|
2006-02-23
|
|
JGS-Gallery 4.0 - 'Board jgs_galerie_scroll.php?userid' Cross-Site Scripting
|
1 |
WEB
|
nuker
|
|
2006-02-23
|
|
JGS-Gallery 4.0 - 'jgs_galerie_slideshow.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
nuker
|
|
2006-02-23
|
|
PHPX 3.5.9 - XCode Tag HTML Injection
|
1 |
WEB
|
Thomas Pollet
|
|
2006-02-23
|
|
CubeCart 3.0.x - Arbitrary File Upload
|
0 |
WEB
|
NSA Group
|
|
2006-02-23
|
|
Oi! Email Marketing System 3.0 - 'index.php' SQL Injection
|
0 |
WEB
|
h4cky0u
|
|
2006-02-23
|
|
NOCC 1.0 - 'html_bottom_table.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
rgod
|
|
2006-02-23
|
|
NOCC 1.0 - 'no_mail.php?html_no_mail' Cross-Site Scripting
|
1 |
WEB
|
rgod
|
|
2006-02-23
|
|
NOCC 1.0 - 'filter_prefs.php?html_filter_select' Cross-Site Scripting
|
1 |
WEB
|
rgod
|
|
2006-02-23
|
|
NOCC 1.0 - 'error.php?html_error_occurred' Cross-Site Scripting
|
1 |
WEB
|
rgod
|
|
2006-02-23
|
|
Web Calendar Pro - 'Dropbase.php' SQL Injection
|
1 |
WEB
|
ReZEN
|
|
2013-08-02
|
|
Oracle Hyperion 11 - Directory Traversal
|
1 |
WEB
|
Richard Warren
|
|
2013-08-02
|
|
WordPress Plugin Better WP Security 3.4.8/3.4.9/3.4.10/3.5.2/3.5.3 - Persistent Cross-Site Scripting
|
1 |
WEB
|
Richard Warren
|
|
2013-08-02
|
|
TP-Link TL-SC3171 IP Cameras - Multiple Vulnerabilities
|
1 |
WEB
|
Core Security
|
|
2013-08-02
|
|
Western Digital My Net Wireless Routers - Password Disclosure
|
1 |
WEB
|
Kyle Lovett
|
|
2013-08-02
|
|
Cotonti 0.9.13 - SQL Injection
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2013-08-02
|
|
MiCasaVerde VeraLite 1.5.408 - Multiple Vulnerabilities
|
1 |
WEB
|
Trustwave's SpiderLabs
|
|
2013-08-02
|
|
INSTEON Hub 2242-222 - Lack of Web and API Authentication
|
1 |
WEB
|
Trustwave's SpiderLabs
|
|
2013-08-02
|
|
D-Link DIR-645 1.03B08 - Multiple Vulnerabilities
|
1 |
WEB
|
Roberto Paleari
|
|
2013-08-02
|
|
Telmanik CMS Press 1.01b - 'pages.php?page_name' SQL Injection
|
1 |
WEB
|
Anarchy Angel
|
|
2013-08-02
|
|
vTiger CRM 5.4.0 SOAP - Multiple Vulnerabilities
|
1 |
WEB
|
EgiX
|
|
2013-08-02
|
|
BigACE 2.7.8 - Cross-Site Request Forgery (Add Admin)
|
1 |
WEB
|
Yashar shahinzadeh
|
|
2013-08-02
|
|
FunGamez - Arbitrary File Upload
|
1 |
WEB
|
cr4wl3r
|
|
2013-08-02
|
|
Ginkgo CMS - 'index.php?rang' SQL Injection
|
1 |
WEB
|
Raw-x
|
|
2013-08-02
|
|
SocialEngine Timeline Plugin 4.2.5p9 - Arbitrary File Upload
|
1 |
WEB
|
spyk2r
|
|
2006-02-22
|
|
Dragonfly CMS 9.0.6.1 Coppermine Module - 'album' Cross-Site Scripting
|
1 |
WEB
|
Lostmon
|
|
2006-02-22
|
|
Dragonfly CMS 9.0.6.1 Downloads Module - 'c' Cross-Site Scripting
|
1 |
WEB
|
Lostmon
|
|
2006-02-22
|
|
Dragonfly CMS 9.0.6.1 Surveys Module - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Lostmon
|
|
2006-02-22
|
|
Dragonfly CMS 9.0.6.1 Web_Links Module - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Lostmon
|
|
2006-02-22
|
|
Dragonfly CMS 9.0.6.1 Stories_Archive Module - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Lostmon
|
|
2006-02-22
|
|
Dragonfly CMS 9.0.6 1 News Module - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Lostmon
|
|
2006-02-22
|
|
Dragonfly CMS 9.0.6 1 Your_Account Module - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Lostmon
|
|
2006-02-22
|
|
