|
2003-07-02
|
|
Verity K2 Toolkit 2.20 Query Builder Search Script - Cross-Site Scripting
|
20 |
WEB
|
SSR Team
|
|
2012-11-20
|
|
WordPress Plugin Facebook Survey 1.0 - SQL Injection
|
22 |
WEB
|
Vulnerability Research Laboratory
|
|
2012-11-20
|
|
SonicWALL CDP 5040 6.x - Multiple Vulnerabilities
|
21 |
WEB
|
Vulnerability-Lab
|
|
2003-07-02
|
|
Verity K2 Toolkit 2.20 - Cross-Site Scripting
|
22 |
WEB
|
SSR Team
|
|
2003-06-30
|
|
PABox 1.6 - Password Reset
|
25 |
WEB
|
silentscripter
|
|
2003-06-29
|
|
MegaBook 1.1/2.0/2.1 - Multiple HTML Injection Vulnerabilities
|
34 |
WEB
|
Morning Wood
|
|
2003-06-29
|
|
CutePHP CuteNews 1.3 - HTML Injection
|
23 |
WEB
|
Peter Winter-Smith
|
|
2003-06-26
|
|
iXmail 0.2/0.3 - 'iXmail_NetAttach.php' File Deletion
|
25 |
WEB
|
leseulfrog
|
|
2012-11-19
|
|
weBid 1.0.5 - Directory Traversal
|
20 |
WEB
|
loneferret
|
|
2012-11-19
|
|
WeBid 1.0.5 - Cross-Site Scripting
|
28 |
WEB
|
Woody Hughes
|
|
2003-06-23
|
|
VisNetic WebMail 5.8.6 .6 - Information Disclosure
|
22 |
WEB
|
posidron
|
|
2003-06-23
|
|
XMB Forum 1.8 - 'buddy.php?action' Cross-Site Scripting
|
23 |
WEB
|
Knight Commander
|
|
2003-06-23
|
|
XMB Forum 1.8 - 'member.php?member' Cross-Site Scripting
|
20 |
WEB
|
Knight Commander
|
|
2003-06-20
|
|
Tutos 1.1 - File_New Arbitrary File Upload
|
22 |
WEB
|
François SORIN
|
|
2003-06-20
|
|
Tutos 1.1 - 'File_Select.php' Cross-Site Scripting
|
22 |
WEB
|
François SORIN
|
|
2003-06-20
|
|
WebJeff FileManager 1.6 - File Disclosure
|
22 |
WEB
|
Adam Stephens
|
|
2003-06-19
|
|
pMachine 1.0/2.x - Search Module Cross-Site Scripting
|
20 |
WEB
|
Lorenzo Hernandez Garcia-Hierro
|
|
2003-06-19
|
|
pMachine 1.0/2.x - Multiple Script 'sfx' Full Path Disclosures
|
21 |
WEB
|
Lorenzo Hernandez Garcia-Hierro
|
|
2003-06-19
|
|
pMachine 1.0/2.x - '/lib/' Multiple Script Direct Request Full Path Disclosures
|
27 |
WEB
|
Lorenzo Hernandez Garcia-Hierro
|
|
2003-06-17
|
|
Tmax Soft JEUS 3.1.4 p1 - URL.jsp Cross-Site Scripting
|
23 |
WEB
|
Jeremy Bae
|
|
2003-06-18
|
|
Kerio MailServer 5.6.3 - Web Mail DO_MAP Module Cross-Site Scripting
|
18 |
WEB
|
David F.Madrid
|
|
2003-06-18
|
|
Kerio MailServer 5.6.3 - Web Mail ADD_ACL Module Cross-Site Scripting
|
22 |
WEB
|
David F.Madrid
|
|
2003-06-18
|
|
phpMyAdmin 2.x - Information Disclosure
|
23 |
WEB
|
Lorenzo Manuel Hernandez Garcia-Hierro
|
|
2003-06-17
|
|
SquirrelMail 1.2.11 - Multiple Vulnerabilities
|
24 |
WEB
|
dr_insane
|
|
2003-06-17
|
|
