|
2005-04-20
|
|
DUportal Pro 3.4 - 'cat.asp' Multiple SQL Injections
|
25 |
WEB
|
Dcrab
|
|
2005-04-20
|
|
DUportal Pro 3.4 - 'result.asp' Multiple SQL Injections
|
25 |
WEB
|
Dcrab
|
|
2005-04-20
|
|
DUportal Pro 3.4 - 'inc_vote.asp' Multiple SQL Injections
|
18 |
WEB
|
Dcrab
|
|
2005-04-20
|
|
DUportal Pro 3.4 - 'search.asp?iChannel' SQL Injection
|
18 |
WEB
|
Dcrab
|
|
2005-04-20
|
|
DUportal Pro 3.4 - 'default.asp' Multiple SQL Injections
|
23 |
WEB
|
Dcrab
|
|
2005-04-20
|
|
phpBB-Auction Module 1.0/1.2 - 'Auction_Offer.php' SQL Injection
|
18 |
WEB
|
sNKenjoi
|
|
2005-04-20
|
|
phpBB-Auction Module 1.0/1.2 - 'Auction_Rating.php' SQL Injection
|
19 |
WEB
|
sNKenjoi
|
|
2005-04-20
|
|
PHP Labs - '.proFile' File URI Cross-Site Scripting
|
21 |
WEB
|
sNKenjoi
|
|
2005-04-20
|
|
Ocean12 Calendar Manager 1.0 - Admin Form SQL Injection
|
22 |
WEB
|
Zinho
|
|
2005-04-20
|
|
PHP Labs - '.proFile' Dir URI Cross-Site Scripting
|
21 |
WEB
|
sNKenjoi
|
|
2005-04-20
|
|
Netref 4.2 - 'Cat_for_gen.php' Remote PHP Script Injection
|
21 |
WEB
|
jaguar
|
|
2005-04-20
|
|
ECommPro 3.0 - 'Admin/login.asp' SQL Injection
|
22 |
WEB
|
c0d3r
|
|
2005-04-19
|
|
CityPost Simple PHP Upload - 'Simple-upload-53.php' Cross-Site Scripting
|
21 |
WEB
|
Thom
|
|
2005-04-19
|
|
CityPost PHP Image Editor M1/M2/M3/Imgsrc/M4 - 'URI' Cross-Site Scripting
|
21 |
WEB
|
Thom
|
|
2005-04-19
|
|
CityPost PHP LNKX 52.0 - 'message.php' Cross-Site Scripting
|
19 |
WEB
|
Thom
|
|
2005-03-11
|
|
UBBCentral UBB.Threads 6.0 - 'Printthread.php' SQL Injection
|
20 |
WEB
|
HLL
|
|
2005-04-19
|
|
OneWorldStore - 'DisplayResults.asp' Cross-Site Scripting
|
17 |
WEB
|
Lostmon
|
|
2005-04-19
|
|
OneWorldStore - 'DisplayResults.asp' SQL Injection
|
16 |
WEB
|
Lostmon
|
|
2005-04-13
|
|
phpBB 1.x/2.0.x - Knowledge Base Module 'KB.php' SQL Injection
|
21 |
WEB
|
deluxe@security-project.org
|
|
2013-05-14
|
|
UMI CMS 2.9 - Cross-Site Request Forgery
|
18 |
WEB
|
High-Tech Bridge SA
|
|
2013-05-14
|
|
Alienvault Open Source SIEM (OSSIM) 4.1.2 - Multiple SQL Injections
|
20 |
WEB
|
RunRunLevel
|
|
2013-05-14
|
|
WHMCS 4.x - 'invoicefunctions.php?id' SQL Injection
|
20 |
WEB
|
Ahmed Aboul-Ela
|
|
2013-05-14
|
|
Invision Power Board 1.x?/2.x/3.x - Admin Takeover
|
19 |
WEB
|
John JEAN
|
|
2013-05-14
|
|
WordPress Plugin wp-FileManager - Arbitrary File Download
|
21 |
WEB
|
ByEge
|
|
2005-04-18
|
|
MVNForum 1.0 - Search Cross-Site Scripting
|
18 |
WEB
|
hoang yen
|
|
2005-04-18
|
|
eGroupWare 1.0 - 'index.php?cats_app' SQL Injection
|
20 |
WEB
|
GulfTech Security
