|
2014-03-27
|
|
FTP Drive + HTTP 1.0.4 iOS - Code Execution
|
2 |
WEB
|
Vulnerability-Lab
|
|
2014-03-27
|
|
Dell SonicWALL EMail Security Appliance Application 7.4.5 - Multiple Vulnerabilities
|
2 |
WEB
|
Vulnerability-Lab
|
|
2008-10-31
|
|
SpitFire Photo Pro - 'pages.php' SQL Injection
|
2 |
WEB
|
Beenu Arora
|
|
2008-10-31
|
|
phpWebSite 0.9.3 - 'links.php' SQL Injection
|
2 |
WEB
|
Beenu Arora
|
|
2008-10-29
|
|
Dorsa CMS - 'Default_.aspx' Cross-Site Scripting
|
2 |
WEB
|
Pouya_Server
|
|
2008-10-29
|
|
Extrakt Framework 0.7 - 'index.php' Cross-Site Scripting
|
1 |
WEB
|
ShockShadow
|
|
2014-03-26
|
|
IBM Tealeaf CX 8.8 - Remote OS Command Injection
|
1 |
WEB
|
drone
|
|
2014-03-26
|
|
Allied Telesis AT-RG634A ADSL Broadband Router - Web Shell
|
1 |
WEB
|
Groundworks Technologies
|
|
2008-10-29
|
|
KKE Info Media Kmita Gallery - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
cize0f
|
|
2008-10-28
|
|
KKE Info Media Kmita Catalogue 2 - 'search.php' Cross-Site Scripting
|
1 |
WEB
|
cize0f
|
|
2008-10-28
|
|
Elkagroup Image Gallery 1.0 - 'view.php' SQL Injection
|
1 |
WEB
|
G4N0K
|
|
2008-10-28
|
|
H&H Solutions WebSoccer 2.80 - 'id' SQL Injection
|
1 |
WEB
|
d3v1l
|
|
2008-10-28
|
|
H2O-CMS 3.4 - PHP Code Injection / Cookie Authentication Bypass
|
1 |
WEB
|
StAkeR
|
|
2008-10-27
|
|
Microsoft Internet Explorer 6 - ' ' Address Bar URI Spoofing
|
1 |
WEB
|
Amit Klein
|
|
2008-10-28
|
|
PHP-Nuke Nuke League Module - 'tid' Cross-Site Scripting
|
2 |
WEB
|
Ehsan_Hp200
|
|
2008-10-27
|
|
All In One 1.4 Control Panel - 'cp_polls_results.php' SQL Injection
|
1 |
WEB
|
ExSploiters
|
|
2008-10-27
|
|
bcoos 1.0.13 - 'click.php' SQL Injection
|
1 |
WEB
|
DeltahackingTEAM
|
|
2008-10-27
|
|
MyBB 1.4.2 - 'moderation.php' Cross-Site Scripting
|
1 |
WEB
|
Kellanved
|
|
2008-10-27
|
|
Tandis CMS 2.5 - 'index.php' Multiple SQL Injections
|
1 |
WEB
|
G4N0K
|
|
2008-10-27
|
|
bcoos 1.0.13 - 'common.php' Remote File Inclusion
|
1 |
WEB
|
Cru3l.b0y
|
|
2008-10-27
|
|
phpMyAdmin 3.0.1 - 'pmd_pdf.php' Cross-Site Scripting
|
1 |
WEB
|
Hadi Kiamarsi
|
|
2008-10-24
|
|
iPeGuestbook 1.7/2.0 - 'pg' Cross-Site Scripting
|
1 |
WEB
|
Ghost Hacker
|
|
2008-10-23
|
|
Adam Wright HTMLTidy 0.5 - 'html-tidy-logic.php' Cross-Site Scripting
|
2 |
WEB
|
ShockShadow
|
|
2008-10-23
|
|
ClipShare Pro 4.0 - 'fullscreen.php' Cross-Site Scripting
|
0 |
WEB
|
ShockShadow
|
|
2008-10-23
|
|
Jetbox CMS 2.1 - 'liste' Cross-Site Scripting
|
1 |
WEB
|
Omer Singer
|
|
2008-10-23
|
|
