|
2008-02-02
|
|
ITechClassifieds - 'viewcat.php?CatID' Cross-Site Scripting
|
3 |
WEB
|
Crackers_Child
|
|
2008-02-02
|
|
ITechClassifieds - 'viewcat.php?CatID' SQL Injection
|
3 |
WEB
|
Crackers_Child
|
|
2008-02-02
|
|
WordPress Plugin WP-Footnotes 2.2 - Multiple Remote Vulnerabilities
|
2 |
WEB
|
NBBN
|
|
2008-02-02
|
|
Domain Trader 2.0 - 'catalog.php' Cross-Site Scripting
|
2 |
WEB
|
Crackers_Child
|
|
2014-01-20
|
|
BLUE COM Router 5360/52018 - Password Reset
|
2 |
WEB
|
KAI
|
|
2014-01-20
|
|
Teracom Modem T2-B-Gawv1.4U10Y-BI - Persistent Cross-Site Scripting
|
2 |
WEB
|
Rakesh S
|
|
2014-01-20
|
|
AfterLogic Pro and Lite 7.1.1.1 - Persistent Cross-Site Scripting
|
2 |
WEB
|
Saeed reza Zamanian
|
|
2014-01-20
|
|
Doodle4Gift - Multiple Vulnerabilities
|
2 |
WEB
|
Dr.NaNo
|
|
2008-02-01
|
|
Archimede Net 2000 - 'E-Guest_show.php' SQL Injection
|
2 |
WEB
|
Sw33t h4cK3r
|
|
2008-01-31
|
|
Nilson's Blogger 0.11 - 'comments.php' Local File Inclusion
|
2 |
WEB
|
muuratsalo
|
|
2008-01-31
|
|
Liferay Enterprise Portal 4.3.6 - User-Agent HTTP Header Cross-Site Scripting
|
2 |
WEB
|
Tomasz Kuczynski
|
|
2007-10-10
|
|
OpenBSD 4.1 - bgplg 'cmd' Cross-Site Scripting
|
2 |
WEB
|
Anton Karpov
|
|
2008-01-30
|
|
YeSiL KoRiDoR Ziyaretçi Defteri - 'index.php' SQL Injection
|
2 |
WEB
|
ShaFuck31
|
|
2008-01-30
|
|
webSPELL 4.1.2 - 'whoisonline.php' Cross-Site Scripting
|
4 |
WEB
|
NBBN
|
|
2008-01-30
|
|
Joomla! / Mambo Component com_buslicense - 'aid' SQL Injection
|
3 |
WEB
|
S@BUN
|
|
2008-01-29
|
|
AmpJuke 0.7 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
ShaFuck31
|
|
2008-01-20
|
|
Nucleus CMS 3.22 - 'action.php' Cross-Site Scripting
|
3 |
WEB
|
Alexandr Polyakov
|
|
2008-01-29
|
|
SunGard Banner Student 7.3 - 'add1' Cross-Site Scripting
|
3 |
WEB
|
Brendan M. Hickey
|
|
2008-01-28
|
|
VB Marketing - 'tseekdir.cgi' Local File Inclusion
|
3 |
WEB
|
Sw33t h4cK3r
|
|
2008-01-28
|
|
ASPired2Protect Login Page - SQL Injection
|
3 |
WEB
|
T_L_O_T_D
|
|
2008-01-28
|
|
eTicket 1.5.6-RC4 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
jekil
|
|
2008-01-28
|
|
Mambo Module MOStlyCE 2.4 Image Manager Utility - Arbitrary File Upload
|
2 |
WEB
|
AmnPardaz
|
|
2008-01-28
|
|
ClanSphere 2007.4.4 - 'install.php' Local File Inclusion
|
3 |
WEB
|
p4imi0
|
|
2008-01-28
|
|
Mambo Module MOStlyCE 2.4 - 'connector.php' Cross-Site Scripting
|
3 |
WEB
|
AmnPardaz
|
|
2008-01-26
|
|
