|
2011-05-08
|
|
FestOS 2.3c - 'upload.php' Arbitrary File Upload
|
18 |
WEB
|
KedAns-Dz
|
|
2015-01-06
|
|
AdaptCMS 3.0.3 - Multiple Vulnerabilities
|
16 |
WEB
|
LiquidWorm
|
|
2011-05-07
|
|
e107 0.7.25 - 'news.php' SQL Injection
|
13 |
WEB
|
KedAns-Dz
|
|
2011-05-05
|
|
PHPDug 2.0 - Multiple Cross-Site Scripting Vulnerabilities
|
16 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-05
|
|
BMC Dashboards 7.6.01 - Cross-Site Scripting / Information Disclosure
|
19 |
WEB
|
Richard Brain
|
|
2011-05-05
|
|
BMC Remedy Knowledge Management 7.5.00 - Default Account / Multiple Cross-Site Scripting Vulnerabili
|
15 |
WEB
|
Richard Brain
|
|
2011-05-05
|
|
PHP Directory Listing Script 3.1 - 'index.php' Cross-Site Scripting
|
15 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-05
|
|
WordPress Plugin WP Ajax Calendar 1.0 - 'example.php' Cross-Site Scripting
|
23 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-03
|
|
GoT.MY (Multiple Products) - 'theme_dir' Cross-Site Scripting
|
13 |
WEB
|
Hector.x90
|
|
2011-05-03
|
|
SelectaPix 1.4.1 - 'uploadername' Cross-Site Scripting
|
14 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-03
|
|
YaPiG 0.95 - Multiple Cross-Site Scripting Vulnerabilities
|
12 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-03
|
|
E2 Photo Gallery 0.9 - 'index.php' Cross-Site Scripting
|
17 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-03
|
|
Proofpoint Protection Server 5.5.5 - 'process.cgi' Cross-Site Scripting
|
16 |
WEB
|
Karan Khosla
|
|
2011-05-03
|
|
Web Auction 0.3.6 - 'lang' Cross-Site Scripting
|
18 |
WEB
|
AutoSec Tools
|
|
2015-01-04
|
|
Crea8Social 2.0 - Cross-Site Scripting Change Interface
|
21 |
WEB
|
Yudhistira B W
|
|
2011-05-02
|
|
LDAP Account Manager 3.4.0 - 'selfserviceSaveOk' Cross-Site Scripting
|
17 |
WEB
|
AutoSec Tools
|
|
2011-05-02
|
|
LANSA aXes Web Terminal TN5250 - 'axes_default.css' Cross-Site Scripting
|
15 |
WEB
|
Patrick Webster
|
|
2011-04-30
|
|
Tine 2.0 - 'vbook.php' Cross-Site Scripting
|
16 |
WEB
|
AutoSec Tools
|
|
2011-04-28
|
|
ClanSphere 2011.0 - Local File Inclusion / Arbitrary File Upload
|
14 |
WEB
|
KedAns-Dz
|
|
2015-01-03
|
|
e107 2 Bootstrap CMS - Cross-Site Scripting
|
18 |
WEB
|
Ahmet Agar / 0x97
|
|
2011-04-28
|
|
phpGraphy 0.9.13b - 'theme_dir' Cross-Site Scripting
|
12 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-25
|
|
eyeOS 1.9.0.2 - Image File Handling HTML Injection
|
16 |
WEB
|
Alberto Ortega
|
|
2011-04-28
|
|
BackupPC 3.x - 'index.cgi' Multiple Cross-Site Scripting Vulnerabilities
|
17 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-27
|
|
Kusaba X 0.9 - Multiple Cross-Site Scripting Vulnerabilities
|
14 |
WEB
|
Emilio Pinna
|
