|
2014-01-14
|
|
PHPJabbers Appointment Scheduler 2.0 - Multiple Vulnerabilities
|
3 |
WEB
|
HackXBack
|
|
2014-01-14
|
|
PHPJabbers Job Listing Script - Multiple Vulnerabilities
|
3 |
WEB
|
HackXBack
|
|
2014-01-14
|
|
Auto Classifieds Script 2.0 - Cross-Site Request Forgery (Add Admin)
|
3 |
WEB
|
HackXBack
|
|
2014-01-14
|
|
Feixun Wireless Router FWR-604H - Remote Code Execution
|
3 |
WEB
|
Arash Abedian
|
|
2007-12-18
|
|
Mambo 4.6.2 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Beenu Arora
|
|
2007-12-17
|
|
PHP Security Framework - Multiple Input Validation Vulnerabilities
|
3 |
WEB
|
DarkFig
|
|
2007-12-17
|
|
Neuron News 1.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
hadihadi & black.shadowes
|
|
2007-12-09
|
|
Flyspray 0.9.9 - Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
KAWASHIMA Takahiro
|
|
2007-12-14
|
|
Black Sheep Web Software Form Tools 1.5 - Multiple Remote File Inclusions
|
4 |
WEB
|
RoMaNcYxHaCkEr
|
|
2007-12-15
|
|
WordPress Core 2.3.1 - Unauthorized Post Access
|
2 |
WEB
|
Michael Brooks
|
|
2007-12-15
|
|
phpRPG 0.8 - '/tmp' Directory PHPSESSID Cookie Session Hijacking
|
2 |
WEB
|
Michael Brooks
|
|
2007-12-15
|
|
phPay 2.2.1 - Windows Installations Local File Inclusion
|
3 |
WEB
|
Michael Brooks
|
|
2007-12-13
|
|
MKPortal 1.1 Gallery Module - SQL Injection
|
3 |
WEB
|
Sw33t h4cK3r
|
|
2007-11-12
|
|
XOOPS 2.2.5 - 'register.php' Cross-Site Scripting
|
3 |
WEB
|
Omer Singer
|
|
2007-11-10
|
|
PHP-Nuke 8.0 - 'autohtml.php' Local File Inclusion
|
3 |
WEB
|
d3v1l
|
|
2007-11-10
|
|
Bitweaver 1.x/2.0 - '/search/index.php?highlight' SQL Injection
|
3 |
WEB
|
Doz
|
|
2007-11-10
|
|
Bitweaver 1.x/2.0 - 'search/index.php' Cross-Site Scripting
|
3 |
WEB
|
Doz
|
|
2007-11-10
|
|
Bitweaver 1.x/2.0 - 'users/register.php' Cross-Site Scripting
|
3 |
WEB
|
Doz
|
|
2007-11-10
|
|
Roundcube Webmail 0.1 - CSS Expression Input Validation
|
3 |
WEB
|
Tomas Kuliavas
|
|
2007-11-10
|
|
Falcon Series One 1.4.3 stable - Multiple Input Validation Vulnerabilities
|
4 |
WEB
|
MhZ91
|
|
2007-12-10
|
|
E-Xoops 1.0.5/1.0.8 - '/modules/arcade/index.php?gid' SQL Injection
|
3 |
WEB
|
Lostmon
|
|
2007-12-10
|
|
E-Xoops 1.0.5/1.0.8 - '/modules/banners/click.php?bid' SQL Injection
|
4 |
WEB
|
Lostmon
|
|
2007-12-10
|
|
E-Xoops 1.0.5/1.0.8 - '/myalbum/ratephoto.php?lid' SQL Injection
|
3 |
WEB
|
Lostmon
|
|
2014-01-13
|
|
DomPHP 0.83 - SQL Injection
|
3 |
WEB
|
Houssamix
|
|
2014-01-12
|
|
DomPHP 0.83 - Local Directory Traversal
|
3 |
WEB
|
Houssamix
|
|
2007-12-10
|
|
E-Xoops 1.0.5/1.0.8 - '/mysections/ratefile.php?lid' SQL Injection
|
3 |
WEB
|
Lostmon
|
|
2007-12-10
|
|
