|
2006-04-19
|
|
Visale 1.0 - 'pblscg.cgi?catsubno' Cross-Site Scripting
|
3 |
WEB
|
r0t
|
|
2006-04-19
|
|
Visale 1.0 - 'pbpgst.cgi?keyval' Cross-Site Scripting
|
3 |
WEB
|
r0t
|
|
2006-04-19
|
|
ModernBill 4.3 - 'user.php' SQL Injection
|
2 |
WEB
|
r0t
|
|
2006-04-19
|
|
Article Publisher 1.0.1 Pro - Multiple SQL Injections
|
3 |
WEB
|
r0t
|
|
2006-04-19
|
|
CutePHP CuteNews 1.4.1 Editnews Module - Cross-Site Scripting
|
3 |
WEB
|
LoK-Crew
|
|
2006-04-18
|
|
PHPLister 0.4.1 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
botan
|
|
2006-04-18
|
|
RechnungsZentrale 2 1.1.3 - 'Authent.php4' SQL Injection
|
3 |
WEB
|
GroundZero Security
|
|
2006-04-18
|
|
PHPLinks 2.1.2/2.1.3 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
r0t
|
|
2006-04-18
|
|
axoverzicht.CGI - Cross-Site Scripting
|
3 |
WEB
|
Qex
|
|
2006-04-17
|
|
Coppermine 1.4.4 - 'index.php' Local File Inclusion
|
3 |
WEB
|
imei
|
|
2006-04-17
|
|
MyBB 1.1 - Global Variable Overwrite
|
3 |
WEB
|
imei
|
|
2006-04-17
|
|
Manila 9.0.1 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Aaron Kaplan
|
|
2006-04-17
|
|
Calendarix 0.7 - 'YearCal.php' Cross-Site Scripting
|
3 |
WEB
|
botan
|
|
2006-04-17
|
|
Jax Guestbook 3.50 - 'Page' Cross-Site Scripting
|
3 |
WEB
|
ALMOKANN3
|
|
2006-04-17
|
|
DbbS 2.0 - Multiple Input Validation Vulnerabilities
|
3 |
WEB
|
rgod
|
|
2006-04-17
|
|
Blursoft Blur6ex 0.3.462 - 'index.php' Local File Inclusion
|
3 |
WEB
|
Hamid Ebadi
|
|
2006-04-17
|
|
TinyPHPForum 3.6 - Multiple Cross-Site Scripting Vulnerabilities (1)
|
3 |
WEB
|
Hessam-x
|
|
2006-04-17
|
|
Monster Top List 1.4 - 'functions.php' Remote File Inclusion
|
3 |
WEB
|
r0t
|
|
2006-04-17
|
|
PHPFaber TopSites - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
botan
|
|
2006-04-15
|
|
PHPGuestbook 0.0.2/1.0 - HTML Injection
|
3 |
WEB
|
Qex
|
|
2013-08-17
|
|
Photo Transfer Upload 1.0 iOS - Multiple Vulnerabilities
|
3 |
WEB
|
Vulnerability-Lab
|
|
2013-08-17
|
|
Copy to WebDAV 1.1 iOS - Multiple Vulnerabilities
|
3 |
WEB
|
Vulnerability-Lab
|
|
2013-08-17
|
|
Quack Chat 1.0 - Multiple Vulnerabilities
|
3 |
WEB
|
Dylan Irzi
|
|
2006-04-15
|
|
Tiny Web Gallery 1.4 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
Qex
|
|
2006-04-14
|
|
Farsinews 2.1/2.5 - 'search.php' Cross-Site Scripting
|
3 |
WEB
|
amin emami
|
|
2006-04-14
|
|
MODx CMS 0.9.1 - 'index.php' Directory Traversal
|
3 |
WEB
|
Rusydi Hasan
|
|
2006-04-14
|
|
MODx CMS 0.9.1 - 'index.php' Cross-Site Scripting
|
2 |
WEB
|
Rusydi Hasan
|
|
2006-04-14
|
|
Papoo 2.1.x - 'print.php' Cross-Site Scripting
|
3 |
WEB
|
Rusydi Hasan
|
|
2006-04-13
|
|
LifeType 1.0.3 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
Rusydi Hasan
|
|
2006-04-13
|
|
PowerClan 1.14 - 'member.php' SQL Injection
|
3 |
WEB
|
d4igoro
|
|
2006-04-13
|
|
PlanetSearch + - 'Planetsearchplus.php' Cross-Site Scripting
|
3 |
WEB
|
d4igoro
|
|
2006-04-15
|
|
PHPAlbum 0.2.2/0.2.3/4.1 - 'Language.php' File Inclusion
|
3 |
WEB
|
rgod
|
|
2006-04-14
|
|
AR-Blog 5.2 - 'print.php' Cross-Site Scripting
