|
2010-02-12
|
|
CMS Made Simple 1.6.6 - Local File Inclusion / Cross-Site Scripting
|
8 |
WEB
|
Beenu Arora
|
|
2009-09-17
|
|
Joomla! Component F!BB 1.5.96 RC - SQL Injection / HTML Injection
|
9 |
WEB
|
Jeff Channell
|
|
2009-09-17
|
|
Joomla! Component EasyBook 2.0.0rc4 - Multiple HTML Injection Vulnerabilities
|
8 |
WEB
|
Jeff Channell
|
|
2009-11-15
|
|
Joomla! Component Webee Comments 1.1/1.2 - Multiple BBCode Tags Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Jeff Channell
|
|
2009-11-15
|
|
Joomla! Component Webee Comments 1.1/1.2 - 'index2.php' articleId SQL Injection
|
9 |
WEB
|
Jeff Channell
|
|
2010-02-03
|
|
Interspire Knowledge Manager 5 - 'callback.snipshot.php' Arbitrary File Creation
|
8 |
WEB
|
Cory Marsh
|
|
2010-02-11
|
|
CommodityRentals CD Rental Software - 'index.php' SQL Injection
|
8 |
WEB
|
Don Tukulesto
|
|
2014-06-03
|
|
IPSwitch IMail Server WEB client 12.4 - Persistent Cross-Site Scripting
|
9 |
WEB
|
Peru
|
|
2014-06-03
|
|
Bluetooth Photo-File Share 2.1 iOS - Multiple Vulnerabilities
|
8 |
WEB
|
Vulnerability-Lab
|
|
2014-06-03
|
|
AllReader 1.0 iOS - Multiple Vulnerabilities
|
8 |
WEB
|
Vulnerability-Lab
|
|
2014-06-03
|
|
TigerCom My Assistant 1.1 iOS - Local File Inclusion
|
8 |
WEB
|
Vulnerability-Lab
|
|
2014-06-03
|
|
Privacy Pro 1.2 HZ iOS - Local File Inclusion
|
8 |
WEB
|
Vulnerability-Lab
|
|
2014-06-03
|
|
Files Desk Pro 1.4 iOS - Local File Inclusion
|
9 |
WEB
|
Vulnerability-Lab
|
|
2014-06-03
|
|
NG WifiTransfer Pro 1.1 - Local File Inclusion
|
9 |
WEB
|
Vulnerability-Lab
|
|
2014-06-03
|
|
PHPBTTracker+ 2.2 - SQL Injection
|
7 |
WEB
|
BackBox Linux Team
|
|
2010-02-11
|
|
vBulletin 3.5.4 - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
ROOT_EGY
|
|
2010-02-09
|
|
vBulletin Adsense Component - 'viewpage.php' SQL Injection
|
10 |
WEB
|
JIKO
|
|
2010-02-08
|
|
VideoDB 3.0.3 - 'login.php' Cross-Site Scripting
|
8 |
WEB
|
vr
|
|
2010-02-08
|
|
Zen Time Tracking 2.2 - Multiple SQL Injections
|
10 |
WEB
|
cr4wl3r
|
|
2010-02-08
|
|
Aflam Online 1.0 - 'index.php' SQL Injection
|
10 |
WEB
|
alnjm33
|
|
2014-06-02
|
|
WordPress Plugin Participants Database 1.5.4.8 - SQL Injection
|
10 |
WEB
|
Yarubo Research Team
|
|
2010-02-05
|
|
ASCET Interactive Huski Retail - Multiple SQL Injections
|
9 |
WEB
|
Wireghoul
|
|
2010-02-05
|
|
ASCET Interactive Huski CMS - 'i' Local File Inclusion
|
9 |
WEB
|
Wireghoul
|
|
2010-02-05
|
|
LANDesk Management Gateway 4.x - Multiple Vulnerabilities
|
9 |
WEB
|
Aureliano Calvo
|
|
2010-02-05
|
|
evalSMSI 2.1.3 - Multiple Input Validation Vulnerabilities
|
10 |
WEB
|
ekse
|
|
