|
2004-02-18
|
|
WebCortex WebStores2000 - 'error.asp' Cross-Site Scripting
|
7 |
WEB
|
Nick Gudov
|
|
2004-02-18
|
|
Fool's Workshop Owl's Workshop 1.0 - 'resultsignore.php' Arbitrary File Access
|
7 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
Fool's Workshop Owl's Workshop 1.0 - 'readings/index.php' Arbitrary File Access
|
7 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
Fool's Workshop Owl's Workshop 1.0 - '/glossaries/index.php?File' Arbitrary File Access
|
7 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
Fool's Workshop Owl's Workshop 1.0 - 'newmultiplechoice.php' Arbitrary File Access
|
7 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
Fool's Workshop Owl's Workshop 1.0 - 'glossary.php' Arbitrary File Access
|
7 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
Fool's Workshop Owl's Workshop 1.0 - 'multiplechoice/index.php' Arbitrary File Access
|
7 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
eCommerce Corporation Online Store Kit 3.0 - 'listing.php?id' SQL Injection
|
7 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
eCommerce Corporation Online Store Kit 3.0 - 'shop_by_brand.php?cat_manufacturer' SQL Injection
|
7 |
WEB
|
G00db0y
|
|
2004-02-18
|
|
eCommerce Corporation Online Store Kit 3.0 - 'shop.php?cat' SQL Injection
|
7 |
WEB
|
G00db0y
|
|
2003-02-17
|
|
eCommerce Corporation Online Store Kit 3.0 - 'More.php' Cross-Site Scripting
|
7 |
WEB
|
David Sopas Ferreira
|
|
2003-02-17
|
|
eCommerce Corporation Online Store Kit 3.0 - 'More.php?id' SQL Injection
|
7 |
WEB
|
David Sopas Ferreira
|
|
2004-02-16
|
|
YABB SE 1.5 - 'Quote' SQL Injection
|
7 |
WEB
|
BaCkSpAcE
|
|
2004-02-16
|
|
ShopCartCGI 2.3 - genindexpage.cgi Traversal Arbitrary File Access
|
7 |
WEB
|
G00db0y
|
|
2004-02-16
|
|
ShopCartCGI 2.3 - 'gotopage.cgi' Traversal Arbitrary File Access
|
7 |
WEB
|
G00db0y
|
|
2004-02-16
|
|
ProductCart 1.x/2.x - 'Custva.asp?redirectUrl' Cross-Site Scripting
|
7 |
WEB
|
Nick Gudov
|
|
2004-02-16
|
|
ProductCart 1.x/2.x - 'advSearch_h.asp' Multiple SQL Injections
|
8 |
WEB
|
Nick Gudov
|
|
2004-02-16
|
|
ProductCart 1.x/2.x - Weak Cryptography
|
7 |
WEB
|
Nick Gudov
|
|
2004-02-16
|
|
AllMyLinks 0.x - 'footer.inc.php' Arbitrary Code Execution
|
7 |
WEB
|
Pablo Santana
|
|
2004-02-16
|
|
AllMyVisitors 0.x - 'info.inc.php' Arbitrary Code Execution
|
7 |
WEB
|
Pablo Santana
|
|
2004-02-16
|
|
AllMyGuests 0.x - 'info.inc.php' Arbitrary Code Execution
|
7 |
WEB
|
Pablo Santana
|
|
2004-02-01
|
|
ASP Portal - Multiple Vulnerabilities
|
6 |
WEB
|
Manuel Lopez
|
|
2004-02-13
|
|