|
3 |
WEB
|
ALMOKANN3
|
|
2006-04-13
|
|
SimpleBBS 1.0.6/1.0.7/1.1 - Arbitrary Command Execution
|
3 |
WEB
|
rUnViRuS
|
|
2006-04-12
|
|
PatroNet CMS - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
Soothackers
|
|
2006-04-12
|
|
MyBB 1.10 - 'member.php' Cross-Site Scripting
|
3 |
WEB
|
o.y.6
|
|
2005-10-31
|
|
phpMyAdmin 2.7 - 'sql.php' Cross-Site Scripting
|
3 |
WEB
|
p0w3r
|
|
2006-04-12
|
|
Interaktiv.shop 4/5 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
r0t
|
|
2006-04-12
|
|
Chipmunk Guestbook 1.3 - 'index.php' SQL Injection
|
3 |
WEB
|
Dr.Jr7
|
|
2006-04-11
|
|
SWSoft Confixx 3.0.6/3.0.8/3.1.2 - 'index.php' SQL Injection
|
3 |
WEB
|
LoK-Crew
|
|
2006-04-11
|
|
Tritanium Bulletin Board 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
d4igoro
|
|
2006-04-11
|
|
Indexu 5.0 - Multiple Remote File Inclusions
|
3 |
WEB
|
SnIpEr_SA
|
|
2006-04-11
|
|
PHPKIT 1.6.1 R2 - 'Include.php' SQL Injection
|
3 |
WEB
|
Hamid Ebadi
|
|
2006-04-11
|
|
SWSoft Confixx 3.1.2 - 'Jahr' Cross-Site Scripting
|
4 |
WEB
|
Snake_23
|
|
2006-04-11
|
|
Dokeos 1.x - 'viewtopic.php' SQL Injection
|
3 |
WEB
|
Alvaro Olavarria
|
|
2006-04-11
|
|
Clever Copy 3.0 - 'Connect.INC' Information Disclosure
|
2 |
WEB
|
M.Hasran Addahroni
|
|
2006-04-11
|
|
Microsoft FrontPage - Server Extensions Cross-Site Scripting
|
3 |
WEB
|
Esteban Martinez Fayo
|
|
2006-04-11
|
|
JetPhoto 1.0/2.0/2.1 - 'detail.php?page' Cross-Site Scripting
|
3 |
WEB
|
0o_zeus_o0
|
|
2006-04-11
|
|
JetPhoto 1.0/2.0/2.1 - 'Slideshow.php?name' Cross-Site Scripting
|
3 |
WEB
|
0o_zeus_o0
|
|
2006-04-11
|
|
JetPhoto 1.0/2.0/2.1 - 'gallery.php?page' Cross-Site Scripting
|
3 |
WEB
|
0o_zeus_o0
|
|
2006-04-11
|
|
JetPhoto 1.0/2.0/2.1 - 'thumbnail.php?page' Cross-Site Scripting
|
3 |
WEB
|
0o_zeus_o0
|
|
2006-04-11
|
|
AzDGVote - Remote File Inclusion
|
3 |
WEB
|
SnIpEr_SA
|
|
2006-04-10
|
|
ShopWeezle 2.0 - 'memo.php?itemID' SQL Injection
|
3 |
WEB
|
r0t
|
|
2006-04-10
|
|
ShopWeezle 2.0 - 'index.php' Multiple SQL Injections
|
3 |
WEB
|
r0t
|
|
2006-04-10
|
|
ShopWeezle 2.0 - 'login.php?itemID' SQL Injection
|
3 |
WEB
|
r0t
|
|
2013-08-15
|
|
Alibaba Clone Tritanium Version - 'news_desc.html' SQL Injection
|
3 |
WEB
|
IRAQ_JAGUAR
|
|
2013-08-15
|
|
w-CMS 2.0.1 - Remote Code Execution
|
3 |
WEB
|
ICheer_No0M
|
|
2013-08-15
|
|
DotNetNuke DNNArticle Module 10.0 - SQL Injection
|
4 |
WEB
|
Sajjad Pourali
|
|
2013-08-15
|
|
Spitfire CMS 1.1.4 - Cross-Site Request Forgery
|
2 |
WEB
|
Yashar shahinzadeh
|
|
2013-08-15
|
|
Pligg CMS 2.0.0rc2 - Cross-Site Request Forgery (File Creation)
|
3 |
WEB
|
DaOne
|
|
2013-08-15
|
|
Mac's CMS 1.1.4 - Multiple Vulnerabilities
|
3 |
WEB
|
Yashar shahinzadeh
|
|
2013-08-15
|
|
KCFinder 2.51 - Local File Disclosure
|
3 |
WEB
|
DaOne
|
|
2006-04-07
|
|
Matt Wright Guestbook 2.3.1 - Guestbook.pl Multiple HTML Injection Vulnerabilities
|
3 |
WEB
|
Liz0ziM
|
|
2006-04-10
|
|
VegaDNS 0.9.9 - 'index.php?cid' SQL Injection
|
3 |
WEB
|
Ph03n1X
|
|
2006-04-10
|
|
