|
2009-04-27
|
|
Invision Power Board (IP.Board) 3.0 - Multiple HTML Injection / Information Disclosure Vulnerabiliti
|
21 |
WEB
|
brain[pillow]
|
|
2009-04-27
|
|
MataChat - 'input.php' Multiple Cross-Site Scripting Vulnerabilities
|
18 |
WEB
|
Am!r
|
|
2009-04-24
|
|
PuterJam's Blog PJBlog3 3.0.6 - 'action.asp' SQL Injection
|
22 |
WEB
|
anonymous
|
|
2009-04-23
|
|
CS Whois Lookup - 'ip' Remote Command Execution
|
17 |
WEB
|
SirGod
|
|
2009-04-22
|
|
Flat Calendar 1.1 - 'add.php' HTML Injection
|
20 |
WEB
|
ZoRLu
|
|
2009-04-22
|
|
New5starRating 1.0 - '/admin/control_panel_sample.php' SQL Injection
|
22 |
WEB
|
zer0day
|
|
2014-04-20
|
|
Teracom Modem T2-B-Gawv1.4U10Y-BI - Cross-Site Request Forgery
|
19 |
WEB
|
Rakesh S
|
|
2014-04-19
|
|
PTCeffect 4.6 - Local File Inclusion / SQL Injection
|
21 |
WEB
|
walid naceri
|
|
2009-04-21
|
|
Sun Java System Delegated Administrator 6.x - HTTP Response Splitting
|
19 |
WEB
|
SCS team
|
|
2009-04-20
|
|
Online Contact Manager 3.0 - 'delete.php?id' Cross-Site Scripting
|
17 |
WEB
|
Vrs-hCk
|
|
2009-04-20
|
|
Online Contact Manager 3.0 - 'edit.php?id' Cross-Site Scripting
|
20 |
WEB
|
Vrs-hCk
|
|
2009-04-20
|
|
Online Contact Manager 3.0 - 'email.php?id' Cross-Site Scripting
|
21 |
WEB
|
Vrs-hCk
|
|
2009-04-20
|
|
Online Contact Manager 3.0 - 'view.php?id' Cross-Site Scripting
|
17 |
WEB
|
Vrs-hCk
|
|
2009-04-20
|
|
Online Contact Manager 3.0 - 'index.php?showGroup' Cross-Site Scripting
|
22 |
WEB
|
Vrs-hCk
|
|
2009-04-20
|
|
Online Photo Pro 2.0 - 'section' Cross-Site Scripting
|
21 |
WEB
|
Vrs-hCk
|
|
2014-04-18
|
|
CMSimple 4.4/4.4.2 - Remote File Inclusion
|
21 |
WEB
|
NoGe
|
|
2009-04-17
|
|
Malleo 1.2.3 - 'admin.php' Local File Inclusion
|
20 |
WEB
|
Drosophila
|
|
2009-04-16
|
|
BlackBerry Enterprise Server 4.0/4.1 - MDS Connection Service Cross-Site Scripting
|
16 |
WEB
|
Ken Millar
|
|
2009-04-16
|
|
RazorCMS 0.3RC2 - Multiple Vulnerabilities
|
19 |
WEB
|
Jeremi Gosney
|
|
2009-04-16
|
|
Geeklog 1.5.2 - 'usersettings.php' SQL Injection
|
24 |
WEB
|
Nine:Situations:Group::bookoo
|
|
2009-04-16
|
|
Phorum 5.2 - 'versioncheck.php?upgrade_available' Cross-Site Scripting
|
25 |
WEB
|
voodoo-labs
|
|
2009-04-16
|
|
Phorum 5.2 - '/admin/users.php' Multiple Cross-Site Scripting Vulnerabilities
|
24 |
WEB
|
voodoo-labs
|
|
2009-04-16
|
|
Phorum 5.2 - '/admin/banlist.php?curr' Cross-Site Scripting
|
25 |
WEB
|
voodoo-labs
|
|
2009-04-16
|
|
Phorum 5.2 - '/admin/badwords.php?curr' Cross-Site Scripting
|
22 |
WEB
|
voodoo-labs
|
|
2009-04-15
|
|
Novell Teaming 1.0 - User Enumeration / Multiple Cross-Site Scripting Vulnerabilities
