|
2005-05-17
|
|
WordPress Core 1.5 - 'post.php' Cross-Site Scripting
|
21 |
WEB
|
Thomas Waldegger
|
|
2005-05-24
|
|
Fusionphp Fusion News 3.3/3.6 - X-Forworded-For PHP Script Code Injection
|
23 |
WEB
|
Network security team
|
|
2005-05-16
|
|
JGS-Portal 3.0.1/3.0.2 - 'jgs_portal_sponsor.php?id' SQL Injection
|
20 |
WEB
|
deluxe@security-project.org
|
|
2005-05-16
|
|
JGS-Portal 3.0.1/3.0.2 - 'jgs_portal_mitgraf.php?year' SQL Injection
|
19 |
WEB
|
deluxe@security-project.org
|
|
2005-05-16
|
|
JGS-Portal 3.0.1/3.0.2 - 'jgs_portal_themengraf.php?year' SQL Injection
|
19 |
WEB
|
deluxe@security-project.org
|
|
2005-05-16
|
|
JGS-Portal 3.0.1/3.0.2 - 'jgs_portal_viewsgraf.php?tag' SQL Injection
|
16 |
WEB
|
deluxe@security-project.org
|
|
2005-05-16
|
|
JGS-Portal 3.0.1/3.0.2 - 'jgs_portal_beitraggraf.php?year' SQL Injection
|
21 |
WEB
|
deluxe@security-project.org
|
|
2005-05-16
|
|
JGS-Portal 3.0.1/3.0.2 - 'jgs_portal.php?anzahl_beitraege' SQL Injection
|
20 |
WEB
|
deluxe@security-project.org
|
|
2005-05-16
|
|
JGS-Portal 3.0.1/3.0.2 - 'jgs_portal_statistik.php?year' SQL Injection
|
20 |
WEB
|
deluxe@security-project.org
|
|
2005-05-16
|
|
NPDS 4.8/5.0 - 'pollcomments.php?thold' SQL Injection
|
19 |
WEB
|
NoSP
|
|
2005-05-16
|
|
NPDS 4.8/5.0 - 'comments.php?thold' SQL Injection
|
20 |
WEB
|
NoSP
|
|
2005-05-16
|
|
Sigma ISP Manager 6.6 - 'Sigmaweb.dll' SQL Injection
|
17 |
WEB
|
mehran gashtasebi
|
|
2005-05-16
|
|
MetaCart E-Shop - 'ProductsByCategory.asp' Cross-Site Scripting
|
16 |
WEB
|
Dedi Dwianto
|
|
2005-05-16
|
|
PServ 3.2 - Source Code Disclosure
|
18 |
WEB
|
Claus R. F. Overbeck
|
|
2005-05-16
|
|
PostNuke 0.75/0.76 Blocks Module - Directory Traversal
|
16 |
WEB
|
pokley
|
|
2005-05-16
|
|
Shop-Script - ProductID SQL Injection
|
18 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-05-16
|
|
Shop-Script - categoryId SQL Injection
|
19 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-05-14
|
|
Skull-Splitter Guestbook 1.0/2.0/2.2 - Multiple HTML Injection Vulnerabilities
|
19 |
WEB
|
Morinex Eneco
|
|
2005-05-01
|
|
Keyvan1 ImageGallery - Database Disclosure
|
20 |
WEB
|
g0rellazz G0r
|
|
2005-05-13
|
|
PHPHeaven PHPMyChat 0.14.5 - 'Style.CSS.php3' Cross-Site Scripting
|
18 |
WEB
|
Megasky
|
|
2005-05-13
|
|
PHPHeaven PHPMyChat 0.14.5 - 'Start-Page.CSS.php3' Cross-Site Scripting
|
17 |
WEB
|
Megasky
|
|
2005-05-13
|
|
OpenBB 1.0.8 - 'member.php' Cross-Site Scripting
|
19 |
WEB
|
Megasky
|
|
2005-05-13
|
|
OpenBB 1.0.8 - 'Read.php' SQL Injection
|
22 |
WEB
|
Megasky
|
|
2005-05-13
|
|
