|
2013-12-15
|
|
Phone Drive Eightythree 4.1.1 iOS - Multiple Vulnerabilities
|
7 |
WEB
|
Vulnerability-Lab
|
|
2013-12-15
|
|
Piwigo CMS 2.5.3 - Multiple Web Vulnerabilities
|
7 |
WEB
|
sajith
|
|
2007-07-13
|
|
Dating Gold 3.0.5 - 'secure.admin.php?int_path' Remote File Inclusion
|
7 |
WEB
|
mostafa_ragab
|
|
2007-07-13
|
|
Dating Gold 3.0.5 - 'footer.php?int_path' Remote File Inclusion
|
6 |
WEB
|
mostafa_ragab
|
|
2007-07-13
|
|
Dating Gold 3.0.5 - 'header.php?int_path' Remote File Inclusion
|
8 |
WEB
|
mostafa_ragab
|
|
2007-03-23
|
|
MzK Blog - 'Katgoster.asp' SQL Injection
|
8 |
WEB
|
GeFORC3
|
|
2007-07-13
|
|
ActiveWeb Contentserver CMS 5.6.2929 - Client-Side Filtering Bypass
|
10 |
WEB
|
RedTeam Pentesting
|
|
2007-07-13
|
|
contentserver 5.6.2929 - '/errors/transaction.asp?msg' Cross-Site Scripting
|
9 |
WEB
|
RedTeam Pentesting
|
|
2007-07-13
|
|
contentserver 5.6.2929 - '/errors/rights.asp?msg' Cross-Site Scripting
|
10 |
WEB
|
RedTeam Pentesting
|
|
2007-07-13
|
|
ActiveWeb Contentserver 5.6.2929 - 'Picture_Real_Edit.asp' SQL Injection
|
9 |
WEB
|
RedTeam Pentesting
|
|
2007-07-12
|
|
Inmostore 4.0 - 'index.php' SQL Injection
|
9 |
WEB
|
Keniobats
|
|
2007-07-12
|
|
Helma 1.5.3 - Search Script Cross-Site Scripting
|
8 |
WEB
|
Hanno Boeck
|
|
2007-07-11
|
|
IBM Proventia Sensor Appliance - Multiple Input Validation Vulnerabilities
|
9 |
WEB
|
Alex Hernandez
|
|
2007-07-11
|
|
EnViVo!CMS - 'default.asp?ID' SQL Injection
|
8 |
WEB
|
durito
|
|
2007-07-10
|
|
ImgSvr 0.6 - 'Template' Local File Inclusion
|
7 |
WEB
|
Tim Brown
|
|
2007-07-09
|
|
SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Remote Command Execution Vulnerabilities
|
9 |
WEB
|
Stefan Esser
|
|
2007-07-07
|
|
Levent Veysi Portal 1.0 - 'Oku.asp' SQL Injection
|
8 |
WEB
|
GeFORC3
|
|
2007-07-05
|
|
Maia Mailguard 1.0.2 - 'login.php' Multiple Local File Inclusions
|
8 |
WEB
|
Adriel T. Desautels
|
|
2007-07-04
|
|
OpManager 6/7 - '/admin/DeviceAssociation.do' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Lostmon
|
|
2007-07-04
|
|
OpManager 6/7 - 'admin/ServiceConfiguration.do?Operation' Cross-Site Scripting
|
8 |
WEB
|
Lostmon
|
|
2007-07-04
|
|
OpManager 6/7 - reports/ReportViewAction.do Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Lostmon
