|
2006-02-21
|
|
PostNuke 0.6x/0.7x NS-Languages Module - 'language' SQL Injection
|
14 |
WEB
|
Maksymilian Arciemowicz
|
|
2006-02-21
|
|
PostNuke 0.6x/0.7x NS-Languages Module - 'language' Cross-Site Scripting
|
13 |
WEB
|
Maksymilian Arciemowicz
|
|
2006-02-20
|
|
CuteNews 1.4.1 - 'show_news.php' Cross-Site Scripting
|
13 |
WEB
|
imei
|
|
2006-02-20
|
|
Magic Calendar Lite 1.02 - 'index.php' SQL Injection
|
14 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-02-20
|
|
TTS Software Time Tracking Software 3.0 - 'edituser.php' Access Validation
|
17 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-02-18
|
|
PHP-Nuke 7.x - CAPTCHA Bypass
|
12 |
WEB
|
waraxe
|
|
2006-02-18
|
|
Webpagecity WPC easy - SQL Injection
|
13 |
WEB
|
murfie
|
|
2006-02-18
|
|
E107 Website System 0.7.2 Chatbox Plugin - HTML Injection
|
12 |
WEB
|
marc & shb
|
|
2006-02-17
|
|
V-Webmail 1.6.2 - Multiple Cross-Site Scripting Vulnerabilities
|
18 |
WEB
|
$um$id
|
|
2006-02-16
|
|
Siteframe Beaumont 5.0.1/5.0.2 - 'page.php' HTML Injection
|
11 |
WEB
|
federico.alice@tiscali.it
|
|
2006-02-16
|
|
MyBB 1.0.3 - 'Managegroup.php' Cross-Site Scripting
|
11 |
WEB
|
imei
|
|
2006-02-16
|
|
MyBB 1.0.2/1.0.3 - 'Managegroup.php' SQL Injection
|
12 |
WEB
|
imei
|
|
2006-02-15
|
|
BirthSys 3.1 - Multiple SQL Injections
|
13 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-02-16
|
|
Dreamcost HostAdmin 3.0 - 'index.php' Remote File Inclusion
|
10 |
WEB
|
ReZEN
|
|
2006-02-15
|
|
HTML::BBCode 1.03/1.04 - HTML Injection
|
14 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-02-15
|
|
MyBB 1.0.3 - 'private.php' Multiple SQL Injections
|
14 |
WEB
|
imei
|
|
2006-02-15
|
|
My Blog 1.63 - BBCode HTML Injection
|
11 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-02-15
|
|
Mantis Bug Tracker 0.x/1.0 - 'manage_user_page.php?sort' Cross-Site Scripting
|
13 |
WEB
|
Thomas Waldegger
|
|
2006-02-15
|
|
Mantis Bug Tracker 0.x/1.0 - 'view_all_set.php' Multiple Cross-Site Scripting Vulnerabilities
|
13 |
WEB
|
Thomas Waldegger
|
|
2006-02-15
|
|
WordPress Core 2.0 - Comment Post HTML Injection
|
10 |
WEB
|
imei
|
|
2006-02-14
|
|
RunCMS 1.2/1.3 - 'PMLite.php' SQL Injection
|
11 |
WEB
|
Hamid Ebadi
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/tasks/gantt.php?baseDir' Remote File Inclusion
|
12 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/public/date_format.php?baseDir' Remote File Inclusion
|
10 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/public/calendar.php?baseDir' Remote File Inclusion
|
11 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/admin/vw_usr_roles.php?baseDir' Remote File Inclusion
|
11 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/projects/vw_files.php?dPconfig[root_dir]' Remote File Inclusion
|
12 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/projects/gantt2.php?dPconfig[root_dir]' Remote File Inclusion
|
11 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/includes/session.php?baseDir' Remote File Inclusion
|
12 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/includes/db_connect.php?baseDir' Remote File Inclusion
|
13 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/projects/gantt.php?dPconfig[root_dir]' Remote File Inclusion
|
14 |
WEB
|
r.verton
|
|
2006-02-14
|
|
