|
2005-04-23
|
|
CartWIZ 1.10 - 'searchresults.asp' PriceFrom Argument SQL Injection
|
22 |
WEB
|
Dcrab
|
|
2005-04-23
|
|
CartWIZ 1.10 - 'searchresults.asp' PriceTo Argument SQL Injection
|
19 |
WEB
|
Dcrab
|
|
2005-04-23
|
|
CartWIZ 1.10 - 'ProductDetails.asp' SQL Injection
|
18 |
WEB
|
Dcrab
|
|
2005-04-23
|
|
CartWIZ 1.10 - 'ProductCatalogSubCats.asp' SQL Injection
|
21 |
WEB
|
Dcrab
|
|
2005-04-23
|
|
CartWIZ 1.10 - 'AddToCart.asp' SQL Injection
|
18 |
WEB
|
Dcrab
|
|
2005-04-23
|
|
Black Knight Forum 4.0 - 'forum.asp' SQL Injection
|
23 |
WEB
|
Dcrab
|
|
2005-04-23
|
|
Black Knight Forum 4.0 - 'Member.asp' SQL Injection
|
20 |
WEB
|
Dcrab
|
|
2005-04-22
|
|
WoltLab Burning Board 2.3.1 - 'thread.php' Cross-Site Scripting
|
17 |
WEB
|
deluxe89
|
|
2005-04-22
|
|
ASPNuke 0.80 - 'Select.asp' Cross-Site Scripting
|
19 |
WEB
|
Dcrab
|
|
2005-04-22
|
|
ASPNuke 0.80 - 'profile.asp' Cross-Site Scripting
|
22 |
WEB
|
Dcrab
|
|
2005-04-22
|
|
ASPNuke 0.80 - 'detail.asp' SQL Injection
|
19 |
WEB
|
Dcrab
|
|
2005-04-22
|
|
ASPNuke 0.80 - 'Comments.asp' SQL Injection
|
22 |
WEB
|
Dcrab
|
|
2013-05-17
|
|
PHP-Charts 1.0 - Code Execution
|
22 |
WEB
|
fizzle stick
|
|
2005-04-21
|
|
ProfitCode Software PayProCart 3.0 - AdminShop MMActionComm Cross-Site Scripting
|
27 |
WEB
|
Lostmon
|
|
2005-04-21
|
|
ProfitCode Software PayProCart 3.0 - AdminShop ProMod Cross-Site Scripting
|
22 |
WEB
|
Lostmon
|
|
2013-05-17
|
|
Drupal Module CKEditor < 4.1WYSIWYG (Drupal 6.x/7.x) - Persistent Cross-Site Scripting
|
23 |
WEB
|
r0ng
|
|
2004-04-21
|
|
ProfitCode Software PayProCart 3.0 - AdminShop TaskID Cross-Site Scripting
|
24 |
WEB
|
Lostmon
|
|
2005-04-21
|
|
ProfitCode Software PayProCart 3.0 - AdminShop ModID Cross-Site Scripting
|
25 |
WEB
|
Lostmon
|
|
2005-04-21
|
|
ProfitCode Software PayProCart 3.0 - AdminShop HDoc Cross-Site Scripting
|
21 |
WEB
|
Lostmon
|
|
2005-04-21
|
|
ProfitCode Software PayProCart 3.0 - Ckprvd Cross-Site Scripting
|
25 |
WEB
|
Lostmon
|
|
2005-04-21
|
|
ProfitCode Software PayProCart 3.0 - 'Username' Cross-Site Scripting
|
18 |
WEB
|
Lostmon
|
|
2005-04-20
|
|
DUportal 3.1.2 - 'type.asp?iCat' SQL Injection
|
21 |
WEB
|
Dcrab
|
|
2005-04-20
|
|
DUportal 3.1.2 - 'inc_rating.asp' Multiple SQL Injections
|
23 |
WEB
|
Dcrab
|
|
2005-04-20
|
|
DUportal 3.1.2 - 'inc_poll_voting.asp?DAT_PARENT' SQL Injection
|
22 |
WEB
|
Dcrab
|
|
2005-04-20
|
|
DUportal 3.1.2 - 'channel.asp?iChannel' SQL Injection
|
26 |
WEB
|
Dcrab
|
|
2005-04-20
|
|
DUportal Pro 3.4 - 'detail.asp' Multiple SQL Injections
|
19 |
