|
2009-11-26
|
|
CyberCMS - 'faq.php' SQL Injection
|
9 |
WEB
|
hc0de
|
|
2010-04-24
|
|
PowerEasy 2006 - 'ComeUrl' Cross-Site Scripting
|
10 |
WEB
|
Liscker
|
|
2010-03-30
|
|
HuronCMS - 'index.php' Multiple SQL Injections
|
11 |
WEB
|
mat
|
|
2010-04-26
|
|
Ektron CMS400.NET 7.5.2 - Multiple Vulnerabilities
|
10 |
WEB
|
Richard Moore
|
|
2010-04-22
|
|
FlashCard 2.6.5 - 'id' Cross-Site Scripting
|
14 |
WEB
|
Valentin
|
|
2014-06-25
|
|
Lunar CMS 3.3 - Remote Command Execution
|
12 |
WEB
|
LiquidWorm
|
|
2014-06-25
|
|
Thomson TWG87OUIR - POST Password Cross-Site Request Forgery
|
12 |
WEB
|
nopesled
|
|
2010-04-21
|
|
DBSite wb CMS - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
The_Exploited
|
|
2010-04-21
|
|
e107 0.7.x - '/e107_admin/banner.php' SQL Injection
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2010-04-09
|
|
Viennabux Beta! - 'cat' SQL Injection
|
9 |
WEB
|
Easy Laster
|
|
2010-04-20
|
|
vBulletin Two-Step External Link Module - 'externalredirect.php' Cross-Site Scripting
|
9 |
WEB
|
Edgard Chammas
|
|
2010-04-19
|
|
Kleophatra CMS 0.1.1 - 'module' Cross-Site Scripting
|
11 |
WEB
|
anT!-Tr0J4n
|
|
2014-06-24
|
|
Multiple WordPress Plugins (TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution
|
9 |
WEB
|
@u0x
|
|
2014-06-23
|
|
ZeroCMS 1.0 - 'zero_transact_article.php' SQL Injection
|
8 |
WEB
|
Filippos Mastrogiannis
|
|
2010-04-15
|
|
Ziggurat Farsi CMS - 'bck' Directory Traversal
|
11 |
WEB
|
Pouya Daneshmand
|
|
2010-04-12
|
|
AneCMS 1.0 - Multiple Local File Inclusions
|
8 |
WEB
|
AmnPardaz Security Research Team
|
|
2010-04-13
|
|
Vana CMS - 'Filename' Arbitrary File Download
|
6 |
WEB
|
Pouya Daneshmand
|
|
2010-04-12
|
|
Blog System 1.x - Multiple Input Validation Vulnerabilities
|
10 |
WEB
|
cp77fk4r
|
|
2010-04-12
|
|
TANDBERG Video Communication Server 4.2.1/4.3.0 - Multiple Remote Vulnerabilities
|
8 |
WEB
|
Jon Hart
|
|
2014-06-21
|
|
Lunar CMS 3.3 - Cross-Site Request Forgery / Persistent Cross-Site Scripting
|
10 |
WEB
|
LiquidWorm
|
|
2010-04-07
|
|
Istgah For Centerhost - 'view_ad.php' Cross-Site Scripting
|
9 |
WEB
|
indoushka
|
|
2010-04-15
|
|
Ziggurat Farsi CMS - 'id' Cross-Site Scripting
|
10 |
WEB
|
Pouya Daneshmand
|
|
2014-06-21
|
|
D-Link DSL-2760U-E1 - Persistent Cross-Site Scripting
|
8 |
WEB
|
Yuval tisf Nativ
|
|
2010-02-24
|
|
n-cms-equipe 1.1c.Debug - Multiple Local File Inclusions
|
9 |
WEB
|
ITSecTeam
|
|
2010-04-07
|
|
PotatoNews 1.0.2 - 'nid' Multiple Local File Inclusions
|
8 |
WEB
|
mat
