|
2007-04-07
|
|
PHPwebnews 0.1 - 'index.php' Cross-Site Scripting
|
4 |
WEB
|
the_Edit0r
|
|
2007-04-07
|
|
PHPwebnews 0.1 - 'iklan.php' Cross-Site Scripting
|
4 |
WEB
|
the_Edit0r
|
|
2007-04-11
|
|
Cosign 2.0.1/2.9.4a - CGI Register Command Remote Authentication Bypass
|
3 |
WEB
|
Jon Oberheide
|
|
2007-04-11
|
|
Cosign 2.0.1/2.9.4a - CGI Check Cookie Command Remote Authentication Bypass
|
4 |
WEB
|
Jon Oberheide
|
|
2007-04-11
|
|
PHPFaber TopSites 3 - 'admin/index.php' Directory Traversal
|
3 |
WEB
|
Dr.RoVeR
|
|
2007-04-11
|
|
DotClear 1.2.x - '/tools/thememng/index.php?tool_url' Cross-Site Scripting
|
4 |
WEB
|
nassim
|
|
2007-04-11
|
|
DotClear 1.2.x - '/ecrire/trackback.php?post_id' Cross-Site Scripting
|
3 |
WEB
|
nassim
|
|
2013-11-26
|
|
WordPress Plugin dzs-videogallery - Arbitrary File Upload
|
3 |
WEB
|
link_satisi
|
|
2007-04-10
|
|
DropAFew 0.2 - 'editlogcal.php?save Action calories' SQL Injection
|
4 |
WEB
|
Alexander Klink
|
|
2007-04-10
|
|
DropAFew 0.2 - 'search.php?delete Action id' SQL Injection
|
3 |
WEB
|
Alexander Klink
|
|
2007-04-10
|
|
DropAFew 0.2 - 'newaccount2.php' Arbitrary Account Creation
|
3 |
WEB
|
Alexander Klink
|
|
2007-04-10
|
|
MyNews 4.2.2 - 'Week_Events.php' Remote File Inclusion
|
3 |
WEB
|
hackberry
|
|
2007-04-10
|
|
Einfacher Passworschutz - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
hackberry
|
|
2007-04-09
|
|
DeskPro 2.0.1 - 'login.php' HTML Injection
|
4 |
WEB
|
John Martinelli
|
|
2007-04-09
|
|
eCardMAX HotEditor 4.0 - 'Keyboard.php' Local File Inclusion
|
3 |
WEB
|
Liz0ziM
|
|
2007-04-09
|
|
UBBCentral UBB.Threads 6.1.1 - 'UBBThreads.php' SQL Injection
|
3 |
WEB
|
John Martinelli
|
|
2007-04-09
|
|
QuizShock 1.6.1 - 'auth.php' HTML Injection
|
3 |
WEB
|
John Martinelli
|
|
2007-04-06
|
|
Livor 2.5 - 'index.php' Cross-Site Scripting
|
2 |
WEB
|
Arham Muhammad
|
|
2007-04-04
|
|
Gazi Okul Sitesi 2007 - 'Fotokategori.asp' SQL Injection
|
4 |
WEB
|
CoNqUeRoR
|
|
2007-04-02
|
|
Atlassian JIRA 3.4.2 - IssueNavigator.JSPA Cross-Site Scripting
|
4 |
WEB
|
syniack
|
|
2007-03-31
|
|
PHP-Fusion 6.1.5 Mod Calendar_Panel - 'Show_Event.php' SQL Injection
|
4 |
WEB
|
UNIQUE-KEY
|
|
2007-03-30
|
|
Drake CMS 0.3.7 - '404.php' Local File Inclusion
|
3 |
WEB
|
HACKERS PAL
|
|
2013-11-25
|
|
TP-Link WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities
|
3 |
WEB
|
Samandeep Singh
|
|
2013-11-24
|
|
MyBB Ajaxfs 2 Plugin - SQL Injection
|
4 |
WEB
|
IeDb ir
|
|
2013-11-24
|
|
Pirelli Discus DRG A125g - Remote Change WiFi Password
|
3 |
WEB
|
Sebastián Magof
|
|
2013-11-24
|
|
