|
2005-05-20
|
|
cPanel 9.1 - 'User' Cross-Site Scripting
|
1 |
WEB
|
abducter_minds@yahoo.com
|
|
2005-06-20
|
|
UApplication Ublog Reload 1.0.5 - 'Trackback.asp' Cross-Site Scripting
|
1 |
WEB
|
Dedi Dwianto
|
|
2005-06-20
|
|
Ublog Reload 1.0.5 - 'blog_comment.asp?y' SQL Injection
|
1 |
WEB
|
Dedi Dwianto
|
|
2005-06-20
|
|
Ublog Reload 1.0.5 - 'index.asp' Multiple SQL Injections
|
1 |
WEB
|
Dedi Dwianto
|
|
2005-06-17
|
|
osCommerce 2.1/2.2 - Multiple HTTP Response Splitting Vulnerabilities
|
1 |
WEB
|
GulfTech Security
|
|
2005-06-16
|
|
Cool Cafe Chat 1.2.1 - 'login.asp' SQL Injection
|
1 |
WEB
|
Morning Wood
|
|
2005-06-16
|
|
Ultimate PHP Board 1.8/1.9 - Weak Password Encryption
|
1 |
WEB
|
Alberto Trivero
|
|
2005-06-16
|
|
ATutor 1.4.3 - 'Directory.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Lostmon
|
|
2005-06-16
|
|
ATutor 1.4.3 - 'subscribe_forum.php?us' Cross-Site Scripting
|
1 |
WEB
|
Lostmon
|
|
2005-06-16
|
|
ATutor 1.4.3 - 'tile.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Lostmon
|
|
2005-06-16
|
|
ATutor 1.4.3 - '/inbox/index.php?view' Cross-Site Scripting
|
1 |
WEB
|
Lostmon
|
|
2005-06-16
|
|
ATutor 1.4.3 - 'search.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Lostmon
|
|
2005-06-16
|
|
ATutor 1.4.3 - 'send_message.php?l' Cross-Site Scripting
|
1 |
WEB
|
Lostmon
|
|
2005-06-16
|
|
ATutor 1.4.3 - 'content.php?cid' Cross-Site Scripting
|
1 |
WEB
|
Lostmon
|
|
2005-06-16
|
|
ATutor 1.4.3 - 'contact.php?subject' Cross-Site Scripting
|
1 |
WEB
|
Lostmon
|
|
2005-06-16
|
|
ATutor 1.4.3 - 'browse.php?show_course' Cross-Site Scripting
|
1 |
WEB
|
Lostmon
|
|
2005-06-16
|
|
Ultimate PHP Board 1.8/1.9 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Alberto Trivero
|
|
2005-06-15
|
|
PAFileDB 1.1.3/2.1.1/3.0/3.1 - Multiple Input Validation Vulnerabilities
|
1 |
WEB
|
GulfTech Security
|
|
2005-06-15
|
|
McGallery 1.0/1.1 - Lang Argument File Disclosure
|
1 |
WEB
|
D_BuG
|
|
2005-06-14
|
|
Annuaire 1Two 1.0/1.1 - 'index.php' Cross-Site Scripting
|
1 |
WEB
|
An0nym0uS
|
|
2005-06-13
|
|
FusionBB 0.x - Multiple Input Validation Vulnerabilities
|
1 |
WEB
|
GulfTech Security
|
|
2005-06-13
|
|
Singapore 0.9.11 Beta Image Gallery - 'index.php' Cross-Site Scripting
|
1 |
WEB
|
TheGreatOne2176
|
|
2005-06-12
|
|
JamMail 1.8 - Jammail.pl Arbitrary Command Execution
|
1 |
WEB
|
blahplok
|
|
2005-06-10
|
|
Ovidentia FX - Remote File Inclusion
|
1 |
WEB
|
Status-x
|
|
2013-05-29
|
|
Zavio IP Cameras Firmware 1.6.03 - Multiple Vulnerabilities
|
1 |
WEB
|
Core Security
|
|
2013-05-29
|
|
MayGion IP Cameras Firmware 09.27 - Multiple Vulnerabilities
|
1 |
WEB
|
Core Security
|
|
2013-05-29
|
