|
2013-12-12
|
|
WHMCompleteSolution (WHMCS) 4.x/5.x - Multiple Web Vulnerabilities
|
3 |
WEB
|
AhwAk20o0 --
|
|
2013-12-12
|
|
Cythosia 2.x Botnet (C2 Web Panel) - SQL Injection
|
3 |
WEB
|
GalaxyAndroid
|
|
2013-12-12
|
|
KikChat - Local File Inclusion / Remote Code Execution
|
3 |
WEB
|
cr4wl3r
|
|
2007-06-25
|
|
Calendarix 0.7.20070307 - Multiple SQL Injections
|
5 |
WEB
|
Jesper Jurcenoks
|
|
2007-06-25
|
|
Calendarix 0.7.20070307 - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Jesper Jurcenoks
|
|
2007-06-25
|
|
MyNews 0.10 - AuthACC SQL Injection
|
3 |
WEB
|
netVigilance
|
|
2007-06-22
|
|
Joomla! / Mambo Component Mod_Forum - 'PHPBB_Root.php' Remote File Inclusion
|
4 |
WEB
|
spymeta
|
|
2007-06-22
|
|
eNdonesia 8.4 - 'banners.php?click Action bid' SQL Injection
|
4 |
WEB
|
laurent gaffie
|
|
2007-06-22
|
|
eNdonesia 8.4 - 'mod.php?viewarticle Action artid' SQL Injection
|
3 |
WEB
|
laurent gaffie
|
|
2007-06-21
|
|
NetClassifieds 1.9.7 - Multiple Input Validation Vulnerabilities
|
3 |
WEB
|
laurent gaffie
|
|
2007-06-21
|
|
PHPAccounts 0.5 - 'index.php' Multiple SQL Injections
|
3 |
WEB
|
r0t
|
|
2007-06-21
|
|
PHPAccounts 0.5 - 'index.php' Local File Inclusion
|
3 |
WEB
|
r0t
|
|
2007-06-20
|
|
Wrapper.php for osCommerce - Local File Inclusion
|
3 |
WEB
|
Joe Bloomquist
|
|
2007-06-20
|
|
FuseTalk 4.0 - 'AuthError.cfm' Multiple Cross-Site Scripting Vulnerabilities
|
2 |
WEB
|
Ivan Almuina
|
|
2013-12-11
|
|
Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities
|
4 |
WEB
|
Vulnerability-Lab
|
|
2013-12-11
|
|
eFront 3.6.14 (build 18012) - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
sajith
|
|
2007-06-20
|
|
FuseTalk 4.0 - 'blog/include/common/comfinish.cfm?FTVAR_SCRIPTRUN' Cross-Site Scripting
|
4 |
WEB
|
Ivan Almuina
|
|
2007-06-20
|
|
FuseTalk 4.0 - 'forum/include/common/comfinish.cfm?FTVAR_SCRIPTRUN' Cross-Site Scripting
|
3 |
WEB
|
Ivan Almuina
|
|
2007-06-20
|
|
Comersus Cart 7.0.7 - 'comersus_message.asp' redirectUrl Cross-Site Scripting
|
5 |
WEB
|
Doz
|
|
2007-06-20
|
|
Comersus Cart 7.0.7 - 'comersus_customerAuthenticateForm.asp' redirectUrl Cross-Site Scripting
|
4 |
WEB
|
Doz
|
|
2007-06-20
|
|
Comersus Cart 7.0.7 - 'comersus_optReviewReadExec.asp?id' SQL Injection
|
4 |
WEB
|
Doz
|
|
2007-06-19
|
|
FuseTalk 2.0/3.0 - 'AuthError.cfm' SQL Injection
|
4 |
WEB
|
Ivan Almuina
|
|
2007-06-18
|
|
Fuzzylime 1.0 - 'Low.php' Cross-Site Scripting
|
3 |
WEB
|
RMx
|
|
