|
2003-03-19
|
|
Basit 1.0 Submit Module - Cross-Site Scripting
|
9 |
WEB
|
Ertan Kurt
|
|
2003-03-18
|
|
Mambo Site Server 4.0.10 - 'index.php' Cross-Site Scripting
|
9 |
WEB
|
Ertan Kurt
|
|
2003-01-05
|
|
Smart Search 4.25 - Remote Command Execution
|
9 |
WEB
|
knight420
|
|
2003-03-17
|
|
MyABraCaDaWeb 1.0 - Full Path Disclosure
|
9 |
WEB
|
gregory Le Bras
|
|
2003-03-17
|
|
Kebi Academy 2001 - Input Validation
|
10 |
WEB
|
dong-h0un U
|
|
2012-10-31
|
|
WordPress Plugin foxypress 0.4.2.5 - Multiple Vulnerabilities
|
10 |
WEB
|
waraxe
|
|
2012-10-31
|
|
PG Dating Pro CMS 1.0 - Multiple Vulnerabilities
|
10 |
WEB
|
Vulnerability-Lab
|
|
2012-10-31
|
|
vam shop 1.69 - Multiple Vulnerabilities
|
11 |
WEB
|
Security Effect Team
|
|
2003-03-17
|
|
Outblaze Webmail - Cookie Authentication Bypass
|
10 |
WEB
|
dong-h0un U
|
|
2003-03-15
|
|
RSA ClearTrust 4.6/4.7 - Login Page Cross-Site Scripting
|
9 |
WEB
|
sir.mordred@hushmail.com
|
|
2003-03-12
|
|
PHP-Nuke Splatt Forum 3.2 Module - Full Path Disclosure
|
9 |
WEB
|
Rynho Zeros Web
|
|
2003-03-12
|
|
PHP-Nuke 5.5/6.0 News Module - Full Path Disclosure
|
9 |
WEB
|
Rynho Zeros Web
|
|
2003-03-12
|
|
PHP-Nuke 5.5/6.0 AvantGo Module - Full Path Disclosure
|
9 |
WEB
|
Rynho Zeros Web
|
|
2003-03-11
|
|
VPOPMail 0.9x - 'vpopmail.php' Remote Command Execution
|
10 |
WEB
|
ERRor
|
|
2003-03-07
|
|
SimpleBBS 1.0.6 - 'users.php' Insecure File Permissions
|
10 |
WEB
|
flur
|
|
2003-03-07
|
|
Wordit Logbook 098b3 - Logbook.pl Remote Command Execution
|
10 |
WEB
|
Aleksey Sintsov
|
|
2003-03-06
|
|
PHPPing 0.1 - Remote Command Execution
|
11 |
WEB
|
gregory Le Bras
|
|
2003-03-03
|
|
Webchat 0.77 - 'Defines.php' Remote File Inclusion
|
9 |
WEB
|
frog
|
|
2003-03-03
|
|
GTCatalog 0.8.16/0.9 - Remote File Inclusion
|
9 |
WEB
|
frog
|
|
2003-02-28
|
|
Typo3 3.5 b5 - HTML Hidden Form Field Information Disclosure (2)
|
9 |
WEB
|
Martin Eiszner
|
|
2003-02-28
|
|
Typo3 3.5 b5 - HTML Hidden Form Field Information Disclosure (1)
|
9 |
WEB
|
Martin Eiszner
|
|
2012-10-28
|
|
WordPress Plugin Easy Webinar - Blind SQL Injection
|
9 |
WEB
|
Robert Cooper
|
|
2003-02-28
|
|
Typo3 3.5 b5 - 'Translations.php' Remote File Inclusion
|
10 |
WEB
|
Martin Eiszner
|
|
2003-02-28
|
|
Typo3 3.5 b5 - 'showpic.php' File Enumeration
|
9 |
WEB
|
Martin Eiszner
|
|
2003-02-27
|
|
Invision Board 1.1.1 - 'ipchat.php' Remote File Inclusion
