|
2014-10-14
|
|
PayPal Inc BB #85 MB iOS 4.6 - Authentication Bypass
|
18 |
WEB
|
Vulnerability-Lab
|
|
2014-10-14
|
|
Bosch Security Systems DVR 630/650/670 Series - Multiple Vulnerabilities
|
20 |
WEB
|
dun
|
|
2010-11-05
|
|
Joomla! 1.5.x - SQL Error Information Disclosure
|
22 |
WEB
|
YGN Ethical Hacker Group
|
|
2010-11-02
|
|
Online Work Order Suite - Login SQL Injection
|
22 |
WEB
|
VSN
|
|
2010-11-01
|
|
Douran Portal 3.9.7.55 - Arbitrary File Upload / Cross-Site Scripting
|
22 |
WEB
|
ITSecTeam
|
|
2010-10-30
|
|
CMS WebManager-Pro 7.4.3 - Cross-Site Scripting / SQL Injection
|
20 |
WEB
|
MustLive
|
|
2010-11-01
|
|
WordPress Plugin cformsII 11.5/13.1 - 'lib_ajax.php' Multiple Cross-Site Scripting Vulnerabilities
|
23 |
WEB
|
Wagner Elias
|
|
2010-11-01
|
|
SmartOptimizer - Null Character Remote Information Disclosure
|
24 |
WEB
|
Francois Harvey
|
|
2010-11-01
|
|
Elastix 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
dave b
|
|
2009-05-25
|
|
Intergo Arcade Trade Script 1.0 - 'q' Cross-Site Scripting
|
21 |
WEB
|
SmOk3
|
|
2009-05-29
|
|
212Cafe WebBoard 2.90 Beta - 'view.php' Directory Traversal
|
20 |
WEB
|
MrDoug
|
|
2010-10-27
|
|
W-Agora 4.1.5 - Local File Inclusion / Cross-Site Scripting
|
22 |
WEB
|
MustLive
|
|
2010-10-28
|
|
Feindura CMS Groupware - Multiple Local File Inclusion / Cross-Site Scripting Vulnerabilities
|
20 |
WEB
|
Justanotherhacker.com
|
|
2009-06-03
|
|
i-Gallery 3.4/4.1 - 'streamfile.asp' Multiple Directory Traversal Vulnerabilities
|
23 |
WEB
|
Stefano Angaran
|
|
2010-10-27
|
|
LES PACKS - 'ID' SQL Injection
|
21 |
WEB
|
Cru3l.b0y
|
|
2010-10-27
|
|
Joomla! Component Projects 'com_projects' - SQL Injection / Local File Inclusion
|
20 |
WEB
|
jos_ali_joe
|
|
2009-06-03
|
|
Flatnux 2009-03-27 - Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
intern0t
|
|
2009-06-03
|
|
Sitecore CMS 6.0.0 rev. 090120 - 'default.aspx' Cross-Site Scripting
|
21 |
WEB
|
intern0t
|
|
2014-10-09
|
|
Nessus Web UI 2.3.3 - Persistent Cross-Site Scripting
|
26 |
WEB
|
Frank Lycops
|
|
2014-10-09
|
|
DrayTek VigorACS SI 1.3.0 - Multiple Vulnerabilities
|
25 |
WEB
|
Digital Misfits
|
|
2014-10-09
|
|
BMC Track-It! - Multiple Vulnerabilities
|
22 |
WEB
|
Pedro Ribeiro
|
|
2014-10-08
|
|
WordPress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload
|
23 |
WEB
|
Gianni Angelozzi
|
|
2014-10-07
|
|
HttpCombiner ASP.NET - Remote File Disclosure
|
16 |
WEB
|
Le Ngoc Son
|
|
2009-07-16
|
|
Skybluecanvas 1.1 r237 - 'admin.php' Directory Traversal
|
20 |
WEB
|
MaXe
|
|
2014-10-06
|
|
Ultra Electronics 7.2.0.19/7.4.0.7 - Multiple Vulnerabilities
|
24 |
WEB
|
OSI Security
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/webseal?method' Cross-Site Scripting
|
19 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/user?method' Cross-Site Scripting
|
20 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/rule?method' Cross-Site Scripting
|
21 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/pop?method' Cross-Site Scripting
|
26 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/os?method' Cross-Site Scripting
|
18 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/gsogroup?method' Cross-Site Scripting
|
