|
2002-06-06
|
|
Splatt Forum 3.0 - Image Tag HTML Injection
|
4 |
WEB
|
MegaHz
|
|
2002-06-03
|
|
Teekai Tracking Online 1.0 - Cross-Site Scripting
|
4 |
WEB
|
frog
|
|
2002-05-30
|
|
CGIScript.net - 'csPassword.cgi' 1.0 HTAccess File Modification
|
5 |
WEB
|
Steve Gustin
|
|
2002-05-30
|
|
CGIScript.net - 'csPassword.cgi' 1.0 Information Disclosure
|
4 |
WEB
|
Steve Gustin
|
|
2002-05-29
|
|
Gafware CFXImage 1.6.4/1.6.6 - ShowTemp File Disclosure
|
4 |
WEB
|
Richard Brain
|
|
2002-05-28
|
|
Image Display System 0.8.1 - Directory Existence Disclosure
|
4 |
WEB
|
isox
|
|
2002-05-26
|
|
PHPBB2 - Image Tag HTML Injection
|
4 |
WEB
|
Martijn Boerwinkel
|
|
2002-05-20
|
|
GNU Mailman 2.0.x - Admin Login Cross-Site Scripting
|
4 |
WEB
|
office
|
|
2002-05-24
|
|
OpenBB 1.0.0 RC3 - Cross-Site Scripting
|
4 |
WEB
|
frog
|
|
2002-05-24
|
|
OpenBB 1.0 - Unauthorized Moderator Access
|
4 |
WEB
|
frog
|
|
2002-05-24
|
|
OpenBB 1.0.0 RC3 - BBCode Cross Agent HTML Injection
|
4 |
WEB
|
frog
|
|
2002-05-24
|
|
ViewCVS 0.9.2 - Cross-Site Scripting
|
4 |
WEB
|
office
|
|
2002-05-19
|
|
Hosting Controller 1.x - 'Browse.asp' File Disclosure
|
4 |
WEB
|
Bao Dai Nhan
|
|
2002-05-17
|
|
mcNews 1.x - File Disclosure
|
4 |
WEB
|
frog
|
|
2002-05-18
|
|
Phorum 3.3.2 - Cross-Site Scripting
|
5 |
WEB
|
markus arndt
|
|
2002-05-17
|
|
CGIScript.net 1.0 - Information Disclosure
|
3 |
WEB
|
Steve Gustin
|
|
2002-05-17
|
|
Phorum 3.3.2a - Remote Command Execution
|
5 |
WEB
|
markus arndt
|
|
2002-05-17
|
|
Hosting Controller 1.4 - Import Root Directory Command Execution
|
5 |
WEB
|
hdlkha
|
|
2002-05-17
|
|
Hosting Controller 1.x - DSNManager Directory Traversal
|
4 |
WEB
|
hdlkha
|
|
2002-05-12
|
|
Clicky Web Pseudo-frames 1.0 - Remote File Inclusion
|
5 |
WEB
|
frog
|
|
2002-05-14
|
|
NOCC 0.9.x - Webmail Script Injection
|
4 |
WEB
|
ppp-design
|
|
2002-05-11
|
|
XMB Forum 1.6 - Magic Lantern Log File
|
4 |
WEB
|
frog
|
|
2002-05-11
|
|
XMB Forum 1.6 - Magic Lantern Cross-Site Scripting
|
4 |
WEB
|
frog
|
|
2002-05-06
|
|
B2 0.6 - 'b2edit.showposts.php?b2inc' Remote File Inclusion
|
4 |
WEB
|
Frank
|
|
2002-05-05
|
|
askSam 4.0 Web Publisher - Cross-Site Scripting
|
4 |
WEB
|
frog
|
|
2002-05-02
|
|
Outfront Spooky 2.x - Login SQL Query Manipulation Password
|
4 |
WEB
|
anonymous
|
|
2002-04-30
|
|
MyGuestbook 1.0 - Script Injection
|
4 |
WEB
|
BrainRawt
|
|
2002-04-17
|
|
MiniBB 1.2 - Cross-Site Scripting
|
4 |
WEB
|
frog
|
|
2002-04-28
|
|
Blahz-DNS 0.2 - Direct Script Call Authentication Bypass
|
4 |
WEB
|
ppp-design
|
|
2002-04-28
|
|
DNSTools 2.0 - Authentication Bypass
|
4 |
WEB
|
ppp-design
|
|
2002-04-17
|
|
ADManager 1.1 - Content Manipulation
|
4 |
WEB
|
frog
|
|
2002-04-25
|
|
Ultimate PHP Board 1.0/1.1 - Image Tag Script Injection
|
4 |
WEB
|
frog
|
|
2002-04-25
|
|
PHProjekt 2.x/3.x - Authentication Bypass
|
4 |
WEB
|
Ulf Harnhammar
|
|
2012-09-20
|
|
