|
2004-03-22
|
|
vBulletin 2.x - 'private.php' Cross-Site Scripting
|
20 |
WEB
|
JeiAr
|
|
2004-03-20
|
|
Expinion.net News Manager Lite 2.5 - 'NEWS_LOGIN?admin' Cookie Authentication Bypass
|
16 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net News Manager Lite 2.5 - 'news_sort.asp?filter' SQL Injection
|
16 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net News Manager Lite 2.5 - 'category_news.asp?ID' SQL Injection
|
16 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net News Manager Lite 2.5 - 'more.asp?ID' SQL Injection
|
19 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net News Manager Lite 2.5 - 'category_news_headline.asp' Cross-Site Scripting
|
16 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net News Manager Lite 2.5 - 'search.asp' Cross-Site Scripting
|
18 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net News Manager Lite 2.5 - 'comment_add.asp' Cross-Site Scripting
|
18 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net Member Management System 2.1 - 'register.asp?err' Cross-Site Scripting
|
17 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net Member Management System 2.1 - 'error.asp?err' Cross-Site Scripting
|
19 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net Member Management System 2.1 - 'resend.asp?ID' SQL Injection
|
19 |
WEB
|
Manuel Lopez
|
|
2004-03-20
|
|
Expinion.net Member Management System 2.1 - 'news_view.asp?ID' SQL Injection
|
19 |
WEB
|
Manuel Lopez
|
|
2004-03-18
|
|
PHP-Nuke Error Manager Module 2.1 - 'error.php' Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
Janek Vind
|
|
2004-03-18
|
|
PHP-Nuke Error Manager Module 2.1 - 'error.php?language' Full Path Disclosure
|
21 |
WEB
|
Janek Vind
|
|
2004-03-17
|
|
Belchior Foundry VCard 2.8 - Authentication Bypass
|
20 |
WEB
|
saudi linux
|
|
2004-03-16
|
|
PHP-Nuke 6.x/7.0/7.1 - Image Tag Admin Command Execution
|
19 |
WEB
|
Janek Vind
|
|
2004-03-16
|
|
Mambo Open Source 4.5 - 'index.php' SQL Injection
|
21 |
WEB
|
JeiAr
|
|
2013-01-02
|
|
Astium VoIP PBX 2.1 build 25399 - Multiple Vulnerabilities/Remote Command Execution
|
18 |
WEB
|
xistence
|
|
2013-01-02
|
|
e107 1.0.2 - SQL Injection (via Cross-Site Request Forgery)
|
18 |
WEB
|
Joshua Reynolds
|
|
2013-01-02
|
|
e107 1.0.1 - Arbitrary JavaScript Execution (via Cross-Site Request Forgery)
|
16 |
WEB
|
Joshua Reynolds
|
|
2004-03-16
|
|
Mambo Open Source 4.5 - 'index.php?mos_change_template' Cross-Site Scripting
|
21 |
WEB
|
JeiAr
|
|
2004-03-16
|
|
Mambo Open Source 4.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
JeiAr
|
|
2004-03-16
|
|
vBulletin 3.0 - 'showthread.php' Cross-Site Scripting
|
18 |
WEB
|
JeiAr
|
|
2004-03-16
|
|
