|
|
|
|
@ -284,7 +284,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
1489,platforms/multiple/dos/1489.pl,"Invision Power Board 2.1.4 - (Register Users) Denial of Service",2006-02-10,SkOd,multiple,dos,0
|
|
|
|
|
1496,platforms/hardware/dos/1496.c,"D-Link (Wireless Access Point) - (Fragmented UDP) Denial of Service",2006-02-14,"Aaron Portnoy",hardware,dos,0
|
|
|
|
|
1500,platforms/windows/dos/1500.cpp,"Microsoft Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (1)",2006-02-15,ATmaCA,windows,dos,0
|
|
|
|
|
1517,platforms/php/dos/1517.c,"PunBB 2.0.10 - (Register Multiple Users) Denial of Service",2006-02-20,K4P0,php,dos,0
|
|
|
|
|
1517,platforms/php/dos/1517.c,"PunBB 2.0.10 - (Register Multiple Users) Denial Of Service",2006-02-20,K4P0,php,dos,0
|
|
|
|
|
1531,platforms/windows/dos/1531.pl,"ArGoSoft FTP Server 1.4.3.5 - Remote Buffer Overflow (PoC)",2006-02-25,"Jerome Athias",windows,dos,0
|
|
|
|
|
1535,platforms/windows/dos/1535.c,"CrossFire 1.8.0 - (oldsocketmode) Remote Buffer Overflow (PoC)",2006-02-27,"Luigi Auriemma",windows,dos,0
|
|
|
|
|
1540,platforms/bsd/dos/1540.pl,"FreeBSD 6.0 - (nfsd) Remote Kernel Panic Denial of Service",2006-02-28,"Evgeny Legerov",bsd,dos,0
|
|
|
|
|
@ -692,7 +692,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
5067,platforms/windows/dos/5067.pl,"dBpowerAMP Audio Player Release 2 - '.m3u' Buffer Overflow (PoC)",2008-02-05,securfrog,windows,dos,0
|
|
|
|
|
5085,platforms/windows/dos/5085.txt,"jetAudio 7.0.5 - '.asx' Remote Stack Overflow (PoC)",2008-02-08,"laurent gaffié",windows,dos,0
|
|
|
|
|
5086,platforms/windows/dos/5086.html,"ImageStation - 'SonyISUpload.cab 1.0.0.38' ActiveX Buffer Overflow (PoC)",2008-02-08,Trancek,windows,dos,0
|
|
|
|
|
5110,platforms/windows/dos/5110.txt,"QuickTime 7.4.1 - QTPlugin.ocx Multiple Stack Overflow Vulnerabilities",2008-02-13,"laurent gaffié",windows,dos,0
|
|
|
|
|
5110,platforms/windows/dos/5110.txt,"QuickTime 7.4.1 - 'QTPlugin.ocx' Multiple Stack Overflow Vulnerabilities",2008-02-13,"laurent gaffié",windows,dos,0
|
|
|
|
|
5122,platforms/windows/dos/5122.pl,"Rosoft Media Player 4.1.8 - '.m3u' File Remote Buffer Overflow (PoC)",2008-02-14,securfrog,windows,dos,0
|
|
|
|
|
5142,platforms/windows/dos/5142.c,"DESlock+ <= 3.2.6 - 'DLMFENC.sys' Local Kernel Ring0 link list zero (PoC)",2008-02-18,mu-b,windows,dos,0
|
|
|
|
|
5151,platforms/ios/dos/5151.pl,"Apple iOS 4.0.3 - DPAP Server Denial of Service",2008-02-18,"David Wharton",ios,dos,0
|
|
|
|
|
@ -863,7 +863,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
7226,platforms/windows/dos/7226.html,"Google Chrome - MetaCharacter URI Obfuscation",2008-11-25,"Aditya K Sood",windows,dos,0
|
|
|
|
|
7249,platforms/windows/dos/7249.php,"i.Scribe SMTP Client 2.00b - (wscanf) Remote Format String (PoC)",2008-11-27,"Alfons Luja",windows,dos,0
|
|
|
|
|
7262,platforms/windows/dos/7262.pl,"Microsoft Office - Communicator (SIP) Remote Denial of Service",2008-11-28,"Praveen Darshanam",windows,dos,0
|
|
|
|
|
7296,platforms/windows/dos/7296.txt,"Apple iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC)",2008-11-30,"laurent gaffié",windows,dos,0
|
|
|
|
|
7296,platforms/windows/dos/7296.txt,"Apple iTunes 8.0.2.20/QuickTime 7.5.5 - '.mov' Multiple Off By Overflow (PoC)",2008-11-30,"laurent gaffié",windows,dos,0
|
|
|
|
|
7297,platforms/windows/dos/7297.py,"Cain & Abel 4.9.23 - '.rdp' Buffer Overflow (PoC)",2008-11-30,Encrypt3d.M!nd,windows,dos,0
|
|
|
|
|
7307,platforms/windows/dos/7307.txt,"Electronics Workbench - '.ewb' Local Stack Overflow (PoC)",2008-11-30,Zigma,windows,dos,0
|
|
|
|
|
7314,platforms/windows/dos/7314.txt,"Maxum Rumpus 6.0 - Multiple Remote Buffer Overflow Vulnerabilities",2008-12-01,"BLUE MOON",windows,dos,0
|
|
|
|
|
@ -3718,7 +3718,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
29535,platforms/osx/dos/29535.txt,"Telestream Flip4Mac - 'WMV' File Remote Memory Corruption",2007-01-27,kf,osx,dos,0
|
|
|
|
|
29536,platforms/windows/dos/29536.html,"Microsoft Internet Explorer 5.0.1 - Multiple ActiveX Controls Denial of Service Vulnerabilities",2007-01-29,"Alexander Sotirov",windows,dos,0
|
|
|
|
|
29540,platforms/solaris/dos/29540.c,"Sun Solaris 10 - ICMP Unspecified Remote Denial of Service",2007-01-30,kcope,solaris,dos,0
|
|
|
|
|
39839,platforms/osx/dos/39839.txt,"Apple QuickTime - MOV File Parsing Memory Corruption",2016-05-19,"Francis Provencher",osx,dos,0
|
|
|
|
|
39839,platforms/osx/dos/39839.txt,"Apple QuickTime - '.mov' Parsing Memory Corruption",2016-05-19,"Francis Provencher",osx,dos,0
|
|
|
|
|
29683,platforms/linux/dos/29683.txt,"Linux Kernel 2.6.x - Audit Subsystems Local Denial of Service",2007-02-27,"Steve Grubb",linux,dos,0
|
|
|
|
|
29545,platforms/windows/dos/29545.rb,"Hanso Converter 2.4.0 - 'ogg' Buffer Overflow (Denial of Service)",2013-11-12,"Necmettin COSKUN",windows,dos,0
|
|
|
|
|
29546,platforms/windows/dos/29546.rb,"Provj 5.1.5.8 - 'm3u' Buffer Overflow (PoC)",2013-11-12,"Necmettin COSKUN",windows,dos,0
|
|
|
|
|
@ -9197,10 +9197,10 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
3055,platforms/windows/remote/3055.html,"WinZip 10.0 - FileView ActiveX Controls Remote Overflow",2006-12-31,XiaoHui,windows,remote,0
|
|
|
|
|
3058,platforms/windows/remote/3058.html,"Rediff Bol Downloader - (ActiveX Control) Execute Local File Exploit",2006-12-31,"Gregory R. Panakkal",windows,remote,0
|
|
|
|
|
3063,platforms/windows/remote/3063.pl,"Formbankserver 1.9 - (Name) Directory Traversal",2007-01-01,Bl0od3r,windows,remote,0
|
|
|
|
|
3064,platforms/multiple/remote/3064.rb,"Apple QuickTime - (rtsp URL Handler) Stack Buffer Overflow",2007-01-01,MoAB,multiple,remote,0
|
|
|
|
|
3064,platforms/multiple/remote/3064.rb,"Apple QuickTime - 'rtsp URL Handler' Stack Buffer Overflow",2007-01-01,MoAB,multiple,remote,0
|
|
|
|
|
3067,platforms/windows/remote/3067.txt,"QK SMTP 3.01 - (RCPT TO) Remote Buffer Overflow (2)",2007-01-01,"Jacopo Cervini",windows,remote,25
|
|
|
|
|
3072,platforms/windows/remote/3072.py,"Apple QuickTime (Windows 2000) - (rtsp URL Handler) Buffer Overflow",2007-01-03,"Winny Thomas",windows,remote,0
|
|
|
|
|
3077,platforms/osx/remote/3077.rb,"Apple QuickTime 7.1.3 - (HREFTrack) Cross-Zone Scripting Exploit",2007-01-03,MoAB,osx,remote,0
|
|
|
|
|
3072,platforms/windows/remote/3072.py,"Apple QuickTime (Windows 2000) - 'rtsp URL Handler' Buffer Overflow",2007-01-03,"Winny Thomas",windows,remote,0
