|
2004-11-12
|
|
chacmool Private Message System 1.1.3 - 'send.php?tid' Cross-Site Scripting
|
10 |
WEB
|
digital ex
|
|
2004-11-11
|
|
Phorum 5.0.x - 'FOLLOW.php' SQL Injection
|
8 |
WEB
|
Janek Vind
|
|
2004-11-12
|
|
Aztek Forum 4.0 - Multiple Input Validation Vulnerabilities
|
8 |
WEB
|
benji lemien
|
|
2004-11-10
|
|
webcalendar 0.9.x - Multiple Vulnerabilities
|
9 |
WEB
|
Joxean Koret
|
|
2004-11-03
|
|
TIPS MailPost 5.1.1 - Remote File Enumeration
|
7 |
WEB
|
Gemma Hughes
|
|
2004-11-03
|
|
TIPS MailPost 5.1.1 - Error Message Cross-Site Scripting
|
8 |
WEB
|
Procheckup
|
|
2004-11-03
|
|
TIPS MailPost 5.1.1 - 'APPEND' Cross-Site Scripting
|
8 |
WEB
|
Procheckup
|
|
2004-11-02
|
|
Goolery 0.3 - 'viewalbum.php?page' Cross-Site Scripting
|
9 |
WEB
|
Lostmon
|
|
2004-11-02
|
|
Goolery 0.3 - 'viewpic.php?conversation_id' Cross-Site Scripting
|
8 |
WEB
|
Lostmon
|
|
2004-11-02
|
|
WebHost Automation Helm Control Panel 3.1.x - Multiple Input Validation Vulnerabilities
|
8 |
WEB
|
Behrang Fouladi
|
|
2004-10-25
|
|
LinuxStat 2.x - Directory Traversal
|
8 |
WEB
|
anonymous
|
|
2004-10-25
|
|
MoniWiki 1.0/1.1 - 'Wiki.php' Cross-Site Scripting
|
9 |
WEB
|
Jeremy Bae
|
|
2004-10-22
|
|
Netbilling NBMEMBER Script - Information Disclosure
|
10 |
WEB
|
ls
|
|
2004-10-21
|
|
UBBCentral UBB.Threads 3.4/3.5 - 'Dosearch.php' SQL Injection
|
9 |
WEB
|
Florian Rock
|
|
2004-10-21
|
|
S9Y Serendipity 0.x - 'exit.php' HTTP Response Splitting
|
9 |
WEB
|
ChaoticEvil
|
|
2004-10-19
|
|
Jan Erdmann Jebuch 1.0 - HTML Injection
|
8 |
WEB
|
PuWu
|
|
2004-10-18
|
|
IBM Lotus Domino 6.x - Cross-Site Scripting / HTML Injection
|
9 |
WEB
|
Juan C Calderon
|
|
2004-10-18
|
|
cPanel 9.9.1 -R3 Front Page Extension - Installation Information Disclosure
|
9 |
WEB
|
Karol Wiesek
|
|
2004-10-16
|
|
CoolPHP 1.0 - Multiple Remote Input Validation Vulnerabilities
|
9 |
WEB
|
R00tCr4ck
|
|
2004-10-14
|
|
Pinnacle Systems ShowCenter 1.51 - 'SettingsBase.php' Cross-Site Scripting
|
9 |
WEB
|
Secunia Research
|
|
2004-10-13
|
|
FuseTalk Forum 4.0 - Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
steven
|
|
2004-10-13
|
|
SCT Campus Pipeline 1.0/2.x/3.x - 'Render.UserLayoutRootNode.uP' Cross-Site Scripting
|
8 |
WEB
|
Matthew Oyer
|
|
2004-10-11
|
|
DUforum 3.x - 'messageDetail.asp?MSG_ID' SQL Injection
|
8 |
WEB
|
Soroosh Dalili
|
|
2004-10-11
|
|
DUforum 3.x - 'messages.asp?FOR_ID' SQL Injection
|
9 |
WEB
|
Soroosh Dalili
|
|
2004-10-11
|
|
DUforum 3.x - Login Form 'Password' SQL Injection
|
8 |
WEB
|
Soroosh Dalili
|
|
2004-10-11
|
|
