|
2009-10-13
|
|
Achievo 1.x - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
|
2 |
WEB
|
Ryan Dewhurst
|
|
2009-10-06
|
|
AfterLogic WebMail Pro 4.7.10 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Sébastien Duquette
|
|
2009-10-06
|
|
X-Cart Email Subscription - 'email' Cross-Site Scripting
|
1 |
WEB
|
Paulo Santos
|
|
2009-10-05
|
|
Joomla! Component CB Resume Builder - 'group_id' SQL Injection
|
2 |
WEB
|
kaMtiEz
|
|
2009-09-29
|
|
Interspire Knowledge Manager 5 - 'p' Directory Traversal
|
2 |
WEB
|
Infected Web
|
|
2009-09-28
|
|
e107 0.7.x - CAPTCHA Security Bypass / Cross-Site Scripting
|
3 |
WEB
|
MustLive
|
|
2009-09-23
|
|
IBM Lotus Connections 2.0.1 - 'simpleSearch.do' Cross-Site Scripting
|
2 |
WEB
|
IBM
|
|
2014-05-08
|
|
Cobbler 2.4.x < 2.6.x - Local File Inclusion
|
1 |
WEB
|
Dolev Farhi
|
|
2014-05-08
|
|
Collabtive 1.2 - Persistent Cross-Site Scripting
|
1 |
WEB
|
Deepak Rathore
|
|
2014-05-08
|
|
Collabtive 1.2 - SQL Injection
|
1 |
WEB
|
Deepak Rathore
|
|
2014-05-08
|
|
OpenFiler 2.99.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Dolev Farhi
|
|
2014-05-08
|
|
OpenFiler 2.99.1 - Arbitrary Code Execution
|
2 |
WEB
|
Dolev Farhi
|
|
2009-09-23
|
|
Vastal I-Tech Agent Zone - 'view_listing.php' SQL Injection
|
1 |
WEB
|
OoN_Boy
|
|
2009-09-22
|
|
Vastal I-Tech DVD Zone - 'view_mag.php' Cross-Site Scripting
|
1 |
WEB
|
OoN_Boy
|
|
2009-09-22
|
|
Vastal I-Tech DVD Zone - 'view_mag.php' SQL Injection
|
2 |
WEB
|
OoN_Boy
|
|
2009-09-22
|
|
Vastal I-Tech Cosmetics Zone - 'view_products.php' SQL Injection
|
1 |
WEB
|
OoN_Boy
|
|
2009-09-22
|
|
Joomla! Component JoomlaFacebook - SQL Injection
|
1 |
WEB
|
kaMtiEz
|
|
2009-09-22
|
|
Joomla! Component SportFusion 0.2.x - SQL Injection
|
1 |
WEB
|
kaMtiEz
|
|
2009-09-22
|
|
Maxwebportal 1.365 - 'forum.asp' SQL Injection
|
1 |
WEB
|
OoN_Boy
|
|
2009-09-19
|
|
MyBB 1.4.8 - 'search.php' SQL Injection
|
2 |
WEB
|
$qL_DoCt0r
|
|
2009-09-18
|
|
Avaya Intuity Audix LX R1.1 - Multiple Remote Vulnerabilities
|
2 |
WEB
|
pagvac
|
|
2009-09-16
|
|
TuttoPHP Morris Guestbook - 'view.php' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-09-16
|
|
Mega File Hosting Script 1.2 - 'emaillinks.php' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-09-11
|
|
Planet 2.0 - HTML Injection
|
2 |
WEB
|
Steve Kemp
|
|
2009-09-11
|
|
Joomla! Component com_mediaalert - 'id' SQL Injection
|
2 |
WEB
|
Moudi
|
|
2009-09-10
|
|
Joomla! Component com_pressrelease - 'id' SQL Injection
|
2 |
WEB
|
Moudi
|
|
2009-09-04
|
|
DvBBS 2.0 - 'boardrule.php' SQL Injection
|
2 |
WEB
|
Securitylab.ir
|
|
2009-09-03
|
|
Adobe RoboHelp Server 8 - Authentication Bypass
|
2 |
WEB
|
Intevydis
|
|
2009-08-31
|
|
MKPortal 1.x - Multiple BBCode HTML Injection Vulnerabilities
|
3 |
WEB
|
Inj3ct0r
|
|
2009-08-31
|
|
MKPortal 1.x (Multiple Modules) - Cross-Site Scripting
|
2 |
WEB
|
Inj3ct0r
|
|
2009-09-09
|
|
phpAuction 3.2 - 'lan' Remote File Inclusion
|
2 |
WEB
|
Beenu Arora
|
|
2009-07-27
|
|
68 Classifieds 4.1 - 'viewmember.php' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-07-27
|
|
68 Classifieds 4.1 - 'viewlisting.php' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-07-27
|
|