|
|
|
|
|
3077,platforms/osx/remote/3077.rb,"Apple QuickTime 7.1.3 - 'HREFTrack' Cross-Zone Scripting",2007-01-03,MoAB,osx,remote,0
|
|
|
|
|
3084,platforms/windows/remote/3084.txt,"Adobe Acrobat Reader Plugin 7.0.x - (acroreader) Cross-Site Scripting",2007-01-05,"Stefano Di Paola",windows,remote,0
|
|
|
|
|
3086,platforms/windows/remote/3086.py,"CA BrightStor ARCserve - 'tapeeng.exe' Remote Buffer Overflow",2007-01-05,"Winny Thomas",windows,remote,6502
|
|
|
|
|
3092,platforms/windows/remote/3092.pm,"NaviCOPA Web Server 2.01 - (GET) Remote Buffer Overflow (Metasploit)",2007-01-07,"Jacopo Cervini",windows,remote,80
|
|
|
|
|
@ -9537,11 +9537,11 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
5087,platforms/windows/remote/5087.html,"Microsoft DirectSpeechSynthesis Module - Remote Buffer Overflow",2008-02-09,rgod,windows,remote,0
|
|
|
|
|
5100,platforms/windows/remote/5100.html,"ImageStation - 'SonyISUpload.cab 1.0.0.38' ActiveX Buffer Overflow",2008-02-10,Elazar,windows,remote,0
|
|
|
|
|
5102,platforms/windows/remote/5102.html,"FaceBook PhotoUploader 5.0.14.0 - Remote Buffer Overflow",2008-02-12,"MC Group Ltd.",windows,remote,0
|
|
|
|
|
5106,platforms/windows/remote/5106.html,"Citrix Presentation Server Client - WFICA.OCX ActiveX Heap Buffer Overflow",2008-02-12,Elazar,windows,remote,0
|
|
|
|
|
5106,platforms/windows/remote/5106.html,"Citrix Presentation Server Client - 'WFICA.OCX' ActiveX Heap Buffer Overflow",2008-02-12,Elazar,windows,remote,0
|
|
|
|
|
5111,platforms/windows/remote/5111.html,"IBM Domino Web Access Upload Module - Overwrite (SEH)",2008-02-13,Elazar,windows,remote,0
|
|
|
|
|
5113,platforms/hardware/remote/5113.txt,"Philips VOIP841 - (Firmware 1.0.4.800) Multiple Vulnerabilities",2008-02-14,ikki,hardware,remote,0
|
|
|
|
|
5113,platforms/hardware/remote/5113.txt,"Philips VOIP841 'Firmware 1.0.4.800' - Multiple Vulnerabilities",2008-02-14,ikki,hardware,remote,0
|
|
|
|
|
5150,platforms/hardware/remote/5150.txt,"Thecus N5200Pro NAS Server Control Panel - Remote File Inclusion",2008-02-18,Crackers_Child,hardware,remote,0
|
|
|
|
|
5153,platforms/windows/remote/5153.asp,"Ourgame GLWorld 2.x - hgs_startNotify() ActiveX Buffer Overflow",2008-02-19,luoluo,windows,remote,0
|
|
|
|
|
5153,platforms/windows/remote/5153.asp,"Ourgame GLWorld 2.x - 'hgs_startNotify()' ActiveX Buffer Overflow",2008-02-19,luoluo,windows,remote,0
|
|
|
|
|
5188,platforms/windows/remote/5188.html,"Rising AntiVirus Online Scanner - Insecure Method Flaw Exploit",2008-02-25,"John Smith",windows,remote,0
|
|
|
|
|
5190,platforms/windows/remote/5190.html,"Move Networks Quantum Streaming Player Control - Buffer Overflow",2008-02-26,Elazar,windows,remote,0
|
|
|
|
|
5193,platforms/windows/remote/5193.html,"D-Link MPEG4 SHM Audio Control - 'VAPGDecoder.dll 1.7.0.5' Buffer Overflow",2008-02-26,rgod,windows,remote,0
|
|
|
|
|
@ -13521,7 +13521,6 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
29167,platforms/windows/remote/29167.rb,"Netgear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow",2006-11-22,"Laurent Butti",windows,remote,0
|
|
|
|
|
29171,platforms/windows/remote/29171.txt,"Business Objects Crystal Reports XI Professional - File Handling Buffer Overflow",2006-11-23,LSsec.com,windows,remote,0
|
|
|
|
|
29210,platforms/php/remote/29210.rb,"Open Flash Chart 2 - Arbitrary File Upload (Metasploit)",2013-10-26,Metasploit,php,remote,80
|
|
|
|
|
29230,platforms/windows/remote/29230.html,"Citrix Presentation Server Client 9.200 - WFICA.OCX ActiveX Component Heap Buffer Overflow",2006-12-06,"Andrew Christensen",windows,remote,0
|
|
|
|
|
29273,platforms/hardware/remote/29273.pl,"Watchguard Firewall XTM 11.7.4u1 - Remote Buffer Overflow",2013-10-29,st3n,hardware,remote,8080
|
|
|
|
|
29281,platforms/windows/remote/29281.txt,"Hilgraeve HyperAccess 8.4 - Multiple Remote Command Execution Vulnerabilities",2006-12-14,"Brett Moore",windows,remote,0
|
|
|
|
|
29290,platforms/php/remote/29290.c,"Apache + PHP < 5.3.12 / < 5.4.2 - cgi-bin Remote Code Execution",2013-10-29,kingcope,php,remote,80
|
|
|
|
|
@ -15747,7 +15746,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
30090,platforms/php/webapps/30090.txt,"phpPgAdmin 4.1.1 - Redirect.php Cross-Site Scripting",2007-05-25,"Michal Majchrowicz",php,webapps,0
|
|
|
|
|
923,platforms/cgi/webapps/923.pl,"The Includer CGI 1.0 - Remote Command Execution (3)",2005-04-08,K-C0d3r,cgi,webapps,0
|
|
|
|
|
925,platforms/asp/webapps/925.txt,"ACNews 1.0 - Admin Authentication Bypass (SQL Injection)",2005-04-09,LaMeR,asp,webapps,0
|
|
|
|
|
928,platforms/php/webapps/928.py,"PunBB 1.2.4 - (change_email) SQL Injection",2005-04-11,"Stefan Esser",php,webapps,0
|
|
|
|
|
928,platforms/php/webapps/928.py,"PunBB 1.2.4 - 'id' Parameter SQL Injection",2005-04-11,"Stefan Esser",php,webapps,0
|
|
|
|
|
939,platforms/php/webapps/939.pl,"S9Y Serendipity 0.8beta4 - exit.php SQL Injection",2005-04-13,kre0n,php,webapps,0
|
|
|
|
|
954,platforms/cgi/webapps/954.pl,"E-Cart 1.1 - (index.cgi) Remote Command Execution",2005-04-25,z,cgi,webapps,0
|
|
|
|
|
980,platforms/cgi/webapps/980.pl,"I-Mall Commerce - 'i-mall.cgi' Remote Command Execution",2005-05-04,"Jerome Athias",cgi,webapps,0
|
|
|
|
|
@ -16172,7 +16171,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
1922,platforms/php/webapps/1922.php,"Joomla! 1.0.9 - (Weblinks) Blind SQL Injection",2006-06-17,rgod,php,webapps,0
|
|
|
|
|
1923,platforms/php/webapps/1923.txt,"Ad Manager Pro 2.6 - 'ipath' Remote File Inclusion",2006-06-17,Basti,php,webapps,0
|
|
|
|
|
1925,platforms/php/webapps/1925.txt,"Indexu 5.0.1 - (admin_template_path) Remote File Inclusion",2006-06-18,CrAsh_oVeR_rIdE,php,webapps,0
|
|
|
|
|
1926,platforms/php/webapps/1926.txt,"PHP Live Helper 1.x - 'abs_path' Remote File Inclusion",2006-06-18,SnIpEr_SA,php,webapps,0
|
|
|
|
|
1926,platforms/php/webapps/1926.txt,"PHP Live Helper 1.x - 'abs_path' Parameter Remote File Inclusion",2006-06-18,SnIpEr_SA,php,webapps,0
|
|
|
|
|
1928,platforms/php/webapps/1928.txt,"IdeaBox 1.1 - (gorumDir) Remote File Inclusion",2006-06-19,Kacper,php,webapps,0
|
|
|
|
|
1929,platforms/php/webapps/1929.txt,"Micro CMS 0.3.5 - (microcms_path) Remote File Inclusion",2006-06-19,CeNGiZ-HaN,php,webapps,0
|
|
|
|
|
1930,platforms/asp/webapps/1930.txt,"WeBBoA Host Script 1.1 - SQL Injection",2006-06-19,EntriKa,asp,webapps,0
|
|
|
|
|
