|
2006-03-06
|
|
DVGuestbook 1.0/1.2.2 - 'dv_gbook.php?f' Cross-Site Scripting
|
2 |
WEB
|
Liz0ziM
|
|
2006-03-06
|
|
DVGuestbook 1.0/1.2.2 - 'index.php?page' Cross-Site Scripting
|
3 |
WEB
|
Liz0ziM
|
|
2006-03-04
|
|
Simplog 1.0.2 - Information Disclosure
|
2 |
WEB
|
Retard
|
|
2006-03-04
|
|
CutePHP CuteNews 1.4.1 - 'index.php' Cross-Site Scripting
|
2 |
WEB
|
Roozbeh Afrasiabi
|
|
2006-03-04
|
|
Woltlab Burning Board 2.3.4 - 'misc.php' Cross-Site Scripting
|
2 |
WEB
|
r57shell
|
|
2006-03-04
|
|
Easy Forum 2.5 - New User Image File HTML Injection
|
4 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-03-04
|
|
VBZooM Forum 1.11 - 'contact.php?UserID' Cross-Site Scripting
|
2 |
WEB
|
Mr.SNAKE
|
|
2006-03-04
|
|
VBZooM Forum 1.11 - 'comment.php?UserID' Cross-Site Scripting
|
2 |
WEB
|
Mr.SNAKE
|
|
2006-03-04
|
|
VBZoom Forum 1.11 - 'show.php' MainID SQL Injection
|
2 |
WEB
|
Mr.SNAKE
|
|
2006-03-02
|
|
LogIT 1.3/1.4 - Remote File Inclusion
|
1 |
WEB
|
botan
|
|
2006-03-02
|
|
NZ eCommerce System - 'index.php' Multiple SQL Injections
|
2 |
WEB
|
r0t
|
|
2006-03-02
|
|
vBulletin 3.0/3.5 - 'profile.php?Email' HTML Injection
|
2 |
WEB
|
imei
|
|
2006-03-02
|
|
PluggedOut Nexus 0.1 - 'forgotten_password.php' SQL Injection
|
2 |
WEB
|
Hamid Ebadi
|
|
2006-03-02
|
|
DCI-Designs Dawaween 1.03 - 'Poems.php' SQL Injection
|
2 |
WEB
|
sherba
|
|
2006-03-01
|
|
SMBlog 1.2 - Arbitrary PHP Command Execution
|
2 |
WEB
|
botan
|
|
2006-02-28
|
|
PEHEPE Membership Management System 3.0 - Remote PHP Script Code Injection
|
2 |
WEB
|
Yunus Emre Yilmaz
|
|
2006-02-26
|
|
PEHEPE Membership Management System 3.0 - 'Sol_menu.php' Cross-Site Scripting
|
3 |
WEB
|
Yunus Emre Yilmaz
|
|
2006-02-28
|
|
Mozilla Thunderbird 1.5 - Multiple Remote Information Disclosure Vulnerabilities
|
3 |
WEB
|
Crashfr
|
|
2006-02-28
|
|
EJ3 TOPo 2.2.178 - 'Inc_header.php' Cross-Site Scripting
|
3 |
WEB
|
Yunus Emre Yilmaz
|
|
2006-02-28
|
|
QwikiWiki 1.4 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
Dr^Death
|
|
2006-02-27
|
|
n8cms 1.1/1.2 - 'mailto.php?userid' Cross-Site Scripting
|
2 |
WEB
|
Liz0ziM
|
|
2006-02-27
|
|
n8cms 1.1/1.2 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Liz0ziM
|
|
2006-02-27
|
|
n8cms 1.1/1.2 - 'index.php' Multiple SQL Injections
|
3 |
WEB
|
Liz0ziM
|
|
2006-02-25
|
|
D3Jeeb Pro 3 - 'catogary.php?catid' SQL Injection
|
3 |
WEB
|
SAUDI
|
|
2006-02-25
|
|
D3Jeeb Pro 3 - 'fastlinks.php?catid' SQL Injection
|
3 |
WEB
|
SAUDI
|
|
2006-02-27
|
|
Archangel Weblog 0.90.2 - Authentication Bypass
|
3 |
WEB
|
KingOfSka
|
|
2006-02-27
|
|
Woltlab Burning Board 1.1.1/2.x - 'galerie_onfly.php' Cross-Site Scripting
|
3 |
WEB
|
botan
|
|
2006-02-27
|
|
Woltlab Burning Board 1.1.1/2.x - 'galerie_index.php?Username' Cross-Site Scripting
|
3 |
WEB
|
botan
|
|
2006-02-27
|
|
Fantastic News 2.1.1 - SQL Injection
|
3 |
WEB
|
SAUDI
|
|
2006-02-25
|
|
Thomson SpeedTouch 500 Series - LocalNetwork Page 'name' Cross-Site Scripting
|
3 |
WEB
|
Preben Nylokken
|
|
2006-02-25
|
|
PHP-Nuke 7.8 - 'Mainfile.php' SQL Injection
|
3 |
WEB
|
waraxe
|
|
2013-08-03
|
|
RiteCMS 1.0.0 - Multiple Vulnerabilities
|
3 |
WEB
|
Yashar shahinzadeh
|
|
2006-02-25
|
|
DCI-Taskeen 1.03 - 'cat.php' Multiple SQL Injections
