|
2014-10-02
|
|
TestLink 1.9.11 - Multiple SQL Injections
|
9 |
WEB
|
Portcullis
|
|
2014-10-02
|
|
PHPCompta/NOALYSS 6.7.1 5638 - Remote Command Execution
|
9 |
WEB
|
Portcullis
|
|
2014-10-02
|
|
RBS Change Complet Open Source 3.6.8 - Cross-Site Request Forgery
|
9 |
WEB
|
Krusty Hack
|
|
2014-10-02
|
|
WordPress Plugin All In One WP Security & Firewall 3.8.3 - Persistent Cross-Site Scripting
|
7 |
WEB
|
Vulnerability-Lab
|
|
2014-10-02
|
|
Rejetto HTTP File Server (HFS) 2.3a/2.3b/2.3c - Remote Command Execution
|
6 |
WEB
|
Daniele Linguaglossa
|
|
2014-10-02
|
|
Bacula-Web 5.2.10 - 'joblogs.php?jobid' SQL Injection
|
8 |
WEB
|
wishnusakti
|
|
2010-10-15
|
|
eXV2 CMS - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
LiquidWorm
|
|
2010-01-19
|
|
AdvertisementManager 3.1 - 'req' Local/Remote File Inclusion
|
6 |
WEB
|
indoushka
|
|
2009-08-07
|
|
PHP Easy Shopping Cart 3.1R - 'subitems.php' Cross-Site Scripting
|
8 |
WEB
|
Moudi
|
|
2009-08-07
|
|
PHP Photo Vote 1.3F - 'page' Cross-Site Scripting
|
7 |
WEB
|
Moudi
|
|
2010-10-14
|
|
TWiki 5.0 - bin/login Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
DOUHINE Davy
|
|
2010-10-14
|
|
TWiki 5.0 - '/bin/view?rev' Cross-Site Scripting
|
8 |
WEB
|
DOUHINE Davy
|
|
2010-10-13
|
|
PluXml 5.0.1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
|
7 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-13
|
|
Ronny CMS 1.1 r935 - Multiple HTML Injection Vulnerabilities
|
7 |
WEB
|
High-Tech Bridge SA
|
|
2014-10-01
|
|
IPFire - CGI Web Interface (Authenticated) Bash Environment Variable Code Injection
|
8 |
WEB
|
Claudio Viviani
|
|
2010-10-13
|
|
Joomla! Component Jstore - 'Controller' Local File Inclusion
|
8 |
WEB
|
jos_ali_joe
|
|
2010-10-12
|
|
Oracle Fusion Middleware 10.1.2/10.1.3 - BPEL Console Cross-Site Scripting
|
7 |
WEB
|
Alexander Polyakov
|
|
2010-10-11
|
|
Joomla! / Mambo Component com_trade - 'PID' Cross-Site Scripting
|
6 |
WEB
|
FL0RiX
|
|
2010-10-06
|
|
Backbone Technology Expression 18.9.2010 - Cross-Site Scripting
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2009-06-15
|
|
Recipe Script 5.0 - 'First Name' HTML Injection
|
6 |
WEB
|
ThE g0bL!N
|
|
2010-10-08
|
|
OPEN IT OverLook 5 - 'title.php' Cross-Site Scripting
|
8 |
WEB
|
Anatolia Security
|
|
2009-06-22
|
|
Curverider Elgg 1.0 - Templates HTML Injection
|
9 |
WEB
|
lorddemon
|
|
2010-10-08
|
|
Lantern CMS - '11-login.asp' Cross-Site Scripting
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-06
|
|
Joomla! Component Club Manager - 'cm_id' SQL Injection