@ -16246,7 +16245,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
2049,platforms/php/webapps/2049.txt,"SiteDepth CMS 3.0.1 - (SD_DIR) Remote File Inclusion",2006-07-20,Aesthetico,php,webapps,0
|
|
|
|
|
2050,platforms/php/webapps/2050.php,"LoudBlog 0.5 - (id) SQL Injection / Admin Credentials Disclosure",2006-07-21,rgod,php,webapps,0
|
|
|
|
|
2058,platforms/php/webapps/2058.txt,"PHP Forge 3 Beta 2 - (cfg_racine) Remote File Inclusion",2006-07-22,"Virangar Security",php,webapps,0
|
|
|
|
|
2060,platforms/php/webapps/2060.txt,"PHP Live! 3.2.1 - (help.php) Remote File Inclusion",2006-07-23,magnific,php,webapps,0
|
|
|
|
|
2060,platforms/php/webapps/2060.txt,"PHP Live! 3.2.1 - 'help.php' Remote File Inclusion",2006-07-23,magnific,php,webapps,0
|
|
|
|
|
2062,platforms/php/webapps/2062.txt,"Mambo Component MoSpray 18RC1 - Remote File Inclusion",2006-07-23,"Kurdish Security",php,webapps,0
|
|
|
|
|
2063,platforms/php/webapps/2063.txt,"ArticlesOne 07232006 - (page) Remote File Inclusion",2006-07-23,CyberLord,php,webapps,0
|
|
|
|
|
2064,platforms/php/webapps/2064.txt,"Mambo Component Mam-Moodle alpha - Remote File Inclusion",2006-07-23,jank0,php,webapps,0
|
|
|
|
|
@ -16287,7 +16286,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
2117,platforms/php/webapps/2117.php,"SendCard 3.4.0 - Unauthorized Administrative Access",2006-08-03,rgod,php,webapps,0
|
|
|
|
|
2118,platforms/php/webapps/2118.php,"MyBloggie 2.1.4 - (trackback.php) Multiple SQL Injections",2006-08-07,rgod,php,webapps,0
|
|
|
|
|
2119,platforms/php/webapps/2119.txt,"PHP Simple Shop 2.0 - 'abs_path' Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0
|
|
|
|
|
2120,platforms/php/webapps/2120.txt,"PHP Live Helper 2.0 - 'abs_path' Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0
|
|
|
|
|
2120,platforms/php/webapps/2120.txt,"PHP Live Helper 2.0 - 'abs_path' Parameter Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0
|
|
|
|
|
2121,platforms/php/webapps/2121.txt,"Torbstoff News 4 - (pfad) Remote File Inclusion",2006-08-07,SHiKaA,php,webapps,0
|
|
|
|
|
2122,platforms/php/webapps/2122.txt,"ME Download System 1.3 - 'header.php' Remote File Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0
|
|
|
|
|
2123,platforms/php/webapps/2123.txt,"SQLiteWebAdmin 0.1 - (tpl.inc.php) Remote File Inclusion",2006-08-07,SirDarckCat,php,webapps,0
|
|
|
|
|
@ -17918,7 +17917,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
4603,platforms/php/webapps/4603.txt,"Quick and Dirty Blog (qdblog) 0.4 - (categories.php) Local File Inclusion",2007-11-03,GoLd_M,php,webapps,0
|
|
|
|
|
4604,platforms/php/webapps/4604.txt,"scWiki 1.0 Beta 2 - (common.php pathdot) Remote File Inclusion",2007-11-03,GoLd_M,php,webapps,0
|
|
|
|
|
4605,platforms/php/webapps/4605.txt,"Vortex Portal 1.0.42 - Remote File Inclusion",2007-11-04,ShAy6oOoN,php,webapps,0
|
|
|
|
|
4606,platforms/php/webapps/4606.txt,"nuBoard 0.5 - (index.php site) Remote File Inclusion",2007-11-04,GoLd_M,php,webapps,0
|
|
|
|
|
4606,platforms/php/webapps/4606.txt,"nuBoard 0.5 - 'site' Parameter Remote File Inclusion",2007-11-04,GoLd_M,php,webapps,0
|
|
|
|
|
4607,platforms/php/webapps/4607.txt,"SyndeoCMS 2.5.01 - (cmsdir) Remote File Inclusion",2007-11-04,mdx,php,webapps,0
|
|
|
|
|
4608,platforms/php/webapps/4608.php,"JBC Explorer 7.20 RC 1 - Remote Code Execution",2007-11-05,DarkFig,php,webapps,0
|
|
|
|
|
4609,platforms/asp/webapps/4609.txt,"ASP Message Board 2.2.1c - SQL Injection",2007-11-05,Q7x,asp,webapps,0
|
|
|
|
|
@ -18275,54 +18274,54 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
5097,platforms/php/webapps/5097.txt,"SAPID CMF Build 87 - 'last_module' Parameter Remote Code Execution",2008-02-10,GoLd_M,php,webapps,0
|
|
|
|
|
5098,platforms/php/webapps/5098.txt,"PacerCMS 0.6 - 'last_module' Parameter Remote Code Execution",2008-02-10,GoLd_M,php,webapps,0
|
|
|
|
|
5099,platforms/php/webapps/5099.php,"Mix Systems CMS - 'parent/id' Parameters SQL Injection",2008-02-10,halkfild,php,webapps,0
|
|
|
|
|
5101,platforms/php/webapps/5101.pl,"vKios 2.0.0 - (products.php cat) SQL Injection",2008-02-12,NTOS-Team,php,webapps,0
|
|
|
|
|
5101,platforms/php/webapps/5101.pl,"vKios 2.0.0 - 'cat' Parameter SQL Injection",2008-02-12,NTOS-Team,php,webapps,0
|
|
|
|
|
5103,platforms/php/webapps/5103.txt,"Joomla! Component rapidrecipe 1.6.5 - SQL Injection",2008-02-12,S@BUN,php,webapps,0
|
|
|
|
|
5104,platforms/php/webapps/5104.txt,"Joomla! Component pcchess 0.8 - SQL Injection",2008-02-12,S@BUN,php,webapps,0
|
|
|
|
|
5105,platforms/php/webapps/5105.pl,"AuraCMS 2.2 - 'albums' Pramater SQL Injection",2008-02-12,DNX,php,webapps,0
|
|
|
|
|
5108,platforms/php/webapps/5108.txt,"Affiliate Market 0.1 Beta - 'Language' Local File Inclusion",2008-02-13,GoLd_M,php,webapps,0
|
|
|
|
|
5109,platforms/php/webapps/5109.txt,"Joomla! Component xfaq 1.2 - (aid) SQL Injection",2008-02-13,S@BUN,php,webapps,0
|
|
|
|
|
5109,platforms/php/webapps/5109.txt,"Joomla! Component xfaq 1.2 - 'aid' Parameter SQL Injection",2008-02-13,S@BUN,php,webapps,0
|
|
|
|
|
5112,platforms/jsp/webapps/5112.txt,"jspwiki 2.4.104 / 2.5.139 - Multiple Vulnerabilities",2008-02-13,"BugSec LTD",jsp,webapps,0
|
|
|
|
|
5114,platforms/php/webapps/5114.pl,"Affiliate Market 0.1 Beta - Cross-Site Scripting / SQL Injection",2008-02-14,"Khashayar Fereidani",php,webapps,0
|
|
|
|
|
5115,platforms/php/webapps/5115.txt,"nuBoard 0.5 - (threads.php ssid) SQL Injection",2008-02-14,"Khashayar Fereidani",php,webapps,0
|
|
|
|
|
5115,platforms/php/webapps/5115.txt,"nuBoard 0.5 - 'ssid' Parameter SQL Injection",2008-02-14,"Khashayar Fereidani",php,webapps,0
|
|
|
|
|
5116,platforms/php/webapps/5116.txt,"artmedic weblog 1.0 - Multiple Local File Inclusion",2008-02-14,muuratsalo,php,webapps,0
|
|
|
|
|
5117,platforms/php/webapps/5117.txt,"Joomla! Component paxxgallery 0.2 - (iid) SQL Injection",2008-02-14,S@BUN,php,webapps,0
|
|
|
|
|
5118,platforms/php/webapps/5118.txt,"Joomla! Component MCQuiz 0.9 Final - (tid) SQL Injection",2008-02-14,S@BUN,php,webapps,0
|
|
|
|
|
5119,platforms/php/webapps/5119.txt,"Joomla! Component Quiz 0.81 - (tid) SQL Injection",2008-02-14,S@BUN,php,webapps,0
|
|
|
|
|
5120,platforms/php/webapps/5120.pl,"Joomla! Component mediaslide (albumnum) - Blind SQL Injection",2008-02-14,Inphex,php,webapps,0
|
|
|
|
|
5121,platforms/php/webapps/5121.txt,"LookStrike Lan Manager 0.9 - Remote File Inclusion / Local File Inclusion",2008-02-14,MhZ91,php,webapps,0