2007-08-18
|
|
PHP Hosting Biller 1.0 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
Serapis.net
|
|
2007-06-18
|
|
WebIf - 'OutConfig' Local File Inclusion
|
3 |
WEB
|
maiosyet
|
|
2007-06-18
|
|
TDizin - 'Arama.asp' Cross-Site Scripting
|
4 |
WEB
|
GeFORC3
|
|
2007-06-18
|
|
WSPortal 1.0 - 'content.php' SQL Injection
|
4 |
WEB
|
Jesper Jurcenoks
|
|
2007-06-14
|
|
Apache MyFaces Tomahawk JSF Framework 1.1.5 - 'Autoscroll' Cross-Site Scripting
|
3 |
WEB
|
Rajat Swarup
|
|
2007-06-14
|
|
Joomla! Component Letterman Subscriber Module 1.2.4 - 'Mod_Lettermansubscribe.php' Cross-Site Script
|
4 |
WEB
|
Edi Strosar
|
|
2007-06-14
|
|
Apache Tomcat 6.0.13 - JSP Example Web Applications Cross-Site Scripting
|
4 |
WEB
|
anonymous
|
|
2013-12-10
|
|
PlaySms 0.9.9.2 - Cross-Site Request Forgery
|
3 |
WEB
|
Saadi Siddiqui
|
|
2007-06-11
|
|
bbPress 0.8.1 - 'BB-login.php' Cross-Site Scripting
|
4 |
WEB
|
Ory Segal
|
|
2007-06-11
|
|
JFFNms 0.8.3 - 'admin/setup.php' Direct Request Authentication Bypass
|
3 |
WEB
|
Tim Brown
|
|
2007-06-11
|
|
JFFNms 0.8.3 - 'admin/adm/test.php' PHP Information Disclosure
|
2 |
WEB
|
Tim Brown
|
|
2007-06-11
|
|
JFFNms 0.8.3 - 'auth.php?user' Cross-Site Scripting
|
3 |
WEB
|
Tim Brown
|
|
2007-06-11
|
|
JFFNms 0.8.3 - 'auth.php' Multiple SQL Injections
|
2 |
WEB
|
Tim Brown
|
|
2007-06-11
|
|
Beehive Forum 0.7.1 - 'links.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Ory Segal
|
|
2007-06-09
|
|
vBSupport 2.0.0 Integrated Ticket System - 'vBSupport.php' SQL Injection
|
4 |
WEB
|
rUnViRuS
|
|
2007-06-08
|
|
WordPress Core 2.2 - 'Request_URI' Cross-Site Scripting
|
4 |
WEB
|
zamolx3
|
|
2007-06-08
|
|
Ibrahim Ã?AKICI - 'Okul Portal Haber_Oku.asp' SQL Injection
|
4 |
WEB
|
ertuqrul
|
|
2007-06-07
|
|
WMSCMS 2.0 - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Glafkos Charalambous
|
|
2007-06-07
|
|
Atom Photoblog 1.0.1/1.0.9 - 'AtomPhotoblog.php' Multiple Input Validation Vulnerabilities
|
4 |
WEB
|
Serapis.net
|
|
2007-06-06
|
|
ASP Folder Gallery - 'Download_Script.asp' Arbitrary File Download
|
4 |
WEB
|
freeprotect.net
|
|
2007-06-06
|
|
Joomla! Component JD-Wiki 1.0.2 - 'wantedpages.php?MosConfig_absolute_path' Remote File Inclusion
|
4 |
WEB
|
DarkbiteX
|
|
2007-06-06
|
|
Joomla! Component JD-Wiki 1.0.2 - 'dwpage.php?MosConfig_absolute_path' Remote File Inclusion
|
4 |
WEB
|
DarkbiteX
|
|
2013-12-09
|
|
CGILua 3.0 - SQL Injection
|
3 |
WEB
|
aceeeeeeeer .
