|
2009-12-31
|
|
PHPMyCart 1.3 - Cross-Site Scripting / Authentication Bypass
|
21 |
WEB
|
indoushka
|
|
2009-12-29
|
|
AzDGDatingMedium 1.9.3 - 'l' Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
indoushka
|
|
2009-12-29
|
|
FreeWebShop 2.2.9 R2 - Multiple Remote Vulnerabilities
|
23 |
WEB
|
Akita Software Security
|
|
2009-12-25
|
|
Barbo91 - 'upload.php' Cross-Site Scripting
|
19 |
WEB
|
indoushka
|
|
2009-12-26
|
|
PHPInstantGallery 1.1 - 'admin.php' Cross-Site Scripting
|
23 |
WEB
|
indoushka
|
|
2009-12-28
|
|
FreePBX 2.5.2 - Zap Channel Addition Description Parameter Cross-Site Scripting
|
24 |
WEB
|
Global-Evolution
|
|
2009-12-28
|
|
FreePBX 2.5.2 - '/admin/config.php?tech' Cross-Site Scripting
|
20 |
WEB
|
Global-Evolution
|
|
2009-12-28
|
|
Joomla! Component Joomulus 2.0 - 'tagcloud.swf' Cross-Site Scripting
|
22 |
WEB
|
MustLive
|
|
2009-12-29
|
|
Joomla! Component iF Portfolio Nexus - 'Controller' Remote File Inclusion
|
21 |
WEB
|
F10riX
|
|
2009-12-24
|
|
MyBB 1.4.10 - 'myps.php' Cross-Site Scripting
|
25 |
WEB
|
Steven Abbagnaro
|
|
2009-12-23
|
|
webMathematica 3 - 'MSP' Script Cross-Site Scripting
|
19 |
WEB
|
Floyd Fuh
|
|
2009-12-21
|
|
PHP-Calendar 1.1 - 'update10.php?configfile' Traversal Local File Inclusion
|
23 |
WEB
|
Juan Galiana Lara
|
|
2009-12-21
|
|
PHP-Calendar 1.1 - 'update08.php?configfile' Traversal Local File Inclusion
|
20 |
WEB
|
Juan Galiana Lara
|
|
2009-12-22
|
|
ClarkConnect Linux 5.0 - 'proxy.php' Cross-Site Scripting
|
24 |
WEB
|
Edgard Chammas
|
|
2014-05-19
|
|
HP Release Control - (Authenticated) XML External Entity (Metasploit)
|
23 |
WEB
|
Brandon Perry
|
|
2014-05-19
|
|
SafeNet Sentinel Protection Server 7.0 < 7.4 / Sentinel Keys Server 1.0.3 < 1.0.4 - Directory Traver
|
26 |
WEB
|
Matt Schmidt
|
|
2014-05-19
|
|
SPIP CMS < 2.0.23/ 2.1.22/3.0.9 - Privilege Escalation
|
21 |
WEB
|
Gregory Draperi
|
|
2009-12-21
|
|
Kasseler CMS 1.3.4 Lite - Multiple Cross-Site Scripting Vulnerabilities
|
23 |
WEB
|
Gamoscu
|
|
2009-12-20
|
|
JBC Explorer 7.20 - 'arbre.php' Cross-Site Scripting
|
23 |
WEB
|
Metropolis
|
|
2009-12-18
|
|
Ampache 3.4.3 - 'login.php' Multiple SQL Injections
|
20 |
WEB
|
R3d-D3V!L
|
|
2009-12-18
|
|
F3Site 2009 - '/mod/new.php?GLOBALS[nlang]' Traversal Local File Inclusion
|
21 |
WEB
|
cr4wl3r
|
|
2009-12-18
|
|
F3Site 2009 - '/mod/poll.php?GLOBALS[nlang]' Traversal Local File Inclusion
|
27 |
WEB
|
cr4wl3r
|
|
2009-12-17
|
|
Joomla! Component com_joomportfolio - 'secid' SQL Injection
|
22 |
WEB
|
Fl0riX & Snakespc
|
|
2009-12-17
|
|
cPanel 11.x - 'fileop' Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
RENO
|
|
2009-12-17
|
|