|
|
|
|
|
5117,platforms/php/webapps/5117.txt,"Joomla! Component paxxgallery 0.2 - 'iid' Parameter SQL Injection",2008-02-14,S@BUN,php,webapps,0
|
|
|
|
|
5118,platforms/php/webapps/5118.txt,"Joomla! Component MCQuiz 0.9 Final - 'tid' Parameter SQL Injection",2008-02-14,S@BUN,php,webapps,0
|
|
|
|
|
5119,platforms/php/webapps/5119.txt,"Joomla! Component Quiz 0.81 - 'tid' Parameter SQL Injection",2008-02-14,S@BUN,php,webapps,0
|
|
|
|
|
5120,platforms/php/webapps/5120.pl,"Joomla! Component mediaslide - 'albumnum' Blind SQL Injection",2008-02-14,Inphex,php,webapps,0
|
|
|
|
|
5121,platforms/php/webapps/5121.txt,"LookStrike Lan Manager 0.9 - Remote / Local File Inclusion",2008-02-14,MhZ91,php,webapps,0
|
|
|
|
|
5123,platforms/php/webapps/5123.txt,"Scribe 0.2 - 'index.php' Local File Inclusion",2008-02-14,muuratsalo,php,webapps,0
|
|
|
|
|
5124,platforms/php/webapps/5124.txt,"freePHPgallery 0.6 - Cookie Local File Inclusion",2008-02-14,MhZ91,php,webapps,0
|
|
|
|
|
5125,platforms/php/webapps/5125.txt,"PHP Live! 3.2.2 - (questid) SQL Injection (1)",2008-02-14,Xar,php,webapps,0
|
|
|
|
|
5125,platforms/php/webapps/5125.txt,"PHP Live! 3.2.2 - 'questid' Parameter SQL Injection (1)",2008-02-14,Xar,php,webapps,0
|
|
|
|
|
5126,platforms/php/webapps/5126.txt,"WordPress Plugin Simple Forum 2.0 < 2.1 - SQL Injection",2008-02-15,S@BUN,php,webapps,0
|
|
|
|
|
5127,platforms/php/webapps/5127.txt,"WordPress Plugin Simple Forum 1.10 < 1.11 - SQL Injection",2008-02-15,S@BUN,php,webapps,0
|
|
|
|
|
5128,platforms/php/webapps/5128.txt,"Mambo Component Quran 1.1 - (surano) SQL Injection",2008-02-15,Don,php,webapps,0
|
|
|
|
|
5128,platforms/php/webapps/5128.txt,"Mambo Component Quran 1.1 - 'surano' Parameter SQL Injection",2008-02-15,Don,php,webapps,0
|
|
|
|
|
5129,platforms/php/webapps/5129.txt,"TRUC 0.11.0 - 'download.php' Remote File Disclosure",2008-02-16,GoLd_M,php,webapps,0
|
|
|
|
|
5130,platforms/php/webapps/5130.txt,"AuraCMS 1.62 - Multiple SQL Injections",2008-02-16,NTOS-Team,php,webapps,0
|
|
|
|
|
5131,platforms/php/webapps/5131.pl,"Simple CMS 1.0.3 - (indexen.php area) SQL Injection",2008-02-16,JosS,php,webapps,0
|
|
|
|
|
5131,platforms/php/webapps/5131.pl,"Simple CMS 1.0.3 - 'area' Parameter SQL Injection",2008-02-16,JosS,php,webapps,0
|
|
|
|
|
5132,platforms/php/webapps/5132.txt,"Joomla! Component jooget 2.6.8 - SQL Injection",2008-02-16,S@BUN,php,webapps,0
|
|
|
|
|
5133,platforms/php/webapps/5133.txt,"Mambo Component Ricette 1.0 - SQL Injection",2008-02-16,S@BUN,php,webapps,0
|
|
|
|
|
5134,platforms/php/webapps/5134.txt,"Joomla! Component com_galeria - SQL Injection",2008-02-16,S@BUN,php,webapps,0
|
|
|
|
|
5135,platforms/php/webapps/5135.txt,"WordPress Plugin Photo album - SQL Injection",2008-02-16,S@BUN,php,webapps,0
|
|
|
|
|
5136,platforms/php/webapps/5136.txt,"PHPizabi 0.848b C1 HFP1 - Arbitrary File Upload",2008-02-17,ZoRLu,php,webapps,0
|
|
|
|
|
5137,platforms/php/webapps/5137.txt,"XPWeb 3.3.2 - (download.php url) Remote File Disclosure",2008-02-17,GoLd_M,php,webapps,0
|
|
|
|
|
5137,platforms/php/webapps/5137.txt,"XPWeb 3.3.2 - 'url' Parameter Remote File Disclosure",2008-02-17,GoLd_M,php,webapps,0
|
|
|
|
|
5138,platforms/php/webapps/5138.txt,"Joomla! Component astatsPRO 1.0 - refer.php SQL Injection",2008-02-18,ka0x,php,webapps,0
|
|
|
|
|
5139,platforms/php/webapps/5139.txt,"Mambo Component 'com_portfolio' 1.0 - 'categoryId' SQL Injection",2008-02-18,"it's my",php,webapps,0
|
|
|
|
|
5140,platforms/php/webapps/5140.txt,"LightBlog 9.6 - 'Username' Parameter Local File Inclusion",2008-02-18,muuratsalo,php,webapps,0
|
|
|
|
|
5145,platforms/php/webapps/5145.txt,"Joomla! Component com_pccookbook - (user_id) SQL Injection",2008-02-18,S@BUN,php,webapps,0
|
|
|
|
|
5146,platforms/php/webapps/5146.txt,"Joomla! Component com_clasifier - 'cat_id' SQL Injection",2008-02-18,S@BUN,php,webapps,0
|
|
|
|
|
5147,platforms/php/webapps/5147.txt,"PHP-Nuke Module books SQL - 'cid' SQL Injection",2008-02-18,S@BUN,php,webapps,0
|
|
|
|
|
5148,platforms/php/webapps/5148.txt,"XOOPS Module myTopics - 'articleId' SQL Injection",2008-02-18,S@BUN,php,webapps,0
|
|
|
|
|
5145,platforms/php/webapps/5145.txt,"Joomla! Component com_pccookbook - 'user_id' Parameter SQL Injection",2008-02-18,S@BUN,php,webapps,0
|
|
|
|
|
5146,platforms/php/webapps/5146.txt,"Joomla! Component com_clasifier - 'cat_id' Parameter SQL Injection",2008-02-18,S@BUN,php,webapps,0
|
|
|
|
|
5147,platforms/php/webapps/5147.txt,"PHP-Nuke Module books SQL - 'cid' Parameter SQL Injection",2008-02-18,S@BUN,php,webapps,0
|
|
|
|
|
5148,platforms/php/webapps/5148.txt,"XOOPS Module myTopics - 'articleId' Parameter SQL Injection",2008-02-18,S@BUN,php,webapps,0
|
|
|
|
|
5149,platforms/php/webapps/5149.txt,"sCssBoard - (pwnpack) Multiple Versions Remote Exploit",2008-02-18,Inphex,php,webapps,0
|
|
|
|
|
5154,platforms/php/webapps/5154.txt,"PHP-Nuke Module Sections - (artid) SQL Injection",2008-02-19,S@BUN,php,webapps,0
|
|
|
|
|
5155,platforms/php/webapps/5155.txt,"PHP-Nuke Module EasyContent - (page_id) SQL Injection",2008-02-19,"Mehmet Ince",php,webapps,0
|
|
|
|
|
5156,platforms/php/webapps/5156.txt,"RunCMS Module MyAnnonces - 'cid' SQL Injection",2008-02-19,S@BUN,php,webapps,0
|
|
|
|
|
5157,platforms/php/webapps/5157.txt,"XOOPS Module eEmpregos - 'cid' SQL Injection",2008-02-19,S@BUN,php,webapps,0
|
|
|
|
|
5158,platforms/php/webapps/5158.txt,"XOOPS Module Classifieds - 'cid' SQL Injection",2008-02-19,S@BUN,php,webapps,0
|
|
|
|
|
5159,platforms/php/webapps/5159.txt,"PHP-Nuke Modules Okul 1.0 - (okulid) SQL Injection",2008-02-20,"Mehmet Ince",php,webapps,0
|
|
|
|
|
5160,platforms/php/webapps/5160.txt,"Joomla! Component com_hwdvideoshare - SQL Injection",2008-02-20,S@BUN,php,webapps,0
|
|
|
|
|
5161,platforms/php/webapps/5161.txt,"PHP-Nuke Module Docum - (artid) SQL Injection",2008-02-20,DamaR,php,webapps,0
|
|
|
|
|
5162,platforms/php/webapps/5162.txt,"Globsy 1.0 - (file) Remote File Disclosure",2008-02-20,GoLd_M,php,webapps,0
|
|
|
|
|
5163,platforms/php/webapps/5163.txt,"PHP-Nuke Module Inhalt - 'cid' SQL Injection",2008-02-20,Crackers_Child,php,webapps,0
|
|
|
|
|
5154,platforms/php/webapps/5154.txt,"PHP-Nuke Module Sections - 'artid' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0
|
|
|
|
|
5155,platforms/php/webapps/5155.txt,"PHP-Nuke Module EasyContent - 'page_id' Parameter SQL Injection",2008-02-19,"Mehmet Ince",php,webapps,0