|
|
2005-04-18
|
|
eGroupWare 1.0 - '/tts/index.php?filter' SQL Injection
|
23 |
WEB
|
GulfTech Security
|
|
2005-04-18
|
|
eGroupWare 1.0 - '/sitemgr-site/index.php?category_id' Cross-Site Scripting
|
19 |
WEB
|
GulfTech Security
|
|
2005-04-18
|
|
eGroupWare 1.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
GulfTech Security
|
|
2005-04-16
|
|
Datenbank Module For phpBB - 'Remote mod.php' Cross-Site Scripting
|
19 |
WEB
|
tom cruise
|
|
2005-04-16
|
|
phpBB Remote - 'mod.php' SQL Injection
|
19 |
WEB
|
tom cruise
|
|
2006-10-19
|
|
Ariadne CMS 2.4 - Remote File Inclusion
|
22 |
WEB
|
Fidel Costa
|
|
2005-04-15
|
|
PHP-Nuke 7.6 Surveys Module - HTTP Response Splitting
|
22 |
WEB
|
Dcrab
|
|
2005-04-14
|
|
OneWorldStore - 'OWListProduct.asp' Cross-Site Scripting
|
20 |
WEB
|
Dcrab
|
|
2005-04-14
|
|
OneWorldStore - 'OWContactUs.asp' Cross-Site Scripting
|
22 |
WEB
|
Dcrab
|
|
2005-04-14
|
|
OneWorldStore - 'OWProductDetail.asp' SQL Injection
|
20 |
WEB
|
Dcrab
|
|
2005-04-14
|
|
OneWorldStore - 'OWListProduct.asp' Multiple SQL Injections
|
20 |
WEB
|
Dcrab
|
|
2005-04-14
|
|
OneWorldStore - 'OWAddItem.asp' SQL Injection
|
20 |
WEB
|
Dcrab
|
|
2005-04-14
|
|
SPHPBlog 0.4 - 'search.php' Cross-Site Scripting
|
19 |
WEB
|
y3dips
|
|
2005-04-14
|
|
All4WWW-HomePageCreator 1.0 - 'index.php' Remote File Inclusion
|
21 |
WEB
|
Francisco Alisson
|
|
2013-05-13
|
|
File Lite 3.3/3.5 PRO iOS - Multiple Vulnerabilities
|
22 |
WEB
|
Vulnerability-Lab
|
|
2013-05-13
|
|
SimpleTransfer 2.2.1 - Command Injection
|
22 |
WEB
|
Vulnerability-Lab
|
|
2013-05-13
|
|
Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities
|
21 |
WEB
|
Vulnerability-Lab
|
|
2013-05-13
|
|
Wifi Album 1.47 iOS - Command Injection
|
19 |
WEB
|
Vulnerability-Lab
|
|
2013-05-13
|
|
Wifi Photo Transfer 2.1/1.1 PRO - Multiple Vulnerabilities
|
20 |
WEB
|
Vulnerability-Lab
|
|
2013-05-13
|
|
Wireless Disk PRO 2.3 iOS - Multiple Vulnerabilities
|
21 |
WEB
|
Vulnerability-Lab
|
|
2013-05-13
|
|
Joomla! Component com_s5clanroster - 'id' SQL Injection
|
21 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2013-05-13
|
|
Ajax Availability Calendar 3.x - Multiple Vulnerabilities
|
30 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2013-05-13
|
|
Getsimple CMS 3.2.1 - Arbitrary File Upload
|
19 |
WEB
|
Ahmed Elhady Mohamed
|
|
2005-04-13
|
|
phpBB Photo Album Module 2.0.53 - 'Album_Comment.php' Cross-Site Scripting
|
20 |
WEB
|
Dcrab
|
|
2005-04-13
|
|
phpBB Photo Album 2.0.53 Module - 'Album_Cat.php' Cross-Site Scripting
|
23 |