|
|
2007-06-04
|
|
My Databook - 'diary.php?year' Cross-Site Scripting
|
3 |
WEB
|
Serapis.net
|
|
2007-06-04
|
|
My Databook - 'diary.php?delete' SQL Injection
|
3 |
WEB
|
Serapis.net
|
|
2013-12-08
|
|
Print n Share 5.5 iOS - Multiple Web Vulnerabilities
|
3 |
WEB
|
Vulnerability-Lab
|
|
2013-12-08
|
|
Feetan Inc WireShare 1.9.1 iOS - Persistent
|
5 |
WEB
|
Vulnerability-Lab
|
|
2007-06-04
|
|
WebStudio CMS - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
Glafkos Charalambous
|
|
2007-06-04
|
|
Hunkaray Okul Portaly 1.1 - 'Haberoku.asp' SQL Injection
|
4 |
WEB
|
ertuqrul
|
|
2007-06-04
|
|
Okyanusmedya - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
vagrant
|
|
2007-06-02
|
|
Linker 2.0.4 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
vagrant
|
|
2007-06-01
|
|
PHPLive! 3.2.2 - '/setup/footer.php' Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
ReZEN
|
|
2007-06-01
|
|
PHPLive! 3.2.2 - '/super/info.php?BASE_URL' Cross-Site Scripting
|
3 |
WEB
|
ReZEN
|
|
2007-06-01
|
|
PHPLive! 3.2.2 - '/admin/header.php?admin[name]' Cross-Site Scripting
|
4 |
WEB
|
ReZEN
|
|
2007-06-01
|
|
PHPLive! 3.2.2 - 'help.php' Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
ReZEN
|
|
2007-06-01
|
|
PHPLive! 3.2.2 - 'chat.php?sid' Cross-Site Scripting
|
3 |
WEB
|
ReZEN
|
|
2007-06-01
|
|
Evenzia Content Management Systems (CMS) - Cross-Site Scripting
|
4 |
WEB
|
Glafkos Charalambous
|
|
2007-06-01
|
|
Buttercup WFM - 'Title' Cross-Site Scripting
|
4 |
WEB
|
John Martinelli
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - 'common.inc.php?path_inc' Remote File Inclusion
|
4 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - 'index.php?path_inc' Remote File Inclusion
|
4 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - '/plugins/PHPgacl/index.php?path_inc' Remote File Inclusion
|
3 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - 'param.inc.php?path_inc' Remote File Inclusion
|
2 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - '/menu/menuprincipal.php?path_inc' Remote File Inclusion
|
3 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - '/ident/ident.inc.php?path_inc' Remote File Inclusion
|
4 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - '/ident/index.php?path_inc' Remote File Inclusion
|
4 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - '/ident/loginmodif.php?path_inc' Remote File Inclusion
|
4 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - '/ident/loginliste.php?path_inc' Remote File Inclusion
|
4 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - '/ident/disconnect.php?path_inc' Remote File Inclusion
|
3 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - '/ident/identification.php?path_inc' Remote File Inclusion
|
2 |
WEB
|
pito pito
|
|
2007-06-01
|
|
