|
2005-10-13
|
|
YaPiG 0.95b - 'view.php?img_size' Cross-Site Scripting
|
2 |
WEB
|
enji@infosys.tuwien.ac.at
|
|
2005-10-12
|
|
WebGUI 6.x - Arbitrary Command Execution
|
1 |
WEB
|
David Maciejak
|
|
2005-10-11
|
|
Accelerated E Solutions - SQL Injection
|
1 |
WEB
|
Andysheh Soltani
|
|
2005-10-08
|
|
Cyphor 0.19 - 'footer.php?t_login' Cross-Site Scripting
|
1 |
WEB
|
retrogod@aliceposta.it
|
|
2005-10-08
|
|
Cyphor 0.19 - 'newmsg.php?fid' SQL Injection
|
1 |
WEB
|
retrogod@aliceposta.it
|
|
2005-10-08
|
|
Cyphor 0.19 - 'lostpwd.php?nick' SQL Injection
|
1 |
WEB
|
rgod
|
|
2005-10-07
|
|
Aenovo - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
farhad koosha
|
|
2005-10-07
|
|
Aenovo - '/incs/searchdisplay.asp?strSQL' SQL Injection
|
2 |
WEB
|
farhad koosha
|
|
2005-10-07
|
|
Aenovo - '/Password/default.asp?Password' SQL Injection
|
2 |
WEB
|
farhad koosha
|
|
2005-10-07
|
|
Utopia News Pro 1.1.3 - 'footer.php' Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
rgod
|
|
2005-10-07
|
|
Utopia News Pro 1.1.3 - 'header.php?sitetitle' Cross-Site Scripting
|
2 |
WEB
|
rgod
|
|
2005-10-05
|
|
TellMe 1.2 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Donnie Werner
|
|
2013-06-19
|
|
Monkey CMS - Multiple Vulnerabilities
|
2 |
WEB
|
Yashar shahinzadeh_ Mormoroth
|
|
2013-06-19
|
|
imacs CMS 0.3.0 - Unrestricted Arbitrary File Upload
|
2 |
WEB
|
CWH Underground
|
|
2005-09-30
|
|
Merak Mail Server 8.2.4 r - Arbitrary File Deletion
|
2 |
WEB
|
ShineShadow
|
|
2005-09-30
|
|
EasyGuppy 4.5.4/4.5.5 - 'Printfaq.php' Directory Traversal
|
1 |
WEB
|
Josh Zlatin-Amishav
|
|
2005-09-30
|
|
IceWarp Web Mail 5.5.1 - 'calendar_w.html?createdataCX' Cross-Site Scripting
|
1 |
WEB
|
ss_contacts
|
|
2005-09-30
|
|
IceWarp Web Mail 5.5.1 - 'calendar_m.html?createdataCX' Cross-Site Scripting
|
1 |
WEB
|
ss_contacts
|
|
2005-09-30
|
|
IceWarp Web Mail 5.5.1 - 'calendar_d.html?createdataCX' Cross-Site Scripting
|
1 |
WEB
|
ss_contacts
|
|
2005-09-30
|
|
IceWarp Web Mail 5.5.1 - 'blank.html?id' Cross-Site Scripting
|
1 |
WEB
|
ss_contacts
|
|
2005-09-29
|
|
LucidCMS 2.0 - Login SQL Injection
|
1 |
WEB
|
rgod
|
|
2005-09-29
|
|
SquirrelMail 1.4.2 Address Add Plugin - 'add.php' Cross-Site Scripting
|
1 |
WEB
|
anonymous
|
|
2005-09-28
|
|
CubeCart 3.0.3 - 'cart.php?redir' Cross-Site Scripting
|
1 |
WEB
|
Lostmon
|
|
2005-09-28
|
|
CubeCart 3.0.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Lostmon
|
|
2005-09-28
|
|
TWiki TWikiUsers - INCLUDE Function Arbitrary Command Execution
|
2 |
WEB
|
JChristophFuchs
|
|
2005-09-27
|
|
LucidCMS 2.0 - 'index.php' Cross-Site Scripting
|
1 |
WEB
|
X1ngBox
|
|
2005-09-26
|
|
CMS Made Simple 0.10 - 'index.php' Cross-Site Scripting
|
1 |
WEB
|
X1ngBox
|
|
2005-08-23
|
|
PHPMyFAQ 1.5.1 - Logs Unauthorized Access
|
1 |
WEB
|
rgod
|
|
2005-08-23
|
|
PHPMyFAQ 1.5.1 - Local File Inclusion
|
1 |
WEB
|
rgod
|
|
2005-09-23
|
|
PHPMyFAQ 1.5.1 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
rgod
|
|
2005-08-23
|
|
PHPMyFAQ 1.5.1 - 'Password.php' SQL Injection
|
1 |
WEB
|
retrogod@aliceposta.it
|
|