UC Gateway Investment SiteEngine 5.0 - 'announcements.php' SQL Injection
|
1 |
WEB
|
xuanmumu
|
|
2008-10-23
|
|
UC Gateway Investment SiteEngine 5.0 - 'api.php' Open Redirection
|
1 |
WEB
|
xuanmumu
|
|
2008-10-23
|
|
Osprey 1.0a4.1 - 'ListRecords.php' Multiple Remote File Inclusions
|
1 |
WEB
|
BoZKuRTSeRDaR
|
|
2014-03-26
|
|
OpenCart 1.5.6.1 - 'openbay' Multiple SQL Injections
|
1 |
WEB
|
Saadi Siddiqui
|
|
2014-03-26
|
|
InterWorx Control Panel 5.0.13 build 574 - 'xhr.php?i' SQL Injection
|
1 |
WEB
|
Eric Flokstra
|
|
2014-03-25
|
|
qEngine CMS 6.0.0 - Multiple Vulnerabilities
|
1 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Kemana Directory 1.5.6 - 'qvc_init()' Cookie Poisoning CAPTCHA Bypass
|
1 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Kemana Directory 1.5.6 - Database Backup Disclosure
|
1 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Kemana Directory 1.5.6 - 'task.php' Local File Inclusion
|
1 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Kemana Directory 1.5.6 - Remote Code Execution
|
2 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Kemana Directory 1.5.6 - kemana_admin_passwd Cookie User Password Hash Disclosure
|
1 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Cart Engine 3.0.0 - Database Backup Disclosure
|
1 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Cart Engine 3.0.0 - 'task.php' Local File Inclusion
|
0 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Cart Engine 3.0.0 - Remote Code Execution
|
1 |
WEB
|
LiquidWorm
|
|
2014-03-25
|
|
Getsimple CMS 3.3.1 - Persistent Cross-Site Scripting
|
2 |
WEB
|
Jeroen - IT Nerdbox
|
|
2008-10-21
|
|
Bahar Download Script 2.0 - 'aspkat.asp' SQL Injection
|
1 |
WEB
|
CyberGrup Lojistik
|
|
2008-10-21
|
|
PHPhotoGallery 0.92 - 'index.php' SQL Injection
|
1 |
WEB
|
KnocKout
|
|
2008-10-21
|
|
Dizi Portali - 'diziler.asp' SQL Injection
|
1 |
WEB
|
CyberGrup Lojistik
|
|
2008-10-20
|
|
PHP-Nuke Sarkilar Module - 'id' SQL Injection
|
1 |
WEB
|
r45c4l
|
|
2008-10-20
|
|
Jetbox CMS 2.1 - '/admin/cms/nav.php?nav_id' SQL Injection
|
1 |
WEB
|
Omer Singer
|
|
2008-10-20
|
|
Jetbox CMS 2.1 - '/admin/cms/images.php?orderby' SQL Injection
|
1 |
WEB
|
Omer Singer
|
|
2008-10-17
|
|
FlashChat - 'connection.php' Role Filter Security Bypass
|
1 |
WEB
|
eLiSiA
|
|
2008-10-16
|
|
Habari 0.5.1 - 'habari_username' Cross-Site Scripting
|
1 |
WEB
|
faithlove
|
|
2008-10-14
|
|
SweetCMS 1.5.2 - 'index.php' SQL Injection
|
1 |
WEB
|
Dapirates
|
|
2008-10-14
|
|
Elxis CMS 2008.1 - PHPSESSID Variable Session Fixation