Manhali 1.8 - Local File Inclusion
|
3 |
WEB
|
L0n3ly-H34rT
|
|
2012-09-20
|
|
Thomson Wireless VoIP Cable Modem - Authentication Bypass
|
5 |
WEB
|
Glafkos Charalambous
|
|
2002-04-21
|
|
vqServer 1.9.x - CGI Demo Program Script Injection
|
4 |
WEB
|
Matthew Murphy
|
|
2002-04-21
|
|
Philip Chinery's Guestbook 1.1 - Script Injection
|
5 |
WEB
|
markus arndt
|
|
2002-04-20
|
|
Jon Howell Faq-O-Matic 2.7 - Cross-Site Scripting
|
4 |
WEB
|
BrainRawt
|
|
2002-04-19
|
|
PostBoard 2.0 - Topic Title Script Execution
|
4 |
WEB
|
gcsb
|
|
2002-04-19
|
|
PostBoard 2.0 - BBCode IMG Tag Script Injection
|
4 |
WEB
|
gcsb
|
|
2002-04-19
|
|
Snitz Forums 2000 3.x - 'members.asp' SQL Injection
|
4 |
WEB
|
acemi
|
|
2002-04-19
|
|
IcrediBB 1.1 - Script Injection
|
5 |
WEB
|
Daniel Nyström
|
|
2002-04-18
|
|
PVote 1.0/1.5 - Unauthorized Administrative Password Change
|
4 |
WEB
|
Daniel Nyström
|
|
2012-09-19
|
|
torrenttrader 2.08 - Multiple Vulnerabilities
|
3 |
WEB
|
waraxe
|
|
2012-09-19
|
|
Fortigate UTM WAF Appliance - Multiple Vulnerabilities
|
3 |
WEB
|
Vulnerability-Lab
|
|
2012-09-19
|
|
SonicWALL email security 7.3.5 - Multiple Vulnerabilities
|
4 |
WEB
|
Vulnerability-Lab
|
|
2012-09-19
|
|
WordPress Plugin wp-topbar 4.02 - Multiple Vulnerabilities
|
4 |
WEB
|
Blake Entrekin
|
|
2012-09-19
|
|
SpiceWorks 6.0.00993 - Multiple Script Injection Vulnerabilities
|
4 |
WEB
|
LiquidWorm
|
|
2002-04-18
|
|
PVote 1.0/1.5 - Poll Content Manipulation
|
3 |
WEB
|
Daniel Nyström
|
|
2002-04-14
|
|
xNewsletter 1.0 - Form Field Input Validation
|
4 |
WEB
|
Firehack
|
|
2002-04-14
|
|
XGB 1.2 - Remote Form Field Input Validation
|
4 |
WEB
|
Firehack
|
|
2002-04-15
|
|
XGB Guestbook 1.2 - User-Embedded Scripting
|
4 |
WEB
|
Firehack
|
|
2002-04-15
|
|
Burning Board 1.1.1 - 'URL' Manipulation
|
4 |
WEB
|
SeazoN
|
|
2002-04-13
|
|
SunShop Shopping Cart 1.5/2.x - User-Embedded Scripting
|
5 |
WEB
|
ppp-design
|
|
2002-04-11
|
|
IBM Informix Web Datablade 4.1x - Page Request SQL Injection
|
5 |
WEB
|
Simon Lodal
|
|
2002-03-28
|
|
SquirrelMail 1.2.x - Theme Remote Command Execution
|
4 |
WEB
|
pokleyzz sakamaniaka
|
|
2002-03-28
|
|
PostNuke 0.703 - caselist Arbitrary Module Include
|
5 |
WEB
|
pokleyzz sakamaniaka
|
|
2002-03-25
|
|
DCShop Beta 1.0 - Form Manipulation
|
4 |
WEB
|
pokleyzz sakamaniaka
|
|
2002-03-21
|
|
PHP-Nuke 5.x - Error Message Web Root Disclosure
|
5 |
WEB
|
godminus
|
|
2002-03-13
|
|
PHProjekt 3.1 - Remote File Inclusion
|
6 |
WEB
|
b0iler
|
|
2012-09-17
|
|
Netsweeper WebAdmin Portal - Multiple Vulnerabilities
|
4 |
WEB
|
Jacob Holcomb
|
|
2012-09-17
|
|
Auxilium PetRatePro - Multiple Vulnerabilities
|
4 |
WEB
|
DaOne
|
|
2012-09-17
|
|
webERP 4.08.4 - 'WorkOrderEntry.php' SQL Injection
|
4 |
WEB
|
modpr0be
|
|
2012-09-17
|
|
luxcal 2.7.0 - Multiple Vulnerabilities
|
5 |
WEB
|
L0n3ly-H34rT
|
|
2012-09-14
|
|