|
2011-04-28
|
|
WordPress Plugin WP Photo Album 1.5.1 - 'id' Cross-Site Scripting
|
14 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-28
|
|
WordPress Plugin Daily Maui Photo Widget 0.2 - Multiple Cross-Site Scripting Vulnerabilities
|
17 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-27
|
|
Cisco Unified Communications Manager 8.5 - 'xmldirectorylist.jsp' Multiple SQL Injections
|
16 |
WEB
|
Alberto Revelli
|
|
2015-01-01
|
|
Absolut Engine 1.73 - Multiple Vulnerabilities
|
18 |
WEB
|
Steffen Rösemann
|
|
2011-04-27
|
|
up.time Software 5 - Administration Interface Remote Authentication Bypass
|
17 |
WEB
|
James Burton
|
|
2011-04-27
|
|
Joostina (Multiple Components) - SQL Injection
|
13 |
WEB
|
KedAns-Dz
|
|
2011-04-26
|
|
Football Website Manager 1.1 - SQL Injection / Multiple HTML Injection Vulnerabilities
|
12 |
WEB
|
RoAd_KiLlEr
|
|
2011-04-26
|
|
PHP F1 Max's Photo Album - 'showimage.php' Cross-Site Scripting
|
14 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-26
|
|
phpList 2.10.x - 'email' Cross-Site Scripting
|
14 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-26
|
|
WordPress Plugin WP Ajax Recent Posts 1.0.1 - 'do' Cross-Site Scripting
|
14 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-26
|
|
Noah's Classifieds 5.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities
|
15 |
WEB
|
High-Tech Bridge SA
|
|
2014-12-31
|
|
Social Microblogging PRO 1.5 - Persistent Cross-Site Scripting
|
18 |
WEB
|
Halil Dalabasmaz
|
|
2011-04-26
|
|
html-edit CMS 3.1.x - 'html_output' Cross-Site Scripting
|
15 |
WEB
|
KedAns-Dz
|
|
2011-04-26
|
|
WordPress Plugin Sermon Browser 0.43 - Cross-Site Scripting / SQL Injection
|
16 |
WEB
|
Ma3sTr0-Dz
|
|
2011-04-25
|
|
TemaTres 1.3 - '_search_expresion' Cross-Site Scripting
|
17 |
WEB
|
AutoSec Tools
|
|
2011-04-22
|
|
Nuke Evolution Xtreme 2.0 - Local File Inclusion / SQL Injection
|
20 |
WEB
|
KedAns-Dz
|
|
2011-04-22
|
|
Dolibarr ERP/CRM 3.0 - Local File Inclusion / Cross-Site Scripting
|
17 |
WEB
|
AutoSec Tools
|
|
2011-04-21
|
|
LightNEasy 3.2.3 - 'userhandle' Cookie SQL Injection
|
19 |
WEB
|
AutoSec Tools
|
|
2011-04-22
|
|
todoyu 2.0.8 - 'lang' Cross-Site Scripting
|
12 |
WEB
|
AutoSec Tools
|
|
2011-04-21
|
|
ZenPhoto 1.4.0.3 - '_zp_themeroot' Multiple Cross-Site Scripting Vulnerabilities
|
15 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-21
|
|
SyCtel Design - 'menu' Multiple Local File Inclusions
|
13 |
WEB
|
Ashiyane Digital Security Team
|
|
2011-04-20
|
|
Automagick Tube Script 1.4.4 - 'module' Cross-Site Scripting
|
15 |
WEB
|
Kurd-Team
|
|
2011-04-19
|
|
webSPELL 4.2.2a - Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-19
|
|
