|
2010-08-23
|
|
Auto CMS 1.6 - 'autocms.php' Cross-Site Scripting
|
15 |
WEB
|
High-Tech Bridge SA
|
|
2010-08-25
|
|
BlastChat Client 3.3 - Cross-Site Scripting
|
16 |
WEB
|
Aung Khant
|
|
2010-08-25
|
|
Acunetix Web Vulnerability Scanner - DLL Loading Arbitrary Code Execution
|
14 |
WEB
|
Kolor
|
|
2014-09-03
|
|
vBulletin 4.0.x < 4.1.2 - 'search.php?cat' SQL Injection
|
14 |
WEB
|
D35m0nd142
|
|
2014-09-02
|
|
Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting
|
15 |
WEB
|
Dolev Farhi
|
|
2014-09-02
|
|
WordPress Plugin Huge-IT Image Gallery 1.0.1 - (Authenticated) SQL Injection
|
17 |
WEB
|
Claudio Viviani
|
|
2014-09-01
|
|
ManageEngine EventLog Analyzer - Multiple Vulnerabilities (1)
|
14 |
WEB
|
Hans-Martin Muench
|
|
2014-09-01
|
|
ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution
|
11 |
WEB
|
Pedro Ribeiro
|
|
2014-09-01
|
|
WordPress Plugin Slideshow Gallery 1.4.6 - Arbitrary File Upload
|
11 |
WEB
|
Jesus Ramirez Pichardo
|
|
2014-09-01
|
|
Arachni Web Application Scanner Web UI - Persistent Cross-Site Scripting
|
14 |
WEB
|
Prakhar Prasad
|
|
2014-09-01
|
|
Mulitple WordPress Themes - 'admin-ajax.php?img' Arbitrary File Download
|
16 |
WEB
|
Hugo Santiago
|
|
2010-08-23
|
|
AneCMS 1.0/1.3 - 'register/next' SQL Injection
|
14 |
WEB
|
Sweet
|
|
2010-08-19
|
|
Cacti 0.8.7 (RedHat High Performance Computing [HPC]) - 'utilities.php?Filter' Cross-Site Scripting
|
16 |
WEB
|
Marc Schoenefeld
|
|
2010-08-19
|
|
Syntax Highlighter 3.0.83 - 'index.html' HTML Injection
|
13 |
WEB
|
indoushka
|
|
2009-08-10
|
|
Hitron Soft Answer Me - 'answers.php' Cross-Site Scripting
|
12 |
WEB
|
Moudi
|
|
2009-08-10
|
|
ViArt Helpdesk - 'products_search.php?search_category_id' Cross-Site Scripting
|
15 |
WEB
|
Moudi
|
|
2009-08-10
|
|
ViArt Helpdesk - 'forum.php?forum_id' Cross-Site Scripting
|
14 |
WEB
|
Moudi
|
|
2009-08-10
|
|
ViArt Helpdesk - 'reviews.php?category_id' Cross-Site Scripting
|
15 |
WEB
|
Moudi
|
|
2009-08-10
|
|
ViArt Helpdesk - 'product_details.php?category_id' Cross-Site Scripting
|
15 |
WEB
|
Moudi
|
|
2009-08-10
|
|
ViArt Helpdesk - 'article.php?category_id' Cross-Site Scripting
|
15 |
WEB
|
Moudi
|
|
2009-08-10
|
|
ViArt Helpdesk - 'products.php?category_id' Cross-Site Scripting
|
16 |
WEB
|
Moudi
|
|
2009-08-03
|
|
Payment Processor Script (PPScript) - 'shop.htm' SQL Injection
|
14 |
WEB
|
MizoZ
|
|
2009-08-10
|
|
Online Work Order Suite Lite Edition - Multiple Cross-Site Scripting Vulnerabilities
|
14 |
WEB
|
Moudi
|
|
2009-08-07
|
|
Facil Helpdesk - 'kbase/kbase.php' URI Cross-Site Scripting
|
13 |
WEB
|
Moudi
|
|
2009-10-19
|
|
