|
2008-03-10
|
|
Gallarific - 'search.php?query' Cross-Site Scripting
|
11 |
WEB
|
ZoRLu
|
|
2008-03-10
|
|
PHP-Nuke 4nAlbum Module 0.92 - 'pid' SQL Injection
|
12 |
WEB
|
meloulisi
|
|
2008-03-09
|
|
Batchelor Media BM Classifieds - Multiple SQL Injections
|
11 |
WEB
|
xcorpitx
|
|
2008-03-08
|
|
Alkacon OpenCMS 7.0.3 - 'logfileViewSettings.jsp?filePath.0' Arbitrary File Access
|
13 |
WEB
|
nnposter
|
|
2008-03-08
|
|
Alkacon OpenCMS 7.0.3 - 'logfileViewSettings.jsp?filePath' Cross-Site Scripting
|
15 |
WEB
|
nnposter
|
|
2008-03-07
|
|
Specimen Image Database - 'taxonservice.php?dir' Remote File Inclusion
|
13 |
WEB
|
ZoRLu
|
|
2008-03-07
|
|
WordPress Core 2.3.2 - '/wp-admin/invites.php?to' Cross-Site Scripting
|
15 |
WEB
|
Doz
|
|
2008-03-07
|
|
WordPress Core 2.3.2 - '/wp-admin/users.php?inviteemail' Cross-Site Scripting
|
14 |
WEB
|
Doz
|
|
2008-03-07
|
|
ImageVue 1.7 - 'dirxml.php?path' Cross-Site Scripting
|
13 |
WEB
|
ZoRLu
|
|
2008-03-07
|
|
ImageVue 1.7 - 'upload.php?path' Cross-Site Scripting
|
17 |
WEB
|
ZoRLu
|
|
2008-03-07
|
|
ImageVue 1.7 - 'dir2.php?path' Cross-Site Scripting
|
14 |
WEB
|
ZoRLu
|
|
2008-03-07
|
|
ImageVue 1.7 - 'popup.php?path' Cross-Site Scripting
|
14 |
WEB
|
ZoRLu
|
|
2008-03-06
|
|
PHP-Nuke 4nChat Module 0.91 - 'roomid' SQL Injection
|
13 |
WEB
|
meloulisi
|
|
2014-02-03
|
|
CiMe Citas Médicas - Multiple Vulnerabilities
|
13 |
WEB
|
vinicius777
|
|
2008-03-06
|
|
PHP-Nuke KutubiSitte Module - 'kid' SQL Injection
|
15 |
WEB
|
r080cy90r
|
|
2008-03-06
|
|
Yap Blog 1.1 - 'index.php' Remote File Inclusion
|
13 |
WEB
|
THE_MILLER
|
|
2008-03-05
|
|
PHP-Nuke Yellow_Pages Module - 'cid' SQL Injection
|
14 |
WEB
|
ZoRLu
|
|
2007-06-25
|
|
WebCT 4.1.5 - Email and Discussion Board Messages HTML Injection
|
14 |
WEB
|
Lupton
|
|
2008-03-04
|
|
MG2 - 'list' Cross-Site Scripting
|
15 |
WEB
|
Jose Carlos Norte
|
|
2008-03-04
|
|
PHP-Nuke 'Seminars' Module - 'Filename' Local File Inclusion
|
15 |
WEB
|
The-0utl4w
|
|
2008-03-04
|
|
PHP-Nuke eGallery 3.0 Module - 'pid' SQL Injection
|
13 |
WEB
|
Aria-Security Team
|
|
2014-02-01
|
|
MediaWiki 1.22.1 PdfHandler - Remote Code Execution
|
17 |
WEB
|
@u0x
|
|
2008-03-03
|
|
TorrentTrader 1.08 - 'msg' HTML Injection
|
15 |
WEB
|
Dominus
|
|
2008-03-03
|
|
Flyspray 0.9.9 - Information Disclosure/HTML Injection / Cross-Site Scripting
|
14 |
WEB
|
Digital Security Research Group
|
|
2008-03-03
|
|
KC Wiki 1.0 - '/simplest/wiki.php?page' Remote File Inclusion
|
15 |
WEB
|
muuratsalo
|
|
2008-03-03
|
|
KC Wiki 1.0 - '/minimal/wiki.php?page' Remote File Inclusion
|
13 |
WEB
|
muuratsalo
|
|
2008-03-01
