|
2005-03-11
|
|
UBBCentral UBB.Threads 6.0 - 'editpost.php' SQL Injection
|
5 |
WEB
|
ADZ Security Team
|
|
2005-03-10
|
|
All Enthusiast PhotoPost PHP Pro 5.0 - 'adm-photo.php' Arbitrary Image Manipulation
|
5 |
WEB
|
Igor Franchuk
|
|
2005-03-10
|
|
phpoutsourcing zorum 3.5 - Multiple Vulnerabilities
|
5 |
WEB
|
benjilenoob
|
|
2005-03-08
|
|
Newsscript - Access Validation
|
5 |
WEB
|
adrianc23@gmail.com
|
|
2005-03-08
|
|
PHP Arena PAFileDB 3.1 - Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
sp3x@securityreason.com
|
|
2005-03-08
|
|
YaBB 2.0 - Remote UsersRecentPosts Cross-Site Scripting
|
5 |
WEB
|
trueend5
|
|
2005-03-08
|
|
OutStart Participate Enterprise 3 - Multiple Access Validation Vulnerabilities
|
5 |
WEB
|
Altrus
|
|
2005-03-08
|
|
PHP-Fusion 5.0 - BBCode IMG Tag Script Injection
|
5 |
WEB
|
FireSt0rm
|
|
2005-03-07
|
|
Jason Hines PHPWebLog 0.4/0.5 - Remote File Inclusion
|
5 |
WEB
|
Filip Groszynski
|
|
2005-03-05
|
|
Stadtaus.Com PHP Form Mail Script 2.3 - Remote File Inclusion
|
5 |
WEB
|
mozako
|
|
2005-03-04
|
|
Stadtaus.Com Download Center Lite 1.5 - PHP Remote File Inclusion
|
5 |
WEB
|
Filip Groszynski
|
|
2005-03-03
|
|
Typo3 CMW_Linklist 1.4.1 Extension - SQL Injection
|
5 |
WEB
|
Fabian Becker
|
|
2005-03-03
|
|
D-Forum 1.11 - 'Nav.php3' Cross-Site Scripting
|
5 |
WEB
|
benjilenoob
|
|
2005-03-02
|
|
ProjectBB 0.4.5.1 - Multiple SQL Injections
|
5 |
WEB
|
benji lemien
|
|
2005-03-02
|
|
ProjectBB 0.4.5.1 - Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
benji lemien
|
|
2005-03-01
|
|
PHPNews 1.2.3/1.2.4 - 'auth.php' Remote File Inclusion
|
5 |
WEB
|
mozako
|
|
2005-03-01
|
|
PBLang Bulletin Board System 4.x - 'DelPM.php' Arbitrary Personal Message Deletion
|
5 |
WEB
|
Raven
|
|
2005-03-01
|
|
427BB 2.x - Multiple Remote HTML Injection Vulnerabilities
|
5 |
WEB
|
Hackerlounge Research Group
|
|
2005-03-01
|
|
CutePHP CuteNews 1.3.6 - 'x-forwarded-for' Script Injection
|
5 |
WEB
|
FraMe
|
|
2005-03-01
|
|
PBLang Bulletin Board System 4.x - 'SendPM.php' Directory Traversal
|
5 |
WEB
|
Raven
|
|
2005-03-01
|
|
PHPCOIN 1.2 - 'login.php' Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
Lostmon
|
|
2005-03-01
|
|
PHPCOIN 1.2 - 'mod.php' Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
Lostmon
|
|
2005-02-28
|
|
PostNuke Phoenix 0.7x - 'SHOW' SQL Injection
|
5 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-02-28
|
|
PostNuke Phoenix 0.7x - 'CATID' SQL Injection
|
5 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-02-28
|
|