vBulletin 3.0 - 'forumdisplay.php' Cross-Site Scripting
|
16 |
WEB
|
JeiAr
|
|
2004-01-04
|
|
phpBB 1.x/2.0.x - 'search.php?search_results' SQL Injection
|
20 |
WEB
|
pokleyzz
|
|
2004-03-15
|
|
Phorum 3.x - 'profile.php?target' Cross-Site Scripting
|
21 |
WEB
|
JeiAr
|
|
2004-03-15
|
|
Phorum 3.x - 'login.php' HTTP_REFERER Cross-Site Scripting
|
16 |
WEB
|
JeiAr
|
|
2004-03-15
|
|
Phorum 3.x - 'register.php' HTTP_REFERER Cross-Site Scripting
|
17 |
WEB
|
JeiAr
|
|
2004-03-15
|
|
WarpSpeed 4nAlbum Module 0.92 - 'nmimage.php?z' Cross-Site Scripting
|
20 |
WEB
|
Janek Vind
|
|
2004-03-15
|
|
WarpSpeed 4nAlbum Module 0.92 - 'modules.php?gid' SQL Injection
|
17 |
WEB
|
Janek Vind
|
|
2004-03-15
|
|
WarpSpeed 4nAlbum Module 0.92 - 'displaycategory.php?basepath' Remote File Inclusion
|
13 |
WEB
|
Janek Vind
|
|
2004-03-15
|
|
PHP-Nuke 7.1 Recommend_Us Module - 'fname' Cross-Site Scripting
|
20 |
WEB
|
Janek Vind
|
|
2004-03-15
|
|
VocalTec VGW4/8 Telephony Gateway - Remote Authentication Bypass
|
18 |
WEB
|
Rafel Ivgi The-Insider
|
|
2004-03-15
|
|
YABB SE 1.5.1 - Multiple Cross-Site Scripting Vulnerabilities
|
18 |
WEB
|
Cheng Peng Su
|
|
2004-03-12
|
|
Emumail EMU Webmail 5.2.7 - 'emumail.fcgi' Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
dr_insane
|
|
2004-03-12
|
|
Emumail EMU Webmail 5.2.7 - nit.emu Information Disclosure
|
17 |
WEB
|
dr_insane
|
|
2004-03-12
|
|
cPanel 5/6/7/8/9 - Login Script Remote Command Execution
|
17 |
WEB
|
Arab VieruZ
|
|
2004-03-12
|
|
cPanel 5/6/7/8/9 - 'dir' Cross-Site Scripting
|
19 |
WEB
|
Fable
|
|
2004-03-09
|
|
Confixx 2 - Perl Debugger Remote Command Execution
|
20 |
WEB
|
wkr
|
|
2004-03-09
|
|
Confixx 2 - 'DB' SQL Injection
|
19 |
WEB
|
wkr
|
|
2004-03-09
|
|
Invision Power Board (IP.Board) 1.3 - 'Pop' Cross-Site Scripting
|
18 |
WEB
|
Rafel Ivgi The-Insider
|
|
2004-03-05
|
|
VirtuaSystems VirtuaNews 1.0.x (Multiple Modules) - Cross-Site Scripting
|
19 |
WEB
|
Rafel Ivgi The-Insider
|
|
2004-03-03
|
|
SpiderSales 2.0 Shopping Cart - Multiple Vulnerabilities
|
20 |
WEB
|
Nick Gudov
|
|
2012-12-31
|
|
Joomla! Component Spider Calendar - 'date' Blind SQL Injection
|
21 |
WEB
|
Red-D3v1L
|
|
2012-12-31
|
|
MyBB 1.6.9 - 'editpost.php?posthash' Blind SQL Injection
|
17 |
WEB
|
Joshua Rogers
|
|
2004-03-01
|
|
YaBB SE 1.5.x - Multiple SQL Injections
|
20 |
WEB
|
Alnitak & BackSpace
|
|
2004-03-01
|
|
YaBB SE 1.5.x - Arbitrary File Deletion
|
17 |
WEB
|
Alnitak & BackSpace
|
|
2004-03-01
|
|
IGeneric Free Shopping Cart 1.4 - Cross-Site Scripting
|
21 |
WEB
|
David Sopas Ferreira
|
|
2004-03-01
|
|
IGeneric Free Shopping Cart 1.4 - SQL Injection
|
17 |
WEB
|
David Sopas Ferreira
|
|
2004-03-01
|
|