|
TP-Link IP Cameras Firmware 1.6.18P12 - Multiple Vulnerabilities
|
1 |
WEB
|
Core Security
|
|
2013-05-29
|
|
YeaLink IP Phone Firmware 9.70.0.100 - Phone Call
|
1 |
WEB
|
b0rh
|
|
2013-05-29
|
|
TP-Link WR842ND - Remote Multiple SSID Directory Traversals
|
1 |
WEB
|
Adam Simuntis
|
|
2005-06-09
|
|
Invision Community Blog 1.0/1.1 - Multiple Input Validation Vulnerabilities
|
1 |
WEB
|
GulfTech Security
|
|
2005-06-09
|
|
Invision Power Services Invision Gallery 1.0.1/1.3 - SQL Injection
|
1 |
WEB
|
GulfTech Security
|
|
2005-06-08
|
|
Loki Download Manager 2.0 - 'Catinfo.asp' SQL Injection
|
1 |
WEB
|
hack_912
|
|
2005-06-08
|
|
Loki Download Manager 2.0 - 'default.asp' SQL Injection
|
1 |
WEB
|
hack_912
|
|
2005-06-08
|
|
Cerberus Helpdesk 0.97.3/2.6.1 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Dedi Dwianto
|
|
2005-06-07
|
|
FlatNuke 2.5.x - 'referer.php' Crafted Referer Arbitrary PHP Code Execution
|
1 |
WEB
|
SecWatch
|
|
2005-06-07
|
|
FlatNuke 2.5.x - 'help.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
SecWatch
|
|
2005-06-07
|
|
FlatNuke 2.5.x - 'index.php?where' Full Path Disclosure
|
1 |
WEB
|
SecWatch
|
|
2005-06-06
|
|
Early Impact ProductCart 2.6/2.7 - 'OptionFieldsEdit.asp?idccr' SQL Injection
|
1 |
WEB
|
Dedi Dwianto
|
|
2005-06-06
|
|
Early Impact ProductCart 2.6/2.7 - 'modCustomCardPaymentOpt.asp?idc' SQL Injection
|
1 |
WEB
|
Dedi Dwianto
|
|
2005-06-06
|
|
Early Impact ProductCart 2.6/2.7 - 'editCategories.asp?lid' SQL Injection
|
0 |
WEB
|
Dedi Dwianto
|
|
2005-06-06
|
|
Early Impact ProductCart 2.6/2.7 - 'viewPrd.asp?idcategory' SQL Injection
|
1 |
WEB
|
Dedi Dwianto
|
|
2005-06-06
|
|
YaPiG 0.9x - 'upload.php' Directory Traversal
|
1 |
WEB
|
anonymous
|
|
2005-06-06
|
|
YaPiG 0.9x - 'view.php' Cross-Site Scripting
|
1 |
WEB
|
anonymous
|
|
2005-06-06
|
|
YaPiG 0.9x - Local/Remote File Inclusion
|
1 |
WEB
|
anonymous
|
|
2005-06-06
|
|
WWWeb Concepts Events System 1.0 - 'login.asp' SQL Injection
|
2 |
WEB
|
Romty
|
|
2005-06-03
|
|
Popper Webmail 1.41 - 'ChildWindow.Inc.php' Remote File Inclusion
|
3 |
WEB
|
Leon Juranic
|
|
2005-06-03
|
|
LiteWEB Web Server 2.5 - Authentication Bypass
|
1 |
WEB
|
Ziv Kamir
|
|
2005-06-03
|
|
MWChat 6.7 - 'Start_Lobby.php' Remote File Inclusion
|
1 |
WEB
|
Status-x
|
|
2005-06-02
|
|
Liberum Help Desk 0.97.3 - Multiple SQL Injections
|
1 |
WEB
|
Dedi Dwianto
|
|
2005-06-01
|
|
Livingcolor Livingmailing 1.3 - 'login.asp' SQL Injection
|
1 |
WEB
|
Dj romty
|
|
2005-06-01
|
|
NEXTWEB (i)Site - 'login.asp' SQL Injection
|
1 |
WEB
|
Jim Pangalos
|
|
2005-06-01
|
|
JiRo's Upload System 1.0 - 'login.asp' SQL Injection
|
1 |
WEB
|
Romty
|
|
2005-05-31