WEB
|
Dcrab
|
|
2005-04-20
|
|
DUportal Pro 3.4 - 'cat.asp' Multiple SQL Injections
|
29 |
WEB
|
Dcrab
|
|
2005-04-20
|
|
DUportal Pro 3.4 - 'result.asp' Multiple SQL Injections
|
25 |
WEB
|
Dcrab
|
|
2005-04-20
|
|
DUportal Pro 3.4 - 'inc_vote.asp' Multiple SQL Injections
|
20 |
WEB
|
Dcrab
|
|
2005-04-20
|
|
DUportal Pro 3.4 - 'search.asp?iChannel' SQL Injection
|
20 |
WEB
|
Dcrab
|
|
2005-04-20
|
|
DUportal Pro 3.4 - 'default.asp' Multiple SQL Injections
|
26 |
WEB
|
Dcrab
|
|
2005-04-20
|
|
phpBB-Auction Module 1.0/1.2 - 'Auction_Offer.php' SQL Injection
|
20 |
WEB
|
sNKenjoi
|
|
2005-04-20
|
|
phpBB-Auction Module 1.0/1.2 - 'Auction_Rating.php' SQL Injection
|
19 |
WEB
|
sNKenjoi
|
|
2005-04-20
|
|
PHP Labs - '.proFile' File URI Cross-Site Scripting
|
21 |
WEB
|
sNKenjoi
|
|
2005-04-20
|
|
Ocean12 Calendar Manager 1.0 - Admin Form SQL Injection
|
24 |
WEB
|
Zinho
|
|
2005-04-20
|
|
PHP Labs - '.proFile' Dir URI Cross-Site Scripting
|
21 |
WEB
|
sNKenjoi
|
|
2005-04-20
|
|
Netref 4.2 - 'Cat_for_gen.php' Remote PHP Script Injection
|
21 |
WEB
|
jaguar
|
|
2005-04-20
|
|
ECommPro 3.0 - 'Admin/login.asp' SQL Injection
|
22 |
WEB
|
c0d3r
|
|
2005-04-19
|
|
CityPost Simple PHP Upload - 'Simple-upload-53.php' Cross-Site Scripting
|
21 |
WEB
|
Thom
|
|
2005-04-19
|
|
CityPost PHP Image Editor M1/M2/M3/Imgsrc/M4 - 'URI' Cross-Site Scripting
|
21 |
WEB
|
Thom
|
|
2005-04-19
|
|
CityPost PHP LNKX 52.0 - 'message.php' Cross-Site Scripting
|
22 |
WEB
|
Thom
|
|
2005-03-11
|
|
UBBCentral UBB.Threads 6.0 - 'Printthread.php' SQL Injection
|
21 |
WEB
|
HLL
|
|
2005-04-19
|
|
OneWorldStore - 'DisplayResults.asp' Cross-Site Scripting
|
18 |
WEB
|
Lostmon
|
|
2005-04-19
|
|
OneWorldStore - 'DisplayResults.asp' SQL Injection
|
18 |
WEB
|
Lostmon
|
|
2005-04-13
|
|
phpBB 1.x/2.0.x - Knowledge Base Module 'KB.php' SQL Injection
|
21 |
WEB
|
deluxe@security-project.org
|
|
2013-05-14
|
|
UMI CMS 2.9 - Cross-Site Request Forgery
|
18 |
WEB
|
High-Tech Bridge SA
|
|
2013-05-14
|
|
Alienvault Open Source SIEM (OSSIM) 4.1.2 - Multiple SQL Injections
|
20 |
WEB
|
RunRunLevel
|
|
2013-05-14
|
|
WHMCS 4.x - 'invoicefunctions.php?id' SQL Injection
|
20 |
WEB
|
Ahmed Aboul-Ela
|
|
2013-05-14
|
|
Invision Power Board 1.x?/2.x/3.x - Admin Takeover
|
19 |
WEB
|
John JEAN
|
|
2013-05-14
|
|
WordPress Plugin wp-FileManager - Arbitrary File Download
|
21 |
WEB
|
ByEge
|
|
2005-04-18
|
|
MVNForum 1.0 - Search Cross-Site Scripting
|
21 |
WEB
|
hoang yen
|
|
2005-04-18
|
|
eGroupWare 1.0 - 'index.php?cats_app' SQL Injection
|
22 |
WEB
