|
2005-04-06
|
|
Ocean12 Membership Manager Pro - Cross-Site Scripting
|
3 |
WEB
|
Zinho
|
|
2005-04-06
|
|
Active Auction House - 'WatchThisItem.asp' Cross-Site Scripting
|
3 |
WEB
|
Dcrab
|
|
2005-04-06
|
|
Active Auction House - 'sendpassword.asp' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Dcrab
|
|
2005-04-06
|
|
WebWasher CSM 4.4.1 Build 752 Conf Script - Cross-Site Scripting
|
3 |
WEB
|
Oliver Karow
|
|
2005-04-06
|
|
Active Auction House - 'account.asp?ReturnURL' Cross-Site Scripting
|
3 |
WEB
|
Dcrab
|
|
2005-04-06
|
|
Active Auction House - 'start.asp?ReturnURL' Cross-Site Scripting
|
2 |
WEB
|
Dcrab
|
|
2005-04-06
|
|
Active Auction House - 'ItemInfo.asp' SQL Injection
|
4 |
WEB
|
Dcrab
|
|
2005-04-06
|
|
Active Auction House - 'default.asp' Multiple SQL Injections
|
3 |
WEB
|
Dcrab
|
|
2005-04-06
|
|
phpBB 2.0.13 Linkz Pro Module - SQL Injection
|
3 |
WEB
|
LovER BOY
|
|
2005-04-06
|
|
phpBB 2.0.13 DLMan Pro Module - SQL Injection
|
3 |
WEB
|
LovER BOY
|
|
2005-04-06
|
|
PHP-Nuke 7.6 - 'banners.php' Cross-Site Scripting
|
3 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-04-06
|
|
PHP-Nuke 7.6 Web_Links Module - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-04-05
|
|
PHP-Nuke 6.x/7.x 'Downloads' Module - 'Lid' Cross-Site Scripting
|
2 |
WEB
|
sp3x@securityreason.com
|
|
2005-04-05
|
|
PHP-Nuke 6.x/7.x Your_Account Module - Avatarcategory Cross-Site Scripting
|
3 |
WEB
|
sp3x@securityreason.com
|
|
2005-04-05
|
|
PHP-Nuke 6.x/7.x Your_Account Module - 'Username' Cross-Site Scripting
|
3 |
WEB
|
sp3x@securityreason.com
|
|
2005-04-05
|
|
profitcode software payprocart 3.0 - Directory Traversal
|
3 |
WEB
|
Diabolic Crab
|
|
2005-04-05
|
|
ProfitCode Software PayProCart 3.0 - 'Usrdetails.php' Cross-Site Scripting
|
3 |
WEB
|
Diabolic Crab
|
|
2005-04-02
|
|
SiteEnable - SQL Injection
|
3 |
WEB
|
Zinho
|
|
2005-04-04
|
|
SonicWALL SOHO 5.1.7 - Web Interface Multiple Remote Input Validation Vulnerabilities
|
3 |
WEB
|
Oliver Karow
|
|
2005-04-03
|
|
phpMyAdmin 2.x - Convcharset Cross-Site Scripting
|
3 |
WEB
|
Oriol Torrent Santiago
|
|
2005-04-01
|
|
Alstrasoft EPay Pro 2.0 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Dcrab
|
|
2005-04-01
|
|
Alstrasoft EPay Pro 2.0 - Remote File Inclusion
|
2 |
WEB
|
Dcrab
|
|
2005-03-31
|
|
ASP-DEV XM Forum RC3 - IMG Tag Script Injection
|
3 |
WEB
|
Zinho
|
|
2005-03-31
|
|
InterAKT Online MX Shop 1.1.1 - SQL Injection
|
4 |
WEB
|
Dcrab
|
|
2005-03-29
|
|
Lighthouse Development Squirrelcart 1.5.5 - SQL Injection
|
3 |
WEB
|
Diabolic Crab
|
|