Trend Micro Interscan Messaging Security Suite - Persistent Cross-Site Scripting / Cross-Site Reques
|
5 |
WEB
|
modpr0be
|
|
2012-09-14
|
|
NeoBill CMS 0.8 Alpha - Multiple Vulnerabilities
|
4 |
WEB
|
Vulnerability-Lab
|
|
2012-09-14
|
|
ASTPP VoIP Billing (4cf207a) - Multiple Vulnerabilities
|
4 |
WEB
|
Vulnerability-Lab
|
|
2002-03-04
|
|
ReBB 1.0 - Image Tag Cross-Agent Scripting
|
4 |
WEB
|
skizzik
|
|
2002-02-27
|
|
Snitz Forums 2000 3.0/3.1/3.3 - Image Tag Cross-Agent Scripting
|
3 |
WEB
|
Justin
|
|
2002-02-26
|
|
IkonBoard 2.17/3.0/3.1 - Image Tag Cross-Agent Scripting
|
6 |
WEB
|
godminus
|
|
2002-02-25
|
|
OpenBB 1.0.x - Image Tag Cross-Agent Scripting
|
5 |
WEB
|
skizzik
|
|
2002-02-22
|
|
XMB Forum 1.6 pre-beta - Image Tag Script Injection
|
4 |
WEB
|
skizzik
|
|
2002-02-22
|
|
Powie PForum 1.1x - 'Username' Cross-Site Scripting
|
4 |
WEB
|
Jens Liebchen
|
|
2002-02-04
|
|
Portix-PHP 0.4 - Cookie Manipulation
|
3 |
WEB
|
frog
|
|
2002-02-04
|
|
Portix-PHP 0.4 - 'view.php' Directory Traversal
|
4 |
WEB
|
frog
|
|
2002-02-04
|
|
Portix-PHP 0.4 - 'index.php' Directory Traversal
|
4 |
WEB
|
frog
|
|
2012-09-12
|
|
Ezylog Photovoltaic Management Server - Multiple Vulnerabilities
|
4 |
WEB
|
Roberto Paleari
|
|
2012-09-12
|
|
Knowledge Base Enterprise Edition 4.62.0 - SQL Injection
|
4 |
WEB
|
Vulnerability-Lab
|
|
2012-09-12
|
|
Webify Photo Gallery - Arbitrary File Deletion
|
4 |
WEB
|
JIKO
|
|
2012-09-12
|
|
Webify Business Directory - Arbitrary File Deletion
|
4 |
WEB
|
JIKO
|
|
2012-09-12
|
|
Webify eDownloads Cart - Arbitrary File Deletion
|
4 |
WEB
|
JIKO
|
|
2012-09-12
|
|
Subrion CMS 2.2.1 - Cross-Site Request Forgery (Add Admin)
|
4 |
WEB
|
LiquidWorm
|
|
2002-01-29
|
|
AHG Search Engine 1.0 - 'search.cgi' Arbitrary Command Execution
|
4 |
WEB
|
Aleksey Sintsov
|
|
2012-09-11
|
|
akcms 4.2.4 - Information Disclosure
|
4 |
WEB
|
L0n3ly-H34rT
|
|
2012-09-11
|
|
Webify Blog - Arbitrary File Deletion
|
4 |
WEB
|
JIKO
|
|
2002-01-02
|
|
WikkiTikkiTavi 0.x - Remote File Inclusion
|
3 |
WEB
|
Scott Moonen
|
|
2002-01-18
|
|
PHP-Nuke 4.x/5.x - SQL_Debug Information Disclosure
|
4 |
WEB
|
zataz.com
|
|
2002-01-16
|
|
PHP-Nuke 4.x/5.x - Arbitrary File Inclusion
|
5 |
WEB
|
Handle Nopman
|
|
2012-09-10
|
|
SiteGo - Remote File Inclusion
|
4 |
WEB
|
L0n3ly-H34rT
|
|
2012-09-10
|
|
Joomla! Component RokModule 1.1 - 'module' Blind SQL Injection
|
3 |
WEB
|
Yarolinux
|
|
2012-09-10
|
|
VICIDIAL Call Center Suite 2.2.1-237 - Multiple Vulnerabilities
|
3 |
WEB
|
Ertebat Gostar Co
|
|
2002-01-09
|
|
Ultimate Bulletin Board 5.4/6.0/6.2 - Cross-Agent Scripting
|
4 |
WEB
|
Obscure
|
|
2002-01-09
|
|
YaBB 9.1.2000 - Cross-Agent Scripting
|
4 |
WEB
|
Obscure
|
|
2002-01-06
|
|
PHP-Nuke AddOn PHPToNuke.php 1.0 - Cross-Site Scripting
|
4 |
WEB
|
frog
|
|
2001-12-18
|
|
Aktivate 1.0 3 - Shopping Cart Cross-Site Scripting
|
3 |
WEB
|
Tamer Sahin
|
|
2001-12-17
|
|
