|
2004-04-08
|
|
1st Class Mail Server 4.0 1 - list.tagz Cross-Site Scripting
|
4 |
WEB
|
dr_insane
|
|
2004-04-08
|
|
1st Class Mail Server 4.0 1 - advanced.tagz Cross-Site Scripting
|
4 |
WEB
|
dr_insane
|
|
2004-04-08
|
|
1st Class Mail Server 4.0 1 - general.tagz Cross-Site Scripting
|
4 |
WEB
|
dr_insane
|
|
2004-04-08
|
|
1st Class Mail Server 4.0 1 - members.tagz Cross-Site Scripting
|
4 |
WEB
|
dr_insane
|
|
2004-04-08
|
|
1st Class Mail Server 4.0 1 - Index Cross-Site Scripting
|
4 |
WEB
|
dr_insane
|
|
2004-04-08
|
|
1st Class Mail Server 4.0 1 - viewmail.tagz Cross-Site Scripting
|
3 |
WEB
|
dr_insane
|
|
2004-04-07
|
|
AzDGDatingLite 2.1.1 - 'view.php?id' Cross-Site Scripting
|
4 |
WEB
|
Janek Vind
|
|
2004-04-07
|
|
AzDGDatingLite 2.1.1 - 'index.php?language' Cross-Site Scripting
|
4 |
WEB
|
Janek Vind
|
|
2004-04-08
|
|
NukeCalendar 1.1.a - 'eid' SQL Injection
|
4 |
WEB
|
Janek Vind
|
|
2004-04-08
|
|
NukeCalendar 1.1.a - 'eid' Cross-Site Scripting
|
4 |
WEB
|
Janek Vind
|
|
2004-04-08
|
|
NukeCalendar 1.1.a - 'block-Calendar_center.php' Full Path Disclosure
|
4 |
WEB
|
Janek Vind
|
|
2004-04-08
|
|
NukeCalendar 1.1.a - 'block-Calendar1.php' Full Path Disclosure
|
4 |
WEB
|
Janek Vind
|
|
2004-04-08
|
|
NukeCalendar 1.1.a - 'block-calendar.php' Full Path Disclosure
|
4 |
WEB
|
Janek Vind
|
|
2004-04-08
|
|
NukeCalendar 1.1.a - 'modules.php' Full Path Disclosure
|
4 |
WEB
|
Janek Vind
|
|
2013-01-06
|
|
Nexpose Security Console - Cross-Site Request Forgery
|
4 |
WEB
|
Robert Gilbert
|
|
2004-04-06
|
|
FloosieTek FTGate Mail Server 1.2 - Full Path Disclosure
|
4 |
WEB
|
dr_insane
|
|
2004-04-06
|
|
FloosieTek FTGate Mail Server 1.2 - 'index.fts?folder' Cross-Site Scripting
|
4 |
WEB
|
dr_insane
|
|
2004-04-05
|
|
OpenBB 1.0.6 - 'myhome.php' SQL Injection
|
4 |
WEB
|
Mark Tesn
|
|
2004-04-03
|
|
Aborior Encore Web Forum - Arbitrary Command Execution
|
4 |
WEB
|
K-159
|
|
2013-01-05
|
|
pfSense 2.0.1 - Cross-Site Scripting / Cross-Site Request Forgery / Remote Command Execution
|
4 |
WEB
|
Yann CAM
|
|
2004-03-31
|
|
CactuSoft CactuShop 5.0/5.1 - Cross-Site Scripting
|
4 |
WEB
|
Nick Gudov
|
|
2004-03-31
|
|
Cactusoft CactuShop 5.0/5.1 - SQL Injection
|
4 |
WEB
|
Nick Gudov
|
|
2004-03-30
|
|
LinBit Technologies LINBOX Officeserver - Remote Authentication Bypass
|
4 |
WEB
|
Martin Eiszner
|
|
2004-03-30
|
|
Interchange 4.8.x/5.0 - Remote Information Disclosure
|
3 |
WEB
|
anonymous
|
|
2004-03-29
|
|
Cloisterblog 1.2.2 - Journal.pl Directory Traversal
|
4 |
WEB
|
Dotho
|
|
2004-03-29
|
|
Alan Ward A-CART 2.0 - 'category.asp?catcode' SQL Injection (2)
|
4 |
WEB
|
Manuel Lopez
|
|
2004-03-29
|
|
Fresh Guest Book 1.0/2.x - HTML Injection