Prototype of an PHP Application 0.1 - '/gestion/index.php?path_inc' Remote File Inclusion
|
3 |
WEB
|
pito pito
|
|
2007-05-31
|
|
PHP JackKnife 2.21 - '(PHPJK) G_Display.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
laurent gaffie
|
|
2007-05-31
|
|
PHP JackKnife 2.21 - '/(PHPJK) UserArea/NewAccounts/index.php?sAccountUnq' Cross-Site Scripting
|
4 |
WEB
|
laurent gaffie
|
|
2007-05-31
|
|
PHP JackKnife 2.21 - '/(PHPJK) UserArea/Authenticate.php?sUName' Cross-Site Scripting
|
3 |
WEB
|
laurent gaffie
|
|
2007-05-31
|
|
PHP JackKnife 2.21 - '/(PHPJK) Search/DisplayResults.php?iSearchID' SQL Injection
|
3 |
WEB
|
laurent gaffie
|
|
2007-05-31
|
|
PHP JackKnife 2.21 - '(PHPJK) G_Display.php?iCategoryUnq' SQL Injection
|
4 |
WEB
|
laurent gaffie
|
|
2007-05-31
|
|
MyBloggie 2.1.x - 'index.php' Multiple SQL Injections
|
4 |
WEB
|
ls@calima.serapis.net
|
|
2007-05-30
|
|
Particle Gallery 1.0 - 'search.php' Cross-Site Scripting
|
4 |
WEB
|
Serapis.net
|
|
2013-12-08
|
|
Ovidentia 7.9.6 - Multiple Vulnerabilities
|
3 |
WEB
|
sajith
|
|
2013-12-08
|
|
WordPress Plugin Download Manager Free & Pro 2.5.8 - Persistent Cross-Site Scripting
|
4 |
WEB
|
Jeroen - IT Nerdbox
|
|
2007-03-16
|
|
Particle Blogger 1.2.1 - 'Archives.php' SQL Injection
|
4 |
WEB
|
Serapis.net
|
|
2007-05-30
|
|
Pheap 2.0 - 'config.php' Pheap_Login Authentication Bypass
|
3 |
WEB
|
Silentz
|
|
2007-05-29
|
|
CPCommerce 1.1 - 'manufacturer.php' SQL Injection
|
3 |
WEB
|
laurent gaffie
|
|
2007-05-28
|
|
DGNews 2.1 - 'NewsID' SQL Injection
|
4 |
WEB
|
laurent gaffie
|
|
2007-05-29
|
|
UebiMiau 2.7.10 - '/demo/pop3/error.php' Multiple Full Path Disclosures
|
3 |
WEB
|
Michal Majchrowicz
|
|
2007-05-29
|
|
UebiMiau 2.7.10 - '/demo/pop3/error.php?selected_theme' Cross-Site Scripting
|
3 |
WEB
|
Michal Majchrowicz
|
|
2007-05-28
|
|
DGNews 1.5.1/2.1 - 'news.php' SQL Injection
|
4 |
WEB
|
Jesper Jurcenoks
|
|
2007-05-28
|
|
DGNews 2.1 - 'footer.php' Cross-Site Scripting
|
3 |
WEB
|
Jesper Jurcenoks
|
|
2007-05-28
|
|
FlashChat F_CMS 4.7.9 - Multiple Remote File Inclusions
|
4 |
WEB
|
Hasadya Raed
|
|
2007-05-25
|
|
phpPgAdmin 4.1.1 - 'Redirect.php' Cross-Site Scripting
|
4 |
WEB
|
Michal Majchrowicz
|
|
2007-05-25
|
|
Pligg CMS 9.5 - Reset Forgotten Password Security Bypass
|
2 |
WEB
|
242th section
|
|
2007-05-25
|
|
Digirez 3.4 - Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
Linux_Drox
|
|
2007-05-25
|
|
BoastMachine 3.1 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
newbinaryfile
|
|
2013-12-06
|
|
Zimbra 2009-2013 - Local File Inclusion
|
3 |
WEB
|
rubina119
|
|
2013-12-06
|
|
WordPress Plugin page-flip-image-gallery - Arbitrary File Upload
|
3 |
WEB
|
Ashiyane Digital Security Team
|
|
2013-12-06
|
|
BoxBilling 3.6.11 - 'mod_notification' Persistent Cross-Site Scripting