F5 BIG-IP Application Security Manager 9.4.3 - 'report_type' Cross-Site Scripting
|
4 |
WEB
|
nnposter
|
|
2008-01-25
|
|
WebCalendar 1.1.6 - 'search.php' Cross-Site Scripting
|
3 |
WEB
|
Omer Singer
|
|
2008-01-25
|
|
WebCalendar 1.1.6 - 'pref.php' Cross-Site Scripting
|
3 |
WEB
|
Omer Singer
|
|
2008-01-25
|
|
Fonality trixbox 2.4.2 - Cross-Site Scripting (2)
|
3 |
WEB
|
Omer Singer
|
|
2008-01-25
|
|
Fonality trixbox 2.4.2 - Cross-Site Scripting (1)
|
2 |
WEB
|
Omer Singer
|
|
2008-01-25
|
|
E-Smart Cart - 'Members Login' Multiple SQL Injection Vulnerabilities
|
4 |
WEB
|
milad_sa2007
|
|
2008-01-25
|
|
Pre Hotel and Resorts - 'user_login.asp' Multiple SQL Injection Vulnerabilities
|
3 |
WEB
|
milad_sa2007
|
|
2008-01-23
|
|
Web Wiz (Multiple Products) - Remote Information Disclosure
|
2 |
WEB
|
AmnPardaz
|
|
2008-01-22
|
|
DeluxeBB 1.1 - 'attachments_header.php' Cross-Site Scripting
|
3 |
WEB
|
NBBN
|
|
2008-01-22
|
|
PacerCMS 0.6 - 'id' Multiple SQL Injections
|
3 |
WEB
|
RawSecurity.org
|
|
2008-01-21
|
|
Small Axe Weblog 0.3.1 - 'ffile' Remote File Inclusion
|
3 |
WEB
|
anonymous
|
|
2008-01-21
|
|
Singapore 0.10.1 Modern Template - 'gallery' Cross-Site Scripting
|
4 |
WEB
|
trew
|
|
2008-01-21
|
|
Alice Gate2 Plus Wi-Fi Router - Cross-Site Request Forgery
|
3 |
WEB
|
WarGame
|
|
2008-01-21
|
|
MegaBBS 1.5.14b - 'upload.asp' Cross-Site Scripting
|
3 |
WEB
|
Doz
|
|
2008-01-20
|
|
BloofoxCMS 0.3 - Multiple Input Validation Vulnerabilities
|
3 |
WEB
|
AmnPardaz
|
|
2008-01-18
|
|
phpAutoVideo 2.21 - 'index.php?cat' Cross-Site Scripting
|
3 |
WEB
|
H-T Team
|
|
2008-01-18
|
|
phpAutoVideo 2.21 - 'sidebar.php?loadpage' Remote File Inclusion
|
3 |
WEB
|
H-T Team
|
|
2008-01-17
|
|
Clever Copy 3.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
hadihadi
|
|
2008-01-16
|
|
MyBB 1.2.10 - 'moderation.php' Multiple SQL Injections
|
3 |
WEB
|
waraxe
|
|
2007-01-15
|
|
WordPress Plugin SpamBam - Key Calculation Security Bypass
|
3 |
WEB
|
Romero
|
|
2008-01-15
|
|
WordPress Plugin Peter's Math Anti-Spam 0.1.6 - Audio CAPTCHA Security Bypass
|
3 |
WEB
|
Romero
|
|
2008-01-15
|
|
Article Dashboard - '/admin/login.php' Multiple SQL Injections
|
3 |
WEB
|
Xcross87
|
|
2008-01-14
|
|
pMachine Pro 2.4.1 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
fuzion
|
|
2008-01-14
|
|
Garment Center - 'index.cgi' Local File Inclusion
|
3 |
WEB
|
Smasher
|
|
2008-01-13
|
|
