|
2007-09-25
|
|
JSPWiki 2.5.139 - 'Login.jsp' Multiple Cross-Site Scripting Vulnerabilities
|
18 |
WEB
|
Jason Kratzer
|
|
2007-09-25
|
|
JSPWiki 2.5.139 - 'UserPreferences.jsp' Multiple Cross-Site Scripting Vulnerabilities
|
15 |
WEB
|
Jason Kratzer
|
|
2007-09-25
|
|
JSPWiki 2.5.139 - 'Comment.jsp' Multiple Cross-Site Scripting Vulnerabilities
|
16 |
WEB
|
Jason Kratzer
|
|
2007-09-25
|
|
JSPWiki 2.5.139 - 'edit.jsp?edittime' Cross-Site Scripting
|
15 |
WEB
|
Jason Kratzer
|
|
2007-09-25
|
|
JSPWiki 2.5.139 - 'NewGroup.jsp' Multiple Cross-Site Scripting Vulnerabilities
|
15 |
WEB
|
Jason Kratzer
|
|
2007-09-24
|
|
bcoos 1.0.10 Arcade Module - 'index.php' SQL Injection
|
21 |
WEB
|
nights shadow
|
|
2007-09-24
|
|
Urchin 5.7.x - 'session.cgi' Cross-Site Scripting
|
18 |
WEB
|
pagvac
|
|
2007-09-22
|
|
XCMS 1.1/1.7 - 'Password' Arbitrary PHP Code Execution
|
22 |
WEB
|
x0kster
|
|
2007-09-22
|
|
WordPress Core 2.0 - 'wp-register.php' Multiple Cross-Site Scripting Vulnerabilities
|
18 |
WEB
|
Adrian Pastor
|
|
2007-09-20
|
|
Vigile CMS 1.8 Wiki Module - Multiple Cross-Site Scripting Vulnerabilities
|
17 |
WEB
|
x0kster
|
|
2007-09-20
|
|
WebBatch - 'webbatch.exe?dumpinputdata' Remote Information Disclosure
|
15 |
WEB
|
Doz
|
|
2007-09-20
|
|
WebBatch - 'webbatch.exe' Cross-Site Scripting
|
19 |
WEB
|
Doz
|
|
2007-09-19
|
|
LevelOne WBR3404TX Broadband Router - 'RC' Cross-Site Scripting
|
18 |
WEB
|
azizov
|
|
2007-09-17
|
|
b1gMail 6.3.1 - 'hilfe.php' Cross-Site Scripting
|
19 |
WEB
|
malibu.r
|
|
2007-09-17
|
|
Coppermine Photo Gallery 1.4.12 - 'log' Local File Inclusion
|
15 |
WEB
|
L4teral
|
|
2007-09-17
|
|
Coppermine Photo Gallery 1.4.12 - 'referer' Cross-Site Scripting
|
15 |
WEB
|
L4teral
|
|
2007-09-17
|
|
Alcatel-Lucent OmniPCX Enterprise 7.1 - Remote Command Execution
|
18 |
WEB
|
RedTeam Pentesting GmbH
|
|
2007-09-17
|
|
ewire Payment Client 1.60/1.70 - Command Execution
|
17 |
WEB
|
anonymous
|
|
2007-09-14
|
|
Axis Communications 207W Network Camera - Web Interface '/admin/restartMessage.shtml?server' Cross-S
|
18 |
WEB
|
Seth Fogie
|
|
2007-09-14
|
|
Axis Communications 207W Network Camera - Web Interface 'axis-cgi/admin/pwdgrp.cgi' Multiple Cross-S
|
14 |
WEB
|
Seth Fogie
|
|
2007-09-14
|
|
Axis Communications 207W Network Camera - Web Interface axis-cgi/admin/restart.cgi Cross-Site Reques
|
18 |
WEB
|
Seth Fogie
|
|
2007-09-14
|
|
PHP-Stats 0.1.9.2 - 'Tracking.php' Cross-Site Scripting
|
15 |
WEB
|
root@hanicker.it
|
|
2007-09-12
|
|
CS-Guestbook 0.1 - Login Credentials Information Disclosure
|
15 |
WEB
|
Cr@zy_King
|
|
2007-09-12
|
|
SWSoft Plesk 8.2 - 'login.php3' PLESKSESSID Cookie SQL Injection
