|
2008-01-18
|
|
phpAutoVideo 2.21 - 'index.php?cat' Cross-Site Scripting
|
2 |
WEB
|
H-T Team
|
|
2008-01-18
|
|
phpAutoVideo 2.21 - 'sidebar.php?loadpage' Remote File Inclusion
|
2 |
WEB
|
H-T Team
|
|
2008-01-17
|
|
Clever Copy 3.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
hadihadi
|
|
2008-01-16
|
|
MyBB 1.2.10 - 'moderation.php' Multiple SQL Injections
|
1 |
WEB
|
waraxe
|
|
2007-01-15
|
|
WordPress Plugin SpamBam - Key Calculation Security Bypass
|
1 |
WEB
|
Romero
|
|
2008-01-15
|
|
WordPress Plugin Peter's Math Anti-Spam 0.1.6 - Audio CAPTCHA Security Bypass
|
1 |
WEB
|
Romero
|
|
2008-01-15
|
|
Article Dashboard - '/admin/login.php' Multiple SQL Injections
|
1 |
WEB
|
Xcross87
|
|
2008-01-14
|
|
pMachine Pro 2.4.1 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
fuzion
|
|
2008-01-14
|
|
Garment Center - 'index.cgi' Local File Inclusion
|
1 |
WEB
|
Smasher
|
|
2008-01-13
|
|
PHP Running Management 1.0.2 - 'index.php' Cross-Site Scripting
|
1 |
WEB
|
Christophe VG
|
|
2008-01-12
|
|
Moodle 1.8.3 - 'install.php' Cross-Site Scripting
|
1 |
WEB
|
Hanno Bock
|
|
2014-01-17
|
|
SmarterMail Enterprise and Standard 11.x - Persistent Cross-Site Scripting
|
1 |
WEB
|
Saeed reza Zamanian
|
|
2014-01-17
|
|
BloofoxCMS 0.5.0 - Multiple Vulnerabilities
|
1 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2008-01-11
|
|
Members Area System 1.7 - 'view_func.php' Remote File Inclusion
|
1 |
WEB
|
ShipNX
|
|
2008-01-10
|
|
ID-Commerce 2.0 - 'liste.php' SQL Injection
|
1 |
WEB
|
consultant.securite
|
|
2008-01-09
|
|
Joomla! Component SMF Forum 1.1.4 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Doz
|
|
2008-01-09
|
|
Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/user/main.jsp?activeControl' Cross-Site Scripti
|
1 |
WEB
|
Jan Fry & Adrian Pastor
|
|
2008-01-09
|
|
Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/help/index.jsp?helpUrl' Remote Frame Injection
|
1 |
WEB
|
Jan Fry & Adrian Pastor
|
|
2008-01-09
|
|
Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/account/findForSelect.jsp?resultsForm' Cross-Si
|
1 |
WEB
|
Jan Fry & Adrian Pastor
|
|
2008-01-09
|
|
Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/login.jsp' Multiple Cross-Site Scripting Vulner
|
1 |
WEB
|
Jan Fry & Adrian Pastor
|
|
2008-01-09
|
|
Omegasoft Insel 7 - Authentication Bypass / User Enumeration
|
1 |
WEB
|
MC.Iglo
|
|
2008-01-08
|
|
IceWarp Mail Server 9.1.1 - '/admin/index.html' Cross-Site Scripting
|
1 |
WEB
|
Ekin0x
|
|
2008-01-08
|
|
SysHotel On Line System - 'index.php' Local File Inclusion
|
2 |
WEB
|
p4imi0
|
|
2008-01-07
|
|
eTicket 1.5.5.2 - 'admin.php' Multiple SQL Injections
|
1 |
WEB
|
L4teral
|
|
2008-01-07
|
|
eTicket 1.5.5.2 - 'search.php' Multiple SQL Injections
|
1 |
WEB
|
L4teral
|
|
2008-01-07
|
|
eTicket 1.5.5.2 - 'view.php?s' Cross-Site Scripting
|
1 |
WEB
|
L4teral
|
|
2008-01-07
|
|
eTicket 1.5.5.2 - 'admin.php' Cross-Site Request Forgery
|
2 |
WEB
|
L4teral
|
|
2008-01-07
|
|
Snitz Forums 2000 3.4.5/3.4.6 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Doz
|
|
2008-01-07
|
|
Strawberry 1.1.1 - 'html.php' Remote Code Execution
|
1 |
WEB
|
Eugene Minaev
|
|
2008-01-03
|
|
Rotabanner Local 2/3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
0 |
WEB
|
MustLive
|
|
2008-01-04
|
|
NetRisk 1.9.7 - 'index.php' Remote File Inclusion
|
1 |
WEB
|
S.W.A.T.