Noah's Classifieds 1.0/1.3 - 'index.php' Remote File Inclusion
|
0 |
WEB
|
trueend5
|
|
2006-02-22
|
|
Noah's Classifieds 1.0/1.3 - Local File Inclusion
|
0 |
WEB
|
trueend5
|
|
2006-02-22
|
|
Noah's Classifieds 1.0/1.3 - Search Page SQL Injection
|
0 |
WEB
|
trueend5
|
|
2006-02-22
|
|
Noah's Classifieds 1.0/1.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
trueend5
|
|
2006-02-22
|
|
RunCMS 1.x - 'Ratefile.php' Cross-Site Scripting
|
1 |
WEB
|
Roozbeh Afrasiabi
|
|
2006-02-21
|
|
PostNuke 0.6x/0.7x NS-Languages Module - 'language' SQL Injection
|
1 |
WEB
|
Maksymilian Arciemowicz
|
|
2006-02-21
|
|
PostNuke 0.6x/0.7x NS-Languages Module - 'language' Cross-Site Scripting
|
0 |
WEB
|
Maksymilian Arciemowicz
|
|
2006-02-20
|
|
CuteNews 1.4.1 - 'show_news.php' Cross-Site Scripting
|
1 |
WEB
|
imei
|
|
2006-02-20
|
|
Magic Calendar Lite 1.02 - 'index.php' SQL Injection
|
1 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-02-20
|
|
TTS Software Time Tracking Software 3.0 - 'edituser.php' Access Validation
|
1 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-02-18
|
|
PHP-Nuke 7.x - CAPTCHA Bypass
|
1 |
WEB
|
waraxe
|
|
2006-02-18
|
|
Webpagecity WPC easy - SQL Injection
|
1 |
WEB
|
murfie
|
|
2006-02-18
|
|
E107 Website System 0.7.2 Chatbox Plugin - HTML Injection
|
1 |
WEB
|
marc & shb
|
|
2006-02-17
|
|
V-Webmail 1.6.2 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
$um$id
|
|
2006-02-16
|
|
Siteframe Beaumont 5.0.1/5.0.2 - 'page.php' HTML Injection
|
1 |
WEB
|
federico.alice@tiscali.it
|
|
2006-02-16
|
|
MyBB 1.0.3 - 'Managegroup.php' Cross-Site Scripting
|
1 |
WEB
|
imei
|
|
2006-02-16
|
|
MyBB 1.0.2/1.0.3 - 'Managegroup.php' SQL Injection
|
1 |
WEB
|
imei
|
|
2006-02-15
|
|
BirthSys 3.1 - Multiple SQL Injections
|
1 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-02-16
|
|
Dreamcost HostAdmin 3.0 - 'index.php' Remote File Inclusion
|
1 |
WEB
|
ReZEN
|
|
2006-02-15
|
|
HTML::BBCode 1.03/1.04 - HTML Injection
|
1 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-02-15
|
|
MyBB 1.0.3 - 'private.php' Multiple SQL Injections
|
1 |
WEB
|
imei
|
|
2006-02-15
|
|
My Blog 1.63 - BBCode HTML Injection
|
1 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-02-15
|
|
Mantis Bug Tracker 0.x/1.0 - 'manage_user_page.php?sort' Cross-Site Scripting
|
1 |
WEB
|
Thomas Waldegger
|
|
2006-02-15
|
|
Mantis Bug Tracker 0.x/1.0 - 'view_all_set.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Thomas Waldegger
|
|
2006-02-15
|
|
WordPress Core 2.0 - Comment Post HTML Injection
|
1 |
WEB
|
imei
|
|
2006-02-14
|
|
RunCMS 1.2/1.3 - 'PMLite.php' SQL Injection
|
1 |
WEB
|
Hamid Ebadi
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/tasks/gantt.php?baseDir' Remote File Inclusion
|
1 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/public/date_format.php?baseDir' Remote File Inclusion
|
0 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/public/calendar.php?baseDir' Remote File Inclusion
|
0 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/admin/vw_usr_roles.php?baseDir' Remote File Inclusion
|
1 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/projects/vw_files.php?dPconfig[root_dir]' Remote File Inclusion
|
