|
2009-04-09
|
|
Absolute Form Processor XE 1.5 - 'login.asp' SQL Injection
|
11 |
WEB
|
ThE g0bL!N
|
|
2009-04-09
|
|
Cisco Subscriber Edge Services Manager - Cross-Site Scripting / HTML Injection
|
11 |
WEB
|
Usman Saeed
|
|
2009-04-09
|
|
IBM Bladecenter Advanced Management Module 1.42 - Cross-Site Request Forgery
|
11 |
WEB
|
Henri Lindberg
|
|
2009-04-09
|
|
IBM Bladecenter Advanced Management Module 1.42 - '/private/file_Management.ssi?PATH' Cross-Site Scr
|
10 |
WEB
|
Henri Lindberg
|
|
2009-04-09
|
|
IBM Bladecenter Advanced Management Module 1.42 - Login 'Username' Cross-Site Scripting
|
10 |
WEB
|
Henri Lindberg
|
|
2009-04-02
|
|
4CMS - SQL Injection / Local File Inclusion
|
12 |
WEB
|
k1ll3r_null
|
|
2009-04-02
|
|
Asbru Web Content Management 6.5/6.6.9 - SQL Injection / Cross-Site Scripting
|
11 |
WEB
|
Patrick Webster
|
|
2009-04-02
|
|
osCommerce 2.2/3.0 - 'oscid' Session Fixation
|
11 |
WEB
|
laurent.desaulniers
|
|
2014-04-15
|
|
Xerox DocuShare - SQL Injection
|
12 |
WEB
|
Brandon Perry
|
|
2014-04-15
|
|
Netgear WNDR3400 N600 Wireless Dual Band - Multiple Vulnerabilities
|
12 |
WEB
|
Santhosh Kumar
|
|
2009-04-02
|
|
SAP Business Objects Crystal Reports 7-10 - 'viewreport.asp' Cross-Site Scripting
|
11 |
WEB
|
Bugs NotHugs
|
|
2009-03-31
|
|
Turnkey eBook Store 1.1 - 'keywords' Cross-Site Scripting
|
13 |
WEB
|
TEAMELITE
|
|
2009-03-25
|
|
Comparison Engine Power 1.0 - 'product.comparision.php' SQL Injection
|
13 |
WEB
|
SirGod
|
|
2009-04-01
|
|
BlogEngine.NET 1.4 - 'search.aspx' Cross-Site Scripting
|
11 |
WEB
|
sk
|
|
2009-03-17
|
|
phpCMS 2008 - 'search_ajax.php' SQL Injection
|
12 |
WEB
|
anonymous
|
|
2009-03-24
|
|
PHPizabi 0.8 - 'notepad_body' SQL Injection
|
13 |
WEB
|
Nine:Situations:Group::bookoo
|
|
2009-03-22
|
|
ExpressionEngine 1.6 - Avtaar Name HTML Injection
|
11 |
WEB
|
Adam Baldwin
|
|
2009-04-19
|
|
AWStats 6.4 - 'AWStats.pl' Multiple Full Path Disclosures
|
11 |
WEB
|
r0t
|
|
2014-04-14
|
|
eScan Web Management Console - Command Injection (Metasploit)
|
15 |
WEB
|
Metasploit
|
|
2014-04-14
|
|
WordPress Plugin Twitget 3.3.1 - Multiple Vulnerabilities
|
11 |
WEB
|
Tom Adams
|
|
2014-04-14
|
|
WordPress Plugin Quick Page/Post Redirect 5.0.3 - Multiple Vulnerabilities
|
12 |
WEB
|
Tom Adams
|
|
2014-04-14
|
|
PDF Album 1.7 iOS - Local File Inclusion
|
12 |
WEB
|
Vulnerability-Lab
|
|
2009-05-20
|
|
Sun Java System Communications Express 6.3 - 'UWCMain' Cross-Site Scripting
|
10 |
WEB
|
SCS team
|
|
2009-05-20
|
|
Sun Java System Communications Express 6.3 - 'search.xml' Cross-Site Scripting
|