SquirrelMail 1.2.11 Administrator Plugin - 'options.php' Arbitrary Admin Account Creation
|
27 |
WEB
|
dr_insane
|
|
2003-06-17
|
|
SquirrelMail 1.2.11 - 'move_messages.php' Arbitrary File Moving
|
24 |
WEB
|
dr_insane
|
|
2003-06-16
|
|
Snitz Forums 2000 3.4.03 - 'search.asp' Cross-Site Scripting
|
23 |
WEB
|
JeiAr
|
|
2003-06-16
|
|
LedNews 0.7 Post Script - Code Injection
|
19 |
WEB
|
gilbert vilvoorde
|
|
2003-06-15
|
|
PMachine 2.2.1 - '/Lib.Inc.php' Remote File Inclusion / Command Execution
|
21 |
WEB
|
frog
|
|
2003-06-12
|
|
Infinity CGI Exploit Scanner 3.11 - Remote Command Execution
|
23 |
WEB
|
badpack3t
|
|
2003-06-12
|
|
Infinity CGI Exploit Scanner 3.11 - Cross-Site Scripting
|
23 |
WEB
|
badpack3t
|
|
2003-06-13
|
|
PostNuke 0.723 - 'user.php' UNAME Cross-Site Scripting
|
21 |
WEB
|
David F. Madrid
|
|
2012-11-16
|
|
friendsinwar FAQ Manager - 'view_faq.php?question' SQL Injection
|
23 |
WEB
|
unsuprise
|
|
2003-06-13
|
|
Sphera HostingDirector 1.0/2.0/3.0 VDS Control Panel - Multiple Cross-Site Scripting Vulnerabilities
|
28 |
WEB
|
Lorenzo Hernandez Garcia-Hierro
|
|
2003-06-13
|
|
PostNuke 0.723 - Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
David F. Madrid
|
|
2003-06-13
|
|
Sphera HostingDirector 1.0/2.0/3.0 - VDS Control Panel Account Configuration Modification
|
23 |
WEB
|
Lorenzo Hernandez Garcia-Hierro
|
|
2003-06-09
|
|
H-Sphere 2.x - HTML Template Inclusion Cross-Site Scripting
|
19 |
WEB
|
Lorenzo Hernandez Garcia-Hierro
|
|
2003-06-06
|
|
Zentrack 2.2/2.3/2.4 - 'index.php' Remote File Inclusion
|
21 |
WEB
|
farking
|
|
2003-06-06
|
|
Maxwebportal 1.30 - Remote Database Disclosure
|
25 |
WEB
|
JeiAr
|
|
2003-06-06
|
|
Maxwebportal 1.30 - 'search.asp?Search' Cross-Site Scripting
|
22 |
WEB
|
JeiAr
|
|
2003-06-06
|
|
Synkron.Web 3.0 - HTML Injection
|
24 |
WEB
|
Gyrniff
|
|
2003-06-05
|
|
ImageFolio 2.2x/3.0/3.1 - 'Admin.cgi' Directory Traversal
|
23 |
WEB
|
Paul Craig
|
|
2012-11-15
|
|
ReciPHP 1.1 - SQL Injection
|
18 |
WEB
|
cr4wl3r
|
|
2012-11-15
|
|
BabyGekko 1.2.2e - Multiple Vulnerabilities
|
20 |
WEB
|
High-Tech Bridge SA
|
|
2012-11-15
|
|
Friends in War Make or Break 1.3 - Authentication Bypass
|
21 |
WEB
|
d3b4g
|
|
2012-11-15
|
|
iDev Rentals 1.0 - Multiple Vulnerabilities
|
27 |
WEB
|
Vulnerability-Lab
|
|
2003-06-04
|
|
Mailtraq 2.2 - Webmail Utility Full Path Disclosure
|
24 |
WEB
|
Ziv Kamir
|
|
2003-06-04
|
|
Mailtraq 2.2 - 'Browse.asp' Cross-Site Scripting
|
23 |
WEB
|
Ziv Kamir
|
|
2002-10-12
|
|
PHP 4 - 'PHPInfo()' Cross-Site Scripting
|
19 |
WEB
|