2010-02-04
|
|
Data 1 Systems UltraBB 1.17 - 'view_post.php' Cross-Site Scripting
|
11 |
WEB
|
s4r4d0
|
|
2010-02-04
|
|
KnowGate hipergate 4.0.12 - Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
Nahuel Grisolia
|
|
2010-02-04
|
|
Interspire Knowledge Manager < 5.1.3 - Multiple Remote Vulnerabilities
|
10 |
WEB
|
Cory Marsh
|
|
2010-02-01
|
|
Joomla! Component AutartiTarot - Directory Traversal
|
9 |
WEB
|
B-HUNT3|2
|
|
2010-02-01
|
|
Joomla! Component com_gambling - 'gamblingEvent' SQL Injection
|
10 |
WEB
|
md.r00t
|
|
2010-01-31
|
|
Joomla! Component com_rsgallery2 2.0 - 'catid' SQL Injection
|
10 |
WEB
|
snakespc
|
|
2009-07-16
|
|
XAMPP 1.6.x - 'showcode.php' Local File Inclusion
|
10 |
WEB
|
MustLive
|
|
2010-01-28
|
|
CommonSpot Server - '/utilities/longproc.cfm' Cross-Site Scripting
|
9 |
WEB
|
Richard Brain
|
|
2010-01-27
|
|
Discuz! 6.0 - 'tid' Cross-Site Scripting
|
8 |
WEB
|
s4r4d0
|
|
2010-01-26
|
|
Joomla! Component 3D Cloud - 'tagcloud.swf' Cross-Site Scripting
|
10 |
WEB
|
MustLive
|
|
2009-10-24
|
|
Jetty 6.1.x - JSP Snoop Page Multiple Cross-Site Scripting Vulnerabilities
|
14 |
WEB
|
aScii
|
|
2010-01-22
|
|
OpenX 2.6.1 - SQL Injection
|
10 |
WEB
|
AndySoon
|
|
2010-01-21
|
|
cPanel and WHM 11.25 - 'failurl' HTTP Response Splitting
|
9 |
WEB
|
Trancer
|
|
2014-05-28
|
|
Sharetronix 3.3 - Multiple Vulnerabilities
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2014-05-28
|
|
AuraCMS 3.0 - Multiple Vulnerabilities
|
9 |
WEB
|
Mustafa ALTINKAYNAK
|
|
2010-01-20
|
|
PHPMySpace Gold 8.0 - 'gid' SQL Injection
|
11 |
WEB
|
Ctacok
|
|
2010-01-19
|
|
VisualShapers EZContents 2.0.3 - Authentication Bypass / Multiple SQL Injections
|
9 |
WEB
|
AmnPardaz Security Research Team
|
|
2010-01-18
|
|
vBulletin 4.0.1 - 'misc.php' SQL Injection
|
8 |
WEB
|
indoushka
|
|
2010-01-18
|
|
Easysitenetwork Jokes Complete Website - 'searchingred' Cross-Site Scripting
|
9 |
WEB
|
indoushka
|
|
2010-01-18
|
|
Easysitenetwork Jokes Complete Website - 'id' Cross-Site Scripting
|
9 |
WEB
|
indoushka
|
|
2010-01-19
|
|
DataLife Engine 8.3 - '/engine/ajax/addcomments.php?_REQUEST[skin]' Remote File Inclusion
|
8 |
WEB
|
indoushka
|
|
2010-01-19
|
|
DataLife Engine 8.3 - '/engine/ajax/pm.php?config[lang]' Remote File Inclusion
|
9 |
WEB
|
indoushka
|
|
2010-01-19
|
|
DataLife Engine 8.3 - '/engine/inc/help.php?config[langs]' Remote File Inclusion
|
8 |
WEB
|
indoushka
|
|
2010-01-19
|
|
DataLife Engine 8.3 - '/engine/inc/include/init.php?selected_language' Remote File Inclusion
|
10 |
WEB
|
indoushka
|
|
2010-01-18
|
|
TestLink 1.8.5 - 'order_by_login_dir' Cross-Site Scripting