21 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/gso?method' Cross-Site Scripting
|
26 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/group?method' Cross-Site Scripting
|
20 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/domain?method' Cross-Site Scripting
|
26 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ibm/wpm/acl?method' Cross-Site Scripting
|
26 |
WEB
|
IBM
|
|
2010-10-22
|
|
IBM Tivoli Access Manager for E-Business - '/ivt/ivtserver?parm1' Cross-Site Scripting
|
21 |
WEB
|
IBM
|
|
2010-10-22
|
|
W-Agora 4.2.1 - 'search.php?bn' Cross-Site Scripting
|
18 |
WEB
|
MustLive
|
|
2010-10-22
|
|
W-Agora 4.2.1 - 'search.php3?bn' Traversal Local File Inclusion
|
23 |
WEB
|
MustLive
|
|
2009-08-24
|
|
Radvision Scopia - '/entry/index.jsp' Cross-Site Scripting
|
20 |
WEB
|
Francesco Bianchino
|
|
2009-08-20
|
|
PHP Scripts Now Riddles - '/riddles/list.php?catid' SQL Injection
|
24 |
WEB
|
Moudi
|
|
2009-08-20
|
|
PHP Scripts Now Riddles - '/riddles/results.php?searchQuery' Cross-Site Scripting
|
21 |
WEB
|
Moudi
|
|
2014-10-06
|
|
Bash CGI - 'Shellshock' Remote Command Injection (Metasploit)
|
24 |
WEB
|
Fady Mohammed Osman
|
|
2009-07-20
|
|
PHP Scripts Now (Multiple Products) - 'bios.php?rank' SQL Injection
|
21 |
WEB
|
599eme Man
|
|
2009-07-20
|
|
PHP Scripts Now (Multiple Products) - 'bios.php?rank' Cross-Site Scripting
|
24 |
WEB
|
599eme Man
|
|
2010-10-21
|
|
pecio CMS 2.0.5 - 'target' Cross-Site Scripting
|
18 |
WEB
|
Antu Sanadi
|
|
2010-10-21
|
|
Micro CMS 1.0 - 'name' HTML Injection (2)
|
22 |
WEB
|
SecPod Research
|
|
2010-10-21
|
|
Wiccle Web Builder 2.0 - Multiple Cross-Site Scripting Vulnerabilities
|
28 |
WEB
|
Veerendra G.G
|
|
2009-08-19
|
|
UloKI PHP Forum 2.1 - 'search.php' Cross-Site Scripting
|
23 |
WEB
|
Moudi
|
|
2009-08-26
|
|
JCE-Tech PHP Video Script - 'index.php' Cross-Site Scripting
|
24 |
WEB
|
Moudi
|
|
2009-08-26
|
|
Auction RSS Content Script - 'search.php?id' Cross-Site Scripting
|
24 |
WEB
|
Moudi
|
|
2009-08-26
|
|
Auction RSS Content Script - 'rss.php?id' Cross-Site Scripting
|
19 |
WEB
|
Moudi
|
|
2009-08-26
|
|
JCE-Tech SearchFeed Script - 'index.php' Cross-Site Scripting
|
22 |
WEB
|
Moudi
|
|
2010-10-19
|
|
4Site CMS 2.6 - 'cat' SQL Injection
|
26 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-19
|
|
sNews 1.7 - 'snews.php' Cross-Site Scripting / HTML Injection
|
20 |
WEB
|
High-Tech Bridge SA
|
|
2009-08-27
|
|
StandAloneArcade 1.1 - 'gamelist.php' Cross-Site Scripting
|
20 |
WEB
|
Moudi
|
|
2009-08-26
|
|
DigiOz Guestbook 1.7.2 - 'search.php' Cross-Site Scripting
|
23 |
WEB
|
Moudi
|
|
2009-08-27
|
|
E-Gold Game Series: Pirates of The Caribbean - Multiple SQL Injections
|
20 |
WEB
|
Moudi
|
|
2009-08-28
|
|
QuarkMail - 'tf' Directory Traversal
|
24 |
WEB
|
Securitylab.ir
|
|
2009-10-15
|
|
Skybluecanvas 1.1 r237 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
MaXe
|
|
2009-08-27
|
|
Wap-motor - 'image' Directory Traversal
|
19 |
WEB
|
Inj3ct0r
|
|
2009-07-15
|
|
eCardMAX FormXP - 'survey_result.php' Cross-Site Scripting
|
24 |
WEB
|
Moudi
|
|
2014-10-02
|
|
Moab < 7.2.9 - Authentication Bypass
|
26 |
WEB
|
MWR InfoSecurity
|
|
2014-10-02
|
|
Epicor Enterprise 7.4 - Multiple Vulnerabilities
|
23 |
WEB
|
Fara Rustein
|
|
2014-10-02
|
|
