|
2005-07-04
|
|
EasyPHPCalendar 6.1.5/6.2.x - 'setupSQL.php?serverPath' Remote File Inclusion
|
7 |
WEB
|
Albania Security Clan
|
|
2005-07-04
|
|
EasyPHPCalendar 6.1.5/6.2.x - 'datePicker.php?serverPath' Remote File Inclusion
|
7 |
WEB
|
Albania Security Clan
|
|
2005-07-04
|
|
EasyPHPCalendar 6.1.5/6.2.x - 'header.inc.php?serverPath' Remote File Inclusion
|
7 |
WEB
|
Albania Security Clan
|
|
2005-07-04
|
|
EasyPHPCalendar 6.1.5/6.2.x - 'popup.php?serverPath' Remote File Inclusion
|
7 |
WEB
|
Albania Security Clan
|
|
2005-07-04
|
|
EasyPHPCalendar 6.1.5/6.2.x - 'calendar.php?serverPath' Remote File Inclusion
|
7 |
WEB
|
Albania Security Clan
|
|
2005-07-01
|
|
RaXnet Cacti 0.5/0.6.x/0.8.x - 'Graph_Image.php' Remote Command Execution Variant
|
7 |
WEB
|
Alberto Trivero
|
|
2005-06-30
|
|
osTicket 1.2/1.3 - 'view.php?inc' Arbitrary Local File Inclusion
|
7 |
WEB
|
edisan & foster
|
|
2005-06-30
|
|
CyberStrong EShop 4.2 - '10browse.asp' SQL Injection
|
7 |
WEB
|
aresu@bosen.net
|
|
2005-06-30
|
|
fsboard 2.0 - Directory Traversal
|
7 |
WEB
|
ActualMInd
|
|
2005-06-30
|
|
CyberStrong eShop 4.2 - '10expand.asp' SQL Injection
|
8 |
WEB
|
aresu@bosen.net
|
|
2005-06-30
|
|
CyberStrong EShop 4.2 - '20review.asp' SQL Injection
|
7 |
WEB
|
aresu@bosen.net
|
|
2005-06-29
|
|
Community Link Pro - 'login.cgi?File' Remote Command Execution
|
7 |
WEB
|
spher3
|
|
2004-10-24
|
|
Phorum 5.0.11 - 'Read.php' SQL Injection
|
7 |
WEB
|
Positive Technologies
|
|
2005-06-29
|
|
CGI-Club imTRBBS 1.0 - Remote Command Execution
|
6 |
WEB
|
blahplok
|
|
2013-06-03
|
|
PHD Help Desk 2.12 - SQL Injection
|
6 |
WEB
|
drone
|
|
2005-06-28
|
|
Dynamic Biz Website Builder (QuickWeb) 1.0 - 'login.asp' SQL Injection
|
7 |
WEB
|
basher13
|
|
2005-06-28
|
|
Hosting Controller 6.1 - 'error.asp' Cross-Site Scripting
|
7 |
WEB
|
Ashiyane Digital Security Team
|
|
2005-06-28
|
|
Community Server Forums - 'SearchResults.aspx' Cross-Site Scripting
|
6 |
WEB
|
abducter_minds@yahoo.com
|
|
2005-06-27
|
|
Mensajeitor 1.8.9 - 'IP' HTML Injection
|
6 |
WEB
|
Megabyte
|
|
2005-06-27
|
|
ASPPlayGround.NET 3.2 SR1 - Arbitrary File Upload
|
7 |
WEB
|
Psycho
|
|
2005-06-27
|
|
ASPNuke 0.80 - 'Language_Select.asp' HTTP Response Splitting
|
7 |
WEB
|
Alberto Trivero
|
|
2005-06-27
|
|
ASPNuke 0.80 - 'register.asp' Multiple Cross-Site Scripting Vulnerabilities
|
6 |
WEB
|
Alberto Trivero
|
|
2005-06-27
|
|
ASPNuke 0.80 - 'forgot_password.asp?email' Cross-Site Scripting
|
7 |
WEB
|
Alberto Trivero
|
|
2005-06-24
|
|
K-COLLECT CSV_DB.CGI 1.0/i_DB.CGI 1.0 - Remote Command Execution
|
7 |
WEB
|
blahplok
|
|
2005-06-24
|
|
UBBCentral UBB.Threads 5.5.1/6.x - 'grabnext.php?posted' SQL Injection
|
7 |