DUclassmate 1.x - 'account.asp?MM-recordId' Arbitrary Password Modification
|
8 |
WEB
|
Soroosh Dalili
|
|
2004-10-11
|
|
DUclassified 4.x - 'adDetail.asp' Multiple SQL Injections
|
9 |
WEB
|
Soroosh Dalili
|
|
2004-10-11
|
|
Go Smart Inc GoSmart Message Board - Multiple Input Validation Vulnerabilities
|
8 |
WEB
|
Positive Technologies
|
|
2004-10-07
|
|
WordPress Core 1.2 - 'wp-login.php' HTTP Response Splitting
|
8 |
WEB
|
Chaotic Evil
|
|
2004-10-06
|
|
Microsoft ASP.NET 1.x - URI Canonicalization Unauthorized Web Access
|
8 |
WEB
|
anonymous
|
|
2004-10-06
|
|
DCP-Portal 3.7/4.x/5.x - 'calendar.php' HTTP Response Splitting
|
9 |
WEB
|
Alexander Antipov
|
|
2004-10-06
|
|
DCP-Portal 3.7/4.x/5.x - Multiple HTML Injection Vulnerabilities
|
9 |
WEB
|
Alexander Antipov
|
|
2004-10-06
|
|
DCP-Portal 3.7/4.x/5.x - 'contents.php?cid' Cross-Site Scripting
|
8 |
WEB
|
Alexander Antipov
|
|
2004-10-06
|
|
DCP-Portal 3.7/4.x/5.x - 'news.php?cid' Cross-Site Scripting
|
8 |
WEB
|
Alexander Antipov
|
|
2004-10-06
|
|
DCP-Portal 3.7/4.x/5.x - 'announcement.php?cid' Cross-Site Scripting
|
9 |
WEB
|
Alexander Antipov
|
|
2004-10-06
|
|
DCP-Portal 3.7/4.x/5.x - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
Alexander Antipov
|
|
2004-10-06
|
|
DCP-Portal 3.7/4.x/5.x - 'calendar.php' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Alexander Antipov
|
|
2004-10-06
|
|
BlackBoard Internet NewsBoard System 1.5.1 - Remote File Inclusion
|
8 |
WEB
|
Lin Xiaofeng
|
|
2004-10-05
|
|
PHPLinks 2.1.x - Multiple Input Validation Vulnerabilities
|
9 |
WEB
|
LSS Security
|
|
2004-09-30
|
|
W-Agora 4.1.6a - 'login.php?loginuser' Cross-Site Scripting
|
8 |
WEB
|
Alexander Antipov
|
|
2004-09-30
|
|
W-Agora 4.1.6a - 'subscribe_thread.php' HTTP Response Splitting
|
9 |
WEB
|
Alexander Antipov
|
|
2004-09-30
|
|
W-Agora 4.1.6 - 'a download_thread.php?thread' Cross-Site Scripting
|
8 |
WEB
|
Alexander Antipov
|
|
2004-09-30
|
|
W-Agora 4.1.6 - 'a forgot_password.php?userid' Cross-Site Scripting
|
8 |
WEB
|
Alexander Antipov
|
|
2004-09-30
|
|
W-Agora 4.1.6 - 'a redir_url.php?key' SQL Injection
|
9 |
WEB
|
Alexander Antipov
|
|
2004-09-28
|
|
Parachat 5.5 - Directory Traversal
|
9 |
WEB
|
Donato Ferrante
|
|
2004-09-28
|
|
WordPress Core 1.2 - 'edit-comments.php' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Thomas Waldegger
|
|
2004-09-28
|
|
WordPress Core 1.2 - 'edit.php?s' Cross-Site Scripting
|
9 |
WEB
|
Thomas Waldegger
|
|
2004-09-28
|
|
WordPress Core 1.2 - 'categories.php?cat_ID' Cross-Site Scripting
|
8 |
WEB
|
Thomas Waldegger
|
|
2004-09-28
