Blog RSSExploits RSSFacebook

WEB

Date D   Description Plat. Author
2004-06-21   SqWebMail 4.0.4.20040524 - Email Header HTML Injection 32 WEB Luca Legato
2004-06-21   osTicket STS 1.2 - Attachment Remote Command Execution 36 WEB Guy Pearce
2004-06-15   phpHeaven phpMyChat 0.14.5 - 'admin.php3' Arbitrary File Access 31 WEB HEX
2004-06-15   phpHeaven phpMyChat 0.14.5 - 'edituser.php3?do_not_login' Authentication Bypass 31 WEB HEX
2004-06-15   phpHeaven phpMyChat 0.14.5 - 'usersL.php3' Multiple SQL Injections 36 WEB HEX
2004-06-15   Web Wiz Forums 7.x - 'Registration_Rules.asp' Cross-Site Scripting 31 WEB Ferruh Mavituna
2004-06-15   Pivot 1.0 - 'module_db.php' Remote File Inclusion 31 WEB loofus
2013-01-18   SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x - Remote Command Execution 30 WEB Nikolas Sotiriu
2013-01-18   SonicWALL GMS/Viewpoint/Analyzer - Authentication Bypass 30 WEB Nikolas Sotiriu
2013-01-18   Linksys WRT54GL Firmware 4.30.15 build 2 - Multiple Vulnerabilities 33 WEB m-1-k-3
2013-01-18   PHP-Charts - Arbitrary PHP Code Execution 31 WEB AkaStep
2004-06-14   Invision Power Board (IP.Board) 1.3 - 'SSI.php' Cross-Site Scripting 30 WEB IMAN Sharafoddin
2004-06-14   Virtual Programming VP-ASP Shoperror Script 4/5 - Cross-Site Scripting 30 WEB Thomas Ryan
2004-06-14   Linksys Web Camera Software 2.10 - 'Next_file' Cross-Site Scripting 33 WEB scriptX
2004-06-11   PHP-Nuke 6.x/7.x Reviews Module - Multiple Cross-Site Scripting Vulnerabilities 30 WEB Janek Vind
2004-06-11   PHP-Nuke 6.x/7.x - Multiple Input Validation Vulnerabilities 35 WEB Janek Vind
2004-06-11   PHP-Nuke 6.x/7.x Reviews Module - 'order' SQL Injection 28 WEB Janek Vind
2004-06-11   PHP-Nuke 6.x/7.x Encyclopedia Module - Multiple Function Cross-Site Scripting Vulnerabilities 31 WEB Janek Vind
2004-06-11   PHP-Nuke 6.x/7.x FAQ Module - 'categories' Cross-Site Scripting 28 WEB Janek Vind
2004-06-10   BlackBoard Learning System 6.0 - Dropbox File Download 30 WEB Maarten Verbeek
2004-06-11   Invision Power Board 1.3 - 'SSI.php' SQL Injection 32 WEB JvdR
2004-06-09   AspDotNetStorefront 3.3 - 'ReturnURL' Cross-Site Scripting 31 WEB Thomas Ryan
2004-06-09   AspDotNetStorefront 3.3 - Access Validation 31 WEB Thomas Ryan
2004-06-09   cPanel 5-9 - Passwd SQL Injection 31 WEB verb0s@virtualnova.net
2013-01-17   Invision Gallery 2.0.5 - SQL Injection 33 WEB Ashiyane Digital Security Team
2004-06-07   NetWin Surgemail 1.8/1.9/2.0 / WebMail 3.1 - Login Form Cross-Site Scripting 32 WEB Donnie Werner
2004-06-07   NetWin Surgemail 1.8/1.9/2.0 / WebMail 3.1 - Error Message Full Path Disclosure 32 WEB Donnie Werner
2004-06-07   Linksys Web Camera Software 2.10 - 'Next_file' File Disclosure 32 WEB John Doe
2004-06-05   cPanel 5-9 - Killacct Script Customer Account DNS Information Deletion 33 WEB qbann targ
2004-06-04   Crafty Syntax Live Help 2.7.3 - Multiple HTML Injection Vulnerabilities 34 WEB HNK Technology Solutions
