|
2002-11-09
|
|
vBulletin 2.2.7/2.2.8 - HTML Injection
|
12 |
WEB
|
Dorin Balanica
|
|
2002-11-08
|
|
Ultimate PHP Board Board 1.0 final Beta - 'viewtopic.php' Cross-Site Scripting
|
11 |
WEB
|
euronymous
|
|
2002-11-08
|
|
Ultimate PHP Board 1.0 final Beta - 'viewtopic.php' Directory Contents Browsing
|
10 |
WEB
|
euronymous
|
|
2002-12-06
|
|
APBoard 2.0 2 - Unauthorized Thread Reading
|
13 |
WEB
|
DNA ESC
|
|
2012-10-18
|
|
WordPress Plugin FireStorm Professional Real Estate 2.06.01 - SQL Injection
|
14 |
WEB
|
Ashiyane Digital Security Team
|
|
2012-10-18
|
|
OTRS 3.1 - Persistent Cross-Site Scripting
|
12 |
WEB
|
Mike Eduard
|
|
2002-12-03
|
|
phpBB 2.0.3 - 'search.php' Cross-Site Scripting
|
11 |
WEB
|
f_a_a
|
|
2002-11-28
|
|
YaBB 1 Gold SP 1 - 'YaBB.pl' Cross-Site Scripting
|
11 |
WEB
|
Fabricio Angeletti
|
|
2002-11-27
|
|
BizDesign ImageFolio 2.x/3.0.1 - 'nph-build.cgi' Cross-Site Scripting
|
11 |
WEB
|
SecurityTracker.com
|
|
2002-11-27
|
|
BizDesign ImageFolio 2.x/3.0.1 - 'imageFolio.cgi?direct' Cross-Site Scripting
|
14 |
WEB
|
SecurityTracker.com
|
|
2002-11-26
|
|
News Evolution 1.0/2.0 - Include Undefined Variable Command Execution
|
10 |
WEB
|
frog
|
|
2002-11-26
|
|
FreeNews 2.1 - Include Undefined Variable Command Execution
|
11 |
WEB
|
frog
|
|
2002-11-25
|
|
Working Resources BadBlue 1.7.1 - Search Page Cross-Site Scripting
|
11 |
WEB
|
Matthew Murphy
|
|
2002-11-25
|
|
Web Server Creator Web Portal 0.1 - Remote File Inclusion
|
12 |
WEB
|
frog
|
|
2002-11-25
|
|
phpBB 2.0.3 - Script Injection
|
10 |
WEB
|
Pete Foster
|
|
2002-11-25
|
|
vBulletin 2.0.x/2.2.x - 'members2.php' Cross-Site Scripting
|
11 |
WEB
|
Sp.IC
|
|
2012-10-17
|
|
Oracle WebCenter Sites (FatWire Content Server) - Multiple Vulnerabilities
|
12 |
WEB
|
SEC Consult
|
|
2012-10-17
|
|
ManageEngine Support Center Plus 7908 - Multiple Vulnerabilities
|
11 |
WEB
|
xistence
|
|
2012-10-17
|
|
Symphony CMS 2.3 - Multiple Vulnerabilities
|
11 |
WEB
|
Wireghoul
|
|
2012-10-17
|
|
Sisfokol 4.0 - Arbitrary File Upload
|
12 |
WEB
|
cr4wl3r
|
|
2002-11-25
|
|
PHP-Nuke 5.x/6.0/6.5 Beta 1 - Multiple Cross-Site Scripting Vulnerabilities
|
13 |
WEB
|
Matthew Murphy
|
|
2002-11-22
|
|
vBulletin 2.0/2.2.x - 'memberlist.php' Cross-Site Scripting
|
10 |
WEB
|
Sp.IC
|
|
2002-11-13
|
|
phpBB Advanced Quick Reply Hack 1.0/1.1 - Remote File Inclusion
|
12 |
WEB
|
Hai Nam Luke
|
|
2002-11-12
|
|
W3Mail 1.0.6 - File Disclosure
