' Cross-Site Scripting
|
26 |
WEB
|
Aria-Security Team
|
|
2006-11-12
|
|
DirectAdmin 1.28/1.29 - 'CMD_TICKET' Cross-Site Scripting
|
26 |
WEB
|
Aria-Security Team
|
|
2006-11-12
|
|
DirectAdmin 1.28/1.29 - 'CMD_EMAIL_FORWARDER_MODIFY' Cross-Site Scripting
|
27 |
WEB
|
Aria-Security Team
|
|
2006-11-12
|
|
DirectAdmin 1.28/1.29 - 'CMD_TICKET_CREATE' Cross-Site Scripting
|
20 |
WEB
|
Aria-Security Team
|
|
2006-11-12
|
|
DirectAdmin 1.28/1.29 - 'CMD_SHOW_USER' Cross-Site Scripting
|
21 |
WEB
|
Aria-Security Team
|
|
2006-11-12
|
|
DirectAdmin 1.28/1.29 - 'CMD_SHOW_RESELLER' Cross-Site Scripting
|
19 |
WEB
|
Aria-Security Team
|
|
2006-11-12
|
|
PHPdebug 1.1 - 'Debug_test.php' Remote File Inclusion
|
23 |
WEB
|
Firewall
|
|
2013-10-16
|
|
WebTester 5.x - Multiple Vulnerabilities
|
18 |
WEB
|
X-Cisadane
|
|
2006-11-13
|
|
INFINICART - 'browsesubcat.asp' Multiple SQL Injections
|
21 |
WEB
|
laurent gaffie
|
|
2006-11-13
|
|
INFINICART - 'added_to_cart.asp?ProductID' SQL Injection
|
19 |
WEB
|
laurent gaffie
|
|
2006-11-13
|
|
INFINICART - 'browse_group.asp?groupid' SQL Injection
|
20 |
WEB
|
laurent gaffie
|
|
2006-11-13
|
|
INFINICART - 'login.asp' Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
laurent gaffie
|
|
2006-11-13
|
|
INFINICART - 'sendpassword.asp?email' Cross-Site Scripting
|
28 |
WEB
|
laurent gaffie
|
|
2006-11-13
|
|
INFINICART - 'search.asp?search' Cross-Site Scripting
|
22 |
WEB
|
laurent gaffie
|
|
2006-11-13
|
|
Roundcube Webmail 0.1 - 'index.php' Cross-Site Scripting
|
18 |
WEB
|
RSnake
|
|
2006-11-13
|
|
ASP Portal 2.0/3.x/4.0 - 'Default1.asp' SQL Injection
|
19 |
WEB
|
ajann
|
|
2006-11-14
|
|
20/20 Real Estate 3.2 - 'listings.asp' SQL Injection
|
23 |
WEB
|
Aria-Security Team
|
|
2006-11-13
|
|
cPanel 10 - 'newuser.html' Multiple Cross-Site Scripting Vulnerabilities
|
24 |
WEB
|
Aria-Security Team
|
|
2006-11-13
|
|
cPanel 10 - 'seldir.html?dir' Cross-Site Scripting
|
20 |
WEB
|
Aria-Security Team
|
|
2006-11-11
|
|
WordPress Core 2.0.5 - 'functions.php' Remote File Inclusion
|
26 |
WEB
|
_ANtrAX_
|
|
2013-10-15
|
|
DornCMS Application 1.4 - Multiple Web Vulnerabilities
|
24 |
WEB
|
Vulnerability-Lab
|
|
2013-10-15
|
|
Apple iOS 7.0.2 - Sim Lock Screen Display Bypass
|
23 |
WEB
|
Vulnerability-Lab
|
|
2013-10-15
|
|
UbiDisk File Manager 2.0 iOS - Multiple Web Vulnerabilities
|
23 |
WEB
|
Vulnerability-Lab
|
|
2013-10-15
|
|
OliveOffice Mobile Suite 2.0.3 iOS - Local File Inclusion
|
19 |
WEB
|
Vulnerability-Lab
|
|
2013-10-15
|
|
My File Explorer 1.3.1 iOS - Multiple Web Vulnerabilities
|
24 |
WEB
|
Vulnerability-Lab
|
|
2013-10-15
|
|
Zabbix 2.0.8 - SQL Injection / Remote Code Execution (Metasploit)
|
21 |
WEB
|
Jason Kratzer
|
|
2013-10-15
|
|
Dolibarr ERP/CRM 3.4.0 - 'exportcsv.php?sondage' SQL Injection
|
24 |
WEB
|
drone
|
|
2013-10-15
|
|
WordPress Plugin Dexs PM System - (Authenticated) Persistent Cross-Site Scripting
|
24 |
WEB
|
TheXero
|
|
2006-11-11
|
|
ExoPHPDesk 1.2 - 'Pipe.php' Remote File Inclusion
|
24 |
WEB
|
Firewall1954
|
|
2006-11-10
|
|
Bitweaver 1.x - '/wiki/list_pages.php?sort_mode' SQL Injection
|
25 |
WEB
|
laurent gaffie
|
|
2006-11-10
|
|
Bitweaver 1.x - '/wiki/orphan_pages.php?sort_mode' SQL Injection
|
19 |
WEB
|
laurent gaffie
|
|
2006-11-10
|
|
Bitweaver 1.x - '/fisheye/index.php?sort_mode' SQL Injection