|
|
2007-07-04
|
|
OpManager 6/7 - 'traceRoute.do?name' Cross-Site Scripting
|
8 |
WEB
|
Lostmon
|
|
2007-07-04
|
|
OpManager 6/7 - 'ping.do?name' Cross-Site Scripting
|
8 |
WEB
|
Lostmon
|
|
2007-07-04
|
|
NetFlow Analyzer 5 - '/jspui/customReport.jsp?rtype' Cross-Site Scripting
|
7 |
WEB
|
Lostmon
|
|
2007-07-04
|
|
NetFlow Analyzer 5 - '/jspui/selectDevice.jsp?rtype' Cross-Site Scripting
|
9 |
WEB
|
Lostmon
|
|
2007-07-04
|
|
NetFlow Analyzer 5 - 'netflow/jspui/index.jsp?view' Cross-Site Scripting
|
7 |
WEB
|
Lostmon
|
|
2007-07-04
|
|
NetFlow Analyzer 5 - '/jspui/appConfig.jsp?task' Cross-Site Scripting
|
7 |
WEB
|
Lostmon
|
|
2007-07-04
|
|
NetFlow Analyzer 5 - '/jspui/applicationList.jsp?alpha' Cross-Site Scripting
|
8 |
WEB
|
Lostmon
|
|
2007-07-03
|
|
Oliver - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
A. R.
|
|
2007-07-02
|
|
Liesbeth Base CMS - Information Disclosure
|
9 |
WEB
|
durito
|
|
2007-07-02
|
|
Moodle 1.7.1 - 'index.php' Cross-Site Scripting
|
8 |
WEB
|
MustLive
|
|
2007-07-02
|
|
Yoggie Pico and Pico Pro Backticks - Remote Code Execution
|
8 |
WEB
|
Cody Brocious
|
|
2007-07-02
|
|
Claroline 1.8.3 - '$_SERVER['PHP_SELF']' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
munozferna
|
|
2007-06-27
|
|
ETicket 1.5.5 - 'Open.php' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
Jesper Jurcenoks
|
|
2006-12-02
|
|
DUClassmate 1.x - 'ICity' SQL Injection
|
7 |
WEB
|
Aria-Security Team
|
|
2007-06-27
|
|
Papoo 1.0.3 - 'Plugin.php' Authentication Bypass
|
9 |
WEB
|
Nico Leidecker
|
|
2013-12-12
|
|
Pentagram Cerberus P 6363 DSL Router - Multiple Vulnerabilities
|
6 |
WEB
|
condis
|
|
2013-12-12
|
|
WHMCompleteSolution (WHMCS) 4.x/5.x - Multiple Web Vulnerabilities
|
7 |
WEB
|
AhwAk20o0 --
|
|
2013-12-12
|
|
Cythosia 2.x Botnet (C2 Web Panel) - SQL Injection
|
8 |
WEB
|
GalaxyAndroid
|
|
2013-12-12
|
|
KikChat - Local File Inclusion / Remote Code Execution
|
7 |
WEB
|
cr4wl3r
|
|
2007-06-25
|
|
Calendarix 0.7.20070307 - Multiple SQL Injections
|
9 |
WEB
|
Jesper Jurcenoks
|
|
2007-06-25
|
|
Calendarix 0.7.20070307 - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
Jesper Jurcenoks
|
|
2007-06-25
|
|
MyNews 0.10 - AuthACC SQL Injection
|
7 |
WEB
|
netVigilance
|
|
2007-06-22
|
|
Joomla! / Mambo Component Mod_Forum - 'PHPBB_Root.php' Remote File Inclusion
|
8 |
WEB
|
spymeta
|
|
2007-06-22
|
|
eNdonesia 8.4 - 'banners.php?click Action bid' SQL Injection
|
8 |
WEB
|
laurent gaffie
|
|
2007-06-22
|
|
eNdonesia 8.4 - 'mod.php?viewarticle Action artid' SQL Injection
|
7 |
WEB
|
laurent gaffie
|
|
2007-06-21
|
|
NetClassifieds 1.9.7 - Multiple Input Validation Vulnerabilities
|
7 |
WEB
|
laurent gaffie
|
|
2007-06-21
|
|
PHPAccounts 0.5 - 'index.php' Multiple SQL Injections
|
7 |
WEB
|
r0t
