|
2013-12-18
|
|
Jenkins 1.523 - Persistent HTML Code
|
2 |
WEB
|
Christian Catalano
|
|
2007-07-27
|
|
Bandersnatch 0.4 - Multiple Input Validation Vulnerabilities
|
2 |
WEB
|
Tim Brown
|
|
2007-07-26
|
|
WordPress Plugin WP-FeedStats 2.1 - HTML Injection
|
2 |
WEB
|
David Kierznowski
|
|
2007-07-26
|
|
Nukedit 4.9.x - 'login.asp' Cross-Site Scripting
|
2 |
WEB
|
d3hydr8
|
|
2013-12-17
|
|
InstantCMS 1.10.3 - Blind SQL Injection
|
2 |
WEB
|
High-Tech Bridge SA
|
|
2013-12-17
|
|
Ditto Forensic FieldStation 2013Oct15a - Multiple Vulnerabilities
|
3 |
WEB
|
Martin Wundram
|
|
2007-07-26
|
|
PHPHostBot 1.05 - 'Authorize.php' Remote File Inclusion
|
1 |
WEB
|
S4M3K
|
|
2007-07-26
|
|
BSM Store Dependent Forums 1.02 - 'Username' SQL Injection
|
2 |
WEB
|
Aria-Security Team
|
|
2007-07-25
|
|
iFoto 1.0 - 'index.php' Directory Traversal
|
2 |
WEB
|
Lostmon
|
|
2007-07-25
|
|
Vikingboard 0.1.2 - 'cp.php' Information Disclosure
|
2 |
WEB
|
Lostmon
|
|
2007-07-25
|
|
Vikingboard 0.1.2 - 'forum.php' Information Disclosure
|
2 |
WEB
|
Lostmon
|
|
2007-07-25
|
|
Vikingboard 0.1.2 - 'topic.php' Cross-Site Scripting
|
2 |
WEB
|
Lostmon
|
|
2007-07-25
|
|
Vikingboard 0.1.2 - 'post.php' Cross-Site Scripting
|
2 |
WEB
|
Lostmon
|
|
2007-07-25
|
|
Vikingboard 0.1.2 - 'user.php' Cross-Site Scripting
|
2 |
WEB
|
Lostmon
|
|
2007-07-25
|
|
Vikingboard 0.1.2 - 'cp.php' Cross-Site Scripting
|
2 |
WEB
|
Lostmon
|
|
2007-07-25
|
|
W1L3D4 philboard 0.3 - Cross-Site Scripting
|
2 |
WEB
|
GeFORC3
|
|
2007-07-24
|
|
cPanel 10.9.1 - 'Resname' Cross-Site Scripting
|
2 |
WEB
|
Aria-Security Team
|
|
2007-07-24
|
|
Webbler CMS 3.1.3 - Mail A Friend Open Email Relay
|
2 |
WEB
|
Adrian Pastor
|
|
2007-07-24
|
|
Webbler CMS 3.1.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Adrian Pastor
|
|
2013-12-17
|
|
FileMaster SY-IT 3.1 iOS - Multiple Web Vulnerabilities
|
2 |
WEB
|
Vulnerability-Lab
|
|
2007-07-23
|
|
Alstrasoft Affiliate Network Pro 8.0 - 'pgmid' SQL Injection
|
2 |
WEB
|
Lostmon
|
|
2007-07-23
|
|
Alstrasoft Affiliate Network Pro 8.0 - 'temp.php' Cross-Site Scripting
|
2 |
WEB
|
Lostmon
|
|
2007-07-23
|
|
Alstrasoft Affiliate Network Pro 8.0 - 'index.php' Cross-Site Scripting
|
1 |
WEB
|
Lostmon
|
|
2007-07-23
|
|
Alstrasoft Sms Text Messaging Enterprise 2.0 - '/admin/edituser.php?userid' Cross-Site Scripting
|
2 |
WEB
|
Lostmon
|
|
2007-07-23
|
|