QuiXplorer 2.x - 'lang' Local File Inclusion
|
23 |
WEB
|
Juan Galiana Lara
|
|
2009-12-17
|
|
Pluxml-Blog 4.2 - '/core/admin/auth.php' Cross-Site Scripting
|
20 |
WEB
|
Metropolis
|
|
2009-12-16
|
|
iSupport 1.8 - 'index.php?which' Cross-Site Scripting
|
23 |
WEB
|
Stink & Essandre
|
|
2009-12-16
|
|
iSupport 1.8 - 'ticket_function.php' Multiple Cross-Site Scripting Vulnerabilities
|
25 |
WEB
|
Stink & Essandre
|
|
2009-12-16
|
|
Drupal Module Sections 5.x-1.2/6.x-1.2 - HTML Injection
|
21 |
WEB
|
Justin C. Klein Keane
|
|
2009-12-16
|
|
Article Directory - 'login.php' SQL Injection
|
24 |
WEB
|
R3d D3v!L
|
|
2009-12-15
|
|
Horde 3.3.5 - '/Administration Interface admin/sqlshell.php?PATH_INFO' Cross-Site Scripting
|
19 |
WEB
|
Juan Galiana Lara
|
|
2009-12-15
|
|
Horde 3.3.5 - '/Administration Interface admin/cmdshell.php?PATH_INFO' Cross-Site Scripting
|
22 |
WEB
|
Juan Galiana Lara
|
|
2009-12-15
|
|
Horde 3.3.5 - Cross-Site Scripting
|
27 |
WEB
|
Juan Galiana Lara
|
|
2009-12-14
|
|
phpFaber CMS 1.3.36 - 'module.php' Cross-Site Scripting
|
20 |
WEB
|
bi0
|
|
2009-12-14
|
|
Million Pixel Script 3 - 'pa' Cross-Site Scripting
|
22 |
WEB
|
bi0
|
|
2009-12-14
|
|
Ez Cart - 'sid' Cross-Site Scripting
|
25 |
WEB
|
anti-gov
|
|
2009-12-10
|
|
Zeeways ZeeJobsite - 'basic_search_result.php' Cross-Site Scripting
|
27 |
WEB
|
bi0
|
|
2009-12-09
|
|
Invision Power Board (IP.Board) 3.0.3 - '.txt' MIME-Type Cross-Site Scripting
|
23 |
WEB
|
Xacker
|
|
2009-12-04
|
|
Joomla! Component You!Hostit! 1.0.1 Template - Cross-Site Scripting
|
28 |
WEB
|
andresg888
|
|
2009-12-04
|
|
Joomla! Component YOOtheme Warp5 - 'yt_color' Cross-Site Scripting
|
25 |
WEB
|
andresg888
|
|
2009-12-07
|
|
Advanced Image Hosting Script 2.x - 'search.php' Cross-Site Scripting
|
23 |
WEB
|
aBo MoHaMeD
|
|
2009-12-04
|
|
WordPress Plugin Yoast Google Analytics 3.2.4 - 404 Error Page Cross-Site Scripting
|
23 |
WEB
|
intern0t
|
|
2014-05-16
|
|
eGroupWare 1.8.006 - Multiple Vulnerabilities
|
21 |
WEB
|
High-Tech Bridge SA
|
|
2009-12-01
|
|
phpMyFAQ < 2.5.4 - Multiple Cross-Site Scripting Vulnerabilities
|
23 |
WEB
|
Amol Naik
|
|
2009-11-30
|
|
Elxis - 'Filename' Directory Traversal
|
26 |
WEB
|
cr4wl3r
|
|
2009-11-30
|
|
SmartMedia Module 0.85 Beta for XOOPS - 'categoryId' Cross-Site Scripting
|
26 |
WEB
|
SoldierOfAllah
|
|
2009-11-30
|
|
Content Module 0.5 for XOOPS - 'id' SQL Injection
|
26 |
WEB
|
s4r4d0
|
|
2008-02-16
|
|
Power Phlogger 2.2.x - Cross-Site Scripting
|
23 |
WEB
|
MustLive
|
|
2009-11-23
|
|
Joomla! 1.5.x - 404 Error Page Cross-Site Scripting
|
21 |
WEB
|
MustLive
|
|
2009-11-16
|
|
Joomla! Component ProofReader 1.0 RC9 - Cross-Site Scripting
|
23 |
WEB
|