|
|
PHP-Nuke Johannes Hass 'Gaestebuch 2.2 Module - 'id' SQL Injection
|
14 |
WEB
|
TurkishWarriorr
|
|
2008-03-01
|
|
Heathco Software h2desk - Multiple Information Disclosure Vulnerabilities
|
13 |
WEB
|
joseph.giron13
|
|
2008-02-29
|
|
PHPMyTourney 2 - '/tourney/index.php' Remote File Inclusion
|
14 |
WEB
|
HACKERS PAL
|
|
2008-02-29
|
|
Simple PHP Scripts Gallery 0.x - 'index.php' Cross-Site Scripting
|
16 |
WEB
|
ZoRLu
|
|
2008-02-29
|
|
Centreon 1.4.2.3 - 'index.php' Local File Inclusion
|
16 |
WEB
|
JosS
|
|
2008-02-29
|
|
NetOffice Dwins 1.3 - Authentication Bypass / Arbitrary File Upload
|
14 |
WEB
|
RawSecurity.org
|
|
2008-02-28
|
|
XRms 1.99.2 - CRM 'msg' Cross-Site Scripting
|
14 |
WEB
|
vijayv
|
|
2008-02-28
|
|
Flicks Software AuthentiX 6.3b1 - 'Username' Multiple Cross-Site Scripting Vulnerabilities
|
17 |
WEB
|
William Hicks
|
|
2008-02-28
|
|
Juniper Networks Secure Access 2000 Web - Root Full Path Disclosure
|
14 |
WEB
|
Richard Brain
|
|
2008-02-21
|
|
Plume CMS 1.2.2 - '/manager/xmedia.php' Cross-Site Scripting
|
11 |
WEB
|
Omer Singer
|
|
2008-02-25
|
|
Joomla! / Mambo Component com_inter - 'id' SQL Injection
|
11 |
WEB
|
The-0utl4w
|
|
2008-02-25
|
|
Alkacon OpenCMS 7.0.3 - 'tree_files.jsp' Cross-Site Scripting
|
11 |
WEB
|
nnposter
|
|
2008-02-25
|
|
PHP-Nuke Sell Module - 'cid' SQL Injection
|
11 |
WEB
|
Aria-Security Team
|
|
2008-02-25
|
|
Galore Simple Shop 3.1 - 'section' SQL Injection
|
11 |
WEB
|
S@BUN
|
|
2008-02-25
|
|
Joomla! / Mambo Component com_wines 1.0 - 'id' SQL Injection
|
14 |
WEB
|
S@BUN
|
|
2008-02-25
|
|
Softbiz Jokes and Funny Pictures Script - 'sbcat_id' SQL Injection
|
16 |
WEB
|
-=Mizo=-
|
|
2008-02-25
|
|
Gary's Cookbook 3.0 - 'id' SQL Injection
|
15 |
WEB
|
S@BUN
|
|
2008-02-25
|
|
Joomla! / Mambo Component com_blog - 'pid' SQL Injection
|
12 |
WEB
|
Aria-Security Team
|
|
2008-02-25
|
|
Joomla! / Mambo Component com_publication - 'pid' SQL Injection
|
12 |
WEB
|
Aria-Security Team
|
|
2008-02-23
|
|
AuraCMS 2.2 - 'lihatberita' Module SQL Injection
|
15 |
WEB
|
S@BUN
|
|
2008-02-23
|
|
PHP-Nuke Gallery 1.3 Module - 'artid' SQL Injection
|
12 |
WEB
|
S@BUN
|
|
2008-02-23
|
|
Joomla! / Mambo Component com_hello_world - 'id' SQL Injection
|
12 |
WEB
|
S@BUN
|
|
2008-02-23
|
|
PHP-Nuke Recipe Module 1.3 - 'recipeid' SQL Injection
|
12 |
WEB
|
S@BUN
|
|
2008-02-22
|
|
Citrix Metaframe Web Manager - 'login.asp' Cross-Site Scripting
|
12 |
WEB
|
Handrix
|
|
2008-02-21
|
|
XOOPS 'prayerlist' Module - 'cid' SQL Injection
|
14 |
WEB
|
S@BUN
|
|
2008-02-21
|
|
PHP-Nuke Downloads Module - 'sid' SQL Injection
|
14 |
WEB
|