Alstrasoft Sms Text Messaging Enterprise 2.0 - '/admin/membersearch.php' Multiple Cross-Site Scripti
|
2 |
WEB
|
Lostmon
|
|
2007-07-23
|
|
Alstrasoft Video Share Enterprise 4.x - Multiple Input Validation Vulnerabilities
|
2 |
WEB
|
Lostmon
|
|
2013-12-16
|
|
Penny Auction 5 - SQL Injection
|
2 |
WEB
|
3spi0n
|
|
2013-12-16
|
|
Lowest Unique Bid Auction - SQL Injection
|
2 |
WEB
|
3spi0n
|
|
2013-12-16
|
|
Cisco EPC3925 - Cross-Site Request Forgery
|
2 |
WEB
|
Jeroen - IT Nerdbox
|
|
2013-12-16
|
|
Beetel TC1-450 Airtel Wireless Router - Multiple Cross-Site Request Forgery Vulnerabilities
|
2 |
WEB
|
Samandeep Singh
|
|
2013-12-16
|
|
UPC Ireland Cisco EPC 2425 Router / Horizon Box - WPA-PSK Handshake Information
|
2 |
WEB
|
Matt O'Connor
|
|
2013-12-16
|
|
iScripts MultiCart 2.4 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Cross-Site S
|
2 |
WEB
|
Saadi Siddiqui
|
|
2013-12-16
|
|
Wallpaper Script 3.5.0082 - Persistent Cross-Site Scripting
|
2 |
WEB
|
null pointer
|
|
2007-07-23
|
|
PHMe 0.0.2 - 'Function_List.php' Local File Inclusion
|
1 |
WEB
|
You_You
|
|
2007-07-23
|
|
Image Racer - 'searchresults.asp' SQL Injection
|
1 |
WEB
|
Aria-Security Team
|
|
2007-07-23
|
|
ASP cvmatik 1.1 - Multiple HTML Injection Vulnerabilities
|
1 |
WEB
|
GeFORC3
|
|
2007-07-23
|
|
Alisveris Sitesi Scripti - 'index.asp' Cross-Site Scripting
|
0 |
WEB
|
GeFORC3
|
|
2013-12-16
|
|
Gitlab 6.0 - Persistent Cross-Site Scripting
|
1 |
WEB
|
hellok
|
|
2007-07-23
|
|
Alisveris Sitesi Scripti - 'index.asp' SQL Injection
|
1 |
WEB
|
GeFORC3
|
|
2007-07-23
|
|
Dora Emlak 1.0 Script - Multiple Input Validation Vulnerabilities
|
1 |
WEB
|
GeFORC3
|
|
2007-07-20
|
|
UseBB 1.0.7 - '/install/upgrade-0-3.php?PHP_SELF' Cross-Site Scripting
|
1 |
WEB
|
s4mi
|
|
2007-07-20
|
|
UseBB 1.0.7 - '/install/upgrade-0-2-3.php?PHP_SELF' Cross-Site Scripting
|
1 |
WEB
|
s4mi
|
|
2007-07-19
|
|
GeoBlog MOD_1.0 - 'deleteblog.php?id' Arbitrary Blog Deletion
|
1 |
WEB
|
joseph.giron13
|
|
2007-07-19
|
|
GeoBlog MOD_1.0 - 'deletecomment.php?id' Arbitrary Comment Deletion
|
1 |
WEB
|
joseph.giron13
|
|
2007-07-17
|
|
Insanely Simple Blog 0.4/0.5 - Cross-Site Scripting
|
1 |
WEB
|
joseph.giron13
|
|
2007-07-17
|
|
Insanely Simple Blog 0.4/0.5 - 'index.php' SQL Injection
|
1 |
WEB
|
joseph.giron13
|
|
2007-07-17
|
|
husrevforum 1.0.1/2.0.1 - 'Philboard_forum.asp' SQL Injection
|
1 |
WEB
|
GeFORC3
|
|
2007-07-16
|
|
TBDev.NET DR - 'TakeProfEdit.php' HTML Injection