|
GulfTech Security
|
|
2005-04-18
|
|
eGroupWare 1.0 - '/tts/index.php?filter' SQL Injection
|
23 |
WEB
|
GulfTech Security
|
|
2005-04-18
|
|
eGroupWare 1.0 - '/sitemgr-site/index.php?category_id' Cross-Site Scripting
|
19 |
WEB
|
GulfTech Security
|
|
2005-04-18
|
|
eGroupWare 1.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
GulfTech Security
|
|
2005-04-16
|
|
Datenbank Module For phpBB - 'Remote mod.php' Cross-Site Scripting
|
21 |
WEB
|
tom cruise
|
|
2005-04-16
|
|
phpBB Remote - 'mod.php' SQL Injection
|
20 |
WEB
|
tom cruise
|
|
2006-10-19
|
|
Ariadne CMS 2.4 - Remote File Inclusion
|
22 |
WEB
|
Fidel Costa
|
|
2005-04-15
|
|
PHP-Nuke 7.6 Surveys Module - HTTP Response Splitting
|
22 |
WEB
|
Dcrab
|
|
2005-04-14
|
|
OneWorldStore - 'OWListProduct.asp' Cross-Site Scripting
|
20 |
WEB
|
Dcrab
|
|
2005-04-14
|
|
OneWorldStore - 'OWContactUs.asp' Cross-Site Scripting
|
22 |
WEB
|
Dcrab
|
|
2005-04-14
|
|
OneWorldStore - 'OWProductDetail.asp' SQL Injection
|
21 |
WEB
|
Dcrab
|
|
2005-04-14
|
|
OneWorldStore - 'OWListProduct.asp' Multiple SQL Injections
|
20 |
WEB
|
Dcrab
|
|
2005-04-14
|
|
OneWorldStore - 'OWAddItem.asp' SQL Injection
|
20 |
WEB
|
Dcrab
|
|
2005-04-14
|
|
SPHPBlog 0.4 - 'search.php' Cross-Site Scripting
|
19 |
WEB
|
y3dips
|
|
2005-04-14
|
|
All4WWW-HomePageCreator 1.0 - 'index.php' Remote File Inclusion
|
22 |
WEB
|
Francisco Alisson
|
|
2013-05-13
|
|
File Lite 3.3/3.5 PRO iOS - Multiple Vulnerabilities
|
24 |
WEB
|
Vulnerability-Lab
|
|
2013-05-13
|
|
SimpleTransfer 2.2.1 - Command Injection
|
22 |
WEB
|
Vulnerability-Lab
|
|
2013-05-13
|
|
Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities
|
21 |
WEB
|
Vulnerability-Lab
|
|
2013-05-13
|
|
Wifi Album 1.47 iOS - Command Injection
|
19 |
WEB
|
Vulnerability-Lab
|
|
2013-05-13
|
|
Wifi Photo Transfer 2.1/1.1 PRO - Multiple Vulnerabilities
|
20 |
WEB
|
Vulnerability-Lab
|
|
2013-05-13
|
|
Wireless Disk PRO 2.3 iOS - Multiple Vulnerabilities
|
21 |
WEB
|
Vulnerability-Lab
|
|
2013-05-13
|
|
Joomla! Component com_s5clanroster - 'id' SQL Injection
|
21 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2013-05-13
|
|
Ajax Availability Calendar 3.x - Multiple Vulnerabilities
|
31 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2013-05-13
|
|
Getsimple CMS 3.2.1 - Arbitrary File Upload
|
20 |
WEB
|
Ahmed Elhady Mohamed
|
|
2005-04-13
|
|
phpBB Photo Album Module 2.0.53 - 'Album_Comment.php' Cross-Site Scripting
|
22 |
WEB
|
Dcrab
|
|
2005-04-13
|
|
phpBB Photo Album 2.0.53 Module - 'Album_Cat.php' Cross-Site Scripting