WEB
|
GulfTech Security
|
|
2005-06-24
|
|
UBBCentral UBB.Threads 5.5.1/6.x - 'notifymod.php?Number' SQL Injection
|
7 |
WEB
|
GulfTech Security
|
|
2005-06-24
|
|
UBBCentral UBB.Threads 5.5.1/6.x - 'addfav.php?main' SQL Injection
|
7 |
WEB
|
GulfTech Security
|
|
2005-06-24
|
|
UBBCentral UBB.Threads 5.5.1/6.x - 'viewmessage.php?message' SQL Injection
|
7 |
WEB
|
GulfTech Security
|
|
2005-06-24
|
|
UBBCentral UBB.Threads 5.5.1/6.x - 'modifypost.php?Number' SQL Injection
|
7 |
WEB
|
GulfTech Security
|
|
2005-06-24
|
|
UBBCentral UBB.Threads 5.5.1/6.x - 'calendar.php' Multiple SQL Injections
|
8 |
WEB
|
GulfTech Security
|
|
2005-06-24
|
|
UBBCentral UBB.Threads 5.5.1/6.x - 'download.php?Number' SQL Injection
|
7 |
WEB
|
GulfTech Security
|
|
2005-06-23
|
|
CarLine Forum Russian Board 4.2 - 'enter.php' Multiple SQL Injections
|
7 |
WEB
|
1dt.w0lf
|
|
2005-06-23
|
|
CarLine Forum Russian Board 4.2 - 'in.php' Multiple SQL Injections
|
7 |
WEB
|
1dt.w0lf
|
|
2005-06-23
|
|
CarLine Forum Russian Board 4.2 - 'line.php' Multiple SQL Injections
|
7 |
WEB
|
1dt.w0lf
|
|
2005-06-23
|
|
CarLine Forum Russian Board 4.2 - 'memory.php' Multiple SQL Injections
|
7 |
WEB
|
1dt.w0lf
|
|
2005-06-23
|
|
CarLine Forum Russian Board 4.2 - 'edit_msg.php?name_ig_array1[1]' SQL Injection
|
7 |
WEB
|
1dt.w0lf
|
|
2005-06-23
|
|
CarLine Forum Russian Board 4.2 - 'new.php?name_ig_array1[1]' SQL Injection
|
7 |
WEB
|
1dt.w0lf
|
|
2005-06-23
|
|
CarLine Forum Russian Board 4.2 - 'reply.php?name_ig_array1[1]' SQL Injection
|
7 |
WEB
|
1dt.w0lf
|
|
2005-06-23
|
|
CarLine Forum Russian Board 4.2 - 'reply_in.php' Multiple SQL Injections
|
7 |
WEB
|
1dt.w0lf
|
|
2005-06-23
|
|
CarLine Forum Russian Board 4.2 - 'set.php?name_ig_array[1]' SQL Injection
|
7 |
WEB
|
1dt.w0lf
|
|
2005-06-23
|
|
CarLine Forum Russian Board 4.2 - 'menu_header.php?table_sql' SQL Injection
|
7 |
WEB
|
1dt.w0lf
|
|
2005-06-23
|
|
CarLine Forum Russian Board 4.2 - 'edit_msg.php' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
1dt.w0lf
|
|
2005-06-23
|
|
CarLine Forum Russian Board 4.2 - 'new.php' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
1dt.w0lf
|
|
2005-06-23
|
|
CarLine Forum Russian Board 4.2 - 'reply.php' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
1dt.w0lf
|
|
2005-06-23
|
|
CarLine Forum Russian Board 4.2 - 'set.php?name_ig_array[]' Cross-Site Scripting
|
7 |
WEB
|
1dt.w0lf
|
|
2005-06-23
|
|
CarLine Forum Russian Board 4.2 - 'search.php?text_poisk' Cross-Site Scripting
|
7 |
WEB
|
1dt.w0lf
|
|
2005-06-23
|
|
CarLine Forum Russian Board 4.2 - 'menu_tema.php' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
1dt.w0lf
|
|
2005-06-23
|
|