|
11 |
WEB
|
Tim Brown
|
|
2002-11-11
|
|
EZ Systems HTTPBench 1.1 - Information Disclosure
|
14 |
WEB
|
Tacettin Karadeniz
|
|
2012-10-16
|
|
Visual Tools DVR3.0.6.16_ vx series 4.2.19.2 - Multiple Vulnerabilities
|
10 |
WEB
|
Andrea Fabrizi
|
|
2012-10-16
|
|
Joomla! Component com_icagenda - 'id' Multiple Vulnerabilities
|
13 |
WEB
|
Dark-Puzzle
|
|
2012-10-16
|
|
MyBB Profile Albums Plugin 0.9 - 'albums.php?album' SQL Injection
|
12 |
WEB
|
Zixem
|
|
2002-11-07
|
|
CuteCast 1.2 - User Credential Disclosure
|
13 |
WEB
|
Zero-X
|
|
2012-10-15
|
|
BigPond 3G21WB - Multiple Vulnerabilities
|
13 |
WEB
|
Roberto Paleari
|
|
2012-10-15
|
|
airVisionNVR 1.1.13 - 'readfile()' Disclosure / SQL Injection
|
11 |
WEB
|
pennyGrit
|
|
2012-10-15
|
|
Cartweaver 3 - Local File Inclusion
|
13 |
WEB
|
HaxOr
|
|
2002-11-01
|
|
ION Script 1.4 - Remote File Disclosure
|
13 |
WEB
|
Zero X
|
|
2002-11-01
|
|
PHP-Nuke 5.6 - 'modules.php' SQL Injection
|
11 |
WEB
|
kill9
|
|
2002-11-01
|
|
Jason Orcutt Prometheus 3.0/4.0/6.0 - Remote File Inclusion
|
11 |
WEB
|
Karol Wiesek
|
|
2002-10-28
|
|
Benjamin Lefevre Dobermann Forum 0.x - 'newtopic.php?subpath' Remote File Inclusion
|
15 |
WEB
|
frog
|
|
2002-10-28
|
|
Benjamin Lefevre Dobermann Forum 0.x - 'index.php?subpath' Remote File Inclusion
|
13 |
WEB
|
frog
|
|
2002-10-28
|
|
Benjamin Lefevre Dobermann Forum 0.x - 'enteteacceuil.php?subpath' Remote File Inclusion
|
10 |
WEB
|
frog
|
|
2002-10-28
|
|
Benjamin Lefevre Dobermann Forum 0.x - 'entete.php?subpath' Remote File Inclusion
|
11 |
WEB
|
frog
|
|
2002-10-28
|
|
MailReader.com 2.3.x - 'NPH-MR.cgi' File Disclosure
|
10 |
WEB
|
pokleyzz
|
|
2002-10-24
|
|
Mojo Mail 2.7 - Email Form Cross-Site Scripting
|
10 |
WEB
|
Daniel Boland
|
|
2002-10-23
|
|
MyMarket 1.71 - 'Form_Header.php' Cross-Site Scripting
|
12 |
WEB
|
qber66
|
|
2002-10-22
|
|
gBook 1.4 - Administrative Access
|
10 |
WEB
|
frog
|
|
2002-10-21
|
|
PHP Arena PAFileDB 1.1.3/2.1.1/3.0 - 'Email To Friend' Cross-Site Scripting
|
22 |
WEB
|
ersatz
|
|
2002-10-21
|
|
KMMail 1.0 - E-Mail HTML Injection
|
11 |
WEB
|
Ulf Harnhammar
|
|
2002-10-18
|
|
YaBB 1.40/1.41 - Login Cross-Site Scripting
|
11 |
WEB
|
Nir Adar
|
|
2002-10-18
|
|
vBulletin 2.0/2.2.x - Cross-Site Scripting
|
14 |
WEB
|
Sp.IC
|
|
2002-10-10
|
|
PHPRank 1.8 - 'add.php' Cross-Site Scripting
|
12 |
WEB
|
Jedi/Sector One
|
|
2002-10-10
|
|
PHPBBMod 1.3.3 - PHPInfo Information Disclosure