|
9 |
WEB
|
frog
|
|
2003-01-06
|
|
E-theni - Remote File Inclusion Command Execution
|
9 |
WEB
|
frog
|
|
2003-02-25
|
|
CuteNews 0.88 - 'comments.php' Remote File Inclusion
|
9 |
WEB
|
Over_G
|
|
2003-02-25
|
|
CuteNews 0.88 - 'search.php' Remote File Inclusion
|
8 |
WEB
|
Over_G
|
|
2003-02-25
|
|
CuteNews 0.88 - 'shownews.php' Remote File Inclusion
|
8 |
WEB
|
Over_G
|
|
2003-02-24
|
|
WihPhoto 0.86 dev - 'sendphoto.php' File Disclosure
|
8 |
WEB
|
frog
|
|
2003-02-24
|
|
Mambo Site Server 4.0.12 RC2 - Cookie Validation
|
8 |
WEB
|
Simen Bergo
|
|
2003-02-24
|
|
GONiCUS System Administrator 1.0 - Remote File Inclusion
|
8 |
WEB
|
Karol Wiesek
|
|
2003-02-23
|
|
Nuked-klaN 1.3 - Remote Information Disclosure
|
8 |
WEB
|
gregory Le Bras
|
|
2003-02-20
|
|
myPHPNuke 1.8.8 - 'links.php' Cross-Site Scripting
|
10 |
WEB
|
Tacettin Karadeniz
|
|
2003-02-19
|
|
PHPBB2 - 'Page_Header.php' SQL Injection
|
9 |
WEB
|
David Zentner
|
|
2003-02-19
|
|
PHP-Nuke 5.6/6.0 - Search Engine SQL Injection
|
9 |
WEB
|
David Zentner
|
|
2003-02-19
|
|
cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (4)
|
9 |
WEB
|
pokleyzz
|
|
2003-02-19
|
|
cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (3)
|
9 |
WEB
|
SPAX
|
|
2003-02-19
|
|
cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (2)
|
9 |
WEB
|
CaMaLeoN
|
|
2003-02-19
|
|
cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (1)
|
9 |
WEB
|
bob
|
|
2003-02-18
|
|
D-Forum 1 - 'footer' Remote File Inclusion
|
9 |
WEB
|
frog
|
|
2003-02-18
|
|
D-Forum 1 - 'header' Remote File Inclusion
|
9 |
WEB
|
frog
|
|
2003-02-15
|
|
DotBr 0.1 - 'Exec.php3' Remote Command Execution
|
9 |
WEB
|
frog
|
|
2003-02-15
|
|
DotBr 0.1 - 'System.php3' Remote Command Execution
|
9 |
WEB
|
frog
|
|
2003-02-15
|
|
PHP-Board 1.0 - User Password Disclosure
|
9 |
WEB
|
frog
|
|
2003-02-09
|
|
Cedric Email Reader 0.4 - Global Configuration Script Remote File Inclusion
|
9 |
WEB
|
MGhz
|
|
2003-02-09
|
|
Cedric Email Reader 0.2/0.3 - Skin Configuration Script Remote File Inclusion
|
9 |
WEB
|
MGhz
|
|
2002-04-16
|
|
FileSeek - CGI Script File Disclosure
|
9 |
WEB
|
Thijs Bosschert
|
|
2002-04-16
|
|
FileSeek CGI Script - Remote Command Execution
|
10 |
WEB
|
Thijs Bosschert
|
|
2003-02-04
|
|
TOPO 1.41 - Full Path Disclosure
|
9 |
WEB
|
Rynho Zeros Web
|
|
2012-10-24
|
|
Bitweaver 2.8.1 - Multiple Vulnerabilities
|
9 |