Ultimate PHP Board 1.8/1.9 - 'viewforum.php' SQL Injection
|
19 |
WEB
|
Morinex Eneco
|
|
2005-05-13
|
|
Ultimate PHP Board 1.8/1.9 - 'viewforum.php' Cross-Site Scripting
|
20 |
WEB
|
Morinex Eneco
|
|
2005-05-12
|
|
DirectTopics 2 - 'topic.php' SQL Injection
|
17 |
WEB
|
Morinex Eneco
|
|
2005-05-11
|
|
Maxwebportal 1.3x - 'post.asp' Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
Zinho
|
|
2005-05-11
|
|
Open Solution Quick.Cart 0.3 - 'index.php' Cross-Site Scripting
|
17 |
WEB
|
Lostmon
|
|
2011-05-11
|
|
showoff! digital media software 1.5.4 - Multiple Vulnerabilities
|
25 |
WEB
|
dr_insane
|
|
2005-05-10
|
|
e107 Website System 0.617 - 'Forum_viewforum.php' SQL Injection
|
23 |
WEB
|
Heintz
|
|
2005-05-10
|
|
e107 Website System 0.617 - 'Request.php' Directory Traversal
|
16 |
WEB
|
Heintz
|
|
2005-05-10
|
|
NukeET 3.0/3.1 - Base64 Codigo Variable Cross-Site Scripting
|
18 |
WEB
|
Suko & Lostmon
|
|
2005-05-10
|
|
WowBB 1.6 - 'View_User.php' SQL Injection
|
20 |
WEB
|
Megasky
|
|
2005-05-09
|
|
PWSPHP 1.1/1.2 - 'Profil.php' SQL Injection
|
20 |
WEB
|
SecuBox fRoGGz
|
|
2005-05-09
|
|
PWSPHP 1.2 - Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
SecuBox fRoGGz
|
|
2005-05-09
|
|
CodeThatShoppingCart 1.3.1 - 'catalog.php?id' SQL Injection
|
19 |
WEB
|
Lostmon
|
|
2005-05-09
|
|
CodeThatShoppingCart 1.3.1 - 'catalog.php?id' Cross-Site Scripting
|
22 |
WEB
|
Lostmon
|
|
2005-05-09
|
|
PHP-Nuke 0-7 - Double Hex Encoded Input Validation
|
16 |
WEB
|
fistfuxxer@gmx.de
|
|
2005-05-09
|
|
Easy Message Board - Remote Command Execution
|
19 |
WEB
|
SoulBlack Group
|
|
2005-05-09
|
|
Easy Message Board - Directory Traversal
|
17 |
WEB
|
SoulBlack Group
|
|
2005-05-09
|
|
Advanced Guestbook 2.3.1/2.4 - 'index.php?Entry' SQL Injection
|
23 |
WEB
|
Spy Hat
|
|
2005-05-09
|
|
phpBB 2.0.x - 'BBCode.php' URL Tag
|
18 |
WEB
|
Papados
|
|
2005-05-06
|
|
CJ Ultra Plus 1.0.3/1.0.4 - 'OUT.php' SQL Injection
|
19 |
WEB
|
Kold
|
|
2005-05-05
|
|
MegaBook 2.0/2.1 - 'Admin.cgi?EntryID' Cross-Site Scripting
|
19 |
WEB
|
Spy Hat
|
|
2005-05-05
|
|
MidiCart PHP - 'Item_List.php?MainGroup' Cross-Site Scripting
|
20 |
WEB
|
Exoduks
|
|
2005-05-05
|
|
MidiCart PHP - 'Item_List.php?SecondGroup' Cross-Site Scripting
|
18 |
WEB
|
Exoduks
|
|
2005-05-05
|
|
MidiCart PHP - 'Search_List.php?SearchString' Cross-Site Scripting
|
22 |
WEB
|
Exoduks
|
|
2005-05-05
|
|
MidiCart PHP - 'Item_Show.php?Code_No' SQL Injection
|
15 |
WEB
|
Exoduks
|
|
2005-05-05
|
|
MidiCart PHP - 'Item_List.php?SecondGroup' SQL Injection
|
17 |
WEB
|
Exoduks
|
|