|
|
2014-06-19
|
|
web2Project 3.1 - Multiple Vulnerabilities
|
9 |
WEB
|
High-Tech Bridge SA
|
|
2010-03-31
|
|
OSSIM 2.2.1 - '$_SERVER['PHP_SELF']' Cross-Site Scripting
|
8 |
WEB
|
CONIX Security
|
|
2010-03-31
|
|
Piwik 0.5.5 - 'form_url' Cross-Site Scripting
|
9 |
WEB
|
garwga
|
|
2008-12-13
|
|
WordPress Plugin Fuctweb CapCC 1.0 - 'plugins.php' SQL Injection
|
9 |
WEB
|
MustLive
|
|
2010-03-29
|
|
Joomla! Component com_weblinks - 'id' SQL Injection
|
9 |
WEB
|
Pouya Daneshmand
|
|
2014-06-18
|
|
Cacti Superlinks Plugin 1.4-2 - SQL Injection
|
9 |
WEB
|
Napsterakos
|
|
2014-06-18
|
|
ZTE WXV10 W300 - Multiple Vulnerabilities
|
8 |
WEB
|
Osanda Malith Jayathissa
|
|
2010-03-24
|
|
Joomla! Component com_jresearch - 'Controller' Local File Inclusion
|
9 |
WEB
|
Chip d3 bi0s
|
|
2010-03-23
|
|
Joomla! Component com_cb - 'cat' SQL Injection
|
11 |
WEB
|
DevilZ TM
|
|
2010-03-23
|
|
Joomla! Component com_aml_2 - 'art' SQL Injection
|
11 |
WEB
|
Metropolis
|
|
2010-03-23
|
|
SpringSource (Multiple Products) - Multiple HTML Injection Vulnerabilities
|
10 |
WEB
|
Aaron Kulick
|
|
2010-03-23
|
|
Kasseler CMS News Module - 'id' SQL Injection
|
10 |
WEB
|
Palyo34
|
|
2014-06-17
|
|
Motorola SBG901 Wireless Modem - Cross-Site Request Forgery
|
10 |
WEB
|
Blessen Thomas
|
|
2010-03-23
|
|
PHPAuthent 0.2.1 - 'useradd.php' Multiple HTML Injection Vulnerabilities
|
10 |
WEB
|
Yoyahack
|
|
2010-03-23
|
|
RepairShop2 - 'index.php?Prod' Cross-Site Scripting
|
11 |
WEB
|
kaMtiEz
|
|
2010-03-23
|
|
agXchange ESM - 'ucquerydetails.jsp' Cross-Site Scripting
|
10 |
WEB
|
Lament
|
|
2010-03-19
|
|
vBulletin 4.0.2 - Search Cross-Site Scripting
|
11 |
WEB
|
5ubzer0
|
|
2010-03-22
|
|
PHPKIT 1.6.x - 'b-day.php' Addon SQL Injection
|
11 |
WEB
|
n3w7u
|
|
2010-03-23
|
|
Lussumo Vanilla 1.1.10 - 'definitions.php' Multiple Remote File Inclusions
|
12 |
WEB
|
eidelweiss
|
|
2010-03-22
|
|
agXchange ESM - 'ucschcancelproc.jsp' Open Redirection
|
11 |
WEB
|
Lament
|
|
2010-03-19
|
|
PHPWind 6.0 - Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
Liscker
|
|
2010-03-18
|
|
Kempt SiteDone 2.0 - '/detail.php' Cross-Site Scripting / SQL Injection
|
12 |
WEB
|
d3v1l
|
|
2010-03-18
|
|
tenfourzero.net Shutter 0.1.4 - 'admin.html' Multiple SQL Injections
|
12 |
WEB
|
blake
|
|
2010-03-17
|
|
PHPBB2 Plus 1.53 - 'kb.php' SQL Injection
|
9 |
WEB
|
Gamoscu
|
|
2010-03-17
|
|
Joomla! Component com_alert - 'q_item' SQL Injection
|
10 |
WEB
|
N2n-Hacker
|
|
2010-03-17
|
|
eFront 3.5.5 - 'langname' Local File Inclusion
