|
2005-12-17
|
|
Round Cube Webmail 0.1 -20051021 - Full Path Disclosure
|
2 |
WEB
|
king_purba
|
|
2005-12-16
|
|
WebCal 3.0 4 - 'webcal.cgi' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Stan Bubrouski
|
|
2005-12-16
|
|
WebGlimpse 2.x - Cross-Site Scripting
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-16
|
|
ScareCrow 2.13 - 'post.cgi?forum' Cross-Site Scripting
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-16
|
|
ScareCrow 2.13 - 'profile.cgi?user' Cross-Site Scripting
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-16
|
|
ScareCrow 2.13 - 'forum.cgi?forum' Cross-Site Scripting
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-16
|
|
Binary Board System 0.2.5 - 'toc.pl?board' Cross-Site Scripting
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-16
|
|
Binary Board System 0.2.5 - 'stats.pl' Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-16
|
|
Binary Board System 0.2.5 - 'reply.pl' Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-16
|
|
PHP Arena PAFileDB Extreme Edition - SQL Injection
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-16
|
|
IHTML Merchant 2.0 - SQL Injection
|
1 |
WEB
|
r0t3d3Vil
|
|
2005-12-16
|
|
IHTML Merchant Mall - SQL Injection
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-16
|
|
EZDatabase 2.1.2 - 'index.php?db_id' SQL Injection
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-16
|
|
EZDatabase 2.1.2 - 'index.php?p' Local File Inclusion
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-15
|
|
Dick Copits PDEstore 1.8 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-15
|
|
Kryptronic ClickCartPro 5.1/5.2 - 'CP-APP.cgi' Cross-Site Scripting
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-15
|
|
PPCal Shopping Cart 3.3 - Cross-Site Scripting
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-15
|
|
ECTOOLS Onlineshop 1.0 - Cross-Site Scripting
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-15
|
|
Soft4e ECW-Cart 2.0.3 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-15
|
|
eDatCat 3.0 - EDCstore.pl Cross-Site Scripting
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-15
|
|
AltantForum 4.0.2 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-15
|
|
Atlant Pro 8.0.9 - Cross-Site Scripting
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-15
|
|
DCForum 1-6 DCBoard Script - 'Page' Cross-Site Scripting
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-15
|
|
Sitenet BBS 2.0 - 'search.cgi?cid' Cross-Site Scripting
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-15
|
|
Sitenet BBS 2.0 - 'netboardr.cgi' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
r0t3d3Vil
|
|
2005-12-15
|
|
MarmaraWeb E-Commerce - Remote File Inclusion
|
3 |
WEB
|
B3g0k
|
|
2005-12-15
|
|
TML 0.5 - 'index.php?id' SQL Injection
|
3 |
WEB
|
X1ngBox
|
|
2005-12-15
|
|
TML 0.5 - 'index.php?form' Cross-Site Scripting
|
3 |
WEB
|
X1ngBox
|
|
2005-12-15
|
|
MarmaraWeb E-Commerce - 'index.php?page' Cross-Site Scripting
|
3 |
WEB
|
B3g0k
|
|
2005-12-14
|
|
Limbo CMS 1.0.4.2 - 'option' Traversal Arbitrary File Access
|
3 |
WEB
|
rgod
|
|
2005-12-14
|