|
3 |
WEB
|
Linux_Drox
|
|
2006-02-25
|
|
DCI-Taskeen 1.03 - 'basket.php' Multiple SQL Injections
|
3 |
WEB
|
Linux_Drox
|
|
2006-02-25
|
|
FreeHostShop Website Generator 3.3 - Arbitrary File Upload
|
3 |
WEB
|
NSA Group
|
|
2006-02-25
|
|
SPiD 1.3.1 - 'Scan_Lang_Insert.php' Local File Inclusion
|
3 |
WEB
|
NSA Group
|
|
2006-02-25
|
|
Battleaxe Software BttlxeForum 2.0 - 'Failure.asp' Cross-Site Scripting
|
3 |
WEB
|
rUnViRuS
|
|
2006-02-22
|
|
myPHPNuke 1.8.8 - 'download.php' Cross-Site Scripting
|
3 |
WEB
|
Mustafa Can Bjorn
|
|
2006-02-22
|
|
myPHPNuke 1.8.8 - 'reviews.php' Cross-Site Scripting
|
3 |
WEB
|
Mustafa Can Bjorn
|
|
2006-02-23
|
|
JGS-Gallery 4.0 - 'Board jgs_galerie_scroll.php?userid' Cross-Site Scripting
|
3 |
WEB
|
nuker
|
|
2006-02-23
|
|
JGS-Gallery 4.0 - 'jgs_galerie_slideshow.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
nuker
|
|
2006-02-23
|
|
PHPX 3.5.9 - XCode Tag HTML Injection
|
3 |
WEB
|
Thomas Pollet
|
|
2006-02-23
|
|
CubeCart 3.0.x - Arbitrary File Upload
|
2 |
WEB
|
NSA Group
|
|
2006-02-23
|
|
Oi! Email Marketing System 3.0 - 'index.php' SQL Injection
|
2 |
WEB
|
h4cky0u
|
|
2006-02-23
|
|
NOCC 1.0 - 'html_bottom_table.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
rgod
|
|
2006-02-23
|
|
NOCC 1.0 - 'no_mail.php?html_no_mail' Cross-Site Scripting
|
3 |
WEB
|
rgod
|
|
2006-02-23
|
|
NOCC 1.0 - 'filter_prefs.php?html_filter_select' Cross-Site Scripting
|
3 |
WEB
|
rgod
|
|
2006-02-23
|
|
NOCC 1.0 - 'error.php?html_error_occurred' Cross-Site Scripting
|
3 |
WEB
|
rgod
|
|
2006-02-23
|
|
Web Calendar Pro - 'Dropbase.php' SQL Injection
|
3 |
WEB
|
ReZEN
|
|
2013-08-02
|
|
Oracle Hyperion 11 - Directory Traversal
|
2 |
WEB
|
Richard Warren
|
|
2013-08-02
|
|
WordPress Plugin Better WP Security 3.4.8/3.4.9/3.4.10/3.5.2/3.5.3 - Persistent Cross-Site Scripting
|
3 |
WEB
|
Richard Warren
|
|
2013-08-02
|
|
TP-Link TL-SC3171 IP Cameras - Multiple Vulnerabilities
|
3 |
WEB
|
Core Security
|
|
2013-08-02
|
|
Western Digital My Net Wireless Routers - Password Disclosure
|
3 |
WEB
|
Kyle Lovett
|
|
2013-08-02
|
|
Cotonti 0.9.13 - SQL Injection
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2013-08-02
|
|
MiCasaVerde VeraLite 1.5.408 - Multiple Vulnerabilities
|
3 |
WEB
|
Trustwave's SpiderLabs
|
|
2013-08-02
|
|
INSTEON Hub 2242-222 - Lack of Web and API Authentication
|
3 |
WEB
|
Trustwave's SpiderLabs
|
|
2013-08-02
|
|
D-Link DIR-645 1.03B08 - Multiple Vulnerabilities
|
3 |
WEB
|
Roberto Paleari
|
|
2013-08-02
|
|
Telmanik CMS Press 1.01b - 'pages.php?page_name' SQL Injection
|
3 |
WEB
|
Anarchy Angel
|
|
2013-08-02
|
|
vTiger CRM 5.4.0 SOAP - Multiple Vulnerabilities
|
3 |
WEB
|
EgiX
|
|
2013-08-02
|
|
BigACE 2.7.8 - Cross-Site Request Forgery (Add Admin)
|
3 |
WEB
|
Yashar shahinzadeh
|
|
2013-08-02
|
|
FunGamez - Arbitrary File Upload
|
3 |
WEB
|
cr4wl3r
|
|
2013-08-02
|
|
Ginkgo CMS - 'index.php?rang' SQL Injection
|
3 |
WEB
|
Raw-x
|
|
2013-08-02
|
|
SocialEngine Timeline Plugin 4.2.5p9 - Arbitrary File Upload
|
3 |
WEB
|
spyk2r
|
|
2006-02-22
|
|
Dragonfly CMS 9.0.6.1 Coppermine Module - 'album' Cross-Site Scripting
|
3 |
WEB
|
Lostmon
|
|
2006-02-22
|
|