|
19 |
WEB
|
Nick I Merritt
|
|
2007-09-12
|
|
BOINC 5.10.20 - 'text_search_action.php?search_string' Cross-Site Scripting
|
16 |
WEB
|
Doz
|
|
2007-09-12
|
|
BOINC 5.10.20 - 'forum_forum.php?id' Cross-Site Scripting
|
17 |
WEB
|
Doz
|
|
2007-09-10
|
|
SisfoKampus - 'dwoprn.php' Arbitrary File Download
|
17 |
WEB
|
PUPET
|
|
2007-09-10
|
|
PHPMyQuote 0.20 - '/index.php' SQL Injection / Cross-Site Scripting
|
16 |
WEB
|
Yollubunlar.Org
|
|
2007-09-10
|
|
Proxy Anket 3.0.1 - 'anket.asp' SQL Injection
|
17 |
WEB
|
Yollubunlar.Org
|
|
2007-09-08
|
|
Toms Gastebuch 1.00/1.01 - 'header.php' Multiple Cross-Site Scripting Vulnerabilities
|
15 |
WEB
|
hd1979
|
|
2007-09-06
|
|
Pulsewiki And Pawfaliki 0.5.1 - 'index.php' Local File Inclusion
|
18 |
WEB
|
mafialbano
|
|
2007-09-04
|
|
E-Smart Cart 1.0 - 'login.asp' SQL Injection
|
18 |
WEB
|
SmOk3
|
|
2007-09-04
|
|
Apache Tomcat 5.5.15 - cal2.jsp Cross-Site Scripting
|
13 |
WEB
|
Tushar Vartak
|
|
2007-09-04
|
|
212Cafe WebBoard 6.30 - 'Read.php' SQL Injection
|
17 |
WEB
|
Lopez Bran Digrap
|
|
2007-09-03
|
|
Claroline 1.x - '/admin/campusProblem.php?view' Cross-Site Scripting
|
19 |
WEB
|
Fernando Munoz
|
|
2007-09-03
|
|
Claroline 1.x - '/admin/advancedUserSearch.php?action' Cross-Site Scripting
|
18 |
WEB
|
Fernando Munoz
|
|
2007-09-03
|
|
Claroline 1.x - '/admin/adminusers.php?dir' Cross-Site Scripting
|
17 |
WEB
|
Fernando Munoz
|
|
2007-09-03
|
|
Claroline 1.x - '/inc/lib/language.lib.php?language' Traversal Local File Inclusion
|
19 |
WEB
|
Fernando Munoz
|
|
2007-09-03
|
|
MKPortal 1.0/1.1 - 'admin.php' Authentication Bypass
|
18 |
WEB
|
Demential
|
|
2007-09-07
|
|
Toms Gästebuch 1.00 - '/admin/header.php' Multiple Cross-Site Scripting Vulnerabilities
|
17 |
WEB
|
cod3in
|
|
2007-09-07
|
|
Toms Gästebuch 1.00 - 'form.php' Multiple Cross-Site Scripting Vulnerabilities
|
16 |
WEB
|
cod3in
|
|
2013-12-28
|
|
D-Link DSL-2750u ME_1.09 - Cross-Site Request Forgery
|
20 |
WEB
|
FIGHTERx war
|
|
2007-08-30
|
|
Absolute Poll Manager XE 4.1 - 'xlaapmview.asp' Cross-Site Scripting
|
14 |
WEB
|
Richard Brain
|
|
2007-08-29
|
|
Cisco CallManager 4.2 / CUCM 4.2 - Logon Page 'lang' SQL Injection
|
17 |
WEB
|
anonymous
|
|
2007-08-28
|
|
ACG News 1.0 - 'index.php' Multiple SQL Injections
|
16 |
WEB
|
SmOk3
|
|
2007-08-27
|
|
PHPGedView 4.1 - 'login.php' Cross-Site Scripting
|
17 |
WEB
|
Joshua Morin
|
|
2007-08-27
|
|
Dale Mooney Calendar Events - 'Viewevent.php' SQL Injection
|
14 |
WEB
|
s0cratex
|
|
2007-08-27
|
|
AutoIndex PHP Script 2.2.1 - 'index.php' Cross-Site Scripting
|
17 |
WEB
|
d3hydr8
|
|
2007-08-24
|
|
Arcadem 2.01 - 'index.php' Remote File Inclusion