10 |
WEB
|
SCS team
|
|
2009-03-31
|
|
Sun Java System Calendar Server 6 - 'command.shtml' Cross-Site Scripting
|
9 |
WEB
|
SCS team
|
|
2014-04-14
|
|
WordPress Theme LineNity 1.20 - Local File Inclusion
|
10 |
WEB
|
felipe andrian
|
|
2014-04-14
|
|
Sagem Fast 3304-V2 - Authentication Bypass (1)
|
9 |
WEB
|
Yassin Aboukir
|
|
2009-03-17
|
|
Sun Java System Messenger Express 6.3-0.15 - 'error' Cross-Site Scripting
|
10 |
WEB
|
syniack
|
|
2009-03-12
|
|
TikiWiki 2.2/3.0 - 'tiki-listpages.php' Cross-Site Scripting
|
11 |
WEB
|
iliz
|
|
2009-03-12
|
|
TikiWiki 2.2/3.0 - 'tiki-list_file_gallery.php' Cross-Site Scripting
|
10 |
WEB
|
iliz
|
|
2009-03-12
|
|
TikiWiki 2.2/3.0 - 'tiki-galleries.php' Cross-Site Scripting
|
9 |
WEB
|
iliz
|
|
2009-03-10
|
|
Nenriki CMS 0.5 - 'ID' Cookie SQL Injection
|
11 |
WEB
|
x0r
|
|
2009-03-09
|
|
PHORTAIL 1.2.1 - 'poster.php' Multiple HTML Injection Vulnerabilities
|
9 |
WEB
|
Jonathan Salwan
|
|
2009-03-06
|
|
TinXCMS 3.5 - 'rss.php' SQL Injection
|
10 |
WEB
|
Dmitriy Evteev
|
|
2009-03-06
|
|
UMI CMS 2.7 - 'fields_filter' Cross-Site Scripting
|
10 |
WEB
|
Dmitriy Evteev
|
|
2009-02-28
|
|
CMSCart 1.04 - 'maindatafunctions.php' SQL Injection
|
11 |
WEB
|
John Martinelli
|
|
2009-03-05
|
|
Amoot Web Directory - Password Field SQL Injection
|
11 |
WEB
|
Pouya_Server
|
|
2009-03-03
|
|
Novaboard 1.0 - HTML Injection / Cross-Site Scripting
|
11 |
WEB
|
Jose Luis Zayas
|
|
2009-03-02
|
|
Blogsa 1.0 - 'Widgets.aspx' Cross-Site Scripting
|
10 |
WEB
|
DJR
|
|
2014-04-13
|
|
Microweber CMS 0.93 - Cross-Site Request Forgery
|
11 |
WEB
|
sajith
|
|
2014-04-13
|
|
CubeCart 5.2.8 - Session Fixation
|
11 |
WEB
|
absane
|
|
2009-03-02
|
|
Yektaweb Academic Web Tools CMS 1.4.2.8/1.5.7 - Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
Isfahan
|
|
2009-03-02
|
|
Afian - 'includer.php' Directory Traversal
|
11 |
WEB
|
vnbrain.net
|
|
2009-02-27
|
|
Irokez Blog 0.7.3.2 - Multiple Input Validation Vulnerabilities
|
9 |
WEB
|
Corwin
|
|
2009-02-26
|
|
APC PowerChute Network Shutdown - HTTP Response Splitting / Cross-Site Scripting
|
9 |
WEB
|
Digital Security Research Group
|
|
2009-02-26
|
|
Parsi PHP CMS 2.0 - 'index.php' SQL Injection
|
9 |
WEB
|
Cru3l.b0y
|
|
2009-02-25
|
|
JOnAS 4.10.3 - 'select' Error Page Cross-Site Scripting
|
8 |
WEB
|
Digital Security Research Group
|
|
2009-02-25
|
|
Orooj CMS - 'news.php' SQL Injection
|
10 |
WEB
|
Cru3l.b0y
|
|
2014-04-11
|
|
Sendy 1.1.9.1 - SQL Injection
|
9 |
WEB
|
delme
|
|
2009-02-24
|
|
Magento 1.2 - 'downloader/index.php' Cross-Site Scripting
|
9 |
WEB
|