Dragonfly CMS 9.0.6.1 Downloads Module - 'c' Cross-Site Scripting
|
3 |
WEB
|
Lostmon
|
|
2006-02-22
|
|
Dragonfly CMS 9.0.6.1 Surveys Module - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Lostmon
|
|
2006-02-22
|
|
Dragonfly CMS 9.0.6.1 Web_Links Module - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Lostmon
|
|
2006-02-22
|
|
Dragonfly CMS 9.0.6.1 Stories_Archive Module - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Lostmon
|
|
2006-02-22
|
|
Dragonfly CMS 9.0.6 1 News Module - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Lostmon
|
|
2006-02-22
|
|
Dragonfly CMS 9.0.6 1 Your_Account Module - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Lostmon
|
|
2006-02-22
|
|
Noah's Classifieds 1.0/1.3 - 'index.php' Remote File Inclusion
|
2 |
WEB
|
trueend5
|
|
2006-02-22
|
|
Noah's Classifieds 1.0/1.3 - Local File Inclusion
|
2 |
WEB
|
trueend5
|
|
2006-02-22
|
|
Noah's Classifieds 1.0/1.3 - Search Page SQL Injection
|
3 |
WEB
|
trueend5
|
|
2006-02-22
|
|
Noah's Classifieds 1.0/1.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
trueend5
|
|
2006-02-22
|
|
RunCMS 1.x - 'Ratefile.php' Cross-Site Scripting
|
3 |
WEB
|
Roozbeh Afrasiabi
|
|
2006-02-21
|
|
PostNuke 0.6x/0.7x NS-Languages Module - 'language' SQL Injection
|
3 |
WEB
|
Maksymilian Arciemowicz
|
|
2006-02-21
|
|
PostNuke 0.6x/0.7x NS-Languages Module - 'language' Cross-Site Scripting
|
4 |
WEB
|
Maksymilian Arciemowicz
|
|
2006-02-20
|
|
CuteNews 1.4.1 - 'show_news.php' Cross-Site Scripting
|
3 |
WEB
|
imei
|
|
2006-02-20
|
|
Magic Calendar Lite 1.02 - 'index.php' SQL Injection
|
3 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-02-20
|
|
TTS Software Time Tracking Software 3.0 - 'edituser.php' Access Validation
|
3 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-02-18
|
|
PHP-Nuke 7.x - CAPTCHA Bypass
|
3 |
WEB
|
waraxe
|
|
2006-02-18
|
|
Webpagecity WPC easy - SQL Injection
|
3 |
WEB
|
murfie
|
|
2006-02-18
|
|
E107 Website System 0.7.2 Chatbox Plugin - HTML Injection
|
3 |
WEB
|
marc & shb
|
|
2006-02-17
|
|
V-Webmail 1.6.2 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
$um$id
|
|
2006-02-16
|
|
Siteframe Beaumont 5.0.1/5.0.2 - 'page.php' HTML Injection
|
3 |
WEB
|
federico.alice@tiscali.it
|
|
2006-02-16
|
|
MyBB 1.0.3 - 'Managegroup.php' Cross-Site Scripting
|
3 |
WEB
|
imei
|
|
2006-02-16
|
|
MyBB 1.0.2/1.0.3 - 'Managegroup.php' SQL Injection
|
3 |
WEB
|
imei
|
|
2006-02-15
|
|
BirthSys 3.1 - Multiple SQL Injections
|
3 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-02-16
|
|
Dreamcost HostAdmin 3.0 - 'index.php' Remote File Inclusion
|
3 |
WEB
|
ReZEN
|
|
2006-02-15
|
|
HTML::BBCode 1.03/1.04 - HTML Injection
|
3 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-02-15
|
|
MyBB 1.0.3 - 'private.php' Multiple SQL Injections
|
3 |
WEB
|
imei
|
|
2006-02-15
|
|
My Blog 1.63 - BBCode HTML Injection
|
3 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-02-15
|
|
Mantis Bug Tracker 0.x/1.0 - 'manage_user_page.php?sort' Cross-Site Scripting
|
3 |
WEB
|
Thomas Waldegger
|
|
2006-02-15
|
|
Mantis Bug Tracker 0.x/1.0 - 'view_all_set.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Thomas Waldegger
|
|
2006-02-15
|
|
WordPress Core 2.0 - Comment Post HTML Injection
