|
2009-06-24
|
|
XZeroScripts XZero Community Classifieds 4.97.8 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Moudi
|
|
2009-06-24
|
|
PG Matchmaking - 'services.php?show' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-06-24
|
|
PG Matchmaking - 'search.php?show' Cross-Site Scripting
|
3 |
WEB
|
Moudi
|
|
2009-06-24
|
|
PG Matchmaking - 'browse_men.php?show' Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-06-24
|
|
PG Matchmaking - 'browse_ladies.php?show' Cross-Site Scripting
|
3 |
WEB
|
Moudi
|
|
2009-06-23
|
|
CommuniGate Pro 5.2.14 - Web Mail URI Parsing HTML Injection
|
4 |
WEB
|
Andrea Purificato
|
|
2009-06-20
|
|
Programs Rating - 'postcomments.php?id' Cross-Site Scripting
|
3 |
WEB
|
Moudi
|
|
2009-06-20
|
|
Programs Rating - 'rate.php?id' Cross-Site Scripting
|
3 |
WEB
|
Moudi
|
|
2014-04-29
|
|
NULL NUKE CMS 2.2 - Multiple Vulnerabilities
|
3 |
WEB
|
LiquidWorm
|
|
2014-04-29
|
|
TRENDnet TEW-634GRU 1.00.23 - Multiple Vulnerabilities
|
3 |
WEB
|
SirGod
|
|
2009-06-16
|
|
PHPLive! 3.2.2 - 'request.php' SQL Injection
|
3 |
WEB
|
boom3rang
|
|
2009-06-14
|
|
Scriptsez Easy Image Downloader - 'id' Cross-Site Scripting
|
4 |
WEB
|
Moudi
|
|
2014-04-28
|
|
WordPress Plugin iMember360 3.8.012 < 3.9.001 - Multiple Vulnerabilities
|
2 |
WEB
|
Everett Griffiths
|
|
2014-04-28
|
|
GeoCore MAX DB Ver. 7.3.3 - Blind SQL Injection
|
4 |
WEB
|
Esac
|
|
2014-04-28
|
|
Adem 0.5.1 - Local File Inclusion
|
3 |
WEB
|
JIKO
|
|
2014-04-28
|
|
ApPHP MicroBlog 1.0.1 - Remote Command Execution
|
4 |
WEB
|
LOTFREE
|
|
2009-06-06
|
|
ClanSphere 2009 - 'text' Cross-Site Scripting
|
3 |
WEB
|
599eme Man
|
|
2009-06-05
|
|
Horde 3.1 - 'Passwd' Module Cross-Site Scripting
|
3 |
WEB
|
anonymous
|
|
2009-06-01
|
|
Joomla! 1.5.x - Cross-Site Scripting / Information Disclosure
|
3 |
WEB
|
Juan Galiana Lara
|
|
2009-05-30
|
|
phpMyAdmin 3.3.0 - 'db' Cross-Site Scripting
|
3 |
WEB
|
r0t
|
|
2009-05-26
|
|
Aardvark Topsites PHP 5.2 - 'index.php' Cross-Site Scripting
|
2 |
WEB
|
anonymous
|
|
2009-05-23
|
|
Basic Analysis and Security Engine (BASE) 1.2.4 - 'readRoleCookie()' Authentication Bypass
|
3 |
WEB
|
Tim Medin
|
|
2009-05-19
|
|
DirectAdmin 1.33.6 - 'CMD_REDIRECT' Cross-Site Scripting
|
3 |
WEB
|
r0t
|
|
2009-05-15
|
|
Webmedia Explorer 5.0.9/5.10 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
intern0t
|
|
2014-04-26
|
|
ApPHP MicroBlog 1.0.1 - Multiple Vulnerabilities
|
2 |
WEB
|
JIKO
|
|
2014-04-25
|
|
Depot WiFi 1.0.0 iOS - Multiple Vulnerabilities
|
3 |
WEB
|
Vulnerability-Lab
|
|
2009-06-03
|
|
Joomla! < 1.5.11 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