|
|
MyBulletinBoard (MyBB) RC4 - Multiple Cross-Site Scripting / SQL Injections
|
1 |
WEB
|
Alberto Trivero
|
|
2005-05-31
|
|
Calendarix 0.8.20071118 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
DarkBicho
|
|
2005-05-31
|
|
PowerDownload 3.0.2/3.0.3 - IncDir Remote File Inclusion
|
1 |
WEB
|
SoulBlack Group
|
|
2005-05-30
|
|
Qualiteam X-Cart 4.0.8 - 'giftcert.php' Multiple SQL Injections
|
1 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-05-30
|
|
Qualiteam X-Cart 4.0.8 - 'search.php?mode' SQL Injection
|
1 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-05-30
|
|
Qualiteam X-Cart 4.0.8 - 'register.php?mode' SQL Injection
|
1 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-05-30
|
|
Qualiteam X-Cart 4.0.8 - 'orders.php?mode' SQL Injection
|
1 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-05-30
|
|
Qualiteam X-Cart 4.0.8 - 'help.php?section' SQL Injection
|
1 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-05-30
|
|
Qualiteam X-Cart 4.0.8 - 'error_message.php?id' SQL Injection
|
1 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-05-30
|
|
Qualiteam X-Cart 4.0.8 - 'product.php' Multiple SQL Injections
|
1 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-05-30
|
|
Qualiteam X-Cart 4.0.8 - 'home.php' Multiple SQL Injections
|
1 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-05-30
|
|
Qualiteam X-Cart 4.0.8 - 'giftcert.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-05-30
|
|
Qualiteam X-Cart 4.0.8 - 'search.php?mode' Cross-Site Scripting
|
1 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-05-30
|
|
Qualiteam X-Cart 4.0.8 - 'register.php?mode' Cross-Site Scripting
|
1 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-05-30
|
|
Qualiteam X-Cart 4.0.8 - 'orders.php?mode' Cross-Site Scripting
|
1 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-05-30
|
|
Qualiteam X-Cart 4.0.8 - 'help.php?section' Cross-Site Scripting
|
1 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-05-30
|
|
Qualiteam X-Cart 4.0.8 - 'error_message.php?id' Cross-Site Scripting
|
1 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-05-30
|
|
Qualiteam X-Cart 4.0.8 - 'product.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-05-30
|
|
Qualiteam X-Cart 4.0.8 - 'home.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2005-05-30
|
|
Hosting Controller 6.1 - User Profile Unauthorized Access
|
1 |
WEB
|
GrayHatz Security Group
|
|
2005-05-28
|
|
India Software Solution Shopping Cart - SQL Injection
|
0 |
WEB
|
Rayden
|
|
2005-05-28
|
|
Hosting Controller 6.1 - 'plandetails.asp' Information Disclosure
|
1 |
WEB
|
GrayHatz Security Group
|
|
2005-05-28
|
|