|
27 |
WEB
|
Michael Kirchner
|
|
2009-04-14
|
|
IBM Tivoli Continuous Data Protection for Files 3.1.4.0 - Cross-Site Scripting
|
25 |
WEB
|
Abdul-Aziz Hariri
|
|
2009-04-13
|
|
Banshee 1.4.2 DAAP Extension - '/apps/web/vs_diag.cgi' Cross-Site Scripting
|
30 |
WEB
|
Anthony de Almeida Lopes
|
|
2009-04-13
|
|
People-Trak - Login SQL Injection
|
23 |
WEB
|
Mormoroth.net
|
|
2009-04-09
|
|
Absolute Form Processor XE 1.5 - 'login.asp' SQL Injection
|
30 |
WEB
|
ThE g0bL!N
|
|
2009-04-09
|
|
Cisco Subscriber Edge Services Manager - Cross-Site Scripting / HTML Injection
|
28 |
WEB
|
Usman Saeed
|
|
2009-04-09
|
|
IBM Bladecenter Advanced Management Module 1.42 - Cross-Site Request Forgery
|
25 |
WEB
|
Henri Lindberg
|
|
2009-04-09
|
|
IBM Bladecenter Advanced Management Module 1.42 - '/private/file_Management.ssi?PATH' Cross-Site Scr
|
22 |
WEB
|
Henri Lindberg
|
|
2009-04-09
|
|
IBM Bladecenter Advanced Management Module 1.42 - Login 'Username' Cross-Site Scripting
|
24 |
WEB
|
Henri Lindberg
|
|
2009-04-02
|
|
4CMS - SQL Injection / Local File Inclusion
|
24 |
WEB
|
k1ll3r_null
|
|
2009-04-02
|
|
Asbru Web Content Management 6.5/6.6.9 - SQL Injection / Cross-Site Scripting
|
24 |
WEB
|
Patrick Webster
|
|
2009-04-02
|
|
osCommerce 2.2/3.0 - 'oscid' Session Fixation
|
23 |
WEB
|
laurent.desaulniers
|
|
2014-04-15
|
|
Xerox DocuShare - SQL Injection
|
27 |
WEB
|
Brandon Perry
|
|
2014-04-15
|
|
Netgear WNDR3400 N600 Wireless Dual Band - Multiple Vulnerabilities
|
25 |
WEB
|
Santhosh Kumar
|
|
2009-04-02
|
|
SAP Business Objects Crystal Reports 7-10 - 'viewreport.asp' Cross-Site Scripting
|
24 |
WEB
|
Bugs NotHugs
|
|
2009-03-31
|
|
Turnkey eBook Store 1.1 - 'keywords' Cross-Site Scripting
|
23 |
WEB
|
TEAMELITE
|
|
2009-03-25
|
|
Comparison Engine Power 1.0 - 'product.comparision.php' SQL Injection
|
24 |
WEB
|
SirGod
|
|
2009-04-01
|
|
BlogEngine.NET 1.4 - 'search.aspx' Cross-Site Scripting
|
23 |
WEB
|
sk
|
|
2009-03-17
|
|
phpCMS 2008 - 'search_ajax.php' SQL Injection
|
30 |
WEB
|
anonymous
|
|
2009-03-24
|
|
PHPizabi 0.8 - 'notepad_body' SQL Injection
|
27 |
WEB
|
Nine:Situations:Group::bookoo
|
|
2009-03-22
|
|
ExpressionEngine 1.6 - Avtaar Name HTML Injection
|
26 |
WEB
|
Adam Baldwin
|
|
2009-04-19
|
|
AWStats 6.4 - 'AWStats.pl' Multiple Full Path Disclosures
|
23 |
WEB
|
r0t
|
|
2014-04-14
|
|
eScan Web Management Console - Command Injection (Metasploit)
|
31 |
WEB
|
Metasploit
|
|
2014-04-14
|
|
WordPress Plugin Twitget 3.3.1 - Multiple Vulnerabilities
|
26 |
WEB
|
Tom Adams
|
|
2014-04-14
|
|
