|
2012-12-13
|
|
MyYoutube MyBB Plugin 1.0 - SQL Injection
|
5 |
WEB
|
Zixem
|
|
2003-11-04
|
|
John Beatty Easy PHP Photo Album 1.0 - 'dir' HTML Injection
|
4 |
WEB
|
nimber@designer.ru
|
|
2003-11-04
|
|
OpenAutoClassifieds 1.0 - 'Listing' Cross-Site Scripting
|
4 |
WEB
|
David Sopas Ferreira
|
|
2003-11-03
|
|
VieNuke VieBoard 2.6 - SQL Injection
|
5 |
WEB
|
ekerazha@yahoo.it
|
|
2003-11-02
|
|
PHPKit 1.6 - 'Include.php' Cross-Site Scripting
|
3 |
WEB
|
ben.moeckel@badwebmasters.net
|
|
2003-11-03
|
|
MPM Guestbook 1.2 - Cross-Site Scripting
|
4 |
WEB
|
David Ferreira
|
|
2003-11-03
|
|
Web Wiz Forum 6.34/7.0/7.5 - Unauthorized Private Forum Access
|
4 |
WEB
|
Alexander Antipov
|
|
2003-11-03
|
|
Synthetic Reality SymPoll 1.5 - Cross-Site Scripting
|
5 |
WEB
|
Michael Frame
|
|
2003-11-01
|
|
http commander 4.0 - Directory Traversal
|
5 |
WEB
|
Zero X
|
|
2012-12-12
|
|
Axway Secure Transport 5.1 SP2 - Directory Traversal
|
4 |
WEB
|
Sebastian Perez
|
|
2012-12-12
|
|
TipsOfTheDay MyBB Plugin - Multiple Vulnerabilities
|
4 |
WEB
|
VipVince
|
|
2003-10-31
|
|
Tritanium Scripts Tritanium Bulletin Board 1.2.3 - Unauthorized Access
|
4 |
WEB
|
Virginity Security
|
|
2003-10-31
|
|
BEA WebLogic 6/7/8 - InteractiveQuery.jsp Cross-Site Scripting
|
4 |
WEB
|
Corsaire Limited
|
|
2003-10-30
|
|
Ledscripts LedForums - Multiple HTML Injections
|
4 |
WEB
|
ProXy
|
|
2003-10-27
|
|
Les Visiteurs 2.0 - Remote File Inclusion
|
5 |
WEB
|
Matthieu Peschaud
|
|
2003-10-27
|
|
Chi Kien Uong Guestbook 1.51 - Cross-Site Scripting
|
4 |
WEB
|
Joshua P. Miller
|
|
2012-12-11
|
|
PHP-Nuke 8.2.4 - Cross-Site Request Forgery
|
4 |
WEB
|
sajith
|
|
2012-12-11
|
|
MyBB Profile Blogs Plugin 1.2 - Multiple Vulnerabilities
|
4 |
WEB
|
Zixem
|
|
2012-12-11
|
|
Joomla! Component com_jooproperty 1.13.0 - Multiple Vulnerabilities
|
4 |
WEB
|
D4NB4R
|
|
2012-12-11
|
|
MyBB Bank- 3 Plugin - SQL Injection
|
4 |
WEB
|
Red_Hat
|
|
2003-10-22
|
|
DansGuardian 2.2.x - Denied URL Cross-Site Scripting
|
4 |
WEB
|
Richard Maudsley
|
|
2003-10-21
|
|
FuzzyMonkey 2.11 - MyClassifieds Email Variable SQL Injection
|
4 |
WEB
|
Ezhilan
|
|
2003-10-21
|
|
Vivisimo Clustering Engine - Search Script Cross-Site Scripting
|
4 |
WEB
|
ComSec
|
|
2003-10-20
|
|
Dansie Shopping Cart - Server Error Message Installation Full Path Disclosure
|
4 |
WEB
|
Dr_Ponidi
|
|
2003-10-20
|
|
DeskPro 1.1 - Multiple SQL Injections
|
3 |
WEB
|
Aviram Jenik
|
|
2003-10-20
|
|