WEB
|
Trustwave's SpiderLabs
|
|
2003-02-03
|
|
PHP-Nuke 5.x/6.0 - Avatar HTML Injection
|
9 |
WEB
|
delusion
|
|
2003-02-03
|
|
PHPMyShop 1.0 - 'compte.php' SQL Injection
|
10 |
WEB
|
frog
|
|
2003-02-03
|
|
myphpPageTool 0.4.3-1 - Remote File Inclusion
|
10 |
WEB
|
frog
|
|
2003-01-30
|
|
Nukebrowser 2.x - Remote File Inclusion
|
9 |
WEB
|
Havenard
|
|
2000-09-13
|
|
MultiHTML 1.5 - File Disclosure
|
11 |
WEB
|
Niels Heinen
|
|
2003-01-25
|
|
FTLS Guestbook 1.1 - Script Injection
|
10 |
WEB
|
BrainRawt
|
|
2003-01-24
|
|
GNU Mailman 2.1 - Error Page Cross-Site Scripting
|
9 |
WEB
|
webmaster@procheckup.com
|
|
2003-01-24
|
|
GNU Mailman 2.1 - 'email' Cross-Site Scripting
|
9 |
WEB
|
webmaster@procheckup.com
|
|
2003-01-22
|
|
PHPOutsourcing Zorum 3.x - Remote File Inclusion Command Execution
|
9 |
WEB
|
MGhz
|
|
2003-01-22
|
|
YABB SE 0.8/1.4/1.5 - 'Packages.php' Remote File Inclusion
|
9 |
WEB
|
spabam
|
|
2003-01-20
|
|
MyRoom 3.5 GOLD - 'save_item.php' Arbitrary File Upload
|
9 |
WEB
|
frog
|
|
2003-01-17
|
|
phpBB 2.0.3 - 'privmsg.php' SQL Injection
|
10 |
WEB
|
Ulf Harnhammar
|
|
2012-10-23
|
|
ClanSphere 2011.3 - 'cs_lang' Cookie Local File Inclusion
|
9 |
WEB
|
blkhtc0rp
|
|
2003-01-16
|
|
PHPLinks 2.1.2 - Add Site HTML Injection
|
9 |
WEB
|
JeiAr
|
|
2003-01-15
|
|
PHP TopSites 2.0/2.2 - 'edit.php' SQL Injection
|
10 |
WEB
|
Cyberarmy Application
|
|
2003-01-15
|
|
PHP TopSites 2.0/2.2 - 'help.php' Cross-Site Scripting
|
9 |
WEB
|
Cyberarmy Application
|
|
2003-01-15
|
|
PHP TopSites 2.0/2.2 - HTML Injection
|
11 |
WEB
|
Cyberarmy Application
|
|
2003-01-13
|
|
Psunami Bulletin Board 0.x - 'Psunami.cgi' Remote Command Execution (2)
|
9 |
WEB
|
spabam
|
|
2003-01-13
|
|
Psunami Bulletin Board 0.x - 'Psunami.cgi' Remote Command Execution (1)
|
9 |
WEB
|
dodo
|
|
2003-01-14
|
|
vSignup 2.1 - SQL Injection
|
8 |
WEB
|
frog
|
|
2003-01-14
|
|
vAuthenticate 2.8 - SQL Injection
|
8 |
WEB
|
frog
|
|
2003-01-14
|
|
Geeklog 1.3.7 - 'Homepage User' HTML Injection
|
8 |
WEB
|
snooq
|
|
2003-01-14
|
|
Geeklog 1.3.7 - 'comment.php?cid' Cross-Site Scripting
|
8 |
WEB
|
snooq
|
|
2003-01-14
|
|
Geeklog 1.3.7 - 'users.php?uid' Cross-Site Scripting
|
8 |
WEB
|
snooq
|
|
2003-01-14
|
|
Geeklog 1.3.7 - 'profiles.php' Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
snooq
|
|
2012-10-22
|
|
ATutor 1.2 - Multiple Vulnerabilities