|
8 |
WEB
|
FL0RiX
|
|
2014-09-29
|
|
OpenFiler 2.99.1 - Cross-Site Request Forgery
|
8 |
WEB
|
Dolev Farhi
|
|
2014-09-29
|
|
Microsoft Exchange - IIS HTTP Internal IP Address Disclosure (Metasploit)
|
8 |
WEB
|
Nate Power
|
|
2014-09-29
|
|
GS Foto Uebertraeger 3.0 iOS - Local File Inclusion
|
7 |
WEB
|
Vulnerability-Lab
|
|
2010-10-05
|
|
SquirrelMail Virtual Keyboard Plugin - 'vkeyboard.php' Cross-Site Scripting
|
8 |
WEB
|
Moritz Naumann
|
|
2010-10-05
|
|
Elxis 2009.2 rev2631 - SQL Injection
|
7 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-04
|
|
Docebo 3.6 - 'description' Cross-Site Scripting
|
7 |
WEB
|
High-Tech Bridge SA
|
|
2009-07-08
|
|
Linea21 1.2.1 - 'search' Cross-Site Scripting
|
7 |
WEB
|
599eme Man
|
|
2009-07-07
|
|
Tausch Ticket Script 3 - 'vote.php?descr' SQL Injection
|
8 |
WEB
|
Moudi
|
|
2009-07-07
|
|
Tausch Ticket Script 3 - 'suchauftraege_user.php?userid' SQL Injection
|
8 |
WEB
|
Moudi
|
|
2009-07-08
|
|
Rapidsendit Clone Script - 'admin.php' Insecure Cookie Authentication Bypass
|
7 |
WEB
|
NoGe
|
|
2009-07-08
|
|
JNM Solutions DB Top Sites 1.0 - 'vote.php' Cross-Site Scripting
|
7 |
WEB
|
Moudi
|
|
2009-07-09
|
|
JNM Guestbook 3.0 - 'index.php' Cross-Site Scripting
|
8 |
WEB
|
Moudi
|
|
2009-07-09
|
|
StatsCode - Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
599eme Man
|
|
2009-07-07
|
|
Rentventory - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
599eme Man
|
|
2009-07-09
|
|
Online Guestbook Pro 5.1 - 'ogp_show.php' Cross-Site Scripting
|
7 |
WEB
|
Moudi
|
|
2014-09-27
|
|
Typo3 Extension JobControl 2.14.0 - Cross-Site Scripting / SQL Injection
|
8 |
WEB
|
Adler Freiheit
|
|
2010-10-04
|
|
ITS SCADA - 'Username' SQL Injection
|
7 |
WEB
|
Eugene Salov
|
|
2010-10-04
|
|
Surgemail SurgeWeb 4.3e - Cross-Site Scripting
|
7 |
WEB
|
Kerem Kocaer
|
|
2009-07-09
|
|
WebAsyst Shop-Script - 'index.php' Cross-Site Scripting
|
8 |
WEB
|
Vrs-hCk
|
|
2010-10-01
|
|
Intellicom Netbiter webSCADA Products - 'read.cgi' Multiple Remote Security Vulnerabilities
|
6 |
WEB
|
Eugene Salov
|
|
2009-07-13
|
|
Top Paidmailer - 'home.php' Remote File Inclusion
|
8 |
WEB
|
Moudi
|
|
2009-07-07
|
|
Swinger Club Portal - 'start.php?go' Remote File Inclusion
|
9 |
WEB
|
Moudi
|
|
2009-07-07
|
|
Swinger Club Portal - 'start.php?id' SQL Injection
|
6 |
WEB
|
Moudi
|
|
2010-09-29
|
|
Pluck CMS 4.6.3 - 'cont1' HTML Injection
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2010-09-29
|
|
Getsimple CMS 2.01 - 'changedata.php' Cross-Site Scripting