E-Xoops 1.0.5/1.0.8 - '/mydownloads/ratefile.php?lid' SQL Injection
|
3 |
WEB
|
Lostmon
|
|
2007-12-10
|
|
E-Xoops 1.0.5/1.0.8 - '/adresses/ratefile.php?lid' SQL Injection
|
3 |
WEB
|
Lostmon
|
|
2007-12-10
|
|
E-Xoops 1.0.5/1.0.8 - '/mylinks/ratelink.php?lid' SQL Injection
|
3 |
WEB
|
Lostmon
|
|
2007-12-10
|
|
bttlxe Forum 2.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Mormoroth
|
|
2007-12-10
|
|
SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Access Validation / Input Validation
|
2 |
WEB
|
Tomas Kuliavas
|
|
2007-12-10
|
|
webSPELL 4.1.2 - 'calendar.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Brainhead
|
|
2007-12-10
|
|
webSPELL 4.1.2 - 'usergallery.php?galleryID' Cross-Site Scripting
|
3 |
WEB
|
Brainhead
|
|
2007-12-07
|
|
WebDoc 3.0 - Multiple SQL Injections
|
3 |
WEB
|
Chrysalid
|
|
2007-12-15
|
|
wwwstats 3.21 - 'Clickstats.php' Multiple HTML Injection Vulnerabilities
|
2 |
WEB
|
Jesus Olmos Gonzalez
|
|
2007-12-06
|
|
OpenNewsletter 2.5 - 'Compose.php' Cross-Site Scripting
|
2 |
WEB
|
Manu
|
|
2007-12-06
|
|
Kayako SupportSuite 3.0.32 - 'PHP_SELF Trigger_Error' Function Cross-Site Scripting
|
3 |
WEB
|
imei
|
|
2007-12-05
|
|
VisualShapers EZContents 1.4.5 - File Disclosure
|
3 |
WEB
|
p4imi0
|
|
2007-12-05
|
|
Joomla! Component com_search 1.5 RC3 - 'index.php' Multiple SQL Injections
|
3 |
WEB
|
beenudel1986
|
|
2007-12-05
|
|
Joomla! Component Content 1.5 RC3 - 'view' SQL Injection
|
3 |
WEB
|
beenudel1986
|
|
2007-12-04
|
|
phpMyChat 0.14.5 - '/chat/users_popupL.php3' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
beenudel1986
|
|
2007-12-04
|
|
phpMyChat 0.14.5 - 'chat/deluser.php3?LIMIT' Cross-Site Scripting
|
3 |
WEB
|
beenudel1986
|
|
2007-12-04
|
|
Absolute News Manager .NET 5.1 - 'getpath.aspx' Direct Request Error Message Information
|
3 |
WEB
|
Adrian Pastor
|
|
2007-12-04
|
|
Absolute News Manager .NET 5.1 - '/pages/default.aspx?template' Cross-Site Scripting
|
2 |
WEB
|
Adrian Pastor
|
|
2007-12-04
|
|
Absolute News Manager .NET 5.1 - 'xlaabsolutenm.aspx?rmore' Cross-Site Scripting
|
3 |
WEB
|
Adrian Pastor
|
|
2007-12-04
|
|
Absolute News Manager .NET 5.1 - 'xlaabsolutenm.aspx' Multiple SQL Injections
|
3 |
WEB
|
Adrian Pastor
|
|
2007-12-04
|
|
Absolute News Manager .NET 5.1 - '/pages/default.aspx?template' Remote File Access
|
3 |
WEB
|
Adrian Pastor
|
|
2007-11-30
|
|
bcoos 1.0.10 - 'ratefile.php' SQL Injection
|
3 |
WEB
|
Lostmon
|
|
2007-11-30
|
|
Ossigeno CMS 2.2_pre1 - '/ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php?ossige
|
3 |
WEB
|
ShAy6oOoN
|
|
2007-11-30
|
|
Ossigeno CMS 2.2_pre1 - '/upload/xax/ossigeno/admin/uninstall_module.php?level' Remote File Inclusio