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2012-10-22
|
|
subrion CMS 2.2.1 - Multiple Vulnerabilities
|
9 |
WEB
|
High-Tech Bridge SA
|
|
2012-10-22
|
|
WordPress Plugin social discussions 6.1.1 - Multiple Vulnerabilities
|
8 |
WEB
|
waraxe
|
|
2012-10-22
|
|
Schoolhos CMS Beta 2.29 - 'id' SQL Injection
|
8 |
WEB
|
Cumi
|
|
2012-10-22
|
|
WordPress Plugin White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting
|
8 |
WEB
|
pcsjj
|
|
2012-10-22
|
|
Joomla! Component com_kunena - 'search' SQL Injection
|
9 |
WEB
|
D35m0nd142
|
|
2012-10-22
|
|
Joomla! Component com_commedia - 'task' SQL Injection
|
8 |
WEB
|
D4NB4R
|
|
2012-10-22
|
|
Movable Type Pro 5.13en - Persistent Cross-Site Scripting
|
8 |
WEB
|
sqlhacker
|
|
2003-01-13
|
|
W-Agora 4.1.6 - 'modules.php?File' Traversal Arbitrary File Access
|
8 |
WEB
|
sonyy
|
|
2003-01-13
|
|
W-Agora 4.1.6 - 'index.php?bn' Traversal Arbitrary File Access
|
8 |
WEB
|
sonyy
|
|
2003-01-13
|
|
PHPPass 2 - 'AccessControl.php' SQL Injection
|
8 |
WEB
|
frog
|
|
2003-01-12
|
|
YABB 1.4.1 SE - 'Reminder.php' SQL Injection
|
8 |
WEB
|
VOID.AT Security
|
|
2003-01-09
|
|
FormMail-Clone - Cross-Site Scripting
|
9 |
WEB
|
Rynho Zeros Web
|
|
2003-01-06
|
|
S8Forum 3.0 - Remote Command Execution
|
9 |
WEB
|
nmsh_sa
|
|
2003-01-06
|
|
myPHPNuke 1.8.8 - 'Default_Theme' Cross-Site Scripting
|
9 |
WEB
|
Mindwarper
|
|
2003-01-06
|
|
DCP-Portal 5.0.1 - 'lib.php?Root' Remote File Inclusion
|
10 |
WEB
|
frog
|
|
2003-01-06
|
|
DCP-Portal 5.0.1 - 'editor.php?Root' Remote File Inclusion
|
9 |
WEB
|
frog
|
|
2003-01-06
|
|
OpenTopic 2.3.1 - Private Message HTML Injection
|
9 |
WEB
|
frog
|
|
2003-01-02
|
|
N/X Web Content Management System 2002 Prerelease 1 - 'datasets.php?c_path' Local File Inclusion
|
9 |
WEB
|
frog
|
|
2003-01-02
|
|
N/X Web Content Management System 2002 Prerelease 1 - 'menu.inc.php?c_path' Remote File Inclusion
|
9 |
WEB
|
frog
|
|
2002-12-31
|
|
PEEL 1.0b - Remote File Inclusion
|
9 |
WEB
|
frog
|
|
2002-12-22
|
|
CHETCPASSWD 1.12 - Shadow File Disclosure
|
8 |
WEB
|
Victor Pereira
|
|
2002-12-22
|
|
W-Agora 4.1.6 - 'EditForm.php' Cross-Site Scripting
|
10 |
WEB
|
xatr0z
|
|
2002-12-20
|
|
SPGPartenaires 3.0.1 - 'delete.php' SQL Injection
|
9 |
WEB
|
frog
|
|
2002-12-20
|
|
SPGPartenaires 3.0.1 - 'ident.php' SQL Injection
|
9 |
WEB
|
frog
|
|
2002-12-16
|
|
Captaris Infinite WebMail 3.61.5 - HTML Injection