phpCMS 2008 - 'download.php' Information Disclosure
|
15 |
WEB
|
Securitylab.ir
|
|
2009-10-14
|
|
FreeSchool - 'key_words' Cross-Site Scripting
|
17 |
WEB
|
drunken danish rednecks
|
|
2010-08-18
|
|
Joomla! Component com_dirfrm - Multiple SQL Injections
|
15 |
WEB
|
Hieuneo
|
|
2010-08-10
|
|
Nasim Guest Book - 'page' Cross-Site Scripting
|
14 |
WEB
|
Moudi
|
|
2009-08-10
|
|
TurnkeyForms Yahoo Answers Clone - 'questiondetail.php' Cross-Site Scripting
|
12 |
WEB
|
Moudi
|
|
2010-08-16
|
|
123 Flash Chat 7.8 - Multiple Vulnerabilities
|
16 |
WEB
|
Lincoln
|
|
2010-08-16
|
|
CMSimple 3.3 - Cross-Site Scripting / Cross-Site Request Forgery
|
15 |
WEB
|
High-Tech Bridge SA
|
|
2010-08-15
|
|
Joomla! Component com_fireboard - 'Itemid' SQL Injection
|
19 |
WEB
|
ViRuS Qalaa
|
|
2010-08-15
|
|
Zomplog 3.9 - 'message' Cross-Site Scripting
|
20 |
WEB
|
10n1z3d
|
|
2010-08-15
|
|
Joomla! Component Weblinks - 'Itemid' SQL Injection
|
18 |
WEB
|
ViRuS Qalaa
|
|
2009-09-01
|
|
Property Watch - 'login.php?redirect' Cross-Site Scripting
|
16 |
WEB
|
Moudi
|
|
2009-09-01
|
|
Property Watch - 'email.php?videoid' Cross-Site Scripting
|
18 |
WEB
|
Moudi
|
|
2009-09-01
|
|
PHPMass Real Estate - 'view_map.php' Cross-Site Scripting
|
17 |
WEB
|
Moudi
|
|
2009-09-01
|
|
Beex - 'partneralle.php?navaction' Cross-Site Scripting
|
15 |
WEB
|
Moudi
|
|
2009-09-01
|
|
Beex - 'news.php?navaction' Cross-Site Scripting
|
17 |
WEB
|
Moudi
|
|
2010-08-10
|
|
Onyx - Multiple Cross-Site Scripting Vulnerabilities
|
17 |
WEB
|
High-Tech Bridge SA
|
|
2010-08-10
|
|
Mystic 0.1.4 - Multiple Cross-Site Scripting Vulnerabilities
|
17 |
WEB
|
High-Tech Bridge SA
|
|
2010-08-13
|
|
Edit-X PHP CMS - 'search_text' Cross-Site Scripting
|
16 |
WEB
|
High-Tech Bridge SA
|
|
2010-08-13
|
|
CMS Source - Multiple Input Validation Vulnerabilities
|
17 |
WEB
|
High-Tech Bridge SA
|
|
2010-08-10
|
|
SyntaxCMS - 'rows_per_page' SQL Injection
|
15 |
WEB
|
High-Tech Bridge SA
|
|
2009-10-19
|
|
Amiro.CMS 5.4 - Multiple Input Validation Vulnerabilities
|
14 |
WEB
|
Vladimir Vorontsov
|
|
2009-08-31
|
|
JBoard - Multiple Cross-Site Scripting / SQL Injections
|
14 |
WEB
|
Inj3ct0r
|
|
2010-08-12
|
|
Rock Band CMS 0.10 - 'news.php' Multiple SQL Injections (2)
|
17 |
WEB
|
Affix
|
|
2009-09-16
|
|
PaoBacheca 2.1 - 'scrivi.php' URI Cross-Site Scripting
|
14 |
WEB
|
Moudi
|
|
2009-09-16
|
|
PaoBacheca 2.1 - 'index.php' URI Cross-Site Scripting
|
13 |
WEB
|
Moudi
|
|
2014-08-28
|
|
XRms - Blind SQL Injection / Command Execution
|
14 |
WEB
|
Benjamin Harris
|
|
2014-08-28
|
|
PhpWiki - Remote Command Execution
|
18 |
WEB
|
Benjamin Harris
|
|
2014-08-28
|
|