|
12 |
WEB
|
7Safe
|
|
2010-03-16
|
|
Joomla! Component com_as - 'catid' SQL Injection
|
10 |
WEB
|
N2n-Hacker
|
|
2010-03-15
|
|
Dojo Toolkit 1.4.1 - '/doh/runner.html' Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
Adam Bixby
|
|
2010-03-15
|
|
Dojo Toolkit 1.4.1 - '/dijit/tests/_testCommon.js?theme' Cross-Site Scripting
|
10 |
WEB
|
Adam Bixby
|
|
2010-03-15
|
|
Domain Verkaus & Auktions Portal - 'index.php' SQL Injection
|
10 |
WEB
|
Easy Laster
|
|
2010-03-15
|
|
Andromeda 1.9.2 - 's' Cross-Site Scripting / Session Fixation
|
12 |
WEB
|
indoushka
|
|
2010-03-15
|
|
Pars CMS - 'RP' Multiple SQL Injections
|
10 |
WEB
|
Isfahan
|
|
2010-03-15
|
|
(Multiple Products) - 'banner.swf' Cross-Site Scripting
|
10 |
WEB
|
MustLive
|
|
2010-03-14
|
|
DirectAdmin 1.33.6 - 'CMD_DB_VIEW' Cross-Site Scripting
|
9 |
WEB
|
r0t
|
|
2010-03-15
|
|
Zigurrat Farsi CMS - '/manager/textbox.asp' SQL Injection
|
9 |
WEB
|
Isfahan
|
|
2010-03-13
|
|
Joomla! Component com_d-greinar - 'maintree' Cross-Site Scripting
|
9 |
WEB
|
DevilZ TM
|
|
2010-03-13
|
|
Joomla! Component com_seek - 'id' SQL Injection
|
11 |
WEB
|
DevilZ TM
|
|
2010-03-12
|
|
pMyAdmin 3.3.5.1 - 'db_create.php' Cross-Site Scripting
|
10 |
WEB
|
Liscker
|
|
2010-03-12
|
|
Easynet4u Forum Host - 'topic.php' SQL Injection
|
11 |
WEB
|
Pr0T3cT10n
|
|
2010-03-11
|
|
CodeIgniter 1.0 - 'BASEPATH' Multiple Remote File Inclusions
|
12 |
WEB
|
eidelweiss
|
|
2010-03-11
|
|
ARTIS ABTON CMS - Multiple SQL Injections
|
11 |
WEB
|
MustLive
|
|
2010-03-11
|
|
AneCMS 1.0 - 'index.php' Multiple HTML Injection Vulnerabilities
|
12 |
WEB
|
pratul agrawal
|
|
2014-06-13
|
|
ZeroCMS 1.0 - 'zero_transact_user.php' Handling Privilege Escalation
|
11 |
WEB
|
Tiago Carvalho
|
|
2014-06-13
|
|
Yealink VoIP Phone SIP-T38G - Local File Inclusion
|
10 |
WEB
|
Mr.Un1k0d3r
|
|
2014-06-13
|
|
Plesk 10.4.4/11.0.9 - SSO XML External Entity / Cross-Site Scripting Injection
|
11 |
WEB
|
BLacK ZeRo
|
|
2010-03-10
|
|
DDL CMS 2.1 - 'blacklist.php' Cross-Site Scripting
|
11 |
WEB
|
ITSecTeam
|
|
2010-03-10
|
|
60cycleCMS - 'select.php' Multiple HTML Injection Vulnerabilities
|
10 |
WEB
|
pratul agrawal
|
|
2010-03-10
|
|
Friendly Technologies TR-069 ACS 2.8.9 - Login SQL Injection
|
8 |
WEB
|
Yaniv Miron
|
|
2010-03-10
|
|
Max Network Technology BBSMAX 4.2 - 'threadid' Cross-Site Scripting
|
10 |
WEB
|
Liscker
|
|
2010-03-09
|
|
IBM ENOVIA SmarTeam - 'LoginPage.aspx' Cross-Site Scripting
|
9 |
WEB
|
Lament
|
|
2010-02-16
|
|