PHP Running Management 1.0.2 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
Christophe VG
|
|
2008-01-12
|
|
Moodle 1.8.3 - 'install.php' Cross-Site Scripting
|
3 |
WEB
|
Hanno Bock
|
|
2014-01-17
|
|
SmarterMail Enterprise and Standard 11.x - Persistent Cross-Site Scripting
|
3 |
WEB
|
Saeed reza Zamanian
|
|
2014-01-17
|
|
BloofoxCMS 0.5.0 - Multiple Vulnerabilities
|
3 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2008-01-11
|
|
Members Area System 1.7 - 'view_func.php' Remote File Inclusion
|
3 |
WEB
|
ShipNX
|
|
2008-01-10
|
|
ID-Commerce 2.0 - 'liste.php' SQL Injection
|
3 |
WEB
|
consultant.securite
|
|
2008-01-09
|
|
Joomla! Component SMF Forum 1.1.4 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Doz
|
|
2008-01-09
|
|
Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/user/main.jsp?activeControl' Cross-Site Scripti
|
3 |
WEB
|
Jan Fry & Adrian Pastor
|
|
2008-01-09
|
|
Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/help/index.jsp?helpUrl' Remote Frame Injection
|
3 |
WEB
|
Jan Fry & Adrian Pastor
|
|
2008-01-09
|
|
Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/account/findForSelect.jsp?resultsForm' Cross-Si
|
3 |
WEB
|
Jan Fry & Adrian Pastor
|
|
2008-01-09
|
|
Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/login.jsp' Multiple Cross-Site Scripting Vulner
|
3 |
WEB
|
Jan Fry & Adrian Pastor
|
|
2008-01-09
|
|
Omegasoft Insel 7 - Authentication Bypass / User Enumeration
|
3 |
WEB
|
MC.Iglo
|
|
2008-01-08
|
|
IceWarp Mail Server 9.1.1 - '/admin/index.html' Cross-Site Scripting
|
3 |
WEB
|
Ekin0x
|
|
2008-01-08
|
|
SysHotel On Line System - 'index.php' Local File Inclusion
|
3 |
WEB
|
p4imi0
|
|
2008-01-07
|
|
eTicket 1.5.5.2 - 'admin.php' Multiple SQL Injections
|
3 |
WEB
|
L4teral
|
|
2008-01-07
|
|
eTicket 1.5.5.2 - 'search.php' Multiple SQL Injections
|
3 |
WEB
|
L4teral
|
|
2008-01-07
|
|
eTicket 1.5.5.2 - 'view.php?s' Cross-Site Scripting
|
3 |
WEB
|
L4teral
|
|
2008-01-07
|
|
eTicket 1.5.5.2 - 'admin.php' Cross-Site Request Forgery
|
4 |
WEB
|
L4teral
|
|
2008-01-07
|
|
Snitz Forums 2000 3.4.5/3.4.6 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Doz
|
|
2008-01-07
|
|
Strawberry 1.1.1 - 'html.php' Remote Code Execution
|
3 |
WEB
|
Eugene Minaev
|
|
2008-01-03
|
|
Rotabanner Local 2/3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
MustLive
|
|
2008-01-04
|
|
NetRisk 1.9.7 - 'index.php' Remote File Inclusion
|
3 |
WEB
|
S.W.A.T.