Caucho Resin 2.0/2.1 - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Donnie Werner
|
|
2003-10-20
|
|
Bytehoard 0.7 - File Disclosure
|
3 |
WEB
|
Ezhilan
|
|
2003-10-19
|
|
Geeklog 1.3.8 - Forgot Password SQL Injection
|
4 |
WEB
|
Jouko Pynnonen
|
|
2003-10-18
|
|
GoldLink 3.0 - Cookie SQL Injection
|
4 |
WEB
|
Weke
|
|
2003-10-15
|
|
Macromedia ColdFusion MX 6.0 - SQL Error Message Cross-Site Scripting
|
5 |
WEB
|
Lorenzo Hernandez Garcia-Hierro
|
|
2012-12-09
|
|
Achievo 1.4.5 - Multiple Vulnerabilities (2)
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2012-12-09
|
|
Clipbucket 2.6 Revision 738 - Multiple SQL Injections
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2012-12-09
|
|
Cisco DPC2420 - Multiples Vulnerabilities
|
5 |
WEB
|
Facundo M. de la Cruz
|
|
2012-12-09
|
|
MyBB KingChat Plugin - Persistent Cross-Site Scripting
|
4 |
WEB
|
VipVince
|
|
2003-10-14
|
|
WrenSoft Zoom Search Engine 2.0 Build: 1018 - Cross-Site Scripting
|
4 |
WEB
|
Ezhilan
|
|
2003-10-11
|
|
Gallery 1.4 - 'index.php' Remote File Inclusion
|
4 |
WEB
|
peter
|
|
2003-10-08
|
|
PHP-Nuke 6.6 - 'admin.php' SQL Injection
|
4 |
WEB
|
1dt.w0lf
|
|
2003-10-08
|
|
GeekLog 1.3.x - HTML Injection
|
4 |
WEB
|
Jelmer
|
|
2003-10-08
|
|
PayPal Store Front 3.0 - 'index.php' Remote File Inclusion
|
4 |
WEB
|
Zone-h Security Team
|
|
2003-10-05
|
|
GuppY 2.4 - Remote File Access
|
4 |
WEB
|
frog
|
|
2003-10-05
|
|
GuppY 2.4 - Cross-Site Scripting
|
4 |
WEB
|
frog
|
|
2003-10-04
|
|
EternalMart Mailing List Manager 1.32 - Remote File Inclusion
|
6 |
WEB
|
frog
|
|
2003-10-03
|
|
Divine Content Server 5.0 - Error Page Cross-Site Scripting
|
5 |
WEB
|
valgasu
|
|
2003-10-03
|
|
Sun Cobalt RaQ 1.1/2.0/3.0/4.0 - 'Message.cgi' Cross-Site Scripting
|
4 |
WEB
|
Lorenzo Hernandez Garcia-Hierro
|
|
2003-10-03
|
|
WordPress Core 0.6/0.7 - 'Blog.header.php' SQL Injection
|
4 |
WEB
|
Seth Woolley
|
|
2003-10-01
|
|
mpnews pro 2.1.0.18 - Directory Traversal Information Disclosure
|
4 |
WEB
|
Gama Sec
|
|
2003-10-01
|
|
Atrise Everyfind 5.0.2 - search Cross-Site Scripting
|
4 |
WEB
|
Ezhilan
|
|
2003-10-01
|
|
DCP-Portal 5.5 - 'lostpassword.php?email' SQL Injection
|
4 |
WEB
|
Lifo Fifo
|
|
2003-10-01
|
|
DCP-Portal 5.5 - 'advertiser.php?Password' SQL Injection
|
6 |
WEB
|
Lifo Fifo
|
|
2012-12-07
|
|
m0n0wall 1.33 - Multiple Cross-Site Request Forgery Vulnerabilities
|
4 |
WEB
|
Yann CAM
|
|
2003-09-29
|
|
Alan Ward A-Cart 2.0 - MSG Cross-Site Scripting
|
4 |
WEB
|
G00db0y
|
|
2003-09-29
|
|