|
|
|
|
|
5156,platforms/php/webapps/5156.txt,"RunCMS Module MyAnnonces - 'cid' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0
|
|
|
|
|
5157,platforms/php/webapps/5157.txt,"XOOPS Module eEmpregos - 'cid' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0
|
|
|
|
|
5158,platforms/php/webapps/5158.txt,"XOOPS Module Classifieds - 'cid' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0
|
|
|
|
|
5159,platforms/php/webapps/5159.txt,"PHP-Nuke Modules Okul 1.0 - 'okulid' Parameter SQL Injection",2008-02-20,"Mehmet Ince",php,webapps,0
|
|
|
|
|
5160,platforms/php/webapps/5160.txt,"Joomla! Component Highwood Design hwdVideoShare - SQL Injection",2008-02-20,S@BUN,php,webapps,0
|
|
|
|
|
5161,platforms/php/webapps/5161.txt,"PHP-Nuke Module Docum - 'artid' Parameter SQL Injection",2008-02-20,DamaR,php,webapps,0
|
|
|
|
|
5162,platforms/php/webapps/5162.txt,"Globsy 1.0 - 'file' Parameter Remote File Disclosure",2008-02-20,GoLd_M,php,webapps,0
|
|
|
|
|
5163,platforms/php/webapps/5163.txt,"PHP-Nuke Module Inhalt - 'cid' Parameter SQL Injection",2008-02-20,Crackers_Child,php,webapps,0
|
|
|
|
|
5164,platforms/php/webapps/5164.php,"Woltlab Burning Board 3.0.x - Blind SQL Injection",2008-02-20,NBBN,php,webapps,0
|
|
|
|
|
5165,platforms/php/webapps/5165.php,"PunBB 1.2.16 - Blind Password Recovery Exploit",2008-02-21,EpiBite,php,webapps,0
|
|
|
|
|
5166,platforms/php/webapps/5166.htm,"MultiCart 2.0 - (productdetails.php) SQL Injection",2008-02-20,t0pP8uZz,php,webapps,0
|
|
|
|
|
@ -18582,7 +18581,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
5510,platforms/php/webapps/5510.txt,"Content Management System for Phprojekt 0.6.1 - File Disclosure",2008-04-27,Houssamix,php,webapps,0
|
|
|
|
|
5512,platforms/php/webapps/5512.pl,"Joomla! Component com_alphacontent - Blind SQL Injection",2008-04-27,cO2,php,webapps,0
|
|
|
|
|
5513,platforms/php/webapps/5513.pl,"ODFaq 2.1.0 - Blind SQL Injection",2008-04-27,cO2,php,webapps,0
|
|
|
|
|
5514,platforms/php/webapps/5514.pl,"Joomla! Component paxxgallery 0.2 - (gid) Blind SQL Injection",2008-04-27,ZAMUT,php,webapps,0
|
|
|
|
|
5514,platforms/php/webapps/5514.pl,"Joomla! Component paxxgallery 0.2 - 'gid' Parameter Blind SQL Injection",2008-04-27,ZAMUT,php,webapps,0
|
|
|
|
|
5516,platforms/php/webapps/5516.txt,"Prozilla Hosting Index - 'Directory.php cat_id' SQL Injection",2008-04-28,K-159,php,webapps,0
|
|
|
|
|
5517,platforms/php/webapps/5517.txt,"Softbiz Web Host Directory Script (host_id) - SQL Injection",2008-04-28,K-159,php,webapps,0
|
|
|
|
|
5520,platforms/php/webapps/5520.txt,"Joovili 3.1 - (browse.videos.php category) SQL Injection",2008-04-28,HaCkeR_EgY,php,webapps,0
|
|
|
|
|
@ -19747,7 +19746,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
7001,platforms/php/webapps/7001.txt,"DFLabs PTK 1.0 - Local Command Execution",2008-11-05,ikki,php,webapps,0
|
|
|
|
|
7002,platforms/php/webapps/7002.txt,"Joomla! Component Dada Mail Manager 2.6 - Remote File Inclusion",2008-11-05,NoGe,php,webapps,0
|
|
|
|
|
7003,platforms/php/webapps/7003.txt,"PHP Auto Listings - 'moreinfo.php pg' SQL Injection",2008-11-05,G4N0K,php,webapps,0
|
|
|
|
|
7004,platforms/php/webapps/7004.txt,"Pre Simple CMS - (Authentication Bypass) SQL Injection",2008-11-05,"Hussin X",php,webapps,0
|
|
|
|
|
7004,platforms/php/webapps/7004.txt,"Pre Simple CMS - SQL Injection (Authentication Bypass)",2008-11-05,"Hussin X",php,webapps,0
|
|
|
|
|
7005,platforms/php/webapps/7005.txt,"PHP JOBWEBSITE PRO - (Authentication Bypass) SQL Injection",2008-11-05,Cyber-Zone,php,webapps,0
|
|
|
|
|
7007,platforms/php/webapps/7007.txt,"Harlandscripts drinks - (recid) SQL Injection",2008-11-05,"Ex Tacy",php,webapps,0
|
|
|
|
|
7008,platforms/php/webapps/7008.txt,"Pre Real Estate Listings - (Authentication Bypass) SQL Injection",2008-11-05,Cyber-Zone,php,webapps,0
|
|
|
|
|
@ -20371,7 +20370,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
7819,platforms/php/webapps/7819.txt,"ESPG (Enhanced Simple PHP Gallery) 1.72 - File Disclosure",2009-01-18,bd0rk,php,webapps,0
|
|
|
|
|
7820,platforms/php/webapps/7820.pl,"Fhimage 1.2.1 - Remote Index Change Exploit",2009-01-19,Osirys,php,webapps,0
|
|
|
|
|
7821,platforms/php/webapps/7821.pl,"Fhimage 1.2.1 - Remote Command Execution (mq = off)",2009-01-19,Osirys,php,webapps,0
|
|
|
|
|
7824,platforms/php/webapps/7824.pl,"Joomla! Component com_pccookbook - (recipe_id) Blind SQL Injection",2009-01-19,InjEctOr5,php,webapps,0
|
|
|
|
|
7824,platforms/php/webapps/7824.pl,"Joomla! Component com_pccookbook - 'recipe_id' Parameter Blind SQL Injection",2009-01-19,InjEctOr5,php,webapps,0
|
|
|
|
|
7828,platforms/php/webapps/7828.txt,"Joomla! Component com_news - SQL Injection",2009-01-19,snakespc,php,webapps,0
|
|
|
|
|
7829,platforms/php/webapps/7829.txt,"Gallery Kys 1.0 - Admin Password Disclosure / Permanent Cross-Site Scripting",2009-01-19,Osirys,php,webapps,0
|
|
|
|
|
7830,platforms/php/webapps/7830.txt,"RCBlog 1.03 - Authentication Bypass",2009-01-19,"Danny Moules",php,webapps,0
|
|
|
|
|
@ -21178,7 +21177,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
9165,platforms/php/webapps/9165.pl,"webLeague 2.2.0 - (Authentication Bypass) SQL Injection",2009-07-16,ka0x,php,webapps,0
|
|
|
|
|
9166,platforms/php/webapps/9166.txt,"ZenPhoto Gallery 1.2.5 - Admin Password Reset (CRSF)",2009-07-16,petros,php,webapps,0
|
|
|
|
|
9171,platforms/php/webapps/9171.txt,"VS PANEL 7.5.5 - (results.php Cat_ID) SQL Injection",2009-07-16,C0D3R-Dz,php,webapps,0
|
|
|
|
|
9174,platforms/php/webapps/9174.txt,"PHP Live! 3.2.1/2 - '&x=' Blind SQL Injection",2009-07-16,boom3rang,php,webapps,0
|
|
|
|
|
9174,platforms/php/webapps/9174.txt,"PHP Live! 3.2.1/2 - 'x' Parameter Blind SQL Injection",2009-07-16,boom3rang,php,webapps,0
|
|
|
|
|
9176,platforms/php/webapps/9176.txt,"dB Masters MultiMedia's Content Manager 4.5 - SQL Injection",2009-07-16,NoGe,php,webapps,0
|
|
|
|
|
9179,platforms/php/webapps/9179.txt,"Super Simple Blog Script 2.5.4 - Local File Inclusion",2009-07-17,JIKO,php,webapps,0
|
|
|
|
|
9180,platforms/php/webapps/9180.txt,"Super Simple Blog Script 2.5.4 - (entry) SQL Injection",2009-07-17,JIKO,php,webapps,0
|
|
|
|
|
@ -21215,7 +21214,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
9250,platforms/php/webapps/9250.sh,"WordPress 2.8.1 - (url) Cross-Site Scripting",2009-07-24,superfreakaz0rz,php,webapps,0
|
|
|