|
|
2007-01-03
|
|
eTicket 1.5.5 - 'newticket.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Omer Singer
|
|
2008-01-03
|
|
ExpressionEngine 1.2.1 - HTTP Response Splitting / Cross-Site Scripting
|
1 |
WEB
|
MustLive
|
|
2008-01-03
|
|
Nucleus CMS 3.0.1 - 'myid' SQL Injection
|
1 |
WEB
|
MustLive
|
|
2008-01-03
|
|
PRO-Search 0.17 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
MustLive
|
|
2008-01-03
|
|
AwesomeTemplateEngine 1 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
MustLive
|
|
2008-01-03
|
|
WordPress Core 2.2.3 - '/wp-admin/edit.php?backup' Cross-Site Scripting
|
1 |
WEB
|
3APA3A
|
|
2008-01-03
|
|
WordPress Core 2.2.3 - '/wp-admin/page-new.php?popuptitle' Cross-Site Scripting
|
1 |
WEB
|
3APA3A
|
|
2008-01-03
|
|
WordPress Core 2.2.3 - '/wp-admin/post.php?popuptitle' Cross-Site Scripting
|
1 |
WEB
|
3APA3A
|
|
2008-01-03
|
|
MyPHP Forum 3.0 - 'search.php' Multiple SQL Injections
|
1 |
WEB
|
The:Paradox
|
|
2008-01-03
|
|
W3-mSQL - Error Page Cross-Site Scripting
|
1 |
WEB
|
vivek_infosec
|
|
2008-01-02
|
|
MODx 0.9.6.1 - 'AjaxSearch.php' Local File Inclusion
|
2 |
WEB
|
AmnPardaz Security Research Team
|
|
2008-01-02
|
|
MODx 0.9.6.1 - 'htcmime.php' Source Code Information Disclosure
|
1 |
WEB
|
AmnPardaz Security Research Team
|
|
2007-12-31
|
|
LiveCart 1.0.1 - 'email' Cross-Site Scripting
|
1 |
WEB
|
Doz
|
|
2007-12-31
|
|
LiveCart 1.0.1 - 'return' Cross-Site Scripting (2)
|
1 |
WEB
|
Doz
|
|
2007-12-31
|
|
LiveCart 1.0.1 - 'q' Cross-Site Scripting
|
1 |
WEB
|
Doz
|
|
2007-12-31
|
|
LiveCart 1.0.1 - 'return' Cross-Site Scripting (1)
|
1 |
WEB
|
Doz
|
|
2007-12-31
|
|
InstantSoftwares Dating Site - Login SQL Injection
|
1 |
WEB
|
Aria-Security Team
|
|
2007-12-31
|
|
MilliScripts - 'dir.php' Cross-Site Scripting
|
1 |
WEB
|
Jose Luis Gangora Fernandez
|
|
2007-12-30
|
|
MatPo.de Kontakt Formular 1.4 - 'function.php' Remote File Inclusion
|
1 |
WEB
|
bd0rk
|
|
2007-12-29
|
|
CustomCMS 3.1 - 'vars.php' SQL Injection
|
1 |
WEB
|
Pr0metheuS
|
|
2007-12-29
|
|
Makale Scripti - Cross-Site Scripting
|
0 |
WEB
|
GeFORC3
|
|
2007-12-29
|
|
PHCDownload 1.1 - 'search.php?string' Cross-Site Scripting
|
2 |
WEB
|
Lostmon
|
|
2007-12-29
|
|
PHCDownload 1.1 - 'search.php?string' SQL Injection
|
1 |
WEB
|
Lostmon
|
|
2014-01-15
|
|
PHPJabbers Vacation Rental Script 3.0 - Multiple Vulnerabilities
|
1 |
WEB
|
HackXBack
|
|
2014-01-15