ActualAnalyzer Lite 2.81 - Command Execution
|
14 |
WEB
|
Benjamin Harris
|
|
2014-08-28
|
|
ManageEngine DeviceExpert 5.9 - User Credential Disclosure
|
14 |
WEB
|
Pedro Ribeiro
|
|
2014-08-28
|
|
Plogger 1.0-RC1 - (Authenticated) Arbitrary File Upload
|
15 |
WEB
|
b0z
|
|
2009-08-31
|
|
LiveStreet 0.2 - '/include/ajax/blogInfo.php?asd' Cross-Site Scripting
|
14 |
WEB
|
Inj3ct0r
|
|
2009-08-31
|
|
LiveStreet 0.2 - Comment Topic Header Cross-Site Scripting
|
17 |
WEB
|
Inj3ct0r
|
|
2009-09-16
|
|
RSSMediaScript - 'index.php' Cross-Site Scripting
|
14 |
WEB
|
Moudi
|
|
2009-09-16
|
|
PaoLink 1.0 - 'scrivi.php' Cross-Site Scripting
|
15 |
WEB
|
Moudi
|
|
2010-05-13
|
|
JForum 2.08 - BBCode Color Tag HTML Injection
|
16 |
WEB
|
Giorgio Fedon
|
|
2010-08-12
|
|
Computer Associates Oneview Monitor 6.0 - 'doSave.jsp' Remote Code Execution
|
16 |
WEB
|
Giorgio Fedon
|
|
2010-08-11
|
|
MybbCentral TagCloud 2.0 - 'Topic' HTML Injection
|
16 |
WEB
|
3ethicalhackers.com
|
|
2014-08-28
|
|
WordPress Plugin ShortCode 0.2.3 - Local File Inclusion
|
16 |
WEB
|
Mehdi Karout & Christian Galeone
|
|
2010-10-22
|
|
Simple Directory Listing 2.1 - 'SDL2.php' Cross-Site Scripting
|
18 |
WEB
|
Amol Naik
|
|
2009-10-29
|
|
Wowd - 'index.html' Multiple Cross-Site Scripting Vulnerabilities
|
16 |
WEB
|
Lostmon
|
|
2010-08-09
|
|
Preation Eden Platform 27.7.2010 - Multiple HTML Injection Vulnerabilities
|
14 |
WEB
|
High-Tech Bridge SA
|
|
2010-08-09
|
|
Allinta CMS 22.07.2010 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities
|
16 |
WEB
|
High-Tech Bridge SA
|
|
2014-08-27
|
|
WordPress Plugin WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities
|
16 |
WEB
|
Mike Manzotti
|
|
2014-08-26
|
|
VTLS Virtua InfoStation.cgi - SQL Injection
|
15 |
WEB
|
José Tozo
|
|
2014-08-26
|
|
ntopng 1.2.0 - Cross-Site Scripting Injection
|
18 |
WEB
|
Steffen Bauch
|
|
2010-08-06
|
|
Dataface 1.0 - 'admin.php' Cross-Site Scripting
|
14 |
WEB
|
MustLive
|
|
2010-08-06
|
|
Prado Portal 1.2 - 'page' Cross-Site Scripting
|
17 |
WEB
|
High-Tech Bridge SA
|
|
2010-08-05
|
|
Muraus Open Blog - Multiple HTML Injection Vulnerabilities
|
14 |
WEB
|
High-Tech Bridge SA
|
|
2010-08-05
|
|
Hulihan Applications Amethyst 0.1.5 - Multiple HTML Injection Vulnerabilities
|
18 |
WEB
|
High-Tech Bridge SA
|
|
2010-08-05
|
|
DiamondList - '/user/main/update_category?category[description]' Cross-Site Scripting
|
13 |
WEB
|
High-Tech Bridge SA
|
|
2010-08-05
|
|
DiamondList - '/user/main/update_settings?setting[site_title]' Cross-Site Scripting
|
18 |
WEB
|
High-Tech Bridge SA
|
|
2010-08-05
|
|
Hulihan Applications BXR 0.6.8 - SQL Injection / HTML Injection