|
|
WordPress Core 1.2 - 'bookmarklet.php' Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
Thomas Waldegger
|
|
2004-09-28
|
|
WordPress Core 1.2 - 'admin-header.php?redirect_url' Cross-Site Scripting
|
8 |
WEB
|
Thomas Waldegger
|
|
2004-09-28
|
|
WordPress Core 1.2 - 'wp-login.php' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Thomas Waldegger
|
|
2004-09-27
|
|
@lexPHPTeam @lex Guestbook 3.12 - PHP Remote File Inclusion
|
8 |
WEB
|
Himeur Nourredine
|
|
2004-09-27
|
|
PD9 Software MegaBBS 2.0/2.1 - 'view-profile.asp' Multiple SQL Injections
|
9 |
WEB
|
pigrelax
|
|
2004-09-27
|
|
PD9 Software MegaBBS 2.0/2.1 - 'ladder-log.asp' Multiple SQL Injections
|
8 |
WEB
|
pigrelax
|
|
2004-09-27
|
|
PD9 Software MegaBBS 2.0/2.1 - 'thread-post.asp' Multiple Header CRLF Injections
|
9 |
WEB
|
pigrelax
|
|
2013-03-07
|
|
mnoGoSearch 3.3.12 (search.cgi) - Arbitrary File Read
|
8 |
WEB
|
Sergey Bobrov
|
|
2013-03-07
|
|
CosCMS 1.721 - OS Command Injection
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2013-03-07
|
|
Qool CMS 2.0 RC2 - Multiple Vulnerabilities
|
9 |
WEB
|
LiquidWorm
|
|
2004-09-27
|
|
FreezingCold Broadboard - 'profile.asp' SQL Injection
|
8 |
WEB
|
pigrelax
|
|
2004-09-27
|
|
FreezingCold Broadboard - 'search.asp' SQL Injection
|
8 |
WEB
|
pigrelax
|
|
2004-09-20
|
|
TUTOS - 'app_new.php?t' Cross-Site Scripting
|
8 |
WEB
|
Joxean Koret
|
|
2004-09-20
|
|
TUTOS - 'file_overview.php?link_id' SQL Injection
|
8 |
WEB
|
Joxean Koret
|
|
2004-09-20
|
|
Mambo Open Source 4.5.1 (1.0.9) - 'Function.php' Arbitrary Command Execution
|
8 |
WEB
|
Joxean Koret
|
|
2004-09-20
|
|
Mambo Open Source 4.5.1 (1.0.9) - Cross-Site Scripting
|
8 |
WEB
|
Joxean Koret
|
|
2004-09-18
|
|
Remository - SQL Injection
|
8 |
WEB
|
khoaimi
|
|
2004-09-17
|
|
YaBB 1.x/9.1.2000 - 'YaBB.pl IMSend' Cross-Site Scripting
|
9 |
WEB
|
GulfTech Security
|
|
2004-09-17
|
|
YaBB 1.x/9.1.2000 - Administrator Command Execution
|
9 |
WEB
|
GulfTech Security
|
|
2004-09-16
|
|
Snitz Forums 2000 - 'down.asp' HTTP Response Splitting
|
8 |
WEB
|
Maestro De-Seguridad
|
|
2013-03-06
|
|
Remote File Manager 1.2 iOS - Multiple Vulnerabilities
|
8 |
WEB
|
Vulnerability-Lab
|
|
2004-09-15
|
|
BBS E-Market Professional bf_130 1.3.0 - Multiple File Disclosure Vulnerabilities
|
8 |
WEB
|
Jeong Jin-Seok
|
|
2004-09-13
|
|
PerlDesk Language Variable - Server-Side Script Execution
|
8 |
WEB
|
Nikyt0x Argentina
|
|
2004-09-10
|
|
GetSolutions GetInternet - Multiple SQL Injections
|
9 |
WEB
|
Criolabs
|
|
2004-09-10
|
|
GetSolutions GetIntranet 2.2 - Multiple Remote Input Validation Vulnerabilities
