|
2005-09-20
|
|
PHP Advanced Transfer Manager 1.30 - Multiple Directory Traversal Vulnerabilities
|
14 |
WEB
|
rgod
|
|
2005-09-20
|
|
Hesk 0.92/0.93 - Session ID Authentication Bypass
|
13 |
WEB
|
Rajesh Sethumadhavan
|
|
2005-09-19
|
|
MX Shop 3.2 - 'index.php' Multiple SQL Injections
|
11 |
WEB
|
David Sopas Ferreira
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/template.php' Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/modlog.php?orderby' Cross-Site Scripting
|
12 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/language.php?goto' Cross-Site Scripting
|
10 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/user.php?email' Cross-Site Scripting
|
11 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/index.php' Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/css.php?group' Cross-Site Scripting
|
12 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
NooToplist 1.0 - 'index.php' Multiple SQL Injections
|
14 |
WEB
|
David Sopas Ferreira
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/usertools.php?ids' SQL Injection
|
15 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/usertitle.php?usertitleid' SQL Injection
|
12 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/user.php' Multiple SQL Injections
|
11 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - 'joinrequests.php?request' SQL Injection
|
9 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
EPay Pro 2.0 - 'index.php' Directory Traversal
|
9 |
WEB
|
h4cky0u
|
|
2005-09-16
|
|
Content2Web 1.0.1 - Multiple Input Validation Vulnerabilities
|
12 |
WEB
|
Security Tester
|
|
2005-09-15
|
|
DeluxeBB 1.0 - 'newpost.php' SQL Injection
|
12 |
WEB
|
abducter
|
|
2005-09-15
|
|
DeluxeBB 1.0 - 'pm.php' SQL Injection
|
12 |
WEB
|
abducter
|
|
2005-09-15
|
|
DeluxeBB 1.0 - 'forums.php' SQL Injection
|
8 |
WEB
|
abducter
|
|
2005-09-15
|
|
DeluxeBB 1.0 - 'misc.php' SQL Injection
|
9 |
WEB
|
abducter
|
|
2005-09-15
|
|
DeluxeBB 1.0 - 'topic.php' SQL Injection
|
14 |
WEB
|
abducter
|
|
2005-09-15
|
|
AEwebworks aeDating 3.2/4.0 - 'search_result.php' SQL Injection
|
9 |
WEB
|
alexsrb
|
|
2005-09-15
|
|
Digital Scribe 1.4 - Login SQL Injection
|
10 |
WEB
|
rgod
|
|
2005-09-14
|
|
Noah's Classifieds 1.3 - 'index.php' Cross-Site Scripting
|
10 |
WEB
|
trueend5
|
|
2005-09-14
|
|
TWiki TWikiUsers - Arbitrary Command Execution
|
13 |
WEB
|
B4dP4nd4
|
|
2005-09-14
|
|
Noah's Classifieds 1.2/1.3 - 'index.php' SQL Injection
|
11 |
WEB
|
trueend5
|
|
2005-09-14
|
|
ATutor 1.5.1 - Chat Logs Remote Information Disclosure
|
17 |
WEB
|
rgod
|
|
2005-09-14
|
|
ATutor 1.5.1 - 'password_reminder.php' SQL Injection
|
10 |
WEB
|
rgod
|
|
2005-09-14
|
|
MIVA Merchant 5 - Merchant.MVC Cross-Site Scripting
|
9 |
WEB
|
admin@hyperconx.com
|
|
2005-09-13
|
|
Mail-it Now! Upload2Server 1.5 - Arbitrary File Upload
|
11 |
WEB
|
rgod
|
|
2005-09-13
|
|
Land Down Under 800/801 - 'plug.php?e' SQL Injection
|
11 |
WEB
|
GroundZero Security Research
|
|
2005-09-13
|
|
Land Down Under 800/801 - 'auth.php?m' SQL Injection
|
12 |
WEB
|
GroundZero Security Research
|
|
2005-09-13
|
|