2005-08-21
|
|
jPORTAL 2.2.1/2.3.1 - 'download.php' SQL Injection
|
1 |
WEB
|
krasza
|
|
2005-08-21
|
|
Mall23 - 'AddItem.asp' SQL Injection
|
1 |
WEB
|
SmOk3
|
|
2005-08-21
|
|
PerlDiver 2.31 - 'Perldiver.cgi' Cross-Site Scripting
|
1 |
WEB
|
Donnie Werner
|
|
2005-08-21
|
|
Alkalay.Net (Multiple Scripts) - Remote Command Execution
|
1 |
WEB
|
sullo@cirt.net
|
|
2005-09-20
|
|
PHP Advanced Transfer Manager 1.30 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
rgod
|
|
2005-09-20
|
|
PHP Advanced Transfer Manager 1.30 - Multiple Directory Traversal Vulnerabilities
|
1 |
WEB
|
rgod
|
|
2005-09-20
|
|
Hesk 0.92/0.93 - Session ID Authentication Bypass
|
1 |
WEB
|
Rajesh Sethumadhavan
|
|
2005-09-19
|
|
MX Shop 3.2 - 'index.php' Multiple SQL Injections
|
1 |
WEB
|
David Sopas Ferreira
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/template.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/modlog.php?orderby' Cross-Site Scripting
|
1 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/language.php?goto' Cross-Site Scripting
|
1 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/user.php?email' Cross-Site Scripting
|
1 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/index.php' Multiple Cross-Site Scripting Vulnerabilities
|
0 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/css.php?group' Cross-Site Scripting
|
0 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
NooToplist 1.0 - 'index.php' Multiple SQL Injections
|
1 |
WEB
|
David Sopas Ferreira
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/usertools.php?ids' SQL Injection
|
1 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/usertitle.php?usertitleid' SQL Injection
|
1 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/user.php' Multiple SQL Injections
|
1 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
vBulletin 1.0.1 lite/2.x/3.0 - 'joinrequests.php?request' SQL Injection
|
1 |
WEB
|
deluxe@security-project.org
|
|
2005-09-19
|
|
EPay Pro 2.0 - 'index.php' Directory Traversal
|
1 |
WEB
|
h4cky0u
|
|
2005-09-16
|
|
Content2Web 1.0.1 - Multiple Input Validation Vulnerabilities
|
2 |
WEB
|
Security Tester
|
|
2005-09-15
|
|
DeluxeBB 1.0 - 'newpost.php' SQL Injection
|
1 |
WEB
|
abducter
|
|
2005-09-15
|
|
DeluxeBB 1.0 - 'pm.php' SQL Injection
|
1 |
WEB
|
abducter
|
|
2005-09-15
|
|
DeluxeBB 1.0 - 'forums.php' SQL Injection
|
1 |
WEB
|
abducter
|
|
2005-09-15
|
|
DeluxeBB 1.0 - 'misc.php' SQL Injection
|
1 |
WEB
|
abducter
|
|
2005-09-15
|
|
DeluxeBB 1.0 - 'topic.php' SQL Injection
|
1 |
WEB
|
abducter
|
|
2005-09-15
|
|
AEwebworks aeDating 3.2/4.0 - 'search_result.php' SQL Injection
|
1 |
WEB
|
alexsrb
|
|
2005-09-15
|
|
Digital Scribe 1.4 - Login SQL Injection
|
1 |
WEB
|
rgod
|
|
2005-09-14
|
|
Noah's Classifieds 1.3 - 'index.php' Cross-Site Scripting
|
0 |
WEB
|
trueend5
|
|
2005-09-14
|
|
TWiki TWikiUsers - Arbitrary Command Execution
|
0 |
WEB
|
B4dP4nd4
|
|
2005-09-14
|
|
Noah's Classifieds 1.2/1.3 - 'index.php' SQL Injection
|
0 |
WEB
|
trueend5
|
|
2005-09-14
|
|
ATutor 1.5.1 - Chat Logs Remote Information Disclosure