WordPress Plugin Quick Page/Post Redirect 5.0.3 - Multiple Vulnerabilities
|
28 |
WEB
|
Tom Adams
|
|
2014-04-14
|
|
PDF Album 1.7 iOS - Local File Inclusion
|
29 |
WEB
|
Vulnerability-Lab
|
|
2009-05-20
|
|
Sun Java System Communications Express 6.3 - 'UWCMain' Cross-Site Scripting
|
25 |
WEB
|
SCS team
|
|
2009-05-20
|
|
Sun Java System Communications Express 6.3 - 'search.xml' Cross-Site Scripting
|
24 |
WEB
|
SCS team
|
|
2009-03-31
|
|
Sun Java System Calendar Server 6 - 'command.shtml' Cross-Site Scripting
|
24 |
WEB
|
SCS team
|
|
2014-04-14
|
|
WordPress Theme LineNity 1.20 - Local File Inclusion
|
23 |
WEB
|
felipe andrian
|
|
2014-04-14
|
|
Sagem Fast 3304-V2 - Authentication Bypass (1)
|
16 |
WEB
|
Yassin Aboukir
|
|
2009-03-17
|
|
Sun Java System Messenger Express 6.3-0.15 - 'error' Cross-Site Scripting
|
21 |
WEB
|
syniack
|
|
2009-03-12
|
|
TikiWiki 2.2/3.0 - 'tiki-listpages.php' Cross-Site Scripting
|
20 |
WEB
|
iliz
|
|
2009-03-12
|
|
TikiWiki 2.2/3.0 - 'tiki-list_file_gallery.php' Cross-Site Scripting
|
18 |
WEB
|
iliz
|
|
2009-03-12
|
|
TikiWiki 2.2/3.0 - 'tiki-galleries.php' Cross-Site Scripting
|
18 |
WEB
|
iliz
|
|
2009-03-10
|
|
Nenriki CMS 0.5 - 'ID' Cookie SQL Injection
|
21 |
WEB
|
x0r
|
|
2009-03-09
|
|
PHORTAIL 1.2.1 - 'poster.php' Multiple HTML Injection Vulnerabilities
|
21 |
WEB
|
Jonathan Salwan
|
|
2009-03-06
|
|
TinXCMS 3.5 - 'rss.php' SQL Injection
|
20 |
WEB
|
Dmitriy Evteev
|
|
2009-03-06
|
|
UMI CMS 2.7 - 'fields_filter' Cross-Site Scripting
|
20 |
WEB
|
Dmitriy Evteev
|
|
2009-02-28
|
|
CMSCart 1.04 - 'maindatafunctions.php' SQL Injection
|
17 |
WEB
|
John Martinelli
|
|
2009-03-05
|
|
Amoot Web Directory - Password Field SQL Injection
|
17 |
WEB
|
Pouya_Server
|
|
2009-03-03
|
|
Novaboard 1.0 - HTML Injection / Cross-Site Scripting
|
18 |
WEB
|
Jose Luis Zayas
|
|
2009-03-02
|
|
Blogsa 1.0 - 'Widgets.aspx' Cross-Site Scripting
|
17 |
WEB
|
DJR
|
|
2014-04-13
|
|
Microweber CMS 0.93 - Cross-Site Request Forgery
|
23 |
WEB
|
sajith
|
|
2014-04-13
|
|
CubeCart 5.2.8 - Session Fixation
|
20 |
WEB
|
absane
|
|
2009-03-02
|
|
Yektaweb Academic Web Tools CMS 1.4.2.8/1.5.7 - Multiple Cross-Site Scripting Vulnerabilities
|
18 |
WEB
|
Isfahan
|
|
2009-03-02
|
|
Afian - 'includer.php' Directory Traversal
|
21 |
WEB
|
vnbrain.net
|
|
2009-02-27
|
|
Irokez Blog 0.7.3.2 - Multiple Input Validation Vulnerabilities
|
19 |
WEB
|
Corwin
|
|
2009-02-26
|
|
APC PowerChute Network Shutdown - HTTP Response Splitting / Cross-Site Scripting
|
18 |
WEB
|
Digital Security Research Group
|
|
2009-02-26
|
|
Parsi PHP CMS 2.0 - 'index.php' SQL Injection
