|
2013-03-25
|
|
Ra1NX PHP Bot - pubcall Authentication Bypass Remote Code Execution (Metasploit)
|
3 |
WEB
|
bwall
|
|
2013-03-25
|
|
vBulletin 5.0.0 Beta 11 < 5.0.0 Beta 28 - SQL Injection
|
3 |
WEB
|
Orestis Kourides
|
|
2013-03-25
|
|
ClipShare 4.1.1 - 'gid' Blind SQL Injection
|
3 |
WEB
|
Esac
|
|
2013-03-25
|
|
Free Hosting Manager 2.0.2 - Multiple SQL Injections
|
3 |
WEB
|
Saadi Siddiqui
|
|
2013-03-22
|
|
OpenCart 1.5.5.1 - 'FileManager.php' Directory Traversal Arbitrary File Access
|
3 |
WEB
|
waraxe
|
|
2013-03-22
|
|
Stradus CMS 1.0beta4 - Multiple Vulnerabilities
|
3 |
WEB
|
DaOne
|
|
2013-03-22
|
|
Slash CMS - Multiple Vulnerabilities
|
3 |
WEB
|
DaOne
|
|
2013-03-22
|
|
Flatnux CMS 2013-01.17 - 'index.php' Local File Inclusion
|
3 |
WEB
|
DaOne
|
|
2013-03-22
|
|
AContent 1.3 - Local File Inclusion
|
3 |
WEB
|
DaOne
|
|
2013-03-22
|
|
WordPress Plugin IndiaNIC FAQs Manager 1.0 - Blind SQL Injection
|
3 |
WEB
|
m3tamantra
|
|
2013-03-22
|
|
WordPress Plugin IndiaNIC FAQs Manager 1.0 - Multiple Vulnerabilities
|
3 |
WEB
|
m3tamantra
|
|
2013-03-22
|
|
StarVedia IPCamera IC502w IC502w+ v020313 - 'Username'/Password Disclosure
|
4 |
WEB
|
Todor Donev
|
|
2013-03-19
|
|
ViewGit 0.0.6 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Matthew R. Bucci
|
|
2013-03-19
|
|
Rebus:list - 'list.php?list_id' SQL Injection
|
2 |
WEB
|
Robert Cooper
|
|
2013-03-19
|
|
Verizon Fios Router MI424WR-GEN3I - Cross-Site Request Forgery
|
3 |
WEB
|
Jacob Holcomb
|
|
2013-03-19
|
|
WordPress Plugin Count Per Day 3.2.5 - 'counter.php' Cross-Site Scripting
|
3 |
WEB
|
m3tamantra
|
|
2013-03-19
|
|
WordPress Plugin Occasions 1.0.4 - Cross-Site Request Forgery
|
3 |
WEB
|
m3tamantra
|
|
2013-03-18
|
|
Joomla! Component com_rsfiles - 'cid' SQL Injection
|
3 |
WEB
|
ByEge
|
|
2013-03-18
|
|
WordPress Plugin Simply Poll 1.4.1 - Multiple Vulnerabilities
|
3 |
WEB
|
m3tamantra
|
|
2013-03-18
|
|
DaloRadius - Multiple Vulnerabilities
|
3 |
WEB
|
Saadi Siddiqui
|
|
2004-12-15
|
|
phpGroupWare 0.9.x - 'index.php' Multiple SQL Injections
|
3 |
WEB
|
GulfTech Security
|
|
2004-12-15
|
|
phpGroupWare 0.9.x - 'viewticket_details.php?ticket_id' SQL Injection
|
3 |
WEB
|
GulfTech Security
|
|
2004-12-15
|
|
phpGroupWare 0.9.x - 'viewticket_details.php?ticket_id' Cross-Site Scripting
|
3 |
WEB
|
GulfTech Security
|
|
2004-12-15
|
|
phpGroupWare 0.9.x - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
GulfTech Security
|
|
2004-12-15
|
|
IWebNegar - Multiple SQL Injections
|
3 |
WEB
|
Shervin Khaleghjou