|
Limbo CMS 1.0.4.2 - 'index.php?_SERVER[REMOTE_ADDR]' Cross-Site Scripting
|
4 |
WEB
|
rgod
|
|
2005-12-14
|
|
QuickPayPro 3.1 - 'sales.view.php?customerid' SQL Injection
|
3 |
WEB
|
r0t
|
|
2005-12-14
|
|
QuickPayPro 3.1 - 'tracking.details.php?trackingid' SQL Injection
|
3 |
WEB
|
r0t
|
|
2005-12-14
|
|
QuickPayPro 3.1 - 'design.php?delete' SQL Injection
|
3 |
WEB
|
r0t
|
|
2005-12-14
|
|
QuickPayPro 3.1 - 'subscribers.tracking.edit.php?subtrackingid' SQL Injection
|
2 |
WEB
|
r0t
|
|
2005-12-14
|
|
QuickPayPro 3.1 - 'customer.tickets.view.php' Multiple SQL Injections
|
2 |
WEB
|
r0t
|
|
2005-12-14
|
|
QuickPayPro 3.1 - 'popups.edit.php?popupid' SQL Injection
|
3 |
WEB
|
r0t
|
|
2005-12-14
|
|
Netref 3.0 - 'index.php' SQL Injection
|
4 |
WEB
|
syst3m_f4ult
|
|
2005-12-14
|
|
WikkaWiki 1.1.6 - 'TextSearch.php' Cross-Site Scripting
|
3 |
WEB
|
r0t
|
|
2005-12-14
|
|
ASPBB 0.4 - 'profile.asp?PROFILE_ID' SQL Injection
|
3 |
WEB
|
Dj_Eyes
|
|
2005-12-14
|
|
ASPBB 0.4 - 'forum.asp?FORUM_ID' SQL Injection
|
3 |
WEB
|
Dj_Eyes
|
|
2005-12-14
|
|
ASPBB 0.4 - 'topic.asp?TID' SQL Injection
|
2 |
WEB
|
Dj_Eyes
|
|
2005-12-14
|
|
ASP-DEV XM Forum - 'forum.asp' Cross-Site Scripting
|
3 |
WEB
|
Dj_Eyes
|
|
2005-12-14
|
|
News Module for Envolution - 'modules.php' Multiple SQL Injections
|
3 |
WEB
|
X1ngBox
|
|
2005-12-14
|
|
News Module for Envolution - 'modules.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
X1ngBox
|
|
2005-12-14
|
|
PHP-Nuke 7.x - Content Filtering Bypass
|
4 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-12-14
|
|
CourseForum Technologies ProjectForum 4.7 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
r0t3d3Vil
|
|
2005-12-14
|
|
DreamLevels Dream Poll 3.0 - 'View_Results.php' SQL Injection
|
3 |
WEB
|
r0t3d3Vil
|
|
2005-12-14
|
|
Jamit Job Board 2.4.1 - 'index.php' SQL Injection
|
3 |
WEB
|
r0t3d3Vil
|
|
2005-12-14
|
|
PHP Web Scripts Ad Manager Pro 2.0 - 'Advertiser_statistic.php' SQL Injection
|
3 |
WEB
|
r0t3d3Vil
|
|
2005-12-13
|
|
McGallery 1.0/1.1/2.2 - 'index.php?album' SQL Injection
|
3 |
WEB
|
r0t
|
|
2005-12-13
|
|
McGallery 1.0/1.1/2.2 - 'show.php' Multiple SQL Injections
|
3 |
WEB
|
r0t
|
|
2005-12-13
|
|
McGallery 1.0/1.1/2.2 - 'index.php?language' Traversal Local File Inclusion
|
3 |
WEB
|
r0t
|
|
2013-07-13
|
|
McAfee ePO 4.6.6 - Multiple Vulnerabilities
|
2 |
WEB
|
Nuri Fattah
|
|
2013-07-13
|
|
BMC Service Desk Express 10.2.1.95 - Multiple Vulnerabilities
|
2 |
WEB
|
Nuri Fattah
|
|
2013-07-13
|
|
WordPress Plugin Spicy Blogroll - Local File Inclusion
|
3 |
WEB
|
Ahlspiess
|
|
2005-12-13
|
|
Snipe Gallery 3.1.4 - 'search.php?keyword' Cross-Site Scripting
|
3 |
WEB
|
r0t
|
|
2005-12-13
|
|
Snipe Gallery 3.1.4 - 'image.php?image_id' SQL Injection
|
3 |
WEB
|
r0t
|
|
2005-12-13
|
|
Snipe Gallery 3.1.4 - 'view.php?gallery_id' SQL Injection
|
2 |
WEB
|
r0t
|
|
2005-12-13
|
|
Mantis Bug Tracker 0.x/1.0 - 'View_filters_page.php' Cross-Site Scripting
|
2 |
WEB
|
r0t
|
|
2005-12-13
|
|
PHP JackKnife 2.21 - Cross-Site Scripting
|
3 |
WEB
|
r0t3d3Vil
|
|
2005-12-13
|
|
VCD-db 0.9x Search Module - 'batch' Cross-Site Scripting