|
4 |
WEB
|
koi8-r Shelz
|
|
2013-01-04
|
|
MyBB Profile Wii Friend Code - Multiple Vulnerabilities
|
4 |
WEB
|
Ichi
|
|
2013-01-04
|
|
Simple Web Server 2.3-rc1 - Directory Traversal
|
4 |
WEB
|
CwG GeNiuS
|
|
2004-03-29
|
|
PhotoPost PHP Pro 3.x/4.x - 'showgallery.php' Multiple SQL Injections
|
3 |
WEB
|
JeiAr
|
|
2004-03-24
|
|
Trend Micro Interscan VirusWall localweb - Directory Traversal
|
4 |
WEB
|
Tri Huynh
|
|
2004-03-22
|
|
reget deluxe 3.0 build 121 - Directory Traversal
|
4 |
WEB
|
snifer
|
|
2004-03-22
|
|
PHP-Nuke MS-Analysis Module - HTTP Referrer Field SQL Injection
|
4 |
WEB
|
Janek Vind
|
|
2004-03-22
|
|
PHP-Nuke MS-Analysis Module - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Janek Vind
|
|
2004-03-22
|
|
Invision Power Top Site List 1.0/1.1 - 'id' SQL Injection
|
4 |
WEB
|
JeiAr
|
|
2004-03-23
|
|
Invision Power Services Invision Gallery 1.0.1 - Multiple SQL Injections
|
4 |
WEB
|
JeiAr
|
|
2004-03-22
|
|
phpBB 1.x/2.0.x - Multiple Input Validation Vulnerabilities
|
4 |
WEB
|
JeiAr
|
|
2004-03-22
|
|
vBulletin 2.x - 'private.php' Cross-Site Scripting
|
4 |
WEB
|
JeiAr
|
|
2004-03-20
|
|
Expinion.net News Manager Lite 2.5 - 'NEWS_LOGIN?admin' Cookie Authentication Bypass
|
4 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net News Manager Lite 2.5 - 'news_sort.asp?filter' SQL Injection
|
4 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net News Manager Lite 2.5 - 'category_news.asp?ID' SQL Injection
|
4 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net News Manager Lite 2.5 - 'more.asp?ID' SQL Injection
|
4 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net News Manager Lite 2.5 - 'category_news_headline.asp' Cross-Site Scripting
|
3 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net News Manager Lite 2.5 - 'search.asp' Cross-Site Scripting
|
4 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net News Manager Lite 2.5 - 'comment_add.asp' Cross-Site Scripting
|
4 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net Member Management System 2.1 - 'register.asp?err' Cross-Site Scripting
|
4 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net Member Management System 2.1 - 'error.asp?err' Cross-Site Scripting
|
4 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net Member Management System 2.1 - 'resend.asp?ID' SQL Injection
|
4 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net Member Management System 2.1 - 'news_view.asp?ID' SQL Injection
|
4 |
WEB
|
Manuel Lopez
|
|
2004-03-18
|
|
PHP-Nuke Error Manager Module 2.1 - 'error.php' Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
Janek Vind
|
|
2004-03-18
|
|