Hosting Controller 6.1 - 'resellerresources.asp?jresourceid' SQL Injection
|
1 |
WEB
|
GrayHatz Security Group
|
|
2005-05-28
|
|
OS4E - 'login.asp' SQL Injection
|
1 |
WEB
|
Dj romty
|
|
2005-05-28
|
|
NPDS 4.8 < 5.0 - 'faq.php?categories' Cross-Site Scripting
|
1 |
WEB
|
NoSP
|
|
2005-05-28
|
|
NPDS 4.8 < 5.0 - 'links.php?Query' SQL Injection
|
1 |
WEB
|
NoSP
|
|
2005-05-28
|
|
NPDS 4.8 < 5.0 Glossaire Module - 'terme' SQL Injection
|
0 |
WEB
|
NoSP
|
|
2005-05-28
|
|
NPDS 4.8 < 5.0 - 'reply.php?image_subject' Cross-Site Scripting
|
1 |
WEB
|
NoSP
|
|
2005-05-28
|
|
NPDS 4.8 < 5.0 - 'reviews.php?title' Cross-Site Scripting
|
1 |
WEB
|
NoSP
|
|
2005-05-28
|
|
NPDS 4.8 /5.0 - 'modules.php?Lettre' Cross-Site Scripting
|
1 |
WEB
|
NoSP
|
|
2005-05-28
|
|
NPDS 4.8 < 5.0 - 'sdv_infos.php?sitename' Cross-Site Scripting
|
0 |
WEB
|
NoSP
|
|
2005-05-28
|
|
NPDS 4.8 < 5.0 - 'powerpack_f.php?language' Cross-Site Scripting
|
1 |
WEB
|
NoSP
|
|
2005-05-28
|
|
NPDS 4.8 < 5.0 - 'admin.php?language' Cross-Site Scripting
|
1 |
WEB
|
NoSP
|
|
2005-05-28
|
|
Invision Power Board 1.x - Unauthorized Access
|
1 |
WEB
|
V[i]RuS
|
|
2005-05-27
|
|
Jaws Glossary 0.4/0.5 - Cross-Site Scripting
|
1 |
WEB
|
Nah
|
|
2005-05-27
|
|
BEA WebLogic 7.0/8.1 - Administration Console Error Page Cross-Site Scripting
|
1 |
WEB
|
Team SHATTER
|
|
2005-05-27
|
|
BEA WebLogic 7.0/8.1 - Administration Console LoginForm.jsp Cross-Site Scripting
|
1 |
WEB
|
Team SHATTER
|
|
2005-05-26
|
|
BookReview 1.0 - 'suggest_review.htm?node' Cross-Site Scripting
|
2 |
WEB
|
Lostmon
|
|
2005-05-26
|
|
BookReview 1.0 - 'add_classification.htm?isbn' Cross-Site Scripting
|
2 |
WEB
|
Lostmon
|
|
2005-05-26
|
|
BookReview 1.0 - 'search.htm?submit string' Cross-Site Scripting
|
2 |
WEB
|
Lostmon
|
|
2005-05-26
|
|
BookReview 1.0 - 'add_url.htm?node' Cross-Site Scripting
|
2 |
WEB
|
Lostmon
|
|
2005-05-26
|
|
BookReview 1.0 - 'add_booklist.htm?node' Cross-Site Scripting
|
1 |
WEB
|
Lostmon
|
|
2005-05-26
|
|
BookReview 1.0 - 'contact.htm?user' Cross-Site Scripting
|
2 |
WEB
|
Lostmon
|
|
2005-05-26
|
|
BookReview 1.0 - 'suggest_category.htm?node' Cross-Site Scripting
|
2 |
WEB
|
Lostmon
|
|
2005-05-26
|
|
BookReview 1.0 - 'add_contents.htm' Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Lostmon
|
|
2005-05-26
|
|
BookReview 1.0 - 'add_review.htm' Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Lostmon
|
|
2013-05-26
|
|
RadioCMS 2.2 - 'menager.php?playlist_id' SQL Injection
|
2 |
WEB
|
Rooster(XEKA)
|
|
2013-05-26
|
|
WordPress Plugin Spider Catalog 1.4.6 - Multiple Vulnerabilities
|
2 |
WEB
|
waraxe
|
|
2013-05-26
|
|
WordPress Plugin Spider Event Calendar 1.3.0 - Multiple Vulnerabilities