|
18 |
WEB
|
sm0k3
|
|
2007-08-13
|
|
WordPress Core 1.0.7 - 'Pool index.php' Cross-Site Scripting
|
17 |
WEB
|
MustLive
|
|
2007-08-22
|
|
Ripe Website Manager 0.8.x - '/pages/delete_page.php?id' SQL Injection
|
15 |
WEB
|
Nagendra Kumar G
|
|
2007-08-21
|
|
m-phorum 0.3 - 'index.php' Cross-Site Scripting
|
20 |
WEB
|
CodeXpLoder'tq
|
|
2007-08-21
|
|
coWiki - 'index.php' Cross-Site Scripting
|
18 |
WEB
|
MustLive
|
|
2007-08-21
|
|
ALeadSoft Search Engine Builder - Search.HTML Cross-Site Scripting
|
18 |
WEB
|
MustLive
|
|
2007-08-20
|
|
Gurur Haber 2.0 - 'Uyeler2.php' SQL Injection
|
16 |
WEB
|
dumenci
|
|
2007-08-20
|
|
Firesoft - 'Class_TPL.php' Remote File Inclusion
|
16 |
WEB
|
DarKdewiL
|
|
2007-08-20
|
|
Dalai Forum 1.1 - 'forumreply.php' Local File Inclusion
|
19 |
WEB
|
DarKdewiL
|
|
2007-08-17
|
|
Text File Search Classic - 'TextFileSearch.asp' Cross-Site Scripting
|
18 |
WEB
|
GeFORC3
|
|
2007-07-16
|
|
Olate Download 3.4.1 - 'admin.php' Remote Authentication Bypass
|
18 |
WEB
|
imei
|
|
2007-07-09
|
|
Systeme de vote pour site Web 1.0 - Multiple Remote File Inclusions
|
18 |
WEB
|
Crackers_Child
|
|
2007-07-13
|
|
SkilMatch Systems JobLister3 - 'index.php' SQL Injection
|
15 |
WEB
|
joseph.giron13
|
|
2007-08-11
|
|
Openads (PHPAdsNew) < 2.0.8 - 'lib-remotehost.inc.php' Remote File Inclusion
|
19 |
WEB
|
Ma$tEr-0F-De$a$t0r
|
|
2007-08-11
|
|
Haudenschilt Family Connections 0.8 - 'index.php' Authentication Bypass
|
16 |
WEB
|
ilker Kandemir
|
|
2007-08-11
|
|
PHP-Stats 0.1.9.2 - 'WhoIs.php' Cross-Site Scripting
|
16 |
WEB
|
vasodipandora
|
|
2007-08-11
|
|
Lib2 PHP Library 0.2 - 'My_Statistics.php' Remote File Inclusion
|
15 |
WEB
|
ilker Kandemir
|
|
2007-08-09
|
|
Web News 1.1 - 'news.php?config[root_ordner]' Remote File Inclusion
|
15 |
WEB
|
Rizgar
|
|
2007-08-09
|
|
Web News 1.1 - 'feed.php?config[root_ordner]' Remote File Inclusion
|
17 |
WEB
|
Rizgar
|
|
2007-08-09
|
|
Web News 1.1 - 'index.php?config[root_ordner]' Remote File Inclusion
|
19 |
WEB
|
Rizgar
|
|
2007-08-09
|
|
Bilder Galerie 1.0 - 'index.php' Remote File Inclusion
|
16 |
WEB
|
Rizgar
|
|
2007-08-09
|
|
Shoutbox 1.0 - 'Shoutbox.php' Remote File Inclusion
|
20 |
WEB
|
Rizgar
|
|
2013-12-24
|
|
PHP MBB CMS 004 - Multiple Vulnerabilities
|
16 |
WEB
|
cr4wl3r
|
|
2013-12-24
|
|
Song Exporter 2.1.1 RS iOS - Local File Inclusion
|
18 |
WEB
|
Vulnerability-Lab
|
|
2013-12-24
|
|
Synology DSM 4.3-3810 - Directory Traversal
|
17 |
WEB
|
Andrea Fabrizi
|
|
2013-12-24
|
|
Zimbra Collaboration Server 7.2.2/8.0.2 - Local File Inclusion (Metasploit)
|
16 |
WEB
|
Metasploit
|
|
2007-08-09
|
|