|
3 |
WEB
|
Airton Torres
|
|
2009-06-02
|
|
PHP-Nuke 8.0 Downloads Module - 'query' Cross-Site Scripting
|
3 |
WEB
|
Schap Security
|
|
2014-04-25
|
|
miSecureMessages 4.0.1 - Session Management / Authentication Bypass
|
4 |
WEB
|
Jared Bird
|
|
2009-05-28
|
|
Achievo 1.3.4 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
MaXe
|
|
2009-05-15
|
|
Lussumo Vanilla 1.1.5/1.1.7 - 'updatecheck.php' Cross-Site Scripting
|
3 |
WEB
|
Gerendi Sandor Attila
|
|
2009-05-27
|
|
PHP-Nuke 8.0 - '/main/tracking/userLog.php' SQL Injection
|
5 |
WEB
|
Gerendi Sandor Attila
|
|
2009-05-22
|
|
DotNetNuke 4.9.3 - 'ErrorPage.aspx' Cross-Site Scripting
|
2 |
WEB
|
ben hawkes
|
|
2009-05-22
|
|
LxBlog - Multiple Cross-Site Scripting / SQL Injections
|
4 |
WEB
|
Securitylab.ir
|
|
2014-04-24
|
|
Alienvault 4.3.1 - SQL Injection / Cross-Site Scripting
|
2 |
WEB
|
Sasha Zivojinovic
|
|
2014-04-24
|
|
WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion
|
3 |
WEB
|
SEC Consult
|
|
2014-04-24
|
|
dompdf 0.6.0 - 'dompdf.php?read' Arbitrary File Read
|
3 |
WEB
|
Portcullis
|
|
2014-04-24
|
|
WordPress Plugin Work-The-Flow 1.2.1 - Arbitrary File Upload
|
2 |
WEB
|
nopesled
|
|
2009-05-20
|
|
Profense 2.2.20/2.4.2 - Web Application Firewall Security Bypass
|
3 |
WEB
|
EnableSecurity
|
|
2009-05-20
|
|
Kingsoft Webshield 1.1.0.62 - Cross-Site Scripting / Remote Command Execution
|
3 |
WEB
|
inking
|
|
2009-05-15
|
|
Cacti 0.8.7 - 'data_input.php' Cross-Site Scripting
|
3 |
WEB
|
fgeek
|
|
2014-04-24
|
|
Bonefire 0.7.1 - Reinstall Admin Account
|
3 |
WEB
|
Mehmet Ince
|
|
2009-05-11
|
|
Dacio's Image Gallery 1.6 - Multiple Remote Vulnerabilities
|
3 |
WEB
|
ahmadbady
|
|
2009-05-08
|
|
MagpieRSS 0.72 - Cross-Site Scripting / HTML Injection
|
3 |
WEB
|
Justin Klein Keane
|
|
2009-05-08
|
|
Claroline 1.8.11 - '/claroline/linker/notfound.php' Cross-Site Scripting
|
3 |
WEB
|
Gerendi Sandor Attila
|
|
2014-04-23
|
|
HP Laser Jet - JavaScript Persistent Cross-Site Scripting via PJL Directory Traversal
|
3 |
WEB
|
@0x00string
|
|
2009-05-06
|
|
Verlihub Control Panel 1.7 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
TEAMELITE
|
|
2009-05-05
|
|
VerliAdmin 0.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
TEAMELITE
|
|
2009-05-05
|
|
IceWarp Merak Mail Server 9.4.1 - 'Forgot Password' Input Validation
|
3 |
WEB
|
RedTeam Pentesting GmbH
|
|
2009-05-05
|
|
IceWarp Merak Mail Server 9.4.1 - 'item.php' Cross-Site Scripting
|
3 |
WEB
|
RedTeam Pentesting GmbH
|
|
2014-04-22
|
|
kitForm CRM Extension 0.43 - 'sorter.ph?sorter_value' SQL Injection