Pirelli Discus DRG A125g - Local Password Disclosure
|
3 |
WEB
|
Sebastián Magof
|
|
2013-11-24
|
|
Pirelli Discus DRG A125g - Remote Change SSID Value
|
4 |
WEB
|
Sebastián Magof
|
|
2013-11-23
|
|
ImpressPages CMS 3.8 - Persistent Cross-Site Scripting
|
4 |
WEB
|
sajith
|
|
2013-11-23
|
|
LimeSurvey 2.00+ (build 131107) - Multiple Vulnerabilities
|
3 |
WEB
|
LiquidWorm
|
|
2007-03-14
|
|
aBitWhizzy - 'whizzylink.php?d' Traversal Arbitrary Directory Listing
|
3 |
WEB
|
Lostmon
|
|
2007-03-26
|
|
Fizzle 0.5 - RSS Feed HTML Injection
|
4 |
WEB
|
CrYpTiC MauleR
|
|
2007-11-26
|
|
Satel Lite - 'Satellite.php' Local File Inclusion
|
4 |
WEB
|
rUnViRuS
|
|
2007-03-26
|
|
Mephisto Blog 0.7.3 - Search Function Cross-Site Scripting
|
4 |
WEB
|
The[Boss]
|
|
2007-03-26
|
|
CcCounter 2.0 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
Crackers_Child
|
|
2007-03-26
|
|
Image_Upload Script 2.0 - Multiple Remote File Inclusions
|
3 |
WEB
|
Crackers_Child
|
|
2007-03-24
|
|
Free File Hosting System 1.1 - 'register.php?AD_BODY_TEMP' Remote File Inclusion
|
2 |
WEB
|
IbnuSina
|
|
2007-03-24
|
|
Free File Hosting System 1.1 - 'login.php?AD_BODY_TEMP' Remote File Inclusion
|
4 |
WEB
|
IbnuSina
|
|
2007-03-24
|
|
Free File Hosting System 1.1 - 'contact.php?AD_BODY_TEMP' Remote File Inclusion
|
4 |
WEB
|
IbnuSina
|
|
2007-03-20
|
|
W-Agora 4.2.1 - 'change_password.php?userid' Cross-Site Scripting
|
3 |
WEB
|
laurent gaffie
|
|
2007-03-20
|
|
W-Agora 4.2.1 - 'search.php?search_user' Cross-Site Scripting
|
3 |
WEB
|
laurent gaffie
|
|
2007-03-20
|
|
W-Agora 4.2.1 - 'profile.php?showuser' Cross-Site Scripting
|
4 |
WEB
|
laurent gaffie
|
|
2007-03-20
|
|
W-Agora 4.2.1 - Multiple Arbitrary File Upload Vulnerabilities
|
3 |
WEB
|
laurent gaffie
|
|
2007-03-20
|
|
Web Wiz Forums 8.05 - String Filtering SQL Injection
|
3 |
WEB
|
Ivan Fratric
|
|
2007-03-19
|
|
LedgerSMB1.0/1.1 / SQL-Ledger 2.6.x - 'Login' Local File Inclusion / Authentication Bypass
|
3 |
WEB
|
Chris Travers
|
|
2007-03-19
|
|
PHPX 3.5.15/3.5.16 - 'gallery.php' SQL Injection
|
3 |
WEB
|
laurent gaffie
|
|
2007-03-19
|
|
PHPX 3.5.15/3.5.16 - 'news.php' SQL Injection
|
3 |
WEB
|
laurent gaffie
|
|
2007-03-19
|
|
PHPX 3.5.15/3.5.16 - 'users.php' SQL Injection
|
4 |
WEB
|
laurent gaffie
|
|
2007-03-19
|
|
PHPX 3.5.15/3.5.16 - 'forums.php' SQL Injection
|
4 |
WEB
|
laurent gaffie
|
|
2007-03-19
|
|
PHPX 3.5.15/3.5.16 - 'print.php' SQL Injection
|
3 |
WEB
|
laurent gaffie
|
|
2007-03-19
|
|
Guesbara 1.2 - Administrator Password Change
|
4 |
WEB
|
Kacper
|
|
2007-03-19
|
|
WordPress Core < 2.1.2 - 'PHP_Self' Cross-Site Scripting