|
6 |
WEB
|
High-Tech Bridge SA
|
|
2010-09-29
|
|
MODx manager - '/controllers/default/resource/tvs.php?class_key' Traversal Local File Inclusion
|
6 |
WEB
|
John Leitch
|
|
2010-09-29
|
|
MODx 2.0.2-pl - '/manager/index.php?modahsh' Cross-Site Scripting
|
6 |
WEB
|
John Leitch
|
|
2009-07-14
|
|
eCardMAX - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Moudi
|
|
2010-09-28
|
|
PHPMyFAQ 2.6.x - 'index.php' Cross-Site Scripting
|
8 |
WEB
|
Yam Mesicka
|
|
2010-09-28
|
|
Micro CMS 1.0 - 'name' HTML Injection (1)
|
6 |
WEB
|
Veerendra G.G
|
|
2009-07-16
|
|
Scriptsez Ultimate Poll - 'demo_page.php' Cross-Site Scripting
|
7 |
WEB
|
Moudi
|
|
2010-09-27
|
|
NetArt Media Car Portal 2.0 - 'car' SQL Injection
|
7 |
WEB
|
RoAd_KiLlEr
|
|
2014-09-25
|
|
WordPress Plugin All In One WP Security 3.8.2 - SQL Injection
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2014-09-25
|
|
Nucom ADSL ADSLR5000UN - ISP Credentials Disclosure
|
11 |
WEB
|
Sebastián Magof
|
|
2009-08-21
|
|
HotScripts Type PHP Clone Script - 'lostpassword.php?msg' Cross-Site Scripting
|
8 |
WEB
|
Moudi
|
|
2009-08-21
|
|
HotScripts Type PHP Clone Script - 'index.php?msg' Cross-Site Scripting
|
7 |
WEB
|
Moudi
|
|
2009-08-21
|
|
HotScripts Type PHP Clone Script - 'feedback.php?msg' Cross-Site Scripting
|
8 |
WEB
|
Moudi
|
|
2010-09-27
|
|
Horde IMP Webmail 4.3.7 - 'fetchmailprefs.php' HTML Injection
|
8 |
WEB
|
Moritz Naumann
|
|
2009-07-17
|
|
Honest Traffic - 'msg' Cross-Site Scripting
|
7 |
WEB
|
Moudi
|
|
2009-07-21
|
|
PHP Scripts Now Hangman - 'index.php?letters' Cross-Site Scripting
|
7 |
WEB
|
Moudi
|
|
2009-07-21
|
|
PHP Scripts Now Hangman - 'index.php?n' SQL Injection
|
7 |
WEB
|
Moudi
|
|
2010-09-27
|
|
MySITE - SQL Injection / Cross-Site Scripting
|
7 |
WEB
|
MustLive
|
|
2014-09-25
|
|
Cart Engine 3.0 - Multiple Vulnerabilities
|
6 |
WEB
|
Quantum Leap
|
|
2014-09-25
|
|
OSClass 3.4.1 - 'index.php' Local File Inclusion
|
6 |
WEB
|
Netsparker
|
|
2014-09-25
|
|
WordPress Plugin Login Widget With ShortCode 3.1.1 - Multiple Vulnerabilities
|
6 |
WEB
|
dxw
|
|
2014-09-24
|
|
webEdition 6.3.8.0 (SVN-Revision: 6985) - Directory Traversal
|
6 |
WEB
|
High-Tech Bridge SA
|
|
2014-09-24
|
|
Restaurant Script (PizzaInn Project) - Persistent Cross-Site Scripting
|
7 |
WEB
|
Kenneth F. Belva
|
|
2014-09-24
|
|
Glype 1.4.9 - Local Address Filter Bypass
|
6 |
WEB
|
Securify
|
|
2014-09-24
|
|
Glype 1.4.9 - Cookie Injection Directory Traversal Local File Inclusion
|
6 |
WEB
|
Securify
|
|
2014-09-24
|
|