Loukas Kalenderidis
|
|
2009-02-24
|
|
Magento 1.2 - '/app/code/core/Mage/Adminhtml/controllers/IndexController.php?email' Cross-Site Scrip
|
10 |
WEB
|
Loukas Kalenderidis
|
|
2009-02-24
|
|
Magento 1.2 - '/app/code/core/Mage/Admin/Model/Session.php?login['Username']' Cross-Site Scripting
|
10 |
WEB
|
Loukas Kalenderidis
|
|
2009-02-23
|
|
Joomla! / Mambo Component gigCalendar 1.0 - 'banddetails.php' SQL Injection
|
9 |
WEB
|
Salvatore Fresta
|
|
2009-02-22
|
|
Blue Utopia - 'index.php' Local File Inclusion
|
12 |
WEB
|
PLATEN
|
|
2009-02-20
|
|
lastRSS autoposting bot MOD 0.1.3 - 'phpbb_root_path' Remote File Inclusion
|
9 |
WEB
|
Kacper
|
|
2008-10-01
|
|
A4Desk Event Calendar - 'eventid' SQL Injection
|
10 |
WEB
|
r45c4l
|
|
2009-02-16
|
|
Clipbucket 1.7 - 'dwnld.php' Directory Traversal
|
11 |
WEB
|
JIKO
|
|
2009-02-10
|
|
Banking@Home 2.1 - 'login.asp' Multiple SQL Injections
|
9 |
WEB
|
Francesco Bianchino
|
|
2014-04-10
|
|
Orbit Open Ad Server 1.1.0 - SQL Injection
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2014-04-10
|
|
XCloner Standalone 3.5 - Cross-Site Request Forgery
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2009-02-09
|
|
Bitrix Site Manager 6/7 - Multiple Input Validation Vulnerabilities
|
10 |
WEB
|
aGGreSSor
|
|
2009-02-05
|
|
glFusion 1.1 - Anonymous Comment 'Username' HTML Injection
|
9 |
WEB
|
Bjarne Mathiesen Schacht
|
|
2009-02-09
|
|
FotoWeb 6.0 - 'Grid.fwx?search' Cross-Site Scripting
|
8 |
WEB
|
Stelios Tigkas
|
|
2009-02-09
|
|
FotoWeb 6.0 - 'Login.fwx?s' Cross-Site Scripting
|
8 |
WEB
|
Stelios Tigkas
|
|
2009-02-06
|
|
Ilch CMS 1.1 - 'HTTP_X_FORWARDED_FOR' SQL Injection
|
10 |
WEB
|
Gizmore
|
|
2009-02-04
|
|
MetaBBS 0.11 - Administration Settings Authentication Bypass
|
8 |
WEB
|
make0day
|
|
2009-02-03
|
|
Simple Machines Forum (SMF) 1.1.7 - '[url]' Tag HTML Injection
|
11 |
WEB
|
Xianur0
|
|
2009-01-30
|
|
E-PHP B2B Trading Marketplace Script - Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
SaiedHacker
|
|
2009-01-29
|
|
PerlSoft Gästebuch 1.7b - 'admincenter.cgi' Remote Command Execution
|
11 |
WEB
|
Perforin
|
|
2014-04-09
|
|
Quick.CMS 5.4 - Multiple Vulnerabilities
|
11 |
WEB
|
Shpend Kurtishaj
|
|
2009-01-28
|
|
Autonomy Ultraseek - 'cs.html' Open Redirection
|
12 |
WEB
|
buzzy
|
|
2014-04-09
|
|
csUpload Script Site - Authentication Bypass
|
11 |
WEB
|
Satanic2000
|
|
2009-01-24
|
|
NewsCMSLite - Insecure Cookie Authentication Bypass
|
11 |
WEB
|
FarhadKey
|
|
2009-01-26
|
|
OpenX 2.6.2 - 'MAX_type' Local File Inclusion
|
15 |
WEB
|
Sarid Harper
|
|
2009-01-26
|
|