Agora.CGI 3.x/4.0 - Debug Mode Cross-Site Scripting
|
4 |
WEB
|
Tamer Sahin
|
|
2001-12-01
|
|
EasyNews 1.5 - NewsDatabase/Template Modification
|
4 |
WEB
|
markus arndt
|
|
2001-12-03
|
|
PHP-Nuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x - 'modules.php' Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Cabezon Aurélien
|
|
2001-12-03
|
|
PHP-Nuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x - 'user.php?uname' Cross-Site Scripting
|
4 |
WEB
|
Cabezon Aurélien
|
|
2001-11-19
|
|
bharat Mediratta Gallery 1.1/1.2 - Directory Traversal
|
4 |
WEB
|
Cabezon Aurelien
|
|
2012-09-08
|
|
Pinterest Clone Script - Multiple Vulnerabilities
|
5 |
WEB
|
DaOne
|
|
2012-09-07
|
|
TestLink 1.9.3 - Cross-Site Request Forgery
|
5 |
WEB
|
High-Tech Bridge SA
|
|
2012-09-07
|
|
Sitecom Home Storage Center - Authentication Bypass
|
4 |
WEB
|
Mattijs van Ommeren
|
|
2012-09-07
|
|
Clipster Video - Persistent Cross-Site Scripting
|
4 |
WEB
|
DaOne
|
|
2012-09-07
|
|
Cannonbolt Portfolio Manager 1.0 - Multiple Vulnerabilities
|
3 |
WEB
|
LiquidWorm
|
|
2001-10-13
|
|
PostNuke 0.6 - User Login
|
5 |
WEB
|
anonymous
|
|
2012-09-05
|
|
Ektron CMS 8.5.0 - Multiple Vulnerabilities
|
4 |
WEB
|
Sense of Security
|
|
2012-09-05
|
|
ES Job Search Engine 3.0 - SQL Injection
|
3 |
WEB
|
Vulnerability-Lab
|
|
2011-12-18
|
|
novell sentinel log manager 1.2.0.1 - Directory Traversal
|
5 |
WEB
|
Andrea Fabrizi
|
|
2012-09-05
|
|
QNAP Turbo NAS TS-1279U-RP - Multiple Path Injections
|
4 |
WEB
|
Andrea Fabrizi
|
|
2012-09-05
|
|
MobileCartly 1.0 - Arbitrary File Creation (Metasploit)
|
4 |
WEB
|
Metasploit
|
|
2001-07-31
|
|
phpBB 1.x - Page Header Arbitrary Command Execution
|
4 |
WEB
|
UnderSpell
|
|
2012-09-04
|
|
Group Office Calendar - '/calendar/json.php' SQL Injection
|
4 |
WEB
|
Chris Cooper
|
|
2012-09-04
|
|
Support4Arabs Pages 2.0 - SQL Injection
|
4 |
WEB
|
L0n3ly-H34rT
|
|
2012-09-04
|
|
Splunk 4.3.3 - Arbitrary File Read
|
4 |
WEB
|
Marcio Almeida
|
|
2012-09-04
|
|
jira 4.4.3 / greenhopper < 5.9.8 - Multiple Vulnerabilities
|
3 |
WEB
|
Hoyt LLC Research
|
|
2001-08-03
|
|
phpBB 1.4 - SQL Query Manipulation
|
5 |
WEB
|
kill-9
|
|
2001-07-27
|
|
PHP-Nuke 5.0 - 'user.php' Form Element Substitution
|
4 |
WEB
|
dinopio
|
|
2012-09-03
|
|
Sitecom Home Storage Center - Directory Traversal
|
4 |
WEB
|
Mattijs van Ommeren
|
|
2012-09-03
|
|
Conceptronic Grab'n'Go Network Storage - Directory Traversal
|
4 |
WEB
|
Mattijs van Ommeren
|
|
2001-07-21
|
|
PHPLib Team PHPLIB 7.2 - Remote Script Execution
|
5 |
WEB
|
giancarlo pinerolo
|
|
2012-09-02
|
|
AV Arcade Free Edition - 'add_rating.php?id' Blind SQL Injection
|
4 |
WEB
|
DaOne
|
|
2012-09-02
|
|
Admidio 2.3.5 - Multiple Vulnerabilities
|
4 |
WEB
|
Stefan Schurtz
|
|
2001-07-06
|
|
Basilix Webmail 1.0 - File Disclosure
|
4 |
WEB
|
karol _
|
|
2001-07-05
|
|
Cobalt Qube Webmail 1.0 - Directory Traversal
|
3 |
WEB
|
kf
|