ChatLakTurk PHP Botlu Video - 'ara.php' Cross-Site Scripting
|
14 |
WEB
|
kurdish hackers team
|
|
2011-04-19
|
|
Dalbum 1.43 - 'editini.php' Cross-Site Scripting
|
16 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-19
|
|
WordPress Plugin WP-StarsRateBox 1.1 - 'j' SQL Injection
|
13 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-19
|
|
Ultra Marketing Enterprises CMS and Cart - Multiple SQL Injections
|
18 |
WEB
|
eXeSoul
|
|
2011-04-18
|
|
XOOPS 2.5 - 'imagemanager.php' Local File Inclusion
|
16 |
WEB
|
KedAns-Dz
|
|
2011-04-19
|
|
CRESUS - 'recette_detail.php' SQL Injection
|
15 |
WEB
|
GrayHatz Security Group
|
|
2011-04-18
|
|
Joomla! Component com_phocadownload - Local File Inclusion
|
15 |
WEB
|
KedAns-Dz
|
|
2011-04-16
|
|
ChillyCMS 1.2.1 - Multiple Remote File Inclusions
|
14 |
WEB
|
KedAns-Dz
|
|
2014-12-27
|
|
Easy File Sharing Web Server 6.8 - Persistent Cross-Site Scripting
|
15 |
WEB
|
Sick Psycko
|
|
2014-12-27
|
|
PMB 4.1.3 - (Authenticated) SQL Injection
|
17 |
WEB
|
xd4rker dark
|
|
2014-12-27
|
|
phpList 3.0.6/3.0.10 - SQL Injection
|
16 |
WEB
|
Vulnerability-Lab
|
|
2014-12-27
|
|
Pimcore CMS 2.3.0/3.0 - SQL Injection
|
15 |
WEB
|
Vulnerability-Lab
|
|
2011-04-16
|
|
4Images 1.7.9 - Multiple Remote File Inclusions / SQL Injections
|
19 |
WEB
|
KedAns-Dz
|
|
2011-04-15
|
|
PhoenixCMS 1.7 - Local File Inclusion / SQL Injection
|
12 |
WEB
|
KedAns-Dz
|
|
2011-04-15
|
|
RunCMS Module Partners - 'id' SQL Injection
|
16 |
WEB
|
KedAns-Dz
|
|
2011-04-14
|
|
Qianbo Enterprise Web Site Management System - 'Keyword' Cross-Site Scripting
|
13 |
WEB
|
d3c0der
|
|
2011-04-15
|
|
Agahi Advertisement CMS 4.0 - 'view_ad.php' SQL Injection
|
13 |
WEB
|
Sepehr Security Team
|
|
2011-04-14
|
|
PhpAlbum.net 0.4.1-14_fix06 - 'var3' Remote Command Execution
|
14 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-12
|
|
Website Baker 2.8.1 - Multiple SQL Injections
|
17 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-12
|
|
Plogger 1.0 RC1 - 'gallery_name' Cross-Site Scripting
|
11 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-12
|
|
WordPress Theme The Gazette Edition 2.9.4 - Multiple Vulnerabilities
|
18 |
WEB
|
MustLive
|
|
2011-04-12
|
|
WordPress Plugin Spellchecker 3.1 - '/general.php' Local/Remote File Inclusion
|
15 |
WEB
|
Dr Trojan
|
|
2014-12-24
|
|
Lazarus Guestbook 1.22 - Multiple Vulnerabilities
|
20 |
WEB
|
TaurusOmar
|
|
2011-04-09
|
|
eForum 1.1 - 'eforum.php' Arbitrary File Upload
|
13 |
WEB
|
QSecure
|
|
2011-04-11
|
|
WordPress Theme Live Wire 2.3.1 - Multiple Vulnerabilities
|
14 |
WEB
|
MustLive
|
|
2011-04-11
|
|
Etki Video PRO 2.0 - 'kategori.asp?cat' SQL Injection
|
14 |
WEB
|
Kurd-Team
|
|
2011-04-11
|
|