Lootan - 'login.asp' SQL Injection
|
13 |
WEB
|
Arash Setayeshi
|
|
2009-01-26
|
|
ConPresso CMS 4.07 - Multiple Remote Vulnerabilities
|
13 |
WEB
|
David Vieira-Kurz
|
|
2009-01-26
|
|
LDF - 'login.asp' SQL Injection
|
13 |
WEB
|
Arash Setayeshi
|
|
2009-01-23
|
|
OBLOG - 'err.asp' Cross-Site Scripting
|
14 |
WEB
|
arash.setayeshi
|
|
2009-01-23
|
|
BBSXP 5.13 - 'error.asp' Cross-Site Scripting
|
11 |
WEB
|
arashps0
|
|
2009-01-23
|
|
PHP-Nuke Downloads Module - 'url' SQL Injection
|
16 |
WEB
|
Sina Yazdanmehr
|
|
2009-01-20
|
|
MoinMoin 1.8 - 'AttachFile.py' Cross-Site Scripting
|
13 |
WEB
|
SecureState
|
|
2009-01-20
|
|
Apache JackRabbit 1.4/1.5 Content Repository (JCR) - 'swr.jsp?q' Cross-Site Scripting
|
11 |
WEB
|
Red Hat
|
|
2009-01-20
|
|
Apache JackRabbit 1.4/1.5 Content Repository (JCR) - 'search.jsp?q' Cross-Site Scripting
|
8 |
WEB
|
Red Hat
|
|
2009-01-16
|
|
Blog Manager - 'categoryId' Cross-Site Scripting
|
11 |
WEB
|
Pouya_Server
|
|
2009-01-16
|
|
Blog Manager - 'ItemID' SQL Injection
|
10 |
WEB
|
Pouya_Server
|
|
2009-01-16
|
|
LemonLDAP:NG 0.9.3.1 - User Enumeration / Cross-Site Scripting
|
11 |
WEB
|
clément Oudot
|
|
2009-01-15
|
|
w3bcms - '/admin/index.php' SQL Injection
|
11 |
WEB
|
Pouya_Server
|
|
2009-01-15
|
|
Masir Camp 3.0 - 'SearchKeywords' SQL Injection
|
9 |
WEB
|
Pouya_Server
|
|
2009-01-15
|
|
Active Bids - 'search' SQL Injection
|
9 |
WEB
|
Pouya_Server
|
|
2009-01-15
|
|
Active Bids - 'search' Cross-Site Scripting
|
9 |
WEB
|
Pouya_Server
|
|
2009-01-15
|
|
LinksPro - 'OrderDirection' SQL Injection
|
10 |
WEB
|
Pouya_Server
|
|
2009-01-15
|
|
MKPortal 1.2.1 - '/modules/rss/handler_image.php?i' Cross-Site Scripting
|
10 |
WEB
|
waraxe
|
|
2009-01-15
|
|
MKPortal 1.2.1 - '/modules/blog/index.php' Home Template Textarea SQL Injection
|
10 |
WEB
|
waraxe
|
|
2009-01-14
|
|
Dark Age CMS 2.0 - 'login.php' SQL Injection
|
10 |
WEB
|
darkjoker
|
|
2014-04-07
|
|
XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities
|
10 |
WEB
|
hackerDesk
|
|
2009-01-12
|
|
Ovidentia 6.7.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
Ivan Sanchez
|
|
2009-01-12
|
|
Comersus Cart 6 - User Email and User Password Unauthorized Access
|
12 |
WEB
|
ajann
|
|
2009-01-12
|
|
Visuplay CMS - Multiple SQL Injections
|
11 |
WEB
|
Joseph Giron
|
|
2009-01-07
|
|
tadbook2 Module for XOOPS - 'open_book.php' SQL Injection
|
11 |
WEB
|
stylextra
|
|
2009-01-07
|
|
Plunet BusinessManager 4.1 - 'pagesUTF8/auftrag_job.jsp?Pfad' Direct Request Information Disclosure
|
11 |
WEB
|
Matteo Ignaccolo
|
|
2009-01-07
|
|