S@BUN
|
|
2008-02-21
|
|
XOOPS Tiny Event 1.01 - 'print' Option SQL Injection
|
13 |
WEB
|
S@BUN
|
|
2008-02-21
|
|
PHP-Nuke Classifieds Module - 'Details' SQL Injection
|
10 |
WEB
|
S@BUN
|
|
2008-02-21
|
|
Joomla! / Mambo Component Referenzen - 'id' SQL Injection
|
12 |
WEB
|
S@BUN
|
|
2008-02-21
|
|
Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - 'GradebookStuScores.asp?GrdBk' SQ
|
12 |
WEB
|
Arsalan Emamjomehkashan
|
|
2008-02-21
|
|
Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - 'ClassList.asp?Term' SQL Injectio
|
12 |
WEB
|
Arsalan Emamjomehkashan
|
|
2008-02-21
|
|
Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - 'Labels.asp?Term' SQL Injection
|
12 |
WEB
|
Arsalan Emamjomehkashan
|
|
2008-02-21
|
|
Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - 'Comments.asp?FC' SQL Injection
|
11 |
WEB
|
Arsalan Emamjomehkashan
|
|
2008-02-21
|
|
Joomla! / Mambo Component com_asortyment - 'katid' SQL Injection
|
13 |
WEB
|
S@BUN
|
|
2008-02-21
|
|
Joomla! / Mambo Component com_most - 'secid' SQL Injection
|
11 |
WEB
|
S@BUN
|
|
2008-02-20
|
|
Joomla! / Mambo Component com_Joomlavvz - 'id' SQL Injection
|
11 |
WEB
|
S@BUN
|
|
2007-02-19
|
|
Spyce 2.1.3 - spyce/examples/automaton.spy Direct Request Error Message Information Disclosure
|
14 |
WEB
|
Richard Brain
|
|
2007-02-19
|
|
Spyce 2.1.3 - '/spyce/examples/formtag.spy' Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
Richard Brain
|
|
2007-02-19
|
|
Spyce 2.1.3 - 'spyce/examples/getpost.spy?Name' Cross-Site Scripting
|
11 |
WEB
|
Richard Brain
|
|
2007-02-19
|
|
Spyce 2.1.3 - 'spyce/examples/request.spy?name' Cross-Site Scripting
|
10 |
WEB
|
Richard Brain
|
|
2007-02-19
|
|
Spyce 2.1.3 - 'docs/examples/handlervalidate.spy?x' Cross-Site Scripting
|
13 |
WEB
|
Richard Brain
|
|
2007-02-19
|
|
Spyce 2.1.3 - '/docs/examples/redirect.spy' Multiple Cross-Site Scripting Vulnerabilities
|
12 |
WEB
|
Richard Brain
|
|
2014-01-29
|
|
pfSense 2.1 build 20130911-1816 - Directory Traversal
|
15 |
WEB
|
@u0x
|
|
2014-01-29
|
|
ManageEngine Support Center Plus 7916 - Directory Traversal
|
12 |
WEB
|
xistence
|
|
2014-01-29
|
|
A10 Networks Loadbalancer - Directory Traversal
|
12 |
WEB
|
xistence
|
|
2014-01-29
|
|
SimplyShare 1.4 iOS - Multiple Vulnerabilities
|
11 |
WEB
|
Vulnerability-Lab
|
|
2014-01-29
|
|
LinPHA 1.3.4 - Multiple Vulnerabilities
|
10 |
WEB
|
killall-9
|
|
2008-02-19
|
|
PHP-Nuke Web_Links Module - 'cid' SQL Injection
|
14 |
WEB
|
S@BUN
|
|
2008-02-19
|
|
XOOPS 'badliege' Module - 'id' SQL Injection
|
11 |
WEB
|
S@BUN
|
|
2008-02-19
|
|
XOOPS 'seminars' Module - 'id' SQL Injection