Etki Video PRO 2.0 - 'izle.asp?id' SQL Injection
|
18 |
WEB
|
Kurd-Team
|
|
2011-04-11
|
|
Dimac CMS 1.3 XS - 'default.asp' SQL Injection
|
17 |
WEB
|
KedAns-Dz
|
|
2011-04-08
|
|
1024 CMS 1.1.0 Beta - Multiple Input Validation Vulnerabilities
|
18 |
WEB
|
QSecure & Demetris Papapetrou
|
|
2011-04-07
|
|
eGroupWare 1.8.1 - 'test.php' Cross-Site Scripting
|
15 |
WEB
|
AutoSec Tools
|
|
2014-12-23
|
|
NetIQ Access Manager 4.0 SP1 - Multiple Vulnerabilities
|
17 |
WEB
|
SEC Consult
|
|
2014-12-23
|
|
SysAid Server - Arbitrary File Disclosure
|
14 |
WEB
|
Bernhard Mueller
|
|
2014-12-23
|
|
PHPMyRecipes 1.2.2 - 'browse.php?category' SQL Injection
|
12 |
WEB
|
Manish Tanwar
|
|
2014-12-22
|
|
Lotus Mail Encryption Server 2.1.0.1 (Protector for Mail) - Local File Inclusion / Remote Code Execu
|
18 |
WEB
|
Patrick Webster
|
|
2014-12-19
|
|
Codiad 2.4.3 - Multiple Vulnerabilities
|
16 |
WEB
|
TaurusOmar
|
|
2014-12-19
|
|
GQ File Manager 0.2.5 - Multiple Vulnerabilities
|
14 |
WEB
|
TaurusOmar
|
|
2014-12-19
|
|
Piwigo 2.7.2 - Multiple Vulnerabilities
|
15 |
WEB
|
TaurusOmar
|
|
2014-12-19
|
|
ProjectSend r561 - Multiple Vulnerabilities
|
15 |
WEB
|
TaurusOmar
|
|
2014-12-19
|
|
MiniBB 3.1 - Blind SQL Injection
|
16 |
WEB
|
Kacper Szurek
|
|
2014-12-19
|
|
Cacti Superlinks Plugin 1.4-2 - SQL Injection / Local File Inclusion
|
21 |
WEB
|
Wireghoul
|
|
2011-04-07
|
|
vTiger CRM 5.2.1 - 'vtigerservice.php' Cross-Site Scripting
|
18 |
WEB
|
AutoSec Tools
|
|
2011-04-07
|
|
Omer Portal 3.220060425 - 'arama_islem.asp' Cross-Site Scripting
|
17 |
WEB
|
kurdish hackers team
|
|
2011-04-08
|
|
PrestaShop 1.3.6 - 'cms.php' Remote File Inclusion
|
14 |
WEB
|
KedAns-Dz
|
|
2011-04-08
|
|
vTiger CRM 5.2.1 - 'sortfieldsjson.php' Local File Inclusion
|
16 |
WEB
|
John Leitch
|
|
2011-04-06
|
|
Redmine 1.0.1/1.1.1 - 'projects/hg-hellowword/news/' Cross-Site Scripting
|
16 |
WEB
|
Mesut Timur
|
|
2011-04-06
|
|
TextPattern 4.2 - 'index.php' Cross-Site Scripting
|
12 |
WEB
|
kurdish hackers team
|
|
2011-04-04
|
|
XOOPS 2.5 - 'banners.php' Multiple Local File Inclusions
|
13 |
WEB
|
KedAns-Dz
|
|
2011-04-05
|
|
UseBB 1.0.11 - 'admin.php' Local File Inclusion
|
15 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-05
|
|
Eleanor CMS - Cross-Site Scripting / Multiple SQL Injections
|
12 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-04
|
|
Yaws-Wiki 1.88-1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
|
15 |
WEB
|
Michael Brooks
|
|
2011-04-04
|
|
Gazelle CMS 1.0 - Cross-Site Scripting / SQL Injection
|
12 |
WEB
|
kurdish hackers team
|
|
2011-04-03
|
|
DoceboLms 4.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities
|
18 |
WEB
|
LiquidWorm
|
|
2011-04-03
|
|