Subscribe Me Pro 2.44 - S.pl Directory Traversal
|
12 |
WEB
|
h4cky0u
|
|
2005-09-09
|
|
MyBulletinBoard (MyBB) 1.0 - 'RateThread.php' SQL Injection
|
11 |
WEB
|
stranger-killer
|
|
2013-06-17
|
|
Simple File Manager 024 - Authentication Bypass
|
12 |
WEB
|
Chako
|
|
2013-06-17
|
|
SPBAS Business Automation Software 2012 - Multiple Vulnerabilities
|
9 |
WEB
|
Christy Philip Mathew
|
|
2013-06-17
|
|
Havalite CMS 1.1.7 - Unrestricted Arbitrary File Upload
|
10 |
WEB
|
CWH Underground
|
|
2013-06-17
|
|
Fly-High CMS 2012-07-08 - Unrestricted Arbitrary File Upload
|
10 |
WEB
|
CWH Underground
|
|
2013-06-17
|
|
WordPress Plugin Ultimate WordPress Auction Plugin 1.0 - Cross-Site Request Forgery
|
10 |
WEB
|
expl0i13r
|
|
2005-09-08
|
|
AMember Pro 2.3.4 - Remote File Inclusion
|
10 |
WEB
|
NewAngels Team
|
|
2005-09-08
|
|
Stylemotion WEB//NEWS 1.4 - 'print.php?id' SQL Injection
|
13 |
WEB
|
onkel_fisch
|
|
2005-09-08
|
|
Stylemotion WEB//NEWS 1.4 - 'news.php' Multiple SQL Injections
|
11 |
WEB
|
onkel_fisch
|
|
2005-09-08
|
|
Stylemotion WEB//NEWS 1.4 - 'startup.php' Cookie SQL Injection
|
9 |
WEB
|
onkel_fisch
|
|
2005-09-07
|
|
phpCommunityCalendar 4.0 - Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
rgod
|
|
2005-09-07
|
|
PBLang 4.65 Bulletin Board System - 'SetCookie.php' Directory Traversal
|
9 |
WEB
|
rgod
|
|
2005-09-07
|
|
phpCommunityCalendar 4.0 - Multiple SQL Injections
|
12 |
WEB
|
rgod
|
|
2005-09-06
|
|
MyBulletinBoard (MyBB) 1.0 - Multiple SQL Injections
|
10 |
WEB
|
stranger-killer
|
|
2005-09-06
|
|
MAXdev MD-Pro 1.0.73 - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
rgod
|
|
2005-09-06
|
|
MAXdev MD-Pro 1.0.73 - Arbitrary File Upload
|
12 |
WEB
|
rgod
|
|
2005-09-06
|
|
Unclassified NewsBoard 1.5.3 - 'Description' HTML Injection
|
9 |
WEB
|
retrogod@aliceposta.it
|
|
2005-09-06
|
|
Land Down Under 601/602/700/701/800/801 - 'events.php' HTML Injection
|
12 |
WEB
|
conor.e.buckley
|
|
2005-08-31
|
|
CMS Made Simple 0.10 - 'Lang.php' Remote File Inclusion
|
13 |
WEB
|
groszynskif
|
|
2005-08-31
|
|
FlatNuke 2.5.6 - 'USR' Cross-Site Scripting
|
12 |
WEB
|
rgod
|
|
2013-06-14
|
|
LibrettoCMS 2.2.2 - Arbitrary File Upload
|
10 |
WEB
|
CWH Underground
|
|
2005-08-31
|
|
FlatNuke 2.5.6 - 'ID' Directory Traversal
|
8 |
WEB
|
rgod
|
|
2005-08-30
|
|
phpLDAPadmin 0.9.6/0.9.7 - 'welcome.php' Arbitrary File Inclusion
|
10 |
WEB
|
rgod
|
|
2005-08-29
|
|
PHP-Fusion 4.0/5.0/6.0 - BBCode URL Tag Script Injection
|
14 |
WEB
|
slacker4ever_1
|
|
2005-08-29
|
|
Autolinks 2.1 Pro - 'Al_initialize.php' Remote File Inclusion
|
12 |
WEB
|
4Degrees
|
|
2005-08-29
|
|
Land Down Under 700/701/800/801 - 'list.php' Multiple SQL Injections
|
9 |
WEB
|
matrix_killer
|
|
2005-08-29
|
|
Land Down Under 700/701/800/801 - 'events.php?c' SQL Injection
|
10 |
WEB
|
matrix_killer
|
|
2005-08-29
|
|
Land Down Under 700/701/800/801 - 'index.php?c' SQL Injection
|
11 |
WEB
|
matrix_killer
|
|
2005-08-29
|
|
MyBB - 'member.php' SQL Injection
|
11 |
WEB
|
W7ED
|
|
2005-08-27
|
|
Looking Glass 20040427 - Remote Command Execution
|
9 |
WEB
|
rgod
|
|
2005-08-27
|
|
Looking Glass - Cross-Site Scripting