PHP-Nuke Error Manager Module 2.1 - 'error.php?language' Full Path Disclosure
|
5 |
WEB
|
Janek Vind
|
|
2004-03-17
|
|
Belchior Foundry VCard 2.8 - Authentication Bypass
|
5 |
WEB
|
saudi linux
|
|
2004-03-16
|
|
PHP-Nuke 6.x/7.0/7.1 - Image Tag Admin Command Execution
|
4 |
WEB
|
Janek Vind
|
|
2004-03-16
|
|
Mambo Open Source 4.5 - 'index.php' SQL Injection
|
3 |
WEB
|
JeiAr
|
|
2013-01-02
|
|
Astium VoIP PBX 2.1 build 25399 - Multiple Vulnerabilities/Remote Command Execution
|
3 |
WEB
|
xistence
|
|
2013-01-02
|
|
e107 1.0.2 - SQL Injection (via Cross-Site Request Forgery)
|
3 |
WEB
|
Joshua Reynolds
|
|
2013-01-02
|
|
e107 1.0.1 - Arbitrary JavaScript Execution (via Cross-Site Request Forgery)
|
3 |
WEB
|
Joshua Reynolds
|
|
2004-03-16
|
|
Mambo Open Source 4.5 - 'index.php?mos_change_template' Cross-Site Scripting
|
4 |
WEB
|
JeiAr
|
|
2004-03-16
|
|
Mambo Open Source 4.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
JeiAr
|
|
2004-03-16
|
|
vBulletin 3.0 - 'showthread.php' Cross-Site Scripting
|
4 |
WEB
|
JeiAr
|
|
2004-03-16
|
|
vBulletin 3.0 - 'forumdisplay.php' Cross-Site Scripting
|
3 |
WEB
|
JeiAr
|
|
2004-01-04
|
|
phpBB 1.x/2.0.x - 'search.php?search_results' SQL Injection
|
4 |
WEB
|
pokleyzz
|
|
2004-03-15
|
|
Phorum 3.x - 'profile.php?target' Cross-Site Scripting
|
3 |
WEB
|
JeiAr
|
|
2004-03-15
|
|
Phorum 3.x - 'login.php' HTTP_REFERER Cross-Site Scripting
|
4 |
WEB
|
JeiAr
|
|
2004-03-15
|
|
Phorum 3.x - 'register.php' HTTP_REFERER Cross-Site Scripting
|
4 |
WEB
|
JeiAr
|
|
2004-03-15
|
|
WarpSpeed 4nAlbum Module 0.92 - 'nmimage.php?z' Cross-Site Scripting
|
4 |
WEB
|
Janek Vind
|
|
2004-03-15
|
|
WarpSpeed 4nAlbum Module 0.92 - 'modules.php?gid' SQL Injection
|
2 |
WEB
|
Janek Vind
|
|
2004-03-15
|
|
WarpSpeed 4nAlbum Module 0.92 - 'displaycategory.php?basepath' Remote File Inclusion
|
3 |
WEB
|
Janek Vind
|
|
2004-03-15
|
|
PHP-Nuke 7.1 Recommend_Us Module - 'fname' Cross-Site Scripting
|
5 |
WEB
|
Janek Vind
|
|
2004-03-15
|
|
VocalTec VGW4/8 Telephony Gateway - Remote Authentication Bypass
|
3 |
WEB
|
Rafel Ivgi The-Insider
|
|
2004-03-15
|
|
YABB SE 1.5.1 - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Cheng Peng Su
|
|
2004-03-12
|
|
Emumail EMU Webmail 5.2.7 - 'emumail.fcgi' Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
dr_insane
|
|
2004-03-12
|
|
Emumail EMU Webmail 5.2.7 - nit.emu Information Disclosure
|
4 |
WEB
|
dr_insane
|
|
2004-03-12
|
|
cPanel 5/6/7/8/9 - Login Script Remote Command Execution
|
4 |
WEB
|
Arab VieruZ
|
|
2004-03-12
|
|
cPanel 5/6/7/8/9 - 'dir' Cross-Site Scripting
|
4 |
WEB
|
Fable
|
|
2004-03-09
|
|
Confixx 2 - Perl Debugger Remote Command Execution
|
4 |
WEB
|
wkr
|
|