2005-05-05
|
|
MidiCart PHP - 'Item_List.php?MainGroup' SQL Injection
|
18 |
WEB
|
Exoduks
|
|
2005-05-05
|
|
MidiCart PHP - 'Search_List.php?SearchString' SQL Injection
|
18 |
WEB
|
Exoduks
|
|
2005-05-05
|
|
MyBloggie 2.1 - 'index.php' Cross-Site Scripting
|
21 |
WEB
|
Alberto Trivero
|
|
2013-05-21
|
|
Kimai 0.9.2.1306-3 - SQL Injection
|
18 |
WEB
|
drone
|
|
2013-05-21
|
|
WordPress Plugin ProPlayer 4.7.9.1 - SQL Injection
|
20 |
WEB
|
Ashiyane Digital Security Team
|
|
2005-05-04
|
|
FishCart 3.1 - 'upstnt.php?cartid' SQL Injection
|
20 |
WEB
|
Dcrab
|
|
2005-05-04
|
|
FishCart 3.1 - 'display.php?psku' SQL Injection
|
18 |
WEB
|
Dcrab
|
|
2005-05-04
|
|
FishCart 3.1 - 'upstracking.php' Multiple Cross-Site Scripting Vulnerabilities
|
14 |
WEB
|
Dcrab
|
|
2005-05-04
|
|
FishCart 3.1 - 'display.php?nlst' Cross-Site Scripting
|
17 |
WEB
|
Dcrab
|
|
2005-05-04
|
|
Interspire articlelive 2005 - Multiple Vulnerabilities
|
17 |
WEB
|
Dcrab
|
|
2005-05-04
|
|
ASP Inline Corporate Calendar 3.6.3 - 'Details.asp' SQL Injection
|
21 |
WEB
|
Zinho
|
|
2005-05-04
|
|
ASP Inline Corporate Calendar 3.6.3 - 'Defer.asp' SQL Injection
|
23 |
WEB
|
Zinho
|
|
2005-05-04
|
|
Gossamer Threads Links 2.x - 'User.cgi' Cross-Site Scripting
|
19 |
WEB
|
Nathan House
|
|
2005-05-03
|
|
Invision Power Board (IP.Board) 2.0.3/2.1 - 'Act' Cross-Site Scripting
|
18 |
WEB
|
arron ward
|
|
2005-05-03
|
|
WebCrossing WebX 5.0 - Cross-Site Scripting
|
19 |
WEB
|
dr_insane
|
|
2005-05-03
|
|
SitePanel2 2.6.1 - Multiple Input Validation Vulnerabilities
|
19 |
WEB
|
GulfTech Security
|
|
2005-05-03
|
|
osTicket 1.2/1.3 - Multiple Input Validation / Remote Code Injection Vulnerabilities
|
21 |
WEB
|
GulfTech Security
|
|
2005-05-02
|
|
Maxwebportal 1.3 - 'custom_link.asp' Multiple SQL Injections
|
18 |
WEB
|
s-dalili
|
|
2005-05-02
|
|
Maxwebportal 1.3 - 'dl_toprated.asp' SQL Injection
|
20 |
WEB
|
s-dalili
|
|
2005-05-02
|
|
Maxwebportal 1.3 - 'pic_popular.asp' SQL Injection
|
17 |
WEB
|
s-dalili
|
|
2005-05-02
|
|
Maxwebportal 1.3 - 'links_popular.asp' SQL Injection
|
19 |
WEB
|
s-dalili
|
|
2005-05-02
|
|
Maxwebportal 1.3 - 'dl_popular.asp' SQL Injection
|
17 |
WEB
|
s-dalili
|
|
2005-05-02
|
|
CodetoSell ViArt Shop Enterprise 2.1.6 - 'news_view.php' Multiple Cross-Site Scripting Vulnerabiliti
|
19 |
WEB
|
Lostmon
|
|
2005-05-02
|
|
CodetoSell ViArt Shop Enterprise 2.1.6 - 'products.php' Multiple Cross-Site Scripting Vulnerabilitie
|
18 |
WEB
|
Lostmon
|
|
2005-05-02
|
|
CodetoSell ViArt Shop Enterprise 2.1.6 - 'product_details.php?category_id' Cross-Site Scripting