|
11 |
WEB
|
Roland Verlander
|
|
2002-10-10
|
|
PHPReactor 1.2.7 pl1 - 'browse.php' Cross-Site Scripting
|
12 |
WEB
|
Arab VieruZ
|
|
2012-10-16
|
|
Project Pier - Arbitrary File Upload (Metasploit)
|
11 |
WEB
|
Metasploit
|
|
2002-10-09
|
|
Authoria HR Suite - 'AthCGI.exe' Cross-Site Scripting
|
15 |
WEB
|
Max
|
|
2002-10-08
|
|
SurfControl SuperScout Email Filter 3.5 - User Credential Disclosure
|
11 |
WEB
|
ken@FTU
|
|
2002-10-08
|
|
SurfControl SuperScout Email Filter 3.5 - 'MsgError.asp' Cross-Site Scripting
|
12 |
WEB
|
ken@FTU
|
|
2002-10-09
|
|
VBZoom 1.0 - Arbitrary File Upload
|
14 |
WEB
|
hish
|
|
2002-10-09
|
|
Microsoft Content Management Server 2001 - Cross-Site Scripting
|
14 |
WEB
|
overclocking_a_la_abuela
|
|
2002-10-08
|
|
VBZoom 1.0 - SQL Injection
|
11 |
WEB
|
hish
|
|
2002-10-08
|
|
SSGBook 1.0 - Image Tag HTML Injection
|
13 |
WEB
|
frog
|
|
2002-10-07
|
|
Killer Protection 1.0 - Information Disclosure
|
12 |
WEB
|
frog
|
|
2002-10-04
|
|
phpLinkat 0.1 - Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
Sp.IC
|
|
2002-10-03
|
|
phpMyNewsletter 0.6.10 - Remote File Inclusion
|
14 |
WEB
|
frog
|
|
2002-10-03
|
|
Michael Schatz Books 0.54/0.6 PostNuke Module - Cross-Site Scripting
|
12 |
WEB
|
Pistone
|
|
2002-10-02
|
|
MySimpleNews 1.0 - Remote Readable Administrator Password
|
14 |
WEB
|
frog
|
|
2002-10-02
|
|
MySimpleNews 1.0 - PHP Injection
|
11 |
WEB
|
frog
|
|
2002-10-02
|
|
phpWebSite 0.8.3 - 'article.php' Cross-Site Scripting
|
15 |
WEB
|
Sp.IC
|
|
2002-10-02
|
|
Midicart PHP - Arbitrary File Upload
|
13 |
WEB
|
frog
|
|
2002-10-02
|
|
Jetty 3.1.6/3.1.7/4.1 Servlet Engine - Arbitrary Command Execution
|
12 |
WEB
|
Matt Moore
|
|
2002-10-02
|
|
Midicart PHP - Information Disclosure
|
11 |
WEB
|
frog
|
|
2002-10-02
|
|
TightAuction 3.0 - Config.INC Information Disclosure
|
13 |
WEB
|
frog
|
|
2012-10-11
|
|
vOlk Botnet Framework 4.0 - Multiple Vulnerabilities
|
16 |
WEB
|
Vulnerability-Lab
|
|
2012-10-11
|
|
Omnistar Document Manager 8.0 - Multiple Vulnerabilities
|
10 |
WEB
|
Vulnerability-Lab
|
|
2002-10-02
|
|
Py-Membres 3.1 - 'index.php' Unauthorized Access
|
11 |
WEB
|
frog
|
|
2002-09-30
|
|
Sun ONE Starter Kit 2.0 / ASTAware SearchDisc 3.1 - Search Engine Directory Traversal
|
12 |
WEB
|
ET LoWNOISE
|
|
2002-09-29
|
|
EmuMail 5.0 Email Form - Script Injection
|
10 |
WEB
|
FVS
|
|
2002-09-29
|
|
EmuMail 5.0 - Web Root Full Path Disclosure