2004-06-03   Mail Manage EX 3.1.8 MMEX - 'Settings' PHP Remote File Inclusion 32 WEB The Warlock [BhQ]
2004-06-03   SquirrelMail 1.2.x - From Email Header HTML Injection 36 WEB anonymous
2004-06-01   PHP-Nuke 5.x/6.x/7.x - Direct Script Access Security Bypass 33 WEB Squid
2004-06-01   Rit Research Labs TinyWeb 1.9.2 - Unauthorized Script Disclosure 34 WEB Ziv Kamir
2013-01-16   Oracle Application Framework - Diagnostic Mode Bypass 34 WEB Trustwave's SpiderLabs
2013-01-16   Cydia Repo Manager - Cross-Site Request Forgery 34 WEB Ramdan Yantu
2004-05-29   e107 website system 0.6 - 'email article to a friend' Feature Cross-Site Scripting 34 WEB Janek Vind
2004-05-29   e107 website system 0.6 - 'usersettings.php?avmsg' Cross-Site Scripting 32 WEB Janek Vind
2004-05-29   Land Down Under - BBCode HTML Injection 33 WEB Tim De Gier
2004-05-28   jPORTAL 2.2.1 - 'print.php' SQL Injection 30 WEB Maciek Wierciski
2004-05-22   Liferay Enterprise Portal 1.x/2.x/5.0.2 - Multiple Cross-Site Scripting Vulnerabilities 31 WEB Sandeep Giri
2004-05-21   e107 Website System 0.5/0.6 - 'Log.php' HTML Injection 35 WEB Chinchilla
2013-01-15   CMS snews - SQL Injection 30 WEB By onestree
2004-05-18   dsm light Web file browser 2.0 - Directory Traversal 33 WEB Humberto
2004-05-17   PHP-Nuke 6.x/7.x - 'Modpath' File Inclusion 32 WEB waraxe
2004-05-17   osCommerce 2.x - File Manager Directory Traversal 30 WEB Rene
2004-05-17   vBulletin 1.0/2.x/3.0 - 'index.php' User Interface Spoofing 35 WEB p0rk
2004-05-17   TurboTrafficTrader C 1.0 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities 34 WEB Kaloyan Olegov Georgiev
2013-01-14   phpShop 2.0 - SQL Injection 32 WEB By onestree
2004-05-10   Tutorials Manager 1.0 - Multiple SQL Injections 29 WEB Hillel Himovich
2004-05-08   Adam Webb NukeJokes 1.7/2.0 Module - 'modules.php?jokeid' SQL Injection 36 WEB Janek Vind
2004-05-08   Adam Webb NukeJokes 1.7/2.0 Module - Multiple Cross-Site Scripting Vulnerabilities 37 WEB Janek Vind
2004-05-05   SurgeLDAP 1.0 - Web Administration Authentication Bypass 30 WEB GSS IT
2004-05-05   PHPX 3.x - '/forums.php' Cross-Site Request Forgery / Arbitrary Command Execution 34 WEB JeiAr
2004-05-05   PHPX 3.x - '/images.php' Cross-Site Request Forgery / Arbitrary Command Execution 33 WEB JeiAr
2004-05-05   PHPX 3.x - '/user.php' Cross-Site Request Forgery / Arbitrary Command Execution 27 WEB JeiAr
2004-05-05   PHPX 3.x - '/news.php' Cross-Site Request Forgery / Arbitrary Command Execution 28 WEB JeiAr
2004-05-05   PHPX 3.x - '/page.php' Cross-Site Request Forgery / Arbitrary Command Execution 28 WEB JeiAr
2013-01-13   phlyLabs phlyMail Lite 4.03.04 - Full Path Disclosure / Persistent Cross-Site Scripting 29 WEB LiquidWorm
2013-01-13   phlyLabs phlyMail Lite 4.03.04 - 'go' Open Redirect 33 WEB LiquidWorm
2004-05-05   PHPX 3.x - Multiple Cross-Site Scripting Vulnerabilities 28 WEB JeiAr