MustLive
|
|
2009-11-24
|
|
klinza Professional CMS 5.0.1 - 'menulast.php' Local File Inclusion
|
25 |
WEB
|
klinza
|
|
2009-11-24
|
|
Quick.Cart 3.4 / Quick.CMS 2.4 - Delete Function Cross-Site Request Forgery
|
25 |
WEB
|
Alice Kaerast
|
|
2009-11-21
|
|
Cacti 0.8.x - 'graph.php' Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
Moritz Naumann
|
|
2009-11-16
|
|
WordPress Plugin Subscribe to Comments 2.0 - Multiple Cross-Site Scripting Vulnerabilities
|
19 |
WEB
|
MustLive
|
|
2009-11-13
|
|
WordPress Plugin Fuctweb CapCC 1.0 CAPTCHA - Security Bypass
|
23 |
WEB
|
MustLive
|
|
2009-11-09
|
|
WordPress Plugin WP-Cumulus 1.x - 'tagcloud.swf' Cross-Site Scripting
|
26 |
WEB
|
MustLive
|
|
2014-05-15
|
|
ElasticSearch - Remote Code Execution
|
24 |
WEB
|
Jeff Geiger
|
|
2009-11-24
|
|
WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabili
|
24 |
WEB
|
MustLive
|
|
2009-11-24
|
|
WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabili
|
22 |
WEB
|
MustLive
|
|
2009-11-15
|
|
WordPress Plugin Trashbin 0.1 - 'mtb_undelete' Cross-Site Scripting
|
24 |
WEB
|
MustLive
|
|
2009-11-29
|
|
WordPress Plugin WP-phpList 2.10.2 - 'unsubscribeemail' Cross-Site Scripting
|
20 |
WEB
|
MustLive
|
|
2009-11-19
|
|
CubeCart 3.0.4/4.3.6 - 'ProductID' SQL Injection
|
23 |
WEB
|
Sangte Amtham
|
|
2009-11-17
|
|
JiRo's (Multiple Products) - '/files/login.asp' Multiple SQL Injections
|
30 |
WEB
|
blackenedsecurity
|
|
2009-11-16
|
|
PHD Help Desk 1.43 - 'caso_insert.php?URL' Cross-Site Scripting
|
28 |
WEB
|
Amol Naik
|
|
2009-11-16
|
|
PHD Help Desk 1.43 - 'atributo_list.php' Multiple Cross-Site Scripting Vulnerabilities
|
32 |
WEB
|
Amol Naik
|
|
2009-11-16
|
|
PHD Help Desk 1.43 - 'atributo.php?URL' Cross-Site Scripting
|
22 |
WEB
|
Amol Naik
|
|
2009-11-16
|
|
PHD Help Desk 1.43 - 'area_list.php' Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
Amol Naik
|
|
2009-11-16
|
|
PHD Help Desk 1.43 - 'solic_display.php?q_registros' Cross-Site Scripting
|
23 |
WEB
|
Amol Naik
|
|
2009-11-16
|
|
PHD Help Desk 1.43 - 'area.php' Multiple Cross-Site Scripting Vulnerabilities
|
24 |
WEB
|
Amol Naik
|
|
2014-05-14
|
|
Broadcom PIPA C211 - Sensitive Information Disclosure
|
21 |
WEB
|
Portcullis
|
|
2009-11-06
|
|
McAfee Network Security Manager 5.1.7 - Information Disclosure
|
24 |
WEB
|
Daniel King
|
|
2009-11-06
|
|
McAfee Network Security Manager 5.1.7 - Multiple Cross-Site Scripting Vulnerabilities
|
25 |
WEB
|
Daniel King
|
|
2009-11-10
|
|
CuteNews 1.4.6 editnews Module - doeditnews Action Admin Moderation Bypass
|
23 |
WEB
|
Andrew Horton
|
|
2009-11-10
|
|
CuteNews 1.4.6 - 'index.php' Cross-Site Request Forgery (New User Creation)