|
|
2007-06-21
|
|
PHPAccounts 0.5 - 'index.php' Local File Inclusion
|
7 |
WEB
|
r0t
|
|
2007-06-20
|
|
Wrapper.php for osCommerce - Local File Inclusion
|
7 |
WEB
|
Joe Bloomquist
|
|
2007-06-20
|
|
FuseTalk 4.0 - 'AuthError.cfm' Multiple Cross-Site Scripting Vulnerabilities
|
6 |
WEB
|
Ivan Almuina
|
|
2013-12-11
|
|
Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities
|
8 |
WEB
|
Vulnerability-Lab
|
|
2013-12-11
|
|
eFront 3.6.14 (build 18012) - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
sajith
|
|
2007-06-20
|
|
FuseTalk 4.0 - 'blog/include/common/comfinish.cfm?FTVAR_SCRIPTRUN' Cross-Site Scripting
|
8 |
WEB
|
Ivan Almuina
|
|
2007-06-20
|
|
FuseTalk 4.0 - 'forum/include/common/comfinish.cfm?FTVAR_SCRIPTRUN' Cross-Site Scripting
|
7 |
WEB
|
Ivan Almuina
|
|
2007-06-20
|
|
Comersus Cart 7.0.7 - 'comersus_message.asp' redirectUrl Cross-Site Scripting
|
9 |
WEB
|
Doz
|
|
2007-06-20
|
|
Comersus Cart 7.0.7 - 'comersus_customerAuthenticateForm.asp' redirectUrl Cross-Site Scripting
|
8 |
WEB
|
Doz
|
|
2007-06-20
|
|
Comersus Cart 7.0.7 - 'comersus_optReviewReadExec.asp?id' SQL Injection
|
8 |
WEB
|
Doz
|
|
2007-06-19
|
|
FuseTalk 2.0/3.0 - 'AuthError.cfm' SQL Injection
|
8 |
WEB
|
Ivan Almuina
|
|
2007-06-18
|
|
Fuzzylime 1.0 - 'Low.php' Cross-Site Scripting
|
7 |
WEB
|
RMx
|
|
2007-08-18
|
|
PHP Hosting Biller 1.0 - 'index.php' Cross-Site Scripting
|
7 |
WEB
|
Serapis.net
|
|
2007-06-18
|
|
WebIf - 'OutConfig' Local File Inclusion
|
7 |
WEB
|
maiosyet
|
|
2007-06-18
|
|
TDizin - 'Arama.asp' Cross-Site Scripting
|
8 |
WEB
|
GeFORC3
|
|
2007-06-18
|
|
WSPortal 1.0 - 'content.php' SQL Injection
|
8 |
WEB
|
Jesper Jurcenoks
|
|
2007-06-14
|
|
Apache MyFaces Tomahawk JSF Framework 1.1.5 - 'Autoscroll' Cross-Site Scripting
|
7 |
WEB
|
Rajat Swarup
|
|
2007-06-14
|
|
Joomla! Component Letterman Subscriber Module 1.2.4 - 'Mod_Lettermansubscribe.php' Cross-Site Script
|
8 |
WEB
|
Edi Strosar
|
|
2007-06-14
|
|
Apache Tomcat 6.0.13 - JSP Example Web Applications Cross-Site Scripting
|
8 |
WEB
|
anonymous
|
|
2013-12-10
|
|
PlaySms 0.9.9.2 - Cross-Site Request Forgery
|
7 |
WEB
|
Saadi Siddiqui
|
|
2007-06-11
|
|
bbPress 0.8.1 - 'BB-login.php' Cross-Site Scripting
|
8 |
WEB
|
Ory Segal
|
|
2007-06-11
|
|
JFFNms 0.8.3 - 'admin/setup.php' Direct Request Authentication Bypass
|
7 |
WEB
|
Tim Brown
|
|
2007-06-11
|
|
JFFNms 0.8.3 - 'admin/adm/test.php' PHP Information Disclosure
|
6 |
WEB
|
Tim Brown
|
|
2007-06-11
|
|
JFFNms 0.8.3 - 'auth.php?user' Cross-Site Scripting
|
7 |
WEB
|
Tim Brown
|
|
2007-06-11
|
|
JFFNms 0.8.3 - 'auth.php' Multiple SQL Injections
|
6 |
WEB
|
Tim Brown
|
|
2007-06-11
|
|
Beehive Forum 0.7.1 - 'links.php' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Ory Segal
|
|
2007-06-09
|
|