CarLine Forum Russian Board 4.2 - 'menu_header.php' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
1dt.w0lf
|
|
2005-06-23
|
|
CarLine Forum Russian Board 4.2 - IMG Tag Cross-Site Scripting
|
7 |
WEB
|
1dt.w0lf
|
|
2005-06-23
|
|
CarLine Forum Russian Board 4.2 - 'menu_footer.php' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
1dt.w0lf
|
|
2005-06-23
|
|
Whois.Cart 2.2.x - 'profile.php' Cross-Site Scripting
|
8 |
WEB
|
Elzar Stuffenbach
|
|
2005-06-22
|
|
Ipswitch WhatsUp Professional 2005 SP1 - 'login.asp' SQL Injection
|
7 |
WEB
|
anonymous
|
|
2005-06-01
|
|
DUware DUclassmate 1.x - 'edit.asp?iPro' SQL Injection
|
8 |
WEB
|
Dedi Dwianto
|
|
2005-06-01
|
|
DUware DUclassmate 1.x - 'default.asp?iState' SQL Injection
|
7 |
WEB
|
Dedi Dwianto
|
|
2005-06-22
|
|
DUware DUforum 3.0/3.1 - 'userEdit.asp?id' SQL Injection
|
8 |
WEB
|
Dedi Dwianto
|
|
2005-06-22
|
|
DUware DUforum 3.0/3.1 - 'forums.asp?iFor' SQL Injection
|
7 |
WEB
|
Dedi Dwianto
|
|
2005-06-22
|
|
DUware DUforum 3.0/3.1 - 'post.asp?iFor' SQL Injection
|
7 |
WEB
|
Dedi Dwianto
|
|
2005-06-22
|
|
DUware DUforum 3.0/3.1 - 'messages.asp?iMsg' SQL Injection
|
7 |
WEB
|
Dedi Dwianto
|
|
2005-06-22
|
|
DUware DUpaypal 3.0/3.1 - 'sub.asp?iSub' SQL Injection
|
7 |
WEB
|
Dedi Dwianto
|
|
2005-06-22
|
|
DUware DUpaypal 3.0/3.1 - 'detail.asp?iPro' SQL Injection
|
7 |
WEB
|
Dedi Dwianto
|
|
2005-06-22
|
|
DUware DUamazon Pro 3.0/3.1 - 'detail.asp?iSub' SQL Injection
|
7 |
WEB
|
Dedi Dwianto
|
|
2005-06-22
|
|
DUware DUamazon Pro 3.0/3.1 - 'review.asp?iPro' SQL Injection
|
7 |
WEB
|
Dedi Dwianto
|
|
2005-06-22
|
|
DUware DUamazon Pro 3.0/3.1 - 'catDelete.asp?iCat' SQL Injection
|
7 |
WEB
|
Dedi Dwianto
|
|
2005-06-22
|
|
DUware DUamazon Pro 3.0/3.1 - 'productEdit.asp?iCat' SQL Injection
|
6 |
WEB
|
Dedi Dwianto
|
|
2005-06-22
|
|
DUware DUamazon Pro 3.0/3.1 - 'productDelete.asp?iCat' SQL Injection
|
7 |
WEB
|
Dedi Dwianto
|
|
2005-06-22
|
|
DUware DUamazon Pro 3.0/3.1 - 'type.asp?iType' SQL Injection
|
7 |
WEB
|
Dedi Dwianto
|
|
2005-06-20
|
|
RaXnet Cacti 0.5/0.6/0.8 - 'Top_Graph_Header.php' Remote File Inclusion
|
7 |
WEB
|
Maciej Piotr Falkiewicz
|
|
2005-06-22
|
|
DUware DUportal 3.4.3 Pro - Multiple SQL Injections
|
7 |
WEB
|
Dedi Dwianto
|
|
2005-06-20
|
|
RaXnet Cacti 0.5/0.6/0.8 - 'Config_Settings.php' Remote File Inclusion
|
7 |
WEB
|
Maciej Piotr Falkiewicz
|
|
2005-06-20
|
|
PAFaq - Administrator 'Username' SQL Injection
|
7 |
WEB
|
GulfTech Security
|
|
2005-06-20
|
|
I-Gallery - Folder Argument Cross-Site Scripting
|
7 |
WEB
|
Seyed Hamid Kashfi
|
|
2005-06-20
|
|
PAFaq - Question Cross-Site Scripting
|
7 |
WEB
|
GulfTech Security
|
|
2005-06-20
|
|
I-Gallery - Folder Argument Directory Traversal
|
7 |