Invision Power Board (IP.Board) 1.3 - Multiple Cross-Site Scripting Vulnerabilities
|
18 |
WEB
|
Rafel Ivgi The-Insider
|
|
2004-02-24
|
|
Working Resources BadBlue Server 2.40 - 'PHPtest.php' Full Path Disclosure
|
19 |
WEB
|
Rafel Ivgi
|
|
2004-02-23
|
|
LiveJournal 1.1 - CSS HTML Injection
|
20 |
WEB
|
Michael Scovetta
|
|
2004-02-23
|
|
XMB Forum 1.8 - 'forumdisplay.php' Multiple SQL Injections
|
19 |
WEB
|
Janek Vind
|
|
2004-02-23
|
|
XMB Forum 1.8 - BBcode align Tag Cross-Site Scripting
|
16 |
WEB
|
Janek Vind
|
|
2004-02-23
|
|
XMB Forum 1.8 - 'editprofile.php?user' Cross-Site Scripting
|
14 |
WEB
|
Janek Vind
|
|
2004-02-23
|
|
XMB Forum 1.8 - 'u2uadmin.php?uid' Cross-Site Scripting
|
17 |
WEB
|
Janek Vind
|
|
2004-02-23
|
|
EZBoard 7.3 - Font Tag HTML Injection
|
16 |
WEB
|
Cheng Peng Su
|
|
2004-02-23
|
|
phpNewsManager 1.36 - functions Script File Disclosure
|
21 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
WebCortex WebStores2000 - 'error.asp' Cross-Site Scripting
|
21 |
WEB
|
Nick Gudov
|
|
2004-02-18
|
|
Fool's Workshop Owl's Workshop 1.0 - 'resultsignore.php' Arbitrary File Access
|
20 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
Fool's Workshop Owl's Workshop 1.0 - 'readings/index.php' Arbitrary File Access
|
20 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
Fool's Workshop Owl's Workshop 1.0 - '/glossaries/index.php?File' Arbitrary File Access
|
20 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
Fool's Workshop Owl's Workshop 1.0 - 'newmultiplechoice.php' Arbitrary File Access
|
18 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
Fool's Workshop Owl's Workshop 1.0 - 'glossary.php' Arbitrary File Access
|
19 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
Fool's Workshop Owl's Workshop 1.0 - 'multiplechoice/index.php' Arbitrary File Access
|
18 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
eCommerce Corporation Online Store Kit 3.0 - 'listing.php?id' SQL Injection
|
19 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
eCommerce Corporation Online Store Kit 3.0 - 'shop_by_brand.php?cat_manufacturer' SQL Injection
|
15 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
eCommerce Corporation Online Store Kit 3.0 - 'shop.php?cat' SQL Injection
|
20 |
WEB
|
G00db0y
|
|
2003-02-17
|
|
eCommerce Corporation Online Store Kit 3.0 - 'More.php' Cross-Site Scripting
|
20 |
WEB
|
David Sopas Ferreira
|
|
2003-02-17
|
|
eCommerce Corporation Online Store Kit 3.0 - 'More.php?id' SQL Injection
|
17 |
WEB
|
David Sopas Ferreira
|
|
2004-02-16
|
|
YABB SE 1.5 - 'Quote' SQL Injection
|
17 |
WEB
|
BaCkSpAcE
|
|
2004-02-16
|
|
ShopCartCGI 2.3 - genindexpage.cgi Traversal Arbitrary File Access
|
18 |
WEB
|
G00db0y
|
|
2004-02-16
|
|