2004-05-05   Simple Machines Forum (SMF) 1.0 - Size Tag HTML Injection 31 WEB Cheng Peng Su
2004-05-05   E-Zone Media FuzeTalk 2.0 - 'AddUser.cfm' Administrator Command Execution 32 WEB Stuart Jamieson
2004-04-30   Coppermine Photo Gallery 1.2.2b - 'theme.php' Remote File Inclusion 29 WEB Janek Vind
2004-04-30   Coppermine Photo Gallery 1.2.0 RC4 - 'init.inc.php' Remote File Inclusion 29 WEB Janek Vind
2004-04-30   Coppermine Photo Gallery 1.2.0 RC4 - 'startdir' Traversal Arbitrary File Access 30 WEB Janek Vind
2004-04-30   Coppermine Photo Gallery 1.2.2b - 'menu.inc.php' Cross-Site Scripting 30 WEB Janek Vind
2004-04-30   Moodle 1.1/1.2 - Cross-Site Scripting 29 WEB Bartek Nowotarski
2004-04-30   SquirrelMail 1.4.x - Folder Name Cross-Site Scripting 29 WEB Alvin Alex
2004-04-26   OpenBB 1.0.x - Private Message Disclosure 30 WEB Manuel Lopez
2004-04-26   PHP-Nuke 7.2 Multiple Video Gallery Module - SQL Injection 30 WEB k1LL3r B0y
2004-04-26   OpenBB 1.0.x - 'post.php' Multiple SQL Injections 30 WEB JeiAr
2004-04-26   OpenBB 1.0.x - 'search.php?q' SQL Injection 28 WEB JeiAr
2004-04-26   OpenBB 1.0.x - 'member.php' Multiple SQL Injections 32 WEB JeiAr
2004-04-26   OpenBB 1.0.x - 'board.php?FID' SQL Injection 32 WEB JeiAr
2004-04-26   OpenBB 1.0.x - 'index.php?redirect' Cross-Site Scripting 28 WEB JeiAr
2004-04-26   OpenBB 1.0.x - 'post.php?TID' Cross-Site Scripting 30 WEB JeiAr
2004-04-26   OpenBB 1.0.x - 'myhome.php?to' Cross-Site Scripting 31 WEB JeiAr
2004-04-26   OpenBB 1.0.x - 'member.php?redirect' Cross-Site Scripting 29 WEB JeiAr
2004-04-23   Advanced Guestbook 2.2 - 'Password' SQL Injection 31 WEB JQ
2004-04-23   PW New Media Network Modular Site Management System 0.2.1 - 'Ver.asp' Information Disclosure 33 WEB CyberTalon
2004-04-23   Protector System 1.15 - 'blocker_query.php' Multiple Cross-Site Scripting Vulnerabilities 28 WEB waraxe
2004-04-23   Protector System 1.15 b1 - 'index.php' SQL Injection 28 WEB waraxe
2004-04-23   Fusionphp Fusion News 3.6.1 - Cross-Site Scripting 28 WEB DarkBicho
2013-01-11   PHPLiteAdmin 1.9.3 - Remote PHP Code Injection 31 WEB L@usch
2004-04-22   NewsTraXor Website Management Script 2.9 Beta - Database Disclosure 31 WEB CyberTal0n
2004-04-21   PostNuke Phoenix 0.726 - 'openwindow.php?hlpfile' Cross-Site Scripting 30 WEB Janek Vind
2004-04-23   PHProfession 2.5 - 'modules.php?jcode' Cross-Site Scripting 29 WEB Janek Vind
2004-04-23   PHProfession 2.5 - 'upload.php' Direct Request Full Path Disclosure 32 WEB Janek Vind
2004-04-23   PHProfession 2.5 - 'modules.php?offset' SQL Injection 27 WEB Janek Vind
2004-04-19   phpBB 2.0.x - 'album_portal.php' Remote File Inclusion 29 WEB Officerrr
2004-04-19   Phorum 3.4.x - Phorum_URIAuth SQL Injection 28 WEB Janek Vind
2004-04-15   Gemitel 3.50 - '/affich.php' Remote File Inclusion / Command Injection 33 WEB jaguar
2004-04-15   SCT Campus Pipeline 1.0/2.x/3.x - Email Attachment Script Injection 29 WEB spiffomatic 64