|
8 |
WEB
|
Pedram Amini
|
|
2002-12-16
|
|
PHP-Nuke 6.0 - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
frog
|
|
2002-12-16
|
|
PHP-Nuke 6.0 - Multiple Full Path Disclosure Vulnerabilities
|
8 |
WEB
|
frog
|
|
2012-10-19
|
|
CMSQLite 1.3.2 - Multiple Vulnerabilities
|
8 |
WEB
|
Vulnerability-Lab
|
|
2012-10-19
|
|
Joomla! Component com_tag - 'tag' SQL Injection
|
8 |
WEB
|
D4NB4R
|
|
2012-10-19
|
|
Joomla! Component com_fss 1.9.1.1447 - SQL Injection
|
8 |
WEB
|
D4NB4R
|
|
2012-10-19
|
|
ManageEngine Security Manager Plus 5.5 build 5505 - Directory Traversal
|
8 |
WEB
|
xistence
|
|
2002-12-16
|
|
PHP-Nuke 6.0 - Web Mail Script Injection
|
7 |
WEB
|
Ulf Harnhammar
|
|
2002-12-16
|
|
PHP-Nuke 6.0 - Web Mail Remote PHP Script Execution
|
7 |
WEB
|
Ulf Harnhammar
|
|
2002-12-14
|
|
MyPHPSoft MyPHPLinks 2.1.9/2.2 - SQL Injection Administration Bypassing
|
7 |
WEB
|
frog
|
|
2002-12-12
|
|
Mambo Site Server 4.0.11 - Full Path Disclosure
|
8 |
WEB
|
euronymous
|
|
2002-12-12
|
|
Mambo Site Server 4.0.11 - 'PHPInfo.php' Information Disclosure
|
8 |
WEB
|
euronymous
|
|
2002-12-12
|
|
Deerfield VisNetic WebSite 3.5.13.1 - Cross-Site Scripting
|
9 |
WEB
|
Ory Segal
|
|
2002-11-09
|
|
Xoops 1.3.5 - Private Message System Font Attributes HTML Injection
|
8 |
WEB
|
fred magistrat
|
|
2002-11-09
|
|
vBulletin 2.2.7/2.2.8 - HTML Injection
|
8 |
WEB
|
Dorin Balanica
|
|
2002-11-08
|
|
Ultimate PHP Board Board 1.0 final Beta - 'viewtopic.php' Cross-Site Scripting
|
8 |
WEB
|
euronymous
|
|
2002-11-08
|
|
Ultimate PHP Board 1.0 final Beta - 'viewtopic.php' Directory Contents Browsing
|
8 |
WEB
|
euronymous
|
|
2002-12-06
|
|
APBoard 2.0 2 - Unauthorized Thread Reading
|
9 |
WEB
|
DNA ESC
|
|
2012-10-18
|
|
WordPress Plugin FireStorm Professional Real Estate 2.06.01 - SQL Injection
|
11 |
WEB
|
Ashiyane Digital Security Team
|
|
2012-10-18
|
|
OTRS 3.1 - Persistent Cross-Site Scripting
|
10 |
WEB
|
Mike Eduard
|
|
2002-12-03
|
|
phpBB 2.0.3 - 'search.php' Cross-Site Scripting
|
9 |
WEB
|
f_a_a
|
|
2002-11-28
|
|
YaBB 1 Gold SP 1 - 'YaBB.pl' Cross-Site Scripting
|
9 |
WEB
|
Fabricio Angeletti
|
|
2002-11-27
|
|
BizDesign ImageFolio 2.x/3.0.1 - 'nph-build.cgi' Cross-Site Scripting
|
9 |
WEB
|
SecurityTracker.com
|
|
2002-11-27
|
|
BizDesign ImageFolio 2.x/3.0.1 - 'imageFolio.cgi?direct' Cross-Site Scripting
|
9 |
WEB
|
SecurityTracker.com
|