Plunet BusinessManager 4.1 - 'pagesUTF8/Sys_DirAnzeige.jsp?Pfad' Direct Request Information Disclosu
|
10 |
WEB
|
Matteo Ignaccolo
|
|
2009-01-07
|
|
Plunet BusinessManager 4.1 - '/pagesUTF8/auftrag_allgemeinauftrag.jsp' Multiple Cross-Site Scripting
|
9 |
WEB
|
Matteo Ignaccolo
|
|
2014-04-05
|
|
Private Photo+Video 1.1 Pro iOS - Persistent
|
11 |
WEB
|
Vulnerability-Lab
|
|
2014-04-04
|
|
WordPress Plugin XCloner 3.1.0 - Cross-Site Request Forgery
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2009-01-05
|
|
SolucionXpressPro - 'main.php' SQL Injection
|
9 |
WEB
|
Ehsan_Hp200
|
|
2008-12-04
|
|
NPDS < 08.06 - Multiple Input Validation Vulnerabilities
|
13 |
WEB
|
Jean-François Leclerc
|
|
2008-12-29
|
|
Madrese-Portal - 'haber.asp' SQL Injection
|
13 |
WEB
|
Sina Yazdanmehr
|
|
2008-12-29
|
|
ViArt Shop 3.5 - 'manuals_search.php?manuals_search' Cross-Site Scripting
|
14 |
WEB
|
Xia Shing Zee
|
|
2008-12-29
|
|
Mavi Emlak - 'newDetail.asp' SQL Injection
|
12 |
WEB
|
Sina Yazdanmehr
|
|
2009-01-08
|
|
Openfire 3.6.2 - 'log.jsp' Directory Traversal
|
11 |
WEB
|
Federico Muttis
|
|
2009-01-08
|
|
Openfire 3.6.2 - 'log.jsp' Cross-Site Scripting
|
12 |
WEB
|
Federico Muttis
|
|
2009-01-08
|
|
Openfire 3.6.2 - 'user-properties.jsp' Cross-Site Scripting
|
11 |
WEB
|
Federico Muttis
|
|
2009-01-08
|
|
Openfire 3.6.2 - 'group-summary.jsp' Cross-Site Scripting
|
11 |
WEB
|
Federico Muttis
|
|
2008-12-19
|
|
PECL Alternative PHP Cache Local 3 - HTML Injection
|
12 |
WEB
|
Moritz Naumann
|
|
2008-12-18
|
|
Easysitenetwork Jokes Complete Website - 'joke.php' SQL Injection
|
12 |
WEB
|
Ehsan_Hp200
|
|
2008-12-18
|
|
DO-CMS 3.0 - 'p' Multiple SQL Injections
|
11 |
WEB
|
crash over
|
|
2014-04-03
|
|
Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0) - Unvalidated Redirects
|
12 |
WEB
|
Giuseppe D'Amore
|
|
2008-12-17
|
|
PHPcksec 0.2 - 'PHPcksec.php' Cross-Site Scripting
|
12 |
WEB
|
ahmadbady
|
|
2014-04-03
|
|
CMS Made Simple 1.11.10 - Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
Blessen Thomas
|
|
2014-04-02
|
|
Kloxo-MR 6.5.0 - Cross-Site Request Forgery
|
11 |
WEB
|
Necmettin COSKUN
|
|
2014-04-02
|
|
Kloxo 6.1.18 Stable - Cross-Site Request Forgery
|
10 |
WEB
|
Necmettin COSKUN
|
|
2014-04-02
|
|
iShare Your Moving Library 1.0 iOS - Multiple Vulnerabilities
|
12 |
WEB
|
Vulnerability-Lab
|
|
2008-12-15
|
|
Injader 2.1.1 - SQL Injection / HTML Injection
|
13 |
WEB
|
anonymous
|
|
2008-12-14
|
|
WebPhotoPro - Multiple SQL Injections
|
11 |
WEB
|
baltazar
|
|
2014-04-02
|
|
CIS Manager CMS - SQL Injection
|
10 |
WEB
|
felipe andrian
|