2004-03-09
|
|
Confixx 2 - 'DB' SQL Injection
|
4 |
WEB
|
wkr
|
|
2004-03-09
|
|
Invision Power Board (IP.Board) 1.3 - 'Pop' Cross-Site Scripting
|
4 |
WEB
|
Rafel Ivgi The-Insider
|
|
2004-03-05
|
|
VirtuaSystems VirtuaNews 1.0.x (Multiple Modules) - Cross-Site Scripting
|
4 |
WEB
|
Rafel Ivgi The-Insider
|
|
2004-03-03
|
|
SpiderSales 2.0 Shopping Cart - Multiple Vulnerabilities
|
4 |
WEB
|
Nick Gudov
|
|
2012-12-31
|
|
Joomla! Component Spider Calendar - 'date' Blind SQL Injection
|
4 |
WEB
|
Red-D3v1L
|
|
2012-12-31
|
|
MyBB 1.6.9 - 'editpost.php?posthash' Blind SQL Injection
|
4 |
WEB
|
Joshua Rogers
|
|
2004-03-01
|
|
YaBB SE 1.5.x - Multiple SQL Injections
|
4 |
WEB
|
Alnitak & BackSpace
|
|
2004-03-01
|
|
YaBB SE 1.5.x - Arbitrary File Deletion
|
3 |
WEB
|
Alnitak & BackSpace
|
|
2004-03-01
|
|
IGeneric Free Shopping Cart 1.4 - Cross-Site Scripting
|
4 |
WEB
|
David Sopas Ferreira
|
|
2004-03-01
|
|
IGeneric Free Shopping Cart 1.4 - SQL Injection
|
4 |
WEB
|
David Sopas Ferreira
|
|
2004-03-01
|
|
Invision Power Board (IP.Board) 1.3 - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Rafel Ivgi The-Insider
|
|
2004-02-24
|
|
Working Resources BadBlue Server 2.40 - 'PHPtest.php' Full Path Disclosure
|
4 |
WEB
|
Rafel Ivgi
|
|
2004-02-23
|
|
LiveJournal 1.1 - CSS HTML Injection
|
4 |
WEB
|
Michael Scovetta
|
|
2004-02-23
|
|
XMB Forum 1.8 - 'forumdisplay.php' Multiple SQL Injections
|
4 |
WEB
|
Janek Vind
|
|
2004-02-23
|
|
XMB Forum 1.8 - BBcode align Tag Cross-Site Scripting
|
4 |
WEB
|
Janek Vind
|
|
2004-02-23
|
|
XMB Forum 1.8 - 'editprofile.php?user' Cross-Site Scripting
|
4 |
WEB
|
Janek Vind
|
|
2004-02-23
|
|
XMB Forum 1.8 - 'u2uadmin.php?uid' Cross-Site Scripting
|
5 |
WEB
|
Janek Vind
|
|
2004-02-23
|
|
EZBoard 7.3 - Font Tag HTML Injection
|
4 |
WEB
|
Cheng Peng Su
|
|
2004-02-23
|
|
phpNewsManager 1.36 - functions Script File Disclosure
|
5 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
WebCortex WebStores2000 - 'error.asp' Cross-Site Scripting
|
4 |
WEB
|
Nick Gudov
|
|
2004-02-18
|
|
Fool's Workshop Owl's Workshop 1.0 - 'resultsignore.php' Arbitrary File Access
|
4 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
Fool's Workshop Owl's Workshop 1.0 - 'readings/index.php' Arbitrary File Access
|
4 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
Fool's Workshop Owl's Workshop 1.0 - '/glossaries/index.php?File' Arbitrary File Access
|
4 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
Fool's Workshop Owl's Workshop 1.0 - 'newmultiplechoice.php' Arbitrary File Access
|
4 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
Fool's Workshop Owl's Workshop 1.0 - 'glossary.php' Arbitrary File Access