|
|
2007-01-03
|
|
eTicket 1.5.5 - 'newticket.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Omer Singer
|
|
2008-01-03
|
|
ExpressionEngine 1.2.1 - HTTP Response Splitting / Cross-Site Scripting
|
3 |
WEB
|
MustLive
|
|
2008-01-03
|
|
Nucleus CMS 3.0.1 - 'myid' SQL Injection
|
3 |
WEB
|
MustLive
|
|
2008-01-03
|
|
PRO-Search 0.17 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
MustLive
|
|
2008-01-03
|
|
AwesomeTemplateEngine 1 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
MustLive
|
|
2008-01-03
|
|
WordPress Core 2.2.3 - '/wp-admin/edit.php?backup' Cross-Site Scripting
|
3 |
WEB
|
3APA3A
|
|
2008-01-03
|
|
WordPress Core 2.2.3 - '/wp-admin/page-new.php?popuptitle' Cross-Site Scripting
|
3 |
WEB
|
3APA3A
|
|
2008-01-03
|
|
WordPress Core 2.2.3 - '/wp-admin/post.php?popuptitle' Cross-Site Scripting
|
3 |
WEB
|
3APA3A
|
|
2008-01-03
|
|
MyPHP Forum 3.0 - 'search.php' Multiple SQL Injections
|
3 |
WEB
|
The:Paradox
|
|
2008-01-03
|
|
W3-mSQL - Error Page Cross-Site Scripting
|
3 |
WEB
|
vivek_infosec
|
|
2008-01-02
|
|
MODx 0.9.6.1 - 'AjaxSearch.php' Local File Inclusion
|
3 |
WEB
|
AmnPardaz Security Research Team
|
|
2008-01-02
|
|
MODx 0.9.6.1 - 'htcmime.php' Source Code Information Disclosure
|
3 |
WEB
|
AmnPardaz Security Research Team
|
|
2007-12-31
|
|
LiveCart 1.0.1 - 'email' Cross-Site Scripting
|
3 |
WEB
|
Doz
|
|
2007-12-31
|
|
LiveCart 1.0.1 - 'return' Cross-Site Scripting (2)
|
4 |
WEB
|
Doz
|
|
2007-12-31
|
|
LiveCart 1.0.1 - 'q' Cross-Site Scripting
|
3 |
WEB
|
Doz
|
|
2007-12-31
|
|
LiveCart 1.0.1 - 'return' Cross-Site Scripting (1)
|
3 |
WEB
|
Doz
|
|
2007-12-31
|
|
InstantSoftwares Dating Site - Login SQL Injection
|
3 |
WEB
|
Aria-Security Team
|
|
2007-12-31
|
|
MilliScripts - 'dir.php' Cross-Site Scripting
|
3 |
WEB
|
Jose Luis Gangora Fernandez
|
|
2007-12-30
|
|
MatPo.de Kontakt Formular 1.4 - 'function.php' Remote File Inclusion
|
3 |
WEB
|
bd0rk
|
|
2007-12-29
|
|
CustomCMS 3.1 - 'vars.php' SQL Injection
|
2 |
WEB
|
Pr0metheuS
|
|
2007-12-29
|
|
Makale Scripti - Cross-Site Scripting
|
3 |
WEB
|
GeFORC3
|
|
2007-12-29
|
|
PHCDownload 1.1 - 'search.php?string' Cross-Site Scripting
|
4 |
WEB
|
Lostmon
|
|
2007-12-29
|
|
PHCDownload 1.1 - 'search.php?string' SQL Injection
|
3 |
WEB
|
Lostmon
|
|
2014-01-15
|
|
PHPJabbers Vacation Rental Script 3.0 - Multiple Vulnerabilities
|
3 |
WEB
|
HackXBack
|
|
2014-01-15
|
|
PHPJabbers Hotel Booking System 3.0 - Multiple Vulnerabilities
|
3 |
WEB
|
HackXBack
|
|
2014-01-15
|
|
PHPJabbers Vacation Packages Listing 2.0 - Multiple Vulnerabilities
|
3 |
WEB
|
HackXBack
|
|
2014-01-15
|
|
PHPJabbers Property Listing Script 2.0 - Cross-Site Request Forgery (Add Admin)
|
3 |
WEB
|
HackXBack
|
|
2007-12-28
|
|
OpenBiblio 0.x - 'theme_preview.php?themeName' Cross-Site Scripting