|
|
PHPJabbers Hotel Booking System 3.0 - Multiple Vulnerabilities
|
1 |
WEB
|
HackXBack
|
|
2014-01-15
|
|
PHPJabbers Vacation Packages Listing 2.0 - Multiple Vulnerabilities
|
1 |
WEB
|
HackXBack
|
|
2014-01-15
|
|
PHPJabbers Property Listing Script 2.0 - Cross-Site Request Forgery (Add Admin)
|
1 |
WEB
|
HackXBack
|
|
2007-12-28
|
|
OpenBiblio 0.x - 'theme_preview.php?themeName' Cross-Site Scripting
|
1 |
WEB
|
Juan Galiana Lara
|
|
2014-01-15
|
|
PHPJabbers Pet Listing Script 1.0 - Multiple Vulnerabilities
|
0 |
WEB
|
HackXBack
|
|
2007-12-28
|
|
OpenBiblio 0.x - 'theme_del_confirm.php?name' Cross-Site Scripting
|
1 |
WEB
|
Juan Galiana Lara
|
|
2007-12-28
|
|
OpenBiblio 0.x - 'staff_del_confirm.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Juan Galiana Lara
|
|
2007-12-28
|
|
NetBizCity FaqMasterFlexPlus - 'faq.php' SQL Injection
|
1 |
WEB
|
Juan Galiana Lara
|
|
2014-01-15
|
|
Collabtive 1.1 - 'managetimetracker.php' SQL Injection
|
1 |
WEB
|
Yogesh Phadtare
|
|
2007-12-28
|
|
NetBizCity FaqMasterFlexPlus - 'faq.php' Cross-Site Scripting
|
1 |
WEB
|
Juan Galiana Lara
|
|
2007-12-27
|
|
IPortalX - 'blogs.asp?Date' Cross-Site Scripting
|
1 |
WEB
|
Doz
|
|
2007-12-27
|
|
IPortalX - '/forum/login_user.asp' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Doz
|
|
2007-12-24
|
|
Web Sihirbazi 5.1.1 - 'default.asp' Multiple SQL Injections
|
1 |
WEB
|
bypass
|
|
2007-12-25
|
|
Limbo CMS 1.0.4 - 'com_option' Cross-Site Scripting
|
1 |
WEB
|
Omer Singer
|
|
2007-12-24
|
|
Logaholic - 'profiles.php?newconfname' Cross-Site Scripting
|
1 |
WEB
|
malibu.r
|
|
2007-12-24
|
|
Logaholic - 'index.php?conf' Cross-Site Scripting
|
1 |
WEB
|
malibu.r
|
|
2007-12-24
|
|
Logaholic - 'index.php' SQL Injection
|
0 |
WEB
|
malibu.r
|
|
2007-12-24
|
|
Logaholic - 'update.php?page' SQL Injection
|
1 |
WEB
|
malibu.r
|
|
2007-12-24
|
|
Agares Media ThemeSiteScript 1.0 - 'loadadminpage' Remote File Inclusion
|
1 |
WEB
|
Koller
|
|
2007-12-22
|
|
Dokeos 1.x - '/work/work.php?display_upload_form Action origin' Cross-Site Scripting
|
1 |
WEB
|
Doz
|
|
2007-12-22
|
|
Dokeos 1.x - '/forum/viewforum.php?forum' Cross-Site Scripting
|
1 |
WEB
|
Doz
|
|
2007-12-22
|
|
Dokeos 1.x - '/forum/viewthread.php?forum' Cross-Site Scripting
|
1 |
WEB
|
Doz
|
|
2007-12-22
|
|
MyBlog 1.x - 'Games.php?ID' Remote File Inclusion
|
1 |
WEB
|
Beenu Arora
|
|
2007-12-21
|
|