|
20 |
WEB
|
High-Tech Bridge SA
|
|
2010-08-05
|
|
DT Centrepiece 4.5 - Cross-Site Scripting / Security Bypass
|
14 |
WEB
|
High-Tech Bridge SA
|
|
2010-08-05
|
|
PHPFinance 0.6 - '/group.php' SQL Injection / HTML Injection
|
18 |
WEB
|
skskilL
|
|
2014-08-25
|
|
ManageEngine Password Manager - MetadataServlet.dat SQL Injection (Metasploit)
|
15 |
WEB
|
Pedro Ribeiro
|
|
2014-08-25
|
|
Innovaphone PBX Admin-GUI - Cross-Site Request Forgery
|
15 |
WEB
|
Rainer Giedat
|
|
2014-08-25
|
|
PHP Stock Management System 1.02 - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
16 |
WEB
|
Ragha Deepthi K R
|
|
2009-10-08
|
|
OpenSolution Quick.Cart - Local File Inclusion / Cross-Site Scripting
|
17 |
WEB
|
kl3ryk
|
|
2009-10-04
|
|
PHP168 Template Editor - 'Filename' Directory Traversal
|
15 |
WEB
|
esnra
|
|
2014-08-03
|
|
RaidenTunes - 'music_out.php' Cross-Site Scripting
|
12 |
WEB
|
LiquidWorm
|
|
2009-09-25
|
|
Activedition - '/activedition/aelogin.asp' Multiple Cross-Site Scripting Vulnerabilities
|
15 |
WEB
|
Richard Brain
|
|
2010-07-03
|
|
FuseTalk 3.2/4.0 - Multiple Cross-Site Scripting Vulnerabilities
|
13 |
WEB
|
Juan Manuel Garcia
|
|
2010-08-03
|
|
Joomla! Component com_jigsaw - 'Controller' Directory Traversal
|
16 |
WEB
|
FL0RiX
|
|
2010-08-02
|
|
MyIT CRM - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
17 |
WEB
|
Juan Manuel Garcia
|
|
2010-07-30
|
|
Sourcefabric Campsite - Multiple Cross-Site Scripting Vulnerabilities
|
13 |
WEB
|
High-Tech Bridge SA
|
|
2010-07-27
|
|
Impact Software AdPeeps - Cross-Site Scripting / HTML Injection
|
12 |
WEB
|
Matt
|
|
2010-07-28
|
|
SPIP 2.1 - 'var_login' Cross-Site Scripting
|
14 |
WEB
|
dotsafe.fr
|
|
2010-07-28
|
|
Cetera eCommerce - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
|
15 |
WEB
|
MustLive
|
|
2010-07-28
|
|
Cetera eCommerce - Multiple SQL Injections
|
11 |
WEB
|
MustLive
|
|
2010-07-28
|
|
Jira 4.0.1 - Cross-Site Scripting / Information Disclosure
|
12 |
WEB
|
MaXe
|
|
2010-07-27
|
|
Social Media - 'index.php' Local File Inclusion
|
15 |
WEB
|
Harri Johansson
|
|
2014-08-21
|
|
MyBB 1.8 Beta 3 - Multiple Vulnerabilities
|
14 |
WEB
|
DemoLisH B3yaZ
|
|
2009-12-22
|
|
Active Business Directory 2 - 'searchadvance.asp' Cross-Site Scripting
|
11 |
WEB
|
Andrea Bocchetti
|
|
2010-07-26
|
|
SyndeoCMS 2.9 - Multiple HTML Injection Vulnerabilities
|
13 |
WEB
|
High-Tech Bridge SA
|
|
2009-12-04
|
|
Clixint Technologies DPI - Cross-Site Scripting
|
11 |
WEB
|
anonymous
|
|
2010-10-04
|
|
Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities (2)
|
13 |
WEB
|
Abysssec
|
|
2009-10-06
|
|