2005-03-29
|
|
Iatek IntranetApp 2.3 - 'ad_click.asp?banner_id' SQL Injection
|
3 |
WEB
|
Diabolic Crab
|
|
2005-03-29
|
|
UApplication Ublog 1.0.x - Cross-Site Scripting
|
3 |
WEB
|
PersianHacker Team
|
|
2005-03-29
|
|
CPG Dragonfly 9.0.2.0 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
mircia
|
|
2005-03-29
|
|
Chatness 2.5 - 'Message Form' HTML Injection
|
3 |
WEB
|
3nitro
|
|
2005-03-29
|
|
The Includer 1.0/1.1 - Remote File Inclusion
|
3 |
WEB
|
hoang yen
|
|
2005-03-28
|
|
ACS Blog 0.8/0.9/1.0/1.1 - 'Name' HTML Injection
|
3 |
WEB
|
Dan Crowley
|
|
2005-03-28
|
|
PhotoPost Pro 5.1 - 'showphoto.php?photo' SQL Injection
|
3 |
WEB
|
Diabolic Crab
|
|
2005-03-28
|
|
PhotoPost Pro 5.1 - 'showmembers.php?sl' SQL Injection
|
3 |
WEB
|
Diabolic Crab
|
|
2005-03-28
|
|
PhotoPost Pro 5.1 - 'Slideshow.php?photo' Cross-Site Scripting
|
3 |
WEB
|
Diabolic Crab
|
|
2005-03-28
|
|
PhotoPost Pro 5.1 - 'showmembers.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Diabolic Crab
|
|
2005-03-28
|
|
PhotoPost Pro 5.1 - 'showgallery.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Diabolic Crab
|
|
2013-05-08
|
|
ColdFusion 9-10 - Credential Disclosure
|
3 |
WEB
|
HTP
|
|
2013-05-08
|
|
MoinMoin - Arbitrary Command Execution
|
3 |
WEB
|
HTP
|
|
2005-03-29
|
|
phpCoin 1.2 - 'auxpage.php?page' Traversal Arbitrary File Access
|
3 |
WEB
|
GulfTech Security
|
|
2005-03-28
|
|
Valdersoft Shopping Cart 3.0 - Multiple Input Validation Vulnerabilities
|
3 |
WEB
|
Diabolic Crab
|
|
2005-03-28
|
|
EXoops - Multiple Input Validation Vulnerabilities
|
2 |
WEB
|
Diabolic Crab
|
|
2005-03-28
|
|
Tkai's Shoutbox - 'Query' Open Redirection
|
3 |
WEB
|
CorryL
|
|
2013-05-07
|
|
b2evolution 4.1.6 - Multiple Vulnerabilities
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2013-05-07
|
|
Cisco Linksys E4200 - Multiple Vulnerabilities
|
3 |
WEB
|
sqlhacker
|
|
2005-03-26
|
|
MagicScripts E-Store Kit-2 PayPal Edition - Remote File Inclusion
|
3 |
WEB
|
Dcrab
|
|
2005-03-26
|
|
MagicScripts E-Store Kit-2 PayPal Edition - Cross-Site Scripting
|
2 |
WEB
|
Dcrab
|
|
2005-03-26
|
|
Nuke BookMarks 0.6 - 'Marks.php' SQL Injection
|
3 |
WEB
|
Gerardo Astharot Di Giacomo
|
|
2005-03-26
|
|
Nuke BookMarks 0.6 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Gerardo Astharot Di Giacomo
|
|
2005-03-26
|
|
Nuke BookMarks 0.6 - 'Marks.php' Full Path Disclosure
|
3 |
WEB
|
Gerardo Astharot Di Giacomo
|
|
2005-03-26
|
|
ESMI PayPal StoreFront 1.7 - Cross-Site Scripting
|
2 |
WEB
|
Dcrab
|
|
2005-03-26
|
|
ESMI PayPal StoreFront 1.7 - 'products1.php?id2' SQL Injection