|
|
2004-12-14
|
|
ASP-Rider - SQL Injection
|
3 |
WEB
|
Shervin Khaleghjou
|
|
2004-12-14
|
|
Active Server Corner ASP Calendar 1.0 - Administrative Access
|
3 |
WEB
|
ali reza AcTiOnSpIdEr
|
|
2004-01-12
|
|
PHPGedView 2.5/2.6 - 'Timeline.php' SQL Injection
|
3 |
WEB
|
JeiAr
|
|
2004-12-14
|
|
UseModWiki 1.0 - Wiki.pl Cross-Site Scripting
|
3 |
WEB
|
Jeremy Bae
|
|
2004-01-12
|
|
PHPGedView 2.5/2.6 - 'Placelist.php' SQL Injection
|
3 |
WEB
|
JeiAr
|
|
2004-01-12
|
|
PHPGedView 2.5/2.6 - 'calendar.php' Cross-Site Scripting
|
3 |
WEB
|
JeiAr
|
|
2004-01-12
|
|
PHPGedView 2.5/2.6 - 'Relationship.php' Cross-Site Scripting
|
3 |
WEB
|
JeiAr
|
|
2004-01-12
|
|
PHPGedView 2.5/2.6 - 'login.php' Newlanguage Cross-Site Scripting
|
3 |
WEB
|
JeiAr
|
|
2004-01-12
|
|
PHPGedView 2.5/2.6 - 'login.php?Username' Cross-Site Scripting
|
3 |
WEB
|
JeiAr
|
|
2004-01-12
|
|
PHPGedView 2.5/2.6 - 'login.php?URL' Cross-Site Scripting
|
3 |
WEB
|
JeiAr
|
|
2004-12-13
|
|
UBBCentral UBB.Threads 6.2.3/6.5 - 'online.php?Cat' Cross-Site Scripting
|
3 |
WEB
|
dw. & ms.
|
|
2004-12-13
|
|
UBBCentral UBB.Threads 6.2.3/6.5 - 'login.php?Cat' Cross-Site Scripting
|
3 |
WEB
|
dw. & ms.
|
|
2004-12-13
|
|
UBBCentral UBB.Threads 6.2.3/6.5 - 'calendar.php?Cat' Cross-Site Scripting
|
3 |
WEB
|
dw. & ms.
|
|
2004-12-13
|
|
UBBCentral UBB.Threads 6.2.3/6.5 - 'showflat.php?Cat' Cross-Site Scripting
|
3 |
WEB
|
dw. & ms.
|
|
2004-12-13
|
|
sugarsales 1.x/2.0 - Multiple Vulnerabilities
|
3 |
WEB
|
Daniel Fabian
|
|
2004-01-12
|
|
PHPGedView 2.5/2.6 - 'Gdbi_interface.php' Cross-Site Scripting
|
2 |
WEB
|
JeiAr
|
|
2004-01-12
|
|
PHPGedView 2.5/2.6 - 'Gedrecord.php' Cross-Site Scripting
|
3 |
WEB
|
JeiAr
|
|
2004-01-12
|
|
PHPGedView 2.5/2.6 - 'Imageview.php' Cross-Site Scripting
|
3 |
WEB
|
JeiAr
|
|
2004-01-12
|
|
PHPGedView 2.5/2.6 - 'Source.php' Cross-Site Scripting
|
3 |
WEB
|
JeiAr
|
|
2004-12-13
|
|
phpMyAdmin 2.x - External Transformations Remote Command Execution
|
3 |
WEB
|
Nicolas Gregoire
|
|
2004-01-12
|
|
PHPGedView 2.5/2.6 - 'Individual.php' Cross-Site Scripting
|
3 |
WEB
|
JeiAr
|
|
2004-01-12
|
|
PHPGedView 2.5/2.6 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
JeiAr
|
|
2004-01-19
|
|
PHPGedView 2.x - 'Descendancy.php' Cross-Site Scripting
|
3 |
WEB
|
JeiAr
|
|
2004-12-07
|
|
darryl burgdorf weblibs 1.0 - Directory Traversal
|
3 |
WEB
|
John Bissell
|
|
2004-12-07
|
|
Blog Torrent 0.80 - 'BTDownload.php' Cross-Site Scripting
|
3 |
WEB
|
Lostmon
|
|
2004-12-04
|
|
PAFileDB 3.1 - Error Message Full Path Disclosure