|
19 |
WEB
|
Lostmon
|
|
2005-05-02
|
|
CodetoSell ViArt Shop Enterprise 2.1.6 - 'reviews.php' Multiple Cross-Site Scripting Vulnerabilities
|
20 |
WEB
|
Lostmon
|
|
2005-05-02
|
|
CodetoSell ViArt Shop Enterprise 2.1.6 - 'page.php?page' Cross-Site Scripting
|
19 |
WEB
|
Lostmon
|
|
2005-05-02
|
|
CodetoSell ViArt Shop Enterprise 2.1.6 - 'basket.php' Multiple Cross-Site Scripting Vulnerabilities
|
20 |
WEB
|
Lostmon
|
|
2005-04-30
|
|
JGS-Portal 3.0.1 - 'ID' SQL Injection
|
19 |
WEB
|
admin@batznet.com
|
|
2005-04-28
|
|
phpCOIN 1.2 Pages Module - Multiple SQL Injections
|
22 |
WEB
|
Dcrab
|
|
2005-04-28
|
|
phpCOIN 1.2 - 'login.php?PHPcoinsessid' SQL Injection
|
21 |
WEB
|
Dcrab
|
|
2005-04-28
|
|
Just William's Amazon Webstore - HTTP Response Splitting
|
23 |
WEB
|
Lostmon
|
|
2005-04-28
|
|
Just William's Amazon Webstore - 'CurrentNumber' Cross-Site Scripting
|
21 |
WEB
|
Lostmon
|
|
2005-04-28
|
|
Just William's Amazon Webstore - 'searchFor' Cross-Site Scripting
|
20 |
WEB
|
Lostmon
|
|
2005-04-28
|
|
Just William's Amazon Webstore - 'CurrentIsExpanded' Cross-Site Scripting
|
21 |
WEB
|
Lostmon
|
|
2005-04-28
|
|
Just William's Amazon Webstore - 'Closeup.php?Image' Cross-Site Scripting
|
20 |
WEB
|
Lostmon
|
|
2005-04-28
|
|
phpBB Notes Module - SQL Injection
|
19 |
WEB
|
GulfTech Security
|
|
2005-04-27
|
|
Dream4 Koobi CMS 4.2.3 - 'index.php?Q' SQL Injection
|
20 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-04-27
|
|
Dream4 Koobi CMS 4.2.3 - 'index.php?P' SQL Injection
|
18 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-04-27
|
|
Claroline E-Learning 1.5/1.6 - 'exercises_details.php?exo_id' SQL Injection
|
26 |
WEB
|
Sieg Fried
|
|
2005-04-27
|
|
Claroline E-Learning 1.5/1.6 - 'userInfo.php' Multiple SQL Injections
|
20 |
WEB
|
Sieg Fried
|
|
2005-04-27
|
|
Claroline 1.5/1.6 - 'myagenda.php?coursePath' Cross-Site Scripting
|
19 |
WEB
|
Sieg Fried
|
|
2005-04-27
|
|
Claroline 1.5/1.6 - 'user_access_details.php?data' Cross-Site Scripting
|
20 |
WEB
|
Sieg Fried
|
|
2005-04-27
|
|
Claroline 1.5/1.6 - 'toolaccess_details.php?tool' Cross-Site Scripting
|
21 |
WEB
|
Sieg Fried
|
|
2005-04-27
|
|
PHPCart - Input Validation
|
20 |
WEB
|
Lostmon
|
|
2004-04-26
|
|
BBlog 0.7.4 - 'PostID' SQL Injection
|
21 |
WEB
|
jericho+bblog@attrition.org
|
|
2005-04-26
|
|
MetaBid Auctions - 'intAuctionID' SQL Injection
|
23 |
WEB
|
Dcrab
|
|
2005-04-26
|
|
MetaCart2 - 'SearchAction.asp' Multiple SQL Injections
|
19 |
WEB
|
Dcrab
|
|
2005-04-26
|
|
MetaCart2 - 'strSubCatalog_NAME' SQL Injection