|
3 |
WEB
|
Dcrab
|
|
2005-03-26
|
|
ESMI PayPal StoreFront 1.7 - 'pages.php?idpages' SQL Injection
|
3 |
WEB
|
Dcrab
|
|
2005-03-25
|
|
PHPMyDirectory 10.1.3 - 'review.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
mircia
|
|
2005-03-24
|
|
Dream4 Koobi CMS 4.2.3 - 'index.php' SQL Injection
|
3 |
WEB
|
mircia
|
|
2005-03-24
|
|
Dream4 Koobi CMS 4.2.3 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
mircia
|
|
2005-03-24
|
|
Double Choco Latte 0.9.3/0.9.4 - 'main.php' Arbitrary PHP Code Execution
|
3 |
WEB
|
GulfTech Security
|
|
2004-03-24
|
|
Topic Calendar 1.0.1 - 'Calendar_Scheduler.php' Cross-Site Scripting
|
2 |
WEB
|
Alberto Trivero
|
|
2005-03-24
|
|
Oracle Reports Server 10g - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Paolo
|
|
2005-03-23
|
|
Invision Power Board 1.x/2.0 - HTML Injection
|
3 |
WEB
|
Woody Hughes
|
|
2005-03-23
|
|
PHPSysInfo 2.0/2.3 - 'system_footer.php' Cross-Site Scripting
|
3 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-03-23
|
|
PHPSysInfo 2.0/2.3 - 'sensor_program' Cross-Site Scripting
|
2 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-03-23
|
|
DigitalHive 2.0 - 'membres.php?mt' Cross-Site Scripting
|
3 |
WEB
|
benji lemien
|
|
2005-03-23
|
|
DigitalHive 2.0 - 'msg.php' Cross-Site Scripting
|
3 |
WEB
|
benji lemien
|
|
2005-03-23
|
|
Interspire ArticleLive 2005 - NewComment Cross-Site Scripting
|
3 |
WEB
|
mircia
|
|
2005-03-23
|
|
Vortex Portal 2.0 - 'content.php?act' Remote File Inclusion
|
3 |
WEB
|
Francisco Alisson
|
|
2005-03-23
|
|
Vortex Portal 2.0 - 'index.php?act' Remote File Inclusion
|
3 |
WEB
|
Francisco Alisson
|
|
2005-03-22
|
|
Phorum 3.x/5.0.x - HTTP Response Splitting
|
3 |
WEB
|
Alexander Anisimov
|
|
2005-03-22
|
|
Kayako ESupport 2.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2005-03-21
|
|
BetaParticle blog 2.0/3.0 - 'myFiles.asp' File Manipulation
|
3 |
WEB
|
farhad koosha
|
|
2005-03-21
|
|
BetaParticle blog 2.0/3.0 - 'upload.asp' Arbitrary File Upload
|
3 |
WEB
|
farhad koosha
|
|
2005-03-21
|
|
BetaParticle blog 2.0/3.0 - dbBlogMX.mdb Direct Request Database Disclosure
|
3 |
WEB
|
farhad koosha
|
|
2013-05-06
|
|
D-Link DSL-320B - Multiple Vulnerabilities
|
3 |
WEB
|
m-1-k-3
|
|
2013-05-06
|
|
OpenDocMan 1.2.6.5 - Persistent Cross-Site Scripting
|
3 |
WEB
|
drone
|
|
2013-05-06
|
|
WeBid 1.0.6 - Multiple Vulnerabilities
|
3 |
WEB
|
Ahmed Aboul-Ela
|
|
2013-05-06
|
|
Joomla! Component dj-classifieds 2.0 - Blind SQL Injection
|
3 |
WEB
|
Napsterakos
|
|
2013-05-06
|
|
Craigslist Gold - SQL Injection
|