WordPress Plugin Placester 0.1 - 'ajax_action' Cross-Site Scripting
|
13 |
WEB
|
John Leitch
|
|
2011-04-04
|
|
WordPress Plugin WPwizz AdWizz Plugin 1.0 - 'link' Cross-Site Scripting
|
14 |
WEB
|
John Leitch
|
|
2011-04-04
|
|
MyBB 1.4/1.6 - Multiple Vulnerabilities
|
19 |
WEB
|
MustLive
|
|
2011-04-04
|
|
PHP-Fusion - 'article_id' SQL Injection
|
16 |
WEB
|
KedAns-Dz
|
|
2014-12-17
|
|
CIK Telecom VoIP Router SVG6000RW - Privilege Escalation / Command Execution
|
18 |
WEB
|
Chako
|
|
2011-04-01
|
|
AWCM 2.x - 'search.php' Cross-Site Scripting
|
16 |
WEB
|
Antu Sanadi
|
|
2014-12-16
|
|
CMS Papoo 6.0.0 Rev. 4701 - Persistent Cross-Site Scripting
|
14 |
WEB
|
Steffen Rösemann
|
|
2011-03-31
|
|
Collabtive 0.6.5 - Multiple Remote Input Validation Vulnerabilities
|
16 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-31
|
|
InTerra Blog Machine 1.84 - 'subject' HTML Injection
|
16 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-30
|
|
ICJobSite 1.1 - 'pid' SQL Injection
|
14 |
WEB
|
RoAd_KiLlEr
|
|
2014-12-15
|
|
WordPress Plugin WP Symposium 14.11 - Arbitrary File Upload
|
13 |
WEB
|
Claudio Viviani
|
|
2014-12-15
|
|
ResourceSpace 6.4.5976 - Cross-Site Scripting / SQL Injection / Insecure Cookie Handling
|
13 |
WEB
|
Adler Freiheit
|
|
2014-12-15
|
|
PHPads 213607 - Authentication Bypass / Password Change
|
16 |
WEB
|
Shaker msallm
|
|
2014-12-15
|
|
WordPress Plugin Download Manager 2.7.4 - Remote Code Execution
|
16 |
WEB
|
Claudio Viviani
|
|
2014-12-15
|
|
Soitec SmartEnergy 1.4 - SCADA Login SQL Injection / Authentication Bypass
|
18 |
WEB
|
LiquidWorm
|
|
2014-12-15
|
|
GLPI 0.85 - Blind SQL Injection
|
15 |
WEB
|
Kacper Szurek
|
|
2011-03-30
|
|
YaCOMAS 0.3.6 OpenCMS - Multiple Cross-Site Scripting Vulnerabilities
|
16 |
WEB
|
Pr@fesOr X
|
|
2011-03-30
|
|
GuppY 4.6.14 - 'lng' Multiple SQL Injections
|
12 |
WEB
|
kurdish hackers team
|
|
2011-03-29
|
|
XOOPS - 'view_photos.php' Cross-Site Scripting
|
12 |
WEB
|
KedAns-Dz
|
|
2011-03-29
|
|
Tracks 1.7.2 - URI Cross-Site Scripting
|
12 |
WEB
|
Mesut Timur
|
|
2011-03-29
|
|
Spitfire 1.0.3x - 'cms_username' Cross-Site Scripting
|
12 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-29
|
|
osCSS 2.1 - Multiple Cross-Site Scripting / Local File Inclusions
|
15 |
WEB
|
AutoSec Tools
|
|
2011-03-28
|
|
Claroline 1.10 - Multiple HTML Injection Vulnerabilities
|
16 |
WEB
|
AutoSec Tools
|
|
2014-12-10
|
|
OpenEMR 4.1.2(7) - Multiple SQL Injections
|
16 |
WEB
|
Portcullis
|
|
2011-03-28
|
|
webEdition CMS 6.1.0.2 - 'DOCUMENT_ROOT' Local File Inclusion
|
14 |
WEB
|
eidelweiss
|
|
2011-03-28
|
|
Alkacon OpenCMS 7.5.x - Multiple Cross-Site Scripting Vulnerabilities
|
12 |
WEB
|
antisnatchor
|