WEB
|
Dcrab
|
|
2005-04-13
|
|
PHPBB2 Plus 1.5 - 'viewtopic.php' Cross-Site Scripting
|
18 |
WEB
|
Dcrab
|
|
2005-04-13
|
|
PHPBB2 Plus 1.5 - 'Portal.php' Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
Dcrab
|
|
2005-04-13
|
|
PHPBB2 Plus 1.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
Dcrab
|
|
2005-04-13
|
|
PHPBB2 Plus 1.5 - 'GroupCP.php' Cross-Site Scripting
|
19 |
WEB
|
Dcrab
|
|
2005-04-12
|
|
Pinnacle Cart - 'index.php' Cross-Site Scripting
|
19 |
WEB
|
SmOk3
|
|
2005-04-12
|
|
Comersus Cart 4.0/5.0 - 'Comersus_Search_Item.asp' Cross-Site Scripting
|
19 |
WEB
|
Lostmon
|
|
2005-04-11
|
|
jPORTAL 2.3.1 - 'Banner.php' SQL Injection
|
20 |
WEB
|
CiNU5
|
|
2005-04-11
|
|
WebCT Discussion Board 4.1 - HTML Injection
|
22 |
WEB
|
lacertosum
|
|
2005-04-11
|
|
Invision Power Board 1.x - 'ST' SQL Injection
|
19 |
WEB
|
Dcrab
|
|
2005-04-11
|
|
Zoom Media Gallery 2.1.2 - 'index.php' SQL Injection
|
17 |
WEB
|
Andreas Constantinides
|
|
2005-04-11
|
|
ModernGigabyte ModernBill 4.3 - 'Aid' Cross-Site Scripting
|
19 |
WEB
|
GulfTech Security
|
|
2005-04-11
|
|
ModernGigabyte ModernBill 4.3 - 'C_CODE' Cross-Site Scripting
|
19 |
WEB
|
GulfTech Security
|
|
2005-04-10
|
|
ModernGigabyte ModernBill 4.3 - 'news.php' File Inclusion
|
19 |
WEB
|
GulfTech Security
|
|
2005-04-09
|
|
Azerbaijan Development Group AzDGDatingPlatinum 1.1.0 - 'view.php?id' SQL Injection
|
20 |
WEB
|
kre0n
|
|
2005-04-09
|
|
Azerbaijan Development Group AzDGDatingPlatinum 1.1.0 - 'view.php?id' Cross-Site Scripting
|
18 |
WEB
|
kre0n
|
|
2005-04-09
|
|
RadScripts RadBids Gold 2.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
Dcrab
|
|
2005-04-09
|
|
RadScripts RadBids Gold 2.0 - 'faq.php?farea' Cross-Site Scripting
|
22 |
WEB
|
Dcrab
|
|
2005-04-09
|
|
RadScripts RadBids Gold 2.0 - 'index.php?mode' SQL Injection
|
20 |
WEB
|
Dcrab
|
|
2005-04-09
|
|
RadScripts RadBids Gold 2.0 - 'index.php?read' Traversal Arbitrary File Access
|
20 |
WEB
|
Dcrab
|
|
2005-04-08
|
|
PostNuke Phoenix 0.760 RC3 - 'SID' SQL Injection
|
17 |
WEB
|
Dcrab
|
|
2005-04-08
|
|
PostNuke Phoenix 0.760 RC3 - 'Module' Cross-Site Scripting
|
20 |
WEB
|
Dcrab
|
|
2005-04-08
|
|
PostNuke Phoenix 0.760 RC3 - 'OP' Cross-Site Scripting
|
19 |
WEB
|
Dcrab
|
|
2005-04-07
|
|
PHP-Nuke 7.6 Web_Links Module - Multiple SQL Injections
|
21 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-04-06
|
|
CubeCart 2.0.x - 'view_product.php?product' Full Path Disclosure
|
18 |
WEB
|
John Cobb
|
|
2005-04-06
|
|
CubeCart 2.0.x - 'view_cart.php?add' Full Path Disclosure