|
2 |
WEB
|
chapp
|
|
2014-04-22
|
|
No-CMS 0.6.6 rev 1 - Admin Account Hijacking / Remote Code Execution via Static Encryption Key
|
2 |
WEB
|
Mehmet Ince
|
|
2014-04-22
|
|
Sixnet Sixview 2.4.1 - Web Console Directory Traversal
|
2 |
WEB
|
daniel svartman
|
|
2009-05-05
|
|
IceWarp Merak Mail Server 9.4.1 - 'cleanHTML()' Cross-Site Scripting
|
3 |
WEB
|
RedTeam Pentesting GmbH
|
|
2009-05-05
|
|
IceWarp Merak Mail Server 9.4.1 Groupware Component - Multiple SQL Injections
|
3 |
WEB
|
RedTeam Pentesting
|
|
2009-05-03
|
|
MyBB 1.4.5 - Multiple Vulnerabilities
|
3 |
WEB
|
Jacques Copeau
|
|
2009-04-29
|
|
Coppermine Photo Gallery 1.4.21 - 'css' Cross-Site Scripting
|
3 |
WEB
|
Gerendi Sandor Attila
|
|
2009-04-27
|
|
Invision Power Board (IP.Board) 3.0 - Multiple HTML Injection / Information Disclosure Vulnerabiliti
|
3 |
WEB
|
brain[pillow]
|
|
2009-04-27
|
|
MataChat - 'input.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Am!r
|
|
2009-04-24
|
|
PuterJam's Blog PJBlog3 3.0.6 - 'action.asp' SQL Injection
|
3 |
WEB
|
anonymous
|
|
2009-04-23
|
|
CS Whois Lookup - 'ip' Remote Command Execution
|
3 |
WEB
|
SirGod
|
|
2009-04-22
|
|
Flat Calendar 1.1 - 'add.php' HTML Injection
|
3 |
WEB
|
ZoRLu
|
|
2009-04-22
|
|
New5starRating 1.0 - '/admin/control_panel_sample.php' SQL Injection
|
3 |
WEB
|
zer0day
|
|
2014-04-20
|
|
Teracom Modem T2-B-Gawv1.4U10Y-BI - Cross-Site Request Forgery
|
3 |
WEB
|
Rakesh S
|
|
2014-04-19
|
|
PTCeffect 4.6 - Local File Inclusion / SQL Injection
|
3 |
WEB
|
walid naceri
|
|
2009-04-21
|
|
Sun Java System Delegated Administrator 6.x - HTTP Response Splitting
|
3 |
WEB
|
SCS team
|
|
2009-04-20
|
|
Online Contact Manager 3.0 - 'delete.php?id' Cross-Site Scripting
|
3 |
WEB
|
Vrs-hCk
|
|
2009-04-20
|
|
Online Contact Manager 3.0 - 'edit.php?id' Cross-Site Scripting
|
3 |
WEB
|
Vrs-hCk
|
|
2009-04-20
|
|
Online Contact Manager 3.0 - 'email.php?id' Cross-Site Scripting
|
3 |
WEB
|
Vrs-hCk
|
|
2009-04-20
|
|
Online Contact Manager 3.0 - 'view.php?id' Cross-Site Scripting
|
3 |
WEB
|
Vrs-hCk
|
|
2009-04-20
|
|
Online Contact Manager 3.0 - 'index.php?showGroup' Cross-Site Scripting
|
3 |
WEB
|
Vrs-hCk
|
|
2009-04-20
|
|
Online Photo Pro 2.0 - 'section' Cross-Site Scripting
|
3 |
WEB
|
Vrs-hCk
|
|
2014-04-18
|
|
CMSimple 4.4/4.4.2 - Remote File Inclusion
|
3 |
WEB
|
NoGe
|
|
2009-04-17
|
|
Malleo 1.2.3 - 'admin.php' Local File Inclusion
|
3 |
WEB
|
Drosophila
|
|
2009-04-16
|
|
BlackBerry Enterprise Server 4.0/4.1 - MDS Connection Service Cross-Site Scripting
|
4 |
WEB
|
Ken Millar
|
|
2009-04-16
|
|
RazorCMS 0.3RC2 - Multiple Vulnerabilities
