Blog RSSExploits RSSFacebook

WEB

Date D   Description Plat. Author
2005-03-15   PHPOpenChat 2.3.4/3.0.1 - 'poc.php' Remote File Inclusion 33 WEB Albania Security Clan
2005-03-15   PHPOpenChat 2.3.4/3.0.1 - 'poc_loginform.php?phpbb_root_path' Remote File Inclusion 33 WEB Albania Security Clan
2005-03-14   VoteBox 2.0 - 'Votebox.php' Remote File Inclusion 30 WEB SmOk3
2005-03-14   PHPAdsNew 2.0.4 - 'AdFrame.php' Cross-Site Scripting 35 WEB Maksymilian Arciemowicz
2005-03-14   SimpGB 1.0 - 'Guestbook.php' SQL Injection 30 WEB visus
2005-03-14   Phorum 5.0.14 - Multiple Subject and Attachment HTML Injection Vulnerabilities 32 WEB Jon Oberheide
2005-03-13   HolaCMS 1.2.x/1.4.x Voting Module - Directory Traversal Remote File Corruption 32 WEB Virginity Security
2005-03-14   PABox 2.0 - Post Icon HTML Injection 30 WEB Rift_XT
2005-03-12   HolaCMS 1.2/1.4.x Voting Module - Remote File Corruption 29 WEB Virginity Security
2005-03-12   PAFileDB 1.1.3/2.1.1/3.0/3.1 - 'category.php?start' Cross-Site Scripting 29 WEB sp3x@securityreason.com
2005-03-12   PAFileDB 1.1.3/2.1.1/3.0/3.1 - 'viewall.php?start' Cross-Site Scripting 31 WEB sp3x@securityreason.com
2005-03-12   PAFileDB 1.1.3/2.1.1/3.0/3.1 - 'category.php?start' SQL Injection 29 WEB sp3x@securityreason.com
2005-03-12   PAFileDB 1.1.3/2.1.1/3.0/3.1 - 'viewall.php?start' SQL Injection 30 WEB sp3x@securityreason.com
2005-03-11   UBBCentral UBB.Threads 6.0 - 'editpost.php' SQL Injection 35 WEB ADZ Security Team
2005-03-10   All Enthusiast PhotoPost PHP Pro 5.0 - 'adm-photo.php' Arbitrary Image Manipulation 31 WEB Igor Franchuk
2005-03-10   phpoutsourcing zorum 3.5 - Multiple Vulnerabilities 31 WEB benjilenoob
2005-03-08   Newsscript - Access Validation 31 WEB adrianc23@gmail.com
2005-03-08   PHP Arena PAFileDB 3.1 - Multiple Cross-Site Scripting Vulnerabilities 33 WEB sp3x@securityreason.com
2005-03-08   YaBB 2.0 - Remote UsersRecentPosts Cross-Site Scripting 28 WEB trueend5
2005-03-08   OutStart Participate Enterprise 3 - Multiple Access Validation Vulnerabilities 34 WEB Altrus
2005-03-08   PHP-Fusion 5.0 - BBCode IMG Tag Script Injection 34 WEB FireSt0rm
2005-03-07   Jason Hines PHPWebLog 0.4/0.5 - Remote File Inclusion 28 WEB Filip Groszynski
2005-03-05   Stadtaus.Com PHP Form Mail Script 2.3 - Remote File Inclusion 30 WEB mozako
2005-03-04   Stadtaus.Com Download Center Lite 1.5 - PHP Remote File Inclusion 30 WEB Filip Groszynski
2005-03-03   Typo3 CMW_Linklist 1.4.1 Extension - SQL Injection 31 WEB Fabian Becker
2005-03-03   D-Forum 1.11 - 'Nav.php3' Cross-Site Scripting 31 WEB benjilenoob
2005-03-02   ProjectBB 0.4.5.1 - Multiple SQL Injections 30 WEB benji lemien
2005-03-02   ProjectBB 0.4.5.1 - Multiple Cross-Site Scripting Vulnerabilities 30 WEB benji lemien