1 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/projects/gantt2.php?dPconfig[root_dir]' Remote File Inclusion
|
1 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/includes/session.php?baseDir' Remote File Inclusion
|
0 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/includes/db_connect.php?baseDir' Remote File Inclusion
|
1 |
WEB
|
r.verton
|
|
2006-02-14
|
|
dotProject 2.0 - '/modules/projects/gantt.php?dPconfig[root_dir]' Remote File Inclusion
|
1 |
WEB
|
r.verton
|
|
2006-02-14
|
|
sNews - 'index.php' Multiple SQL Injections
|
1 |
WEB
|
joffer
|
|
2006-02-14
|
|
sNews - Comment Body Cross-Site Scripting
|
2 |
WEB
|
joffer
|
|
2006-02-14
|
|
DELTAScripts PHP Classifieds 6.20 - 'Member_Login.php' SQL Injection
|
1 |
WEB
|
Audun Larsen
|
|
2006-02-14
|
|
QwikiWiki 1.5 - 'search.php' Cross-Site Scripting
|
1 |
WEB
|
Citynova
|
|
2006-02-13
|
|
Gastebuch 1.3.2 - Cross-Site Scripting
|
1 |
WEB
|
Micha Borrmann
|
|
2006-02-13
|
|
PHP-Nuke 6.x/7.x - 'header.php?Pagetitle' Cross-Site Scripting
|
1 |
WEB
|
Janek Vind
|
|
2006-02-13
|
|
Clever Copy 2.0/3.0 - Multiple HTML Injection Vulnerabilities
|
1 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-02-13
|
|
XMB Forum 1.8/1.9 - 'u2u.php?Username' Cross-Site Scripting
|
0 |
WEB
|
GulfTech Security
|
|
2006-02-13
|
|
Virtual Hosting Control System 2.2/2.4 - 'login.php?check_login()' Authentication Bypass
|
1 |
WEB
|
Roman Medina-Heigl Hernandez
|
|
2006-02-13
|
|
Virtual Hosting Control System 2.2/2.4 - 'change_password.php' Current Password
|
1 |
WEB
|
Roman Medina-Heigl Hernandez
|
|
2006-02-13
|
|
Lawrence Osiris DB_eSession 1.0.2 - Class SQL Injection
|
1 |
WEB
|
GulfTech Security
|
|
2006-02-12
|
|
Siteframe Beaumont 5.0.1 - 'search.php?Q' Cross-Site Scripting
|
2 |
WEB
|
Kiki
|
|
2006-02-11
|
|
ImageVue 0.16.1 - 'upload.php' Unrestricted Arbitrary File Upload
|
2 |
WEB
|
zjieb
|
|
2006-02-11
|
|
ImageVue 0.16.1 - 'index.php?bgcol' Cross-Site Scripting
|
2 |
WEB
|
zjieb
|
|
2006-02-11
|
|
ImageVue 0.16.1 - 'readfolder.php?path' Arbitrary Directory Listing
|
2 |
WEB
|
zjieb
|
|
2006-02-11
|
|
ImageVue 0.16.1 - 'dir.php' Folder Permission Disclosure
|
2 |
WEB
|
zjieb
|
|
2006-02-11
|
|
LinPHA 0.9.x/1.0 - 'forth_stage_install.php' Local File Inclusion
|
2 |
WEB
|
rgod
|
|
2006-02-11
|
|
LinPHA 0.9.x/1.0 - 'sec_stage_install.php' Local File Inclusion
|
2 |
WEB
|
rgod
|
|
2006-02-11
|
|
LinPHA 0.9.x/1.0 - 'install.php' Local File Inclusion
|
2 |
WEB
|
rgod
|
|
2006-02-11
|
|
LinPHA 0.9.x/1.0 - 'lang' Local File Inclusion
|
2 |
WEB
|
rgod
|
|
2013-07-29
|
|
FluxBB 1.5.3 - Multiple Vulnerabilities
|
2 |
WEB
|
LiquidWorm
|
|
2013-07-29
|
|
WebDisk 3.0.2 PhotoViewer iOS - Command Execution
|
2 |
WEB
|
Vulnerability-Lab
|
|
2013-07-29
|
|
Private Photos 1.0 iOS - Persistent Cross-Site Scripting
|
2 |
WEB
|
Vulnerability-Lab
|
|
2013-07-29
|
|
OpenEMM-2013 8.10.380.hf13.0.066 - SOAP SQL Injection / Persistent Cross-Site Scripting
|
2 |
WEB
|
drone
|
|
2006-02-11
|
|
HiveMail 1.2.2/1.3 - 'index.php' $_SERVER['PHP_SELF'] Cross-Site Scripting
|
2 |
WEB
|
GulfTech Security
|
|
2006-02-11
|
|
HiveMail 1.2.2/1.3 - 'folders.update.php?folderid' Arbitrary PHP Command Execution
|
2 |
WEB
|
GulfTech Security
|
|
2006-02-11
|
|