|
0 |
WEB
|
rgod
|
|
2005-09-14
|
|
ATutor 1.5.1 - 'password_reminder.php' SQL Injection
|
0 |
WEB
|
rgod
|
|
2005-09-14
|
|
MIVA Merchant 5 - Merchant.MVC Cross-Site Scripting
|
0 |
WEB
|
admin@hyperconx.com
|
|
2005-09-13
|
|
Mail-it Now! Upload2Server 1.5 - Arbitrary File Upload
|
0 |
WEB
|
rgod
|
|
2005-09-13
|
|
Land Down Under 800/801 - 'plug.php?e' SQL Injection
|
1 |
WEB
|
GroundZero Security Research
|
|
2005-09-13
|
|
Land Down Under 800/801 - 'auth.php?m' SQL Injection
|
1 |
WEB
|
GroundZero Security Research
|
|
2005-09-13
|
|
Subscribe Me Pro 2.44 - S.pl Directory Traversal
|
1 |
WEB
|
h4cky0u
|
|
2005-09-09
|
|
MyBulletinBoard (MyBB) 1.0 - 'RateThread.php' SQL Injection
|
1 |
WEB
|
stranger-killer
|
|
2013-06-17
|
|
Simple File Manager 024 - Authentication Bypass
|
2 |
WEB
|
Chako
|
|
2013-06-17
|
|
SPBAS Business Automation Software 2012 - Multiple Vulnerabilities
|
2 |
WEB
|
Christy Philip Mathew
|
|
2013-06-17
|
|
Havalite CMS 1.1.7 - Unrestricted Arbitrary File Upload
|
2 |
WEB
|
CWH Underground
|
|
2013-06-17
|
|
Fly-High CMS 2012-07-08 - Unrestricted Arbitrary File Upload
|
2 |
WEB
|
CWH Underground
|
|
2013-06-17
|
|
WordPress Plugin Ultimate WordPress Auction Plugin 1.0 - Cross-Site Request Forgery
|
1 |
WEB
|
expl0i13r
|
|
2005-09-08
|
|
AMember Pro 2.3.4 - Remote File Inclusion
|
2 |
WEB
|
NewAngels Team
|
|
2005-09-08
|
|
Stylemotion WEB//NEWS 1.4 - 'print.php?id' SQL Injection
|
2 |
WEB
|
onkel_fisch
|
|
2005-09-08
|
|
Stylemotion WEB//NEWS 1.4 - 'news.php' Multiple SQL Injections
|
2 |
WEB
|
onkel_fisch
|
|
2005-09-08
|
|
Stylemotion WEB//NEWS 1.4 - 'startup.php' Cookie SQL Injection
|
2 |
WEB
|
onkel_fisch
|
|
2005-09-07
|
|
phpCommunityCalendar 4.0 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
rgod
|
|
2005-09-07
|
|
PBLang 4.65 Bulletin Board System - 'SetCookie.php' Directory Traversal
|
2 |
WEB
|
rgod
|
|
2005-09-07
|
|
phpCommunityCalendar 4.0 - Multiple SQL Injections
|
2 |
WEB
|
rgod
|
|
2005-09-06
|
|
MyBulletinBoard (MyBB) 1.0 - Multiple SQL Injections
|
2 |
WEB
|
stranger-killer
|
|
2005-09-06
|
|
MAXdev MD-Pro 1.0.73 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
rgod
|
|
2005-09-06
|
|
MAXdev MD-Pro 1.0.73 - Arbitrary File Upload
|
2 |
WEB
|
rgod
|
|
2005-09-06
|
|
Unclassified NewsBoard 1.5.3 - 'Description' HTML Injection
|
2 |
WEB
|
retrogod@aliceposta.it
|
|
2005-09-06
|
|
Land Down Under 601/602/700/701/800/801 - 'events.php' HTML Injection
|
2 |
WEB
|
conor.e.buckley
|
|
2005-08-31
|
|
CMS Made Simple 0.10 - 'Lang.php' Remote File Inclusion
|
2 |
WEB
|
groszynskif
|
|
2005-08-31
|
|
FlatNuke 2.5.6 - 'USR' Cross-Site Scripting
|
1 |
WEB
|
rgod
|
|
2013-06-14
|
|
LibrettoCMS 2.2.2 - Arbitrary File Upload
|
1 |
WEB
|
CWH Underground
|
|
2005-08-31
|
|
FlatNuke 2.5.6 - 'ID' Directory Traversal
|
0 |
WEB
|
rgod
|
|
2005-08-30
|
|
phpLDAPadmin 0.9.6/0.9.7 - 'welcome.php' Arbitrary File Inclusion
|
2 |
WEB
|
rgod
|
|
2005-08-29
|
|
PHP-Fusion 4.0/5.0/6.0 - BBCode URL Tag Script Injection
|
2 |
WEB
|
slacker4ever_1
|
|
2005-08-29
|
|