Geeklog 1.3.x - Cross-Site Scripting
|
4 |
WEB
|
Lorenzo Hernandez Garcia-Hierro
|
|
2003-09-29
|
|
Geeklog 1.3.x - SQL Injection
|
4 |
WEB
|
Lorenzo Hernandez Garcia-Hierro
|
|
2003-09-29
|
|
GuppY 2.4 - HTML Injection
|
4 |
WEB
|
David Suzanne
|
|
2003-09-25
|
|
Software602 602Pro LAN SUITE 2003 - Sensitive User Information Storage
|
4 |
WEB
|
Phuong Nguyen
|
|
2012-12-06
|
|
Kordil EDms 2.2.60rc3 - SQL Injection
|
4 |
WEB
|
Woody Hughes
|
|
2003-09-24
|
|
yMonda Thread-IT 1.6 - Multiple HTML Injections
|
4 |
WEB
|
Bahaa Naamneh
|
|
2003-09-20
|
|
myPHPNuke 1.8.8 - 'auth.inc.php' SQL Injection
|
4 |
WEB
|
Lifo Fifo
|
|
2003-09-19
|
|
Flying Dog Software Powerslave 4.3 Portalmanager - 'sql_id' Information Disclosure
|
4 |
WEB
|
H Zero Seven
|
|
2003-09-18
|
|
Mambo Site Server 4.0.14 - 'contact.php' Unauthorized Mail Relay
|
4 |
WEB
|
Lifo Fifo
|
|
2003-09-18
|
|
Mambo Site Server 4.0.14 - 'emailarticle.php?id' SQL Injection
|
4 |
WEB
|
Lifo Fifo
|
|
2003-09-18
|
|
Mambo Site Server 4.0.14 - 'banners.php?bid' SQL Injection
|
3 |
WEB
|
Lifo Fifo
|
|
2003-09-16
|
|
NetWin DBabble 2.5 i - Cross-Site Scripting
|
4 |
WEB
|
dr_insane
|
|
2003-09-12
|
|
vbPortal 2.0 alpha 8.1 - (Authenticated) SQL Injection
|
3 |
WEB
|
frog
|
|
2012-12-04
|
|
Advantech Studio 7.0 - SCADA/HMI Directory Traversal
|
4 |
WEB
|
Nin3
|
|
2003-09-09
|
|
Invision Power Board (IP.Board) 1.x - 'index.php' showtopic Cross-Site Scripting
|
5 |
WEB
|
Boy Bear
|
|
2003-09-09
|
|
Escapade 0.2.1 Beta Scripting Engine - 'PAGE' Full Path Disclosure
|
4 |
WEB
|
Bahaa Naamneh
|
|
2003-09-09
|
|
Escapade 0.2.1 Beta Scripting Engine - 'PAGE' Cross-Site Scripting
|
5 |
WEB
|
Bahaa Naamneh
|
|
2003-09-08
|
|
phpBB 2.0.6 - URL BBCode HTML Injection
|
5 |
WEB
|
keupon_ps2
|
|
2003-09-08
|
|
ICQ 2003 - Webfront Guestbook Cross-Site Scripting
|
4 |
WEB
|
Donnie Werner
|
|
2012-12-03
|
|
FirePass SSL VPN - Local File Inclusion
|
4 |
WEB
|
SEC Consult
|
|
2012-12-03
|
|
Symantec Messaging Gateway 9.5.3-3 - Arbitrary File Download
|
4 |
WEB
|
Ben Williams
|
|
2012-12-03
|
|
Symantec Messaging Gateway 9.5.3-3 - Cross-Site Request Forgery
|
4 |
WEB
|
Ben Williams
|
|
2012-12-03
|
|
SchoolCMS - Persistent Cross-Site Scripting
|
4 |
WEB
|
VipVince
|
|
2012-12-03
|
|
MyBB KingChat Plugin - SQL Injection
|
4 |
WEB
|
Red_Hat
|
|
2003-09-05
|
|
Digital Scribe 1.x - Error Function Cross-Site Scripting
|
6 |
WEB
|
Secunia
|
|
2003-09-03
|
|
WebCalendar 0.9.x (Multiple Modules) - SQL Injection
|
7 |
WEB
|
noconflic