|
1 |
WEB
|
PescaoDeth
|
|
2007-07-14
|
|
Citadel WebCit 7.02/7.10 - 'showuser?who' Cross-Site Scripting
|
1 |
WEB
|
Christopher Schwardt
|
|
2013-12-15
|
|
Phone Drive Eightythree 4.1.1 iOS - Multiple Vulnerabilities
|
1 |
WEB
|
Vulnerability-Lab
|
|
2013-12-15
|
|
Piwigo CMS 2.5.3 - Multiple Web Vulnerabilities
|
1 |
WEB
|
sajith
|
|
2007-07-13
|
|
Dating Gold 3.0.5 - 'secure.admin.php?int_path' Remote File Inclusion
|
1 |
WEB
|
mostafa_ragab
|
|
2007-07-13
|
|
Dating Gold 3.0.5 - 'footer.php?int_path' Remote File Inclusion
|
0 |
WEB
|
mostafa_ragab
|
|
2007-07-13
|
|
Dating Gold 3.0.5 - 'header.php?int_path' Remote File Inclusion
|
1 |
WEB
|
mostafa_ragab
|
|
2007-03-23
|
|
MzK Blog - 'Katgoster.asp' SQL Injection
|
0 |
WEB
|
GeFORC3
|
|
2007-07-13
|
|
ActiveWeb Contentserver CMS 5.6.2929 - Client-Side Filtering Bypass
|
1 |
WEB
|
RedTeam Pentesting
|
|
2007-07-13
|
|
contentserver 5.6.2929 - '/errors/transaction.asp?msg' Cross-Site Scripting
|
1 |
WEB
|
RedTeam Pentesting
|
|
2007-07-13
|
|
contentserver 5.6.2929 - '/errors/rights.asp?msg' Cross-Site Scripting
|
1 |
WEB
|
RedTeam Pentesting
|
|
2007-07-13
|
|
ActiveWeb Contentserver 5.6.2929 - 'Picture_Real_Edit.asp' SQL Injection
|
2 |
WEB
|
RedTeam Pentesting
|
|
2007-07-12
|
|
Inmostore 4.0 - 'index.php' SQL Injection
|
2 |
WEB
|
Keniobats
|
|
2007-07-12
|
|
Helma 1.5.3 - Search Script Cross-Site Scripting
|
2 |
WEB
|
Hanno Boeck
|
|
2007-07-11
|
|
IBM Proventia Sensor Appliance - Multiple Input Validation Vulnerabilities
|
2 |
WEB
|
Alex Hernandez
|
|
2007-07-11
|
|
EnViVo!CMS - 'default.asp?ID' SQL Injection
|
2 |
WEB
|
durito
|
|
2007-07-10
|
|
ImgSvr 0.6 - 'Template' Local File Inclusion
|
1 |
WEB
|
Tim Brown
|
|
2007-07-09
|
|
SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Remote Command Execution Vulnerabilities
|
1 |
WEB
|
Stefan Esser
|
|
2007-07-07
|
|
Levent Veysi Portal 1.0 - 'Oku.asp' SQL Injection
|
0 |
WEB
|
GeFORC3
|
|
2007-07-05
|
|
Maia Mailguard 1.0.2 - 'login.php' Multiple Local File Inclusions
|
1 |
WEB
|
Adriel T. Desautels
|
|
2007-07-04
|
|
OpManager 6/7 - '/admin/DeviceAssociation.do' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Lostmon
|
|
2007-07-04
|
|
OpManager 6/7 - 'admin/ServiceConfiguration.do?Operation' Cross-Site Scripting
|
1 |
WEB
|
Lostmon
|
|
2007-07-04
|
|
OpManager 6/7 - reports/ReportViewAction.do Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Lostmon