WEB
|
Seyed Hamid Kashfi
|
|
2013-05-31
|
|
PhpTax 0.8 - File Manipulation 'newvalue' / Remote Code Execution
|
7 |
WEB
|
CWH Underground
|
|
2005-06-20
|
|
PAFaq beta4 - Database Unauthorized Access
|
7 |
WEB
|
james
|
|
2003-12-07
|
|
LaGarde StoreFront 5.0 Shopping Cart - 'login.asp' SQL Injection
|
7 |
WEB
|
G00db0y
|
|
2005-05-20
|
|
cPanel 9.1 - 'User' Cross-Site Scripting
|
7 |
WEB
|
abducter_minds@yahoo.com
|
|
2005-06-20
|
|
UApplication Ublog Reload 1.0.5 - 'Trackback.asp' Cross-Site Scripting
|
7 |
WEB
|
Dedi Dwianto
|
|
2005-06-20
|
|
Ublog Reload 1.0.5 - 'blog_comment.asp?y' SQL Injection
|
7 |
WEB
|
Dedi Dwianto
|
|
2005-06-20
|
|
Ublog Reload 1.0.5 - 'index.asp' Multiple SQL Injections
|
7 |
WEB
|
Dedi Dwianto
|
|
2005-06-17
|
|
osCommerce 2.1/2.2 - Multiple HTTP Response Splitting Vulnerabilities
|
7 |
WEB
|
GulfTech Security
|
|
2005-06-16
|
|
Cool Cafe Chat 1.2.1 - 'login.asp' SQL Injection
|
7 |
WEB
|
Morning Wood
|
|
2005-06-16
|
|
Ultimate PHP Board 1.8/1.9 - Weak Password Encryption
|
7 |
WEB
|
Alberto Trivero
|
|
2005-06-16
|
|
ATutor 1.4.3 - 'Directory.php' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Lostmon
|
|
2005-06-16
|
|
ATutor 1.4.3 - 'subscribe_forum.php?us' Cross-Site Scripting
|
8 |
WEB
|
Lostmon
|
|
2005-06-16
|
|
ATutor 1.4.3 - 'tile.php' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Lostmon
|
|
2005-06-16
|
|
ATutor 1.4.3 - '/inbox/index.php?view' Cross-Site Scripting
|
8 |
WEB
|
Lostmon
|
|
2005-06-16
|
|
ATutor 1.4.3 - 'search.php' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Lostmon
|
|
2005-06-16
|
|
ATutor 1.4.3 - 'send_message.php?l' Cross-Site Scripting
|
7 |
WEB
|
Lostmon
|
|
2005-06-16
|
|
ATutor 1.4.3 - 'content.php?cid' Cross-Site Scripting
|
7 |
WEB
|
Lostmon
|
|
2005-06-16
|
|
ATutor 1.4.3 - 'contact.php?subject' Cross-Site Scripting
|
7 |
WEB
|
Lostmon
|
|
2005-06-16
|
|
ATutor 1.4.3 - 'browse.php?show_course' Cross-Site Scripting
|
7 |
WEB
|
Lostmon
|
|
2005-06-16
|
|
Ultimate PHP Board 1.8/1.9 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Alberto Trivero
|
|
2005-06-15
|
|
PAFileDB 1.1.3/2.1.1/3.0/3.1 - Multiple Input Validation Vulnerabilities
|
7 |
WEB
|
GulfTech Security
|
|
2005-06-15
|
|
McGallery 1.0/1.1 - Lang Argument File Disclosure
|
7 |
WEB
|
D_BuG
|
|
2005-06-14
|
|
Annuaire 1Two 1.0/1.1 - 'index.php' Cross-Site Scripting
|
7 |
WEB
|
An0nym0uS
|
|
2005-06-13
|
|
FusionBB 0.x - Multiple Input Validation Vulnerabilities
|
7 |
WEB
|
GulfTech Security
|
|
2005-06-13
|
|
Singapore 0.9.11 Beta Image Gallery - 'index.php' Cross-Site Scripting
|
7 |
WEB
|
TheGreatOne2176
|
|
2005-06-12
|
|
JamMail 1.8 - Jammail.pl Arbitrary Command Execution
|
7 |
WEB
|