|
19 |
WEB
|
Cru3l.b0y
|
|
2009-02-25
|
|
JOnAS 4.10.3 - 'select' Error Page Cross-Site Scripting
|
17 |
WEB
|
Digital Security Research Group
|
|
2009-02-25
|
|
Orooj CMS - 'news.php' SQL Injection
|
22 |
WEB
|
Cru3l.b0y
|
|
2014-04-11
|
|
Sendy 1.1.9.1 - SQL Injection
|
20 |
WEB
|
delme
|
|
2009-02-24
|
|
Magento 1.2 - 'downloader/index.php' Cross-Site Scripting
|
18 |
WEB
|
Loukas Kalenderidis
|
|
2009-02-24
|
|
Magento 1.2 - '/app/code/core/Mage/Adminhtml/controllers/IndexController.php?email' Cross-Site Scrip
|
21 |
WEB
|
Loukas Kalenderidis
|
|
2009-02-24
|
|
Magento 1.2 - '/app/code/core/Mage/Admin/Model/Session.php?login['Username']' Cross-Site Scripting
|
20 |
WEB
|
Loukas Kalenderidis
|
|
2009-02-23
|
|
Joomla! / Mambo Component gigCalendar 1.0 - 'banddetails.php' SQL Injection
|
18 |
WEB
|
Salvatore Fresta
|
|
2009-02-22
|
|
Blue Utopia - 'index.php' Local File Inclusion
|
19 |
WEB
|
PLATEN
|
|
2009-02-20
|
|
lastRSS autoposting bot MOD 0.1.3 - 'phpbb_root_path' Remote File Inclusion
|
22 |
WEB
|
Kacper
|
|
2008-10-01
|
|
A4Desk Event Calendar - 'eventid' SQL Injection
|
21 |
WEB
|
r45c4l
|
|
2009-02-16
|
|
Clipbucket 1.7 - 'dwnld.php' Directory Traversal
|
19 |
WEB
|
JIKO
|
|
2009-02-10
|
|
Banking@Home 2.1 - 'login.asp' Multiple SQL Injections
|
14 |
WEB
|
Francesco Bianchino
|
|
2014-04-10
|
|
Orbit Open Ad Server 1.1.0 - SQL Injection
|
19 |
WEB
|
High-Tech Bridge SA
|
|
2014-04-10
|
|
XCloner Standalone 3.5 - Cross-Site Request Forgery
|
21 |
WEB
|
High-Tech Bridge SA
|
|
2009-02-09
|
|
Bitrix Site Manager 6/7 - Multiple Input Validation Vulnerabilities
|
22 |
WEB
|
aGGreSSor
|
|
2009-02-05
|
|
glFusion 1.1 - Anonymous Comment 'Username' HTML Injection
|
18 |
WEB
|
Bjarne Mathiesen Schacht
|
|
2009-02-09
|
|
FotoWeb 6.0 - 'Grid.fwx?search' Cross-Site Scripting
|
17 |
WEB
|
Stelios Tigkas
|
|
2009-02-09
|
|
FotoWeb 6.0 - 'Login.fwx?s' Cross-Site Scripting
|
17 |
WEB
|
Stelios Tigkas
|
|
2009-02-06
|
|
Ilch CMS 1.1 - 'HTTP_X_FORWARDED_FOR' SQL Injection
|
19 |
WEB
|
Gizmore
|
|
2009-02-04
|
|
MetaBBS 0.11 - Administration Settings Authentication Bypass
|
19 |
WEB
|
make0day
|
|
2009-02-03
|
|
Simple Machines Forum (SMF) 1.1.7 - '[url]' Tag HTML Injection
|
21 |
WEB
|
Xianur0
|
|
2009-01-30
|
|
E-PHP B2B Trading Marketplace Script - Multiple Cross-Site Scripting Vulnerabilities
|
18 |
WEB
|
SaiedHacker
|
|
2009-01-29
|
|
PerlSoft Gästebuch 1.7b - 'admincenter.cgi' Remote Command Execution
|
20 |
WEB
|
Perforin
|
|
2014-04-09
|
|
Quick.CMS 5.4 - Multiple Vulnerabilities
|
20 |
WEB
|
Shpend Kurtishaj
|
|
2009-01-28
|
|