TestLink 1.9.11 - Multiple SQL Injections
|
21 |
WEB
|
Portcullis
|
|
2014-10-02
|
|
PHPCompta/NOALYSS 6.7.1 5638 - Remote Command Execution
|
22 |
WEB
|
Portcullis
|
|
2014-10-02
|
|
RBS Change Complet Open Source 3.6.8 - Cross-Site Request Forgery
|
21 |
WEB
|
Krusty Hack
|
|
2014-10-02
|
|
WordPress Plugin All In One WP Security & Firewall 3.8.3 - Persistent Cross-Site Scripting
|
19 |
WEB
|
Vulnerability-Lab
|
|
2014-10-02
|
|
Rejetto HTTP File Server (HFS) 2.3a/2.3b/2.3c - Remote Command Execution
|
19 |
WEB
|
Daniele Linguaglossa
|
|
2014-10-02
|
|
Bacula-Web 5.2.10 - 'joblogs.php?jobid' SQL Injection
|
24 |
WEB
|
wishnusakti
|
|
2010-10-15
|
|
eXV2 CMS - Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
LiquidWorm
|
|
2010-01-19
|
|
AdvertisementManager 3.1 - 'req' Local/Remote File Inclusion
|
21 |
WEB
|
indoushka
|
|
2009-08-07
|
|
PHP Easy Shopping Cart 3.1R - 'subitems.php' Cross-Site Scripting
|
21 |
WEB
|
Moudi
|
|
2009-08-07
|
|
PHP Photo Vote 1.3F - 'page' Cross-Site Scripting
|
20 |
WEB
|
Moudi
|
|
2010-10-14
|
|
TWiki 5.0 - bin/login Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
DOUHINE Davy
|
|
2010-10-14
|
|
TWiki 5.0 - '/bin/view?rev' Cross-Site Scripting
|
22 |
WEB
|
DOUHINE Davy
|
|
2010-10-13
|
|
PluXml 5.0.1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
|
23 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-13
|
|
Ronny CMS 1.1 r935 - Multiple HTML Injection Vulnerabilities
|
21 |
WEB
|
High-Tech Bridge SA
|
|
2014-10-01
|
|
IPFire - CGI Web Interface (Authenticated) Bash Environment Variable Code Injection
|
20 |
WEB
|
Claudio Viviani
|
|
2010-10-13
|
|
Joomla! Component Jstore - 'Controller' Local File Inclusion
|
21 |
WEB
|
jos_ali_joe
|
|
2010-10-12
|
|
Oracle Fusion Middleware 10.1.2/10.1.3 - BPEL Console Cross-Site Scripting
|
19 |
WEB
|
Alexander Polyakov
|
|
2010-10-11
|
|
Joomla! / Mambo Component com_trade - 'PID' Cross-Site Scripting
|
18 |
WEB
|
FL0RiX
|
|
2010-10-06
|
|
Backbone Technology Expression 18.9.2010 - Cross-Site Scripting
|
20 |
WEB
|
High-Tech Bridge SA
|
|
2009-06-15
|
|
Recipe Script 5.0 - 'First Name' HTML Injection
|
18 |
WEB
|
ThE g0bL!N
|
|
2010-10-08
|
|
OPEN IT OverLook 5 - 'title.php' Cross-Site Scripting
|
18 |
WEB
|
Anatolia Security
|
|
2009-06-22
|
|
Curverider Elgg 1.0 - Templates HTML Injection
|
22 |
WEB
|
lorddemon
|
|
2010-10-08
|
|
Lantern CMS - '11-login.asp' Cross-Site Scripting
|
19 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-06
|
|
Joomla! Component Club Manager - 'cm_id' SQL Injection
|
22 |
WEB
|
FL0RiX
|
|
2014-09-29
|
|
OpenFiler 2.99.1 - Cross-Site Request Forgery
|
23 |
WEB
|
Dolev Farhi
|
|
2014-09-29
|
|
Microsoft Exchange - IIS HTTP Internal IP Address Disclosure (Metasploit)
|
24 |
WEB
|
Nate Power
|
|
2014-09-29
|
|
GS Foto Uebertraeger 3.0 iOS - Local File Inclusion
|
22 |
WEB
|
Vulnerability-Lab
|
|
2010-10-05
|
|
SquirrelMail Virtual Keyboard Plugin - 'vkeyboard.php' Cross-Site Scripting
|
20 |
WEB
|
Moritz Naumann
|
|
2010-10-05
|
|
Elxis 2009.2 rev2631 - SQL Injection
|
20 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-04
|
|
Docebo 3.6 - 'description' Cross-Site Scripting
|
22 |
WEB
|
High-Tech Bridge SA
|
|
2009-07-08
|
|
Linea21 1.2.1 - 'search' Cross-Site Scripting