|
12 |
WEB
|
FVS
|
|
2002-09-28
|
|
Jetty 4.1 Servlet Engine - Cross-Site Scripting
|
10 |
WEB
|
Skinnay
|
|
2002-09-27
|
|
vBulletin 2.0.3 - 'calendar.php' Command Execution
|
13 |
WEB
|
gosper
|
|
2002-09-26
|
|
PostNuke 0.72 - 'modules.php' Cross-Site Scripting
|
13 |
WEB
|
Mark Grimes
|
|
2012-10-10
|
|
ServersCheck Monitoring Software 9.0.12/9.0.14 - Persistent Cross-Site Scripting
|
12 |
WEB
|
loneferret
|
|
2002-09-25
|
|
phpWebSite 0.8.3 - News Message HTML Injection
|
14 |
WEB
|
das@hush.com
|
|
2002-09-25
|
|
Drupal 4.0 - News Message HTML Injection
|
12 |
WEB
|
das@hush.com
|
|
2002-09-25
|
|
PHP-Nuke 6.0 - 'modules.php' SQL Injection
|
12 |
WEB
|
Pedro Inacio
|
|
2002-09-25
|
|
DaCode 1.2 - News Message HTML Injection
|
10 |
WEB
|
das@hush.com
|
|
2002-09-25
|
|
NPDS 4.8 - News Message HTML Injection
|
11 |
WEB
|
das@hush.com
|
|
2002-09-25
|
|
PHP-Nuke 6.0 - News Message HTML Injection
|
11 |
WEB
|
das@hush.com
|
|
2002-09-24
|
|
PHP-Nuke 6.0/6.5 - Search Form Cross-Site Scripting
|
11 |
WEB
|
Mark Grimes
|
|
2012-10-10
|
|
Auxilium RateMyPet - Arbitrary File Upload (Metasploit)
|
15 |
WEB
|
Metasploit
|
|
2012-10-10
|
|
qdPM 7.0 - Arbitrary '.PHP' File Upload (Metasploit)
|
11 |
WEB
|
Metasploit
|
|
2012-10-10
|
|
phpMyAdmin 3.5.2.2 - 'server_sync.php' Backdoor (Metasploit)
|
15 |
WEB
|
Metasploit
|
|
2012-10-10
|
|
PhpTax - 'pfilez' Execution Remote Code Injection (Metasploit)
|
15 |
WEB
|
Metasploit
|
|
2002-09-24
|
|
XOOPS 1.0 RC3 - HTML Injection
|
10 |
WEB
|
das@hush.com
|
|
2002-09-23
|
|
phpWebSite 0.8.2 - PHP File Inclusion
|
10 |
WEB
|
Tim Vandermeersch
|
|
2012-10-09
|
|
Endpoint Protector 4.0.4.0 - Multiple Vulnerabilities
|
11 |
WEB
|
Vulnerability-Lab
|
|
2002-09-23
|
|
Rudi Benkovic JAWMail 1.0 - Script Injection
|
11 |
WEB
|
Ulf Harnhammar
|
|
2002-09-19
|
|
SquirrelMail 1.2.6/1.2.7 - Multiple Cross-Site Scripting Vulnerabilities
|
14 |
WEB
|
DarC KonQuest
|
|
2012-10-08
|
|
Web Help Desk by SolarWinds - Persistent Cross-Site Scripting
|
12 |
WEB
|
loneferret
|
|
2002-09-17
|
|
Lycos HTMLGear - guestGear CSS HTML Injection
|
12 |
WEB
|
Matthew Murphy
|
|
2012-10-07
|
|
MyAuth3 - Blind SQL Injection
|
12 |
WEB
|
Marcio Almeida
|
|
2012-10-07
|
|
Blog Mod 0.1.9 - 'index.php?month' SQL Injection
|
12 |
WEB
|
WhiteCollarGroup
|
|
2002-09-09
|
|
PHPGB 1.1/1.2 - PHP Code Injection
|
10 |
WEB
|
ppp-design
|
|
2002-09-09
|
|
phpGB 1.1 - HTML Injection