sNews - 'index.php' Multiple SQL Injections
|
14 |
WEB
|
joffer
|
|
2006-02-14
|
|
sNews - Comment Body Cross-Site Scripting
|
13 |
WEB
|
joffer
|
|
2006-02-14
|
|
DELTAScripts PHP Classifieds 6.20 - 'Member_Login.php' SQL Injection
|
14 |
WEB
|
Audun Larsen
|
|
2006-02-14
|
|
QwikiWiki 1.5 - 'search.php' Cross-Site Scripting
|
11 |
WEB
|
Citynova
|
|
2006-02-13
|
|
Gastebuch 1.3.2 - Cross-Site Scripting
|
12 |
WEB
|
Micha Borrmann
|
|
2006-02-13
|
|
PHP-Nuke 6.x/7.x - 'header.php?Pagetitle' Cross-Site Scripting
|
12 |
WEB
|
Janek Vind
|
|
2006-02-13
|
|
Clever Copy 2.0/3.0 - Multiple HTML Injection Vulnerabilities
|
14 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-02-13
|
|
XMB Forum 1.8/1.9 - 'u2u.php?Username' Cross-Site Scripting
|
10 |
WEB
|
GulfTech Security
|
|
2006-02-13
|
|
Virtual Hosting Control System 2.2/2.4 - 'login.php?check_login()' Authentication Bypass
|
12 |
WEB
|
Roman Medina-Heigl Hernandez
|
|
2006-02-13
|
|
Virtual Hosting Control System 2.2/2.4 - 'change_password.php' Current Password
|
13 |
WEB
|
Roman Medina-Heigl Hernandez
|
|
2006-02-13
|
|
Lawrence Osiris DB_eSession 1.0.2 - Class SQL Injection
|
12 |
WEB
|
GulfTech Security
|
|
2006-02-12
|
|
Siteframe Beaumont 5.0.1 - 'search.php?Q' Cross-Site Scripting
|
11 |
WEB
|
Kiki
|
|
2006-02-11
|
|
ImageVue 0.16.1 - 'upload.php' Unrestricted Arbitrary File Upload
|
11 |
WEB
|
zjieb
|
|
2006-02-11
|
|
ImageVue 0.16.1 - 'index.php?bgcol' Cross-Site Scripting
|
12 |
WEB
|
zjieb
|
|
2006-02-11
|
|
ImageVue 0.16.1 - 'readfolder.php?path' Arbitrary Directory Listing
|
10 |
WEB
|
zjieb
|
|
2006-02-11
|
|
ImageVue 0.16.1 - 'dir.php' Folder Permission Disclosure
|
11 |
WEB
|
zjieb
|
|
2006-02-11
|
|
LinPHA 0.9.x/1.0 - 'forth_stage_install.php' Local File Inclusion
|
12 |
WEB
|
rgod
|
|
2006-02-11
|
|
LinPHA 0.9.x/1.0 - 'sec_stage_install.php' Local File Inclusion
|
10 |
WEB
|
rgod
|
|
2006-02-11
|
|
LinPHA 0.9.x/1.0 - 'install.php' Local File Inclusion
|
12 |
WEB
|
rgod
|
|
2006-02-11
|
|
LinPHA 0.9.x/1.0 - 'lang' Local File Inclusion
|
14 |
WEB
|
rgod
|
|
2013-07-29
|
|
FluxBB 1.5.3 - Multiple Vulnerabilities
|
13 |
WEB
|
LiquidWorm
|
|
2013-07-29
|
|
WebDisk 3.0.2 PhotoViewer iOS - Command Execution
|
13 |
WEB
|
Vulnerability-Lab
|
|
2013-07-29
|
|
Private Photos 1.0 iOS - Persistent Cross-Site Scripting
|
12 |
WEB
|
Vulnerability-Lab
|
|
2013-07-29
|
|
OpenEMM-2013 8.10.380.hf13.0.066 - SOAP SQL Injection / Persistent Cross-Site Scripting
|
18 |
WEB
|
drone
|
|
2006-02-11
|
|
HiveMail 1.2.2/1.3 - 'index.php' $_SERVER['PHP_SELF'] Cross-Site Scripting
|
11 |
WEB
|
GulfTech Security
|
|
2006-02-11
|
|
HiveMail 1.2.2/1.3 - 'folders.update.php?folderid' Arbitrary PHP Command Execution
|
12 |
WEB
|
GulfTech Security
|
|
2006-02-11
|
|
HiveMail 1.2.2/1.3 - 'addressbook.update.php?contactgroupid' Arbitrary PHP Command Execution
|
11 |
WEB
|
GulfTech Security
|
|
2006-02-10
|
|
Farsinews 2.1/2.5 - 'show_archives.php?template' Traversal Arbitrary File Access
|
15 |
WEB
|
Hamid Ebadi
|
|
2013-07-28
|
|
TRENDnet TEW-812DRU - Cross-Site Request Forgery/Command Injection Root
|
16 |
WEB
|
Jacob Holcomb
|
|
2006-02-09
|
|
Papoo 2.1.x - Multiple Cross-Site Scripting Vulnerabilities
|
12 |
WEB
|
Dj Eyes
|
|
2006-02-09
|
|
PwsPHP 1.2.3 - SQL Injection
|
12 |
WEB
|