|
|
9251,platforms/php/webapps/9251.txt,"Deonixscripts Templates Management 1.3 - SQL Injection",2009-07-24,d3b4g,php,webapps,0
|
|
|
|
|
9252,platforms/php/webapps/9252.txt,"Scripteen Free Image Hosting Script 2.3 - SQL Injection",2009-07-24,Coksnuss,php,webapps,0
|
|
|
|
|
9254,platforms/php/webapps/9254.txt,"PHP Live! 3.2.2 - (questid) SQL Injection (2)",2009-07-24,skys,php,webapps,0
|
|
|
|
|
9254,platforms/php/webapps/9254.txt,"PHP Live! 3.2.2 - 'questid' Parameter SQL Injection (2)",2009-07-24,skys,php,webapps,0
|
|
|
|
|
9255,platforms/php/webapps/9255.txt,"Clip Bucket 1.7.1 - Insecure Cookie Handling",2009-07-24,Qabandi,php,webapps,0
|
|
|
|
|
9256,platforms/php/webapps/9256.txt,"Scripteen Free Image Hosting Script 2.3 - Insecure Cookie Handling",2009-07-24,Qabandi,php,webapps,0
|
|
|
|
|
9257,platforms/php/webapps/9257.php,"Pixaria Gallery 2.3.5 - (file) Remote File Disclosure",2009-07-24,Qabandi,php,webapps,0
|
|
|
|
|
@ -21235,7 +21234,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
9275,platforms/php/webapps/9275.php,"Allomani Movies & Clips 2.7.0 - Blind SQL Injection",2009-07-27,Qabandi,php,webapps,0
|
|
|
|
|
9276,platforms/php/webapps/9276.txt,"Joomla! Component IXXO Cart! Standalone and - SQL Injection",2009-07-27,sm0k3,php,webapps,0
|
|
|
|
|
9279,platforms/php/webapps/9279.pl,"PunBB Automatic Image Upload 1.3.5 - SQL Injection",2009-07-27,Dante90,php,webapps,0
|
|
|
|
|
9280,platforms/php/webapps/9280.pl,"PunBB Automatic Image Upload 1.3.5 - Delete Arbitrary File Exploit",2009-07-27,Dante90,php,webapps,0
|
|
|
|
|
9280,platforms/php/webapps/9280.pl,"PunBB Automatic Image Upload 1.3.5 - Arbitrary File Delete",2009-07-27,Dante90,php,webapps,0
|
|
|
|
|
9281,platforms/php/webapps/9281.txt,"Limny 1.01 - (Authentication Bypass) SQL Injection",2009-07-27,SirGod,php,webapps,0
|
|
|
|
|
9282,platforms/php/webapps/9282.txt,"Magician Blog 1.0 - (ids) SQL Injection",2009-07-27,Evil-Cod3r,php,webapps,0
|
|
|
|
|
9283,platforms/php/webapps/9283.txt,"Magician Blog 1.0 - (Authentication Bypass) SQL Injection",2009-07-27,Evil-Cod3r,php,webapps,0
|
|
|
|
|
@ -21255,7 +21254,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
9310,platforms/php/webapps/9310.txt,"dit.cms 1.3 - (path/sitemap/relPath) Local File Inclusion",2009-07-30,SirGod,php,webapps,0
|
|
|
|
|
9311,platforms/php/webapps/9311.txt,"cmsphp 0.21 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2009-07-30,SirGod,php,webapps,0
|
|
|
|
|
9312,platforms/php/webapps/9312.txt,"d.net CMS - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2009-07-30,SirGod,php,webapps,0
|
|
|
|
|
9313,platforms/php/webapps/9313.txt,"Really Simple CMS 0.3a - (pagecontent.php PT) Local File Inclusion",2009-07-30,SirGod,php,webapps,0
|
|
|
|
|
9313,platforms/php/webapps/9313.txt,"Really Simple CMS 0.3a - 'PT' Parameter Local File Inclusion",2009-07-30,SirGod,php,webapps,0
|
|
|
|
|
9314,platforms/php/webapps/9314.txt,"MUJE CMS 1.0.4.34 - Local File Inclusion",2009-07-30,SirGod,php,webapps,0
|
|
|
|
|
9315,platforms/php/webapps/9315.pl,"PunBB Reputation.php Mod 2.0.4 - Local File Inclusion",2009-07-30,Dante90,php,webapps,0
|
|
|
|
|
9316,platforms/php/webapps/9316.txt,"linkSpheric 0.74b6 - (listID) SQL Injection",2009-07-30,NoGe,php,webapps,0
|
|
|
|
|
@ -21373,7 +21372,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
9523,platforms/php/webapps/9523.txt,"Moa Gallery 1.2.0 - (index.php action) SQL Injection",2009-08-26,Mr.SQL,php,webapps,0
|
|
|
|
|
9524,platforms/php/webapps/9524.txt,"totalcalendar 2.4 - (Blind SQL Injection / Local File Inclusion) Multiple Vulnerabilities",2009-08-26,Moudi,php,webapps,0
|
|
|
|
|
9525,platforms/php/webapps/9525.txt,"Moa Gallery 1.2.0 - (p_filename) Remote File Disclosure",2009-08-26,GoLd_M,php,webapps,0
|
|
|
|
|
9527,platforms/php/webapps/9527.txt,"Simple CMS Framework 1.0 - (page) SQL Injection",2009-08-26,Red-D3v1L,php,webapps,0
|
|
|
|
|
9527,platforms/php/webapps/9527.txt,"Simple CMS Framework 1.0 - 'page' Parameter SQL Injection",2009-08-26,Red-D3v1L,php,webapps,0
|
|
|
|
|
9529,platforms/php/webapps/9529.txt,"Discuz! Plugin Crazy Star 2.0 - (fmid) SQL Injection",2009-08-26,ZhaoHuAn,php,webapps,0
|
|
|
|
|
9530,platforms/php/webapps/9530.txt,"open auto Classifieds 1.5.9 - Multiple Vulnerabilities",2009-08-26,"Andrew Horton",php,webapps,0
|
|
|
|
|
9531,platforms/php/webapps/9531.txt,"PAD Site Scripts 3.6 - (list.php string) SQL Injection",2009-08-26,Mr.SQL,php,webapps,0
|
|
|
|
|
@ -21398,7 +21397,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
9572,platforms/php/webapps/9572.txt,"DataLife Engine 8.2 - dle_config_api Remote File Inclusion",2009-09-01,Kurd-Team,php,webapps,0
|
|
|
|
|
9576,platforms/php/webapps/9576.txt,"Discuz! Plugin JiangHu 1.1 - 'id' SQL Injection",2009-09-02,ZhaoHuAn,php,webapps,0
|
|
|
|
|
9577,platforms/php/webapps/9577.txt,"Ve-EDIT 0.1.4 - (highlighter) Remote File Inclusion",2009-09-02,RoMaNcYxHaCkEr,php,webapps,0
|
|
|
|
|
9578,platforms/php/webapps/9578.txt,"PHP Live! 3.3 - (deptid) SQL Injection",2009-09-02,v3n0m,php,webapps,0
|
|
|
|
|
9578,platforms/php/webapps/9578.txt,"PHP Live! 3.3 - 'deptid' Parameter SQL Injection",2009-09-02,v3n0m,php,webapps,0
|
|
|
|
|
9582,platforms/php/webapps/9582.txt,"FreeSchool 1.1.0 - Multiple Remote File Inclusion",2009-09-03,cr4wl3r,php,webapps,0
|
|
|
|
|
9583,platforms/php/webapps/9583.txt,"PHPope 1.0.0 - Multiple Remote File Inclusion",2009-09-03,cr4wl3r,php,webapps,0
|
|
|
|
|
9588,platforms/php/webapps/9588.txt,"Mambo Component com_zoom - 'catid' Blind SQL Injection",2009-09-04,boom3rang,php,webapps,0
|
|
|
|
|
@ -23563,7 +23562,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
14331,platforms/php/webapps/14331.html,"TomatoCMS 2.0.5 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-11,10n1z3d,php,webapps,0
|
|
|
|
|
14336,platforms/php/webapps/14336.txt,"Joomla! Component 'EasyBlog' - Persistent Cross-Site Scripting",2010-07-12,Sid3^effects,php,webapps,0
|
|
|
|
|
14337,platforms/php/webapps/14337.html,"TheHostingTool 1.2.2 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0
|
|
|
|
|
14338,platforms/php/webapps/14338.html,"Getsimple CMS 2.01 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0
|
|
|
|
|
14338,platforms/php/webapps/14338.html,"Getsimple CMS 2.01 - Multiple Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0
|
|
|
|
|