|
20 |
WEB
|
John Cobb
|
|
2005-04-06
|
|
CubeCart 2.0.x - 'tellafriend.php?product' Full Path Disclosure
|
19 |
WEB
|
John Cobb
|
|
2005-04-06
|
|
CubeCart 2.0.x - 'index.php' Multiple Full Path Disclosures
|
21 |
WEB
|
John Cobb
|
|
2005-04-06
|
|
Ocean12 Membership Manager Pro - Cross-Site Scripting
|
19 |
WEB
|
Zinho
|
|
2005-04-06
|
|
Active Auction House - 'WatchThisItem.asp' Cross-Site Scripting
|
20 |
WEB
|
Dcrab
|
|
2005-04-06
|
|
Active Auction House - 'sendpassword.asp' Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
Dcrab
|
|
2005-04-06
|
|
WebWasher CSM 4.4.1 Build 752 Conf Script - Cross-Site Scripting
|
20 |
WEB
|
Oliver Karow
|
|
2005-04-06
|
|
Active Auction House - 'account.asp?ReturnURL' Cross-Site Scripting
|
19 |
WEB
|
Dcrab
|
|
2005-04-06
|
|
Active Auction House - 'start.asp?ReturnURL' Cross-Site Scripting
|
20 |
WEB
|
Dcrab
|
|
2005-04-06
|
|
Active Auction House - 'ItemInfo.asp' SQL Injection
|
21 |
WEB
|
Dcrab
|
|
2005-04-06
|
|
Active Auction House - 'default.asp' Multiple SQL Injections
|
22 |
WEB
|
Dcrab
|
|
2005-04-06
|
|
phpBB 2.0.13 Linkz Pro Module - SQL Injection
|
20 |
WEB
|
LovER BOY
|
|
2005-04-06
|
|
phpBB 2.0.13 DLMan Pro Module - SQL Injection
|
20 |
WEB
|
LovER BOY
|
|
2005-04-06
|
|
PHP-Nuke 7.6 - 'banners.php' Cross-Site Scripting
|
16 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-04-06
|
|
PHP-Nuke 7.6 Web_Links Module - Multiple Cross-Site Scripting Vulnerabilities
|
20 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-04-05
|
|
PHP-Nuke 6.x/7.x 'Downloads' Module - 'Lid' Cross-Site Scripting
|
20 |
WEB
|
sp3x@securityreason.com
|
|
2005-04-05
|
|
PHP-Nuke 6.x/7.x Your_Account Module - Avatarcategory Cross-Site Scripting
|
20 |
WEB
|
sp3x@securityreason.com
|
|
2005-04-05
|
|
PHP-Nuke 6.x/7.x Your_Account Module - 'Username' Cross-Site Scripting
|
17 |
WEB
|
sp3x@securityreason.com
|
|
2005-04-05
|
|
profitcode software payprocart 3.0 - Directory Traversal
|
19 |
WEB
|
Diabolic Crab
|
|
2005-04-05
|
|
ProfitCode Software PayProCart 3.0 - 'Usrdetails.php' Cross-Site Scripting
|
21 |
WEB
|
Diabolic Crab
|
|
2005-04-02
|
|
SiteEnable - SQL Injection
|
20 |
WEB
|
Zinho
|
|
2005-04-04
|
|
SonicWALL SOHO 5.1.7 - Web Interface Multiple Remote Input Validation Vulnerabilities
|
19 |
WEB
|
Oliver Karow
|
|
2005-04-03
|
|
phpMyAdmin 2.x - Convcharset Cross-Site Scripting
|
17 |
WEB
|
Oriol Torrent Santiago
|
|
2005-04-01
|
|
Alstrasoft EPay Pro 2.0 - Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
Dcrab
|
|
2005-04-01
|
|