|
1 |
WEB
|
faithlove
|
|
2008-10-14
|
|
Elxis CMS 2008.1 - '/modules/mod_language.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
faithlove
|
|
2008-10-14
|
|
Webscene eCommerce - 'productlist.php' SQL Injection
|
1 |
WEB
|
Angela Chang
|
|
2008-10-13
|
|
ASP Indir Iltaweb Alisveris Sistemi - 'xurunler.asp' SQL Injection
|
0 |
WEB
|
tRoot
|
|
2014-03-24
|
|
BigDump 0.35b - Arbitrary File Upload
|
2 |
WEB
|
felipe andrian
|
|
2008-10-11
|
|
EEB-CMS 0.95 - 'index.php' Cross-Site Scripting
|
2 |
WEB
|
d3v1l
|
|
2008-10-11
|
|
Joomla! Component com_jeux - 'id' SQL Injection
|
2 |
WEB
|
H!tm@N
|
|
2008-10-08
|
|
DFFFrameworkAPI - 'DFF_config[dir_include]' Multiple Remote File Inclusions
|
2 |
WEB
|
GoLd_M
|
|
2008-10-08
|
|
Opera Web Browser 8.51 - URI redirection Remote Code Execution
|
2 |
WEB
|
MATASANOS
|
|
2008-10-06
|
|
PHP Web Explorer 0.99b - 'edit.php?File' Traversal Local File Inclusion
|
2 |
WEB
|
Pepelux
|
|
2008-10-06
|
|
PHP Web Explorer 0.99b - 'main.php?refer' Traversal Local File Inclusion
|
1 |
WEB
|
Pepelux
|
|
2008-10-06
|
|
Simple Machines Forum (SMF) 1.1.6 - 'POST' Filter Security Bypass
|
2 |
WEB
|
WHK
|
|
2008-10-03
|
|
AmpJuke 0.7.5 - 'index.php' SQL Injection
|
2 |
WEB
|
S_DLA_S
|
|
2008-10-05
|
|
VeriSign Kontiki Delivery Management System 5.0 - 'action' Cross-Site Scripting
|
3 |
WEB
|
Mazin Faour
|
|
2008-10-03
|
|
Website Directory - 'index.php' Cross-Site Scripting
|
2 |
WEB
|
Ghost Hacker
|
|
2008-10-02
|
|
Dreamcost HostAdmin 3.1 - 'index.php' Cross-Site Scripting
|
2 |
WEB
|
Am!r
|
|
2008-10-01
|
|
WikyBlog 1.7.1 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Omer Singer
|
|
2008-10-01
|
|
H-Sphere WebShell 4.3.10 - 'actions.php' Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
C1c4Tr1Z
|
|
2008-10-01
|
|
Celoxis - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
teuquooch1seero
|
|
2008-09-30
|
|
A4Desk Event Calendar - 'v' Remote File Inclusion
|
2 |
WEB
|
Lo$er
|
|
2008-09-29
|
|
WordPress MU 1.2/1.3 - '/wp-admin/wpmu-blogs.php' Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Juan Galiana Lara
|
|
2008-09-29
|
|
CAcert - 'analyse.php' Cross-Site Scripting
|
2 |
WEB
|
Alexander Klink
|
|
2008-09-29
|
|
PHPJabbers Post Comments 3.0 - Cookie Authentication Bypass
|
2 |
WEB
|
Crackers_Child
|
|
2014-03-22
|
|
LifeSize UVC 1.2.6 - (Authenticated) Remote Code Execution
|
2 |
WEB
|
Brandon Perry
|
|
2008-09-27
|
|
Recipe Script - 'search.php' Cross-Site Scripting
|
1 |
WEB
|
Ghost Hacker
|
|
2008-09-27
|
|