vBulletin 3.0 - 'search.php' Cross-Site Scripting
|
7 |
WEB
|
Rafel Ivgi The-Insider
|
|
2004-02-12
|
|
vBulletin 1.0/1.1/2.0.x/2.2.x - Cross-Site Scripting
|
7 |
WEB
|
Jamie Fisher
|
|
2004-02-12
|
|
Macallan Mail Solution Macallan Mail Solution 2.8.4.6 (Build 260) - Web Interface Authentication Byp
|
7 |
WEB
|
Ziv Kamir
|
|
2004-02-11
|
|
BosDev BosDates 3.x - SQL Injection
|
7 |
WEB
|
G00db0y
|
|
2004-02-11
|
|
VisualShapers EZContents 1.x/2.0 - 'archivednews.php' Arbitrary File Inclusion
|
8 |
WEB
|
Cedric Cochin
|
|
2004-02-11
|
|
VisualShapers EZContents 1.x/2.0 - 'db.php' Arbitrary File Inclusion
|
8 |
WEB
|
Cedric Cochin
|
|
2003-12-23
|
|
PHP-Nuke 6.x - 'Category' SQL Injection
|
7 |
WEB
|
pokleyzz
|
|
2004-02-10
|
|
Maxwebportal 1.3x - Personal Message 'SendTo' Cross-Site Scripting
|
8 |
WEB
|
Manuel Lopez
|
|
2004-02-10
|
|
Maxwebportal 1.3x - 'down.asp' HTTP_REFERER Cross-Site Scripting
|
8 |
WEB
|
Manuel Lopez
|
|
2012-12-26
|
|
Guru Auction 2.0 - Multiple SQL Injections
|
7 |
WEB
|
v3n0m
|
|
2004-02-09
|
|
PHP-Nuke 6.x/7.x - Public Message SQL Injection
|
6 |
WEB
|
Janek Vind
|
|
2004-02-09
|
|
PHP-Nuke 6.x/7.x 'Reviews' Module - Cross-Site Scripting
|
7 |
WEB
|
Janek Vind
|
|
2004-02-09
|
|
PHP-Nuke 6.x/7.0 'News' Module - Cross-Site Scripting
|
7 |
WEB
|
Janek Vind
|
|
2004-02-06
|
|
OpenJournal 2.0 - Authentication Bypassing
|
8 |
WEB
|
Tri Huynh
|
|
2004-02-05
|
|
Mambo Open Source 4.6 - 'Itemid' Cross-Site Scripting
|
7 |
WEB
|
David Sopas Ferreira
|
|
2004-02-05
|
|
Discuz! 2.0/3.0 - Cross-Site Scripting
|
8 |
WEB
|
Cheng Peng Su
|
|
2004-02-04
|
|
RXGoogle.CGI 1.0/2.5 - Cross-Site Scripting
|
8 |
WEB
|
Shaun Colley
|
|
2004-02-04
|
|
All Enthusiast ReviewPost PHP Pro 2.5 - 'showcat.php' SQL Injection
|
7 |
WEB
|
G00db0y
|
|
2004-02-04
|
|
All Enthusiast ReviewPost PHP Pro 2.5 - 'showproduct.php' SQL Injection
|
7 |
WEB
|
G00db0y
|
|
2004-02-03
|
|
PHPX 3.2.3 - Multiple Vulnerabilities
|
7 |
WEB
|
Manuel L?pez
|
|
2004-02-03
|
|
phpMyAdmin 2.x - 'Export.php' File Disclosure
|
7 |
WEB
|
Cedric Cochin
|
|
2004-02-03
|
|
Qualiteam X-Cart 3.x - Multiple Remote Information Disclosure Vulnerabilities
|
7 |
WEB
|
Philip
|
|
2004-02-03
|
|
Qualiteam X-Cart 3.x - 'upgrade.php?perl_binary' Arbitrary Command Execution
|
9 |
WEB
|
Philip
|
|
2004-02-03
|
|
Qualiteam X-Cart 3.x - 'general.php?perl_binary' Arbitrary Command Execution
|
9 |
WEB
|
Philip
|
|
2004-02-02
|
|
Niti Telecom Caravan Business Server 2.00-03D - Directory Traversal
|
11 |
WEB
|
dr_insane
|
|
2004-02-02
|
|
PHP-Nuke 6.x (Multiple Modules) - SQL Injection
|
6 |
WEB
|