|
20 |
WEB
|
laurent gaffie
|
|
2013-10-14
|
|
aMSN 0.98.9 Web App - Multiple Vulnerabilities
|
21 |
WEB
|
drone
|
|
2013-10-14
|
|
WordPress Plugin Cart66 1.5.1.14 - Multiple Vulnerabilities
|
19 |
WEB
|
absane
|
|
2013-10-14
|
|
StatusNet/Laconica 0.7.4/0.8.2/0.9.0beta3 - Arbitrary File Reading
|
20 |
WEB
|
spiderboy
|
|
2006-11-10
|
|
Bitweaver 1.x - '/fisheye/list_galleries.php?sort_mode' SQL Injection
|
24 |
WEB
|
laurent gaffie
|
|
2006-11-10
|
|
Bitweaver 1.x - '/blogs/list_blogs.php?sort_mode' SQL Injection
|
26 |
WEB
|
laurent gaffie
|
|
2006-11-09
|
|
Omnistar Article Manager - Multiple SQL Injections
|
18 |
WEB
|
Benjamin Moss
|
|
2006-11-09
|
|
LandShop 0.6.3 - 'ls.php' Multiple SQL Injections
|
23 |
WEB
|
laurent gaffie
|
|
2006-11-09
|
|
LandShop 0.6.3 - 'ls.php' Multiple Cross-Site Scripting Vulnerabilities
|
24 |
WEB
|
laurent gaffie
|
|
2006-11-09
|
|
bitweaver 1.x - '/newsletters/edition.php?tk' SQL Injection
|
22 |
WEB
|
laurent gaffie
|
|
2006-11-08
|
|
Speedywiki 2.0/2.1 - Multiple Input Validation Vulnerabilities
|
21 |
WEB
|
laurent gaffie
|
|
2006-11-08
|
|
Portix-PHP 0.4.2 - Multiple SQL Injections
|
24 |
WEB
|
Benjamin Moss
|
|
2006-11-08
|
|
PHPMyChat Plus 1.9 - Multiple Local File Inclusions
|
22 |
WEB
|
ajann
|
|
2006-11-08
|
|
Abarcar Realty Portal 5.1.5/6.0.1 - Multiple SQL Injections
|
18 |
WEB
|
Benjamin Moss
|
|
2006-11-08
|
|
FreeWebShop 2.1/2.2 - 'index.php?cat' Cross-Site Scripting
|
21 |
WEB
|
laurent gaffie
|
|
2006-11-08
|
|
FreeWebShop 2.1/2.2 - 'index.php?page' Traversal Arbitrary File Access
|
22 |
WEB
|
laurent gaffie
|
|
2006-11-08
|
|
Immediacy .NET CMS 5.2 - 'Logon.aspx' Cross-Site Scripting
|
20 |
WEB
|
Gemma Hughes
|
|
2006-11-08
|
|
PHPMyChat 0.14/0.15 - 'Languages.Lib.php' Local File Inclusion
|
18 |
WEB
|
ajann
|
|
2006-11-07
|
|
Kayako SupportSuite 3.0.32 - 'index.php' Cross-Site Scripting
|
20 |
WEB
|
Dr.HAiL
|
|
2006-11-07
|
|
IPManager 2.3 - 'index.php' Cross-Site Scripting
|
17 |
WEB
|
spaceballyopsolo
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_show_page_help.php' Full Path Disclosure
|
19 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_show_ec_products.php' Full Path Disclosure
|
18 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - Multiple Vulnerabilities
|
21 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_links_search.php' SQL Injection
|
20 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_codice_fiscale.php' SQL Injection
|
22 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_users_online.php' SQL Injection
|
20 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_login.php' SQL Injection
|
21 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_show_ec_products.php' SQL Injection
|
19 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_contact_us.php' SQL Injection
|
17 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_links.php' SQL Injection
|
23 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_newsletter.php' SQL Injection
|
18 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_edit_user.php' SQL Injection
|
17 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_forum_view.php' SQL Injection
|
18 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_news.php' SQL Injection
|