|
2 |
WEB
|
y3dips
|
|
2004-12-02
|
|
Advanced Guestbook 2.2/2.3 - Cross-Site Scripting
|
3 |
WEB
|
Emile van Elen
|
|
2004-12-02
|
|
Blog Torrent 0.8 - Directory Traversal
|
3 |
WEB
|
Steve Kemp
|
|
2004-11-30
|
|
IPCop 1.4.1 - Web Administration Interface Proxy Log HTML Injection
|
3 |
WEB
|
Paul Kurczaba
|
|
2013-03-15
|
|
Open-Xchange Server 6 - Multiple Vulnerabilities
|
3 |
WEB
|
Martin Braun
|
|
2013-03-15
|
|
ClipShare 4.1.4 - Multiple Vulnerabilities
|
3 |
WEB
|
AkaStep
|
|
2013-03-15
|
|
WordPress Plugin LeagueManager 3.8 - SQL Injection
|
3 |
WEB
|
Joshua Reynolds
|
|
2013-03-15
|
|
Cisco Video Surveillance Operations Manager 6.3.2 - Multiple Vulnerabilities
|
3 |
WEB
|
Bassem
|
|
2004-11-26
|
|
pntresmailer 6.0 - Directory Traversal
|
3 |
WEB
|
John Cobb
|
|
2004-11-26
|
|
phpCMS 1.1/1.2 - Cross-Site Scripting
|
3 |
WEB
|
Cyrille Barthelemy
|
|
2004-11-25
|
|
InShop and InMail - Cross-Site Scripting
|
3 |
WEB
|
Carlos Ulver
|
|
2004-11-24
|
|
JSPWiki 2.1 - Cross-Site Scripting
|
3 |
WEB
|
Jeremy Bae
|
|
2004-11-24
|
|
Zwiki 0.10/0.36.2 - Cross-Site Scripting
|
2 |
WEB
|
Jeremy Bae
|
|
2004-11-24
|
|
KorWeblog 1.6.2 - Remote Directory Listing
|
3 |
WEB
|
Jeremy Bae
|
|
2004-11-23
|
|
SugarCRM 1.x/2.0 Module - Traversal Arbitrary File Access
|
3 |
WEB
|
GulfTech Security
|
|
2004-11-23
|
|
SugarCRM 1.x/2.0 Module - 'record' SQL Injection
|
3 |
WEB
|
GulfTech Security
|
|
2004-11-23
|
|
Nuked-klaN 1.x - Submit Link Function HTML Injection
|
3 |
WEB
|
XioNoX
|
|
2004-11-22
|
|
PHPKIT 1.6 - Multiple Input Validation Vulnerabilities
|
3 |
WEB
|
Steve
|
|
2004-11-20
|
|
IPBProArcade 2.5 - SQL Injection
|
3 |
WEB
|
axl daivy
|
|
2004-11-18
|
|
Invision Power Board 2.0 - 'index.php' Post Action SQL Injection
|
3 |
WEB
|
anonymous
|
|
2004-11-17
|
|
phpBB 2.0.x - 'admin_cash.php' PHP Remote File Inclusion
|
3 |
WEB
|
Jerome Athias
|
|
2004-11-16
|
|
event Calendar - Multiple Vulnerabilities
|
2 |
WEB
|
Janek Vind
|
|
2013-03-13
|
|
Apache Rave 0.11 < 0.20 - User Information Disclosure
|
3 |
WEB
|
Andreas Guth
|
|
2013-03-13
|
|
Web Cookbook - Multiple SQL Injections
|
3 |
WEB
|
Saadat Ullah
|
|
2013-02-24
|
|
AirDrive HD 1.6 iPad iPhone - Multiple Vulnerabilities
|
3 |
WEB
|
Vulnerability-Lab
|
|
2004-11-14
|
|
PowerPortal 1.3 - SQL Injection
|
3 |
WEB
|
ruggine
|
|
2004-11-13
|
|
Mark Zuckerberg Thefacebook - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Alex Lanstein
|
|
2004-11-04
|
|
phpWebSite 0.7.3/0.8.x/0.9.3 - User Module HTTP Response Splitting