File Uploader 1.1 - 'datei.php?config[root_ordner]' Remote File Inclusion
|
14 |
WEB
|
Rizgar
|
|
2007-08-09
|
|
File Uploader 1.1 - 'index.php?config[root_ordner]' Remote File Inclusion
|
17 |
WEB
|
Rizgar
|
|
2007-08-09
|
|
Mapos-Scripts.de Gastebuch 1.5 - 'index.php' Remote File Inclusion
|
16 |
WEB
|
Rizgar
|
|
2007-08-08
|
|
Coppermine Photo Gallery 1.3/1.4 - 'YABBSE.INC.php' Remote File Inclusion
|
16 |
WEB
|
Ma$tEr-0F-De$a$t0r
|
|
2007-08-07
|
|
VietPHP - 'index.php?language' Remote File Inclusion
|
18 |
WEB
|
master-of-desastor
|
|
2007-08-07
|
|
VietPHP - '/admin/index.php?language' Remote File Inclusion
|
18 |
WEB
|
master-of-desastor
|
|
2007-08-07
|
|
VietPHP - '_functions.php?dirpath' Remote File Inclusion
|
17 |
WEB
|
master-of-desastor
|
|
2007-08-06
|
|
snif 1.5.2 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
16 |
WEB
|
r0t
|
|
2007-08-04
|
|
J! Reactions 1.8.1 - comPath Remote File Inclusion
|
19 |
WEB
|
Yollubunlar.Org
|
|
2007-08-03
|
|
Next Gen Portfolio Manager - 'default.asp' Multiple SQL Injections
|
18 |
WEB
|
Aria-Security Team
|
|
2007-08-03
|
|
Lanius CMS 1.2.14 GALLERY Module - 'gid' SQL Injection
|
15 |
WEB
|
k1tk4t
|
|
2007-08-03
|
|
Lanius CMS 1.2.14 EZSHOPINGCART Module - 'cid' SQL Injection
|
19 |
WEB
|
k1tk4t
|
|
2007-08-03
|
|
Lanius CMS 1.2.14 FAQ Module - 'mid' SQL Injection
|
21 |
WEB
|
k1tk4t
|
|
2007-08-02
|
|
Hunkaray Okul Portali 1.1 - 'Duyuruoku.asp' SQL Injection
|
16 |
WEB
|
Yollubunlar.Org
|
|
2007-08-02
|
|
Joomla! Component Tour de France Pool 1.0.1 Module - MosConfig_absolute_path Remote File Inclusion
|
19 |
WEB
|
Yollubunlar.Org
|
|
2013-12-23
|
|
WordPress Theme Persuasion 2.x - Arbitrary File Download / File Deletion
|
15 |
WEB
|
Interference Security
|
|
2007-08-01
|
|
WebDirector - 'index.php' Cross-Site Scripting
|
17 |
WEB
|
r0t
|
|
2007-07-31
|
|
WebEvent 4.03 - 'Webevent.cgi' Cross-Site Scripting
|
15 |
WEB
|
d3hydr8
|
|
2007-07-30
|
|
Global Centre Aplomb Poll 1.1 - 'admin.php?Madoa' Remote File Inclusion
|
16 |
WEB
|
ilker Kandemir
|
|
2007-07-30
|
|
Global Centre Aplomb Poll 1.1 - 'vote.php?Madoa' Remote File Inclusion
|
17 |
WEB
|
ilker Kandemir
|
|
2007-07-30
|
|
Global Centre Aplomb Poll 1.1 - 'index.php?Madoa' Remote File Inclusion
|
16 |
WEB
|
ilker Kandemir
|
|
2007-07-30
|
|
IT!CMS 0.2 - 'titletext-ed.php?wndtitle' Cross-Site Scripting
|
17 |
WEB
|
Aria-Security Team
|
|
2007-07-30
|
|
IT!CMS 0.2 - 'menu-ed.php?wndtitle' Cross-Site Scripting
|
19 |
WEB
|
Aria-Security Team
|
|
2007-07-30
|
|
IT!CMS 0.2 - 'lang-en.php?wndtitle' Cross-Site Scripting
|
19 |
WEB
|
Aria-Security Team
|
|
2007-07-28
|
|
phpCoupon - Remote Payment Bypass
|
16 |
WEB