|
8 |
WEB
|
Prashant Khandelwal
|
|
2010-01-15
|
|
LetoDms 1.4.x - 'lang' Local File Inclusion
|
8 |
WEB
|
D. Fabian
|
|
2010-01-14
|
|
Joomla! Component com_marketplace 1.2 - 'catid' Cross-Site Scripting
|
9 |
WEB
|
ViRuSMaN
|
|
2010-01-14
|
|
Xforum 1.4 - 'nbpageliste' Cross-Site Scripting
|
8 |
WEB
|
ViRuSMaN
|
|
2010-01-14
|
|
Technology for Solutions 1.0 - 'id' Cross-Site Scripting
|
9 |
WEB
|
PaL-D3v1L
|
|
2014-05-26
|
|
D-Link Routers - Multiple Vulnerabilities
|
11 |
WEB
|
Kyle Lovett
|
|
2014-05-26
|
|
ZYXEL P-660HW-T1 3 Wireless Router - Cross-Site Request Forgery
|
8 |
WEB
|
Mustafa ALTINKAYNAK
|
|
2014-05-26
|
|
Videos Tube 1.0 - Multiple SQL Injections
|
9 |
WEB
|
Mustafa ALTINKAYNAK
|
|
2010-01-14
|
|
Zenoss 2.3.3 - Multiple SQL Injections
|
9 |
WEB
|
nGenuity Information Services
|
|
2010-01-13
|
|
Tribisur - 'cat' Cross-Site Scripting
|
7 |
WEB
|
ViRuSMaN
|
|
2010-01-13
|
|
Joomla! Component com_tienda - 'categoria' Cross-Site Scripting
|
8 |
WEB
|
FL0RiX
|
|
2010-01-12
|
|
Simple PHP Blog 0.5.x - 'search.php' Cross-Site Scripting
|
9 |
WEB
|
Sora
|
|
2010-01-12
|
|
Docmint 1.0/2.1 - 'id' Cross-Site Scripting
|
9 |
WEB
|
Red-D3v1L
|
|
2014-05-24
|
|
Web Terra 1.1 - 'books.cgi' Remote Command Execution
|
8 |
WEB
|
felipe andrian
|
|
2014-05-24
|
|
Mayan-EDms Web-Based Document Management OS System - Multiple Persistent Cross-Site Scripting Vulner
|
10 |
WEB
|
Dolev Farhi
|
|
2010-01-11
|
|
Active Calendar 1.2 - '$_SERVER['PHP_SELF']' Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
Martin Barbella
|
|
2010-01-12
|
|
PHPepperShop 2.5 - 'USER_ARTIKEL_HANDLING_AUFRUF.php' Cross-Site Scripting
|
10 |
WEB
|
Crux
|
|
2010-01-11
|
|
@lex Guestbook 5.0 - Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
D3V!L FUCKER
|
|
2010-01-11
|
|
Jamit Job Board - 'post_id' Cross-Site Scripting
|
11 |
WEB
|
Crux
|
|
2010-01-11
|
|
DELTAScripts PHP Links 1.0 - 'email' Cross-Site Scripting
|
10 |
WEB
|
Crux
|
|
2010-01-10
|
|
DigitalHive - 'mt' Cross-Site Scripting
|
9 |
WEB
|
ViRuSMaN
|
|
2010-01-08
|
|
Joomla! Component Jobads - 'type' SQL Injection
|
10 |
WEB
|
N0KT4
|
|
2010-01-07
|
|
Calendarix 0.7 - 'calpath' Remote File Inclusion
|
9 |
WEB
|
Saywhat
|
|
2010-01-07
|
|
dotProject 2.1.3 - Multiple SQL Injections / HTML Injection Vulnerabilities
|
9 |
WEB
|
Justin C. Klein Keane
|
|
2010-01-07
|
|
Joomla! Component DM Orders - 'id' SQL Injection
|
8 |
WEB
|
NoGe
|
|
2010-01-06
|
|
Roundcube Webmail 0.2 - Cross-Site Scripting
|
12 |
WEB
|
j4ck & Globus
|
|
2010-01-05
|
|
LineWeb 1.0.5 - Multiple Remote Vulnerabilities
|
12 |
WEB
|