14342,platforms/php/webapps/14342.html,"Grafik CMS 1.1.2 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0
|
|
|
|
|
14355,platforms/windows/webapps/14355.txt,"dotDefender 4.02 - Authentication Bypass",2010-07-13,"David K",windows,webapps,0
|
|
|
|
|
14350,platforms/php/webapps/14350.txt,"Joomla! Component 'com_qcontacts' - SQL Injection",2010-07-13,_mlk_,php,webapps,0
|
|
|
|
|
@ -24889,7 +24888,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
17987,platforms/php/webapps/17987.txt,"WordPress Plugin BackWPUp 2.1.4 - Code Execution",2011-10-17,"Sense of Security",php,webapps,0
|
|
|
|
|
17994,platforms/php/webapps/17994.php,"Dolphin 7.0.7 - (member_menu_queries.php) Remote PHP Code Injection",2011-10-18,EgiX,php,webapps,0
|
|
|
|
|
17989,platforms/php/webapps/17989.txt,"Dominant Creature BBG/RPG Browser Game - Persistent Cross-Site Scripting",2011-10-17,M.Jock3R,php,webapps,0
|
|
|
|
|
17992,platforms/php/webapps/17992.txt,"GNUBoard 4.33.02 - tp.php PATH_INFO SQL Injection",2011-10-17,flyh4t,php,webapps,0
|
|
|
|
|
17992,platforms/php/webapps/17992.txt,"GNUBoard 4.33.02 - 'tp.php' PATH_INFO SQL Injection",2011-10-17,flyh4t,php,webapps,0
|
|
|
|
|
17995,platforms/php/webapps/17995.txt,"Joomla! Plugin NoNumber Framework - Multiple Vulnerabilities",2011-10-18,jdc,php,webapps,0
|
|
|
|
|
17997,platforms/php/webapps/17997.txt,"Yet Another CMS 1.0 - SQL Injection / Cross-Site Scripting",2011-10-19,"Stefan Schurtz",php,webapps,0
|
|
|
|
|
17998,platforms/php/webapps/17998.txt,"Openemr-4.1.0 - SQL Injection",2011-10-19,"I2sec-dae jin Oh",php,webapps,0
|
|
|
|
|
@ -27194,7 +27193,6 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
25178,platforms/php/webapps/25178.txt,"427BB 2.x - Multiple Remote HTML Injection Vulnerabilities",2005-03-01,"Hackerlounge Research Group",php,webapps,0
|
|
|
|
|
25179,platforms/php/webapps/25179.txt,"PBLang Bulletin Board System 4.x - DelPM.php Arbitrary Personal Message Deletion",2005-03-01,Raven,php,webapps,0
|
|
|
|
|
25180,platforms/php/webapps/25180.py,"PHPNews 1.2.3/1.2.4 - auth.php Remote File Inclusion",2005-03-01,mozako,php,webapps,0
|
|
|
|
|
25182,platforms/php/webapps/25182.txt,"auraCMS 1.5 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-02,"echo staff",php,webapps,0
|
|
|
|
|
25197,platforms/php/webapps/25197.txt,"PHP-Fusion 5.0 - BBCode IMG Tag Script Injection",2005-03-08,FireSt0rm,php,webapps,0
|
|
|
|
|
25198,platforms/jsp/webapps/25198.txt,"OutStart Participate Enterprise 3 - Multiple Access Validation Vulnerabilities",2005-03-08,Altrus,jsp,webapps,0
|
|
|
|
|
25199,platforms/php/webapps/25199.txt,"YaBB 2.0 - Remote UsersRecentPosts Cross-Site Scripting",2005-03-08,trueend5,php,webapps,0
|
|
|
|
|
@ -27765,7 +27763,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
25954,platforms/php/webapps/25954.txt,"phpAuction 2.5 - Multiple Vulnerabilities",2005-07-07,Dcrab,php,webapps,0
|
|
|
|
|
25955,platforms/php/webapps/25955.txt,"PhotoGal 1.0/1.5 - News_File Remote File Inclusion",2005-07-07,"skdaemon porra",php,webapps,0
|
|
|
|
|
25956,platforms/asp/webapps/25956.txt,"Comersus Open Technologies Comersus Cart 6.0.41 - Multiple Cross-Site Scripting Vulnerabilities",2005-07-07,"Diabolic Crab",asp,webapps,0
|
|
|
|
|
25957,platforms/php/webapps/25957.txt,"PunBB 1.x - profile.php User Profile Edit Module SQL Injection",2005-07-08,"Stefan Esser",php,webapps,0
|
|
|
|
|
25957,platforms/php/webapps/25957.txt,"PunBB 1.x - 'profile.php' User Profile Edit Module SQL Injection",2005-07-08,"Stefan Esser",php,webapps,0
|
|
|
|
|
25958,platforms/php/webapps/25958.txt,"ID Team ID Board 1.1.3 - SQL.CLS.php SQL Injection",2005-07-10,Defa,php,webapps,0
|
|
|
|
|
25959,platforms/php/webapps/25959.txt,"Spid 1.3 - lang_path File Inclusion",2005-07-11,"skdaemon porra",php,webapps,0
|
|
|
|
|
25960,platforms/php/webapps/25960.txt,"PPA 0.5.6 - ppa_root_path File Inclusion",2005-07-10,"skdaemon porra",php,webapps,0
|
|
|
|
|
@ -28052,7 +28050,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
26347,platforms/php/webapps/26347.txt,"Gallery 2.0 - main.php Directory Traversal",2005-10-14,"Michael Dipper",php,webapps,0
|
|
|
|
|
26348,platforms/php/webapps/26348.txt,"Complete PHP Counter - SQL Injection",2005-10-14,BiPi_HaCk,php,webapps,0
|
|
|
|
|
26349,platforms/php/webapps/26349.txt,"Complete PHP - Counter Cross-Site Scripting",2005-10-14,BiPi_HaCk,php,webapps,0
|
|
|
|
|
26350,platforms/php/webapps/26350.txt,"PunBB 1.2.x - search.php SQL Injection",2005-10-15,Devil_box,php,webapps,0
|
|
|
|
|
26350,platforms/php/webapps/26350.txt,"PunBB 1.2.x - 'search.php' SQL Injection",2005-10-15,Devil_box,php,webapps,0
|
|
|
|
|
26351,platforms/asp/webapps/26351.txt,"Comersus Backoffice Plus - Multiple Cross-Site Scripting Vulnerabilities",2005-10-17,Lostmon,asp,webapps,0
|
|
|
|
|
26354,platforms/jsp/webapps/26354.txt,"NetFlow Analyzer 4 - Cross-Site Scripting",2005-10-18,why@nsfocus.com,jsp,webapps,0
|
|
|
|
|
26355,platforms/php/webapps/26355.txt,"MySource 2.14 - upgrade_in_progress_backend.php target_url Parameter Cross-Site Scripting",2005-10-18,"Secunia Research",php,webapps,0
|
|
|
|
|
@ -28924,7 +28922,6 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
27449,platforms/php/webapps/27449.txt,"phpWebSite 0.8.2/0.8.3 - article.php sid Parameter SQL Injection",2006-03-20,DaBDouB-MoSiKaR,php,webapps,0
|
|
|
|
|
27450,platforms/php/webapps/27450.txt,"WinHKI 1.4/1.5/1.6 - Directory Traversal",2006-02-24,raphael.huck@free.fr,php,webapps,0
|
|
|
|
|
27451,platforms/cgi/webapps/27451.txt,"Verisign MPKI 6.0 - Haydn.exe Cross-Site Scripting",2006-03-20,"Alberto Soli",cgi,webapps,0
|
|
|
|
|
27453,platforms/php/webapps/27453.txt,"PHP Live! 3.0 - Status_Image.php Cross-Site Scripting",2006-03-22,kspecial,php,webapps,0
|
|
|
|
|
27454,platforms/php/webapps/27454.txt,"Motorola - BlueTooth Interface Dialog Spoofing",2006-03-22,kspecial,php,webapps,0
|
|
|
|
|
27455,platforms/cfm/webapps/27455.txt,"1WebCalendar 4.0 - viewEvent.cfm EventID Parameter SQL Injection",2006-03-22,r0t3d3Vil,cfm,webapps,0
|
|
|
|
|
27456,platforms/cfm/webapps/27456.txt,"1WebCalendar 4.0 - /news/newsView.cfm NewsID Parameter SQL Injection",2006-03-22,r0t3d3Vil,cfm,webapps,0
|
|
|
|
|
@ -29239,7 +29236,6 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
27854,platforms/cfm/webapps/27854.txt,"Cartweaver 2.16.11 - Details.cfm ProdID Parameter SQL Injection",2006-04-25,r0t,cfm,webapps,0
|
|
|
|
|