Matthew Murphy
|
|
2003-06-04
|
|
Xpressions Interactive - Multiple SQL Injections
|
20 |
WEB
|
Paul Craig
|
|
2003-06-02
|
|
SPChat 0.8 Module - Remote File Inclusion
|
21 |
WEB
|
Rynho Zeros Web
|
|
2003-06-02
|
|
WebChat 2.0 - 'users.php' Cross-Site Scripting
|
22 |
WEB
|
Rynho Zeros Web
|
|
2003-06-02
|
|
WebChat 2.0 - 'users.php?Database Username Disclosure
|
19 |
WEB
|
Rynho Zeros Web
|
|
2012-11-14
|
|
MYRE Realty Manager - Multiple Vulnerabilities
|
24 |
WEB
|
d3b4g
|
|
2012-11-14
|
|
MYREphp Vacation Rental Software - Multiple Vulnerabilities
|
23 |
WEB
|
d3b4g
|
|
2012-11-14
|
|
Myrephp Business Directory - Multiple Vulnerabilities
|
21 |
WEB
|
d3b4g
|
|
2012-11-14
|
|
friendsinwar FAQ Manager - SQL Injection / Authentication Bypass
|
19 |
WEB
|
d3b4g
|
|
2012-11-14
|
|
Narcissus - Remote Command Execution
|
23 |
WEB
|
dun
|
|
2012-11-14
|
|
dotProject 2.1.6 - Remote File Inclusion
|
23 |
WEB
|
dun
|
|
2003-06-02
|
|
Webfroot Shoutbox 2.32 - 'Expanded.php' Directory Traversal
|
22 |
WEB
|
_6mO_HaCk
|
|
2003-06-02
|
|
Webchat 2.0 Module - Full Path Disclosure
|
22 |
WEB
|
Rynho Zeros Web
|
|
2003-06-02
|
|
Webfroot Shoutbox 2.32 - 'Expanded.php' Remote Command Execution
|
23 |
WEB
|
_6mO_HaCk
|
|
2003-05-31
|
|
WebCortex WebStores2000 - SQL Injection
|
23 |
WEB
|
Bosen
|
|
2003-05-31
|
|
iisCart2000 - Arbitrary File Upload
|
23 |
WEB
|
Bosen
|
|
2003-05-30
|
|
cPanel 5/6 / Formail-Clone - E-Mail Restriction Bypass
|
21 |
WEB
|
Chad C. Keep
|
|
2003-05-29
|
|
Zeus Web Server 4.x - Admin Interface 'VS_Diag.cgi' Cross-Site Scripting
|
18 |
WEB
|
Hugo Vazquez
|
|
2003-05-29
|
|
M-TECH P-Synch 6.2.5 - 'nph-psa.exe?css' Remote File Inclusion
|
19 |
WEB
|
JeiAr
|
|
2003-05-29
|
|
M-TECH P-Synch 6.2.5 - 'nph-psf.exe?css' Remote File Inclusion
|
20 |
WEB
|
JeiAr
|
|
2003-05-29
|
|
Webfroot Shoutbox 2.32 - Remote Command Execution
|
22 |
WEB
|
pokleyzz
|
|
2012-11-13
|
|
Eventy CMS 1.8 Plus - Multiple Vulnerabilities
|
22 |
WEB
|
Vulnerability-Lab
|
|
2003-05-29
|
|
Geeklog 1.3.x - (Authenticated) SQL Injection
|
24 |
WEB
|
pokleyzz
|
|
2003-05-29
|
|
philboard 1.14 - 'philboard_admin.asp' Authentication Bypass
|
26 |
WEB
|
aresu@bosen.net
|
|
2003-05-29
|
|
Cafelog b2 0.6 - Remote File Inclusion
|
22 |
WEB
|
pokleyzz
|
|
2003-05-29
|
|
Webfroot Shoutbox 2.32 - 'URI' File Disclosure
|
26 |
WEB
|
pokleyzz
|
|
2003-05-28
|
|
Bandmin 1.4 - Cross-Site Scripting
|
21 |
WEB
|
silent needel
|
|
2003-05-27
|
|
Newsscript 1.0 - Administrative Privilege Escalation
|
21 |