MRBS 1.2.x - 'view_entry.php' SQL Injection
|
1 |
WEB
|
root@hanicker.it
|
|
2007-12-20
|
|
SiteScape Forum - 'dispatch.cgi' Tcl Command Injection
|
1 |
WEB
|
niekt0
|
|
2007-12-20
|
|
iDevSpot iSupport 1.8 - 'index.php' Local File Inclusion
|
1 |
WEB
|
JuMp-Er
|
|
2014-01-14
|
|
Horizon QCMS 4.0 - Multiple Vulnerabilities
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2014-01-14
|
|
Burden 1.8 - Authentication Bypass
|
1 |
WEB
|
High-Tech Bridge SA
|
|
2014-01-14
|
|
Conceptronic Wireless Pan & Tilt Network Camera - Cross-Site Request Forgery
|
1 |
WEB
|
Felipe Molina
|
|
2014-01-14
|
|
PHPJabbers Event Booking Calendar 2.0 - Multiple Vulnerabilities
|
1 |
WEB
|
HackXBack
|
|
2014-01-14
|
|
PHPJabbers Car Rental Script - Multiple Vulnerabilities
|
1 |
WEB
|
HackXBack
|
|
2014-01-14
|
|
PHPJabbers Appointment Scheduler 2.0 - Multiple Vulnerabilities
|
1 |
WEB
|
HackXBack
|
|
2014-01-14
|
|
PHPJabbers Job Listing Script - Multiple Vulnerabilities
|
1 |
WEB
|
HackXBack
|
|
2014-01-14
|
|
Auto Classifieds Script 2.0 - Cross-Site Request Forgery (Add Admin)
|
1 |
WEB
|
HackXBack
|
|
2014-01-14
|
|
Feixun Wireless Router FWR-604H - Remote Code Execution
|
1 |
WEB
|
Arash Abedian
|
|
2007-12-18
|
|
Mambo 4.6.2 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Beenu Arora
|
|
2007-12-17
|
|
PHP Security Framework - Multiple Input Validation Vulnerabilities
|
1 |
WEB
|
DarkFig
|
|
2007-12-17
|
|
Neuron News 1.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
hadihadi & black.shadowes
|
|
2007-12-09
|
|
Flyspray 0.9.9 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
KAWASHIMA Takahiro
|
|
2007-12-14
|
|
Black Sheep Web Software Form Tools 1.5 - Multiple Remote File Inclusions
|
1 |
WEB
|
RoMaNcYxHaCkEr
|
|
2007-12-15
|
|
WordPress Core 2.3.1 - Unauthorized Post Access
|
1 |
WEB
|
Michael Brooks
|
|
2007-12-15
|
|
phpRPG 0.8 - '/tmp' Directory PHPSESSID Cookie Session Hijacking
|
1 |
WEB
|
Michael Brooks
|
|
2007-12-15
|
|
phPay 2.2.1 - Windows Installations Local File Inclusion
|
1 |
WEB
|
Michael Brooks
|
|
2007-12-13
|
|
MKPortal 1.1 Gallery Module - SQL Injection
|
1 |
WEB
|
Sw33t h4cK3r
|
|
2007-11-12
|
|
XOOPS 2.2.5 - 'register.php' Cross-Site Scripting
|
1 |
WEB
|
Omer Singer
|
|
2007-11-10
|
|
PHP-Nuke 8.0 - 'autohtml.php' Local File Inclusion
|
1 |
WEB
|
d3v1l
|
|
2007-11-10
|
|
Bitweaver 1.x/2.0 - '/search/index.php?highlight' SQL Injection