phpBB 2.0.x - Authentication Bypass (3)
|
5 |
WEB
|
overdose
|
|
2005-02-28
|
|
phpBB 2.0.x - Authentication Bypass (2)
|
5 |
WEB
|
phuket
|
|
2005-02-28
|
|
phpBB 2.0.x - Authentication Bypass (1)
|
5 |
WEB
|
Paisterist
|
|
2005-02-25
|
|
CubeCart 2.0.x - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Lostmon
|
|
2005-02-24
|
|
phpWebSite 0.x - Image File Processing Arbitrary '.PHP' File Upload
|
5 |
WEB
|
tjomka
|
|
2005-02-24
|
|
PunBB 3.0/3.1 - Multiple Remote Input Validation Vulnerabilities
|
5 |
WEB
|
John Gumbel
|
|
2005-02-24
|
|
cyclades alterpath manager 1.1 - Multiple Vulnerabilities
|
5 |
WEB
|
sullo@cirt.net
|
|
2005-02-24
|
|
OOApp Guestbook - Multiple HTML Injection Vulnerabilities
|
5 |
WEB
|
m1o1d1
|
|
2005-02-24
|
|
phpMyAdmin 2.6 - Multiple Local File Inclusions
|
5 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-02-24
|
|
phpMyAdmin 2.6 - 'theme_right.css.php' Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-02-24
|
|
phpMyAdmin 2.6 - 'theme_left.css.php' Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-02-24
|
|
phpMyAdmin 2.6 - 'display_tbl_links.lib.php' Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-02-24
|
|
phpMyAdmin 2.6 - 'select_server.lib.php' Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Maksymilian Arciemowicz
|
|
2005-02-23
|
|
PBLang Bulletin Board System 4.6 - 'search.php' Cross-Site Scripting
|
4 |
WEB
|
Hackerlounge Research Group
|
|
2005-02-22
|
|
iGeneric iG Shop 1.x - Multiple SQL Injections
|
4 |
WEB
|
John Cobb
|
|
2005-02-22
|
|
Mono 1.0.5 - Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Andrey Rusyaev
|
|
2005-02-22
|
|
Biz Mail Form 2.x - Unauthorized Mail Relay
|
5 |
WEB
|
Jason Frisvold
|
|
2005-02-21
|
|
PANews 2.0 - PHP Remote Code Execution
|
5 |
WEB
|
tjomka
|
|
2005-02-21
|
|
Invision Power Board (IP.Board) 1.x/2.0.3 - SML Code Script Injection
|
5 |
WEB
|
Daniel A.
|
|
2013-05-02
|
|
D-Link DNS-323 - Multiple Vulnerabilities
|
5 |
WEB
|
sghctoma
|
|
2013-05-01
|
|
Vivotek IP Cameras - Multiple Vulnerabilities
|
5 |
WEB
|
Core Security
|
|
2013-05-01
|
|
D-Link IP Cameras - Multiple Vulnerabilities
|
5 |
WEB
|
Core Security
|
|
2005-02-19
|
|
PMachine Pro 2.4 - Remote File Inclusion
|
5 |
WEB
|
kc
|
|
2013-05-01
|
|
EggBlog 4.1.2 - Arbitrary File Upload
|
4 |
WEB
|
Pokk3rs
|
|
2005-02-19
|
|
ZeroBoard 4.1 - Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
albanian haxorz
|
|
2005-02-18
|
|
TrackerCam 5.12 - 'ComGetLogFile.php3?fm' Traversal Arbitrary File Access
|
5 |
WEB
|
Luigi Auriemma
|
|
2005-02-17
|
|