ShopCartCGI 2.3 - 'gotopage.cgi' Traversal Arbitrary File Access
|
21 |
WEB
|
G00db0y
|
|
2004-02-16
|
|
ProductCart 1.x/2.x - 'Custva.asp?redirectUrl' Cross-Site Scripting
|
19 |
WEB
|
Nick Gudov
|
|
2004-02-16
|
|
ProductCart 1.x/2.x - 'advSearch_h.asp' Multiple SQL Injections
|
21 |
WEB
|
Nick Gudov
|
|
2004-02-16
|
|
ProductCart 1.x/2.x - Weak Cryptography
|
22 |
WEB
|
Nick Gudov
|
|
2004-02-16
|
|
AllMyLinks 0.x - 'footer.inc.php' Arbitrary Code Execution
|
18 |
WEB
|
Pablo Santana
|
|
2004-02-16
|
|
AllMyVisitors 0.x - 'info.inc.php' Arbitrary Code Execution
|
20 |
WEB
|
Pablo Santana
|
|
2004-02-16
|
|
AllMyGuests 0.x - 'info.inc.php' Arbitrary Code Execution
|
19 |
WEB
|
Pablo Santana
|
|
2004-02-01
|
|
ASP Portal - Multiple Vulnerabilities
|
19 |
WEB
|
Manuel Lopez
|
|
2004-02-13
|
|
vBulletin 3.0 - 'search.php' Cross-Site Scripting
|
17 |
WEB
|
Rafel Ivgi The-Insider
|
|
2004-02-12
|
|
vBulletin 1.0/1.1/2.0.x/2.2.x - Cross-Site Scripting
|
22 |
WEB
|
Jamie Fisher
|
|
2004-02-12
|
|
Macallan Mail Solution Macallan Mail Solution 2.8.4.6 (Build 260) - Web Interface Authentication Byp
|
19 |
WEB
|
Ziv Kamir
|
|
2004-02-11
|
|
BosDev BosDates 3.x - SQL Injection
|
16 |
WEB
|
G00db0y
|
|
2004-02-11
|
|
VisualShapers EZContents 1.x/2.0 - 'archivednews.php' Arbitrary File Inclusion
|
20 |
WEB
|
Cedric Cochin
|
|
2004-02-11
|
|
VisualShapers EZContents 1.x/2.0 - 'db.php' Arbitrary File Inclusion
|
19 |
WEB
|
Cedric Cochin
|
|
2003-12-23
|
|
PHP-Nuke 6.x - 'Category' SQL Injection
|
21 |
WEB
|
pokleyzz
|
|
2004-02-10
|
|
Maxwebportal 1.3x - Personal Message 'SendTo' Cross-Site Scripting
|
20 |
WEB
|
Manuel Lopez
|
|
2004-02-10
|
|
Maxwebportal 1.3x - 'down.asp' HTTP_REFERER Cross-Site Scripting
|
17 |
WEB
|
Manuel Lopez
|
|
2012-12-26
|
|
Guru Auction 2.0 - Multiple SQL Injections
|
21 |
WEB
|
v3n0m
|
|
2004-02-09
|
|
PHP-Nuke 6.x/7.x - Public Message SQL Injection
|
16 |
WEB
|
Janek Vind
|
|
2004-02-09
|
|
PHP-Nuke 6.x/7.x 'Reviews' Module - Cross-Site Scripting
|
19 |
WEB
|
Janek Vind
|
|
2004-02-09
|
|
PHP-Nuke 6.x/7.0 'News' Module - Cross-Site Scripting
|
20 |
WEB
|
Janek Vind
|
|
2004-02-06
|
|
OpenJournal 2.0 - Authentication Bypassing
|
18 |
WEB
|
Tri Huynh
|
|
2004-02-05
|
|
Mambo Open Source 4.6 - 'Itemid' Cross-Site Scripting
|
18 |
WEB
|
David Sopas Ferreira
|
|
2004-02-05
|
|
Discuz! 2.0/3.0 - Cross-Site Scripting
|
19 |
WEB
|
Cheng Peng Su
|
|
2004-02-04
|
|
RXGoogle.CGI 1.0/2.5 - Cross-Site Scripting
|
23 |
WEB
|
Shaun Colley
|
|
2004-02-04
|
|
All Enthusiast ReviewPost PHP Pro 2.5 - 'showcat.php' SQL Injection
|
21 |
WEB
|
G00db0y
|
|
2004-02-04
|
|
All Enthusiast ReviewPost PHP Pro 2.5 - 'showproduct.php' SQL Injection
|
20 |
WEB
|
G00db0y
|
|