|
3 |
WEB
|
Maestro De-Seguridad
|
|
2004-11-12
|
|
chacmool Private Message System 1.1.3 - 'send.php' Arbitrary Message Access
|
3 |
WEB
|
digital ex
|
|
2004-11-12
|
|
chacmool Private Message System 1.1.3 - 'send.php?tid' Cross-Site Scripting
|
3 |
WEB
|
digital ex
|
|
2004-11-11
|
|
Phorum 5.0.x - 'FOLLOW.php' SQL Injection
|
3 |
WEB
|
Janek Vind
|
|
2004-11-12
|
|
Aztek Forum 4.0 - Multiple Input Validation Vulnerabilities
|
3 |
WEB
|
benji lemien
|
|
2004-11-10
|
|
webcalendar 0.9.x - Multiple Vulnerabilities
|
3 |
WEB
|
Joxean Koret
|
|
2004-11-03
|
|
TIPS MailPost 5.1.1 - Remote File Enumeration
|
2 |
WEB
|
Gemma Hughes
|
|
2004-11-03
|
|
TIPS MailPost 5.1.1 - Error Message Cross-Site Scripting
|
3 |
WEB
|
Procheckup
|
|
2004-11-03
|
|
TIPS MailPost 5.1.1 - 'APPEND' Cross-Site Scripting
|
3 |
WEB
|
Procheckup
|
|
2004-11-02
|
|
Goolery 0.3 - 'viewalbum.php?page' Cross-Site Scripting
|
3 |
WEB
|
Lostmon
|
|
2004-11-02
|
|
Goolery 0.3 - 'viewpic.php?conversation_id' Cross-Site Scripting
|
3 |
WEB
|
Lostmon
|
|
2004-11-02
|
|
WebHost Automation Helm Control Panel 3.1.x - Multiple Input Validation Vulnerabilities
|
2 |
WEB
|
Behrang Fouladi
|
|
2004-10-25
|
|
LinuxStat 2.x - Directory Traversal
|
3 |
WEB
|
anonymous
|
|
2004-10-25
|
|
MoniWiki 1.0/1.1 - 'Wiki.php' Cross-Site Scripting
|
3 |
WEB
|
Jeremy Bae
|
|
2004-10-22
|
|
Netbilling NBMEMBER Script - Information Disclosure
|
3 |
WEB
|
ls
|
|
2004-10-21
|
|
UBBCentral UBB.Threads 3.4/3.5 - 'Dosearch.php' SQL Injection
|
3 |
WEB
|
Florian Rock
|
|
2004-10-21
|
|
S9Y Serendipity 0.x - 'exit.php' HTTP Response Splitting
|
3 |
WEB
|
ChaoticEvil
|
|
2004-10-19
|
|
Jan Erdmann Jebuch 1.0 - HTML Injection
|
3 |
WEB
|
PuWu
|
|
2004-10-18
|
|
IBM Lotus Domino 6.x - Cross-Site Scripting / HTML Injection
|
3 |
WEB
|
Juan C Calderon
|
|
2004-10-18
|
|
cPanel 9.9.1 -R3 Front Page Extension - Installation Information Disclosure
|
3 |
WEB
|
Karol Wiesek
|
|
2004-10-16
|
|
CoolPHP 1.0 - Multiple Remote Input Validation Vulnerabilities
|
3 |
WEB
|
R00tCr4ck
|
|
2004-10-14
|
|
Pinnacle Systems ShowCenter 1.51 - 'SettingsBase.php' Cross-Site Scripting
|
3 |
WEB
|
Secunia Research
|
|
2004-10-13
|
|
FuseTalk Forum 4.0 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
steven
|
|
2004-10-13
|
|
SCT Campus Pipeline 1.0/2.x/3.x - 'Render.UserLayoutRootNode.uP' Cross-Site Scripting
|
3 |
WEB
|
Matthew Oyer
|
|
2004-10-11
|
|
DUforum 3.x - 'messageDetail.asp?MSG_ID' SQL Injection
|
3 |
WEB
|
Soroosh Dalili
|
|
2004-10-11
|
|