2005-03-01   PHPNews 1.2.3/1.2.4 - 'auth.php' Remote File Inclusion 32 WEB mozako
2005-03-01   PBLang Bulletin Board System 4.x - 'DelPM.php' Arbitrary Personal Message Deletion 31 WEB Raven
2005-03-01   427BB 2.x - Multiple Remote HTML Injection Vulnerabilities 29 WEB Hackerlounge Research Group
2005-03-01   CutePHP CuteNews 1.3.6 - 'x-forwarded-for' Script Injection 31 WEB FraMe
2005-03-01   PBLang Bulletin Board System 4.x - 'SendPM.php' Directory Traversal 31 WEB Raven
2005-03-01   PHPCOIN 1.2 - 'login.php' Multiple Cross-Site Scripting Vulnerabilities 33 WEB Lostmon
2005-03-01   PHPCOIN 1.2 - 'mod.php' Multiple Cross-Site Scripting Vulnerabilities 39 WEB Lostmon
2005-02-28   PostNuke Phoenix 0.7x - 'SHOW' SQL Injection 32 WEB Maksymilian Arciemowicz
2005-02-28   PostNuke Phoenix 0.7x - 'CATID' SQL Injection 33 WEB Maksymilian Arciemowicz
2005-02-28   phpBB 2.0.x - Authentication Bypass (3) 29 WEB overdose
2005-02-28   phpBB 2.0.x - Authentication Bypass (2) 33 WEB phuket
2005-02-28   phpBB 2.0.x - Authentication Bypass (1) 32 WEB Paisterist
2005-02-25   CubeCart 2.0.x - Multiple Cross-Site Scripting Vulnerabilities 29 WEB Lostmon
2005-02-24   phpWebSite 0.x - Image File Processing Arbitrary '.PHP' File Upload 32 WEB tjomka
2005-02-24   PunBB 3.0/3.1 - Multiple Remote Input Validation Vulnerabilities 29 WEB John Gumbel
2005-02-24   cyclades alterpath manager 1.1 - Multiple Vulnerabilities 33 WEB sullo@cirt.net
2005-02-24   OOApp Guestbook - Multiple HTML Injection Vulnerabilities 30 WEB m1o1d1
2005-02-24   phpMyAdmin 2.6 - Multiple Local File Inclusions 30 WEB Maksymilian Arciemowicz
2005-02-24   phpMyAdmin 2.6 - 'theme_right.css.php' Multiple Cross-Site Scripting Vulnerabilities 31 WEB Maksymilian Arciemowicz
2005-02-24   phpMyAdmin 2.6 - 'theme_left.css.php' Multiple Cross-Site Scripting Vulnerabilities 29 WEB Maksymilian Arciemowicz
2005-02-24   phpMyAdmin 2.6 - 'display_tbl_links.lib.php' Multiple Cross-Site Scripting Vulnerabilities 29 WEB Maksymilian Arciemowicz
2005-02-24   phpMyAdmin 2.6 - 'select_server.lib.php' Multiple Cross-Site Scripting Vulnerabilities 28 WEB Maksymilian Arciemowicz
2005-02-23   PBLang Bulletin Board System 4.6 - 'search.php' Cross-Site Scripting 30 WEB Hackerlounge Research Group
2005-02-22   iGeneric iG Shop 1.x - Multiple SQL Injections 31 WEB John Cobb
2005-02-22   Mono 1.0.5 - Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabilities 30 WEB Andrey Rusyaev
2005-02-22   Biz Mail Form 2.x - Unauthorized Mail Relay 30 WEB Jason Frisvold
2005-02-21   PANews 2.0 - PHP Remote Code Execution 32 WEB tjomka
2005-02-21   Invision Power Board (IP.Board) 1.x/2.0.3 - SML Code Script Injection 41 WEB Daniel A.