HiveMail 1.2.2/1.3 - 'addressbook.update.php?contactgroupid' Arbitrary PHP Command Execution
|
2 |
WEB
|
GulfTech Security
|
|
2006-02-10
|
|
Farsinews 2.1/2.5 - 'show_archives.php?template' Traversal Arbitrary File Access
|
2 |
WEB
|
Hamid Ebadi
|
|
2013-07-28
|
|
TRENDnet TEW-812DRU - Cross-Site Request Forgery/Command Injection Root
|
2 |
WEB
|
Jacob Holcomb
|
|
2006-02-09
|
|
Papoo 2.1.x - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Dj Eyes
|
|
2006-02-09
|
|
PwsPHP 1.2.3 - SQL Injection
|
2 |
WEB
|
papipsycho
|
|
2006-02-07
|
|
GA's Forum Light - 'Archive.asp' SQL Injection
|
2 |
WEB
|
Dj_Eyes
|
|
2006-02-08
|
|
CPAINT 1.3/2.0.2 - 'TYPE.php' Cross-Site Scripting
|
2 |
WEB
|
GulfTech Security
|
|
2006-02-08
|
|
SPIP 1.8.2 - 'Spip_RSS.php' Remote Command Execution
|
2 |
WEB
|
rgod
|
|
2006-02-08
|
|
vwdev - 'index.php' SQL Injection
|
2 |
WEB
|
Omid Aghababaei
|
|
2006-02-08
|
|
Webeveyn Whomp! Real Estate Manager 2005 - Login SQL Injection
|
2 |
WEB
|
night_warrior771
|
|
2006-02-07
|
|
MyBB 1.0.3 - 'moderation.php' SQL Injection
|
2 |
WEB
|
imei
|
|
2006-02-07
|
|
eyeOS 0.8.x - Session Remote Command Execution
|
2 |
WEB
|
GulfTech Security
|
|
2005-12-22
|
|
Beehive Forum 0.6.2 - 'index.php' SQL Injection
|
2 |
WEB
|
trueend5
|
|
2006-01-29
|
|
UBBCentral UBB.Threads 6.3 - 'showflat.php' SQL Injection
|
2 |
WEB
|
k-otik
|
|
2006-02-04
|
|
IBM Tivoli Access Manager Plugin - Directory Traversal
|
2 |
WEB
|
Timothy D. Morgan
|
|
2006-02-03
|
|
cPanel 10.8.1 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Simo Ben Youssef
|
|
2006-02-02
|
|
CyberShop Ultimate E-Commerce - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
B3g0k
|
|
2006-02-02
|
|
SoftMaker Shop - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
preben@watchcom.no
|
|
2006-02-01
|
|
SPIP 1.8/1.9 - 'index.php3' Cross-Site Scripting
|
2 |
WEB
|
Siegfried
|
|
2006-02-01
|
|
SPIP 1.8/1.9 - Multiple SQL Injections
|
1 |
WEB
|
Siegfried
|
|
2006-02-01
|
|
SZUserMgnt 1.4 - 'Username' SQL Injection
|
1 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-31
|
|
MyBB 1.0/1.1 - 'index.php' Referrer Cookie SQL Injection
|
1 |
WEB
|
Devil-00
|
|
2006-01-31
|
|
Farsinews 2.1 - 'Loginout.php' Remote File Inclusion
|
1 |
WEB
|
Hamid Ebadi
|
|
2006-01-31
|
|
Cerberus Helpdesk 2.7 - 'Clients.php' Cross-Site Scripting
|
1 |
WEB
|
preben@watchcom.no
|
|
2006-01-30
|
|
Daffodil CRM 1.5 - 'Userlogin.asp' SQL Injection
|
1 |
WEB
|
preben@watchcom.no
|
|
2006-01-30
|
|
Ashwebstudio Ashnews 0.83 - Cross-Site Scripting
|
1 |
WEB
|
0o_zeus_o0
|
|
2006-01-30
|
|
PmWiki 2.1 - Multiple Input Validation Vulnerabilities
|
2 |
WEB
|
aScii
|
|
2006-01-30
|
|
sPaiz-Nuke - 'modules.php' Cross-Site Scripting
|
1 |
WEB
|
night_warrior771
|
|
2005-12-15
|
|
ZixForum 1.12 - 'forum.asp' Multiple SQL Injections
|
1 |
WEB
|
Tran Viet Phuong
|
|
2006-01-19
|
|
ASPThai Forums 8.0 - 'login.asp' SQL Injection
|
0 |
WEB
|
code.shell
|
|
2006-01-26
|
|
Elido Face Control - Multiple Directory Traversal Vulnerabilities
|
1 |
WEB
|
HSC Security Group
|
|
2006-01-26
|
|
My Little Homepage Products - BBCode Link Tag Script Injection
|
1 |
WEB
|
Aliaksandr Hartsuyeu
|
|
2006-01-26
|
|
AndoNET Blog 2004.9.2 - 'Comentarios.php' SQL Injection
|
1 |
WEB
|
Aliaksandr Hartsuyeu
|