|
2 |
WEB
|
Jeremi Gosney
|
|
2009-04-16
|
|
Geeklog 1.5.2 - 'usersettings.php' SQL Injection
|
3 |
WEB
|
Nine:Situations:Group::bookoo
|
|
2009-04-16
|
|
Phorum 5.2 - 'versioncheck.php?upgrade_available' Cross-Site Scripting
|
3 |
WEB
|
voodoo-labs
|
|
2009-04-16
|
|
Phorum 5.2 - '/admin/users.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
voodoo-labs
|
|
2009-04-16
|
|
Phorum 5.2 - '/admin/banlist.php?curr' Cross-Site Scripting
|
3 |
WEB
|
voodoo-labs
|
|
2009-04-16
|
|
Phorum 5.2 - '/admin/badwords.php?curr' Cross-Site Scripting
|
3 |
WEB
|
voodoo-labs
|
|
2009-04-15
|
|
Novell Teaming 1.0 - User Enumeration / Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Michael Kirchner
|
|
2009-04-14
|
|
IBM Tivoli Continuous Data Protection for Files 3.1.4.0 - Cross-Site Scripting
|
3 |
WEB
|
Abdul-Aziz Hariri
|
|
2009-04-13
|
|
Banshee 1.4.2 DAAP Extension - '/apps/web/vs_diag.cgi' Cross-Site Scripting
|
3 |
WEB
|
Anthony de Almeida Lopes
|
|
2009-04-13
|
|
People-Trak - Login SQL Injection
|
2 |
WEB
|
Mormoroth.net
|
|
2009-04-09
|
|
Absolute Form Processor XE 1.5 - 'login.asp' SQL Injection
|
3 |
WEB
|
ThE g0bL!N
|
|
2009-04-09
|
|
Cisco Subscriber Edge Services Manager - Cross-Site Scripting / HTML Injection
|
3 |
WEB
|
Usman Saeed
|
|
2009-04-09
|
|
IBM Bladecenter Advanced Management Module 1.42 - Cross-Site Request Forgery
|
4 |
WEB
|
Henri Lindberg
|
|
2009-04-09
|
|
IBM Bladecenter Advanced Management Module 1.42 - '/private/file_Management.ssi?PATH' Cross-Site Scr
|
3 |
WEB
|
Henri Lindberg
|
|
2009-04-09
|
|
IBM Bladecenter Advanced Management Module 1.42 - Login 'Username' Cross-Site Scripting
|
2 |
WEB
|
Henri Lindberg
|
|
2009-04-02
|
|
4CMS - SQL Injection / Local File Inclusion
|
2 |
WEB
|
k1ll3r_null
|
|
2009-04-02
|
|
Asbru Web Content Management 6.5/6.6.9 - SQL Injection / Cross-Site Scripting
|
1 |
WEB
|
Patrick Webster
|
|
2009-04-02
|
|
osCommerce 2.2/3.0 - 'oscid' Session Fixation
|
2 |
WEB
|
laurent.desaulniers
|
|
2014-04-15
|
|
Xerox DocuShare - SQL Injection
|
2 |
WEB
|
Brandon Perry
|
|
2014-04-15
|
|
Netgear WNDR3400 N600 Wireless Dual Band - Multiple Vulnerabilities
|
3 |
WEB
|
Santhosh Kumar
|
|
2009-04-02
|
|
SAP Business Objects Crystal Reports 7-10 - 'viewreport.asp' Cross-Site Scripting
|
3 |
WEB
|
Bugs NotHugs
|
|
2009-03-31
|
|
Turnkey eBook Store 1.1 - 'keywords' Cross-Site Scripting
|
3 |
WEB
|
TEAMELITE
|
|
2009-03-25
|
|
Comparison Engine Power 1.0 - 'product.comparision.php' SQL Injection
|
3 |
WEB
|
SirGod
|
|
2009-04-01
|
|
BlogEngine.NET 1.4 - 'search.aspx' Cross-Site Scripting
|
3 |