|
1 |
WEB
|
Doz
|
|
2007-11-10
|
|
Bitweaver 1.x/2.0 - 'search/index.php' Cross-Site Scripting
|
1 |
WEB
|
Doz
|
|
2007-11-10
|
|
Bitweaver 1.x/2.0 - 'users/register.php' Cross-Site Scripting
|
1 |
WEB
|
Doz
|
|
2007-11-10
|
|
Roundcube Webmail 0.1 - CSS Expression Input Validation
|
1 |
WEB
|
Tomas Kuliavas
|
|
2007-11-10
|
|
Falcon Series One 1.4.3 stable - Multiple Input Validation Vulnerabilities
|
1 |
WEB
|
MhZ91
|
|
2007-12-10
|
|
E-Xoops 1.0.5/1.0.8 - '/modules/arcade/index.php?gid' SQL Injection
|
1 |
WEB
|
Lostmon
|
|
2007-12-10
|
|
E-Xoops 1.0.5/1.0.8 - '/modules/banners/click.php?bid' SQL Injection
|
1 |
WEB
|
Lostmon
|
|
2007-12-10
|
|
E-Xoops 1.0.5/1.0.8 - '/myalbum/ratephoto.php?lid' SQL Injection
|
1 |
WEB
|
Lostmon
|
|
2014-01-13
|
|
DomPHP 0.83 - SQL Injection
|
1 |
WEB
|
Houssamix
|
|
2014-01-12
|
|
DomPHP 0.83 - Local Directory Traversal
|
1 |
WEB
|
Houssamix
|
|
2007-12-10
|
|
E-Xoops 1.0.5/1.0.8 - '/mysections/ratefile.php?lid' SQL Injection
|
1 |
WEB
|
Lostmon
|
|
2007-12-10
|
|
E-Xoops 1.0.5/1.0.8 - '/mydownloads/ratefile.php?lid' SQL Injection
|
1 |
WEB
|
Lostmon
|
|
2007-12-10
|
|
E-Xoops 1.0.5/1.0.8 - '/adresses/ratefile.php?lid' SQL Injection
|
1 |
WEB
|
Lostmon
|
|
2007-12-10
|
|
E-Xoops 1.0.5/1.0.8 - '/mylinks/ratelink.php?lid' SQL Injection
|
1 |
WEB
|
Lostmon
|
|
2007-12-10
|
|
bttlxe Forum 2.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Mormoroth
|
|
2007-12-10
|
|
SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Access Validation / Input Validation
|
1 |
WEB
|
Tomas Kuliavas
|
|
2007-12-10
|
|
webSPELL 4.1.2 - 'calendar.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Brainhead
|
|
2007-12-10
|
|
webSPELL 4.1.2 - 'usergallery.php?galleryID' Cross-Site Scripting
|
1 |
WEB
|
Brainhead
|
|
2007-12-07
|
|
WebDoc 3.0 - Multiple SQL Injections
|
2 |
WEB
|
Chrysalid
|
|
2007-12-15
|
|
wwwstats 3.21 - 'Clickstats.php' Multiple HTML Injection Vulnerabilities
|
1 |
WEB
|
Jesus Olmos Gonzalez
|
|
2007-12-06
|
|
OpenNewsletter 2.5 - 'Compose.php' Cross-Site Scripting
|
1 |
WEB
|
Manu
|
|
2007-12-06
|
|
Kayako SupportSuite 3.0.32 - 'PHP_SELF Trigger_Error' Function Cross-Site Scripting
|
2 |
WEB
|
imei
|
|
2007-12-05
|
|
VisualShapers EZContents 1.4.5 - File Disclosure
|
1 |
WEB
|
p4imi0
|
|
2007-12-05
|
|
Joomla! Component com_search 1.5 RC3 - 'index.php' Multiple SQL Injections
|
1 |
WEB
|
beenudel1986
|