blahplok
|
|
2005-06-10
|
|
Ovidentia FX - Remote File Inclusion
|
7 |
WEB
|
Status-x
|
|
2013-05-29
|
|
Zavio IP Cameras Firmware 1.6.03 - Multiple Vulnerabilities
|
7 |
WEB
|
Core Security
|
|
2013-05-29
|
|
MayGion IP Cameras Firmware 09.27 - Multiple Vulnerabilities
|
7 |
WEB
|
Core Security
|
|
2013-05-29
|
|
TP-Link IP Cameras Firmware 1.6.18P12 - Multiple Vulnerabilities
|
8 |
WEB
|
Core Security
|
|
2013-05-29
|
|
YeaLink IP Phone Firmware 9.70.0.100 - Phone Call
|
7 |
WEB
|
b0rh
|
|
2013-05-29
|
|
TP-Link WR842ND - Remote Multiple SSID Directory Traversals
|
7 |
WEB
|
Adam Simuntis
|
|
2005-06-09
|
|
Invision Community Blog 1.0/1.1 - Multiple Input Validation Vulnerabilities
|
7 |
WEB
|
GulfTech Security
|
|
2005-06-09
|
|
Invision Power Services Invision Gallery 1.0.1/1.3 - SQL Injection
|
7 |
WEB
|
GulfTech Security
|
|
2005-06-08
|
|
Loki Download Manager 2.0 - 'Catinfo.asp' SQL Injection
|
7 |
WEB
|
hack_912
|
|
2005-06-08
|
|
Loki Download Manager 2.0 - 'default.asp' SQL Injection
|
7 |
WEB
|
hack_912
|
|
2005-06-08
|
|
Cerberus Helpdesk 0.97.3/2.6.1 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Dedi Dwianto
|
|
2005-06-07
|
|
FlatNuke 2.5.x - 'referer.php' Crafted Referer Arbitrary PHP Code Execution
|
7 |
WEB
|
SecWatch
|
|
2005-06-07
|
|
FlatNuke 2.5.x - 'help.php' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
SecWatch
|
|
2005-06-07
|
|
FlatNuke 2.5.x - 'index.php?where' Full Path Disclosure
|
7 |
WEB
|
SecWatch
|
|
2005-06-06
|
|
Early Impact ProductCart 2.6/2.7 - 'OptionFieldsEdit.asp?idccr' SQL Injection
|
7 |
WEB
|
Dedi Dwianto
|
|
2005-06-06
|
|
Early Impact ProductCart 2.6/2.7 - 'modCustomCardPaymentOpt.asp?idc' SQL Injection
|
7 |
WEB
|
Dedi Dwianto
|
|
2005-06-06
|
|
Early Impact ProductCart 2.6/2.7 - 'editCategories.asp?lid' SQL Injection
|
8 |
WEB
|
Dedi Dwianto
|
|
2005-06-06
|
|
Early Impact ProductCart 2.6/2.7 - 'viewPrd.asp?idcategory' SQL Injection
|
7 |
WEB
|
Dedi Dwianto
|
|
2005-06-06
|
|
YaPiG 0.9x - 'upload.php' Directory Traversal
|
7 |
WEB
|
anonymous
|
|
2005-06-06
|
|
YaPiG 0.9x - 'view.php' Cross-Site Scripting
|
7 |
WEB
|
anonymous
|
|
2005-06-06
|
|
YaPiG 0.9x - Local/Remote File Inclusion
|
7 |
WEB
|
anonymous
|
|
2005-06-06
|
|
WWWeb Concepts Events System 1.0 - 'login.asp' SQL Injection
|
7 |
WEB
|
Romty
|
|
2005-06-03
|
|
Popper Webmail 1.41 - 'ChildWindow.Inc.php' Remote File Inclusion
|
8 |
WEB
|
Leon Juranic
|
|
2005-06-03
|
|
LiteWEB Web Server 2.5 - Authentication Bypass
|
7 |
WEB
|
Ziv Kamir
|
|
2005-06-03
|
|
MWChat 6.7 - 'Start_Lobby.php' Remote File Inclusion
|
7 |
WEB
|
Status-x
|
|
2005-06-02
|
|
Liberum Help Desk 0.97.3 - Multiple SQL Injections
|
7 |
WEB
|
Dedi Dwianto
|