|
|
2007-07-04
|
|
OpManager 6/7 - 'traceRoute.do?name' Cross-Site Scripting
|
1 |
WEB
|
Lostmon
|
|
2007-07-04
|
|
OpManager 6/7 - 'ping.do?name' Cross-Site Scripting
|
1 |
WEB
|
Lostmon
|
|
2007-07-04
|
|
NetFlow Analyzer 5 - '/jspui/customReport.jsp?rtype' Cross-Site Scripting
|
1 |
WEB
|
Lostmon
|
|
2007-07-04
|
|
NetFlow Analyzer 5 - '/jspui/selectDevice.jsp?rtype' Cross-Site Scripting
|
2 |
WEB
|
Lostmon
|
|
2007-07-04
|
|
NetFlow Analyzer 5 - 'netflow/jspui/index.jsp?view' Cross-Site Scripting
|
1 |
WEB
|
Lostmon
|
|
2007-07-04
|
|
NetFlow Analyzer 5 - '/jspui/appConfig.jsp?task' Cross-Site Scripting
|
1 |
WEB
|
Lostmon
|
|
2007-07-04
|
|
NetFlow Analyzer 5 - '/jspui/applicationList.jsp?alpha' Cross-Site Scripting
|
1 |
WEB
|
Lostmon
|
|
2007-07-03
|
|
Oliver - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
A. R.
|
|
2007-07-02
|
|
Liesbeth Base CMS - Information Disclosure
|
2 |
WEB
|
durito
|
|
2007-07-02
|
|
Moodle 1.7.1 - 'index.php' Cross-Site Scripting
|
1 |
WEB
|
MustLive
|
|
2007-07-02
|
|
Yoggie Pico and Pico Pro Backticks - Remote Code Execution
|
1 |
WEB
|
Cody Brocious
|
|
2007-07-02
|
|
Claroline 1.8.3 - '$_SERVER['PHP_SELF']' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
munozferna
|
|
2007-06-27
|
|
ETicket 1.5.5 - 'Open.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Jesper Jurcenoks
|
|
2006-12-02
|
|
DUClassmate 1.x - 'ICity' SQL Injection
|
1 |
WEB
|
Aria-Security Team
|
|
2007-06-27
|
|
Papoo 1.0.3 - 'Plugin.php' Authentication Bypass
|
2 |
WEB
|
Nico Leidecker
|
|
2013-12-12
|
|
Pentagram Cerberus P 6363 DSL Router - Multiple Vulnerabilities
|
0 |
WEB
|
condis
|
|
2013-12-12
|
|
WHMCompleteSolution (WHMCS) 4.x/5.x - Multiple Web Vulnerabilities
|
0 |
WEB
|
AhwAk20o0 --
|
|
2013-12-12
|
|
Cythosia 2.x Botnet (C2 Web Panel) - SQL Injection
|
1 |
WEB
|
GalaxyAndroid
|
|
2013-12-12
|
|
KikChat - Local File Inclusion / Remote Code Execution
|
1 |
WEB
|
cr4wl3r
|
|
2007-06-25
|
|
Calendarix 0.7.20070307 - Multiple SQL Injections
|
2 |
WEB
|
Jesper Jurcenoks
|
|
2007-06-25
|
|
Calendarix 0.7.20070307 - Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Jesper Jurcenoks
|
|
2007-06-25
|
|
MyNews 0.10 - AuthACC SQL Injection
|
1 |
WEB
|
netVigilance
|
|
2007-06-22
|
|
Joomla! / Mambo Component Mod_Forum - 'PHPBB_Root.php' Remote File Inclusion
|
1 |
WEB
|
spymeta
|
|
2007-06-22
|
|
eNdonesia 8.4 - 'banners.php?click Action bid' SQL Injection
|
2 |
WEB
|
laurent gaffie
|
|
2007-06-22
|
|
eNdonesia 8.4 - 'mod.php?viewarticle Action artid' SQL Injection
|
1 |
WEB
|
laurent gaffie
|
|
2007-06-21
|
|
NetClassifieds 1.9.7 - Multiple Input Validation Vulnerabilities
|
1 |
WEB
|
laurent gaffie
|
|
2007-06-21
|
|
PHPAccounts 0.5 - 'index.php' Multiple SQL Injections
|
1 |
WEB
|
r0t
|
|
2007-06-21
|
|
PHPAccounts 0.5 - 'index.php' Local File Inclusion
|
2 |
WEB
|
r0t
|
|
2007-06-20