|
1 |
WEB
|
r0t3d3Vil
|
|
2005-12-13
|
|
VCD-db 0.9x - 'search.php?by' SQL Injection
|
3 |
WEB
|
r0t3d3Vil
|
|
2005-12-13
|
|
Plogger Beta 2 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
r0t
|
|
2005-12-13
|
|
Plogger Beta 2 - 'index.php?id' SQL Injection
|
3 |
WEB
|
r0t
|
|
2005-12-13
|
|
PHPWebGallery 1.3.4/1.5.1 - 'picture.php' SQL Injection
|
2 |
WEB
|
r0t3d3Vil
|
|
2005-12-13
|
|
PHPWebGallery 1.3.4/1.5.1 - 'category.php' SQL Injection
|
3 |
WEB
|
r0t3d3Vil
|
|
2005-12-13
|
|
PHPWebGallery 1.3.4/1.5.1 - 'comments.php' SQL Injection
|
3 |
WEB
|
r0t3d3Vil
|
|
2005-12-13
|
|
EncapsGallery 1.0 - 'gallery.php' SQL Injection
|
3 |
WEB
|
r0t3d3Vil
|
|
2005-12-13
|
|
PHPCOIN 1.2.2 - '/includes/db.php?$_CCFG[_PKG_PATH_DBSE]' Traversal Arbitrary File Access
|
3 |
WEB
|
retrogod@aliceposta.it
|
|
2005-12-13
|
|
phpCOIN 1.2.2 - CCFG[_PKG_PATH_DBSE] Remote File Inclusion
|
3 |
WEB
|
retrogod@aliceposta.it
|
|
2005-12-13
|
|
EveryAuction 1.53 - Auction.pl Cross-Site Scripting
|
3 |
WEB
|
$um$id
|
|
2005-12-12
|
|
Arab Portal 2.0 - 'Link.php' SQL Injection
|
3 |
WEB
|
stranger-killer
|
|
2005-12-12
|
|
BTGrup Admin WebController - SQL Injection
|
3 |
WEB
|
khc@bsdmail.org
|
|
2005-12-12
|
|
Scout Portal Toolkit 1.3.1 - 'SPT-UserLogin.php' SQL Injection
|
3 |
WEB
|
Preddy
|
|
2005-12-12
|
|
Scout Portal Toolkit 1.3.1 - 'SPT-AdvancedSearch.php' Cross-Site Scripting
|
3 |
WEB
|
Preddy
|
|
2005-12-12
|
|
Scout Portal Toolkit 1.3.1 - 'SPT-BrowseResources.php' Cross-Site Scripting
|
4 |
WEB
|
Preddy
|
|
2005-12-12
|
|
Scout Portal Toolkit 1.3.1 - 'SPT-QuickSearch.php' Cross-Site Scripting
|
4 |
WEB
|
Preddy
|
|
2005-12-12
|
|
BlackBoard Academic Suite 6.2.3.23 - Frameset.jsp Cross-Domain Frameset Loading
|
3 |
WEB
|
dr_insane
|
|
2005-12-12
|
|
LocazoList Classifieds 1.0 - 'SearchDB.asp' Input Validation
|
3 |
WEB
|
r0t3d3Vil
|
|
2005-12-12
|
|
Magic Book Professional 2.0 - 'Book.cfm' Cross-Site Scripting
|
3 |
WEB
|
r0t
|
|
2005-12-08
|
|
Nortel SSL VPN 4.2.1.6 - Web Interface Input Validation
|
3 |
WEB
|
Daniel Fabian
|
|
2005-12-08
|
|
MilliScripts 1.4 - 'register.php' Cross-Site Scripting
|
2 |
WEB
|
Security Nation
|
|
2005-12-08
|
|
CF_Nuke 4.6 - 'index.cfm' Cross-Site Scripting
|
2 |
WEB
|
r0t
|
|
2005-12-08
|
|
CF_Nuke 4.6 - 'index.cfm' Local File Inclusion
|
3 |
WEB
|
r0t
|
|
2005-12-08
|
|
Magic Forum Personal - 'view_thread.cfm' Multiple SQL Injections
|
3 |
WEB
|
r0t
|
|
2005-12-08
|
|
Magic Forum Personal - 'view_forum.cfm?ForumID' SQL Injection
|
3 |
WEB
|
r0t
|
|
2005-12-08
|
|
Magic List Pro - 'view_archive.cfm?ListID' SQL Injection
|
3 |
WEB
|
r0t
|
|
2005-12-07
|
|
Dell TrueMobile 2300 - Remote Credential Reset
|
3 |
WEB
|
TNull
|
|
2005-12-07
|
|
ASPMForum - 'kullanicilistesi.asp?harf' SQL Injection
|
3 |
WEB
|
dj_eyes2005
|
|
2005-12-07
|
|
ASPMForum - 'forum.asp?baslik' SQL Injection
|
3 |
WEB
|
dj_eyes2005
|
|
2005-12-07
|
|
DRZES Hms 3.2 - 'login.php' Cross-Site Scripting
|
3 |
WEB
|
Vipsta
|
|
2005-12-07
|
|
Thwboard Beta 2.8 - 'misc.php?userid' SQL Injection
|
3 |
WEB
|
trueend5
|
|
2005-12-07
|
|
Thwboard Beta 2.8 - 'v_profile.php?user' SQL Injection