|
3 |
WEB
|
ShAy6oOoN
|
|
2007-11-30
|
|
Ossigeno CMS 2.2_pre1 - '/upload/xax/ossigeno/admin/install_module.php?level' Remote File Inclusion
|
3 |
WEB
|
ShAy6oOoN
|
|
2007-11-30
|
|
Ossigeno CMS 2.2_pre1 - '/upload/xax/admin/patch/index.php?level' Remote File Inclusion
|
3 |
WEB
|
ShAy6oOoN
|
|
2007-11-30
|
|
Ossigeno CMS 2.2_pre1 - '/upload/xax/admin/modules/uninstall_module.php?level' Remote File Inclusion
|
3 |
WEB
|
ShAy6oOoN
|
|
2007-11-30
|
|
Ossigeno CMS 2.2_pre1 - '/upload/xax/admin/modules/install_module.php?level' Remote File Inclusion
|
3 |
WEB
|
ShAy6oOoN
|
|
2007-11-28
|
|
bcoos 1.0.10 - 'ratelink.php' SQL Injection
|
3 |
WEB
|
Lostmon
|
|
2007-11-28
|
|
bcoos 1.0.10 - 'ratephoto.php' SQL Injection
|
3 |
WEB
|
Lostmon
|
|
2007-11-28
|
|
BEA AquaLogic Interaction 6.0/6.1 Plumtree Portal - Multiple Information Disclosure Vulnerabilities
|
3 |
WEB
|
Adrian Pastor
|
|
2007-11-27
|
|
p.mapper 3.2 beta3 - '/plugins/export/mc_table.php?_SESSION[PM_INCPHP]' Remote File Inclusion
|
4 |
WEB
|
ShAy6oOoN
|
|
2007-11-27
|
|
p.mapper 3.2 beta3 - '/incPHP/globals.php?_SESSION[PM_INCPHP]' Remote File Inclusion
|
2 |
WEB
|
ShAy6oOoN
|
|
2007-11-27
|
|
ht://Dig 3.2 - Htsearch Cross-Site Scripting
|
3 |
WEB
|
Michael Skibbe
|
|
2007-11-27
|
|
Liferay Portal 4.3.1 - Forgot-Password Cross-Site Scripting
|
3 |
WEB
|
Joshua Morin
|
|
2007-11-26
|
|
Tilde 4.0 - 'Aarstal' Cross-Site Scripting
|
3 |
WEB
|
KiNgOfThEwOrLd
|
|
2007-11-26
|
|
FMDeluxe 2.1 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
JosS
|
|
2007-11-26
|
|
SimpleGallery 0.1.3 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
JosS
|
|
2007-11-26
|
|
Proverbs Web Calendar 1.1 - 'Password' SQL Injection
|
3 |
WEB
|
JosS
|
|
2007-11-26
|
|
GWExtranet 3.0 - 'Scp.dll' Multiple HTML Injection Vulnerabilities
|
3 |
WEB
|
Doz
|
|
2007-11-26
|
|
GOUAE DWD Realty - 'Password' SQL Injection
|
3 |
WEB
|
Aria-Security Team
|
|
2007-11-26
|
|
PHPSlideShow 0.9.9 - 'Directory' Cross-Site Scripting
|
3 |
WEB
|
Jose Luis Gongora Fernandez
|
|
2007-11-24
|
|
VBTube 1.1 - Search Cross-Site Scripting
|
3 |
WEB
|
Crackers_Child
|
|
2007-11-24
|
|
CoolShot E-Lite POS 1.0 - Login SQL Injection
|
3 |
WEB
|
Aria-Security Team
|
|
2007-11-23
|
|
Bandersnatch 0.4 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Tim Brown
|
|
2007-11-23
|
|
FooSun - 'Api_Response.asp' SQL Injection
|
2 |
WEB
|
flyh4t
|
|
2007-11-22
|
|
MySpace Scripts Poll Creator - 'index.php' HTML Injection
|
3 |
WEB
|
Doz
|
|
2007-11-21
|
|
E-vanced Solutions E-vents 5.0 - Multiple Input Validation Vulnerabilities
|
3 |
WEB
|
joseph.giron13
|
|
