|
2006-01-12
|
|
TankLogger 2.4 General Functions Script - SQL Injection
|
8 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-12
|
|
Fog Creek Software FogBugz 4.0 29 - 'default.asp' Cross-Site Scripting
|
8 |
WEB
|
M.Neset KABAKLI
|
|
2006-01-12
|
|
Interspire TrackPoint NX - 'index.php' Cross-Site Scripting
|
9 |
WEB
|
M.Neset KABAKLI
|
|
2006-01-11
|
|
MyPHPim - Login Page pass Field SQL Injection
|
9 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-11
|
|
MyPHPim - 'calendar.php3?cal_id' SQL Injection
|
9 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-10
|
|
Orjinweb - 'index.php' Remote File Inclusion
|
8 |
WEB
|
serxwebun
|
|
2006-01-10
|
|
WebWiz Forums - 'Search_form.asp' Cross-Site Scripting
|
9 |
WEB
|
nukedx
|
|
2006-01-10
|
|
Hummingbird Collaboration - Application Cookie Internal Network Information Disclosure
|
7 |
WEB
|
Luca Carettoni
|
|
2006-01-10
|
|
Hummingbird Collaboration - Crafted URL File Property Obscuration Download
|
9 |
WEB
|
Luca Carettoni
|
|
2006-01-09
|
|
PHP-Nuke News Submission Story - Text Field Cross-Site Scripting
|
8 |
WEB
|
night_warrior771
|
|
2006-01-09
|
|
Xoops Pool Module - IMG Tag HTML Injection
|
8 |
WEB
|
night_warrior771
|
|
2006-01-09
|
|
PHP-Nuke 7.7 EV Search Module - SQL Injection
|
8 |
WEB
|
Lostmon
|
|
2006-01-09
|
|
427BB 2.2 - Authentication Bypass
|
8 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-09
|
|
Venom Board - 'Post.php3' Multiple SQL Injections
|
7 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-09
|
|
427BB 2.2 - 'showthread.php' SQL Injection
|
8 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-09
|
|
AppServ Open Project 2.4.5 - Remote File Inclusion
|
7 |
WEB
|
Xez
|
|
2013-07-23
|
|
Photo Server 2.0 iOS - Multiple Vulnerabilities
|
10 |
WEB
|
Vulnerability-Lab
|
|
2013-07-23
|
|
Dell Kace 1000 SMA 5.4.742 - SQL Injection
|
8 |
WEB
|
Vulnerability-Lab
|
|
2006-01-06
|
|
TinyPHPForum 3.6 - Multiple Directory Traversal Vulnerabilities
|
8 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-06
|
|
TheWebForum 1.2.1 - Multiple Input Validation Vulnerabilities
|
8 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-06
|
|
OnePlug CMS - '/products/details.asp?Product_ID' SQL Injection
|
8 |
WEB
|
Preddy
|
|
2006-01-06
|
|
OnePlug CMS - '/services/details.asp?Service_ID' SQL Injection
|
8 |
WEB
|
Preddy
|
|
2006-01-06
|
|
OnePlug CMS - '/press/details.asp?Press_Release_ID' SQL Injection
|
9 |
WEB
|
Preddy
|
|
2006-01-06
|
|
Foro Domus 2.10 - Multiple Input Validation Vulnerabilities
|
8 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2005-12-25
|
|
CS-Cart - Multiple SQL Injections
|
8 |
WEB
|
r0t3d3Vil
|
|
2005-12-25
|
|
EZ Invoice Inc. EZI 2.0 - 'Invoices.php' SQL Injection
|
9 |
WEB
|
r0t3d3Vil
|
|
2005-12-25
|
|
LogicBill 1.0 - Multiple SQL Injections
|
9 |
WEB
|
r0t3d3Vil
|
|
2005-12-26
|
|
Jax Calendar 1.34 - 'jax_calendar.php' SQL Injection
|
8 |
WEB
|
r0t3d3Vil
|
|
2006-01-03
|
|
Primo Place Primo Cart 1.0 - Multiple SQL Injections
|
8 |
WEB
|
r0t
|
|
2006-01-03
|
|
INCOGEN Bugport 1.x - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
r0t
|
|
2006-01-03
|
|
INCOGEN Bugport 1.x - Multiple SQL Injections
|
9 |
WEB
|
r0t
|
|
2006-01-02
|
|
DiscusWare Discus 3.10 - Error Message Cross-Site Scripting
|
9 |
WEB
|
$um$id
|
|
2006-01-01
|
|
Drupal 4.x - URL-Encoded Input HTML Injection
|
8 |
WEB
|
liz0
|
|
2006-02-01