|
4 |
WEB
|
Juan Galiana Lara
|
|
2014-01-15
|
|
PHPJabbers Pet Listing Script 1.0 - Multiple Vulnerabilities
|
4 |
WEB
|
HackXBack
|
|
2007-12-28
|
|
OpenBiblio 0.x - 'theme_del_confirm.php?name' Cross-Site Scripting
|
3 |
WEB
|
Juan Galiana Lara
|
|
2007-12-28
|
|
OpenBiblio 0.x - 'staff_del_confirm.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Juan Galiana Lara
|
|
2007-12-28
|
|
NetBizCity FaqMasterFlexPlus - 'faq.php' SQL Injection
|
3 |
WEB
|
Juan Galiana Lara
|
|
2014-01-15
|
|
Collabtive 1.1 - 'managetimetracker.php' SQL Injection
|
3 |
WEB
|
Yogesh Phadtare
|
|
2007-12-28
|
|
NetBizCity FaqMasterFlexPlus - 'faq.php' Cross-Site Scripting
|
3 |
WEB
|
Juan Galiana Lara
|
|
2007-12-27
|
|
IPortalX - 'blogs.asp?Date' Cross-Site Scripting
|
3 |
WEB
|
Doz
|
|
2007-12-27
|
|
IPortalX - '/forum/login_user.asp' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Doz
|
|
2007-12-24
|
|
Web Sihirbazi 5.1.1 - 'default.asp' Multiple SQL Injections
|
3 |
WEB
|
bypass
|
|
2007-12-25
|
|
Limbo CMS 1.0.4 - 'com_option' Cross-Site Scripting
|
3 |
WEB
|
Omer Singer
|
|
2007-12-24
|
|
Logaholic - 'profiles.php?newconfname' Cross-Site Scripting
|
3 |
WEB
|
malibu.r
|
|
2007-12-24
|
|
Logaholic - 'index.php?conf' Cross-Site Scripting
|
3 |
WEB
|
malibu.r
|
|
2007-12-24
|
|
Logaholic - 'index.php' SQL Injection
|
2 |
WEB
|
malibu.r
|
|
2007-12-24
|
|
Logaholic - 'update.php?page' SQL Injection
|
3 |
WEB
|
malibu.r
|
|
2007-12-24
|
|
Agares Media ThemeSiteScript 1.0 - 'loadadminpage' Remote File Inclusion
|
3 |
WEB
|
Koller
|
|
2007-12-22
|
|
Dokeos 1.x - '/work/work.php?display_upload_form Action origin' Cross-Site Scripting
|
3 |
WEB
|
Doz
|
|
2007-12-22
|
|
Dokeos 1.x - '/forum/viewforum.php?forum' Cross-Site Scripting
|
3 |
WEB
|
Doz
|
|
2007-12-22
|
|
Dokeos 1.x - '/forum/viewthread.php?forum' Cross-Site Scripting
|
3 |
WEB
|
Doz
|
|
2007-12-22
|
|
MyBlog 1.x - 'Games.php?ID' Remote File Inclusion
|
3 |
WEB
|
Beenu Arora
|
|
2007-12-21
|
|
MRBS 1.2.x - 'view_entry.php' SQL Injection
|
3 |
WEB
|
root@hanicker.it
|
|
2007-12-20
|
|
SiteScape Forum - 'dispatch.cgi' Tcl Command Injection
|
3 |
WEB
|
niekt0
|
|
2007-12-20
|
|
iDevSpot iSupport 1.8 - 'index.php' Local File Inclusion
|
3 |
WEB
|
JuMp-Er
|
|
2014-01-14
|
|
Horizon QCMS 4.0 - Multiple Vulnerabilities
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2014-01-14
|
|
Burden 1.8 - Authentication Bypass
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2014-01-14
|
|
Conceptronic Wireless Pan & Tilt Network Camera - Cross-Site Request Forgery
|
3 |
WEB
|
Felipe Molina
|
|
2014-01-14
|
|
PHPJabbers Event Booking Calendar 2.0 - Multiple Vulnerabilities
|
3 |
WEB
|
HackXBack
|
|
2014-01-14
|
|
PHPJabbers Car Rental Script - Multiple Vulnerabilities
|
3 |
WEB
|
HackXBack
|