WEB
|
sk
|
|
2009-03-17
|
|
phpCMS 2008 - 'search_ajax.php' SQL Injection
|
3 |
WEB
|
anonymous
|
|
2009-03-24
|
|
PHPizabi 0.8 - 'notepad_body' SQL Injection
|
3 |
WEB
|
Nine:Situations:Group::bookoo
|
|
2009-03-22
|
|
ExpressionEngine 1.6 - Avtaar Name HTML Injection
|
3 |
WEB
|
Adam Baldwin
|
|
2009-04-19
|
|
AWStats 6.4 - 'AWStats.pl' Multiple Full Path Disclosures
|
3 |
WEB
|
r0t
|
|
2014-04-14
|
|
eScan Web Management Console - Command Injection (Metasploit)
|
3 |
WEB
|
Metasploit
|
|
2014-04-14
|
|
WordPress Plugin Twitget 3.3.1 - Multiple Vulnerabilities
|
3 |
WEB
|
Tom Adams
|
|
2014-04-14
|
|
WordPress Plugin Quick Page/Post Redirect 5.0.3 - Multiple Vulnerabilities
|
3 |
WEB
|
Tom Adams
|
|
2014-04-14
|
|
PDF Album 1.7 iOS - Local File Inclusion
|
3 |
WEB
|
Vulnerability-Lab
|
|
2009-05-20
|
|
Sun Java System Communications Express 6.3 - 'UWCMain' Cross-Site Scripting
|
3 |
WEB
|
SCS team
|
|
2009-05-20
|
|
Sun Java System Communications Express 6.3 - 'search.xml' Cross-Site Scripting
|
3 |
WEB
|
SCS team
|
|
2009-03-31
|
|
Sun Java System Calendar Server 6 - 'command.shtml' Cross-Site Scripting
|
3 |
WEB
|
SCS team
|
|
2014-04-14
|
|
WordPress Theme LineNity 1.20 - Local File Inclusion
|
2 |
WEB
|
felipe andrian
|
|
2014-04-14
|
|
Sagem Fast 3304-V2 - Authentication Bypass (1)
|
3 |
WEB
|
Yassin Aboukir
|
|
2009-03-17
|
|
Sun Java System Messenger Express 6.3-0.15 - 'error' Cross-Site Scripting
|
3 |
WEB
|
syniack
|
|
2009-03-12
|
|
TikiWiki 2.2/3.0 - 'tiki-listpages.php' Cross-Site Scripting
|
3 |
WEB
|
iliz
|
|
2009-03-12
|
|
TikiWiki 2.2/3.0 - 'tiki-list_file_gallery.php' Cross-Site Scripting
|
3 |
WEB
|
iliz
|
|
2009-03-12
|
|
TikiWiki 2.2/3.0 - 'tiki-galleries.php' Cross-Site Scripting
|
3 |
WEB
|
iliz
|
|
2009-03-10
|
|
Nenriki CMS 0.5 - 'ID' Cookie SQL Injection
|
3 |
WEB
|
x0r
|
|
2009-03-09
|
|
PHORTAIL 1.2.1 - 'poster.php' Multiple HTML Injection Vulnerabilities
|
3 |
WEB
|
Jonathan Salwan
|
|
2009-03-06
|
|
TinXCMS 3.5 - 'rss.php' SQL Injection
|
3 |
WEB
|
Dmitriy Evteev
|
|
2009-03-06
|
|
UMI CMS 2.7 - 'fields_filter' Cross-Site Scripting
|
3 |
WEB
|
Dmitriy Evteev
|
|
2009-02-28
|
|
CMSCart 1.04 - 'maindatafunctions.php' SQL Injection
|
3 |
WEB
|
John Martinelli
|
|
2009-03-05
|
|
Amoot Web Directory - Password Field SQL Injection
|
3 |
WEB
|
Pouya_Server
|
|
2009-03-03
|
|
Novaboard 1.0 - HTML Injection / Cross-Site Scripting
|
3 |
WEB
|
Jose Luis Zayas
|
|
2009-03-02
|
|
Blogsa 1.0 - 'Widgets.aspx' Cross-Site Scripting
|
3 |
WEB
|
DJR
|
|
2014-04-13
|
|
Microweber CMS 0.93 - Cross-Site Request Forgery
|
3 |
WEB
|
sajith
|