|
|
2003-09-01
|
|
Sitebuilder 1.4 - 'sitebuilder.cgi' Directory Traversal
|
4 |
WEB
|
Zero X
|
|
2003-09-01
|
|
TSguestbook 2.1 - 'Message' HTML Injection
|
4 |
WEB
|
Trash-80
|
|
2003-09-01
|
|
Ezboard - 'invitefriends.php3' Cross-Site Scripting
|
3 |
WEB
|
David F. Madrid
|
|
2003-08-27
|
|
eNdonesia 8.2/8.3 - 'Mod' Cross-Site Scripting
|
4 |
WEB
|
Bahaa Naamneh
|
|
2003-08-27
|
|
AldWeb MiniPortail 1.9/2.x - 'LNG' Cross-Site Scripting
|
4 |
WEB
|
Bahaa Naamneh
|
|
2003-08-26
|
|
Attila PHP 3.0 - SQL Injection Unauthorized Privileged Access
|
7 |
WEB
|
frog
|
|
2003-08-26
|
|
Py-Membres 4.x - 'Pass_done.php' SQL Injection
|
4 |
WEB
|
frog
|
|
2003-08-26
|
|
Py-Membres 4.x - 'Secure.php' Unauthorized Access
|
5 |
WEB
|
frog
|
|
2003-08-25
|
|
Netbula Anyboard 9.9.5 6 - Information Disclosure
|
4 |
WEB
|
cyber talon
|
|
2003-08-25
|
|
newsPHP 216 - Authentication Bypass
|
4 |
WEB
|
Officerrr
|
|
2003-08-25
|
|
newsPHP 216 - Remote File Inclusion
|
4 |
WEB
|
Officerrr
|
|
2003-08-23
|
|
IdealBB 1.4.9 Beta - HTML Injection
|
4 |
WEB
|
Scott M
|
|
2003-08-18
|
|
Fusion News 3.3 - Unauthorized Account Addition
|
5 |
WEB
|
DarkKnight
|
|
2003-08-16
|
|
MatrikzGB Guestbook 2.0 - Administrative Privilege Escalation
|
5 |
WEB
|
Stephan Sattler
|
|
2003-08-15
|
|
Poster 2.0 - Unauthorized Privileged User Access
|
4 |
WEB
|
DarkKnight
|
|
2003-08-13
|
|
Clickcess ChitChat.NET - topic title Cross-Site Scripting
|
4 |
WEB
|
G00db0y
|
|
2003-08-13
|
|
Clickcess ChitChat.NET - name Cross-Site Scripting
|
4 |
WEB
|
G00db0y
|
|
2012-11-30
|
|
SilverStripe CMS 3.0.2 - (Multiple Vulnerabilities) Cross-Site Scripting / Cross-Site Request Forger
|
4 |
WEB
|
Sense of Security
|
|
2012-11-30
|
|
SmartCMS - '/index.php?menuitem' SQL Injection / Cross-Site Scripting
|
4 |
WEB
|
Yakir Wizman
|
|
2012-11-30
|
|
Free Hosting Manager 2.0 - 'id' SQL Injection
|
4 |
WEB
|
Yakir Wizman
|
|
2003-08-13
|
|
HolaCMS 1.2.x - 'HTMLtags.php' Local File Inclusion
|
4 |
WEB
|
Virginity Security
|
|
2003-08-13
|
|
Xoops 1.0/1.3.x - BBCode HTML Injection
|
4 |
WEB
|
frog
|
|
2003-08-13
|
|
SurgeLDAP 1.0 d - 'User.cgi' Cross-Site Scripting
|
4 |
WEB
|
Ziv Kamir
|
|
2003-08-12
|
|
Eudora WorldMail 2.0 - Search Cross-Site Scripting
|
6 |
WEB
|
Donnie Werner
|
|
2003-08-12
|
|
HostAdmin - Full Path Disclosure
|
4 |
WEB
|
G00db0y
|
|
2003-08-11
|
|
PHPOutsourcing Zorum 3.4 - Full Path Disclosure
|
4 |
WEB
|
Zone-h Security Team
|
|
2003-08-11
|
|
phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 earch Module - 'PDA_limit' Cross-Site Scripting
|
5 |
WEB
|
Lorenzo Hernandez Garcia-Hierro
|
|
2003-08-11
|
|
phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 pagemaster Module - 'PAGE_id' Cross-Site Scripting
|
4 |
WEB
|
Lorenzo Hernandez Garcia-Hierro
|
|
2003-08-11
|
|
phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 fatcat Module - 'fatcat_id' Cross-Site Scripting
|
4 |
WEB
|
Lorenzo Hernandez Garcia-Hierro
|
|
2003-08-11
|
|
phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 Calendar Module - 'day' Cross-Site Scripting
|
4 |
WEB
|
Lorenzo Hernandez Garcia-Hierro
|
|
2003-08-11
|
|
PHP Website 0.7.3/0.8.2/0.8.3/0.9.2 Calendar Module - SQL Injection
|
3 |
WEB
|
Lorenzo Hernandez Garcia-Hierro
|
|
2003-08-11
|
|
News Wizard 2.0 - Full Path Disclosure
|
4 |
WEB
|
G00db0y
|
|
2003-08-11
|
|
PHPOutSourcing Zorum 3.x - Cross-Site Scripting
|
4 |
WEB
|
G00db0y
|
|
2003-08-11
|
|
Better Basket Pro 3.0 Store Builder - Full Path Disclosure
|
4 |
WEB
|
G00db0y
|
|
2003-08-11
|
|
Stellar Docs 1.2 - Full Path Disclosure
|
4 |
WEB
|
G00db0y
|
|
2003-08-11
|
|
DCForum+ 1.2 - 'Subject' HTML Injection
|
4 |
WEB
|
G00db0y
|
|
2012-11-29
|
|
FCKEditor Core ASP 2.6.8 - Arbitrary File Upload Protection Bypass
|
4 |
WEB
|
Soroush Dalili
|
|
2012-11-29
|
|
Oracle OpenSSO 8.0 - Multiple Cross-Site Scripting POST Injection Vulnerabilities
|
4 |
WEB
|
LiquidWorm
|
|
2003-08-09
|
|
Invision Power Board (IP.Board) 1.0/1.1/1.2 - 'admin.php' Cross-Site Scripting
|
4 |
WEB
|
Boy Bear
|
|
2003-08-09
|
|
geeeekShop 1.4 - Information Disclosure
|
4 |
WEB
|
G00db0y
|
|
2003-08-08
|
|
PostNuke 0.6/0.7 web_links Module - TTitle Cross-Site Scripting
|
4 |
WEB
|
Lorenzo Hernandez Garcia-Hierro
|
|
2003-08-08
|
|
PostNuke 0.6/0.7 Downloads Module - TTitle Cross-Site Scripting
|
5 |
WEB
|
Lorenzo Hernandez Garcia-Hierro
|
|
2003-08-08
|
|
C-Cart 1.0 - Full Path Disclosure
|
5 |
WEB
|
G00db0y
|
|
2003-08-07
|
|
IdealBB 1.4.9 - 'error.asp' Cross-Site Scripting
|
3 |
WEB
|
G00db0y
|
|
2003-08-06
|
|
vBulletin 3.0 - 'register.php' HTML Injection
|
4 |
WEB
|
Ferruh Mavituna
|
|
2003-08-04
|
|
Macromedia Dreamweaver MX 6.0 - PHP User Authentication Suite Cross-Site Scripting
|
5 |
WEB
|
Lorenzo Hernandez Garcia-Hierro
|
|
2003-07-31
|
|
MOD Guthabenhack 1.3 For Woltlab Burning Board - SQL Injection
|
4 |
WEB
|
ben.moeckel@badwebmasters.net
|
|
2012-11-28
|
|
gleamtech filevista/fileultimate 4.6 - Directory Traversal
|
4 |
WEB
|
Soroush Dalili
|