Autolinks 2.1 Pro - 'Al_initialize.php' Remote File Inclusion
|
2 |
WEB
|
4Degrees
|
|
2005-08-29
|
|
Land Down Under 700/701/800/801 - 'list.php' Multiple SQL Injections
|
2 |
WEB
|
matrix_killer
|
|
2005-08-29
|
|
Land Down Under 700/701/800/801 - 'events.php?c' SQL Injection
|
2 |
WEB
|
matrix_killer
|
|
2005-08-29
|
|
Land Down Under 700/701/800/801 - 'index.php?c' SQL Injection
|
2 |
WEB
|
matrix_killer
|
|
2005-08-29
|
|
MyBB - 'member.php' SQL Injection
|
2 |
WEB
|
W7ED
|
|
2005-08-27
|
|
Looking Glass 20040427 - Remote Command Execution
|
2 |
WEB
|
rgod
|
|
2005-08-27
|
|
Looking Glass - Cross-Site Scripting
|
2 |
WEB
|
rgod
|
|
2005-08-29
|
|
PHPWebNotes 2.0 - 'Api.php' Remote File Inclusion
|
2 |
WEB
|
nf2@scheinwelt.at
|
|
2005-08-29
|
|
SqWebMail 5.0.4 - HTML Email IMG Tag Script Injection
|
2 |
WEB
|
Jakob Balle
|
|
2005-08-28
|
|
phpMyAdmin 2.x - 'error.php' Cross-Site Scripting
|
2 |
WEB
|
Michal Cihar
|
|
2005-08-24
|
|
Foojan PHPWeblog - Html Injection
|
2 |
WEB
|
ali202
|
|
2005-08-23
|
|
SaveWebPortal 3.4 - Multiple Directory Traversal Vulnerabilities
|
1 |
WEB
|
rgod
|
|
2005-08-23
|
|
SaveWebPortal 3.4 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
rgod
|
|
2005-08-23
|
|
SaveWebPortal 3.4 - Multiple Remote File Inclusions
|
1 |
WEB
|
rgod
|
|
2005-08-23
|
|
SaveWebPortal 3.4 - Unauthorized Access
|
1 |
WEB
|
rgod
|
|
2005-08-22
|
|
PostNuke 0.75/0.76 DL - 'viewdownload.php' SQL Injection
|
2 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-08-22
|
|
PostNuke 0.76 RC4b - 'user.php?htmltext' Cross-Site Scripting
|
2 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-08-22
|
|
PostNuke 0.76 RC4b Comments Module - 'moderate' Cross-Site Scripting
|
2 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-08-22
|
|
RunCMS 1.1/1.2 Module Newbb_plus/Messages - SQL Injection
|
2 |
WEB
|
GulfTech Security
|
|
2005-08-22
|
|
PHPKit 1.6.1 - 'member.php' SQL Injection
|
2 |
WEB
|
phuket
|
|
2005-08-22
|
|
NEPHP 3.0.4 - 'browse.php' Cross-Site Scripting
|
2 |
WEB
|
bl2k
|
|
2005-08-20
|
|
Land Down Under 800 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
bl2k
|
|
2005-08-20
|
|
Land Down Under 800 - 'journal.php?w' Cross-Site Scripting
|
2 |
WEB
|
bl2k
|
|
2005-08-20
|
|
Land Down Under 800/801 - 'forums.php' Multiple SQL Injections
|
2 |
WEB
|
bl2k
|
|
2005-08-20
|
|
Land Down Under 800/801 - 'list.php' Multiple SQL Injections
|
2 |
WEB
|
bl2k
|
|
2005-08-20
|
|
Land Down Under 800/801 - 'journal.php?m' SQL Injection
|
2 |
WEB
|
bl2k
|
|
2005-08-20
|
|
Land Down Under 800/801 - 'links.php?w' SQL Injection
|
2 |
WEB
|
bl2k
|
|
2005-08-20
|
|
Woltlab Burning Board 2.x - 'ModCP.php' SQL Injection
|
2 |
WEB
|
[R]
|
|
2013-06-13
|
|
Airlive IP Cameras - Multiple Vulnerabilities
|
2 |
WEB
|
Sánchez_ Lopez_ Castillo
|
|
2005-08-19
|
|
Mantis Bug Tracker 0.x/1.0 - Multiple Input Validation Vulnerabilities
|
2 |
WEB
|
anonymous
|
|
2005-08-18
|
|
PHPOutsourcing Zorum 3.5 - 'Prod.php' Arbitrary Command Execution
|
2 |
WEB
|
rgod
|
|
2005-08-18
|
|
ATutor 1.5.1 - 'login.php?course' Cross-Site Scripting
|
2 |
WEB
|
matrix_killer
|