Joomla! Component com_macgallery 1.5 - Arbitrary File Download
|
6 |
WEB
|
Claudio Viviani
|
|
2014-09-24
|
|
Joomla! Component com_facegallery 1.0 - Multiple Vulnerabilities
|
7 |
WEB
|
Claudio Viviani
|
|
2014-09-24
|
|
Onlineon E-Ticaret - Database Disclosure
|
6 |
WEB
|
ZoRLu
|
|
2014-09-24
|
|
ZYXEL Prestig P-660HNU-T1 - ISP Credentials Disclosure
|
7 |
WEB
|
Sebastián Magof
|
|
2009-07-21
|
|
CJ Dynamic Poll Pro 2.0 - 'admin_index.php' Cross-Site Scripting
|
6 |
WEB
|
Moudi
|
|
2009-07-21
|
|
Classified Linktrader Script - 'addlink.php' SQL Injection
|
6 |
WEB
|
Moudi
|
|
2014-09-23
|
|
LittleSite 0.1 - 'index.php' Local File Inclusion
|
6 |
WEB
|
Eolas_Gadai
|
|
2009-07-20
|
|
Web TV - 'chn' Cross-Site Scripting
|
6 |
WEB
|
Moudi
|
|
2009-07-20
|
|
YourFreeWorld Ultra Classifieds - 'subclass.php?cname' Cross-Site Scripting
|
6 |
WEB
|
Moudi
|
|
2009-07-20
|
|
YourFreeWorld Ultra Classifieds - 'listads.php' Multiple Cross-Site Scripting Vulnerabilities
|
6 |
WEB
|
Moudi
|
|
2009-07-20
|
|
Proxy List Script - 'index.php' Cross-Site Scripting
|
6 |
WEB
|
Moudi
|
|
2009-07-20
|
|
MyWeight 1.0 - 'user_login.php' Multiple Cross-Site Scripting Vulnerabilities
|
6 |
WEB
|
Moudi
|
|
2009-07-20
|
|
MyWeight 1.0 - 'user_forgot_pwd_form.php?info' Cross-Site Scripting
|
6 |
WEB
|
Moudi
|
|
2009-07-20
|
|
MyWeight 1.0 - 'user_addfood.php?date' Cross-Site Scripting
|
6 |
WEB
|
Moudi
|
|
2009-07-20
|
|
GejoSoft Image Hosting Community - Cross-Site Scripting
|
7 |
WEB
|
Moudi
|
|
2009-07-20
|
|
EZodiak - 'index.php' Cross-Site Scripting
|
6 |
WEB
|
Moudi
|
|
2009-08-20
|
|
EZArticles - 'articles.php' Cross-Site Scripting
|
6 |
WEB
|
Moudi
|
|
2009-07-20
|
|
DragDropCart - 'productdetail.php?product' Cross-Site Scripting
|
6 |
WEB
|
Moudi
|
|
2009-07-20
|
|
DragDropCart - 'login.php?redirect' Cross-Site Scripting
|
6 |
WEB
|
Moudi
|
|
2009-07-20
|
|
DragDropCart - 'search.php?search' Cross-Site Scripting
|
6 |
WEB
|
Moudi
|
|
2009-07-20
|
|
DragDropCart - 'index.php?search' Cross-Site Scripting
|
7 |
WEB
|
Moudi
|
|
2009-07-20
|
|
DragDropCart - '/includes/ajax/getstate.php?prefix' Cross-Site Scripting
|
8 |
WEB
|
Moudi
|
|
2009-07-20
|
|
DragDropCart - '/assets/js/ddcart.php?sid' Cross-Site Scripting
|
9 |
WEB
|
Moudi
|
|
2014-09-20
|
|
ClassApps SelectSurvey.net - Multiple SQL Injections
|
9 |
WEB
|
BillV-Lists
|
|
2014-09-20
|
|
Livefyre LiveComments Plugin - Persistent Cross-Site Scripting
|
7 |
WEB
|
Brij Kishore Mishra
|
|
2014-09-20
|
|
M/Monit 3.3.2 - Cross-Site Request Forgery
|
6 |
WEB
|