Security Corporation
|
|
2004-01-31
|
|
Aprox Portal 3.0 - File Disclosure
|
7 |
WEB
|
Zero X
|
|
2004-01-31
|
|
Leif M. Wright Web Blog 1.1 - Remote Command Execution
|
7 |
WEB
|
ActualMInd
|
|
2004-01-30
|
|
JBrowser 1.0/2.x - Unauthorized Admin Access
|
7 |
WEB
|
Himeur Nourredine
|
|
2012-12-24
|
|
MyBB AwayList Plugin - 'index.php?id' SQL Injection
|
7 |
WEB
|
Red_Hat
|
|
2012-12-24
|
|
MyBB HM My Country Flags - SQL Injection
|
8 |
WEB
|
JoinSe7en
|
|
2012-12-24
|
|
City Directory Review and Rating Script - 'search.php' SQL Injection
|
7 |
WEB
|
3spi0n
|
|
2004-01-30
|
|
Laurent Adda Les Commentaires 2.0 - PHP Script 'admin.php' Remote File Inclusion
|
9 |
WEB
|
Himeur Nourredine
|
|
2004-01-30
|
|
Laurent Adda Les Commentaires 2.0 - PHP Script 'derniers_commentaires.php' Remote File Inclusion
|
10 |
WEB
|
Himeur Nourredine
|
|
2004-01-30
|
|
Laurent Adda Les Commentaires 2.0 - PHP Script 'fonctions.lib.php' Remote File Inclusion
|
10 |
WEB
|
Himeur Nourredine
|
|
2004-01-30
|
|
JBrowser 1.0/2.x - 'browser.php' Directory Traversal
|
6 |
WEB
|
Himeur Nourredine
|
|
2004-01-30
|
|
PHPGedView 2.x - '[GED_File]_conf.php' Remote File Inclusion
|
7 |
WEB
|
Cedric Cochin
|
|
2004-01-30
|
|
PHPGedView 2.x - 'Editconfig_gedcom.php' Directory Traversal
|
7 |
WEB
|
Cedric Cochin
|
|
2004-01-29
|
|
PJ CGI Neo Review - Directory Traversal
|
9 |
WEB
|
Zone-h Security Team
|
|
2004-01-20
|
|
Leif M. Wright Web Blog 1.1 - File Disclosure
|
9 |
WEB
|
Zone-h Security Team
|
|
2004-01-26
|
|
Kietu 2/3 - 'index.php' Remote File Inclusion
|
6 |
WEB
|
Himeur Nourredine
|
|
2004-01-26
|
|
Xoops 2.0.x - 'viewtopic.php' Cross-Site Scripting
|
8 |
WEB
|
Ben Drysdale
|
|
2004-01-26
|
|
Gallery 1.3.x/1.4 - Remote Global Variable Injection
|
7 |
WEB
|
Bharat Mediratta
|
|
2012-12-21
|
|
Elite Bulletin Board 2.1.21 - Multiple SQL Injections
|
7 |
WEB
|
High-Tech Bridge SA
|
|
2012-12-21
|
|
banana dance b.2.6 - Multiple Vulnerabilities
|
7 |
WEB
|
High-Tech Bridge SA
|
|
2012-12-21
|
|
YeaLink IP Phone SIP-TxxP Firmware 9.70.0.100 - Multiple Vulnerabilities
|
8 |
WEB
|
xistence
|
|
2012-12-21
|
|
SelectSurvey CMS - 'ASP.NET' Arbitrary File Upload
|
7 |
WEB
|
040
|
|
2004-01-20
|
|
DUware Software - Multiple Vulnerabilities
|
7 |
WEB
|
Security Corporation
|
|
2004-01-20
|
|
PHPix 2.0.3 - Arbitrary Command Execution
|
7 |
WEB
|
Max Stepanov
|
|
2004-01-19
|
|
YABB SE 1.x - 'SSI.php' ID_MEMBER SQL Injection
|
7 |
WEB
|
BaCkSpAcE
|
|
2004-01-19
|
|
Mambo Open Source 4.5/4.6 - 'mod_mainmenu.php' Remote File Inclusion
|
7 |
WEB
|
Yo_Soy
|
|
2004-01-16
|
|
