Blog RSSExploits RSSFacebook

WEB

Date D   Description Plat. Author
2004-10-25   MoniWiki 1.0/1.1 - 'Wiki.php' Cross-Site Scripting 30 WEB Jeremy Bae
2004-10-22   Netbilling NBMEMBER Script - Information Disclosure 34 WEB ls
2004-10-21   UBBCentral UBB.Threads 3.4/3.5 - 'Dosearch.php' SQL Injection 34 WEB Florian Rock
2004-10-21   S9Y Serendipity 0.x - 'exit.php' HTTP Response Splitting 33 WEB ChaoticEvil
2004-10-19   Jan Erdmann Jebuch 1.0 - HTML Injection 30 WEB PuWu
2004-10-18   IBM Lotus Domino 6.x - Cross-Site Scripting / HTML Injection 33 WEB Juan C Calderon
2004-10-18   cPanel 9.9.1 -R3 Front Page Extension - Installation Information Disclosure 30 WEB Karol Wiesek
2004-10-16   CoolPHP 1.0 - Multiple Remote Input Validation Vulnerabilities 31 WEB R00tCr4ck
2004-10-14   Pinnacle Systems ShowCenter 1.51 - 'SettingsBase.php' Cross-Site Scripting 35 WEB Secunia Research
2004-10-13   FuseTalk Forum 4.0 - Multiple Cross-Site Scripting Vulnerabilities 29 WEB steven
2004-10-13   SCT Campus Pipeline 1.0/2.x/3.x - 'Render.UserLayoutRootNode.uP' Cross-Site Scripting 27 WEB Matthew Oyer
2004-10-11   DUforum 3.x - 'messageDetail.asp?MSG_ID' SQL Injection 31 WEB Soroosh Dalili
2004-10-11   DUforum 3.x - 'messages.asp?FOR_ID' SQL Injection 33 WEB Soroosh Dalili
2004-10-11   DUforum 3.x - Login Form 'Password' SQL Injection 30 WEB Soroosh Dalili
2004-10-11   DUclassmate 1.x - 'account.asp?MM-recordId' Arbitrary Password Modification 32 WEB Soroosh Dalili
2004-10-11   DUclassified 4.x - 'adDetail.asp' Multiple SQL Injections 29 WEB Soroosh Dalili
2004-10-11   Go Smart Inc GoSmart Message Board - Multiple Input Validation Vulnerabilities 32 WEB Positive Technologies
2004-10-07   WordPress Core 1.2 - 'wp-login.php' HTTP Response Splitting 30 WEB Chaotic Evil
2004-10-06   Microsoft ASP.NET 1.x - URI Canonicalization Unauthorized Web Access 30 WEB anonymous
2004-10-06   DCP-Portal 3.7/4.x/5.x - 'calendar.php' HTTP Response Splitting 29 WEB Alexander Antipov
2004-10-06   DCP-Portal 3.7/4.x/5.x - Multiple HTML Injection Vulnerabilities 30 WEB Alexander Antipov
2004-10-06   DCP-Portal 3.7/4.x/5.x - 'contents.php?cid' Cross-Site Scripting 33 WEB Alexander Antipov
2004-10-06   DCP-Portal 3.7/4.x/5.x - 'news.php?cid' Cross-Site Scripting 28 WEB Alexander Antipov
2004-10-06   DCP-Portal 3.7/4.x/5.x - 'announcement.php?cid' Cross-Site Scripting 30 WEB Alexander Antipov
2004-10-06   DCP-Portal 3.7/4.x/5.x - 'index.php' Multiple Cross-Site Scripting Vulnerabilities 33 WEB Alexander Antipov
2004-10-06   DCP-Portal 3.7/4.x/5.x - 'calendar.php' Multiple Cross-Site Scripting Vulnerabilities 28 WEB Alexander Antipov
2004-10-06   BlackBoard Internet NewsBoard System 1.5.1 - Remote File Inclusion 29 WEB Lin Xiaofeng
2004-10-05   PHPLinks 2.1.x - Multiple Input Validation Vulnerabilities 30 WEB LSS Security
2004-09-30   W-Agora 4.1.6a - 'login.php?loginuser' Cross-Site Scripting 30 WEB Alexander Antipov