|
19 |
WEB
|
599eme Man
|
|
2009-07-07
|
|
Tausch Ticket Script 3 - 'vote.php?descr' SQL Injection
|
21 |
WEB
|
Moudi
|
|
2009-07-07
|
|
Tausch Ticket Script 3 - 'suchauftraege_user.php?userid' SQL Injection
|
20 |
WEB
|
Moudi
|
|
2009-07-08
|
|
Rapidsendit Clone Script - 'admin.php' Insecure Cookie Authentication Bypass
|
22 |
WEB
|
NoGe
|
|
2009-07-08
|
|
JNM Solutions DB Top Sites 1.0 - 'vote.php' Cross-Site Scripting
|
23 |
WEB
|
Moudi
|
|
2009-07-09
|
|
JNM Guestbook 3.0 - 'index.php' Cross-Site Scripting
|
23 |
WEB
|
Moudi
|
|
2009-07-09
|
|
StatsCode - Multiple Cross-Site Scripting Vulnerabilities
|
20 |
WEB
|
599eme Man
|
|
2009-07-07
|
|
Rentventory - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
599eme Man
|
|
2009-07-09
|
|
Online Guestbook Pro 5.1 - 'ogp_show.php' Cross-Site Scripting
|
23 |
WEB
|
Moudi
|
|
2014-09-27
|
|
Typo3 Extension JobControl 2.14.0 - Cross-Site Scripting / SQL Injection
|
22 |
WEB
|
Adler Freiheit
|
|
2010-10-04
|
|
ITS SCADA - 'Username' SQL Injection
|
21 |
WEB
|
Eugene Salov
|
|
2010-10-04
|
|
Surgemail SurgeWeb 4.3e - Cross-Site Scripting
|
19 |
WEB
|
Kerem Kocaer
|
|
2009-07-09
|
|
WebAsyst Shop-Script - 'index.php' Cross-Site Scripting
|
19 |
WEB
|
Vrs-hCk
|
|
2010-10-01
|
|
Intellicom Netbiter webSCADA Products - 'read.cgi' Multiple Remote Security Vulnerabilities
|
21 |
WEB
|
Eugene Salov
|
|
2009-07-13
|
|
Top Paidmailer - 'home.php' Remote File Inclusion
|
22 |
WEB
|
Moudi
|
|
2009-07-07
|
|
Swinger Club Portal - 'start.php?go' Remote File Inclusion
|
23 |
WEB
|
Moudi
|
|
2009-07-07
|
|
Swinger Club Portal - 'start.php?id' SQL Injection
|
17 |
WEB
|
Moudi
|
|
2010-09-29
|
|
Pluck CMS 4.6.3 - 'cont1' HTML Injection
|
20 |
WEB
|
High-Tech Bridge SA
|
|
2010-09-29
|
|
Getsimple CMS 2.01 - 'changedata.php' Cross-Site Scripting
|
19 |
WEB
|
High-Tech Bridge SA
|
|
2010-09-29
|
|
MODx manager - '/controllers/default/resource/tvs.php?class_key' Traversal Local File Inclusion
|
17 |
WEB
|
John Leitch
|
|
2010-09-29
|
|
MODx 2.0.2-pl - '/manager/index.php?modahsh' Cross-Site Scripting
|
20 |
WEB
|
John Leitch
|
|
2009-07-14
|
|
eCardMAX - Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
Moudi
|
|
2010-09-28
|
|
PHPMyFAQ 2.6.x - 'index.php' Cross-Site Scripting
|
20 |
WEB
|
Yam Mesicka
|
|
2010-09-28
|
|
Micro CMS 1.0 - 'name' HTML Injection (1)
|
23 |
WEB
|
Veerendra G.G
|
|
2009-07-16
|
|
Scriptsez Ultimate Poll - 'demo_page.php' Cross-Site Scripting
|
19 |
WEB
|
Moudi
|
|
2010-09-27
|
|
NetArt Media Car Portal 2.0 - 'car' SQL Injection
|
22 |
WEB
|
RoAd_KiLlEr
|
|
2014-09-25
|
|
WordPress Plugin All In One WP Security 3.8.2 - SQL Injection
|
29 |
WEB
|
High-Tech Bridge SA
|
|
2014-09-25
|
|
Nucom ADSL ADSLR5000UN - ISP Credentials Disclosure
|
30 |
WEB
|
Sebastián Magof
|
|
2009-08-21
|
|
HotScripts Type PHP Clone Script - 'lostpassword.php?msg' Cross-Site Scripting
|
23 |
WEB
|
Moudi
|
|
2009-08-21
|
|
HotScripts Type PHP Clone Script - 'index.php?msg' Cross-Site Scripting
|
21 |
WEB
|
Moudi
|
|
2009-08-21
|
|
HotScripts Type PHP Clone Script - 'feedback.php?msg' Cross-Site Scripting
|
22 |
WEB
|
Moudi
|
|
2010-09-27
|
|
Horde IMP Webmail 4.3.7 - 'fetchmailprefs.php' HTML Injection
|
20 |
WEB
|
Moritz Naumann
|