Membership Script - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Ghost Hacker
|
|
2008-09-27
|
|
ClickBank Portal - 'search.php' Cross-Site Scripting
|
1 |
WEB
|
Ghost Hacker
|
|
2008-09-27
|
|
Lyrics Script - 'search_results.php' Cross-Site Scripting
|
1 |
WEB
|
Ghost Hacker
|
|
2008-09-27
|
|
WhoDomLite 1.1.3 - 'wholite.cgi' Cross-Site Scripting
|
1 |
WEB
|
Ghost Hacker
|
|
2008-09-26
|
|
Barcode Generator 2.0 - 'LSTable.php' Remote File Inclusion
|
0 |
WEB
|
Br0k3n H34rT
|
|
2008-09-25
|
|
OpenNMS 1.5.x - 'filter' Cross-Site Scripting
|
1 |
WEB
|
d2d
|
|
2008-09-25
|
|
OpenNMS 1.5.x - 'Username' Cross-Site Scripting
|
1 |
WEB
|
d2d
|
|
2008-09-25
|
|
OpenNMS 1.5.x - 'j_username' Cross-Site Scripting
|
1 |
WEB
|
d2d
|
|
2008-09-25
|
|
Vikingboard 0.2 Beta - 'register.php' SQL Column Truncation Unauthorized Access
|
2 |
WEB
|
StAkeR
|
|
2008-09-25
|
|
Flatpress 0.804 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Fabian Fingerle
|
|
2008-09-25
|
|
Libra File Manager 1.18/2.0 - 'fileadmin.php' Local File Inclusion
|
1 |
WEB
|
Pepelux
|
|
2008-09-25
|
|
EasyRealtorPRO 2008 - 'site_search.php' Multiple SQL Injections
|
1 |
WEB
|
David Sopas
|
|
2008-09-24
|
|
Drupal Module Ajax Checklist 5.x-1.0 - Multiple SQL Injections
|
1 |
WEB
|
Justin C. Klein Keane
|
|
2008-09-23
|
|
InterTech WCMS - 'etemplate.php' SQL Injection
|
1 |
WEB
|
GeNiUs IrAQI
|
|
2008-09-23
|
|
Omnicom Content Platform - 'browser.asp' Directory Traversal
|
1 |
WEB
|
AlbaniaN-[H]
|
|
2008-09-23
|
|
Datalife Engine CMS 7.2 - 'admin.php' Cross-Site Scripting
|
1 |
WEB
|
Hadi Kiamarsi
|
|
2008-09-22
|
|
6rbScript - 'cat.php' SQL Injection
|
1 |
WEB
|
Karar Alshami
|
|
2008-09-20
|
|
Achievo 1.3.2 - 'atknodetype' Cross-Site Scripting
|
1 |
WEB
|
Rohit Bansal
|
|
2008-09-21
|
|
BlueCUBE CMS - 'tienda.php' SQL Injection
|
1 |
WEB
|
r45c4l
|
|
2008-09-22
|
|
BLUEPAGE CMS 2.5 - 'PHPSESSID' Session Fixation
|
1 |
WEB
|
David Vieira-Kurz
|
|
2008-09-22
|
|
xt:Commerce 3.04 - 'XTCsid' Session Fixation
|
1 |
WEB
|
David Vieira-Kurz
|
|
2008-09-22
|
|
xt:Commerce 3.04 - 'advanced_search_result.php?keywords' Cross-Site Scripting
|
1 |
WEB
|
David Vieira-Kurz
|
|
2008-09-22
|
|
Fuzzylime (cms) 3.0 - 'usercheck.php' Cross-Site Scripting
|
1 |
WEB
|
Fabian Fingerle
|
|
2008-09-22
|
|
MapCal 0.1 - 'id' SQL Injection
|
1 |
WEB
|
0x90
|
|
2008-09-22
|
|
UNAK-CMS - Cookie Authentication Bypass
|
1 |
WEB
|
Ciph3r
|
|
2008-09-22
|
|
rgb72 WCMS 1.0 - 'index.php' SQL Injection
|
0 |
WEB
|
CWH Underground
|
|
2008-09-21
|
|