DUforum 3.x - 'messages.asp?FOR_ID' SQL Injection
|
3 |
WEB
|
Soroosh Dalili
|
|
2004-10-11
|
|
DUforum 3.x - Login Form 'Password' SQL Injection
|
3 |
WEB
|
Soroosh Dalili
|
|
2004-10-11
|
|
DUclassmate 1.x - 'account.asp?MM-recordId' Arbitrary Password Modification
|
3 |
WEB
|
Soroosh Dalili
|
|
2004-10-11
|
|
DUclassified 4.x - 'adDetail.asp' Multiple SQL Injections
|
3 |
WEB
|
Soroosh Dalili
|
|
2004-10-11
|
|
Go Smart Inc GoSmart Message Board - Multiple Input Validation Vulnerabilities
|
3 |
WEB
|
Positive Technologies
|
|
2004-10-07
|
|
WordPress Core 1.2 - 'wp-login.php' HTTP Response Splitting
|
3 |
WEB
|
Chaotic Evil
|
|
2004-10-06
|
|
Microsoft ASP.NET 1.x - URI Canonicalization Unauthorized Web Access
|
2 |
WEB
|
anonymous
|
|
2004-10-06
|
|
DCP-Portal 3.7/4.x/5.x - 'calendar.php' HTTP Response Splitting
|
3 |
WEB
|
Alexander Antipov
|
|
2004-10-06
|
|
DCP-Portal 3.7/4.x/5.x - Multiple HTML Injection Vulnerabilities
|
3 |
WEB
|
Alexander Antipov
|
|
2004-10-06
|
|
DCP-Portal 3.7/4.x/5.x - 'contents.php?cid' Cross-Site Scripting
|
3 |
WEB
|
Alexander Antipov
|
|
2004-10-06
|
|
DCP-Portal 3.7/4.x/5.x - 'news.php?cid' Cross-Site Scripting
|
2 |
WEB
|
Alexander Antipov
|
|
2004-10-06
|
|
DCP-Portal 3.7/4.x/5.x - 'announcement.php?cid' Cross-Site Scripting
|
3 |
WEB
|
Alexander Antipov
|
|
2004-10-06
|
|
DCP-Portal 3.7/4.x/5.x - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Alexander Antipov
|
|
2004-10-06
|
|
DCP-Portal 3.7/4.x/5.x - 'calendar.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Alexander Antipov
|
|
2004-10-06
|
|
BlackBoard Internet NewsBoard System 1.5.1 - Remote File Inclusion
|
2 |
WEB
|
Lin Xiaofeng
|
|
2004-10-05
|
|
PHPLinks 2.1.x - Multiple Input Validation Vulnerabilities
|
3 |
WEB
|
LSS Security
|
|
2004-09-30
|
|
W-Agora 4.1.6a - 'login.php?loginuser' Cross-Site Scripting
|
3 |
WEB
|
Alexander Antipov
|
|
2004-09-30
|
|
W-Agora 4.1.6a - 'subscribe_thread.php' HTTP Response Splitting
|
3 |
WEB
|
Alexander Antipov
|
|
2004-09-30
|
|
W-Agora 4.1.6 - 'a download_thread.php?thread' Cross-Site Scripting
|
3 |
WEB
|
Alexander Antipov
|
|
2004-09-30
|
|
W-Agora 4.1.6 - 'a forgot_password.php?userid' Cross-Site Scripting
|
3 |
WEB
|
Alexander Antipov
|
|
2004-09-30
|
|
W-Agora 4.1.6 - 'a redir_url.php?key' SQL Injection
|
3 |
WEB
|
Alexander Antipov
|
|
2004-09-28
|
|
Parachat 5.5 - Directory Traversal
|
3 |
WEB
|
Donato Ferrante
|
|
2004-09-28
|
|
WordPress Core 1.2 - 'edit-comments.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Thomas Waldegger
|