68 Classifieds 4.1 - 'toplistings.php' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-07-27
|
|
68 Classifieds 4.1 - 'searchresults.php' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-07-27
|
|
68 Classifieds 4.1 - 'login.php' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-07-27
|
|
68 Classifieds 4.1 - 'category.php' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2014-05-05
|
|
TeamHelpdesk Customer Web Service (CWS) 8.3.5 & Technician Web Access (TWA) 8.3.5 - Remote User Cred
|
2 |
WEB
|
bhamb
|
|
2009-08-28
|
|
FlexCMS 2.5 - 'CookieUsername' Cookie SQL Injection
|
2 |
WEB
|
Inj3ct0r
|
|
2009-08-25
|
|
OpenAutoClassifieds 1.5.9 - SQL Injection
|
1 |
WEB
|
Andrew Horton
|
|
2009-08-26
|
|
PHP-Fusion 6.1.18 - Multiple Information Disclosure Vulnerabilities
|
2 |
WEB
|
Inj3ct0r
|
|
2009-08-26
|
|
VideoGirls - 'view.php?p' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-08-26
|
|
VideoGirls - 'profile.php?profile_name' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-08-26
|
|
VideoGirls - 'forum.php?t' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-06-08
|
|
Computer Associates SiteMinder - Unicode Cross-Site Scripting Protection Security Bypass
|
2 |
WEB
|
Arshan Dabirsiaghi
|
|
2009-08-19
|
|
Adobe Flex SDK 3.x - 'index.template.html' Cross-Site Scripting
|
2 |
WEB
|
Adam Bixby
|
|
2009-06-08
|
|
Computer Associates SiteMinder - '%00' Cross-Site Scripting Protection Security Bypass
|
2 |
WEB
|
Arshan Dabirsiaghi
|
|
2009-08-17
|
|
DUWare DUgallery 3.0 - '/admin/edit.asp' Authentication Bypass
|
2 |
WEB
|
spymeta
|
|
2009-08-17
|
|
Adobe ColdFusion Server 8.0.1 - '/administrator/enter.cfm' Query String Cross-Site Scripting
|
2 |
WEB
|
Alexander Polyakov
|
|
2009-08-17
|
|
Adobe ColdFusion Server 8.0.1 - '/wizards/common/_logintowizard.cfm' Query String Cross-Site Scripti
|
2 |
WEB
|
Alexander Polyakov
|
|
2009-08-17
|
|
Adobe ColdFusion Server 8.0.1 - 'administrator/logviewer/searchlog.cfm?startRow' Cross-Site Scriptin
|
2 |
WEB
|
Alexander Polyakov
|
|
2009-08-17
|
|
Adobe ColdFusion Server 8.0.1 - '/wizards/common/_authenticatewizarduser.cfm' Query String Cross-Sit
|
2 |
WEB
|
Alexander Polyakov
|
|
2009-08-15
|
|
Discuz! 6.0 - '2fly_gift.php' SQL Injection
|
2 |
WEB
|
Securitylab.ir
|
|
2009-08-10
|
|
Papoo 3.x - Upload Images Arbitrary File Upload
|
2 |
WEB
|
RedTeam Pentesting GmbH
|
|
2014-05-03
|
|
Seagate BlackArmor NAS - Multiple Vulnerabilities
|
2 |
WEB
|
Shayan S
|
|
2009-08-10
|
|
ViArt CMS - 'forum_topic_new.php?forum_id' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-08-10
|
|
ViArt CMS - 'forum.php?forum_id' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2014-05-03
|
|
Crime24 Stealer Panel 1.0 - Multiple Vulnerabilities
|
1 |
WEB
|
Daisuke Dan
|
|
2009-08-10
|
|
ViArt CMS - 'forums.php?category_id' Cross-Site Scripting
|
1 |
WEB
|
Moudi
|
|
2009-08-10
|
|
SQLiteManager 1.2 - 'main.php' Cross-Site Scripting
|
1 |
WEB
|
Hadi Kiamarsi
|
|
2009-08-10
|
|
SupportPRO SupportDesk 3.0 - 'shownews.php' Cross-Site Scripting
|
3 |
WEB
|
Moudi
|
|
2009-08-07
|
|
PhotoPost PHP 3.3.1 - 'cat' Cross-Site Scripting / SQL Injection
|
1 |
WEB
|
599eme Man
|
|
2009-08-06
|
|
Alkacon OpenCMS 7.x - Multiple Input Validation Vulnerabilities