eXtrovert software Thyme 1.3 - 'add_calendars.php' Cross-Site Scripting
|
1 |
WEB
|
DigiTrust Group
|
|
2008-09-19
|
|
PHP Pro Bid 5.2.4/6.04 - Multiple SQL Injections
|
1 |
WEB
|
Jan Van Niekerk
|
|
2008-09-19
|
|
Parallels H-Sphere 3.0/3.1 - 'login.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
t0fx
|
|
2008-09-19
|
|
HyperStop WebHost Directory 1.2 - Database Disclosure
|
1 |
WEB
|
r45c4l
|
|
2008-09-18
|
|
Sama Educational Management System - 'error.asp' Cross-Site Scripting
|
1 |
WEB
|
Lagon666
|
|
2008-09-17
|
|
Add a link 4 - Security Bypass / SQL Injection
|
1 |
WEB
|
JosS
|
|
2008-09-17
|
|
Quick Cart 3.1 - 'admin.php' Cross-Site Scripting
|
1 |
WEB
|
John Cobb
|
|
2008-09-17
|
|
Cars & Vehicle - 'page.php' SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-09-16
|
|
Quick CMS Lite 2.1 - 'admin.php' Cross-Site Scripting
|
1 |
WEB
|
John Cobb
|
|
2014-03-20
|
|
D-Link DIR-600L AX 1.00 - Cross-Site Request Forgery
|
2 |
WEB
|
Dhruv Shah
|
|
2008-09-15
|
|
phpMyAdmin 3.2 - 'server_databases.php' Remote Command Execution
|
2 |
WEB
|
Norman Hippert
|
|
2014-03-20
|
|
OXID eShop < 4.7.11/5.0.11 / < 4.8.4/5.1.4 - Multiple Vulnerabilities
|
2 |
WEB
|
//sToRm
|
|
2014-03-20
|
|
Wireless Drive 1.1.0 iOS - Multiple Web Vulnerabilities
|
2 |
WEB
|
Vulnerability-Lab
|
|
2014-03-19
|
|
Array Networks vxAG 9.2.0.34 and vAPV 8.3.2.17 - Multiple Vulnerabilities
|
1 |
WEB
|
xistence
|
|
2014-03-19
|
|
McAfee Asset Manager 6.6 - Multiple Vulnerabilities
|
0 |
WEB
|
Brandon Perry
|
|
2008-09-12
|
|
QuicO - 'photo.php' SQL Injection
|
1 |
WEB
|
Beenu Arora
|
|
2008-09-12
|
|
Paranews 3.4 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Xylitol
|
|
2008-09-12
|
|
Dynamic MP3 Lister 2.0.1 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Xylitol
|
|
2008-09-11
|
|
Nooms 1.1 - 'search.php?q' Cross-Site Scripting
|
1 |
WEB
|
Dr.Crash
|
|
2008-09-11
|
|
Nooms 1.1 - 'smileys.php?page_id' Cross-Site Scripting
|
2 |
WEB
|
Dr.Crash
|
|
2008-09-10
|
|
Hot Links SQL-PHP - 'news.php' SQL Injection
|
1 |
WEB
|
r45c4l
|
|
2008-09-10
|
|
Horde 3.2 - MIME Attachment Filename Insufficient Filtering Cross-Site Scripting
|
1 |
WEB
|
Alexios Fakos
|
|
2008-09-10
|
|
Horde Application Framework 3.2.1 - Forward Slash Insufficient Filtering Cross-Site Scripting
|
1 |
WEB
|
Alexios Fakos
|
|
2008-09-10
|
|
AvailScript Job Portal Script - 'applynow.php' SQL Injection
|
1 |
WEB
|
InjEctOr5
|
|
2008-09-10
|
|
Jaw Portal 1.2 - 'index.php' Multiple Local File Inclusions
|
1 |
WEB
|
SirGod
|