|
15 |
WEB
|
ppp-design
|
|
2002-09-09
|
|
WoltLab Burning Board 2.0 - SQL Injection
|
14 |
WEB
|
Cano2
|
|
2002-09-09
|
|
phpGB 1.x - SQL Injection
|
11 |
WEB
|
ppp-design
|
|
2002-09-07
|
|
PHP 4.2.3 - Header Function Script Injection
|
10 |
WEB
|
Matthew Murphy
|
|
2002-09-03
|
|
Aestiva HTML/OS 2.4 - Cross-Site Scripting
|
15 |
WEB
|
eax@3xT.org
|
|
2002-09-03
|
|
Super Site Searcher - Remote Command Execution
|
14 |
WEB
|
luca.ercoli
|
|
2002-08-31
|
|
FactoSystem Weblog 0.9/1.0/1.1 - Multiple SQL Injections
|
10 |
WEB
|
Matthew Murphy
|
|
2002-08-24
|
|
PHPReactor 1.2.7 - Style Attribute HTML Injection
|
12 |
WEB
|
Matthew Murphy
|
|
2002-08-22
|
|
Achievo 0.7/0.8/0.9 - Remote File Inclusion / Command Execution
|
13 |
WEB
|
Jeroen Latour
|
|
2012-10-04
|
|
Novell Sentinel Log Manager 1.2.0.2 - Retention Policy
|
10 |
WEB
|
Piotr Chmylkowski
|
|
2012-10-04
|
|
phpMyBitTorrent 2.04 - Multiple Vulnerabilities
|
15 |
WEB
|
waraxe
|
|
2012-10-04
|
|
Template CMS 2.1.1 - Multiple Vulnerabilities
|
12 |
WEB
|
High-Tech Bridge SA
|
|
2012-10-04
|
|
phpMyChat Plus 1.94 RC1 - Multiple Vulnerabilities
|
11 |
WEB
|
L0n3ly-H34rT
|
|
2002-08-20
|
|
Mozilla Bonsai 1.3 - Full Path Disclosure
|
13 |
WEB
|
Stan Bubrouski
|
|
2002-08-20
|
|
Mozilla Bonsai - Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
Stan Bubrouski
|
|
2002-08-19
|
|
Kerio MailServer 5.0/5.1 Web Mail - Multiple Cross-Site Scripting Vulnerabilities
|
12 |
WEB
|
Abraham Lincoln
|
|
2002-08-19
|
|
Mantis Bug Tracker 0.15.x/0.16/0.17.x - JPGraph Remote File Inclusion Command Execution
|
12 |
WEB
|
Joao Gouveia
|
|
2002-08-19
|
|
Ilia Alshanetsky FUDForum 1.2.8/1.9.8/2.0.2 - File Modification
|
13 |
WEB
|
Ulf Harnhammar
|
|
2002-08-19
|
|
Ilia Alshanetsky FUDForum 1.2.8/1.9.8/2.0.2 - File Disclosure
|
14 |
WEB
|
Ulf Harnhammar
|
|
2012-10-03
|
|
Omnistar Mailer 7.2 - Multiple Vulnerabilities
|
11 |
WEB
|
Vulnerability-Lab
|
|
2012-10-03
|
|
WordPress Plugin spider Calendar - Multiple Vulnerabilities
|
12 |
WEB
|
D4NB4R
|
|
2002-08-14
|
|
Leszek Krupinski L-Forum 2.4 - Search Script SQL Injection
|
12 |
WEB
|
Matthew Murphy
|
|
2002-08-10
|
|
Midicart ASP - Remote Customer Information Retrieval
|
11 |
WEB
|
Dimitri Sekhniashvili
|
|
2002-07-30
|
|
Dispair 0.1/0.2 - Remote Command Execution
|
10 |
WEB
|
anonymous
|
|
2002-08-01
|
|
Bharat Mediratta Gallery 1.x - Remote File Inclusion
|
12 |
WEB
|
PowerTech
|