|
23 |
WEB
|
Dcrab
|
|
2005-04-13
|
|
PHPBB2 Plus 1.5 - 'viewtopic.php' Cross-Site Scripting
|
18 |
WEB
|
Dcrab
|
|
2005-04-13
|
|
PHPBB2 Plus 1.5 - 'Portal.php' Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
Dcrab
|
|
2005-04-13
|
|
PHPBB2 Plus 1.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
Dcrab
|
|
2005-04-13
|
|
PHPBB2 Plus 1.5 - 'GroupCP.php' Cross-Site Scripting
|
19 |
WEB
|
Dcrab
|
|
2005-04-12
|
|
Pinnacle Cart - 'index.php' Cross-Site Scripting
|
20 |
WEB
|
SmOk3
|
|
2005-04-12
|
|
Comersus Cart 4.0/5.0 - 'Comersus_Search_Item.asp' Cross-Site Scripting
|
19 |
WEB
|
Lostmon
|
|
2005-04-11
|
|
jPORTAL 2.3.1 - 'Banner.php' SQL Injection
|
22 |
WEB
|
CiNU5
|
|
2005-04-11
|
|
WebCT Discussion Board 4.1 - HTML Injection
|
22 |
WEB
|
lacertosum
|
|
2005-04-11
|
|
Invision Power Board 1.x - 'ST' SQL Injection
|
20 |
WEB
|
Dcrab
|
|
2005-04-11
|
|
Zoom Media Gallery 2.1.2 - 'index.php' SQL Injection
|
17 |
WEB
|
Andreas Constantinides
|
|
2005-04-11
|
|
ModernGigabyte ModernBill 4.3 - 'Aid' Cross-Site Scripting
|
20 |
WEB
|
GulfTech Security
|
|
2005-04-11
|
|
ModernGigabyte ModernBill 4.3 - 'C_CODE' Cross-Site Scripting
|
21 |
WEB
|
GulfTech Security
|
|
2005-04-10
|
|
ModernGigabyte ModernBill 4.3 - 'news.php' File Inclusion
|
21 |
WEB
|
GulfTech Security
|
|
2005-04-09
|
|
Azerbaijan Development Group AzDGDatingPlatinum 1.1.0 - 'view.php?id' SQL Injection
|
21 |
WEB
|
kre0n
|
|
2005-04-09
|
|
Azerbaijan Development Group AzDGDatingPlatinum 1.1.0 - 'view.php?id' Cross-Site Scripting
|
19 |
WEB
|
kre0n
|
|
2005-04-09
|
|
RadScripts RadBids Gold 2.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
20 |
WEB
|
Dcrab
|
|
2005-04-09
|
|
RadScripts RadBids Gold 2.0 - 'faq.php?farea' Cross-Site Scripting
|
22 |
WEB
|
Dcrab
|
|
2005-04-09
|
|
RadScripts RadBids Gold 2.0 - 'index.php?mode' SQL Injection
|
22 |
WEB
|
Dcrab
|
|
2005-04-09
|
|
RadScripts RadBids Gold 2.0 - 'index.php?read' Traversal Arbitrary File Access
|
22 |
WEB
|
Dcrab
|
|
2005-04-08
|
|
PostNuke Phoenix 0.760 RC3 - 'SID' SQL Injection
|
17 |
WEB
|
Dcrab
|
|
2005-04-08
|
|
PostNuke Phoenix 0.760 RC3 - 'Module' Cross-Site Scripting
|
20 |
WEB
|
Dcrab
|
|
2005-04-08
|
|
PostNuke Phoenix 0.760 RC3 - 'OP' Cross-Site Scripting
|
19 |
WEB
|
Dcrab
|
|
2005-04-07
|
|
PHP-Nuke 7.6 Web_Links Module - Multiple SQL Injections
|
21 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-04-06
|
|
CubeCart 2.0.x - 'view_product.php?product' Full Path Disclosure
|
20 |
WEB
|
John Cobb
|
|
2005-04-06
|
|
CubeCart 2.0.x - 'view_cart.php?add' Full Path Disclosure