vBSupport 2.0.0 Integrated Ticket System - 'vBSupport.php' SQL Injection
|
9 |
WEB
|
rUnViRuS
|
|
2007-06-08
|
|
WordPress Core 2.2 - 'Request_URI' Cross-Site Scripting
|
8 |
WEB
|
zamolx3
|
|
2007-06-08
|
|
Ibrahim Ã?AKICI - 'Okul Portal Haber_Oku.asp' SQL Injection
|
8 |
WEB
|
ertuqrul
|
|
2007-06-07
|
|
WMSCMS 2.0 - Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
Glafkos Charalambous
|
|
2007-06-07
|
|
Atom Photoblog 1.0.1/1.0.9 - 'AtomPhotoblog.php' Multiple Input Validation Vulnerabilities
|
8 |
WEB
|
Serapis.net
|
|
2007-06-06
|
|
ASP Folder Gallery - 'Download_Script.asp' Arbitrary File Download
|
8 |
WEB
|
freeprotect.net
|
|
2007-06-06
|
|
Joomla! Component JD-Wiki 1.0.2 - 'wantedpages.php?MosConfig_absolute_path' Remote File Inclusion
|
8 |
WEB
|
DarkbiteX
|
|
2007-06-06
|
|
Joomla! Component JD-Wiki 1.0.2 - 'dwpage.php?MosConfig_absolute_path' Remote File Inclusion
|
8 |
WEB
|
DarkbiteX
|
|
2013-12-09
|
|
CGILua 3.0 - SQL Injection
|
7 |
WEB
|
aceeeeeeeer .
|
|
2007-06-04
|
|
My Databook - 'diary.php?year' Cross-Site Scripting
|
8 |
WEB
|
Serapis.net
|
|
2007-06-04
|
|
My Databook - 'diary.php?delete' SQL Injection
|
8 |
WEB
|
Serapis.net
|
|
2013-12-08
|
|
Print n Share 5.5 iOS - Multiple Web Vulnerabilities
|
7 |
WEB
|
Vulnerability-Lab
|
|
2013-12-08
|
|
Feetan Inc WireShare 1.9.1 iOS - Persistent
|
10 |
WEB
|
Vulnerability-Lab
|
|
2007-06-04
|
|
WebStudio CMS - 'index.php' Cross-Site Scripting
|
7 |
WEB
|
Glafkos Charalambous
|
|
2007-06-04
|
|
Hunkaray Okul Portaly 1.1 - 'Haberoku.asp' SQL Injection
|
9 |
WEB
|
ertuqrul
|
|
2007-06-04
|
|
Okyanusmedya - 'index.php' Cross-Site Scripting
|
8 |
WEB
|
vagrant
|
|
2007-06-02
|
|
Linker 2.0.4 - 'index.php' Cross-Site Scripting
|
7 |
WEB
|
vagrant
|
|
2007-06-01
|
|
PHPLive! 3.2.2 - '/setup/footer.php' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
ReZEN
|
|
2007-06-01
|
|
PHPLive! 3.2.2 - '/super/info.php?BASE_URL' Cross-Site Scripting
|
7 |
WEB
|
ReZEN
|
|
2007-06-01
|
|
PHPLive! 3.2.2 - '/admin/header.php?admin[name]' Cross-Site Scripting
|
8 |
WEB
|
ReZEN
|
|
2007-06-01
|
|
PHPLive! 3.2.2 - 'help.php' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
ReZEN
|
|
2007-06-01
|
|
PHPLive! 3.2.2 - 'chat.php?sid' Cross-Site Scripting
|
7 |
WEB
|
ReZEN
|
|
2007-06-01
|
|
Evenzia Content Management Systems (CMS) - Cross-Site Scripting
|
8 |
WEB
|
Glafkos Charalambous
|
|
2007-06-01
|
|
Buttercup WFM - 'Title' Cross-Site Scripting
|
8 |
WEB
|
John Martinelli
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - 'common.inc.php?path_inc' Remote File Inclusion
|
8 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - 'index.php?path_inc' Remote File Inclusion
|
8 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - '/plugins/PHPgacl/index.php?path_inc' Remote File Inclusion