2004-09-30   W-Agora 4.1.6a - 'subscribe_thread.php' HTTP Response Splitting 29 WEB Alexander Antipov
2004-09-30   W-Agora 4.1.6 - 'a download_thread.php?thread' Cross-Site Scripting 32 WEB Alexander Antipov
2004-09-30   W-Agora 4.1.6 - 'a forgot_password.php?userid' Cross-Site Scripting 31 WEB Alexander Antipov
2004-09-30   W-Agora 4.1.6 - 'a redir_url.php?key' SQL Injection 32 WEB Alexander Antipov
2004-09-28   Parachat 5.5 - Directory Traversal 31 WEB Donato Ferrante
2004-09-28   WordPress Core 1.2 - 'edit-comments.php' Multiple Cross-Site Scripting Vulnerabilities 31 WEB Thomas Waldegger
2004-09-28   WordPress Core 1.2 - 'edit.php?s' Cross-Site Scripting 32 WEB Thomas Waldegger
2004-09-28   WordPress Core 1.2 - 'categories.php?cat_ID' Cross-Site Scripting 31 WEB Thomas Waldegger
2004-09-28   WordPress Core 1.2 - 'bookmarklet.php' Multiple Cross-Site Scripting Vulnerabilities 30 WEB Thomas Waldegger
2004-09-28   WordPress Core 1.2 - 'admin-header.php?redirect_url' Cross-Site Scripting 29 WEB Thomas Waldegger
2004-09-28   WordPress Core 1.2 - 'wp-login.php' Multiple Cross-Site Scripting Vulnerabilities 29 WEB Thomas Waldegger
2004-09-27   @lexPHPTeam @lex Guestbook 3.12 - PHP Remote File Inclusion 29 WEB Himeur Nourredine
2004-09-27   PD9 Software MegaBBS 2.0/2.1 - 'view-profile.asp' Multiple SQL Injections 31 WEB pigrelax
2004-09-27   PD9 Software MegaBBS 2.0/2.1 - 'ladder-log.asp' Multiple SQL Injections 32 WEB pigrelax
2004-09-27   PD9 Software MegaBBS 2.0/2.1 - 'thread-post.asp' Multiple Header CRLF Injections 32 WEB pigrelax
2013-03-07   mnoGoSearch 3.3.12 (search.cgi) - Arbitrary File Read 28 WEB Sergey Bobrov
2013-03-07   CosCMS 1.721 - OS Command Injection 31 WEB High-Tech Bridge SA
2013-03-07   Qool CMS 2.0 RC2 - Multiple Vulnerabilities 32 WEB LiquidWorm
2004-09-27   FreezingCold Broadboard - 'profile.asp' SQL Injection 31 WEB pigrelax
2004-09-27   FreezingCold Broadboard - 'search.asp' SQL Injection 30 WEB pigrelax
2004-09-20   TUTOS - 'app_new.php?t' Cross-Site Scripting 32 WEB Joxean Koret
2004-09-20   TUTOS - 'file_overview.php?link_id' SQL Injection 31 WEB Joxean Koret
2004-09-20   Mambo Open Source 4.5.1 (1.0.9) - 'Function.php' Arbitrary Command Execution 32 WEB Joxean Koret
2004-09-20   Mambo Open Source 4.5.1 (1.0.9) - Cross-Site Scripting 29 WEB Joxean Koret
2004-09-18   Remository - SQL Injection 30 WEB khoaimi
2004-09-17   YaBB 1.x/9.1.2000 - 'YaBB.pl IMSend' Cross-Site Scripting 29 WEB GulfTech Security
2004-09-17   YaBB 1.x/9.1.2000 - Administrator Command Execution 31 WEB GulfTech Security
2004-09-16   Snitz Forums 2000 - 'down.asp' HTTP Response Splitting 32 WEB Maestro De-Seguridad
2013-03-06   Remote File Manager 1.2 iOS - Multiple Vulnerabilities 31 WEB Vulnerability-Lab
2004-09-15   BBS E-Market Professional bf_130 1.3.0 - Multiple File Disclosure Vulnerabilities 30 WEB Jeong Jin-Seok