|
|
vBulletin 3.5.2 - Event Title HTML Injection
|
9 |
WEB
|
trueend5
|
|
2006-01-02
|
|
ScozNet ScozBook 1.1 - 'AdminName' SQL Injection
|
9 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-01
|
|
Chimera Web Portal 0.2 - 'linkcategory.php?id' SQL Injection
|
9 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-01
|
|
Chimera Web Portal 0.2 - 'modules.php' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2005-12-29
|
|
Chipmunk Guestbook 1.4 - Homepage HTML Injection
|
9 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2013-07-22
|
|
Sybase EAServer 6.3.1 - Multiple Vulnerabilities
|
9 |
WEB
|
SEC Consult
|
|
2013-07-22
|
|
MLM (Multi Level Marketing) Script - Multiple Vulnerabilities
|
9 |
WEB
|
3spi0n
|
|
2013-07-22
|
|
Barracuda CudaTel 2.6.02.040 - SQL Injection
|
8 |
WEB
|
Vulnerability-Lab
|
|
2013-07-22
|
|
Barracuda LB / SVF / WAF / WEF - Multiple Vulnerabilities
|
8 |
WEB
|
Vulnerability-Lab
|
|
2006-01-01
|
|
PHPJournaler 1.0 - 'Readold' SQL Injection
|
8 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-01
|
|
InTouch 0.5.1 Alpha - User Variable SQL Injection
|
8 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2005-12-29
|
|
Jevontech PHPenpals - PersonalID SQL Injection
|
8 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2005-12-29
|
|
VEGO Links Builder 2.0 Login Script - SQL Injection
|
8 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2005-12-28
|
|
VEGO Web Forum 1.x - Theme_ID SQL Injection
|
9 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2005-12-29
|
|
PHPBook 1.x - Mail Field PHP Code Injection
|
8 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2005-12-29
|
|
OABoard 1.0 Forum - Remote File Inclusion
|
8 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2005-12-30
|
|
phpDocumentor 1.2/1.3 - Forum Lib Variable Cross-Site Scripting
|
9 |
WEB
|
zeus olimpusklan
|
|
2005-12-30
|
|
Kayako SupportSuite 3.0 0.26 - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
r0t3d3Vil
|
|
2005-12-30
|
|
OOApp Guestbook 2.1 Home Script - Cross-Site Scripting
|
9 |
WEB
|
r0t3d3Vil
|
|
2005-12-30
|
|
Ades Design AdesGuestbook 2.0 Read Script - Cross-Site Scripting
|
8 |
WEB
|
r0t3d3Vil
|
|
2005-12-30
|
|
Web Wiz (Multiple Products) - SQL Injection
|
8 |
WEB
|
DevilBox
|
|
2005-12-29
|
|
MyBB 1.0 - 'Globa.php' Cookie Data SQL Injection
|
9 |
WEB
|
imei
|
|
2005-12-29
|
|
GMailSite 1.0.x - Cross-Site Scripting
|
9 |
WEB
|
Lostmon
|
|
2005-12-28
|
|
Dream4 Koobi 5.0 - BBCode URL Tag Script Injection
|
8 |
WEB
|
kurdish hackers team
|
|
2005-12-27
|
|
FatWire UpdateEngine 6.2 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
r0t3d3Vil
|
|
2005-12-23
|
|
PaperThin CommonSpot Content Server 4.5 - Cross-Site Scripting
|
8 |
WEB
|
r0t3d3Vil
|
|
2005-12-27
|
|
IceWarp Universal WebMail - '/mail/include.html' Crafted HTTP_USER_AGENT Arbitrary File Access
|
9 |
WEB
|
Tan Chew Keong
|
|
2005-12-27
|
|
IceWarp Universal WebMail - '/mail/index.html?lang_settings' Remote File Inclusion
|
9 |
WEB
|
Tan Chew Keong
|
|
2005-12-27
|
|
IceWarp Universal WebMail - '/mail/settings.html?Language' Local File Inclusion
|
8 |
WEB
|
Tan Chew Keong
|
|
2005-12-27
|
|
IceWarp Universal WebMail - '/dir/include.html?lang' Local File Inclusion
|
8 |
WEB
|
Tan Chew Keong
|
|
2005-12-27
|
|
IceWarp Universal WebMail - '/admin/inc/include.php' Multiple Remote File Inclusions
|
8 |
WEB
|
Tan Chew Keong