|
3 |
WEB
|
Alexander Concha
|
|
2007-03-17
|
|
phpStats 0.1.9 - 'PHP-Stats-options.php' Remote Code Execution
|
3 |
WEB
|
rgod
|
|
2007-03-16
|
|
phpStats 0.1.9 - Multiple SQL Injections
|
4 |
WEB
|
rgod
|
|
2007-03-16
|
|
Holtstraeter Rot 13 - 'Enkrypt.php' Directory Traversal
|
3 |
WEB
|
h4ck3r
|
|
2007-03-16
|
|
DirectAdmin 1.292 - 'CMD_USER_STATS' Cross-Site Scripting
|
3 |
WEB
|
Mandr4ke
|
|
2007-03-15
|
|
Horde Framework 3.1.3 - 'login.php' Cross-Site Scripting
|
4 |
WEB
|
Moritz Naumann
|
|
2007-03-15
|
|
Viper Web Portal 0.1 - 'index.php' Remote File Inclusion
|
3 |
WEB
|
Abdus Samad
|
|
2007-03-15
|
|
Horde IMP Webmail 4.0.4 Client - Multiple Input Validation Vulnerabilities
|
3 |
WEB
|
Immerda Project Group
|
|
2007-03-13
|
|
Weekly Drawing Contest 0.0.1 - 'Check_Vote.php' Local File Inclusion
|
4 |
WEB
|
h4ck3r
|
|
2007-03-12
|
|
ClipShare 1.5.3 - 'ADODB-Connection.Inc.php' Remote File Inclusion
|
2 |
WEB
|
RaeD Hasadya
|
|
2013-11-20
|
|
PHP-Nuke 8.2.4 - Multiple Vulnerabilities
|
4 |
WEB
|
Sojobo dev team
|
|
2007-03-10
|
|
SoftNews 4.1/5.5 - '/engine/Ajax/editnews.php?root_dir' Remote File Inclusion
|
3 |
WEB
|
Hasadya Raed
|
|
2007-03-10
|
|
SoftNews 4.1/5.5 - '/engine/init.php?root_dir' Remote File Inclusion
|
3 |
WEB
|
Hasadya Raed
|
|
2007-03-10
|
|
Premod SubDog 2 - '/includes/logger_engine.php?phpbb_root_path' Remote File Inclusion
|
4 |
WEB
|
Hasadya Raed
|
|
2007-03-10
|
|
Premod SubDog 2 - '/includes/themen_portal_mitte.php?phpbb_root_path' Remote File Inclusion
|
4 |
WEB
|
Hasadya Raed
|
|
2007-03-10
|
|
Premod SubDog 2 - '/includes/functions_kb.php?phpbb_root_path' Remote File Inclusion
|
4 |
WEB
|
Hasadya Raed
|
|
2007-03-09
|
|
Duyuru Scripti - 'Goster.asp' SQL Injection
|
3 |
WEB
|
Cr@zy_King
|
|
2007-03-09
|
|
JCCorp URLShrink Free 1.3.1 - 'CreateURL.php' Remote File Inclusion
|
4 |
WEB
|
Hasadya Raed
|
|
2007-03-05
|
|
EPortfolio 1.0 - Client-Side Input Validation
|
4 |
WEB
|
Stefan Friedli
|
|
2013-11-19
|
|
Ruckus Wireless Zoneflex 2942 Wireless Access Point - Authentication Bypass
|
5 |
WEB
|
myexploit
|
|
2007-02-26
|
|
Tyger Bug Tracking System 1.1.3 - 'register.php?PATH_INFO' Cross-Site Scripting
|
4 |
WEB
|
CorryL
|
|
2007-02-26
|
|
Tyger Bug Tracking System 1.1.3 - 'login.php?PATH_INFO' Cross-Site Scripting
|
4 |
WEB
|
CorryL
|
|
2007-02-26
|
|
Tyger Bug Tracking System 1.1.3 - 'ViewBugs.php?s' SQL Injection
|
3 |
WEB
|
CorryL
|
|
2007-03-02
|
|
WordPress Core 2.1.1 - '/wp-includes/theme.php?iz' Arbitrary Command Execution
|
3 |
WEB
|
Ivan Fratric
|
|
2007-03-02
|
|
WordPress Core 2.1.1 - Arbitrary Command Execution