2004-09-13   PerlDesk Language Variable - Server-Side Script Execution 30 WEB Nikyt0x Argentina
2004-09-10   GetSolutions GetInternet - Multiple SQL Injections 32 WEB Criolabs
2004-09-10   GetSolutions GetIntranet 2.2 - Multiple Remote Input Validation Vulnerabilities 29 WEB Criolabs
2004-09-10   PostNuke Modules Factory Subjects Module 2.0 - SQL Injection 31 WEB Criolabs
2004-09-09   BBS E-Market Professional bf_130 (1.3.0) - Remote File Inclusion 32 WEB Ahmad Muammar
2004-09-07   SAFE TEAM Regulus 2.2 - Customer Statistics Information Disclosure 31 WEB masud_libra
2004-09-07   SAFE TEAM Regulus 2.2 - 'Custchoice.php' Update Your Password Action Information Disclosure 30 WEB masud_libra
2004-09-07   UtilMind Solutions Site News 1.1 - Authentication Bypass 28 WEB anonymous
2004-09-05   PSNews 1.1 - 'No' Cross-Site Scripting 28 WEB Michal Blaszczak
2004-09-07   Webmin 1.x - HTML Email Command Execution 30 WEB Keigo Yamazaki
2004-09-04   Keene Digital Media Server 1.0.2 - Cross-Site Scripting 33 WEB dr_insane
2004-09-02   CuteNews 0.88/1.3.x - 'index.php' Cross-Site Scripting 31 WEB Exoduks
2004-09-02   SiteCubed MailWorks Professional - Authentication Bypass 31 WEB Paul Craig
2013-03-04   Nconf 1.3 - Multiple SQL Injections 31 WEB Saadi Siddiqui
2013-03-04   D-Link DSL-2740B ADSL Router - Authentication Bypass 30 WEB Ivano Binetti
2013-03-01   PHP-Fusion 7.02.05 - Multiple Vulnerabilities 27 WEB waraxe
2013-03-01   Piwigo 2.4.6 - Multiple Vulnerabilities 29 WEB High-Tech Bridge SA
2013-03-01   doorGets CMS - Cross-Site Request Forgery 31 WEB n0pe
2013-02-27   WordPress Plugin Comment Rating 2.9.32 - Multiple Vulnerabilities 32 WEB ebanyu
2013-02-27   Joomla! 3.0.2 - 'highlight.php' PHP Object Injection 34 WEB EgiX
2013-02-26   WiFilet 1.2 iPad iPhone - Multiple Vulnerabilities 32 WEB Vulnerability-Lab
2013-02-26   MTP Poll 1.0 - Multiple Cross-Site Scripting Vulnerabilities 27 WEB LiquidWorm
2013-02-26   MTP Guestbook 1.0 - Multiple Cross-Site Scripting Vulnerabilities 29 WEB LiquidWorm
2013-02-26   MTP Image Gallery 1.0 - 'edit_photos.php?title' Cross-Site Scripting 31 WEB LiquidWorm
2013-02-26   iOS IPMap 2.5 - Arbitrary File Upload 28 WEB Vulnerability-Lab
2013-02-26   Rix4Web Portal - Blind SQL Injection 29 WEB L0n3ly-H34rT
2013-02-26   Brewthology 0.1 - SQL Injection 33 WEB cr4wl3r
2013-02-21   PHPMyRecipes 1.2.2 - 'viewrecipe.php?r_id' SQL Injection 32 WEB cr4wl3r
2013-02-21   glFusion 1.2.2 - Multiple Cross-Site Scripting Vulnerabilities 31 WEB High-Tech Bridge SA
2013-02-21   Alt-N MDaemon WorldClient 13.0.3 - Multiple Vulnerabilities 30 WEB QSecure & Demetris Papapetrou
2013-02-21   Alt-N MDaemon 12.5.6/13.0.3 - Email Body HTML/JS Injection 29 WEB QSecure & Demetris Papapetrou
2013-02-21   RTTucson Quotations Database Script - Authentication Bypass 30 WEB cr4wl3r
2013-02-21   Web Cookbook - Multiple Vulnerabilities 30 WEB cr4wl3r