wh-em.com upload 7.0 - Insecure Cookie Authentication Bypass
|
9 |
WEB
|
indoushka
|
|
2010-03-09
|
|
TikiWik < 4.2 - Multiple Vulnerabilities
|
9 |
WEB
|
Mateusz Drygas
|
|
2010-03-07
|
|
OpenCart 1.3.2 - 'page' SQL Injection
|
8 |
WEB
|
Andrés Gómez
|
|
2010-03-08
|
|
KDPics 1.18 - '/admin/index.php' Authentication Bypass
|
9 |
WEB
|
snakespc
|
|
2010-03-08
|
|
ASPCode CMS 1.5.8 - 'default.asp' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Alberto Fontanella
|
|
2010-03-08
|
|
Max Network Technology BBSMAX 4.2 - 'post.aspx' Cross-Site Scripting
|
9 |
WEB
|
Liscker
|
|
2010-03-08
|
|
Pre E-Learning Portal - 'search_result.asp' SQL Injection
|
8 |
WEB
|
NoGe
|
|
2010-03-06
|
|
phpCOIN 1.2.1 - 'mod' Local File Inclusion
|
9 |
WEB
|
_mlk_
|
|
2010-03-05
|
|
Six Apart Vox - 'search' Page Cross-Site Scripting
|
7 |
WEB
|
Phenom
|
|
2010-03-05
|
|
Saskia's ShopSystem - 'id' Local File Inclusion
|
8 |
WEB
|
cr4wl3r
|
|
2010-03-05
|
|
Spectrum Software WebManager CMS - 'pojam' Cross-Site Scripting
|
7 |
WEB
|
hacker@sr.gov.yu
|
|
2014-06-11
|
|
SHOUTcast DNAS 2.2.1 - Persistent Cross-Site Scripting
|
8 |
WEB
|
rob222
|
|
2010-03-05
|
|
Natychmiast CMS - Multiple Cross-Site Scripting / SQL Injections
|
9 |
WEB
|
Maciej Gojny
|
|
2010-03-04
|
|
Drupal < 5.22/6.16 - Multiple Vulnerabilities
|
8 |
WEB
|
David Rothstein
|
|
2010-03-04
|
|
BBSXP 2008 - 'ShowPost.asp' Cross-Site Scripting
|
9 |
WEB
|
Liscker
|
|
2014-06-10
|
|
ZeroCMS 1.0 - 'zero_view_article.php' SQL Injection
|
9 |
WEB
|
LiquidWorm
|
|
2014-06-09
|
|
DevExpress ASPxFileManager 10.2 < 13.2.8 - Directory Traversal
|
9 |
WEB
|
RedTeam Pentesting
|
|
2014-06-09
|
|
WebTitan 4.01 (Build 68) - Multiple Vulnerabilities
|
9 |
WEB
|
SEC Consult
|
|
2014-06-09
|
|
eFront 3.6.14.4 - 'surname' Persistent Cross-Site Scripting
|
9 |
WEB
|
shyamkumar somana
|
|
2010-03-04
|
|
Comptel Provisioning and Activation - 'index.jsp?error_msg_parameter' Cross-Site Scripting
|
10 |
WEB
|
thebluegenius
|
|
2010-03-02
|
|
Discuz! 6.0 - 'uid' Cross-Site Scripting
|
9 |
WEB
|
lis cker
|
|
2010-03-02
|
|
Sparta Systems TrackWise EQms - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
Yaniv Miron
|
|
2010-03-01
|
|
DeDeCMS 5.5 - '_SESSION[dede_admin_id]' Authentication Bypass
|
9 |
WEB
|
Wolves Security Team
|
|
2010-03-01
|
|
Blax Blog 0.1 - 'girisyap.php' SQL Injection
|
9 |
WEB
|
cr4wl3r
|
|
2010-03-01
|
|
Article Friendly - 'Filename' Local File Inclusion
|
10 |
WEB
|
pratul agrawal
|
|
2010-02-27
|
|