3 |
WEB
|
Fallaga
|
|
2013-05-06
|
|
Social Site Generator 2.2 - Cross-Site Request Forgery (Add Admin)
|
3 |
WEB
|
Fallaga
|
|
2005-03-21
|
|
CzarNews 1.13/1.14 - 'headlines.php' Remote File Inclusion
|
3 |
WEB
|
brOmstar
|
|
2005-03-21
|
|
TRG News 3.0 Script - Remote File Inclusion
|
3 |
WEB
|
Frank_Reiner
|
|
2005-03-19
|
|
Ciamos 0.9.2 - 'Highlight.php' File Disclosure
|
3 |
WEB
|
Majid NT
|
|
2005-03-19
|
|
PHP-Fusion 4/5 - 'Setuser.php' HTML Injection
|
3 |
WEB
|
PersianHacker Team
|
|
2005-03-19
|
|
CoolForum 0.5/0.7/0.8 - 'register.php?login' SQL Injection
|
3 |
WEB
|
Romano
|
|
2005-03-19
|
|
CoolForum 0.5/0.7/0.8 - 'avatar.php?img' Cross-Site Scripting
|
3 |
WEB
|
Romano
|
|
2005-03-18
|
|
RunCMS 1.1 - Database Configuration Information Disclosure
|
3 |
WEB
|
Majid NT
|
|
2005-03-18
|
|
PHPOpenChat 3.0.1 - Multiple HTML Injection Vulnerabilities
|
4 |
WEB
|
PersianHacker Team
|
|
2005-03-18
|
|
Subdreamer 1.0 - SQL Injection
|
3 |
WEB
|
GHC team
|
|
2005-03-17
|
|
ACS Blog 0.8/0.9/1.0/1.1 - 'search.asp' Cross-Site Scripting
|
3 |
WEB
|
farhad koosha
|
|
2005-03-17
|
|
McNews 1.x - 'install.php' Arbitrary File Inclusion
|
3 |
WEB
|
Jonathan Whiteley
|
|
2005-03-16
|
|
PunBB 1.2.3 - Multiple HTML Injection Vulnerabilities
|
3 |
WEB
|
benji lemien
|
|
2005-03-15
|
|
PHPOpenChat 2.3.4/3.0.1 - 'ENGLISH_poc.php' Remote File Inclusion
|
3 |
WEB
|
Albania Security Clan
|
|
2005-03-15
|
|
PHPOpenChat 2.3.4/3.0.1 - 'poc.php' Remote File Inclusion
|
3 |
WEB
|
Albania Security Clan
|
|
2005-03-15
|
|
PHPOpenChat 2.3.4/3.0.1 - 'poc_loginform.php?phpbb_root_path' Remote File Inclusion
|
4 |
WEB
|
Albania Security Clan
|
|
2005-03-14
|
|
VoteBox 2.0 - 'Votebox.php' Remote File Inclusion
|
3 |
WEB
|
SmOk3
|
|
2005-03-14
|
|
PHPAdsNew 2.0.4 - 'AdFrame.php' Cross-Site Scripting
|
3 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-03-14
|
|
SimpGB 1.0 - 'Guestbook.php' SQL Injection
|
3 |
WEB
|
visus
|
|
2005-03-14
|
|
Phorum 5.0.14 - Multiple Subject and Attachment HTML Injection Vulnerabilities
|
3 |
WEB
|
Jon Oberheide
|
|
2005-03-13
|
|
HolaCMS 1.2.x/1.4.x Voting Module - Directory Traversal Remote File Corruption
|
3 |
WEB
|
Virginity Security
|
|
2005-03-14
|
|
PABox 2.0 - Post Icon HTML Injection
|
3 |
WEB
|
Rift_XT
|
|
2005-03-12
|
|
HolaCMS 1.2/1.4.x Voting Module - Remote File Corruption
|
3 |
WEB
|
Virginity Security
|
|
2005-03-12
|
|
PAFileDB 1.1.3/2.1.1/3.0/3.1 - 'category.php?start' Cross-Site Scripting
|
3 |
WEB
|
sp3x@securityreason.com
|
|
2005-03-12
|
|
PAFileDB 1.1.3/2.1.1/3.0/3.1 - 'viewall.php?start' Cross-Site Scripting