2013-02-20   CKEditor 4.0.1 - Multiple Vulnerabilities 29 WEB AkaStep
2013-02-20   RTTucson Quotations Database - Multiple Vulnerabilities 32 WEB 3spi0n
2013-02-19   Piwigo 2.4.6 - '/install.php' Arbitrary File Read/Delete 29 WEB LiquidWorm
2013-02-18   USB Sharp 1.3.4 iPad iPhone - Multiple Vulnerabilities 37 WEB Vulnerability-Lab
2013-02-18   Scripts Genie Hot Scripts Clone - 'showcategory.php?cid' SQL Injection 34 WEB Easy Laster
2013-02-18   Cometchat Application - Multiple Vulnerabilities 31 WEB z3r0sPlOiT
2013-02-18   Scripts Genie Pet Rate Pro - Multiple Vulnerabilities 29 WEB TheMirkin
2013-02-18   Netgear DGN2200B - Multiple Vulnerabilities 30 WEB m-1-k-3
2013-02-17   Scripts Genie Top Sites - 'out.php?id' SQL Injection 30 WEB 3spi0n
2013-02-17   Scripts Genie Domain Trader - 'catalog.php?id' SQL Injection 32 WEB 3spi0n
2013-02-17   Scripts Genie Games Site Script - 'index.php?id' SQL Injection 29 WEB 3spi0n
2013-02-17   Scripts Genie Gallery Personals - 'gallery.php?L' SQL Injection 34 WEB 3spi0n
2013-02-15   ChillyCMS 1.3.0 - Multiple Vulnerabilities 28 WEB Abhi M Balakrishnan
2013-02-15   Cometchat - Multiple Vulnerabilities 32 WEB B127Y
2013-02-15   TP-Link TL-WA701N / TL-WA701ND - Multiple Vulnerabilities 32 WEB m-1-k-3
2013-02-15   Edimax EW-7206-APg and EW-7209APg - Multiple Vulnerabilities 35 WEB m-1-k-3
2013-02-14   Ultra Light Forum - Persistent Cross-Site Scripting 30 WEB cr4wl3r
2013-02-14   SonicWALL OEM Scrutinizer 9.5.2 - Multiple Vulnerabilities 34 WEB Vulnerability-Lab
2013-02-14   Raidsonic IB-NAS5220 and IB-NAS4220-B - Multiple Vulnerabilities 32 WEB m-1-k-3
2013-02-14   OpenPLI 3.0 Beta (OpenPLi-beta-dm7000-20130127-272) - Multiple Vulnerabilities 30 WEB m-1-k-3
2013-02-14   Transferable Remote 1.1 iPad iPhone - Multiple Vulnerabilities 31 WEB Vulnerability-Lab
2013-02-14   SonicWALL Scrutinizer 9.5.2 - SQL Injection 32 WEB Vulnerability-Lab
2013-02-13   OpenEMR 4.1.1 - 'ofc_upload_image.php' Arbitrary File Upload 31 WEB LiquidWorm
2013-02-11   Air Disk Wireless 1.9 iPad iPhone - Multiple Vulnerabilities 30 WEB Vulnerability-Lab
2013-02-11   TP-Link - Admin Panel Multiple Cross-Site Request Forgery Vulnerabilities 32 WEB CYBSEC Labs
2013-02-11   IP.Gallery 4.2.x/5.0.x - Persistent Cross-Site Scripting 31 WEB Mohamed Ramadan
2013-02-11   IRIS Citations Management Tool - (Authenticated) Remote Command Execution 32 WEB aeon
2013-02-11   Linksys WRT160N - Multiple Vulnerabilities 34 WEB m-1-k-3
2013-02-11   D-Link DIR-615 Rev H - Multiple Vulnerabilities 29 WEB m-1-k-3
2013-02-11   Linksys WAG200G - Multiple Vulnerabilities 31 WEB m-1-k-3
2013-02-11   Linksys E1500/E2500 - Multiple Vulnerabilities 31 WEB m-1-k-3
2013-02-10   Easy Live Shop System - SQL Injection 31 WEB Ramdan Yantu
2013-02-07   WirelessFiles 1.1 iPad iPhone - Multiple Vulnerabilities 27 WEB Vulnerability-Lab