|
4 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
Fool's Workshop Owl's Workshop 1.0 - 'multiplechoice/index.php' Arbitrary File Access
|
4 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
eCommerce Corporation Online Store Kit 3.0 - 'listing.php?id' SQL Injection
|
4 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
eCommerce Corporation Online Store Kit 3.0 - 'shop_by_brand.php?cat_manufacturer' SQL Injection
|
4 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
eCommerce Corporation Online Store Kit 3.0 - 'shop.php?cat' SQL Injection
|
4 |
WEB
|
G00db0y
|
|
2003-02-17
|
|
eCommerce Corporation Online Store Kit 3.0 - 'More.php' Cross-Site Scripting
|
4 |
WEB
|
David Sopas Ferreira
|
|
2003-02-17
|
|
eCommerce Corporation Online Store Kit 3.0 - 'More.php?id' SQL Injection
|
4 |
WEB
|
David Sopas Ferreira
|
|
2004-02-16
|
|
YABB SE 1.5 - 'Quote' SQL Injection
|
4 |
WEB
|
BaCkSpAcE
|
|
2004-02-16
|
|
ShopCartCGI 2.3 - genindexpage.cgi Traversal Arbitrary File Access
|
4 |
WEB
|
G00db0y
|
|
2004-02-16
|
|
ShopCartCGI 2.3 - 'gotopage.cgi' Traversal Arbitrary File Access
|
4 |
WEB
|
G00db0y
|
|
2004-02-16
|
|
ProductCart 1.x/2.x - 'Custva.asp?redirectUrl' Cross-Site Scripting
|
4 |
WEB
|
Nick Gudov
|
|
2004-02-16
|
|
ProductCart 1.x/2.x - 'advSearch_h.asp' Multiple SQL Injections
|
5 |
WEB
|
Nick Gudov
|
|
2004-02-16
|
|
ProductCart 1.x/2.x - Weak Cryptography
|
4 |
WEB
|
Nick Gudov
|
|
2004-02-16
|
|
AllMyLinks 0.x - 'footer.inc.php' Arbitrary Code Execution
|
4 |
WEB
|
Pablo Santana
|
|
2004-02-16
|
|
AllMyVisitors 0.x - 'info.inc.php' Arbitrary Code Execution
|
4 |
WEB
|
Pablo Santana
|
|
2004-02-16
|
|
AllMyGuests 0.x - 'info.inc.php' Arbitrary Code Execution
|
4 |
WEB
|
Pablo Santana
|
|
2004-02-01
|
|
ASP Portal - Multiple Vulnerabilities
|
3 |
WEB
|
Manuel Lopez
|
|
2004-02-13
|
|
vBulletin 3.0 - 'search.php' Cross-Site Scripting
|
4 |
WEB
|
Rafel Ivgi The-Insider
|
|
2004-02-12
|
|
vBulletin 1.0/1.1/2.0.x/2.2.x - Cross-Site Scripting
|
4 |
WEB
|
Jamie Fisher
|
|
2004-02-12
|
|
Macallan Mail Solution Macallan Mail Solution 2.8.4.6 (Build 260) - Web Interface Authentication Byp
|
4 |
WEB
|
Ziv Kamir
|
|
2004-02-11
|
|
BosDev BosDates 3.x - SQL Injection
|
4 |
WEB
|
G00db0y
|
|
2004-02-11
|
|
VisualShapers EZContents 1.x/2.0 - 'archivednews.php' Arbitrary File Inclusion
|
5 |
WEB
|
Cedric Cochin
|
|
2004-02-11
|
|
VisualShapers EZContents 1.x/2.0 - 'db.php' Arbitrary File Inclusion
|
5 |
WEB
|
Cedric Cochin
|
|
2003-12-23
|
|
PHP-Nuke 6.x - 'Category' SQL Injection
|
4 |
WEB
|
pokleyzz
|
|
2004-02-10
|
|
Maxwebportal 1.3x - Personal Message 'SendTo' Cross-Site Scripting
|
4 |
WEB
|
Manuel Lopez
|