SIRE 2.0 - Arbitrary File Upload
|
3 |
WEB
|
simo64
|
|
2006-04-10
|
|
Shadowed Portal 5.7 - 'Load.php' Cross-Site Scripting
|
3 |
WEB
|
Liz0ziM
|
|
2005-04-10
|
|
APT-webshop 3.0/4.0 - 'modules.php' Multiple SQL Injections
|
3 |
WEB
|
r0t
|
|
2006-04-10
|
|
SPIP 1.8.3 - 'Spip_login.php' Remote File Inclusion
|
3 |
WEB
|
cR45H3R
|
|
2006-04-10
|
|
PHPWebGallery 1.4.1 - 'picture.php' Cross-Site Scripting
|
3 |
WEB
|
Psych0
|
|
2006-04-10
|
|
PHPWebGallery 1.4.1 - 'category.php' Cross-Site Scripting
|
3 |
WEB
|
Psych0
|
|
2006-04-10
|
|
PHPMyForum 4.0 - 'index.php?type' CRLF Injection
|
3 |
WEB
|
Psych0
|
|
2006-04-10
|
|
PHPMyForum 4.0 - 'page' Cross-Site Scripting
|
3 |
WEB
|
Psych0
|
|
2006-04-10
|
|
JBook 1.3 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
Psych0
|
|
2006-04-07
|
|
TalentSoft Web+ Shop 5.0 - 'Deptname' Cross-Site Scripting
|
3 |
WEB
|
r0t
|
|
2006-04-07
|
|
AWeb's Banner Generator 3.0 - Cross-Site Scripting
|
3 |
WEB
|
benozor77
|
|
2006-04-07
|
|
vBulletin 3.5.1 - 'Vbugs.php' Cross-Site Scripting
|
3 |
WEB
|
r0t
|
|
2006-04-07
|
|
Bitweaver CMS 1.3 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
KaDaL-X
|
|
2006-04-07
|
|
Jupiter CMS 1.1.5 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
KaDaL-X
|
|
2006-04-06
|
|
MAXDEV CMS 1.0.72/1.0.73 - 'PNuserapi.php' SQL Injection
|
3 |
WEB
|
king_purba
|
|
2006-04-06
|
|
MD News 1 - 'admin.php' SQL Injection
|
3 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2003-04-06
|
|
Basic Analysis and Security Engine (BASE) 1.2.4 - PrintFreshPage Cross-Site Scripting
|
3 |
WEB
|
Adam Ely
|
|
2006-04-06
|
|
SKForum 1.x - 'user.View.action?userID' Cross-Site Scripting
|
3 |
WEB
|
r0t
|
|
2006-04-06
|
|
SKForum 1.x - 'planning.View.action?time' Cross-Site Scripting
|
3 |
WEB
|
r0t
|
|
2006-04-06
|
|
SKForum 1.x - 'area.View.action?areaID' Cross-Site Scripting
|
3 |
WEB
|
r0t
|
|
2006-04-05
|
|
Chucky A. Ivey N.T. 1.1 - 'index.php' Multiple HTML Injection Vulnerabilities
|
3 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-04-04
|
|
ArabPortal 2.0.1 - Multiple Input Validation Vulnerabilities
|
3 |
WEB
|
o.y.6
|
|
2006-04-03
|
|
LucidCMS 2.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Rusydi Hasan
|
|
2006-04-03
|
|
Web-APP.net WebAPP 0.9.x - '/mods/calendar/index.cgi?vsSD' Cross-Site Scripting
|
3 |
WEB
|
r0t
|
|
2006-04-03
|
|
Web-APP.net WebAPP 0.9.x - 'index.cgi' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
r0t
|
|
2006-04-03
|
|
aWebNews 1.2 - 'visview.php?_GET['cid']' SQL Injection
|
3 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-04-03
|
|
Bugzero 4.3.1 - 'edit.jsp' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
r0t
|
|
2006-04-03
|
|
Bugzero 4.3.1 - 'query.jsp?msg' Cross-Site Scripting
|
3 |
WEB
|
r0t
|
|
2006-04-01
|
|
PHPSelect Submit-A-Link - HTML Injection
|
3 |
WEB
|
s3rv3r_hack3r
|
|
2006-04-01
|
|
ISP Site Man - 'admin_login.asp' SQL Injection
|
3 |
WEB
|
s3rv3r_hack3r
|
|
2006-03-31
|
|
Blank'N'Berg 0.2 - Cross-Site Scripting
|
3 |
WEB
|