|
22 |
WEB
|
Andrew Horton
|
|
2009-11-10
|
|
CuteNews 1.4.6 - 'result' Cross-Site Scripting
|
19 |
WEB
|
Andrew Horton
|
|
2009-11-10
|
|
CuteNews 1.4.6 - 'search.php' Multiple Cross-Site Scripting Vulnerabilities
|
24 |
WEB
|
Andrew Horton
|
|
2009-11-10
|
|
CuteNews 1.4.6 - 'from_date_day' Full Path Disclosure
|
19 |
WEB
|
Andrew Horton
|
|
2009-11-10
|
|
CuteNews 1.4.6 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
Andrew Horton
|
|
2014-05-12
|
|
VM Turbo Operations Manager 4.5x - Directory Traversal
|
19 |
WEB
|
Jamal Pecou
|
|
2014-05-12
|
|
SpiceWorks 7.2.00174 - Persistent Cross-Site Scripting
|
22 |
WEB
|
Dolev Farhi
|
|
2014-05-12
|
|
Skybox Security 6.3.x < 6.4.x - Multiple Information Disclosures
|
21 |
WEB
|
Luigi Vezzoso
|
|
2009-11-02
|
|
TFTgallery 0.13 - 'sample' Cross-Site Scripting
|
25 |
WEB
|
blake
|
|
2014-05-12
|
|
Alienvault Open Source SIEM (OSSIM) 4.6.1 - (Authenticated) SQL Injection (Metasploit)
|
20 |
WEB
|
Chris Hebert
|
|
2009-10-26
|
|
TFTgallery 0.13 - 'album' Cross-Site Scripting
|
24 |
WEB
|
blake
|
|
2009-10-27
|
|
Sahana 0.6.2 - 'mod' Local File Disclosure
|
23 |
WEB
|
Greg Miernicki
|
|
2009-10-26
|
|
RunCMS - 'forum' SQL Injection
|
23 |
WEB
|
Nine:Situations:Group::bookoo
|
|
2009-10-21
|
|
OpenDocMan 1.2.5 - 'view_file.php' Cross-Site Scripting
|
27 |
WEB
|
Amol Naik
|
|
2009-10-21
|
|
OpenDocMan 1.2.5 - 'user.php' Cross-Site Scripting
|
24 |
WEB
|
Amol Naik
|
|
2009-10-21
|
|
OpenDocMan 1.2.5 - 'search.php' Cross-Site Scripting
|
24 |
WEB
|
Amol Naik
|
|
2009-10-21
|
|
OpenDocMan 1.2.5 - 'rejects.php' Cross-Site Scripting
|
25 |
WEB
|
Amol Naik
|
|
2009-10-21
|
|
OpenDocMan 1.2.5 - 'profile.php' Cross-Site Scripting
|
25 |
WEB
|
Amol Naik
|
|
2009-10-21
|
|
OpenDocMan 1.2.5 - 'department.php' Cross-Site Scripting
|
26 |
WEB
|
Amol Naik
|
|
2009-10-21
|
|
OpenDocMan 1.2.5 - 'category.php' Cross-Site Scripting
|
23 |
WEB
|
Amol Naik
|
|
2009-10-21
|
|
OpenDocMan 1.2.5 - 'admin.php?last_message' Cross-Site Scripting
|
21 |
WEB
|
Amol Naik
|
|
2009-10-21
|
|
OpenDocMan 1.2.5 - 'index.php?last_message' Cross-Site Scripting
|
22 |
WEB
|
Amol Naik
|
|
2009-10-21
|
|
OpenDocMan 1.2.5 - 'toBePublished.php' Multiple Cross-Site Scripting Vulnerabilities
|
26 |
WEB
|
Amol Naik
|
|
2009-10-21
|
|
OpenDocMan 1.2.5 - 'add.php?last_message' Cross-Site Scripting
|
26 |
WEB
|
Amol Naik
|
|
2009-10-19
|
|
TBmnetCMS 1.0 - Cross-Site Scripting
|
25 |
WEB
|
drunken danish rednecks
|
|
2009-10-15
|
|
IBM Rational RequisitePro 7.10 - ReqWeb Help Feature 'ReqWebHelp/basic/searchView.jsp' Multiple Cros
|
24 |
WEB
|
IBM
|
|
2009-10-15
|
|
IBM Rational RequisitePro 7.10 - 'ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp?Operation'