|
20 |
WEB
|
John Cobb
|
|
2005-04-06
|
|
CubeCart 2.0.x - 'tellafriend.php?product' Full Path Disclosure
|
19 |
WEB
|
John Cobb
|
|
2005-04-06
|
|
CubeCart 2.0.x - 'index.php' Multiple Full Path Disclosures
|
21 |
WEB
|
John Cobb
|
|
2005-04-06
|
|
Ocean12 Membership Manager Pro - Cross-Site Scripting
|
22 |
WEB
|
Zinho
|
|
2005-04-06
|
|
Active Auction House - 'WatchThisItem.asp' Cross-Site Scripting
|
21 |
WEB
|
Dcrab
|
|
2005-04-06
|
|
Active Auction House - 'sendpassword.asp' Multiple Cross-Site Scripting Vulnerabilities
|
20 |
WEB
|
Dcrab
|
|
2005-04-06
|
|
WebWasher CSM 4.4.1 Build 752 Conf Script - Cross-Site Scripting
|
23 |
WEB
|
Oliver Karow
|
|
2005-04-06
|
|
Active Auction House - 'account.asp?ReturnURL' Cross-Site Scripting
|
22 |
WEB
|
Dcrab
|
|
2005-04-06
|
|
Active Auction House - 'start.asp?ReturnURL' Cross-Site Scripting
|
21 |
WEB
|
Dcrab
|
|
2005-04-06
|
|
Active Auction House - 'ItemInfo.asp' SQL Injection
|
21 |
WEB
|
Dcrab
|
|
2005-04-06
|
|
Active Auction House - 'default.asp' Multiple SQL Injections
|
22 |
WEB
|
Dcrab
|
|
2005-04-06
|
|
phpBB 2.0.13 Linkz Pro Module - SQL Injection
|
21 |
WEB
|
LovER BOY
|
|
2005-04-06
|
|
phpBB 2.0.13 DLMan Pro Module - SQL Injection
|
20 |
WEB
|
LovER BOY
|
|
2005-04-06
|
|
PHP-Nuke 7.6 - 'banners.php' Cross-Site Scripting
|
19 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-04-06
|
|
PHP-Nuke 7.6 Web_Links Module - Multiple Cross-Site Scripting Vulnerabilities
|
20 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-04-05
|
|
PHP-Nuke 6.x/7.x 'Downloads' Module - 'Lid' Cross-Site Scripting
|
22 |
WEB
|
sp3x@securityreason.com
|
|
2005-04-05
|
|
PHP-Nuke 6.x/7.x Your_Account Module - Avatarcategory Cross-Site Scripting
|
23 |
WEB
|
sp3x@securityreason.com
|
|
2005-04-05
|
|
PHP-Nuke 6.x/7.x Your_Account Module - 'Username' Cross-Site Scripting
|
18 |
WEB
|
sp3x@securityreason.com
|
|
2005-04-05
|
|
profitcode software payprocart 3.0 - Directory Traversal
|
20 |
WEB
|
Diabolic Crab
|
|
2005-04-05
|
|
ProfitCode Software PayProCart 3.0 - 'Usrdetails.php' Cross-Site Scripting
|
23 |
WEB
|
Diabolic Crab
|
|
2005-04-02
|
|
SiteEnable - SQL Injection
|
20 |
WEB
|
Zinho
|
|
2005-04-04
|
|
SonicWALL SOHO 5.1.7 - Web Interface Multiple Remote Input Validation Vulnerabilities
|
19 |
WEB
|
Oliver Karow
|
|
2005-04-03
|
|
phpMyAdmin 2.x - Convcharset Cross-Site Scripting
|
17 |
WEB
|
Oriol Torrent Santiago
|
|
2005-04-01
|
|
Alstrasoft EPay Pro 2.0 - Multiple Cross-Site Scripting Vulnerabilities
|
24 |
WEB
|
Dcrab
|