Dolev Farhi
|
|
2014-09-20
|
|
vBulletin 4.x Verify Email Before Registration Plugin - SQL Injection
|
9 |
WEB
|
Dave
|
|
2009-07-20
|
|
AdQuick - 'account.php' Cross-Site Scripting
|
8 |
WEB
|
Moudi
|
|
2009-08-17
|
|
Freelancers - 'post_resume.php?jobid' Cross-Site Scripting
|
8 |
WEB
|
Moudi
|
|
2009-08-17
|
|
Freelancers - 'placebid.php?id' Cross-Site Scripting
|
6 |
WEB
|
Moudi
|
|
2009-07-20
|
|
Freewebscriptz HUBScript - 'single_winner1.php' Cross-Site Scripting
|
7 |
WEB
|
Moudi
|
|
2009-08-21
|
|
Paypal Shopping Cart Script - 'index.php?cid' SQL Injection
|
8 |
WEB
|
599eme Man
|
|
2009-08-21
|
|
Paypal Shopping Cart Script - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
599eme Man
|
|
2009-07-20
|
|
Astrology - 'celebrities.php' Cross-Site Scripting
|
8 |
WEB
|
Moudi
|
|
2010-09-23
|
|
Joomla! Component com_tax - 'eid' SQL Injection
|
9 |
WEB
|
FL0RiX
|
|
2009-08-17
|
|
RadAFFILIATE Links - 'index.php' Cross-Site Scripting
|
8 |
WEB
|
Moudi
|
|
2009-07-21
|
|
MyDLstore Meta Search Engine Script 1.0 - 'url' Remote File Inclusion
|
7 |
WEB
|
Moudi
|
|
2009-07-21
|
|
APBook 1.3 - Admin Login Multiple SQL Injections
|
9 |
WEB
|
n3w7u
|
|
2009-07-21
|
|
MyDLstore Pixel Ad Script - 'payment.php' Cross-Site Scripting
|
8 |
WEB
|
Moudi
|
|
2009-07-24
|
|
Million Dollar Pixel Ads - Cross-Site Scripting / SQL Injection
|
8 |
WEB
|
Moudi
|
|
2009-07-24
|
|
TurnkeySetup Net Marketing 6.0 - 'faqs.php' Cross-Site Scripting
|
8 |
WEB
|
Moudi
|
|
2009-07-24
|
|
SkaLinks 1.5 - 'cat' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Moudi
|
|
2009-07-24
|
|
WebShop Hun 1.062s - '/index.php' Local File Inclusion / Cross-Site Scripting
|
7 |
WEB
|
u.f.
|
|
2010-09-23
|
|
OpenText LiveLink 9.7.1 - Multiple Cross-Site Scripting Vulnerabilities
|
6 |
WEB
|
Alejandro Ramos
|
|
2009-07-24
|
|
Clipbucket 1.7.1 - Multiple SQL Injections
|
7 |
WEB
|
Qabandi
|
|
2009-08-27
|
|
Free Arcade Script 1.0 - 'search' Cross-Site Scripting
|
8 |
WEB
|
599eme Man
|
|
2009-07-27
|
|
WebAsyst Shop-Script PREMIUM - 'SearchString' Cross-Site Scripting
|
8 |
WEB
|
u.f.
|
|
2010-09-21
|
|
@Mail 6.1.9 - 'MailType' Cross-Site Scripting
|
9 |
WEB
|
Vicente Aguilera Diaz
|
|
2009-08-27
|
|
Smart Magician Blog 1.0 - Multiple SQL Injections
|
7 |
WEB
|
Evil-Cod3r
|
|
2009-07-27
|
|
Basilic 1.5.13 - 'index.php' Cross-Site Scripting
|
8 |
WEB
|
PLATEN
|
|
2009-08-27
|
|
Smart ASP Survey - 'catid' SQL Injection
|
8 |
WEB
|
Moudi
|
|
2010-09-20
|
|
Joomla! Component com_spain - 'nv' SQL Injection
|
7 |
WEB
|
FL0RiX
|