|
2 |
WEB
|
Katie French
|
|
2009-08-05
|
|
AJ Auction Pro 3.0 - 'txtkeyword' Cross-Site Scripting
|
1 |
WEB
|
599eme Man
|
|
2009-08-04
|
|
CS-Cart 2.0.5 - 'reward_points.post.php' SQL Injection
|
2 |
WEB
|
Ryan Dewhurst
|
|
2009-06-29
|
|
Censura < 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
mark99
|
|
2014-05-01
|
|
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting
|
2 |
WEB
|
Dolev Farhi
|
|
2014-05-01
|
|
Fritz!Box - Remote Command Execution
|
2 |
WEB
|
0x4148
|
|
2009-07-30
|
|
Softbiz Dating Script 1.0 - 'cat_products.php' SQL Injection
|
2 |
WEB
|
MizoZ
|
|
2009-06-30
|
|
XOOPS 2.3.3 - 'op' Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Sense of Security
|
|
2009-06-30
|
|
NTSOFT BBS E-Market Professional - Multiple Cross-Site Scripting Vulnerabilities (1)
|
2 |
WEB
|
Ivan Sanchez
|
|
2014-04-30
|
|
Beetel 450TC2 Router - Cross-Site Request Forgery (Admin Password)
|
2 |
WEB
|
shyamkumar somana
|
|
2009-06-29
|
|
Miniweb 2.0 Site Builder Module - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Moudi
|
|
2009-06-28
|
|
Matterdaddy Market 1.x - 'index.php' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-06-28
|
|
Joomla! Component Permis 1.0 (com_groups) - 'id' SQL Injection
|
2 |
WEB
|
Prince_Pwn3r
|
|
2009-06-27
|
|
Joomla! Component com_user - 'view' Open Redirection
|
2 |
WEB
|
599eme Man
|
|
2009-06-24
|
|
Pilot Group eTraining - 'lessons_login.php' Cross-Site Scripting
|
1 |
WEB
|
Moudi
|
|
2009-06-24
|
|
Pilot Group eTraining - 'news_read.php' Cross-Site Scripting
|
1 |
WEB
|
Moudi
|
|
2009-06-24
|
|
Pilot Group eTraining - 'courses_login.php' Cross-Site Scripting
|
1 |
WEB
|
Moudi
|
|
2009-06-27
|
|
AlmondSoft Classifieds Pro - 'gmap.php?addr' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-06-27
|
|
AlmondSoft Multiple Classifieds Products - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Moudi
|
|
2009-06-27
|
|
AlmondSoft Multiple Classifieds Products - 'index.php?replid' SQL Injection
|
2 |
WEB
|
Moudi
|
|
2009-06-27
|
|
Joomla! Component Almond Classifieds 7.5 - Cross-Site Scripting / SQL Injection
|
0 |
WEB
|
Moudi
|
|
2009-06-27
|
|
PG Roommate Finder Solution - 'viewprofile.php?part' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-06-27
|
|
PG Roommate Finder Solution - 'quick_search.php?part' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-06-27
|
|
AIOCP 1.4 - 'cp_html2txt.php' Remote File Inclusion
|
2 |
WEB
|
Hadi Kiamarsi
|
|
2009-06-24
|
|
XZeroScripts XZero Community Classifieds 4.97.8 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Moudi
|
|
2009-06-24
|
|
PG Matchmaking - 'services.php?show' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-06-24
|
|
PG Matchmaking - 'search.php?show' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-06-24
|
|
PG Matchmaking - 'browse_men.php?show' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-06-24
|
|
PG Matchmaking - 'browse_ladies.php?show' Cross-Site Scripting
|
3 |
WEB
|
Moudi
|
|
2009-06-23
|
|
CommuniGate Pro 5.2.14 - Web Mail URI Parsing HTML Injection
|
2 |
WEB
|
Andrea Purificato
|
|
2009-06-20
|
|
Programs Rating - 'postcomments.php?id' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-06-20