MetaDot Portal Server 5.6.x - 'userchannel.pl?op' Cross-Site Scripting
|
7 |
WEB
|
JeiAr
|
|
2004-01-16
|
|
MetaDot Portal Server 5.6.x - 'index.pl' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
JeiAr
|
|
2004-01-16
|
|
MetaDot Portal Server 5.6.x - index.pl Information Disclosure
|
7 |
WEB
|
JeiAr
|
|
2004-01-16
|
|
MetaDot Portal Server 5.6.x - 'index.pl' Multiple SQL Injections
|
7 |
WEB
|
JeiAr
|
|
2004-01-16
|
|
XtremeASP PhotoGallery 2.0 - 'Adminlogin.asp' SQL Injection
|
7 |
WEB
|
posidron
|
|
2004-01-16
|
|
phpShop Web Shopping Cart 0.6.1 -b - Multiple Function Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
JeiAr
|
|
2004-01-10
|
|
VisualShapers EZContents 1.4/2.0 - 'module.php' Remote Command Execution
|
7 |
WEB
|
Zero X
|
|
2004-01-10
|
|
Andy's PHP Projects Man Page Lookup Script - Information Disclosure
|
7 |
WEB
|
Cabezon Aurelien
|
|
2004-01-10
|
|
DansGuardian Webmin Module 0.x - 'edit.cgi' Directory Traversal
|
8 |
WEB
|
FIST
|
|
2004-01-06
|
|
PhpGedView 2.61 - PHPInfo Information Disclosure
|
7 |
WEB
|
Windak
|
|
2004-01-06
|
|
PhpGedView 2.61 - Search Script Cross-Site Scripting
|
7 |
WEB
|
Windak
|
|
2004-01-06
|
|
PHPGedView 2.61 - Multiple Remote File Inclusions
|
8 |
WEB
|
Windak
|
|
2004-01-04
|
|
FreznoShop 1.2.3/1.3 - Search Script Cross-Site Scripting
|
7 |
WEB
|
David S. Ferreira
|
|
2004-01-05
|
|
HotNews 0.x - 'config[incdir]' Remote File Inclusion
|
7 |
WEB
|
Officerrr
|
|
2004-01-05
|
|
HotNews 0.x - 'hotnews-engine.inc.php3?config[header]' Remote File Inclusion
|
7 |
WEB
|
Officerrr
|
|
2004-01-04
|
|
ASP-Nuke 1.0/1.2/1.3 - Remote User Database Access
|
7 |
WEB
|
Vietnamese Security Group
|
|
2004-01-04
|
|
ASPApp PortalApp - Remote User Database Access
|
8 |
WEB
|
newbie6290
|
|
2004-01-02
|
|
Athena Web Registration - Remote Command Execution
|
9 |
WEB
|
Peter Kieser
|
|
2004-01-02
|
|
EasyDynamicPages 1.0 - 'config_page.php' PHP Remote File Inclusion
|
7 |
WEB
|
tsbeginnervn
|
|
2012-12-19
|
|
Enterpriser16 Load Balancer 7.1 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Vulnerability-Lab
|
|
2012-12-19
|
|
SonicWALL SonicOS 5.8.1.8 WAF - Cross-Site Scripting
|
7 |
WEB
|
Vulnerability-Lab
|
|
2012-12-19
|
|
WordPress Theme Clockstone (and other CMSMasters Themes) - Arbitrary File Upload
|
7 |
WEB
|
DigiP
|
|
2003-12-29
|
|
BulletScript MailList - bsml.pl Information Disclosure
|
7 |
WEB
|
M0rf
|
|
2003-12-29
|
|
PHP-ping - 'Count' Command Execution
|
7 |
WEB
|
ppp-design
|
|
2003-12-27
|
|
Private Message System 2.x - 'index.php?Page' Cross-Site Scripting
|
7 |
WEB
|
David S. Ferreira
|
|