2007-11-21
|
|
GWExtranet - Multiple Directory Traversal Vulnerabilities
|
3 |
WEB
|
joseph.giron13
|
|
2007-11-21
|
|
VUNET Case Manager 3.4 - 'default.asp' SQL Injection
|
4 |
WEB
|
The-0utl4w
|
|
2007-11-21
|
|
VUNET Mass Mailer - 'default.asp' SQL Injection
|
3 |
WEB
|
Aria-Security Team
|
|
2007-11-21
|
|
Underground CMS 1.x - 'Search.Cache.Inc.php' Backdoor Access
|
2 |
WEB
|
D4m14n
|
|
2014-01-07
|
|
Cubic CMS - Multiple Vulnerabilities
|
3 |
WEB
|
Eugenio Delfa
|
|
2014-01-07
|
|
Middle School Homework Page 1.3 Beta 1 - Multiple Vulnerabilities
|
3 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2007-11-19
|
|
Click&BaneX - 'Details.asp' SQL Injection
|
3 |
WEB
|
Aria-Security Team
|
|
2007-11-19
|
|
Citrix Netscaler 8.0 build 47.8 - Generic_API_Call.pl Cross-Site Scripting
|
3 |
WEB
|
nnposter
|
|
2007-11-17
|
|
JiRo's Banner System 2.0 - 'login.asp' Multiple SQL Injections
|
3 |
WEB
|
Aria-Security Team
|
|
2007-11-16
|
|
Liferay Portal 4.1 Login Script - Cross-Site Scripting
|
3 |
WEB
|
Adrian Pastor
|
|
2007-11-14
|
|
AIDA Web - Frame.HTML Multiple Unauthorized Access Vulnerabilities
|
3 |
WEB
|
MC Iglo
|
|
2007-11-14
|
|
CONTENTCustomizer 3.1 - 'Dialog.php' Unauthorized Access
|
3 |
WEB
|
d3hydr8
|
|
2007-11-13
|
|
WordPress Plugin WP-SlimStat 0.9.2 - Cross-Site Scripting
|
3 |
WEB
|
Fracesco Vaj
|
|
2007-11-13
|
|
VTLS Web Gateway 48.1 - 'Searchtype' Cross-Site Scripting
|
3 |
WEB
|
Jesus Olmos Gonzalez
|
|
2007-11-12
|
|
X7 Chat 2.0.4 - 'upgradev1.php' Cross-Site Scripting
|
3 |
WEB
|
ShAy6oOoN
|
|
2007-11-12
|
|
X7 Chat 2.0.4 - 'frame.php' Cross-Site Scripting
|
3 |
WEB
|
ShAy6oOoN
|
|
2007-08-27
|
|
AutoIndex PHP Script 2.2.2 - 'PHP_SELF index.php' Cross-Site Scripting
|
3 |
WEB
|
L4teral
|
|
2007-11-12
|
|
Miro Broadcast Machine 0.9.9 - 'login.php' Cross-Site Scripting
|
3 |
WEB
|
Hanno Boeck
|
|
2007-11-12
|
|
PHP-Nuke Advertising Module 0.9 - 'modules.php' SQL Injection
|
4 |
WEB
|
0x90
|
|
2007-11-09
|
|
XOOPS 2.0.17.1 Mylinks Module - 'Brokenlink.php' SQL Injection
|
3 |
WEB
|
root@hanicker.it
|
|
2007-11-08
|
|
Rapid Classified - 'AgencyCatResult.asp' SQL Injection
|
3 |
WEB
|
The-0utl4w
|
|
2007-11-07
|
|
Computer Associates SiteMinder - Web Agent Smpwservices.FCC Cross-Site Scripting
|
3 |
WEB
|
Giuseppe Gottardi
|
|
2007-11-06
|
|
Weblord.it MS-TopSites - Unauthorized Access / HTML Injection
|
3 |
WEB
|
0x90
|
|
2007-11-05
|
|
i-Gallery 3.4 - 'igallery.asp' Remote Information Disclosure
|
3 |
WEB
|
hackerbinhphuoc
|
|
2007-11-05
|
|
easyGB 2.1.1 - 'index.php' Local File Inclusion
|
3 |
WEB
|
h4ck3r
|
|
2007-11-05
|
|
JLMForo System - 'Buscado.php' Cross-Site Scripting