|
7 |
WEB
|
Criolabs
|
|
2004-09-10
|
|
PostNuke Modules Factory Subjects Module 2.0 - SQL Injection
|
9 |
WEB
|
Criolabs
|
|
2004-09-09
|
|
BBS E-Market Professional bf_130 (1.3.0) - Remote File Inclusion
|
9 |
WEB
|
Ahmad Muammar
|
|
2004-09-07
|
|
SAFE TEAM Regulus 2.2 - Customer Statistics Information Disclosure
|
8 |
WEB
|
masud_libra
|
|
2004-09-07
|
|
SAFE TEAM Regulus 2.2 - 'Custchoice.php' Update Your Password Action Information Disclosure
|
9 |
WEB
|
masud_libra
|
|
2004-09-07
|
|
UtilMind Solutions Site News 1.1 - Authentication Bypass
|
8 |
WEB
|
anonymous
|
|
2004-09-05
|
|
PSNews 1.1 - 'No' Cross-Site Scripting
|
8 |
WEB
|
Michal Blaszczak
|
|
2004-09-07
|
|
Webmin 1.x - HTML Email Command Execution
|
8 |
WEB
|
Keigo Yamazaki
|
|
2004-09-04
|
|
Keene Digital Media Server 1.0.2 - Cross-Site Scripting
|
8 |
WEB
|
dr_insane
|
|
2004-09-02
|
|
CuteNews 0.88/1.3.x - 'index.php' Cross-Site Scripting
|
9 |
WEB
|
Exoduks
|
|
2004-09-02
|
|
SiteCubed MailWorks Professional - Authentication Bypass
|
9 |
WEB
|
Paul Craig
|
|
2013-03-04
|
|
Nconf 1.3 - Multiple SQL Injections
|
8 |
WEB
|
Saadi Siddiqui
|
|
2013-03-04
|
|
D-Link DSL-2740B ADSL Router - Authentication Bypass
|
8 |
WEB
|
Ivano Binetti
|
|
2013-03-01
|
|
PHP-Fusion 7.02.05 - Multiple Vulnerabilities
|
8 |
WEB
|
waraxe
|
|
2013-03-01
|
|
Piwigo 2.4.6 - Multiple Vulnerabilities
|
9 |
WEB
|
High-Tech Bridge SA
|
|
2013-03-01
|
|
doorGets CMS - Cross-Site Request Forgery
|
8 |
WEB
|
n0pe
|
|
2013-02-27
|
|
WordPress Plugin Comment Rating 2.9.32 - Multiple Vulnerabilities
|
8 |
WEB
|
ebanyu
|
|
2013-02-27
|
|
Joomla! 3.0.2 - 'highlight.php' PHP Object Injection
|
9 |
WEB
|
EgiX
|
|
2013-02-26
|
|
WiFilet 1.2 iPad iPhone - Multiple Vulnerabilities
|
8 |
WEB
|
Vulnerability-Lab
|
|
2013-02-26
|
|
MTP Poll 1.0 - Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
LiquidWorm
|
|
2013-02-26
|
|
MTP Guestbook 1.0 - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
LiquidWorm
|
|
2013-02-26
|
|
MTP Image Gallery 1.0 - 'edit_photos.php?title' Cross-Site Scripting
|
9 |
WEB
|
LiquidWorm
|
|
2013-02-26
|
|
iOS IPMap 2.5 - Arbitrary File Upload
|
7 |
WEB
|
Vulnerability-Lab
|
|
2013-02-26
|
|
Rix4Web Portal - Blind SQL Injection
|
8 |
WEB
|
L0n3ly-H34rT
|
|
2013-02-26
|
|
Brewthology 0.1 - SQL Injection
|
8 |
WEB
|
cr4wl3r
|
|
2013-02-21
|
|
PHPMyRecipes 1.2.2 - 'viewrecipe.php?r_id' SQL Injection
|
9 |
WEB
|
cr4wl3r
|
|
2013-02-21
|
|
glFusion 1.2.2 - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
High-Tech Bridge SA
|