|
7 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - 'param.inc.php?path_inc' Remote File Inclusion
|
6 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - '/menu/menuprincipal.php?path_inc' Remote File Inclusion
|
8 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - '/ident/ident.inc.php?path_inc' Remote File Inclusion
|
8 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - '/ident/index.php?path_inc' Remote File Inclusion
|
8 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - '/ident/loginmodif.php?path_inc' Remote File Inclusion
|
8 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - '/ident/loginliste.php?path_inc' Remote File Inclusion
|
9 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - '/ident/disconnect.php?path_inc' Remote File Inclusion
|
9 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - '/ident/identification.php?path_inc' Remote File Inclusion
|
7 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - '/gestion/index.php?path_inc' Remote File Inclusion
|
8 |
WEB
|
pito pito
|
|
2007-05-31
|
|
PHP JackKnife 2.21 - '(PHPJK) G_Display.php' Multiple Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
laurent gaffie
|
|
2007-05-31
|
|
PHP JackKnife 2.21 - '/(PHPJK) UserArea/NewAccounts/index.php?sAccountUnq' Cross-Site Scripting
|
8 |
WEB
|
laurent gaffie
|
|
2007-05-31
|
|
PHP JackKnife 2.21 - '/(PHPJK) UserArea/Authenticate.php?sUName' Cross-Site Scripting
|
7 |
WEB
|
laurent gaffie
|
|
2007-05-31
|
|
PHP JackKnife 2.21 - '/(PHPJK) Search/DisplayResults.php?iSearchID' SQL Injection
|
7 |
WEB
|
laurent gaffie
|
|
2007-05-31
|
|
PHP JackKnife 2.21 - '(PHPJK) G_Display.php?iCategoryUnq' SQL Injection
|
8 |
WEB
|
laurent gaffie
|
|
2007-05-31
|
|
MyBloggie 2.1.x - 'index.php' Multiple SQL Injections
|
8 |
WEB
|
ls@calima.serapis.net
|
|
2007-05-30
|
|
Particle Gallery 1.0 - 'search.php' Cross-Site Scripting
|
8 |
WEB
|
Serapis.net
|
|
2013-12-08
|
|
Ovidentia 7.9.6 - Multiple Vulnerabilities
|
7 |
WEB
|
sajith
|
|
2013-12-08
|
|
WordPress Plugin Download Manager Free & Pro 2.5.8 - Persistent Cross-Site Scripting
|
8 |
WEB
|
Jeroen - IT Nerdbox
|
|
2007-03-16
|
|
Particle Blogger 1.2.1 - 'Archives.php' SQL Injection
|
8 |
WEB
|
Serapis.net
|
|
2007-05-30
|
|
Pheap 2.0 - 'config.php' Pheap_Login Authentication Bypass
|
7 |
WEB
|
Silentz
|
|
2007-05-29
|
|
CPCommerce 1.1 - 'manufacturer.php' SQL Injection
|
7 |
WEB
|
laurent gaffie
|
|
2007-05-28
|
|
DGNews 2.1 - 'NewsID' SQL Injection
|
9 |
WEB
|
laurent gaffie
|
|
2007-05-29
|
|
UebiMiau 2.7.10 - '/demo/pop3/error.php' Multiple Full Path Disclosures
|
8 |
WEB
|
Michal Majchrowicz
|
|
2007-05-29
|
|
UebiMiau 2.7.10 - '/demo/pop3/error.php?selected_theme' Cross-Site Scripting
|
7 |
WEB
|
Michal Majchrowicz
|