|
4 |
WEB
|
Ivan Fratric
|
|
2007-03-02
|
|
Woltlab Burning Board 2.3.6 - Multiple HTML Injection Vulnerabilities
|
3 |
WEB
|
Samenspender
|
|
2007-03-01
|
|
Built2go News Manager 1.0 Blog - 'rating.php?nid' Cross-Site Scripting
|
4 |
WEB
|
the_Edit0r
|
|
2007-03-01
|
|
Built2go News Manager 1.0 Blog - 'news.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
the_Edit0r
|
|
2007-03-01
|
|
aWebNews 1.1 - 'listing.php?path_to_news' Remote File Inclusion
|
3 |
WEB
|
mostafa_ragab
|
|
2007-03-01
|
|
S9Y Serendipity 1.1.1 - 'index.php' SQL Injection
|
4 |
WEB
|
Samenspender
|
|
2007-02-27
|
|
WordPress Core 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Stefan Friedli
|
|
2007-02-26
|
|
WordPress Core 2.1.1 - 'post.php' Cross-Site Scripting
|
3 |
WEB
|
Samenspender
|
|
2007-02-26
|
|
Pagesetter 6.2/6.3.0 - 'index.php' Local File Inclusion
|
2 |
WEB
|
D. Matscheko
|
|
2007-02-26
|
|
SQLiteManager 1.2 - 'main.php' Multiple HTML Injection Vulnerabilities
|
3 |
WEB
|
Simon Bonnard
|
|
2007-02-26
|
|
PHPBB2 - 'Admin_Ug_Auth.php' Administrative Bypass
|
3 |
WEB
|
Hasadya Raed
|
|
2007-02-26
|
|
Audins Audiens 3.3 - '/system/index.php?Cookie PHPSESSID' SQL Injection
|
4 |
WEB
|
r00t
|
|
2007-02-26
|
|
Audins Audiens 3.3 - 'setup.php?PATH_INFO' Cross-Site Scripting
|
4 |
WEB
|
r00t
|
|
2007-02-26
|
|
Audins Audiens 3.3 - 'unistall.php' Authentication Bypass
|
2 |
WEB
|
r00t
|
|
2013-11-18
|
|
Kaseya < 6.3.0.2 - Arbitrary File Upload
|
4 |
WEB
|
Security-Assessment.com
|
|
2013-11-18
|
|
ManageEngine Desktop Central 8.0.0 build < 80293 - Arbitrary File Upload
|
4 |
WEB
|
Security-Assessment.com
|
|
2013-11-18
|
|
Dahua DVR 2.608.0000.0/2.608.GV00.0 - Authentication Bypass (Metasploit)
|
4 |
WEB
|
Jake Reynolds
|
|
2013-11-18
|
|
LiveZilla 5.0.1.4 - Remote Code Execution
|
4 |
WEB
|
Curesec Research Team
|
|
2013-11-18
|
|
WordPress Theme Make A Statement (MaS) - Cross-Site Request Forgery
|
4 |
WEB
|
DevilScreaM
|
|
2013-11-18
|
|
WordPress Theme Amplus - Cross-Site Request Forgery
|
4 |
WEB
|
DevilScreaM
|
|
2013-11-18
|
|
WordPress Theme Dimension - Cross-Site Request Forgery
|
3 |
WEB
|
DevilScreaM
|
|
2013-11-18
|
|
WordPress Theme Euclid 1.x - Cross-Site Request Forgery
|
2 |
WEB
|
DevilScreaM
|
|
2007-02-26
|
|
SQLiteManager 1.2 - Local File Inclusion
|
3 |
WEB
|
Simon Bonnard
|
|
2007-02-26
|
|
SolarPay - 'index.php' Local File Inclusion
|
3 |
WEB
|
Hasadya Raed
|
|
2007-02-24
|
|
Docebo CMS 3.0.x - '/modules/htmlframechat/index.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
r00t
|
|
2007-02-24
|
|