|
2 |
WEB
|
waraxe
|
|
2013-05-26
|
|
WordPress Plugin User Role Editor 3.12 - Cross-Site Request Forgery
|
2 |
WEB
|
Henry Hoggard
|
|
2013-05-26
|
|
Vanilla Forums 2.0.18.8 - Multiple Vulnerabilities
|
2 |
WEB
|
Henry Hoggard
|
|
2013-05-26
|
|
AVE.CMS 2.09 - 'index.php?module' Blind SQL Injection
|
1 |
WEB
|
mr.pr0n
|
|
2013-05-26
|
|
HP LaserJet Pro P1606dn - Webadmin Password Reset
|
1 |
WEB
|
m3tamantra
|
|
2005-05-25
|
|
FunkyASP AD Systems 1.1 - 'login.asp' SQL Injection
|
2 |
WEB
|
Romty
|
|
2005-05-25
|
|
PHP Poll Creator 1.0.1 - 'Poll_Vote.php' Remote File Inclusion
|
2 |
WEB
|
rash ilusion
|
|
2005-05-24
|
|
Sun JavaMail 1.x - Multiple Information Disclosure Vulnerabilities
|
2 |
WEB
|
Ricky Latt
|
|
2005-05-24
|
|
Spread The Word - Multiple SQL Injections
|
2 |
WEB
|
Lostmon
|
|
2005-05-24
|
|
Spread The Word - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Lostmon
|
|
2005-05-24
|
|
GForge 3.x - Arbitrary Command Execution
|
2 |
WEB
|
Filippo Spike Morelli
|
|
2005-05-23
|
|
PortailPHP 1.3 - 'ID' SQL Injection
|
1 |
WEB
|
CENSORED Search Vulnerabilities
|
|
2003-05-20
|
|
EJ3 TOPo 2.2 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Lostmon
|
|
2005-05-19
|
|
PHP Advanced Transfer Manager 1.21 - Arbitrary File Inclusion
|
2 |
WEB
|
Ingvar Gilbert
|
|
2005-05-19
|
|
Sun JavaMail 1.3 - API MimeMessage Infromation Disclosure
|
2 |
WEB
|
Ricky Latt
|
|
2005-05-24
|
|
HelpCenter Live! 1.0/1.2.x - Multiple Input Validation Vulnerabilities
|
2 |
WEB
|
GulfTech Security
|
|
2005-05-17
|
|
WordPress Core 1.5 - 'post.php' Cross-Site Scripting
|
1 |
WEB
|
Thomas Waldegger
|
|
2005-05-24
|
|
Fusionphp Fusion News 3.3/3.6 - X-Forworded-For PHP Script Code Injection
|
2 |
WEB
|
Network security team
|
|
2005-05-16
|
|
JGS-Portal 3.0.1/3.0.2 - 'jgs_portal_sponsor.php?id' SQL Injection
|
1 |
WEB
|
deluxe@security-project.org
|
|
2005-05-16
|
|
JGS-Portal 3.0.1/3.0.2 - 'jgs_portal_mitgraf.php?year' SQL Injection
|
2 |
WEB
|
deluxe@security-project.org
|
|
2005-05-16
|
|
JGS-Portal 3.0.1/3.0.2 - 'jgs_portal_themengraf.php?year' SQL Injection
|
2 |
WEB
|
deluxe@security-project.org
|
|
2005-05-16
|
|
JGS-Portal 3.0.1/3.0.2 - 'jgs_portal_viewsgraf.php?tag' SQL Injection
|
2 |
WEB
|
deluxe@security-project.org
|
|
2005-05-16
|
|
JGS-Portal 3.0.1/3.0.2 - 'jgs_portal_beitraggraf.php?year' SQL Injection
|
2 |
WEB
|
deluxe@security-project.org
|
|
2005-05-16
|
|
JGS-Portal 3.0.1/3.0.2 - 'jgs_portal.php?anzahl_beitraege' SQL Injection
|
1 |
WEB
|
deluxe@security-project.org
|
|
2005-05-16
|
|
JGS-Portal 3.0.1/3.0.2 - 'jgs_portal_statistik.php?year' SQL Injection
|
2 |
WEB
|
deluxe@security-project.org
|