|
|
Programs Rating - 'rate.php?id' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2014-04-29
|
|
NULL NUKE CMS 2.2 - Multiple Vulnerabilities
|
2 |
WEB
|
LiquidWorm
|
|
2014-04-29
|
|
TRENDnet TEW-634GRU 1.00.23 - Multiple Vulnerabilities
|
2 |
WEB
|
SirGod
|
|
2009-06-16
|
|
PHPLive! 3.2.2 - 'request.php' SQL Injection
|
2 |
WEB
|
boom3rang
|
|
2009-06-14
|
|
Scriptsez Easy Image Downloader - 'id' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2014-04-28
|
|
WordPress Plugin iMember360 3.8.012 < 3.9.001 - Multiple Vulnerabilities
|
1 |
WEB
|
Everett Griffiths
|
|
2014-04-28
|
|
GeoCore MAX DB Ver. 7.3.3 - Blind SQL Injection
|
2 |
WEB
|
Esac
|
|
2014-04-28
|
|
Adem 0.5.1 - Local File Inclusion
|
2 |
WEB
|
JIKO
|
|
2014-04-28
|
|
ApPHP MicroBlog 1.0.1 - Remote Command Execution
|
2 |
WEB
|
LOTFREE
|
|
2009-06-06
|
|
ClanSphere 2009 - 'text' Cross-Site Scripting
|
2 |
WEB
|
599eme Man
|
|
2009-06-05
|
|
Horde 3.1 - 'Passwd' Module Cross-Site Scripting
|
2 |
WEB
|
anonymous
|
|
2009-06-01
|
|
Joomla! 1.5.x - Cross-Site Scripting / Information Disclosure
|
2 |
WEB
|
Juan Galiana Lara
|
|
2009-05-30
|
|
phpMyAdmin 3.3.0 - 'db' Cross-Site Scripting
|
2 |
WEB
|
r0t
|
|
2009-05-26
|
|
Aardvark Topsites PHP 5.2 - 'index.php' Cross-Site Scripting
|
1 |
WEB
|
anonymous
|
|
2009-05-23
|
|
Basic Analysis and Security Engine (BASE) 1.2.4 - 'readRoleCookie()' Authentication Bypass
|
2 |
WEB
|
Tim Medin
|
|
2009-05-19
|
|
DirectAdmin 1.33.6 - 'CMD_REDIRECT' Cross-Site Scripting
|
2 |
WEB
|
r0t
|
|
2009-05-15
|
|
Webmedia Explorer 5.0.9/5.10 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
intern0t
|
|
2014-04-26
|
|
ApPHP MicroBlog 1.0.1 - Multiple Vulnerabilities
|
1 |
WEB
|
JIKO
|
|
2014-04-25
|
|
Depot WiFi 1.0.0 iOS - Multiple Vulnerabilities
|
1 |
WEB
|
Vulnerability-Lab
|
|
2009-06-03
|
|
Joomla! < 1.5.11 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
|
2 |
WEB
|
Airton Torres
|
|
2009-06-02
|
|
PHP-Nuke 8.0 Downloads Module - 'query' Cross-Site Scripting
|
2 |
WEB
|
Schap Security
|
|
2014-04-25
|
|
miSecureMessages 4.0.1 - Session Management / Authentication Bypass
|
3 |
WEB
|
Jared Bird
|
|
2009-05-28
|
|
Achievo 1.3.4 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
MaXe
|
|
2009-05-15
|
|
Lussumo Vanilla 1.1.5/1.1.7 - 'updatecheck.php' Cross-Site Scripting
|
2 |
WEB
|
Gerendi Sandor Attila
|
|
2009-05-27
|
|
PHP-Nuke 8.0 - '/main/tracking/userLog.php' SQL Injection
|
2 |
WEB
|
Gerendi Sandor Attila
|
|
2009-05-22
|
|
DotNetNuke 4.9.3 - 'ErrorPage.aspx' Cross-Site Scripting
|
1 |
WEB
|
ben hawkes
|
|
2009-05-22
|
|
LxBlog - Multiple Cross-Site Scripting / SQL Injections
|
2 |
WEB
|
Securitylab.ir
|
|
2014-04-24
|
|
Alienvault 4.3.1 - SQL Injection / Cross-Site Scripting
|
1 |
WEB
|
Sasha Zivojinovic
|
|
2014-04-24
|
|
WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion
|
2 |
WEB
|
SEC Consult
|
|
2014-04-24
|
|
dompdf 0.6.0 - 'dompdf.php?read' Arbitrary File Read
|
2 |
WEB
|
Portcullis
|
|
2014-04-24
|
|
WordPress Plugin Work-The-Flow 1.2.1 - Arbitrary File Upload
|
0 |
WEB
|
nopesled
|
|
2009-05-20
|
|
Profense 2.2.20/2.4.2 - Web Application Firewall Security Bypass
|
1 |
WEB
|
EnableSecurity
|