e-Courier CMS - 'UserGUID' Multiple Cross-Site Scripting Vulnerabilities
|
15 |
WEB
|
BugsNotHugs
|
|
2010-07-26
|
|
Joomla! Component FreiChat 1.0/2.x - HTML Injection
|
12 |
WEB
|
nag_sunny
|
|
2010-07-25
|
|
MC Content Manager 10.1 - SQL Injection / Cross-Site Scripting
|
14 |
WEB
|
MustLive
|
|
2010-07-23
|
|
SAP NetWeaver 6.4/7.0 - 'wsnavigator' Cross-Site Scripting
|
15 |
WEB
|
Alexandr Polyakov
|
|
2009-10-28
|
|
Piwigo 2.0 - 'comments.php' Multiple Cross-Site Scripting Vulnerabilities
|
14 |
WEB
|
Andrew Paterson
|
|
2009-11-02
|
|
Stratek Web Design Twilight CMS 4.0 - 'calendar' Cross-Site Scripting
|
13 |
WEB
|
Vladimir Vorontsov
|
|
2010-07-22
|
|
Claus Muus Spitfire 1.0.336 - Multiple Cross-Site Scripting Vulnerabilities
|
13 |
WEB
|
High-Tech Bridge SA
|
|
2014-08-18
|
|
Tenda A5s Router 3.02.05_CN - Authentication Bypass
|
14 |
WEB
|
zixian
|
|
2009-12-15
|
|
Scriptsez Ez FAQ Maker 1.0 - Cross-Site Scripting / Cross-Site Request Forgery
|
13 |
WEB
|
Milos Zivanovic
|
|
2009-12-14
|
|
TenderSystem 0.9.5 - 'main.php' Multiple Local File Inclusions
|
12 |
WEB
|
Packetdeath
|
|
2010-07-19
|
|
SnowFlake CMS 0.9.5 Beta - 'uid' SQL Injection
|
13 |
WEB
|
Dinesh Arora
|
|
2009-12-16
|
|
BOLDfx Recipe Script 5.0 - Multiple Remote Vulnerabilities
|
13 |
WEB
|
Milos Zivanovic
|
|
2009-12-16
|
|
BOLDfx eUploader 3.1.1 - 'admin.php' Multiple Remote Vulnerabilities
|
13 |
WEB
|
Milos Zivanovic
|
|
2010-07-15
|
|
Sourcefabric Campsite Articles - HTML Injection
|
15 |
WEB
|
D4rk357
|
|
2010-07-18
|
|
YACS CMS 10.5.27 - 'context[path_to_root]' Remote File Inclusion
|
14 |
WEB
|
eidelweiss
|
|
2010-07-18
|
|
iOffice 0.1 - 'parametre' Remote Command Execution
|
14 |
WEB
|
Marshall Whittaker
|
|
2009-12-17
|
|
jCore - 'search' Cross-Site Scripting
|
16 |
WEB
|
loneferret
|
|
2009-12-17
|
|
Pre Jobo.NET - Multiple SQL Injections
|
15 |
WEB
|
bi0
|
|
2007-12-17
|
|
MOJO IWms 7 - 'default.asp' Cookie Manipulation
|
16 |
WEB
|
cp77fk4r
|
|
2009-12-14
|
|
Ez Poll Hoster - Multiple Cross-Site Scripting Vulnerabilities
|
14 |
WEB
|
Milos Zivanovic
|
|
2009-09-21
|
|
WX-Guestbook 1.1.208 - SQL Injection / HTML Injection
|
13 |
WEB
|
learn3r
|
|
2010-07-15
|
|
Pligg CMS 1.0.4 - 'search.php' Cross-Site Scripting
|
14 |
WEB
|
High-Tech Bridge SA
|
|
2010-07-15
|
|
Pixie 1.0.4 - HTML Injection / Cross-Site Scripting
|
14 |
WEB
|
High-Tech Bridge SA
|
|
2010-07-15
|
|
Gekko Web Builder 9.0 - 'index.php' Cross-Site Scripting
|
15 |
WEB
|
High-Tech Bridge SA
|
|
2014-08-14
|
|
WordPress Plugin Disqus 2.7.5 - Cross-Site Request Forgery (Admin Persistent) / Cross-Site Scripting
|
19 |
WEB
|
Nik Cubrilovic
|