WEB
|
Peter Winter-Smith
|
|
2012-11-12
|
|
vBulletin vBay 1.1.9 - Error-Based SQL Injection
|
20 |
WEB
|
Dan UK
|
|
2012-11-12
|
|
Bananadance Wiki b2.2 - Multiple Vulnerabilities
|
24 |
WEB
|
Vulnerability-Lab
|
|
2003-05-26
|
|
PostNuke 0.72x Phoenix Glossary Module - SQL Injection
|
22 |
WEB
|
Lorenzo Manuel Hernandez Garcia-Hierro
|
|
2003-05-24
|
|
Ultimate PHP Board 1.9 - 'admin_iplog.php' Arbitrary PHP Execution
|
26 |
WEB
|
euronymous
|
|
2003-05-24
|
|
BLNews 2.1.3 - Remote File Inclusion
|
24 |
WEB
|
Over_G
|
|
2003-05-23
|
|
IISProtect 2.1/2.2 - Web Administration Interface SQL Injection
|
23 |
WEB
|
Gyrniff
|
|
2003-06-22
|
|
XMB Forum 1.8 - 'member.php' Cross-Site Scripting
|
21 |
WEB
|
Marc Ruef
|
|
2003-05-21
|
|
SudBox Boutique 1.2 - 'login.php' Authentication Bypass
|
24 |
WEB
|
frog
|
|
2003-05-20
|
|
ttCMS 2.2/2.3 / ttForum 1.1 - 'index.php' Instant-Messages Preferences SQL Injection
|
23 |
WEB
|
ScriptSlave@gmx.net
|
|
2003-05-17
|
|
ttCMS 2.2/2.3 - 'header.php' Remote File Inclusion
|
23 |
WEB
|
ScriptSlave@gmx.net
|
|
2003-05-16
|
|
EZ Publish 2.2 - 'index.php' IMG Tag Cross-Site Scripting
|
23 |
WEB
|
Ferruh Mavituna
|
|
2003-05-15
|
|
OneOrZero Helpdesk 1.4 - 'install.php' Administrative Access
|
21 |
WEB
|
frog
|
|
2003-05-15
|
|
OneOrZero Helpdesk 1.4 - 'TUpdate.php' SQL Injection
|
25 |
WEB
|
frog
|
|
2003-05-14
|
|
PHP-Proxima - 'autohtml.php' Information Disclosure
|
22 |
WEB
|
Mind Warper
|
|
2003-05-14
|
|
Owl Intranet Engine 0.7 - Authentication Bypass
|
22 |
WEB
|
cdowns
|
|
2003-05-14
|
|
vBulletin 3.0 - Private Message HTML Injection
|
23 |
WEB
|
Ferruh Mavituna
|
|
2003-05-13
|
|
PHP-Nuke 6.0/6.5 Web_Links Module - Full Path Disclosure
|
22 |
WEB
|
Rynho Zeros Web
|
|
2003-05-13
|
|
PHP-Nuke 6.5 (Multiple Downloads Module) - SQL Injection
|
21 |
WEB
|
Albert Puigsech Galicia
|
|
2003-05-13
|
|
PHP-Nuke 6.5 - 'modules.php?Username' Cross-Site Scripting
|
23 |
WEB
|
Ferruh Mavituna
|
|
2003-05-12
|
|
Happymall E-Commerce Software 4.3/4.4 - 'Normal_HTML.cgi' File Disclosure
|
23 |
WEB
|
Julio Cesar
|
|
2012-11-09
|
|
NetOffice Dwins 1.4p3 - SQL Injection
|
24 |
WEB
|
dun
|
|
2003-05-12
|
|
PHP-Nuke 5.x/6.x Web_Links Module - SQL Injection
|
22 |
WEB
|
Albert Puigsech Galicia
|
|
2003-05-12
|
|
Happymall E-Commerce Software 4.3/4.4 - 'Normal_HTML.cgi' Cross-Site Scripting
|
21 |
WEB
|
Julio Cesar
|
|
2003-05-10
|
|
Snitz Forums 2000 - 'register.asp' SQL Injection
|
22 |
WEB
|
sharpiemarker
|
|
2003-05-09
|
|