|
10 |
WEB
|
rgod
|
|
2005-08-29
|
|
PHPWebNotes 2.0 - 'Api.php' Remote File Inclusion
|
11 |
WEB
|
nf2@scheinwelt.at
|
|
2005-08-29
|
|
SqWebMail 5.0.4 - HTML Email IMG Tag Script Injection
|
12 |
WEB
|
Jakob Balle
|
|
2005-08-28
|
|
phpMyAdmin 2.x - 'error.php' Cross-Site Scripting
|
14 |
WEB
|
Michal Cihar
|
|
2005-08-24
|
|
Foojan PHPWeblog - Html Injection
|
12 |
WEB
|
ali202
|
|
2005-08-23
|
|
SaveWebPortal 3.4 - Multiple Directory Traversal Vulnerabilities
|
10 |
WEB
|
rgod
|
|
2005-08-23
|
|
SaveWebPortal 3.4 - Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
rgod
|
|
2005-08-23
|
|
SaveWebPortal 3.4 - Multiple Remote File Inclusions
|
11 |
WEB
|
rgod
|
|
2005-08-23
|
|
SaveWebPortal 3.4 - Unauthorized Access
|
9 |
WEB
|
rgod
|
|
2005-08-22
|
|
PostNuke 0.75/0.76 DL - 'viewdownload.php' SQL Injection
|
9 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-08-22
|
|
PostNuke 0.76 RC4b - 'user.php?htmltext' Cross-Site Scripting
|
12 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-08-22
|
|
PostNuke 0.76 RC4b Comments Module - 'moderate' Cross-Site Scripting
|
13 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-08-22
|
|
RunCMS 1.1/1.2 Module Newbb_plus/Messages - SQL Injection
|
12 |
WEB
|
GulfTech Security
|
|
2005-08-22
|
|
PHPKit 1.6.1 - 'member.php' SQL Injection
|
11 |
WEB
|
phuket
|
|
2005-08-22
|
|
NEPHP 3.0.4 - 'browse.php' Cross-Site Scripting
|
12 |
WEB
|
bl2k
|
|
2005-08-20
|
|
Land Down Under 800 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
12 |
WEB
|
bl2k
|
|
2005-08-20
|
|
Land Down Under 800 - 'journal.php?w' Cross-Site Scripting
|
9 |
WEB
|
bl2k
|
|
2005-08-20
|
|
Land Down Under 800/801 - 'forums.php' Multiple SQL Injections
|
11 |
WEB
|
bl2k
|
|
2005-08-20
|
|
Land Down Under 800/801 - 'list.php' Multiple SQL Injections
|
10 |
WEB
|
bl2k
|
|
2005-08-20
|
|
Land Down Under 800/801 - 'journal.php?m' SQL Injection
|
10 |
WEB
|
bl2k
|
|
2005-08-20
|
|
Land Down Under 800/801 - 'links.php?w' SQL Injection
|
9 |
WEB
|
bl2k
|
|
2005-08-20
|
|
Woltlab Burning Board 2.x - 'ModCP.php' SQL Injection
|
9 |
WEB
|
[R]
|
|
2013-06-13
|
|
Airlive IP Cameras - Multiple Vulnerabilities
|
10 |
WEB
|
Sánchez_ Lopez_ Castillo
|
|
2005-08-19
|
|
Mantis Bug Tracker 0.x/1.0 - Multiple Input Validation Vulnerabilities
|
11 |
WEB
|
anonymous
|
|
2005-08-18
|
|
PHPOutsourcing Zorum 3.5 - 'Prod.php' Arbitrary Command Execution
|
12 |
WEB
|
rgod
|
|
2005-08-18
|
|
ATutor 1.5.1 - 'login.php?course' Cross-Site Scripting
|
9 |
WEB
|
matrix_killer
|
|
2005-08-18
|
|
W-Agora 4.2 - 'Site' Directory Traversal
|
12 |
WEB
|
matrix_killer
|
|
2005-08-17
|
|
PHPTB Topic Board 2.0 - 'tech_o.php?absolutepath' Remote File Inclusion
|
9 |
WEB
|
Filip Groszynski
|
|
2005-08-17
|
|
PHPTB Topic Board 2.0 - 'file_o.php?absolutepath' Remote File Inclusion
|
11 |
WEB
|
Filip Groszynski
|
|
2005-08-17
|
|
PHPTB Topic Board 2.0 - 'dev_o.php?absolutepath' Remote File Inclusion
|
11 |
WEB
|
Filip Groszynski
|
|
2005-08-17
|
|
PHPTB Topic Board 2.0 - 'board_o.php?absolutepath' Remote File Inclusion
|
11 |
WEB
|
Filip Groszynski
|
|
2005-08-17
|
|