|
11 |
WEB
|
S@BUN
|
|
2008-02-19
|
|
XOOPS 'events' Module - 'id' SQL Injection
|
11 |
WEB
|
S@BUN
|
|
2008-02-19
|
|
XOOPS 'vacatures' Module - 'cid' SQL Injection
|
13 |
WEB
|
S@BUN
|
|
2008-02-19
|
|
Joomla! Component iJoomla! com_magazine - 'pageid' SQL Injection
|
10 |
WEB
|
S@BUN
|
|
2008-02-19
|
|
Joomla! / Mambo Component com_genealogy - 'id' SQL Injection
|
10 |
WEB
|
S@BUN
|
|
2008-02-19
|
|
Joomla! / Mambo Component com_formtool - 'catid' SQL Injection
|
11 |
WEB
|
S@BUN
|
|
2008-02-19
|
|
Joomla! / Mambo Component com_iigcatalog - 'cat' SQL Injection
|
12 |
WEB
|
S@BUN
|
|
2008-02-19
|
|
Joomla! / Mambo Component com_team - SQL Injection
|
9 |
WEB
|
S@BUN
|
|
2008-02-19
|
|
Facile Forms 1.x - 'catid' SQL Injection
|
9 |
WEB
|
S@BUN
|
|
2008-02-19
|
|
PHP-Nuke Sections Module - 'artid' SQL Injection
|
9 |
WEB
|
S@BUN
|
|
2008-02-19
|
|
SmarterTools SmarterMail 4.3 - 'Subject' HTML Injection
|
10 |
WEB
|
Juan Pablo Lopez Yacubian
|
|
2008-02-19
|
|
Google Hack Honeypot File Upload Manager 1.3 - 'delall' Unauthorized File Access
|
8 |
WEB
|
Mr-m07
|
|
2008-02-19
|
|
Jinzora 2.7.5 - 'popup.php' Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
Alexandr Polyakov
|
|
2008-02-19
|
|
Jinzora 2.7.5 - 'slim.php' Multiple Cross-Site Scripting Vulnerabilities
|
12 |
WEB
|
Alexandr Polyakov
|
|
2008-02-19
|
|
Jinzora 2.7.5 - 'ajax_request.php' Multiple Cross-Site Scripting Vulnerabilities
|
12 |
WEB
|
Alexandr Polyakov
|
|
2008-02-19
|
|
Jinzora 2.7.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
12 |
WEB
|
Alexandr Polyakov
|
|
2008-02-18
|
|
WebcamXP 3.72.440/4.05.280 Beta - '/show_gallery_pic?id' Arbitrary Memory Disclosure
|
11 |
WEB
|
Luigi Auriemma
|
|
2008-02-18
|
|
WebcamXP 3.72.440/4.05.280 Beta - '/pocketpc?camnum' Arbitrary Memory Disclosure
|
10 |
WEB
|
Luigi Auriemma
|
|
2008-02-18
|
|
WordPress Plugin wp-people 2.0 - 'wp-people-popup.php' SQL Injection
|
9 |
WEB
|
S@BUN
|
|
2008-02-18
|
|
ProjectPier 0.8 - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
L4teral
|
|
2008-02-18
|
|
WordPress Plugin Recipes Blog - 'id' SQL Injection
|
9 |
WEB
|
S@BUN
|
|
2008-02-18
|
|
Yellow Swordfish Simple Forum 1.x - 'sf-profile.php' SQL Injection
|
10 |
WEB
|
S@BUN
|
|
2008-02-18
|
|
Joomla! / Mambo Component com_detail - 'id' SQL Injection
|
9 |
WEB
|
S@BUN
|
|
2008-02-18
|
|
RunCMS 1.6.1 - 'admin.php' Cross-Site Scripting
|
14 |
WEB
|
NBBN
|
|
2008-02-19
|
|
Joomla! / Mambo Component com_profile - 'oid' SQL Injection
|
13 |
WEB
|
S@BUN
|
|
2014-01-27
|
|
Ability Mail Server 2013 -Persistent Cross-Site Scripting / Cross-Site Request Forgery (Password Res