|
|
2005-12-27
|
|
IceWarp Universal WebMail - '/accounts/inc/include.php' Multiple Remote File Inclusions
|
9 |
WEB
|
Tan Chew Keong
|
|
2005-12-27
|
|
Dev Web Management System 1.5 - 'add.php' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
retrogod@aliceposta.it
|
|
2005-12-27
|
|
Dev Web Management System 1.5 - 'download_now.php?target' SQL Injection
|
9 |
WEB
|
retrogod@aliceposta.it
|
|
2005-12-27
|
|
Dev Web Management System 1.5 - 'getfile.php?cat' SQL Injection
|
8 |
WEB
|
retrogod@aliceposta.it
|
|
2005-12-27
|
|
Cerberus Helpdesk 2.649 - 'display_ticket_thread.php?ticket' SQL Injection
|
8 |
WEB
|
A. Ramos
|
|
2005-12-27
|
|
Cerberus Helpdesk 2.649 - 'addresses_export.php?queues' SQL Injection
|
7 |
WEB
|
A. Ramos
|
|
2005-12-27
|
|
Cerberus Helpdesk 2.649 - 'cer_KnowledgebaseHandler.class.php?_load_article_details' SQL Injection
|
8 |
WEB
|
A. Ramos
|
|
2005-12-23
|
|
oracle Application server discussion forum portlet - Multiple Vulnerabilities
|
8 |
WEB
|
Johannes Greil
|
|
2005-12-22
|
|
Tangora Portal CMS 4.0 - 'Action' Cross-Site Scripting
|
8 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
SyntaxCMS - Search Query Cross-Site Scripting
|
8 |
WEB
|
r0t3d3Vil
|
|
2005-12-22
|
|
MusicBox 2.3 - 'type' SQL Injection
|
9 |
WEB
|
Medo HaCKer
|
|
2005-12-21
|
|
Quantum Art QP7.Enterprise - 'news.asp?p_news_id' SQL Injection
|
8 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
Quantum Art QP7.Enterprise - 'news_and_events_new.asp?p_news_id' SQL Injection
|
8 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
PHPSlash 0.8.1 - 'article.php' SQL Injection
|
8 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
Papoo 2.1.2 - 'print.php' Multiple SQL Injections
|
9 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
Papoo 2.1.2 - 'Guestbook.php?menuid' SQL Injection
|
9 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
Papoo 2.1.2 - 'index.php?menuid' SQL Injection
|
9 |
WEB
|
r0t3d3Vil
|
|
2013-07-18
|
|
Anchor CMS 0.9.1 - Persistent Cross-Site Scripting
|
8 |
WEB
|
DURAKIBOX
|
|
2013-07-18
|
|
Dell PacketTrap PSA 7.1 - Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Vulnerability-Lab
|
|
2013-07-18
|
|
Dell PacketTrap MSP RMM 6.6.x - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
Vulnerability-Lab
|
|
2013-07-18
|
|
Xibo 1.2.2/1.4.1 - 'index.php?p' Directory Traversal
|
9 |
WEB
|
Mahendra
|
|
2013-07-18
|
|
ePhoto Transfer 1.2.1 iOS - Multiple Vulnerabilities
|
8 |
WEB
|
Vulnerability-Lab
|
|
2013-07-18
|
|
Flux Player 3.1.0 iOS - Multiple Vulnerabilities
|
9 |
WEB
|
Vulnerability-Lab
|
|
2013-07-18
|
|
WiFly 1.0 Pro iOS - Multiple Vulnerabilities
|
8 |
WEB
|
Vulnerability-Lab
|
|
2005-12-21
|
|
Sitekit CMS 6.6 - 'registration-form.html?ClickFrom' Cross-Site Scripting
|
9 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
Sitekit CMS 6.6 - 'Request-call-back.html?ClickFrom' Cross-Site Scripting
|
8 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
Sitekit CMS 6.6 - 'Default.aspx' Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
Commercial Interactive Media SCOOP! 2.3 - 'requestDemo.asp?Invalid' Cross-Site Scripting
|
9 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
Commercial Interactive Media SCOOP! 2.3 - 'prePurchaserRegistration.asp?Invalid' Cross-Site Scriptin
|
8 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
Commercial Interactive Media SCOOP! 2.3 - 'articleZone.asp?Invalid' Cross-Site Scripting