Amine ABOUD
|
|
2006-03-31
|
|
Blank'N'Berg 0.2 - Directory Traversal
|
3 |
WEB
|
Amine ABOUD
|
|
2006-03-31
|
|
Claroline 1.x - 'rqmkhtml.php' Cross-Site Scripting
|
3 |
WEB
|
rgod
|
|
2006-03-31
|
|
Claroline 1.x - 'rqmkhtml.php' Information Disclosure
|
4 |
WEB
|
rgod
|
|
2006-03-31
|
|
SoftBiz Image Gallery - 'images.php?cid' SQL Injection
|
3 |
WEB
|
Linux_Drox
|
|
2006-03-31
|
|
SoftBiz Image Gallery - 'insert_rating.php?img_id' SQL Injection
|
3 |
WEB
|
Linux_Drox
|
|
2006-03-31
|
|
SoftBiz Image Gallery - 'suggest_image.php?cid' SQL Injection
|
3 |
WEB
|
Linux_Drox
|
|
2006-03-31
|
|
SoftBiz Image Gallery - 'template.php?provided' SQL Injection
|
3 |
WEB
|
Linux_Drox
|
|
2006-03-31
|
|
SoftBiz Image Gallery - 'mage_desc.php' Multiple SQL Injections
|
3 |
WEB
|
Linux_Drox
|
|
2006-03-31
|
|
DbbS 2.0 - 'Topics.php' SQL Injection
|
2 |
WEB
|
DaBDouB-MoSiKaR
|
|
2006-03-31
|
|
RedCMS 0.1 - 'register.php' Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-03-31
|
|
RedCMS 0.1 - 'login.php' Multiple SQL Injections
|
4 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-03-31
|
|
RedCMS 0.1 - 'profile.php?u' SQL Injection
|
2 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-03-31
|
|
Warcraft III Replay Parser for PHP 1.8.c - 'index.php' Remote File Inclusion
|
2 |
WEB
|
botan
|
|
2006-03-31
|
|
SiteSearch Indexer 3.5 - 'searchresults.asp' Cross-Site Scripting
|
2 |
WEB
|
r0t
|
|
2006-03-30
|
|
O2PHP Oxygen 1.0/1.1 - 'post.php' SQL Injection
|
2 |
WEB
|
Morocco Security Team
|
|
2006-03-30
|
|
MediaSlash Gallery - 'index.php' Remote File Inclusion
|
2 |
WEB
|
Morocco Security Team
|
|
2006-03-30
|
|
X-Changer 0.20 - Multiple SQL Injections
|
2 |
WEB
|
Morocco Security Team
|
|
2013-08-12
|
|
Joomla! Component redSHOP 1.2 - SQL Injection
|
2 |
WEB
|
Matias Fontanini
|
|
2013-08-12
|
|
WordPress Plugin Hms Testimonials 2.0.10 - Multiple Vulnerabilities
|
2 |
WEB
|
RogueCoder
|
|
2013-08-12
|
|
Integrated CMS 1.0 - SQL Injection
|
3 |
WEB
|
DSST
|
|
2013-08-12
|
|
Gnew 2013.1 - Multiple Vulnerabilities (1)
|
3 |
WEB
|
LiquidWorm
|
|
2013-08-12
|
|
Ajax PHP Penny Auction 1.x 2.x - Multiple Vulnerabilities
|
3 |
WEB
|
Taha Hunter
|
|
2013-08-12
|
|
PHPVID 1.2.3 - Multiple Vulnerabilities
|
3 |
WEB
|
3spi0n
|
|
2013-08-12
|
|
MLMAuction Script - 'gallery.php?id' SQL Injection
|
3 |
WEB
|
3spi0n
|
|
2013-08-12
|
|
Open Real Estate CMS 1.5.1 - Multiple Vulnerabilities
|
3 |
WEB
|
Yashar shahinzadeh
|
|
2013-08-12
|
|
Tribq CMS 5.2.7 - Cross-Site Request Forgery (Adding/Editing New Administrator Account)
|
3 |
WEB
|
Yashar shahinzadeh
|
|
2006-03-30
|
|
VNews 1.2 - Multiple SQL Injections
|
3 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-03-29
|
|
PhxContacts 0.93 - 'login.php' Cross-Site Scripting
|
3 |
WEB
|
DaBDouB-MoSiKaR
|
|
2006-03-29
|
|
PhxContacts 0.93 - 'contact_view.php?id_contact' SQL Injection
|
2 |
WEB
|
Morocco Security Team
|
|
2006-03-29
|
|
PhxContacts 0.93 - 'carnet.php' Multiple SQL Injections
|
2 |
WEB
|
Morocco Security Team
|