21 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_dpage.php' SQL Injection
|
19 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'load_page' Remote File Inclusion
|
20 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_links_search.php' Cross-Site Scripting
|
20 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_users_online.php' Cross-Site Scripting
|
20 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_show_ec_products.php' Cross-Site Scripting
|
21 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_dpage.php' Cross-Site Scripting
|
18 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
AIOCP 1.3.x - 'cp_forum_view.php' Cross-Site Scripting
|
18 |
WEB
|
laurent gaffie
|
|
2006-11-06
|
|
Xoops 2.0.5 - 'NewList.php' Cross-Site Scripting
|
22 |
WEB
|
CvIr.System
|
|
2006-11-06
|
|
@cid Stats 2.3 - 'Install.php3' Remote File Inclusion
|
21 |
WEB
|
Mahmood_ali
|
|
2006-11-04
|
|
PHPKit 1.6.1 - 'popup.php' SQL Injection
|
19 |
WEB
|
x23
|
|
2006-11-04
|
|
IF-CMS - 'index.php' Cross-Site Scripting
|
19 |
WEB
|
Benjamin Moss
|
|
2006-11-03
|
|
Advanced Guestbook 2.3.1 - 'admin.php' Remote File Inclusion
|
20 |
WEB
|
BrokeN-ProXy
|
|
2006-11-03
|
|
Simplog 0.9.3 - 'archive.php?PID' Cross-Site Scripting
|
21 |
WEB
|
Benjamin Moss
|
|
2006-11-03
|
|
Simplog 0.9.3 - 'BlogID' Multiple SQL Injections
|
24 |
WEB
|
Benjamin Moss
|
|
2006-11-03
|
|
ac4p Mobile - '/cp/index.php?pagenav' Cross-Site Scripting
|
21 |
WEB
|
AL-garnei
|
|
2006-11-03
|
|
ac4p Mobile - 'up.php' Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
AL-garnei
|
|
2006-11-03
|
|
ac4p Mobile - 'send.php?cats' Cross-Site Scripting
|
21 |
WEB
|
AL-garnei
|
|
2006-11-03
|
|
ac4p Mobile - 'polls.php' Multiple Cross-Site Scripting Vulnerabilities (1)
|
18 |
WEB
|
AL-garnei
|
|
2006-11-03
|
|
ac4p Mobile - 'MobileNews.php' Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
AL-garnei
|
|
2006-11-03
|
|
ac4p Mobile - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
16 |
WEB
|
AL-garnei
|
|
2006-11-07
|
|
NewP News Publishing System 1.0 - 'Class.Database.php' Remote File Inclusion
|
17 |
WEB
|
navairum
|
|
2006-11-02
|
|
FreeWebShop 2.2 - 'index.php' SQL Injection
|
19 |
WEB
|
Spiked
|
|
2006-11-02
|
|
RunCMS 1.x - Avatar Arbitrary File Upload
|
18 |
WEB
|
securfrog
|
|
2006-11-08
|
|
KnowledgeBuilder 2.2 - 'visEdit_Control.Class.php' Remote File Inclusion
|
22 |
WEB
|
igi
|
|
2006-11-01
|
|
RSSonate - 'Project_Root' Remote File Inclusion
|
24 |
WEB
|
Arab4services
|
|
2006-10-31
|
|
Mirapoint Web Mail - 'Expression()' HTML Injection
|
20 |
WEB
|
LegendaryZion
|
|
2006-10-31
|
|
iPlanet Messaging Server - Messenger Express Expression() HTML Injection
|
20 |
WEB
|
LegendaryZion
|
|
2006-10-31
|
|
Netquery 4.0 - 'NQUser.php' Cross-Site Scripting
|
20 |
WEB
|
Tal Argoni
|
|
2006-10-30
|
|
The Search Engine Project 0.942 - 'Configfunction.php' Remote File Inclusion
|
35 |
WEB
|
Cyber Security
|
|
2006-10-31
|
|
PHP-Nuke 7.x Journal Module - 'search.php' SQL Injection
|
22 |
WEB
|
Paisterist
|
|
2006-10-31
|
|
Easy Web Portal 2.1.2 - Multiple Remote File Inclusions
|
19 |
WEB
|
MEFISTO
|
|
2005-10-30
|
|
phpFaber CMS 1.3.36 - 'Htmlarea.php' Cross-Site Scripting
|
18 |
WEB
|
Vigilon
|
|
2006-10-30
|
|
Foresite CMS - 'Index_2.php' Cross-Site Scripting
|
19 |
WEB
|
David Vieira-Kurz
|