BibORB 1.3.2 Login Module - Multiple SQL Injections
|
5 |
WEB
|
Patrick Hof
|
|
2005-02-17
|
|
BibORB 1.3.2 - 'index.php' Traversal Arbitrary File Manipulation
|
5 |
WEB
|
Patrick Hof
|
|
2005-02-17
|
|
BibORB 1.3.2 - Add Database 'Description' Cross-Site Scripting
|
5 |
WEB
|
Patrick Hof
|
|
2005-02-17
|
|
BibORB 1.3.2 - 'bibindex.php?search' Cross-Site Scripting
|
5 |
WEB
|
Patrick Hof
|
|
2005-02-17
|
|
paFaq beta4 - 'comment.php' Multiple SQL Injections
|
6 |
WEB
|
pi3ch
|
|
2005-02-17
|
|
paFaq beta4 - 'search.php?search_item' SQL Injection
|
4 |
WEB
|
pi3ch
|
|
2005-02-17
|
|
paFaq beta4 - 'answer.php?offset' SQL Injection
|
5 |
WEB
|
pi3ch
|
|
2005-02-17
|
|
paFaq beta4 - 'question.php' Multiple SQL Injections
|
5 |
WEB
|
pi3ch
|
|
2005-02-17
|
|
WebCalendar 0.9.45 - SQL Injection
|
5 |
WEB
|
Michael Scovetta
|
|
2005-02-16
|
|
MercuryBoard Forum 1.0/1.1 - Cross-Site Scripting
|
5 |
WEB
|
Lostmon
|
|
2005-02-16
|
|
PaNews 2.0 - Cross-Site Scripting
|
5 |
WEB
|
pi3ch
|
|
2005-02-16
|
|
Microsoft ASP.NET 1.0/1.1 - Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabiliti
|
5 |
WEB
|
Andrey Rusyaev
|
|
2005-02-16
|
|
DCP-Portal 6.1.1 - Multiple SQL Injections
|
5 |
WEB
|
Exoduks
|
|
2005-02-16
|
|
AWStats 5.x/6.x - 'Logfile' Remote Command Execution
|
4 |
WEB
|
newbug@chroot.org
|
|
2005-02-15
|
|
osCommerce 2.2 - 'Contact_us.php' Cross-Site Scripting
|
5 |
WEB
|
John Cobb
|
|
2005-02-15
|
|
CitrusDB 0.3.6 - Arbitrary Local PHP File Inclusion
|
4 |
WEB
|
RedTeam Pentesting
|
|
2005-02-15
|
|
PHP-Nuke 6.x/7.x - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
waraxe
|
|
2004-02-15
|
|
CitrusDB 0.3.6 - Remote Authentication Bypass
|
5 |
WEB
|
RedTeam Pentesting
|
|
2005-02-15
|
|
CitrusDB 0.3.6 - 'importcc.php' CSV File SQL Injection
|
5 |
WEB
|
RedTeam Pentesting
|
|
2005-02-15
|
|
CitrusDB 0.3.6 - 'uploadcc.php' Arbitrary Database Injection
|
5 |
WEB
|
RedTeam Pentesting
|
|
2005-02-15
|
|
CitrusDB 0.3.6 - 'importcc.php' Arbitrary Database Injection
|
5 |
WEB
|
RedTeam Pentesting
|
|
2005-02-14
|
|
Brooky CubeCart 2.0.1/2.0.4 - 'index.php?language' Traversal Arbitrary File Access
|
5 |
WEB
|
John Cobb
|
|
2005-02-14
|
|
Brooky CubeCart 2.0.1/2.0.4 - 'index.php?language' Cross-Site Scripting
|
5 |
WEB
|
John Cobb
|
|
2005-02-14
|
|
AWStats 5.x/6.x - Debug Remote Information Disclosure
|
5 |
WEB
|
GHC
|
|
2005-02-09
|
|
MercuryBoard 1.1 - 'index.php' SQL Injection
|
5 |
WEB
|
Zeelock
|
|
2005-02-08
|
|
XGB 2.0 - Authentication Bypass
|
5 |
WEB
|
Albania Security Clan
|
|
2005-02-08