|
13 |
WEB
|
David Um
|
|
2008-02-16
|
|
BanPro Dms 1.0 - 'index.php' Local File Inclusion
|
12 |
WEB
|
muuratsalo
|
|
2008-02-15
|
|
Joomla! / Mambo Component com_scheduling - 'id' SQL Injection
|
10 |
WEB
|
S@BUN
|
|
2008-02-16
|
|
Joomla! / Mambo Component Filebase - 'filecatid' SQL Injection
|
11 |
WEB
|
S@BUN
|
|
2008-02-16
|
|
Joomla! / Mambo Component com_lexikon - 'id' SQL Injection
|
10 |
WEB
|
S@BUN
|
|
2008-02-15
|
|
Joomla! / Mambo Component com_salesrep - 'rid' SQL Injection
|
11 |
WEB
|
S@BUN
|
|
2008-02-15
|
|
Yellow Swordfish Simple Forum 1.x - 'topic' SQL Injection
|
11 |
WEB
|
S@BUN
|
|
2008-02-15
|
|
Yellow Swordfish Simple Forum 1.7/1.9 - 'index.php' SQL Injection
|
12 |
WEB
|
S@BUN
|
|
2008-02-15
|
|
Yellow Swordfish Simple Forum 1.10/1.11 - 'topic' SQL Injection
|
11 |
WEB
|
S@BUN
|
|
2008-02-15
|
|
Joomla! / Mambo Component faq - 'catid' SQL Injection
|
11 |
WEB
|
S@BUN
|
|
2008-02-15
|
|
Joomla! / Mambo Component com_sg - 'pid' SQL Injection
|
12 |
WEB
|
S@BUN
|
|
2008-02-15
|
|
Joomla! / Mambo Component com_activities - 'id' SQL Injection
|
11 |
WEB
|
S@BUN
|
|
2008-02-15
|
|
Joomla! / Mambo Component com_smslist - 'listid' SQL Injection
|
11 |
WEB
|
S@BUN
|
|
2008-02-14
|
|
PlutoStatus Locator 1.0pre alpha - 'index.php' Local File Inclusion
|
12 |
WEB
|
muuratsalo
|
|
2008-02-14
|
|
artmedic webdesign weblog - Multiple Local File Inclusions
|
13 |
WEB
|
muuratsalo
|
|
2008-02-15
|
|
Dokeos 1.8.4 - '/main/create_course/add_course.php?tutor_name' SQL Injection
|
13 |
WEB
|
Alexandr Polyakov
|
|
2008-02-15
|
|
Dokeos 1.8.4 - '/main/mySpace/index.php?tracking_list_coaches_column' SQL Injection
|
10 |
WEB
|
Alexandr Polyakov
|
|
2008-02-15
|
|
Dokeos 1.8.4 - '/main/admin/session_list.php?cmessage' Cross-Site Scripting
|
13 |
WEB
|
Alexandr Polyakov
|
|
2008-02-15
|
|
Dokeos 1.8.4 - '/main/admin/course_category.php?category' Cross-Site Scripting
|
11 |
WEB
|
Alexandr Polyakov
|
|
2008-02-15
|
|
Dokeos 1.8.4 - '/main/calendar/myagenda.php?courseCode' Cross-Site Scripting
|
10 |
WEB
|
Alexandr Polyakov
|
|
2008-02-15
|
|
Dokeos 1.8.4 - 'main/inc/lib/events.lib.inc.php' Referer HTTP Header SQL Injection
|
10 |
WEB
|
Alexandr Polyakov
|
|
2008-02-15
|
|
Dokeos 1.8.4 - 'whoisonline.php?id' SQL Injection
|
10 |
WEB
|
Alexandr Polyakov
|
|
2008-02-13
|
|
Joomla! / Mambo Component com_omnirealestate - 'objid' SQL Injection
|
12 |
WEB
|
S@BUN
|
|
2008-02-13
|
|
Joomla! / Mambo Component com_model - 'objid' SQL Injection
|
13 |
WEB
|
S@BUN
|
|
2008-02-13
|
|
Site2Nite Real Estate Web - 'agentlist.asp' Multiple SQL Injections
|
11 |
WEB
|
S@BUN
|