|
8 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
Commercial Interactive Media SCOOP! 2.3 - 'category.asp' Multiple Cross-Site Scripting Vulnerabiliti
|
8 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
Commercial Interactive Media SCOOP! 2.3 - 'account_login.asp' Multiple Cross-Site Scripting Vulnerab
|
9 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
Commercial Interactive Media SCOOP! 2.3 - 'lostPassword.asp' Multiple Cross-Site Scripting Vulnerabi
|
8 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
Commercial Interactive Media SCOOP! 2.3 - 'articleSearch.asp' Cross-Site Scripting
|
8 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
Scoop 1.1 RC1 - Missing Story Error Cross-Site Scripting
|
9 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
Scoop 1.1 RC1 Search Module - Multiple Cross-Site Scriptings
|
8 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
ComputerOil Redakto CMS 3.2 - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
ProjectApp 3.3 - 'default.asp?skin_number' Cross-Site Scripting
|
8 |
WEB
|
r0t
|
|
2005-12-21
|
|
ProjectApp 3.3 - 'login.asp?ret_page' Cross-Site Scripting
|
8 |
WEB
|
r0t
|
|
2005-12-21
|
|
ProjectApp 3.3 - 'pmprojects.asp?projectid' Cross-Site Scripting
|
8 |
WEB
|
r0t
|
|
2005-12-21
|
|
ProjectApp 3.3 - 'links.asp?keywords' Cross-Site Scripting
|
8 |
WEB
|
r0t
|
|
2005-12-21
|
|
ProjectApp 3.3 - 'cat.asp?keywords' Cross-Site Scripting
|
9 |
WEB
|
r0t
|
|
2005-12-21
|
|
ProjectApp 3.3 - 'search_employees.asp?keywords' Cross-Site Scripting
|
9 |
WEB
|
r0t
|
|
2005-12-21
|
|
ProjectApp 3.3 - 'forums.asp?keywords' Cross-Site Scripting
|
9 |
WEB
|
r0t
|
|
2005-12-21
|
|
IntranetApp 3.3 - 'content.asp' Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
r0t
|
|
2005-12-21
|
|
IntranetApp 3.3 - 'login.asp?ret_page' Cross-Site Scripting
|
9 |
WEB
|
r0t
|
|
2005-12-21
|
|
SiteEnable 3.3 - 'login.asp' Cross-Site Scripting
|
9 |
WEB
|
r0t
|
|
2005-12-21
|
|
PortalApp 3.3/4.0 - 'login.asp' Cross-Site Scripting
|
8 |
WEB
|
r0t
|
|
2005-12-21
|
|
Papaya CMS 4.0.4 - Cross-Site Scripting
|
8 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
OpenEdit 4.0 - Results.HTML Cross-Site Scripting
|
7 |
WEB
|
r0t3d3Vil
|
|
2005-12-21
|
|
Beehive Forum 0.6.2 - Multiple HTML Injection Vulnerabilities
|
8 |
WEB
|
Alireza Hassani
|
|
2005-12-21
|
|
Tolva 0.1 - 'Usermods.php' Remote File Inclusion
|
9 |
WEB
|
xbefordx
|
|
2005-12-20
|
|
Quick Square Development Honeycomb Archive 3.0 - 'CategoryResults.cfm' Multiple SQL Injections
|
7 |
WEB
|
r0t3d3Vil
|
|
2005-12-20
|
|
AbleDesign D-Man 3.0 - 'Title' Cross-Site Scripting
|
8 |
WEB
|
$um$id
|
|
2005-12-20
|
|
Plogger Beta 2 - Remote File Inclusion
|
9 |
WEB
|
Security .Net Information
|
|
2005-12-20
|
|
LiveJournal - Cleanhtml.pl HTML Injection
|
8 |
WEB
|
Andrew Farmer
|
|
2005-12-20
|
|
Enterprise Connector 1.0.2 - 'main.php' SQL Injection
|
8 |
WEB
|
Attila Gerendi
|
|
2005-12-20
|
|
Extensis Portfolio Netpublish Server 7.0 - Server.NP Directory Traversal
|
10 |
WEB
|
Andy Davis
|
|
2005-12-19
|
|
Mercury CMS 4.0 - Multiple Input Validation Vulnerabilities
|
8 |
WEB
|
r0t3d3Vil
|
|
2005-12-19
|
|
Komodo CMS 2.1 - Multiple Input Validation Vulnerabilities
|
8 |
WEB
|
r0t3d3Vil
|
|
2005-12-19
|
|
E-Publish 2.0 - Multiple Input Validation Vulnerabilities
|
9 |
WEB
|
r0t3d3Vil
|