papipsycho
|
|
2006-02-07
|
|
GA's Forum Light - 'Archive.asp' SQL Injection
|
21 |
WEB
|
Dj_Eyes
|
|
2006-02-08
|
|
CPAINT 1.3/2.0.2 - 'TYPE.php' Cross-Site Scripting
|
11 |
WEB
|
GulfTech Security
|
|
2006-02-08
|
|
SPIP 1.8.2 - 'Spip_RSS.php' Remote Command Execution
|
12 |
WEB
|
rgod
|
|
2006-02-08
|
|
vwdev - 'index.php' SQL Injection
|
13 |
WEB
|
Omid Aghababaei
|
|
2006-02-08
|
|
Webeveyn Whomp! Real Estate Manager 2005 - Login SQL Injection
|
15 |
WEB
|
night_warrior771
|
|
2006-02-07
|
|
MyBB 1.0.3 - 'moderation.php' SQL Injection
|
16 |
WEB
|
imei
|
|
2006-02-07
|
|
eyeOS 0.8.x - Session Remote Command Execution
|
13 |
WEB
|
GulfTech Security
|
|
2005-12-22
|
|
Beehive Forum 0.6.2 - 'index.php' SQL Injection
|
18 |
WEB
|
trueend5
|
|
2006-01-29
|
|
UBBCentral UBB.Threads 6.3 - 'showflat.php' SQL Injection
|
13 |
WEB
|
k-otik
|
|
2006-02-04
|
|
IBM Tivoli Access Manager Plugin - Directory Traversal
|
15 |
WEB
|
Timothy D. Morgan
|
|
2006-02-03
|
|
cPanel 10.8.1 - Multiple Cross-Site Scripting Vulnerabilities
|
13 |
WEB
|
Simo Ben Youssef
|
|
2006-02-02
|
|
CyberShop Ultimate E-Commerce - Multiple Cross-Site Scripting Vulnerabilities
|
13 |
WEB
|
B3g0k
|
|
2006-02-02
|
|
SoftMaker Shop - Multiple Cross-Site Scripting Vulnerabilities
|
13 |
WEB
|
preben@watchcom.no
|
|
2006-02-01
|
|
SPIP 1.8/1.9 - 'index.php3' Cross-Site Scripting
|
15 |
WEB
|
Siegfried
|
|
2006-02-01
|
|
SPIP 1.8/1.9 - Multiple SQL Injections
|
15 |
WEB
|
Siegfried
|
|
2006-02-01
|
|
SZUserMgnt 1.4 - 'Username' SQL Injection
|
16 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-31
|
|
MyBB 1.0/1.1 - 'index.php' Referrer Cookie SQL Injection
|
15 |
WEB
|
Devil-00
|
|
2006-01-31
|
|
Farsinews 2.1 - 'Loginout.php' Remote File Inclusion
|
15 |
WEB
|
Hamid Ebadi
|
|
2006-01-31
|
|
Cerberus Helpdesk 2.7 - 'Clients.php' Cross-Site Scripting
|
11 |
WEB
|
preben@watchcom.no
|
|
2006-01-30
|
|
Daffodil CRM 1.5 - 'Userlogin.asp' SQL Injection
|
17 |
WEB
|
preben@watchcom.no
|
|
2006-01-30
|
|
Ashwebstudio Ashnews 0.83 - Cross-Site Scripting
|
17 |
WEB
|
0o_zeus_o0
|
|
2006-01-30
|
|
PmWiki 2.1 - Multiple Input Validation Vulnerabilities
|
16 |
WEB
|
aScii
|
|
2006-01-30
|
|
sPaiz-Nuke - 'modules.php' Cross-Site Scripting
|
16 |
WEB
|
night_warrior771
|
|
2005-12-15
|
|
ZixForum 1.12 - 'forum.asp' Multiple SQL Injections
|
15 |
WEB
|
Tran Viet Phuong
|
|
2006-01-19
|
|
ASPThai Forums 8.0 - 'login.asp' SQL Injection
|
13 |
WEB
|
code.shell
|
|
2006-01-26
|
|
Elido Face Control - Multiple Directory Traversal Vulnerabilities
|
14 |
WEB
|
HSC Security Group
|
|
2006-01-26
|
|
My Little Homepage Products - BBCode Link Tag Script Injection
|
15 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-26
|
|
AndoNET Blog 2004.9.2 - 'Comentarios.php' SQL Injection
|
13 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2005-12-26
|
|
MyBB 1.0.2 - Multiple Cross-Site Scripting Vulnerabilities
|
15 |
WEB
|
imei
|
|
2013-07-27
|
|
Symantec Web Gateway 5.1.0.x - Multiple Vulnerabilities
|
18 |
WEB
|
SEC Consult
|
|
2013-07-27
|
|
Broadkam PJ871 - Authentication Bypass
|
15 |
WEB
|
d3c0der
|
|
2013-07-27
|
|
Basic Forum by JM LLC - Multiple Vulnerabilities
|
14 |
WEB
|
Sp3ctrecore
|
|
2013-07-27
|
|
Easy Blog by JM LLC - Multiple Vulnerabilities
|
11 |
WEB
|