Autonomy Ultraseek - 'cs.html' Open Redirection
|
24 |
WEB
|
buzzy
|
|
2014-04-09
|
|
csUpload Script Site - Authentication Bypass
|
24 |
WEB
|
Satanic2000
|
|
2009-01-24
|
|
NewsCMSLite - Insecure Cookie Authentication Bypass
|
22 |
WEB
|
FarhadKey
|
|
2009-01-26
|
|
OpenX 2.6.2 - 'MAX_type' Local File Inclusion
|
24 |
WEB
|
Sarid Harper
|
|
2009-01-26
|
|
Lootan - 'login.asp' SQL Injection
|
26 |
WEB
|
Arash Setayeshi
|
|
2009-01-26
|
|
ConPresso CMS 4.07 - Multiple Remote Vulnerabilities
|
24 |
WEB
|
David Vieira-Kurz
|
|
2009-01-26
|
|
LDF - 'login.asp' SQL Injection
|
27 |
WEB
|
Arash Setayeshi
|
|
2009-01-23
|
|
OBLOG - 'err.asp' Cross-Site Scripting
|
23 |
WEB
|
arash.setayeshi
|
|
2009-01-23
|
|
BBSXP 5.13 - 'error.asp' Cross-Site Scripting
|
27 |
WEB
|
arashps0
|
|
2009-01-23
|
|
PHP-Nuke Downloads Module - 'url' SQL Injection
|
26 |
WEB
|
Sina Yazdanmehr
|
|
2009-01-20
|
|
MoinMoin 1.8 - 'AttachFile.py' Cross-Site Scripting
|
22 |
WEB
|
SecureState
|
|
2009-01-20
|
|
Apache JackRabbit 1.4/1.5 Content Repository (JCR) - 'swr.jsp?q' Cross-Site Scripting
|
19 |
WEB
|
Red Hat
|
|
2009-01-20
|
|
Apache JackRabbit 1.4/1.5 Content Repository (JCR) - 'search.jsp?q' Cross-Site Scripting
|
19 |
WEB
|
Red Hat
|
|
2009-01-16
|
|
Blog Manager - 'categoryId' Cross-Site Scripting
|
26 |
WEB
|
Pouya_Server
|
|
2009-01-16
|
|
Blog Manager - 'ItemID' SQL Injection
|
21 |
WEB
|
Pouya_Server
|
|
2009-01-16
|
|
LemonLDAP:NG 0.9.3.1 - User Enumeration / Cross-Site Scripting
|
18 |
WEB
|
clément Oudot
|
|
2009-01-15
|
|
w3bcms - '/admin/index.php' SQL Injection
|
21 |
WEB
|
Pouya_Server
|
|
2009-01-15
|
|
Masir Camp 3.0 - 'SearchKeywords' SQL Injection
|
21 |
WEB
|
Pouya_Server
|
|
2009-01-15
|
|
Active Bids - 'search' SQL Injection
|
20 |
WEB
|
Pouya_Server
|
|
2009-01-15
|
|
Active Bids - 'search' Cross-Site Scripting
|
18 |
WEB
|
Pouya_Server
|
|
2009-01-15
|
|
LinksPro - 'OrderDirection' SQL Injection
|
16 |
WEB
|
Pouya_Server
|
|
2009-01-15
|
|
MKPortal 1.2.1 - '/modules/rss/handler_image.php?i' Cross-Site Scripting
|
19 |
WEB
|
waraxe
|
|
2009-01-15
|
|
MKPortal 1.2.1 - '/modules/blog/index.php' Home Template Textarea SQL Injection
|
20 |
WEB
|
waraxe
|
|
2009-01-14
|
|
Dark Age CMS 2.0 - 'login.php' SQL Injection
|
22 |
WEB
|
darkjoker
|
|
2014-04-07
|
|
XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities
|
22 |
WEB
|
hackerDesk
|
|
2009-01-12
|
|
Ovidentia 6.7.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
22 |
WEB
|
Ivan Sanchez
|
|
2009-01-12
|
|
Comersus Cart 6 - User Email and User Password Unauthorized Access
|
23 |
WEB
|
ajann
|