2004-02-03
|
|
PHPX 3.2.3 - Multiple Vulnerabilities
|
21 |
WEB
|
Manuel L?pez
|
|
2004-02-03
|
|
phpMyAdmin 2.x - 'Export.php' File Disclosure
|
20 |
WEB
|
Cedric Cochin
|
|
2004-02-03
|
|
Qualiteam X-Cart 3.x - Multiple Remote Information Disclosure Vulnerabilities
|
25 |
WEB
|
Philip
|
|
2004-02-03
|
|
Qualiteam X-Cart 3.x - 'upgrade.php?perl_binary' Arbitrary Command Execution
|
23 |
WEB
|
Philip
|
|
2004-02-03
|
|
Qualiteam X-Cart 3.x - 'general.php?perl_binary' Arbitrary Command Execution
|
21 |
WEB
|
Philip
|
|
2004-02-02
|
|
Niti Telecom Caravan Business Server 2.00-03D - Directory Traversal
|
22 |
WEB
|
dr_insane
|
|
2004-02-02
|
|
PHP-Nuke 6.x (Multiple Modules) - SQL Injection
|
20 |
WEB
|
Security Corporation
|
|
2004-01-31
|
|
Aprox Portal 3.0 - File Disclosure
|
18 |
WEB
|
Zero X
|
|
2004-01-31
|
|
Leif M. Wright Web Blog 1.1 - Remote Command Execution
|
21 |
WEB
|
ActualMInd
|
|
2004-01-30
|
|
JBrowser 1.0/2.x - Unauthorized Admin Access
|
17 |
WEB
|
Himeur Nourredine
|
|
2012-12-24
|
|
MyBB AwayList Plugin - 'index.php?id' SQL Injection
|
21 |
WEB
|
Red_Hat
|
|
2012-12-24
|
|
MyBB HM My Country Flags - SQL Injection
|
19 |
WEB
|
JoinSe7en
|
|
2012-12-24
|
|
City Directory Review and Rating Script - 'search.php' SQL Injection
|
23 |
WEB
|
3spi0n
|
|
2004-01-30
|
|
Laurent Adda Les Commentaires 2.0 - PHP Script 'admin.php' Remote File Inclusion
|
23 |
WEB
|
Himeur Nourredine
|
|
2004-01-30
|
|
Laurent Adda Les Commentaires 2.0 - PHP Script 'derniers_commentaires.php' Remote File Inclusion
|
26 |
WEB
|
Himeur Nourredine
|
|
2004-01-30
|
|
Laurent Adda Les Commentaires 2.0 - PHP Script 'fonctions.lib.php' Remote File Inclusion
|
26 |
WEB
|
Himeur Nourredine
|
|
2004-01-30
|
|
JBrowser 1.0/2.x - 'browser.php' Directory Traversal
|
15 |
WEB
|
Himeur Nourredine
|
|
2004-01-30
|
|
PHPGedView 2.x - '[GED_File]_conf.php' Remote File Inclusion
|
17 |
WEB
|
Cedric Cochin
|
|
2004-01-30
|
|
PHPGedView 2.x - 'Editconfig_gedcom.php' Directory Traversal
|
22 |
WEB
|
Cedric Cochin
|
|
2004-01-29
|
|
PJ CGI Neo Review - Directory Traversal
|
22 |
WEB
|
Zone-h Security Team
|
|
2004-01-20
|
|
Leif M. Wright Web Blog 1.1 - File Disclosure
|
20 |
WEB
|
Zone-h Security Team
|
|
2004-01-26
|
|
Kietu 2/3 - 'index.php' Remote File Inclusion
|
21 |
WEB
|
Himeur Nourredine
|
|
2004-01-26
|
|
Xoops 2.0.x - 'viewtopic.php' Cross-Site Scripting
|
23 |
WEB
|
Ben Drysdale
|
|
2004-01-26
|
|
Gallery 1.3.x/1.4 - Remote Global Variable Injection
|
22 |
WEB
|
Bharat Mediratta
|
|
2012-12-21
|
|
Elite Bulletin Board 2.1.21 - Multiple SQL Injections
|
20 |
WEB
|
High-Tech Bridge SA
|
|
2012-12-21
|
|
banana dance b.2.6 - Multiple Vulnerabilities
|
17 |
WEB
|
High-Tech Bridge SA
|