|
3 |
WEB
|
LiquidWorm
|
|
2007-05-25
|
|
GNUTurk - 'Mods.php' Cross-Site Scripting
|
4 |
WEB
|
vagrant
|
|
2007-05-24
|
|
ASP-Nuke 2.0.7 - 'news.asp' Cross-Site Scripting
|
3 |
WEB
|
vagrant
|
|
2007-05-23
|
|
2z Project 0.9.5 - 'rating.php' Cross-Site Scripting
|
5 |
WEB
|
Janek Vind
|
|
2007-05-23
|
|
Cisco CallManager 4.1 - Search Form Cross-Site Scripting
|
3 |
WEB
|
Marc Ruef
|
|
2007-05-23
|
|
WYYS 1.0 - 'index.php' Cross-Site Scripting
|
3 |
WEB
|
vagrant
|
|
2007-05-23
|
|
phpPgAdmin 4.1.1 - 'SQLEDIT.php' Cross-Site Scripting
|
3 |
WEB
|
Michal Majchrowicz
|
|
2007-05-22
|
|
GMTT Music Distro 1.2 - 'ShowOwn.php' Cross-Site Scripting
|
4 |
WEB
|
CorryL
|
|
2007-05-22
|
|
ABC Excel Parser Pro 4.0 - 'Parser_Path' Remote File Inclusion
|
4 |
WEB
|
the_Edit0r
|
|
2007-05-22
|
|
ClonusWiki 0.5 - 'index.php' HTML Injection
|
3 |
WEB
|
John Martinelli
|
|
2007-05-22
|
|
Jetbox CMS 2.1 - Login Variable Cross-Site Scripting
|
3 |
WEB
|
Jesper Jurcenoks
|
|
2007-05-21
|
|
Jetbox CMS 2.1 - Multiple SQL Injections
|
4 |
WEB
|
Jesper Jurcenoks
|
|
2007-05-21
|
|
GaliX 2.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
3 |
WEB
|
John Martinelli
|
|
2007-05-19
|
|
HLstats 1.35 - 'hlstats.php' Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
John Martinelli
|
|
2013-12-06
|
|
WordPress Plugin DZS Video Gallery 3.1.3 - Remote File Disclosure / Local File Disclosure
|
4 |
WEB
|
aceeeeeeeer .
|
|
2013-12-06
|
|
D-Link DSR Router Series - Remote Command Execution
|
3 |
WEB
|
0_o
|
|
2013-12-06
|
|
Eaton Network Shutdown Module 3.21 - Remote PHP Code Injection
|
4 |
WEB
|
Filip Waeytens
|
|
2013-12-05
|
|
Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities
|
3 |
WEB
|
Vulnerability-Lab
|
|
2013-12-05
|
|
SonicWALL Gms 7.x - Filter Bypass / Persistent
|
3 |
WEB
|
Vulnerability-Lab
|
|
2007-05-19
|
|
ClientExec 3.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
r0t
|
|
2007-05-17
|
|
PsychoStats 2.3 - 'Server.php' Full Path Disclosure
|
4 |
WEB
|
kefka
|
|
2007-05-17
|
|
WordPress Theme Redoable 1.2 - 'header.php?s' Cross-Site Scripting
|
3 |
WEB
|
John Martinelli
|
|
2007-05-17
|
|
VP-ASP Shopping Cart 6.50 - 'ShopContent.asp' Cross-Site Scripting
|
4 |
WEB
|
John Martinelli
|
|
2007-05-16
|
|
vBulletin 3.6.6 - 'calendar.php' HTML Injection
|
4 |
WEB
|
laurent gaffie
|
|
2007-05-15
|
|
Jetbox CMS 2.1 - view/supplynews Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Mikhail Markin
|
|
2007-05-15
|
|
Jetbox CMS 2.1 - '/view/search/?path' Cross-Site Scripting
|
3 |
WEB
|
Mikhail Markin
|
|
2007-05-15
|
|
Jetbox CMS 2.1 Email - 'FormMail.php' Input Validation
|
4 |
WEB
|
Jesper Jurcenoks
|
|
2007-05-14
|
|
WordPress Plugin Akismet 2.1.3 - Cross-Site Scripting
|
3 |
WEB
|
David Kierznowski
|