2003-12-26
|
|
L-Soft 1.8 - Listserv Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
http-equiv
|
|
2003-12-27
|
|
PHP-Nuke 6.x/7.0 Survey Module - SQL Injection
|
8 |
WEB
|
idtwolf@pisem.net
|
|
2003-12-27
|
|
OpenBB 1.0 - 'board.php' Cross-Site Scripting
|
7 |
WEB
|
gr00vy
|
|
2003-12-24
|
|
Psychoblogger PB-beta1 - errormessage Cross-Site Scripting
|
8 |
WEB
|
Andrew Smith
|
|
2003-12-24
|
|
Psychoblogger PB-beta1 - 'desc' Cross-Site Scripting
|
8 |
WEB
|
Andrew Smith
|
|
2003-12-24
|
|
KnowledgeBuilder 2.0/2.1/3.0 - Remote File Inclusion
|
6 |
WEB
|
Zero X
|
|
2003-12-23
|
|
phpBB 2.0.6 - 'privmsg.php' Cross-Site Scripting
|
7 |
WEB
|
Ben Drysdale
|
|
2003-12-23
|
|
Webfroot Shoutbox 2.32 - 'Viewshoutbox.php' Cross-Site Scripting
|
7 |
WEB
|
Ben Drysdale
|
|
2003-12-23
|
|
My Little Forum 1.3 - 'email.php' Cross-Site Scripting
|
7 |
WEB
|
David S. Ferreira
|
|
2003-12-23
|
|
iSoft-Solutions QuikStore Shopping Cart 2.12 - 'template' Directory Traversal
|
7 |
WEB
|
Dr Ponidi Haryanto
|
|
2003-12-23
|
|
iSoft-Solutions QuikStore Shopping Cart 2.12 - 'store' Full Path Disclosure
|
7 |
WEB
|
Dr Ponidi Haryanto
|
|
2003-12-22
|
|
osCommerce 2.2 - 'manufacturers_id' Cross-Site Scripting
|
7 |
WEB
|
JeiAr
|
|
2003-12-22
|
|
osCommerce 2.2 - 'products_id' SQL Injection
|
7 |
WEB
|
JeiAr
|
|
2003-12-21
|
|
Xoops 2.0.5.1 - 'MyLinks Myheader.php' Cross-Site Scripting
|
7 |
WEB
|
Chintan Trivedi
|
|
2003-12-20
|
|
BES-CMS 0.4/0.5 - 'hacking.php' File Inclusion
|
7 |
WEB
|
frog
|
|
2003-12-20
|
|
BES-CMS 0.4/0.5 - 'folder.php' File Inclusion
|
7 |
WEB
|
frog
|
|
2003-12-20
|
|
BES-CMS 0.4/0.5 - 'start.php' File Inclusion
|
7 |
WEB
|
frog
|
|
2003-12-20
|
|
BES-CMS 0.4/0.5 - 'message.php' File Inclusion
|
7 |
WEB
|
frog
|
|
2003-12-20
|
|
BES-CMS 0.4/0.5 - '/members/index.inc.php' File Inclusion
|
7 |
WEB
|
frog
|
|
2003-12-20
|
|
BES-CMS 0.4/0.5 - 'index.inc.php' File Inclusion
|
7 |
WEB
|
frog
|
|
2012-12-17
|
|
PHPWCMS 1.5.4.6 - 'preg_replace' Multiple Vulnerabilities
|
7 |
WEB
|
aeon
|
|
2003-12-18
|
|
SiteInteractive Subscribe Me - 'Setup.pl' Arbitrary Command Execution
|
7 |
WEB
|
Paul Craig
|
|
2003-12-17
|
|
osCommerce 2.2 - 'osCsid' Cross-Site Scripting
|
8 |
WEB
|
JeiAr
|
|
2003-12-16
|
|
Aardvark Topsites 4.1 PHP - Multiple Vulnerabilities
|
7 |
WEB
|
JeiAr
|
|
2003-12-15
|
|
elektropost episerver 3/4 - Multiple Vulnerabilities
|
7 |
WEB
|
babbelbubbel
|
|
2003-12-13
|
|
osCommerce 2.2 - SQL Injection
|
8 |
WEB
|
GulfTech Security
|
|
2003-12-11
|
|
RemotelyAnywhere - Default.HTML Logout Message Injection
|
7 |
WEB
|
Oliver Karow
|