2013-05-02   D-Link DNS-323 - Multiple Vulnerabilities 31 WEB sghctoma
2013-05-01   Vivotek IP Cameras - Multiple Vulnerabilities 28 WEB Core Security
2013-05-01   D-Link IP Cameras - Multiple Vulnerabilities 30 WEB Core Security
2005-02-19   PMachine Pro 2.4 - Remote File Inclusion 31 WEB kc
2013-05-01   EggBlog 4.1.2 - Arbitrary File Upload 32 WEB Pokk3rs
2005-02-19   ZeroBoard 4.1 - Multiple Cross-Site Scripting Vulnerabilities 31 WEB albanian haxorz
2005-02-18   TrackerCam 5.12 - 'ComGetLogFile.php3?fm' Traversal Arbitrary File Access 31 WEB Luigi Auriemma
2005-02-17   BibORB 1.3.2 Login Module - Multiple SQL Injections 33 WEB Patrick Hof
2005-02-17   BibORB 1.3.2 - 'index.php' Traversal Arbitrary File Manipulation 32 WEB Patrick Hof
2005-02-17   BibORB 1.3.2 - Add Database 'Description' Cross-Site Scripting 33 WEB Patrick Hof
2005-02-17   BibORB 1.3.2 - 'bibindex.php?search' Cross-Site Scripting 33 WEB Patrick Hof
2005-02-17   paFaq beta4 - 'comment.php' Multiple SQL Injections 35 WEB pi3ch
2005-02-17   paFaq beta4 - 'search.php?search_item' SQL Injection 29 WEB pi3ch
2005-02-17   paFaq beta4 - 'answer.php?offset' SQL Injection 31 WEB pi3ch
2005-02-17   paFaq beta4 - 'question.php' Multiple SQL Injections 34 WEB pi3ch
2005-02-17   WebCalendar 0.9.45 - SQL Injection 34 WEB Michael Scovetta
2005-02-16   MercuryBoard Forum 1.0/1.1 - Cross-Site Scripting 32 WEB Lostmon
2005-02-16   PaNews 2.0 - Cross-Site Scripting 32 WEB pi3ch
2005-02-16   Microsoft ASP.NET 1.0/1.1 - Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabiliti 30 WEB Andrey Rusyaev
2005-02-16   DCP-Portal 6.1.1 - Multiple SQL Injections 32 WEB Exoduks
2005-02-16   AWStats 5.x/6.x - 'Logfile' Remote Command Execution 27 WEB newbug@chroot.org
2005-02-15   osCommerce 2.2 - 'Contact_us.php' Cross-Site Scripting 29 WEB John Cobb
2005-02-15   CitrusDB 0.3.6 - Arbitrary Local PHP File Inclusion 29 WEB RedTeam Pentesting
2005-02-15   PHP-Nuke 6.x/7.x - Multiple Cross-Site Scripting Vulnerabilities 31 WEB waraxe
2004-02-15   CitrusDB 0.3.6 - Remote Authentication Bypass 33 WEB RedTeam Pentesting
2005-02-15   CitrusDB 0.3.6 - 'importcc.php' CSV File SQL Injection 32 WEB RedTeam Pentesting
2005-02-15   CitrusDB 0.3.6 - 'uploadcc.php' Arbitrary Database Injection 29 WEB RedTeam Pentesting
2005-02-15   CitrusDB 0.3.6 - 'importcc.php' Arbitrary Database Injection 31 WEB RedTeam Pentesting
2005-02-14   Brooky CubeCart 2.0.1/2.0.4 - 'index.php?language' Traversal Arbitrary File Access 33 WEB John Cobb
2005-02-14   Brooky CubeCart 2.0.1/2.0.4 - 'index.php?language' Cross-Site Scripting 31 WEB John Cobb
2005-02-14   AWStats 5.x/6.x - Debug Remote Information Disclosure 33 WEB GHC
2005-02-09   MercuryBoard 1.1 - 'index.php' SQL Injection 30 WEB Zeelock
2005-02-08   XGB 2.0 - Authentication Bypass 30 WEB Albania Security Clan
2005-02-08   PHP-Fusion 4.0 - 'Viewthread.php' Information Disclosure 34 WEB TheGreatOne2176
2013-04-29   Foe CMS 1.6.5 - Multiple Vulnerabilities 35 WEB flux77
2013-04-26   Joomla! 3.0.3 - 'remember.php' PHP Object Injection 29 WEB EgiX
2013-04-29   Ipswitch IMail 11.01 - Cross-Site Scripting 29 WEB DaOne