|
3 |
WEB
|
trueend5
|
|
2005-12-07
|
|
Thwboard Beta 2.8 - 'calendar.php?year' SQL Injection
|
3 |
WEB
|
trueend5
|
|
2005-12-06
|
|
Cars Portal 1.1 - 'index.php' Multiple SQL Injections
|
3 |
WEB
|
r0t
|
|
2005-12-06
|
|
PluggedOut Blog 1.9.x - 'index.php' Multiple SQL Injections
|
3 |
WEB
|
r0t
|
|
2005-12-06
|
|
DoceboLms 2.0.x - 'connector.php' Directory Traversal
|
3 |
WEB
|
rgod
|
|
2005-12-06
|
|
A-FAQ 1.0 - 'faqDsp.asp?catcode' SQL Injection
|
3 |
WEB
|
r0t
|
|
2005-12-06
|
|
A-FAQ 1.0 - 'faqDspItem.asp?faqid' SQL Injection
|
3 |
WEB
|
r0t
|
|
2005-12-06
|
|
RWAuction Pro 4.0 - 'search.asp' Cross-Site Scripting
|
3 |
WEB
|
r0t
|
|
2005-12-06
|
|
NetAuctionHelp 3.0 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
r0t
|
|
2005-12-06
|
|
IISWorks ASPKnowledgeBase 2.0 - 'KB.asp' Cross-Site Scripting
|
3 |
WEB
|
r0t
|
|
2005-12-06
|
|
DuWare DuPortalPro 3.4.3 - 'Password.asp' Cross-Site Scripting
|
3 |
WEB
|
Dj_Eyes
|
|
2013-07-10
|
|
Zoom Telephonics X4/X5 ADSL Modem - Multiple Vulnerabilities
|
3 |
WEB
|
Kyle Lovett
|
|
2013-07-10
|
|
vBulletin vBShout Mod - Persistent Cross-Site Scripting
|
3 |
WEB
|
[]0iZy5
|
|
2013-07-10
|
|
vBulletin Advanced User Tagging Mod - Persistent Cross-Site Scripting
|
3 |
WEB
|
[]0iZy5
|
|
2005-12-05
|
|
Edgewall Software Trac 0.7.1/0.8/0.9 Search Module - SQL Injection
|
3 |
WEB
|
anonymous
|
|
2005-12-05
|
|
Blog System 1.2 - 'index.php?cat' SQL Injection
|
3 |
WEB
|
r0t3d3Vil
|
|
2005-12-05
|
|
Web4Future Portal Solutions - 'Arhiva.php' Directory Traversal
|
3 |
WEB
|
r0t
|
|
2005-12-05
|
|
Web4Future Affiliate Manager PRO 4.1 - 'functions.php' SQL Injection
|
3 |
WEB
|
r0t
|
|
2005-12-05
|
|
Web4Future Portal Solutions - 'Comentarii.php' SQL Injection
|
3 |
WEB
|
r0t
|
|
2005-12-05
|
|
Web4Future eDating Professional 5.0 - 'fq.php?cid' SQL Injection
|
2 |
WEB
|
r0t
|
|
2005-12-05
|
|
Web4Future eDating Professional 5.0 - 'articles.php?cat' SQL Injection
|
2 |
WEB
|
r0t
|
|
2005-12-05
|
|
Web4Future eDating Professional 5.0 - 'gift.php?cid' SQL Injection
|
3 |
WEB
|
r0t
|
|
2005-12-05
|
|
Web4Future eDating Professional 5.0 - 'index.php' Multiple SQL Injections
|
2 |
WEB
|
r0t
|
|
2005-12-05
|
|
Relative Real Estate Systems 1.2 - SQL Injection
|
3 |
WEB
|
r0t3d3Vil
|
|
2005-12-05
|
|
Hobosworld HobSR - Multiple SQL Injections
|
3 |
WEB
|
r0t3d3Vil
|
|
2005-12-05
|
|
1-Script 1-Search 1.8 - '1search.CGI' Cross-Site Scripting
|
2 |
WEB
|
r0t
|
|
2005-12-05
|
|
SAMEDIA LandShop 0.6.3 - 'ls.php' Multiple SQL Injections
|
3 |
WEB
|
r0t3d3Vil
|
|
2005-12-05
|
|
Web4Future eCommerce Enterprise Edition 2.1 - 'viewbrands.php?bid' SQL Injection
|
3 |
WEB
|
r0t3d3Vil
|
|
2005-12-05
|
|
Web4Future eCommerce Enterprise Edition 2.1 - 'index.php' Multiple SQL Injections
|
3 |
WEB
|
r0t3d3Vil
|
|
2005-12-05
|
|
Web4Future eCommerce Enterprise Edition 2.1 - 'view.php' Multiple SQL Injections
|
3 |
WEB
|
r0t3d3Vil
|
|
2005-12-05
|
|
Easy Search System 1.1 - 'search.cgi' Cross-Site Scripting
|
3 |
WEB
|
r0t
|
|
2005-11-05
|
|
Widget Property 1.1.19 - 'Property.php' SQL Injection
|
4 |
WEB
|
r0t3d3Vil
|