Sp3ctrecore
|
|
2013-07-27
|
|
Windu CMS 2.2 - Multiple Vulnerabilities
|
11 |
WEB
|
LiquidWorm
|
|
2006-01-25
|
|
PMachine ExpressionEngine 1.4.1 - HTTP Referrer HTML Injection
|
9 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-25
|
|
CheesyBlog 1.0 - Multiple HTML Injection Vulnerabilities
|
12 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-24
|
|
miniBloggie 1.0 - 'login.php' SQL Injection
|
12 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-24
|
|
SleeperChat 0.3f - 'index.php' Cross-Site Scripting
|
12 |
WEB
|
hackologie
|
|
2006-01-24
|
|
PixelPost 1.4.3 - User Comment HTML Injection
|
10 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-24
|
|
MyBB 1.0.1/1.0.2 Notepad - 'usercp.php' HTML Injection
|
13 |
WEB
|
Roozbeh Afrasiabi
|
|
2006-01-24
|
|
123 Flash Chat 5.0 - Remote Code Injection
|
11 |
WEB
|
Jesus Olmos Gonzalez
|
|
2006-01-23
|
|
AZ Bulletin Board 1.0.x/1.1 - 'post.php' HTML Injection
|
12 |
WEB
|
Roozbeh Afrasiabi
|
|
2006-01-23
|
|
e-moBLOG 1.3 - Multiple SQL Injections
|
11 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-20
|
|
RCBlog 1.0.3 - 'index.php' Directory Traversal
|
12 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-20
|
|
BlogPHP 1.2 - Multiple SQL Injections
|
15 |
WEB
|
imei
|
|
2006-01-23
|
|
NewsPHP - 'index.php' Multiple SQL Injections
|
10 |
WEB
|
SAUDI
|
|
2006-01-20
|
|
Rockliffe MailSite 5.3.4/6.1.22/7.0.3 - HTTP Mail Management Cross-Site Scripting
|
10 |
WEB
|
OS2A BTO
|
|
2006-01-19
|
|
WebspotBlogging 3.0 - 'login.php' SQL Injection
|
12 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-18
|
|
SaralBlog 1.0 - Multiple Input Validation Vulnerabilities
|
11 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-18
|
|
EggBlog 2.0 - 'message' Cross-Site Scripting
|
10 |
WEB
|
alex@evuln.com
|
|
2006-01-18
|
|
EggBlog 2.0 - 'id' SQL Injection
|
12 |
WEB
|
alex@evuln.com
|
|
2005-12-28
|
|
Phpclanwebsite 1.23.1 - BBCode IMG Tag Script Injection
|
12 |
WEB
|
kurdish hackers team
|
|
2006-01-16
|
|
PHPXplorer 0.9.33 - 'action.php' Directory Traversal
|
9 |
WEB
|
liz0
|
|
2006-01-17
|
|
aoblogger 2.3 - 'create.php' Entry Creation
|
11 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-17
|
|
aoblogger 2.3 - 'login.php?Username' SQL Injection
|
11 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-17
|
|
aoblogger 2.3 - URL BBcode Cross-Site Scripting
|
8 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-17
|
|
PowerPortal 1.1/1.3 - 'search.php' Cross-Site Scripting
|
12 |
WEB
|
night_warrior771
|
|
2006-01-17
|
|
PowerPortal 1.1/1.3 - 'index.php' Cross-Site Scripting
|
13 |
WEB
|
night_warrior771
|
|
2006-01-17
|
|
microBlog 2.0 - 'index.php' Multiple SQL Injections
|
12 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-16
|
|
BlogPHP 1.0 - 'index.php' SQL Injection
|
11 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-16
|
|
RedKernel Referrer Tracker 1.1.0-3 - 'Rkrt_stats.php' Cross-Site Scripting
|
10 |
WEB
|
Preddy
|
|
2006-01-16
|
|
PHPXplorer 0.9.33 - 'Workspaces.php' Directory Traversal
|
12 |
WEB
|
Oriol Torrent Santiago
|
|
2006-01-16
|
|
EZDatabase 2.1.1 - 'index.php' Cross-Site Scripting
|
10 |
WEB
|
Josh Zlatin-Amishav
|
|
2006-01-16
|
|
GTP iCommerce - Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
Preddy
|