|
3 |
WEB
|
Jose Luis Gongora Fernandez
|
|
2007-11-05
|
|
E-Vendejo 0.2 - 'Articles.php' SQL Injection
|
3 |
WEB
|
r00t
|
|
2007-11-05
|
|
Galmeta Post 0.2 - 'Upload_Config.php' Remote File Inclusion
|
3 |
WEB
|
arfis project
|
|
2007-11-03
|
|
PHP Helpdesk 0.6.16 - 'index.php' Local File Inclusion
|
3 |
WEB
|
joseph.giron13
|
|
2007-11-02
|
|
Helios Calendar 1.1/1.2 - 'admin/index.php' Cross-Site Scripting
|
3 |
WEB
|
Ivan Sanchez
|
|
2007-10-17
|
|
phpMyAdmin 2.11.1 - 'Server_Status.php' Cross-Site Scripting
|
1 |
WEB
|
Omer Singer
|
|
2007-11-01
|
|
CONTENTCustomizer 3.1 - 'Dialog.php' Information Disclosure
|
3 |
WEB
|
d3hydr8
|
|
2007-11-01
|
|
Synergiser 1.2 - 'index.php' Local File Inclusion
|
3 |
WEB
|
KiNgOfThEwOrLd
|
|
2014-01-06
|
|
Seagate BlackArmor NAS sg2000-2000.1331 - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Jeroen - IT Nerdbox
|
|
2014-01-06
|
|
Seagate BlackArmor NAS sg2000-2000.1331 - Cross-Site Request Forgery
|
3 |
WEB
|
Jeroen - IT Nerdbox
|
|
2014-01-06
|
|
Seagate BlackArmor NAS sg2000-2000.1331 - Remote Command Execution
|
3 |
WEB
|
Jeroen - IT Nerdbox
|
|
2014-01-06
|
|
Seagate BlackArmor NAS - Privilege Escalation
|
3 |
WEB
|
Jeroen - IT Nerdbox
|
|
2007-10-29
|
|
Saxon 5.4 - 'Example.php' SQL Injection
|
3 |
WEB
|
netVigilance
|
|
2007-10-29
|
|
Saxon 5.4 - 'Menu.php' Cross-Site Scripting
|
3 |
WEB
|
netVigilance
|
|
2007-10-29
|
|
Omnistar Live - 'KB.php' Cross-Site Scripting
|
3 |
WEB
|
Doz
|
|
2007-10-29
|
|
Smart-Shop - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Doz
|
|
2007-10-29
|
|
WordPress Core 2.3 - 'Edit-Post-Rows.php' Cross-Site Scripting
|
3 |
WEB
|
waraxe
|
|
2007-10-25
|
|
Multi-Forums - 'Directory.php' Multiple SQL Injections
|
3 |
WEB
|
KiNgOfThEwOrLd
|
|
2007-10-25
|
|
Aleris Web Publishing Server 3.0 - 'Page.asp' SQL Injection
|
3 |
WEB
|
joseph.giron13
|
|
2007-10-24
|
|
PHPbasic basicFramework 1.0 - 'Includes.php' Remote File Inclusion
|
3 |
WEB
|
Alucar
|
|
2007-10-24
|
|
CodeWidgets Web Based Alpha Tabbed Address Book - 'index.asp' SQL Injection
|
2 |
WEB
|
Aria-Security Team
|
|
2007-10-23
|
|
Korean GHBoard - 'Component/upload.jsp' Arbitrary File Upload
|
3 |
WEB
|
Xcross87
|
|
2007-10-23
|
|
Korean GHBoard FlashUpload Component - 'download.jsp?name' Arbitrary File Access
|
3 |
WEB
|
Xcross87
|
|
2007-10-23
|
|
Japanese PHP Gallery Hosting - Arbitrary File Upload
|
3 |
WEB
|
Pete Houston
|
|
2007-10-22
|
|
Jeebles Technology Jeebles Directory 2.9.60 - 'download.php' Local File Inclusion
|
2 |
WEB
|
hack2prison
|
|
2007-10-22
|
|
deeemm CMS (dmcms) 0.7 - 'index.php' SQL Injection
|
2 |
WEB
|
Aria-Security Team
|