SLAED CMS 4 - Installation Script Unauthorized Access
|
8 |
WEB
|
indoushka
|
|
2010-02-28
|
|
Open Educational System 0.1 Beta - 'CONF_INCLUDE_PATH' Multiple Remote File Inclusions
|
9 |
WEB
|
cr4wl3r
|
|
2010-02-28
|
|
TRUC 0.11 - 'login_reset_password_page.php' Cross-Site Scripting
|
9 |
WEB
|
snakespc
|
|
2010-02-26
|
|
ARISg 5.0 - 'wflogin.jsp' Cross-Site Scripting
|
9 |
WEB
|
Yaniv Miron
|
|
2010-02-25
|
|
Newbie CMS 0.0.2 - Insecure Cookie Authentication Bypass
|
9 |
WEB
|
JIKO
|
|
2010-02-25
|
|
IBM (Multiple Products) - Login Page Cross-Site Scripting
|
8 |
WEB
|
Oren Hafif
|
|
2010-02-24
|
|
OpenInferno OI.Blogs 1.0 - Multiple Local File Inclusions
|
9 |
WEB
|
JIKO
|
|
2010-02-24
|
|
Joomla! Component HD FLV Player - 'id' SQL Injection
|
8 |
WEB
|
kaMtiEz
|
|
2010-02-24
|
|
MySmartBB 1.7 - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
indoushka
|
|
2010-02-23
|
|
Softbiz Jobs - 'sbad_type' Cross-Site Scripting
|
11 |
WEB
|
pratul agrawal
|
|
2010-02-22
|
|
Galerie Dezign-Box - Multiple Input Validation Vulnerabilities
|
11 |
WEB
|
indoushka
|
|
2010-02-20
|
|
vBulletin 4.0.2 - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
indoushka
|
|
2010-02-20
|
|
Joomla! Component com_recipe - Multiple SQL Injections
|
9 |
WEB
|
FL0RiX
|
|
2010-02-19
|
|
Social Web CMS 2 - 'index.php' Cross-Site Scripting
|
8 |
WEB
|
GoLdeN-z3r0
|
|
2010-02-18
|
|
Subex Nikira Fraud Management System GUI - 'message' Cross-Site Scripting
|
9 |
WEB
|
thebluegenius
|
|
2010-02-18
|
|
XlentProjects SphereCMS 1.1 - 'archive.php' SQL Injection
|
9 |
WEB
|
AmnPardaz Security Research Team
|
|
2014-06-06
|
|
Madness Pro 1.14 - SQL Injection
|
10 |
WEB
|
bwall
|
|
2014-06-06
|
|
Madness Pro 1.14 - Persistent Cross-Site Scripting
|
9 |
WEB
|
bwall
|
|
2010-02-18
|
|
New-CMS 1.08 - Multiple Local File Inclusion / HTML Injection Vulnerabilities
|
9 |
WEB
|
Alberto Fontanella
|
|
2010-02-16
|
|
EziScript Google Page Rank 1.1 - Cross-Site Scripting
|
9 |
WEB
|
sarabande
|
|
2010-02-16
|
|
Extreme Mobster - 'login' Cross-Site Scripting
|
9 |
WEB
|
indoushka
|
|
2010-02-16
|
|
BGSvetionik BGS CMS - 'search' Cross-Site Scripting
|
8 |
WEB
|
hacker@sr.gov.yu
|
|
2010-02-16
|
|
Portrait Software Portrait Campaign Manager 4.6.1.22 - Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Roel Schouten
|
|
2009-12-31
|
|
Joomla! Component MS Comment 0.8.0b - Security Bypass / Cross-Site Scripting
|
9 |
WEB
|
Jeff Channell
|
|
2010-02-12
|
|
Basic-CMS - 'nav_id' Cross-Site Scripting
|
9 |
WEB
|
Red-D3v1L
|