|
2013-02-21
|
|
Alt-N MDaemon WorldClient 13.0.3 - Multiple Vulnerabilities
|
8 |
WEB
|
QSecure & Demetris Papapetrou
|
|
2013-02-21
|
|
Alt-N MDaemon 12.5.6/13.0.3 - Email Body HTML/JS Injection
|
8 |
WEB
|
QSecure & Demetris Papapetrou
|
|
2013-02-21
|
|
RTTucson Quotations Database Script - Authentication Bypass
|
9 |
WEB
|
cr4wl3r
|
|
2013-02-21
|
|
Web Cookbook - Multiple Vulnerabilities
|
9 |
WEB
|
cr4wl3r
|
|
2013-02-20
|
|
CKEditor 4.0.1 - Multiple Vulnerabilities
|
8 |
WEB
|
AkaStep
|
|
2013-02-20
|
|
RTTucson Quotations Database - Multiple Vulnerabilities
|
9 |
WEB
|
3spi0n
|
|
2013-02-19
|
|
Piwigo 2.4.6 - '/install.php' Arbitrary File Read/Delete
|
9 |
WEB
|
LiquidWorm
|
|
2013-02-18
|
|
USB Sharp 1.3.4 iPad iPhone - Multiple Vulnerabilities
|
8 |
WEB
|
Vulnerability-Lab
|
|
2013-02-18
|
|
Scripts Genie Hot Scripts Clone - 'showcategory.php?cid' SQL Injection
|
9 |
WEB
|
Easy Laster
|
|
2013-02-18
|
|
Cometchat Application - Multiple Vulnerabilities
|
8 |
WEB
|
z3r0sPlOiT
|
|
2013-02-18
|
|
Scripts Genie Pet Rate Pro - Multiple Vulnerabilities
|
9 |
WEB
|
TheMirkin
|
|
2013-02-18
|
|
Netgear DGN2200B - Multiple Vulnerabilities
|
8 |
WEB
|
m-1-k-3
|
|
2013-02-17
|
|
Scripts Genie Top Sites - 'out.php?id' SQL Injection
|
8 |
WEB
|
3spi0n
|
|
2013-02-17
|
|
Scripts Genie Domain Trader - 'catalog.php?id' SQL Injection
|
8 |
WEB
|
3spi0n
|
|
2013-02-17
|
|
Scripts Genie Games Site Script - 'index.php?id' SQL Injection
|
9 |
WEB
|
3spi0n
|
|
2013-02-17
|
|
Scripts Genie Gallery Personals - 'gallery.php?L' SQL Injection
|
9 |
WEB
|
3spi0n
|
|
2013-02-15
|
|
ChillyCMS 1.3.0 - Multiple Vulnerabilities
|
8 |
WEB
|
Abhi M Balakrishnan
|
|
2013-02-15
|
|
Cometchat - Multiple Vulnerabilities
|
8 |
WEB
|
B127Y
|
|
2013-02-15
|
|
TP-Link TL-WA701N / TL-WA701ND - Multiple Vulnerabilities
|
8 |
WEB
|
m-1-k-3
|
|
2013-02-15
|
|
Edimax EW-7206-APg and EW-7209APg - Multiple Vulnerabilities
|
9 |
WEB
|
m-1-k-3
|
|
2013-02-14
|
|
Ultra Light Forum - Persistent Cross-Site Scripting
|
8 |
WEB
|
cr4wl3r
|
|
2013-02-14
|
|
SonicWALL OEM Scrutinizer 9.5.2 - Multiple Vulnerabilities
|
7 |
WEB
|
Vulnerability-Lab
|
|
2013-02-14
|
|
Raidsonic IB-NAS5220 and IB-NAS4220-B - Multiple Vulnerabilities
|
8 |
WEB
|
m-1-k-3
|
|
2013-02-14
|
|
OpenPLI 3.0 Beta (OpenPLi-beta-dm7000-20130127-272) - Multiple Vulnerabilities
|
8 |
WEB
|
m-1-k-3
|
|
2013-02-14
|
|
Transferable Remote 1.1 iPad iPhone - Multiple Vulnerabilities
|
9 |
WEB
|
Vulnerability-Lab
|
|
2013-02-14
|
|
SonicWALL Scrutinizer 9.5.2 - SQL Injection
|
8 |
WEB
|
Vulnerability-Lab
|