Phorum 3.4.x - 'Message Form' HTML Injection
|
23 |
WEB
|
WiciU
|
|
2003-05-09
|
|
ttCMS 2.2 / ttForum 1.1 - 'install.php?installdir' Remote File Inclusion
|
24 |
WEB
|
Charles Reinold
|
|
2003-05-09
|
|
ttCMS 2.2 / ttForum 1.1 - 'news.php?template' Remote File Inclusion
|
22 |
WEB
|
Charles Reinold
|
|
2003-05-08
|
|
HappyMall E-Commerce Software 4.3/4.4 - 'Member_HTML.cgi' Command Execution
|
28 |
WEB
|
Revin Aldi
|
|
2003-05-07
|
|
HappyMall E-Commerce Software 4.3/4.4 - 'Normal_HTML.cgi' Command Execution
|
25 |
WEB
|
Revin Aldi
|
|
2003-05-01
|
|
Stockman Shopping Cart 7.8 - Arbitrary Command Execution
|
25 |
WEB
|
Aleksey Sintsov
|
|
2003-05-01
|
|
PHP-Nuke Splatt Forum 4.0 Module - HTML Injection
|
23 |
WEB
|
Morning Wood
|
|
2003-05-01
|
|
PHP-Nuke Splatt Forum 4.0 Module - Cross-Site Scripting
|
19 |
WEB
|
Morning Wood
|
|
2003-04-30
|
|
Microsoft BizTalk Server 2000/2002 DTA - 'RawCustomSearchField.asp' SQL Injection
|
23 |
WEB
|
Cesar Cerrudo
|
|
2003-04-30
|
|
Microsoft BizTalk Server 2000/2002 DTA - 'rawdocdata.asp' SQL Injection
|
22 |
WEB
|
Cesar Cerrudo
|
|
2012-11-07
|
|
AVerCaster Pro RS3400 Web Server - Directory Traversal
|
19 |
WEB
|
Patrick Saladino
|
|
2012-11-07
|
|
Xivo 1.2 - Arbitrary File Download
|
21 |
WEB
|
Mr.Un1k0d3r
|
|
2012-11-07
|
|
Invision Power Board (IP.Board) 3.3.4 - Unserialize Regex Bypass
|
24 |
WEB
|
webDEViL
|
|
2003-04-26
|
|
Mike Bobbitt Album.PL 0.61 - Remote Command Execution
|
21 |
WEB
|
aresu@bosen.net
|
|
2003-04-26
|
|
Macromedia ColdFusion MX 6.0 - Error Message Full Path Disclosure
|
19 |
WEB
|
Network Intelligence
|
|
2003-04-25
|
|
Onecenter Forum 4.0 - IMG Tag Script Injection
|
21 |
WEB
|
David F. Madrid
|
|
2003-04-25
|
|
Xoops 1.3.x/2.0 MyTextSanitizer - HTML Injection
|
25 |
WEB
|
magistrat
|
|
2003-04-25
|
|
Truegalerie 1.0 - Unauthorized Administrative Access
|
19 |
WEB
|
frog
|
|
2003-04-23
|
|
Battleaxe Software BTTLXE Forum - 'login.asp' SQL Injection
|
22 |
WEB
|
Du|L
|
|
2012-11-06
|
|
ZenPhoto 1.4.3.3 - Multiple Vulnerabilities
|
23 |
WEB
|
waraxe
|
|
2003-04-22
|
|
XMB Forum 1.8 - 'member.php' SQL Injection
|
17 |
WEB
|
zeez@bbugs.org
|
|
2003-04-22
|
|
OpenBB 1.0/1.1 - 'member.php' SQL Injection
|
17 |
WEB
|
Albert Puigsech Galicia
|
|
2003-04-22
|
|
OpenBB 1.0/1.1 - 'board.php' SQL Injection
|
20 |
WEB
|
Albert Puigsech Galicia
|
|
2003-04-22
|
|
OpenBB 1.0/1.1 - 'index.php' SQL Injection
|
25 |
WEB
|
Albert Puigsech Galicia
|
|
2003-04-21
|
|
MPCSoftWeb 1.0 - Database Disclosure
|
22 |
WEB
|
drG4njubas
|