PHPTB Topic Board 2.0 - 'admin_o.php?absolutepath' Remote File Inclusion
|
10 |
WEB
|
Filip Groszynski
|
|
2005-08-17
|
|
PHPFreeNews 1.40 - 'searchresults.php' Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
h4cky
|
|
2005-08-17
|
|
PHPFreeNews 1.40 - 'NewsCategoryForm.php?NewsMode' Cross-Site Scripting
|
10 |
WEB
|
h4cky
|
|
2005-08-17
|
|
PHPFreeNews 1.40 - 'searchresults.php' Multiple SQL Injections
|
10 |
WEB
|
h4cky
|
|
2005-08-16
|
|
Soft4e ECW-Shop 6.0.2 - 'index.php' HTML Injection
|
10 |
WEB
|
John Cobb
|
|
2005-08-16
|
|
ECW Shop 6.0.2 - 'index.php' Cross-Site Scripting
|
9 |
WEB
|
John Cobb
|
|
2005-08-16
|
|
CPaint 1.3 - xmlhttp Request Input Validation
|
10 |
WEB
|
Thor Larholm
|
|
2005-08-16
|
|
Soft4e ECW-Shop 6.0.2 - 'index.php' SQL Injection
|
11 |
WEB
|
John Cobb
|
|
2005-08-16
|
|
PersianBlog - 'Userslist.asp' SQL Injection
|
9 |
WEB
|
trueend5
|
|
2005-08-16
|
|
My Image Gallery 1.4.1 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
anonymous
|
|
2005-08-12
|
|
MyBulletinBoard (MyBB) RC4 - 'action' SQL Injection
|
12 |
WEB
|
phuket
|
|
2005-08-12
|
|
MyBulletinBoard (MyBB) RC4 - 'polloptions' SQL Injection
|
12 |
WEB
|
phuket
|
|
2005-08-12
|
|
MyBulletinBoard (MyBB) RC4 - 'member.php' Multiple SQL Injections
|
11 |
WEB
|
phuket
|
|
2005-08-12
|
|
MyBulletinBoard (MyBB) RC4 - 'Username' SQL Injection
|
9 |
WEB
|
phuket
|
|
2005-08-10
|
|
VegaDNS 0.8.1/0.9.8/0.9.9 - 'index.php' Cross-Site Scripting
|
8 |
WEB
|
dyn0
|
|
2005-08-10
|
|
PHPTB Topic Board 2.0 - 'index.php?mid' SQL Injection
|
9 |
WEB
|
abducter_minds@yahoo.com
|
|
2005-08-10
|
|
ezUpload 2.2 - 'form.php?path' Remote File Inclusion
|
9 |
WEB
|
Johnnie Walker
|
|
2005-08-10
|
|
ezUpload 2.2 - 'customize.php?path' Remote File Inclusion
|
11 |
WEB
|
Johnnie Walker
|
|
2005-08-10
|
|
ezUpload 2.2 - 'initialize.php?path' Remote File Inclusion
|
10 |
WEB
|
Johnnie Walker
|
|
2005-08-10
|
|
ezUpload 2.2 - 'index.php?path' Remote File Inclusion
|
9 |
WEB
|
Johnnie Walker
|
|
2013-06-11
|
|
Simple PHP Agenda 2.2.8 - 'edit_event.php?eventid' SQL Injection
|
10 |
WEB
|
Anthony Dubuissez
|
|
2013-06-11
|
|
Fobuc Guestbook 0.9 - SQL Injection
|
10 |
WEB
|
CWH Underground
|
|
2013-06-11
|
|
Buffalo WZR-HP-G300NH2 - Cross-Site Request Forgery
|
10 |
WEB
|
Prayas Kulshrestha
|
|
2005-08-09
|
|
TriggerTG TClanPortal 3.0 - Multiple SQL Injections
|
12 |
WEB
|
admin@batznet.com
|
|
2013-06-11
|
|
NanoBB 0.7 - Multiple Vulnerabilities
|
9 |
WEB
|
CWH Underground
|
|
2013-06-11
|
|
Weathermap 0.97c - 'mapname' Local File Inclusion
|
10 |
WEB
|
Anthony Dubuissez
|
|
2013-06-11
|
|
WordPress Plugin WP-SendSms 1.0 - Multiple Vulnerabilities
|
8 |
WEB
|
expl0i13r
|
|
2005-08-08
|
|
FunkBoard 0.66 - 'register.php' Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
rgod
|
|
2005-08-08
|
|
FunkBoard 0.66 - 'profile.php' Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
rgod
|
|
2005-08-08
|
|
FunkBoard 0.66 - 'reply.php' Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
rgod
|
|
2005-08-08
|
|
FunkBoard 0.66 - 'newtopic.php' Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
rgod
|