Ignacio Garrido
|
|
2010-01-05
|
|
LXR 0.9.x - Cross Referencer Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Dan Rosenberg
|
|
2010-01-04
|
|
MercuryBoard 1.1.5 - 'index.php' Cross-Site Scripting
|
8 |
WEB
|
indoushka
|
|
2010-01-04
|
|
WMNews - '/admin/wmnews.php' Cross-Site Scripting
|
7 |
WEB
|
indoushka
|
|
2010-01-04
|
|
pL-PHP 0.9 - 'index.php' Cross-Site Scripting
|
8 |
WEB
|
indoushka
|
|
2010-01-03
|
|
SLAED CMS 2.0 - 'stop' Cross-Site Scripting
|
9 |
WEB
|
indoushka
|
|
2010-01-03
|
|
Discuz! 2.0 - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
indoushka
|
|
2010-01-01
|
|
VisionGate 1.6 - 'login.php' Cross-Site Scripting
|
9 |
WEB
|
indoushka
|
|
2010-01-01
|
|
VirtuaSystems VirtuaNews Pro 1.0.4 - 'admin.php' Cross-Site Scripting
|
12 |
WEB
|
indoushka
|
|
2010-01-01
|
|
PHPCart 3.1.2 - 'search.php' Cross-Site Scripting
|
11 |
WEB
|
indoushka
|
|
2010-01-01
|
|
Reamday Enterprises Magic News Plus 1.0.2 - Cross-Site Scripting
|
9 |
WEB
|
indoushka
|
|
2009-12-31
|
|
DieselPay 1.6 - Cross-Site Scripting / Directory Traversal
|
10 |
WEB
|
indoushka
|
|
2009-12-31
|
|
Discuz! 1.0 - 'referer' Cross-Site Scripting
|
10 |
WEB
|
indoushka
|
|
2009-12-31
|
|
PhotoKorn 1.542 - Cross-Site Scripting / Remote File Inclusion
|
10 |
WEB
|
indoushka
|
|
2009-12-31
|
|
StarDevelop Live Help 2.6 - 'SERVER' Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
indoushka
|
|
2014-05-21
|
|
Binatone DT 850W Wireless Router - Multiple Cross-Site Request Forgery Vulnerabilities
|
10 |
WEB
|
Samandeep Singh
|
|
2009-12-31
|
|
Imagevue r16 - 'amount' Cross-Site Scripting
|
11 |
WEB
|
indoushka
|
|
2009-12-31
|
|
BosClassifieds 1.20 - 'recent.php' Cross-Site Scripting
|
13 |
WEB
|
indoushka
|
|
2009-12-31
|
|
SendStudio 4.0.1 - Cross-Site Scripting / Security Bypass
|
12 |
WEB
|
indoushka
|
|
2009-12-31
|
|
PHPMyCart 1.3 - Cross-Site Scripting / Authentication Bypass
|
9 |
WEB
|
indoushka
|
|
2009-12-29
|
|
AzDGDatingMedium 1.9.3 - 'l' Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
indoushka
|
|
2009-12-29
|
|
FreeWebShop 2.2.9 R2 - Multiple Remote Vulnerabilities
|
11 |
WEB
|
Akita Software Security
|
|
2009-12-25
|
|
Barbo91 - 'upload.php' Cross-Site Scripting
|
11 |
WEB
|
indoushka
|
|
2009-12-26
|
|
PHPInstantGallery 1.1 - 'admin.php' Cross-Site Scripting
|
11 |
WEB
|
indoushka
|
|
2009-12-28
|
|
FreePBX 2.5.2 - Zap Channel Addition Description Parameter Cross-Site Scripting
|
11 |
WEB
|
Global-Evolution
|
|
2009-12-28
|
|
FreePBX 2.5.2 - '/admin/config.php?tech' Cross-Site Scripting
|
10 |
WEB
|
Global-Evolution
|
|
2009-12-28
|
|