2004-04-15   phpBugTracker 0.9 - 'user.php?bugid' Cross-Site Scripting 29 WEB JeiAr
2004-04-15   phpBugTracker 0.9 - 'query.php' Multiple Cross-Site Scripting Vulnerabilities 30 WEB JeiAr
2004-04-15   phpBugTracker 0.9 - 'bug.php' Multiple Cross-Site Scripting Vulnerabilities 29 WEB JeiAr
2004-04-15   phpBugTracker 0.9 - 'bug.php' Multiple SQL Injections 30 WEB JeiAr
2004-04-15   phpBugTracker 0.9 - 'query.php' Multiple SQL Injections 33 WEB JeiAr
2004-04-14   Rhino Software Zaep AntiSpam 2.0 - Cross-Site Scripting 30 WEB Noam Rathaus
2004-04-13   PHP-Nuke 6.x/7.x - Multiple SQL Injections 28 WEB waraxe
2013-01-09   WeBid 1.0.6 - SQL Injection 29 WEB Life Wasted
2013-01-09   Watson Management Console 4.11.2.G - Directory Traversal 33 WEB Dhruv Shah
2013-01-09   Free Blog 1.0 - Multiple Vulnerabilities 30 WEB cr4wl3r
2013-01-09   WebsiteBaker Addon Concert Calendar 2.1.4 - Multiple Vulnerabilities 27 WEB Stefan Schurtz
2004-04-13   Tutos 1.1.20031017 - 'note_overview.php?id' SQL Injection 30 WEB François SORIN
2004-04-13   PHP-Nuke 6.x/7.x - CookieDecode Cross-Site Scripting 31 WEB waraxe
2004-04-12   Nuked-klaN 1.x - Multiple Vulnerabilities 31 WEB frog
2004-04-12   BlackBoard Learning System 5.x/6.0 - Multiple Cross-Site Scripting Vulnerabilities 31 WEB DarC KonQuest
2004-04-12   TikiWiki Project 1.8 - 'tiki-list_blogs.php?offset' SQL Injection 29 WEB JeiAr
2004-04-12   TikiWiki Project 1.8 - 'tiki-list_trackers.php?offset' SQL Injection 31 WEB JeiAr
2004-04-12   TikiWiki Project 1.8 - 'tiki-list_faqs.php?offset' SQL Injection 29 WEB JeiAr
2004-04-12   TikiWiki Project 1.8 - 'tiki-usermenu.php?offset' SQL Injection 31 WEB JeiAr
2004-04-12   TikiWiki Project 1.8 - 'tiki-list_blogs.php?sort_mode' SQL Injection 25 WEB JeiAr
2004-04-12   TikiWiki Project 1.8 - 'tiki-list_trackers.php?sort_mode' SQL Injection 26 WEB JeiAr
2004-04-12   TikiWiki Project 1.8 - 'tiki-list_faqs.php?sort_mode' SQL Injection 28 WEB JeiAr
2004-04-12   TikiWiki Project 1.8 - 'tiki-file_galleries.php?sort_mode' SQL Injection 30 WEB JeiAr
2004-04-12   TikiWiki Project 1.8 - 'tiki-directory_search.php?sort_mode' SQL Injection 26 WEB JeiAr
2004-04-12   TikiWiki Project 1.8 - 'tiki-user_tasks.php?offset & sort_mode' SQL Injections 25 WEB JeiAr
2004-04-12   TikiWiki Project 1.8 - 'tiki-index.php?comments_offset & offset' SQL Injections 26 WEB JeiAr
2013-01-08   WordPress Plugin Google Document Embedder - Arbitrary File Disclosure (Metasploit) 32 WEB Metasploit
2013-01-08   WordPress Plugin Google Document Embedder - Arbitrary File Disclosure (Metasploit) 29 WEB Metasploit
2013-01-08   Advantech Webaccess HMI/SCADA Software - Persistence Cross-Site Scripting 28 WEB SecPod Research
2013-01-08   E Sms Script - Multiple SQL Injections 30 WEB cr4wl3r
2004-04-12   TikiWiki Project 1.8 - 'tiki-browse_categories.php?sort_mode' SQL Injection 30 WEB JeiAr