2005-02-07   Microsoft Outlook 2003 - Web Access Login Form Remote URI redirection 34 WEB Morning Wood
2005-02-02   Eurofull E-Commerce - 'Mensresp.asp' Cross-Site Scripting 31 WEB Yani-ari
2005-01-28   XOOPS Module module 3.0 - Directory Traversal 32 WEB Lostmon
2005-01-29   Captaris Infinite Mobile Delivery Webmail 2.6 - Full Path Disclosure 29 WEB steven@lovebug.org
2005-01-28   IceWarp Web Mail 5.3 - 'accountsettings_add.html?accountid' Cross-Site Scripting 30 WEB ShineShadow
2005-01-28   IceWarp Web Mail 5.3 - login.html 'Username' Cross-Site Scripting 31 WEB ShineShadow
2005-01-28   alt-n WebAdmin 3.0.2 - Multiple Vulnerabilities 31 WEB David A. P?rez
2005-01-27   Magic Winmail Server 4.0 (Build 1112) - 'upload.php' Traversal Arbitrary File Upload 32 WEB Tan Chew Keong
2005-01-27   Magic Winmail Server 4.0 (Build 1112) - 'download.php' Traversal Arbitrary File Access 32 WEB Tan Chew Keong
2005-01-25   Comdev eCommerce 3.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities 27 WEB SmOk3
2005-01-25   Comersus Cart 5.0/6.0 - Multiple Vulnerabilities 31 WEB raf somers
2005-01-25   MercuryBoard 1.1 - Multiple Input Validation Vulnerabilities 30 WEB Alberto Trivero
2005-12-25   Exponent CMS 0.95 - Multiple Cross-Site Scripting Vulnerabilities 31 WEB y3dips
2005-01-19   Siteman 1.1 - User Database Privilege Escalation (2) 34 WEB amironline452
2005-01-19   Siteman 1.1 - User Database Privilege Escalation (1) 32 WEB Noam Rathaus
2004-12-23   Wirtualna Polska WPKontakt 3.0.1 - Remote Script Execution 32 WEB Poznan Supercomputing
2004-12-22   2BGal 2.5.1 - SQL Injection 29 WEB zib
2004-01-27   phpGroupWare 0.9.x - 'index.php' HTML Injection 29 WEB Cedric Cochin
2004-01-27   phpGroupWare 0.9.14 - 'Tables_Update.Inc.php' Remote File Inclusion 30 WEB Cedric Cochin
2004-12-20   Tlen.pl 5.23.4.1 - Instant Messenger Remote Script Execution 29 WEB Jaroslaw Sajko
2004-12-20   escripts software e_board 4.0 - Directory Traversal 31 WEB white_e@nogimmick.org
2004-12-18   Kayako eSupport 2.x - Ticket System Multiple SQL Injections 30 WEB GulfTech Security
2004-12-18   Kayako eSupport 2.x - 'index.php' Knowledgebase Cross-Site Scripting 31 WEB GulfTech Security
2013-04-26   D-Link DIR-635 - Multiple Vulnerabilities 32 WEB m-1-k-3
2004-12-17   WorkBoard 1.2 - Multiple Cross-Site Scripting Vulnerabilities 30 WEB Lostmon
2013-04-25   phpMyAdmin 3.5.8/4.0.0-RC2 - Multiple Vulnerabilities 31 WEB waraxe
2013-04-25   Hornbill Supportworks ITSM 1.0.0 - SQL Injection 32 WEB Joseph Sheridan
2004-12-16   MediaWiki 1.3.x - Arbitrary Script Upload 29 WEB Jeremy Bae
2004-12-16   WordPress Core 1.2.1/1.2.2 - 'moderation.php?item_approved' Cross-Site Scripting 31 WEB Thomas Waldegger
2004-12-16   WordPress Core 1.2.1/1.2.2 - 'link-manager.php' Multiple Cross-Site Scripting Vulnerabilities 36 WEB Thomas Waldegger
2004-12-16   WordPress Core 1.2.1/1.2.2 - 'link-categories.php?cat_id' Cross-Site Scripting 32 WEB Thomas Waldegger
2004-12-16   WordPress Core 1.2.1/1.2.2 - 'link-add.php' Multiple Cross-Site Scripting Vulnerabilities 29 WEB Thomas Waldegger