|
|
PHP-Fusion 4.0 - 'Viewthread.php' Information Disclosure
|
4 |
WEB
|
TheGreatOne2176
|
|
2013-04-29
|
|
Foe CMS 1.6.5 - Multiple Vulnerabilities
|
5 |
WEB
|
flux77
|
|
2013-04-26
|
|
Joomla! 3.0.3 - 'remember.php' PHP Object Injection
|
5 |
WEB
|
EgiX
|
|
2013-04-29
|
|
Ipswitch IMail 11.01 - Cross-Site Scripting
|
5 |
WEB
|
DaOne
|
|
2005-02-07
|
|
Microsoft Outlook 2003 - Web Access Login Form Remote URI redirection
|
5 |
WEB
|
Morning Wood
|
|
2005-02-02
|
|
Eurofull E-Commerce - 'Mensresp.asp' Cross-Site Scripting
|
5 |
WEB
|
Yani-ari
|
|
2005-01-28
|
|
XOOPS Module module 3.0 - Directory Traversal
|
4 |
WEB
|
Lostmon
|
|
2005-01-29
|
|
Captaris Infinite Mobile Delivery Webmail 2.6 - Full Path Disclosure
|
5 |
WEB
|
steven@lovebug.org
|
|
2005-01-28
|
|
IceWarp Web Mail 5.3 - 'accountsettings_add.html?accountid' Cross-Site Scripting
|
5 |
WEB
|
ShineShadow
|
|
2005-01-28
|
|
IceWarp Web Mail 5.3 - login.html 'Username' Cross-Site Scripting
|
5 |
WEB
|
ShineShadow
|
|
2005-01-28
|
|
alt-n WebAdmin 3.0.2 - Multiple Vulnerabilities
|
5 |
WEB
|
David A. P?rez
|
|
2005-01-27
|
|
Magic Winmail Server 4.0 (Build 1112) - 'upload.php' Traversal Arbitrary File Upload
|
5 |
WEB
|
Tan Chew Keong
|
|
2005-01-27
|
|
Magic Winmail Server 4.0 (Build 1112) - 'download.php' Traversal Arbitrary File Access
|
5 |
WEB
|
Tan Chew Keong
|
|
2005-01-25
|
|
Comdev eCommerce 3.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
SmOk3
|
|
2005-01-25
|
|
Comersus Cart 5.0/6.0 - Multiple Vulnerabilities
|
5 |
WEB
|
raf somers
|
|
2005-01-25
|
|
MercuryBoard 1.1 - Multiple Input Validation Vulnerabilities
|
5 |
WEB
|
Alberto Trivero
|
|
2005-12-25
|
|
Exponent CMS 0.95 - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
y3dips
|
|
2005-01-19
|
|
Siteman 1.1 - User Database Privilege Escalation (2)
|
5 |
WEB
|
amironline452
|
|
2005-01-19
|
|
Siteman 1.1 - User Database Privilege Escalation (1)
|
5 |
WEB
|
Noam Rathaus
|
|
2004-12-23
|
|
Wirtualna Polska WPKontakt 3.0.1 - Remote Script Execution
|
5 |
WEB
|
Poznan Supercomputing
|
|
2004-12-22
|
|
2BGal 2.5.1 - SQL Injection
|
5 |
WEB
|
zib
|
|
2004-01-27
|
|
phpGroupWare 0.9.x - 'index.php' HTML Injection
|
5 |
WEB
|
Cedric Cochin
|
|
2004-01-27
|
|
phpGroupWare 0.9.14 - 'Tables_Update.Inc.php' Remote File Inclusion
|
5 |
WEB
|
Cedric Cochin
|
|
2004-12-20
|
|
Tlen.pl 5.23.4.1 - Instant Messenger Remote Script Execution
|
5 |
WEB
|
Jaroslaw Sajko
|
|
2004-12-20
|
|
escripts software e_board 4.0 - Directory Traversal
|
5 |
WEB
|
white_e@nogimmick.org
|
|