Alstrasoft EPay Pro 2.0 - Remote File Inclusion
|
19 |
WEB
|
Dcrab
|
|
2005-03-31
|
|
ASP-DEV XM Forum RC3 - IMG Tag Script Injection
|
17 |
WEB
|
Zinho
|
|
2005-03-31
|
|
InterAKT Online MX Shop 1.1.1 - SQL Injection
|
20 |
WEB
|
Dcrab
|
|
2005-03-29
|
|
Lighthouse Development Squirrelcart 1.5.5 - SQL Injection
|
19 |
WEB
|
Diabolic Crab
|
|
2005-03-29
|
|
Iatek IntranetApp 2.3 - 'ad_click.asp?banner_id' SQL Injection
|
17 |
WEB
|
Diabolic Crab
|
|
2005-03-29
|
|
UApplication Ublog 1.0.x - Cross-Site Scripting
|
22 |
WEB
|
PersianHacker Team
|
|
2005-03-29
|
|
CPG Dragonfly 9.0.2.0 - Multiple Cross-Site Scripting Vulnerabilities
|
17 |
WEB
|
mircia
|
|
2005-03-29
|
|
Chatness 2.5 - 'Message Form' HTML Injection
|
20 |
WEB
|
3nitro
|
|
2005-03-29
|
|
The Includer 1.0/1.1 - Remote File Inclusion
|
21 |
WEB
|
hoang yen
|
|
2005-03-28
|
|
ACS Blog 0.8/0.9/1.0/1.1 - 'Name' HTML Injection
|
18 |
WEB
|
Dan Crowley
|
|
2005-03-28
|
|
PhotoPost Pro 5.1 - 'showphoto.php?photo' SQL Injection
|
21 |
WEB
|
Diabolic Crab
|
|
2005-03-28
|
|
PhotoPost Pro 5.1 - 'showmembers.php?sl' SQL Injection
|
18 |
WEB
|
Diabolic Crab
|
|
2005-03-28
|
|
PhotoPost Pro 5.1 - 'Slideshow.php?photo' Cross-Site Scripting
|
21 |
WEB
|
Diabolic Crab
|
|
2005-03-28
|
|
PhotoPost Pro 5.1 - 'showmembers.php' Multiple Cross-Site Scripting Vulnerabilities
|
18 |
WEB
|
Diabolic Crab
|
|
2005-03-28
|
|
PhotoPost Pro 5.1 - 'showgallery.php' Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
Diabolic Crab
|
|
2013-05-08
|
|
ColdFusion 9-10 - Credential Disclosure
|
23 |
WEB
|
HTP
|
|
2013-05-08
|
|
MoinMoin - Arbitrary Command Execution
|
18 |
WEB
|
HTP
|
|
2005-03-29
|
|
phpCoin 1.2 - 'auxpage.php?page' Traversal Arbitrary File Access
|
23 |
WEB
|
GulfTech Security
|
|
2005-03-28
|
|
Valdersoft Shopping Cart 3.0 - Multiple Input Validation Vulnerabilities
|
21 |
WEB
|
Diabolic Crab
|
|
2005-03-28
|
|
EXoops - Multiple Input Validation Vulnerabilities
|
22 |
WEB
|
Diabolic Crab
|
|
2005-03-28
|
|
Tkai's Shoutbox - 'Query' Open Redirection
|
20 |
WEB
|
CorryL
|
|
2013-05-07
|
|
b2evolution 4.1.6 - Multiple Vulnerabilities
|
20 |
WEB
|
High-Tech Bridge SA
|
|
2013-05-07
|
|
Cisco Linksys E4200 - Multiple Vulnerabilities
|
22 |
WEB
|
sqlhacker
|
|
2005-03-26
|
|
MagicScripts E-Store Kit-2 PayPal Edition - Remote File Inclusion
|
19 |
WEB
|
Dcrab
|
|
2005-03-26
|
|
MagicScripts E-Store Kit-2 PayPal Edition - Cross-Site Scripting
|
21 |
WEB
|
Dcrab
|
|
2005-03-26
|
|
Nuke BookMarks 0.6 - 'Marks.php' SQL Injection
|
20 |
WEB
|
Gerardo Astharot Di Giacomo
|