Joomla! Component Joomulus 2.0 - 'tagcloud.swf' Cross-Site Scripting
|
10 |
WEB
|
MustLive
|
|
2009-12-29
|
|
Joomla! Component iF Portfolio Nexus - 'Controller' Remote File Inclusion
|
10 |
WEB
|
F10riX
|
|
2009-12-24
|
|
MyBB 1.4.10 - 'myps.php' Cross-Site Scripting
|
11 |
WEB
|
Steven Abbagnaro
|
|
2009-12-23
|
|
webMathematica 3 - 'MSP' Script Cross-Site Scripting
|
10 |
WEB
|
Floyd Fuh
|
|
2009-12-21
|
|
PHP-Calendar 1.1 - 'update10.php?configfile' Traversal Local File Inclusion
|
12 |
WEB
|
Juan Galiana Lara
|
|
2009-12-21
|
|
PHP-Calendar 1.1 - 'update08.php?configfile' Traversal Local File Inclusion
|
11 |
WEB
|
Juan Galiana Lara
|
|
2009-12-22
|
|
ClarkConnect Linux 5.0 - 'proxy.php' Cross-Site Scripting
|
10 |
WEB
|
Edgard Chammas
|
|
2014-05-19
|
|
HP Release Control - (Authenticated) XML External Entity (Metasploit)
|
11 |
WEB
|
Brandon Perry
|
|
2014-05-19
|
|
SafeNet Sentinel Protection Server 7.0 < 7.4 / Sentinel Keys Server 1.0.3 < 1.0.4 - Directory Traver
|
12 |
WEB
|
Matt Schmidt
|
|
2014-05-19
|
|
SPIP CMS < 2.0.23/ 2.1.22/3.0.9 - Privilege Escalation
|
11 |
WEB
|
Gregory Draperi
|
|
2009-12-21
|
|
Kasseler CMS 1.3.4 Lite - Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
Gamoscu
|
|
2009-12-20
|
|
JBC Explorer 7.20 - 'arbre.php' Cross-Site Scripting
|
11 |
WEB
|
Metropolis
|
|
2009-12-18
|
|
Ampache 3.4.3 - 'login.php' Multiple SQL Injections
|
8 |
WEB
|
R3d-D3V!L
|
|
2009-12-18
|
|
F3Site 2009 - '/mod/new.php?GLOBALS[nlang]' Traversal Local File Inclusion
|
10 |
WEB
|
cr4wl3r
|
|
2009-12-18
|
|
F3Site 2009 - '/mod/poll.php?GLOBALS[nlang]' Traversal Local File Inclusion
|
12 |
WEB
|
cr4wl3r
|
|
2009-12-17
|
|
Joomla! Component com_joomportfolio - 'secid' SQL Injection
|
11 |
WEB
|
Fl0riX & Snakespc
|
|
2009-12-17
|
|
cPanel 11.x - 'fileop' Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
RENO
|
|
2009-12-17
|
|
QuiXplorer 2.x - 'lang' Local File Inclusion
|
10 |
WEB
|
Juan Galiana Lara
|
|
2009-12-17
|
|
Pluxml-Blog 4.2 - '/core/admin/auth.php' Cross-Site Scripting
|
11 |
WEB
|
Metropolis
|
|
2009-12-16
|
|
iSupport 1.8 - 'index.php?which' Cross-Site Scripting
|
12 |
WEB
|
Stink & Essandre
|
|
2009-12-16
|
|
iSupport 1.8 - 'ticket_function.php' Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
Stink & Essandre
|
|
2009-12-16
|
|
Drupal Module Sections 5.x-1.2/6.x-1.2 - HTML Injection
|
9 |
WEB
|
Justin C. Klein Keane
|
|
2009-12-16
|
|
Article Directory - 'login.php' SQL Injection
|
10 |
WEB
|
R3d D3v!L
|
|
2009-12-15
|
|
Horde 3.3.5 - '/Administration Interface admin/sqlshell.php?PATH_INFO' Cross-Site Scripting
|
10 |
WEB
|
Juan Galiana Lara
|