2004-12-18
|
|
Kayako eSupport 2.x - Ticket System Multiple SQL Injections
|
5 |
WEB
|
GulfTech Security
|
|
2004-12-18
|
|
Kayako eSupport 2.x - 'index.php' Knowledgebase Cross-Site Scripting
|
5 |
WEB
|
GulfTech Security
|
|
2013-04-26
|
|
D-Link DIR-635 - Multiple Vulnerabilities
|
5 |
WEB
|
m-1-k-3
|
|
2004-12-17
|
|
WorkBoard 1.2 - Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
Lostmon
|
|
2013-04-25
|
|
phpMyAdmin 3.5.8/4.0.0-RC2 - Multiple Vulnerabilities
|
5 |
WEB
|
waraxe
|
|
2013-04-25
|
|
Hornbill Supportworks ITSM 1.0.0 - SQL Injection
|
5 |
WEB
|
Joseph Sheridan
|
|
2004-12-16
|
|
MediaWiki 1.3.x - Arbitrary Script Upload
|
4 |
WEB
|
Jeremy Bae
|
|
2004-12-16
|
|
WordPress Core 1.2.1/1.2.2 - 'moderation.php?item_approved' Cross-Site Scripting
|
4 |
WEB
|
Thomas Waldegger
|
|
2004-12-16
|
|
WordPress Core 1.2.1/1.2.2 - 'link-manager.php' Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
Thomas Waldegger
|
|
2004-12-16
|
|
WordPress Core 1.2.1/1.2.2 - 'link-categories.php?cat_id' Cross-Site Scripting
|
6 |
WEB
|
Thomas Waldegger
|
|
2004-12-16
|
|
WordPress Core 1.2.1/1.2.2 - 'link-add.php' Multiple Cross-Site Scripting Vulnerabilities
|
5 |
WEB
|
Thomas Waldegger
|
|
2004-12-16
|
|
WordPress Core 1.2.1/1.2.2 - '/wp-admin/templates.php?file' Cross-Site Scripting
|
5 |
WEB
|
Thomas Waldegger
|
|
2004-12-16
|
|
WordPress Core 1.2.1/1.2.2 - '/wp-admin/post.php?content' Cross-Site Scripting
|
5 |
WEB
|
Thomas Waldegger
|
|
2004-12-16
|
|
JSBoard 2.0.x - Arbitrary Script Upload
|
5 |
WEB
|
Jeremy Bae
|
|
2004-12-16
|
|
IkonBoard 3.x - Multiple SQL Injections
|
5 |
WEB
|
anonymous
|
|
2013-04-23
|
|
D-Link DIR-615 Rev D3 / DIR-300 Rev A - Multiple Vulnerabilities
|
5 |
WEB
|
m-1-k-3
|
|
2013-04-22
|
|
VoipNow 2.5 - Local File Inclusion
|
5 |
WEB
|
i-Hmx
|
|
2013-04-22
|
|
Joomla! Component com_civicrm 4.2.2 - Remote Code Injection
|
6 |
WEB
|
iskorpitx
|
|
2013-04-19
|
|
Nginx 0.6.x - Arbitrary Code Execution NullByte Injection
|
5 |
WEB
|
Neal Poole
|
|
2013-04-18
|
|
KrisonAV CMS 3.0.1 - Multiple Vulnerabilities
|
5 |
WEB
|
High-Tech Bridge SA
|
|
2013-04-18
|
|
Oracle WebCenter Sites Satellite Server - HTTP Header Injection
|
5 |
WEB
|
SEC Consult
|
|
2013-04-15
|
|
phpVms Virtual Airline Administration 2.1.934/2.1.935 - SQL Injection
|
5 |
WEB
|
NoGe
|
|
2013-04-15
|
|
CMSLogik 1.2.1 - Multiple Vulnerabilities
|
5 |
WEB
|
LiquidWorm
|
|
2013-04-15
|
|
Vanilla Forums Van2Shout Plugin 1.0.51 - Multiple Cross-Site Request Forgery Vulnerabilities
|
5 |
WEB
|
Henry Hoggard
|