|
18 |
WEB
|
Dcrab
|
|
2005-04-26
|
|
MetaCart2 - 'CurCatalogID' SQL Injection
|
20 |
WEB
|
Dcrab
|
|
2005-04-26
|
|
MetaCart2 - 'StrSubCatalogID' SQL Injection
|
21 |
WEB
|
Dcrab
|
|
2005-04-26
|
|
MetaCart2 - 'IntCatalogID' SQL Injection
|
20 |
WEB
|
Dcrab
|
|
2005-04-26
|
|
GrayCMS 1.1 - 'error.php' Remote File Inclusion
|
19 |
WEB
|
Kold
|
|
2005-04-26
|
|
MetaCart E-Shop V-8 - 'StrCatalog_NAME' SQL Injection
|
20 |
WEB
|
Dcrab
|
|
2005-04-26
|
|
MetaCart E-Shop V-8 - 'IntProdID' SQL Injection
|
19 |
WEB
|
Dcrab
|
|
2005-04-26
|
|
Invision Power Board 2.0.1 - 'QPid' SQL Injection
|
20 |
WEB
|
SVT
|
|
2005-04-15
|
|
SqWebMail 3.x/4.0 - HTTP Response Splitting
|
20 |
WEB
|
Zinho
|
|
2005-04-24
|
|
Yappa-ng 1.x/2.x - Cross-Site Scripting
|
19 |
WEB
|
GulfTech Security
|
|
2005-04-24
|
|
Yappa-ng 1.x/2.x - Remote File Inclusion
|
22 |
WEB
|
GulfTech Security
|
|
2005-04-26
|
|
PHPMyVisites 1.3 - 'Set_Lang' File Inclusion
|
19 |
WEB
|
Max Cerny
|
|
2005-04-25
|
|
OneWorldStore - IDOrder Information Disclosure
|
23 |
WEB
|
Lostmon
|
|
2005-04-25
|
|
StorePortal 2.63 - 'default.asp' Multiple SQL Injections
|
20 |
WEB
|
Dcrab
|
|
2005-04-25
|
|
WoltLab Burning Board 2.3.1 - 'PMS.php' Cross-Site Scripting
|
23 |
WEB
|
deluxe89
|
|
2005-04-23
|
|
phpBB 2.0.x - 'viewtopic.php' Cross-Site Scripting
|
21 |
WEB
|
HaCkZaTaN
|
|
2005-04-23
|
|
phpBB 2.0.x - 'profile.php' Cross-Site Scripting
|
22 |
WEB
|
HaCkZaTaN
|
|
2005-04-23
|
|
CartWIZ 1.10 - 'searchresults.asp' Name Argument Cross-Site Scripting
|
20 |
WEB
|
Dcrab
|
|
2005-04-23
|
|
CartWIZ 1.10 - 'searchresults.asp' SKU Argument Cross-Site Scripting
|
20 |
WEB
|
Dcrab
|
|
2005-04-23
|
|
CartWIZ 1.10 - 'login.asp' Message Argument Cross-Site Scripting
|
19 |
WEB
|
Dcrab
|
|
2013-04-16
|
|
ZPanel - 'templateparser.class.php' Crafted Template Remote Command Execution
|
17 |
WEB
|
Sven Slootweg
|
|
2013-05-17
|
|
Exponent CMS 2.2.0 Beta 3 - Multiple Vulnerabilities
|
18 |
WEB
|
High-Tech Bridge SA
|
|
2005-04-23
|
|
CartWIZ 1.10 - 'login.asp' Redirect Argument Cross-Site Scripting
|
18 |
WEB
|
Dcrab
|
|
2005-04-23
|
|
CartWIZ 1.10 - 'error.asp' Cross-Site Scripting
|
18 |
WEB
|
Dcrab
|
|
2005-04-23
|
|
CartWIZ 1.10 - 'Access.asp' Cross-Site Scripting
|
22 |
WEB
|
Dcrab
|
|
2005-04-23
|
|
CartWIZ 1.10 - 'AddToWishlist.asp' Cross-Site Scripting
|
32 |
WEB
|
Dcrab
|
|
2005-04-23
|
|
CartWIZ 1.10 - 'TellAFriend.asp' Cross-Site Scripting
|
18 |
WEB
|
Dcrab
|
|
2005-04-23
|
|
CartWIZ 1.10 - 'searchresults.asp' idcategory Argument SQL Injection
|
22 |
WEB
|
Dcrab
|