|
3 |
WEB
|
imei
|
|
2006-02-14
|
|
RunCMS 1.2/1.3 - 'PMLite.php' SQL Injection
|
3 |
WEB
|
Hamid Ebadi
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/tasks/gantt.php?baseDir' Remote File Inclusion
|
3 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/public/date_format.php?baseDir' Remote File Inclusion
|
2 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/public/calendar.php?baseDir' Remote File Inclusion
|
2 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/admin/vw_usr_roles.php?baseDir' Remote File Inclusion
|
3 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/projects/vw_files.php?dPconfig[root_dir]' Remote File Inclusion
|
3 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/projects/gantt2.php?dPconfig[root_dir]' Remote File Inclusion
|
3 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/includes/session.php?baseDir' Remote File Inclusion
|
2 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/includes/db_connect.php?baseDir' Remote File Inclusion
|
3 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/projects/gantt.php?dPconfig[root_dir]' Remote File Inclusion
|
3 |
WEB
|
r.verton
|
|
2006-02-14
|
|
sNews - 'index.php' Multiple SQL Injections
|
3 |
WEB
|
joffer
|
|
2006-02-14
|
|
sNews - Comment Body Cross-Site Scripting
|
4 |
WEB
|
joffer
|
|
2006-02-14
|
|
DELTAScripts PHP Classifieds 6.20 - 'Member_Login.php' SQL Injection
|
3 |
WEB
|
Audun Larsen
|
|
2006-02-14
|
|
QwikiWiki 1.5 - 'search.php' Cross-Site Scripting
|
3 |
WEB
|
Citynova
|
|
2006-02-13
|
|
Gastebuch 1.3.2 - Cross-Site Scripting
|
3 |
WEB
|
Micha Borrmann
|
|
2006-02-13
|
|
PHP-Nuke 6.x/7.x - 'header.php?Pagetitle' Cross-Site Scripting
|
3 |
WEB
|
Janek Vind
|
|
2006-02-13
|
|
Clever Copy 2.0/3.0 - Multiple HTML Injection Vulnerabilities
|
3 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-02-13
|
|
XMB Forum 1.8/1.9 - 'u2u.php?Username' Cross-Site Scripting
|
2 |
WEB
|
GulfTech Security
|
|
2006-02-13
|
|
Virtual Hosting Control System 2.2/2.4 - 'login.php?check_login()' Authentication Bypass
|
3 |
WEB
|
Roman Medina-Heigl Hernandez
|
|
2006-02-13
|
|
Virtual Hosting Control System 2.2/2.4 - 'change_password.php' Current Password
|
3 |
WEB
|
Roman Medina-Heigl Hernandez
|
|
2006-02-13
|
|
Lawrence Osiris DB_eSession 1.0.2 - Class SQL Injection
|
3 |
WEB
|
GulfTech Security
|
|
2006-02-12
|
|
Siteframe Beaumont 5.0.1 - 'search.php?Q' Cross-Site Scripting
|
3 |
WEB
|
Kiki
|
|
2006-02-11
|
|
ImageVue 0.16.1 - 'upload.php' Unrestricted Arbitrary File Upload
|
3 |
WEB
|
zjieb
|
|
2006-02-11
|
|
ImageVue 0.16.1 - 'index.php?bgcol' Cross-Site Scripting
|
3 |
WEB
|
zjieb
|
|
2006-02-11
|
|
ImageVue 0.16.1 - 'readfolder.php?path' Arbitrary Directory Listing
|
3 |
WEB
|
zjieb
|
|
2006-02-11
|
|
ImageVue 0.16.1 - 'dir.php' Folder Permission Disclosure
|
3 |
WEB
|
zjieb
|
|
2006-02-11
|
|
LinPHA 0.9.x/1.0 - 'forth_stage_install.php' Local File Inclusion
|
3 |
WEB
|
rgod
|
|
2006-02-11
|
|
LinPHA 0.9.x/1.0 - 'sec_stage_install.php' Local File Inclusion
|
3 |
WEB
|
rgod
|
|
2006-02-11
|
|
LinPHA 0.9.x/1.0 - 'install.php' Local File Inclusion
|
3 |
WEB
|
rgod
|
|
2006-02-11
|
|
LinPHA 0.9.x/1.0 - 'lang' Local File Inclusion
|
3 |
WEB
|
rgod
|