|
28 |
WEB
|
IBM
|
|
2009-10-15
|
|
Snitz Forums 2000 3.4.7 - Sound Tag Onload Attribute Cross-Site Scripting
|
26 |
WEB
|
Andrea Fabrizi
|
|
2009-10-15
|
|
Snitz Forums 2000 3.4.7 - 'pop_send_to_friend.asp?url' Cross-Site Scripting
|
29 |
WEB
|
Andrea Fabrizi
|
|
2009-10-14
|
|
Zainu 1.0 - 'searchSongKeyword' Cross-Site Scripting
|
23 |
WEB
|
drunken danish rednecks
|
|
2009-10-15
|
|
BloofoxCMS 0.3.5 - 'search' Cross-Site Scripting
|
23 |
WEB
|
drunken danish rednecks
|
|
2009-10-14
|
|
Eclipse BIRT 2.2.1 - 'run?__report' Cross-Site Scripting
|
24 |
WEB
|
Michele Orru
|
|
2009-10-14
|
|
Pentaho BI 1.x - Multiple Cross-Site Scripting / Information Disclosure Vulnerabilities
|
27 |
WEB
|
euronymous
|
|
2009-10-13
|
|
Dream Poll 3.1 - '/index.php' Cross-Site Scripting / SQL Injection
|
21 |
WEB
|
infosecstuff
|
|
2009-10-13
|
|
Achievo 1.x - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
|
22 |
WEB
|
Ryan Dewhurst
|
|
2009-10-06
|
|
AfterLogic WebMail Pro 4.7.10 - Multiple Cross-Site Scripting Vulnerabilities
|
23 |
WEB
|
Sébastien Duquette
|
|
2009-10-06
|
|
X-Cart Email Subscription - 'email' Cross-Site Scripting
|
20 |
WEB
|
Paulo Santos
|
|
2009-10-05
|
|
Joomla! Component CB Resume Builder - 'group_id' SQL Injection
|
26 |
WEB
|
kaMtiEz
|
|
2009-09-29
|
|
Interspire Knowledge Manager 5 - 'p' Directory Traversal
|
24 |
WEB
|
Infected Web
|
|
2009-09-28
|
|
e107 0.7.x - CAPTCHA Security Bypass / Cross-Site Scripting
|
24 |
WEB
|
MustLive
|
|
2009-09-23
|
|
IBM Lotus Connections 2.0.1 - 'simpleSearch.do' Cross-Site Scripting
|
24 |
WEB
|
IBM
|
|
2014-05-08
|
|
Cobbler 2.4.x < 2.6.x - Local File Inclusion
|
23 |
WEB
|
Dolev Farhi
|
|
2014-05-08
|
|
Collabtive 1.2 - Persistent Cross-Site Scripting
|
19 |
WEB
|
Deepak Rathore
|
|
2014-05-08
|
|
Collabtive 1.2 - SQL Injection
|
23 |
WEB
|
Deepak Rathore
|
|
2014-05-08
|
|
OpenFiler 2.99.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
18 |
WEB
|
Dolev Farhi
|
|
2014-05-08
|
|
OpenFiler 2.99.1 - Arbitrary Code Execution
|
21 |
WEB
|
Dolev Farhi
|
|
2009-09-23
|
|
Vastal I-Tech Agent Zone - 'view_listing.php' SQL Injection
|
24 |
WEB
|
OoN_Boy
|
|
2009-09-22
|
|
Vastal I-Tech DVD Zone - 'view_mag.php' Cross-Site Scripting
|
20 |
WEB
|
OoN_Boy
|
|
2009-09-22
|
|
Vastal I-Tech DVD Zone - 'view_mag.php' SQL Injection
|
26 |
WEB
|
OoN_Boy
|
|
2009-09-22
|
|
Vastal I-Tech Cosmetics Zone - 'view_products.php' SQL Injection
|
24 |
WEB
|
OoN_Boy
|
|
2009-09-22
|
|
Joomla! Component JoomlaFacebook - SQL Injection
|
22 |
WEB
|
kaMtiEz
|
|
2009-09-22
|
|
Joomla! Component SportFusion 0.2.x - SQL Injection
|
19 |
WEB
|
kaMtiEz
|