|
3 |
WEB
|
sp3x@securityreason.com
|
|
2005-03-12
|
|
PAFileDB 1.1.3/2.1.1/3.0/3.1 - 'category.php?start' SQL Injection
|
3 |
WEB
|
sp3x@securityreason.com
|
|
2005-03-12
|
|
PAFileDB 1.1.3/2.1.1/3.0/3.1 - 'viewall.php?start' SQL Injection
|
3 |
WEB
|
sp3x@securityreason.com
|
|
2005-03-11
|
|
UBBCentral UBB.Threads 6.0 - 'editpost.php' SQL Injection
|
3 |
WEB
|
ADZ Security Team
|
|
2005-03-10
|
|
All Enthusiast PhotoPost PHP Pro 5.0 - 'adm-photo.php' Arbitrary Image Manipulation
|
3 |
WEB
|
Igor Franchuk
|
|
2005-03-10
|
|
phpoutsourcing zorum 3.5 - Multiple Vulnerabilities
|
3 |
WEB
|
benjilenoob
|
|
2005-03-08
|
|
Newsscript - Access Validation
|
3 |
WEB
|
adrianc23@gmail.com
|
|
2005-03-08
|
|
PHP Arena PAFileDB 3.1 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
sp3x@securityreason.com
|
|
2005-03-08
|
|
YaBB 2.0 - Remote UsersRecentPosts Cross-Site Scripting
|
3 |
WEB
|
trueend5
|
|
2005-03-08
|
|
OutStart Participate Enterprise 3 - Multiple Access Validation Vulnerabilities
|
3 |
WEB
|
Altrus
|
|
2005-03-08
|
|
PHP-Fusion 5.0 - BBCode IMG Tag Script Injection
|
3 |
WEB
|
FireSt0rm
|
|
2005-03-07
|
|
Jason Hines PHPWebLog 0.4/0.5 - Remote File Inclusion
|
3 |
WEB
|
Filip Groszynski
|
|
2005-03-05
|
|
Stadtaus.Com PHP Form Mail Script 2.3 - Remote File Inclusion
|
3 |
WEB
|
mozako
|
|
2005-03-04
|
|
Stadtaus.Com Download Center Lite 1.5 - PHP Remote File Inclusion
|
3 |
WEB
|
Filip Groszynski
|
|
2005-03-03
|
|
Typo3 CMW_Linklist 1.4.1 Extension - SQL Injection
|
3 |
WEB
|
Fabian Becker
|
|
2005-03-03
|
|
D-Forum 1.11 - 'Nav.php3' Cross-Site Scripting
|
3 |
WEB
|
benjilenoob
|
|
2005-03-02
|
|
ProjectBB 0.4.5.1 - Multiple SQL Injections
|
3 |
WEB
|
benji lemien
|
|
2005-03-02
|
|
ProjectBB 0.4.5.1 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
benji lemien
|
|
2005-03-01
|
|
PHPNews 1.2.3/1.2.4 - 'auth.php' Remote File Inclusion
|
3 |
WEB
|
mozako
|
|
2005-03-01
|
|
PBLang Bulletin Board System 4.x - 'DelPM.php' Arbitrary Personal Message Deletion
|
3 |
WEB
|
Raven
|
|
2005-03-01
|
|
427BB 2.x - Multiple Remote HTML Injection Vulnerabilities
|
3 |
WEB
|
Hackerlounge Research Group
|
|
2005-03-01
|
|
CutePHP CuteNews 1.3.6 - 'x-forwarded-for' Script Injection
|
3 |
WEB
|
FraMe
|
|
2005-03-01
|
|
PBLang Bulletin Board System 4.x - 'SendPM.php' Directory Traversal
|
3 |
WEB
|
Raven
|
|
2005-03-01
|
|
PHPCOIN 1.2 - 'login.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Lostmon
|
|
2005-03-01
|
|
PHPCOIN 1.2 - 'mod.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Lostmon
|