Docebo CMS 3.0.x - 'index.php?searchkey' Cross-Site Scripting
|
4 |
WEB
|
r00t
|
|
2007-02-24
|
|
PhotoStand 1.2 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/mysqlevents.php?css' Cross-Site Scripting
|
4 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/y_3.php?css' Cross-Site Scripting
|
3 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/y_2.php?css' Cross-Site Scripting
|
3 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/m_4.php?css' Cross-Site Scripting
|
3 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/m_3.php?css' Cross-Site Scripting
|
3 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/m_2.php?css' Cross-Site Scripting
|
3 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/js.php?css' Cross-Site Scripting
|
2 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - '/data/flatevents.php?css' Cross-Site Scripting
|
2 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Active Calendar 1.2 - 'showcode.php' Local File Inclusion
|
3 |
WEB
|
Simon Bonnard
|
|
2007-02-24
|
|
Pickle 0.3 - 'download.php' Local File Inclusion
|
3 |
WEB
|
laurent gaffie
|
|
2007-02-23
|
|
Simple one-file Gallery - 'gallery.php?f' Cross-Site Scripting
|
3 |
WEB
|
laurent gaffie
|
|
2007-02-23
|
|
Simple one-file Gallery - 'gallery.php?f' Traversal Arbitrary File Access
|
2 |
WEB
|
laurent gaffie
|
|
2007-02-23
|
|
XT:Commerce 3.04 - 'index.php' Local File Inclusion
|
2 |
WEB
|
laurent gaffie
|
|
2007-02-23
|
|
Shop Kit Plus - 'StyleCSS.php' Local File Inclusion
|
2 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
LoveCMS 1.4 - 'id' Cross-Site Scripting
|
2 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
LoveCMS 1.4 - 'load' Traversal Arbitrary File Access
|
3 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
LoveCMS 1.4 - 'step' Traversal Arbitrary File Access
|
3 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
LoveCMS 1.4 - 'step' Remote File Inclusion
|
2 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
Pheap 1.x/2.0 - 'edit.php' Directory Traversal
|
3 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
Plantilla - 'list_main_pages.php?nfolder' Traversal Arbitrary File Access
|
3 |
WEB
|
laurent gaffie
|
|
2013-11-16
|
|
Google Gmail IOS Mobile Application - Persistent Cross-Site Scripting
|
2 |
WEB
|
Ali Raza
|
|
2007-02-22
|
|
Pyrophobia 2.1.3.1 - Traversal Arbitrary File Access
|
3 |
WEB
|
laurent gaffie
|
|
2007-02-22
|
|
Pyrophobia 2.1.3.1 - Cross-Site Scripting
|
3 |
WEB
|
laurent gaffie
|
|
2007-02-21
|
|
Magic News Plus 1.0.2 - 'n_layouts.php?link_parameters' Cross-Site Scripting
|
4 |
WEB
|
HACKERS PAL
|