|
|
Wrapper.php for osCommerce - Local File Inclusion
|
1 |
WEB
|
Joe Bloomquist
|
|
2007-06-20
|
|
FuseTalk 4.0 - 'AuthError.cfm' Multiple Cross-Site Scripting Vulnerabilities
|
0 |
WEB
|
Ivan Almuina
|
|
2013-12-11
|
|
Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities
|
1 |
WEB
|
Vulnerability-Lab
|
|
2013-12-11
|
|
eFront 3.6.14 (build 18012) - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
sajith
|
|
2007-06-20
|
|
FuseTalk 4.0 - 'blog/include/common/comfinish.cfm?FTVAR_SCRIPTRUN' Cross-Site Scripting
|
1 |
WEB
|
Ivan Almuina
|
|
2007-06-20
|
|
FuseTalk 4.0 - 'forum/include/common/comfinish.cfm?FTVAR_SCRIPTRUN' Cross-Site Scripting
|
1 |
WEB
|
Ivan Almuina
|
|
2007-06-20
|
|
Comersus Cart 7.0.7 - 'comersus_message.asp' redirectUrl Cross-Site Scripting
|
2 |
WEB
|
Doz
|
|
2007-06-20
|
|
Comersus Cart 7.0.7 - 'comersus_customerAuthenticateForm.asp' redirectUrl Cross-Site Scripting
|
1 |
WEB
|
Doz
|
|
2007-06-20
|
|
Comersus Cart 7.0.7 - 'comersus_optReviewReadExec.asp?id' SQL Injection
|
1 |
WEB
|
Doz
|
|
2007-06-19
|
|
FuseTalk 2.0/3.0 - 'AuthError.cfm' SQL Injection
|
0 |
WEB
|
Ivan Almuina
|
|
2007-06-18
|
|
Fuzzylime 1.0 - 'Low.php' Cross-Site Scripting
|
1 |
WEB
|
RMx
|
|
2007-08-18
|
|
PHP Hosting Biller 1.0 - 'index.php' Cross-Site Scripting
|
1 |
WEB
|
Serapis.net
|
|
2007-06-18
|
|
WebIf - 'OutConfig' Local File Inclusion
|
1 |
WEB
|
maiosyet
|
|
2007-06-18
|
|
TDizin - 'Arama.asp' Cross-Site Scripting
|
1 |
WEB
|
GeFORC3
|
|
2007-06-18
|
|
WSPortal 1.0 - 'content.php' SQL Injection
|
1 |
WEB
|
Jesper Jurcenoks
|
|
2007-06-14
|
|
Apache MyFaces Tomahawk JSF Framework 1.1.5 - 'Autoscroll' Cross-Site Scripting
|
1 |
WEB
|
Rajat Swarup
|
|
2007-06-14
|
|
Joomla! Component Letterman Subscriber Module 1.2.4 - 'Mod_Lettermansubscribe.php' Cross-Site Script
|
1 |
WEB
|
Edi Strosar
|
|
2007-06-14
|
|
Apache Tomcat 6.0.13 - JSP Example Web Applications Cross-Site Scripting
|
1 |
WEB
|
anonymous
|
|
2013-12-10
|
|
PlaySms 0.9.9.2 - Cross-Site Request Forgery
|
1 |
WEB
|
Saadi Siddiqui
|
|
2007-06-11
|
|
bbPress 0.8.1 - 'BB-login.php' Cross-Site Scripting
|
1 |
WEB
|
Ory Segal
|
|
2007-06-11
|
|
JFFNms 0.8.3 - 'admin/setup.php' Direct Request Authentication Bypass
|
1 |
WEB
|
Tim Brown
|
|
2007-06-11
|
|
JFFNms 0.8.3 - 'admin/adm/test.php' PHP Information Disclosure
|
0 |
WEB
|
Tim Brown
|
|
2007-06-11
|
|
JFFNms 0.8.3 - 'auth.php?user' Cross-Site Scripting
|
1 |
WEB
|
Tim Brown
|
|
2007-06-11
|
|
JFFNms 0.8.3 - 'auth.php' Multiple SQL Injections
|
1 |
WEB
|
Tim Brown
|
|
2007-06-11
|
|
Beehive Forum 0.7.1 - 'links.php' Multiple Cross-Site Scripting Vulnerabilities
|
1 |
WEB
|
Ory Segal
|
|
2007-06-09
|
|
vBSupport 2.0.0 Integrated Ticket System - 'vBSupport.php' SQL Injection
|
0 |
WEB
|
rUnViRuS
|
|
2007-06-08
|
|
WordPress Core 2.2 - 'Request_URI' Cross-Site Scripting
|
1 |
WEB
|
zamolx3
|