|
freeprotect.net
|
|
2007-07-28
|
|
Real Estate Listing Website Application Template Login Dialog - SQL Injection
|
15 |
WEB
|
Aria-Security Team
|
|
2007-07-28
|
|
Pay Roll Time Sheet and Punch Card Application With Web UI - 'login.asp' SQL Injection
|
16 |
WEB
|
Aria-Security Team
|
|
2007-07-28
|
|
Message Board / Threaded Discussion Forum - 'Sign_In.aspx' SQL Injection
|
20 |
WEB
|
Aria-Security Team
|
|
2007-07-28
|
|
Online Store Application Template - 'Sign_In.aspx' SQL Injection
|
21 |
WEB
|
Aria-Security Team
|
|
2007-07-28
|
|
Berthanas Ziyaretci Defteri 2.0 - 'Yonetici.asp' SQL Injection
|
20 |
WEB
|
Yollubunlar
|
|
2007-07-27
|
|
Metyus Forum Portal 1.0 - 'Philboard_Forum.asp' SQL Injection
|
17 |
WEB
|
Cr@zy_King
|
|
2013-12-21
|
|
Cisco EPC3925 - Persistent Cross-Site Scripting
|
18 |
WEB
|
Jeroen - IT Nerdbox
|
|
2013-12-18
|
|
SonarQube Jenkins Plugin - Plain Text Password
|
20 |
WEB
|
Christian Catalano
|
|
2013-12-18
|
|
Jenkins 1.523 - Persistent HTML Code
|
17 |
WEB
|
Christian Catalano
|
|
2007-07-27
|
|
Bandersnatch 0.4 - Multiple Input Validation Vulnerabilities
|
20 |
WEB
|
Tim Brown
|
|
2007-07-26
|
|
WordPress Plugin WP-FeedStats 2.1 - HTML Injection
|
16 |
WEB
|
David Kierznowski
|
|
2007-07-26
|
|
Nukedit 4.9.x - 'login.asp' Cross-Site Scripting
|
14 |
WEB
|
d3hydr8
|
|
2013-12-17
|
|
InstantCMS 1.10.3 - Blind SQL Injection
|
18 |
WEB
|
High-Tech Bridge SA
|
|
2013-12-17
|
|
Ditto Forensic FieldStation 2013Oct15a - Multiple Vulnerabilities
|
16 |
WEB
|
Martin Wundram
|
|
2007-07-26
|
|
PHPHostBot 1.05 - 'Authorize.php' Remote File Inclusion
|
15 |
WEB
|
S4M3K
|
|
2007-07-26
|
|
BSM Store Dependent Forums 1.02 - 'Username' SQL Injection
|
17 |
WEB
|
Aria-Security Team
|
|
2007-07-25
|
|
iFoto 1.0 - 'index.php' Directory Traversal
|
18 |
WEB
|
Lostmon
|
|
2007-07-25
|
|
Vikingboard 0.1.2 - 'cp.php' Information Disclosure
|
17 |
WEB
|
Lostmon
|
|
2007-07-25
|
|
Vikingboard 0.1.2 - 'forum.php' Information Disclosure
|
17 |
WEB
|
Lostmon
|
|
2007-07-25
|
|
Vikingboard 0.1.2 - 'topic.php' Cross-Site Scripting
|
19 |
WEB
|
Lostmon
|
|
2007-07-25
|
|
Vikingboard 0.1.2 - 'post.php' Cross-Site Scripting
|
15 |
WEB
|
Lostmon
|
|
2007-07-25
|
|
Vikingboard 0.1.2 - 'user.php' Cross-Site Scripting
|
15 |
WEB
|
Lostmon
|
|
2007-07-25
|
|
Vikingboard 0.1.2 - 'cp.php' Cross-Site Scripting
|
20 |
WEB
|
Lostmon
|
|
2007-07-25
|
|
W1L3D4 philboard 0.3 - Cross-Site Scripting
|
16 |
WEB
|
GeFORC3
|
|
2007-07-24
|
|
cPanel 10.9.1 - 'Resname' Cross-Site Scripting
|
17 |
WEB
|
Aria-Security Team
|
|
2007-07-24
|
|
Webbler CMS 3.1.3 - Mail A Friend Open Email Relay
|
18 |
WEB
|
Adrian Pastor
|