27858,platforms/php/webapps/27858.txt,"phpBB Chart Mod 1.1 - charts.php id Parameter Cross-Site Scripting",2006-05-11,sn4k3.23,php,webapps,0
|
|
|
|
|
27859,platforms/php/webapps/27859.txt,"OZJournals 1.2 - 'Vname' Parameter Cross-Site Scripting",2006-05-12,Kiki,php,webapps,0
|
|
|
|
|
27860,platforms/php/webapps/27860.txt,"PHP Live Helper 2.0 - chat.php Cross-Site Scripting",2006-05-12,Mr-X,php,webapps,0
|
|
|
|
|
27863,platforms/php/webapps/27863.txt,"phpBB 2.0.20 - Unauthorized HTTP Proxy",2006-05-12,rgod,php,webapps,0
|
|
|
|
|
27864,platforms/php/webapps/27864.txt,"Gphotos 1.4/1.5 - 'index.php' rep Parameter Cross-Site Scripting",2006-05-13,"Morocco Security Team",php,webapps,0
|
|
|
|
|
27865,platforms/php/webapps/27865.txt,"Gphotos 1.4/1.5 - diapo.php rep Parameter Cross-Site Scripting",2006-05-13,"Morocco Security Team",php,webapps,0
|
|
|
|
|
@ -30293,9 +30289,6 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
29336,platforms/asp/webapps/29336.txt,"Chatwm 1.0 - SelGruFra.asp SQL Injection",2006-12-24,ShaFuq31,asp,webapps,0
|
|
|
|
|
29337,platforms/php/webapps/29337.txt,"TimberWolf 1.2.2 - shownews.php Cross-Site Scripting",2006-12-24,CorryL,php,webapps,0
|
|
|
|
|
29338,platforms/php/webapps/29338.txt,"vBulletin 3.5.x/3.6.x - SWF Script Injection",2006-12-25,"Ashraf Morad",php,webapps,0
|
|
|
|
|
29339,platforms/php/webapps/29339.txt,"PHP Live! 3.2.2 - setup/transcripts.php search_string Parameter Cross-Site Scripting",2006-12-25,"Hackers Center Security",php,webapps,0
|
|
|
|
|
29340,platforms/php/webapps/29340.txt,"PHP Live! 3.2.2 - 'index.php' l Parameter Cross-Site Scripting",2006-12-25,"Hackers Center Security",php,webapps,0
|
|
|
|
|
29341,platforms/php/webapps/29341.txt,"PHP Live! 3.2.2 - PHPlive/message_box.php Multiple Parameter Cross-Site Scripting",2006-12-25,"Hackers Center Security",php,webapps,0
|
|
|
|
|
29342,platforms/php/webapps/29342.txt,"Luckybot 3 - DIR Parameter Multiple Remote File Inclusion",2006-12-26,Red_Casper,php,webapps,0
|
|
|
|
|
29343,platforms/php/webapps/29343.txt,"phpCMS 1.1.7 - 'counter.php' Remote File Inclusion",2006-12-26,"Federico Fazzi",php,webapps,0
|
|
|
|
|
29344,platforms/php/webapps/29344.txt,"phpCMS 1.1.7 - 'parser.php' Remote File Inclusion",2006-12-26,"Federico Fazzi",php,webapps,0
|
|
|
|
|
@ -31429,8 +31422,6 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
31145,platforms/php/webapps/31145.txt,"Easy POS System - SQL Injection (login.php)",2014-01-23,vinicius777,php,webapps,0
|
|
|
|
|
31146,platforms/php/webapps/31146.txt,"Cells Blog 3.3 - Reflected Cross-Site Scripting / Blind SQLite Injection",2014-01-23,vinicius777,php,webapps,0
|
|
|
|
|
31147,platforms/php/webapps/31147.txt,"Adult WebMaster PHP - Password Disclosure",2014-01-23,vinicius777,php,webapps,0
|
|
|
|
|
31152,platforms/php/webapps/31152.txt,"artmedic weblog - artmedic_print.php date Parameter Cross-Site Scripting",2008-02-12,muuratsalo,php,webapps,0
|
|
|
|
|
31153,platforms/php/webapps/31153.txt,"artmedic weblog - 'index.php' jahrneu Parameter Cross-Site Scripting",2008-02-12,muuratsalo,php,webapps,0
|
|
|
|
|
31154,platforms/php/webapps/31154.txt,"Counter Strike Portals - 'download' SQL Injection",2008-02-12,S@BUN,php,webapps,0
|
|
|
|
|
31155,platforms/php/webapps/31155.txt,"Joomla! / Mambo Component 'com_iomezun' - 'id' Parameter SQL Injection",2008-02-12,S@BUN,php,webapps,0
|
|
|
|
|
31156,platforms/php/webapps/31156.txt,"Cacti 0.8.7 - graph_view.php graph_list Parameter SQL Injection",2008-02-12,aScii,php,webapps,0
|
|
|
|
|
@ -32252,7 +32243,6 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
32342,platforms/php/webapps/32342.txt,"eXtrovert software Thyme 1.3 - 'pick_users.php' SQL Injection",2008-09-08,"Omer Singer",php,webapps,0
|
|
|
|
|
32346,platforms/php/webapps/32346.txt,"E-PHP B2B Trading Marketplace Script - 'listings.php' SQL Injection",2008-09-07,r45c4l,php,webapps,0
|
|
|
|
|
32347,platforms/php/webapps/32347.txt,"UBB.Threads 7.3.1 - 'Forum[]' Array SQL Injection",2008-09-02,"James Bercegay",php,webapps,0
|
|
|
|
|
32349,platforms/php/webapps/32349.txt,"PunBB 1.2.x - 'p' Parameter Multiple Cross-Site Scripting Vulnerabilities",2008-08-20,"Henry Sudhof",php,webapps,0
|
|
|
|
|
32351,platforms/php/webapps/32351.txt,"Jaw Portal 1.2 - 'index.php' Multiple Local File Inclusion",2008-09-10,SirGod,php,webapps,0
|
|
|
|
|
32352,platforms/php/webapps/32352.txt,"AvailScript Job Portal Script - 'applynow.php' SQL Injection",2008-09-10,InjEctOr5,php,webapps,0
|
|
|
|
|
32353,platforms/php/webapps/32353.txt,"Horde Application Framework 3.2.1 - Forward Slash Insufficient Filtering Cross-Site Scripting",2008-09-10,"Alexios Fakos",php,webapps,0
|
|
|
|
|
@ -32896,7 +32886,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
33558,platforms/php/webapps/33558.txt,"cPanel and WHM 11.25 - 'failurl' Parameter HTTP Response Splitting",2010-01-21,Trancer,php,webapps,0
|
|
|
|
|
33561,platforms/php/webapps/33561.txt,"OpenX 2.6.1 - SQL Injection",2010-01-22,AndySoon,php,webapps,0
|
|
|
|
|
33564,platforms/jsp/webapps/33564.txt,"Jetty 6.1.x - JSP Snoop Page Multiple Cross-Site Scripting Vulnerabilities",2009-10-24,aScii,jsp,webapps,0
|
|
|
|
|
33565,platforms/php/webapps/33565.txt,"PunBB 1.3 - 'viewtopic.php' Cross-Site Scripting",2010-01-24,s4r4d0,php,webapps,0
|
|
|
|
|
40752,platforms/php/webapps/40752.py,"InvoicePlane 1.4.8 - Password Reset",2016-11-11,feedersec,php,webapps,0
|
|
|
|
|
33566,platforms/php/webapps/33566.txt,"Joomla! Component 3D Cloud - 'tagcloud.swf' Cross-Site Scripting",2010-01-26,MustLive,php,webapps,0
|
|
|
|
|
33586,platforms/php/webapps/33586.txt,"Joomla! Component com_gambling - 'gamblingEvent' Parameter SQL Injection",2010-02-01,md.r00t,php,webapps,0
|
|
|
|
|
33595,platforms/php/webapps/33595.txt,"Interspire Knowledge Manager < 5.1.3 - Multiple Remote Vulnerabilities",2010-02-04,"Cory Marsh",php,webapps,0
|
|
|
|
|
@ -33317,7 +33307,6 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
34317,platforms/php/webapps/34317.txt,"WS Interactive Automne 4.0 - '228-recherche.php' Cross-Site Scripting",2009-12-13,loneferret,php,webapps,0
|
|
|
|
|
34318,platforms/php/webapps/34318.txt,"Zeecareers 2.0 - Cross-Site Scripting / Authentication Bypass",2009-12-13,bi0,php,webapps,0
|
|
|
|
|
34319,platforms/php/webapps/34319.txt,"Ez Cart - 'index.php' Cross-Site Scripting",2009-12-14,anti-gov,php,webapps,0
|
|
|
|
|
34320,platforms/php/webapps/34320.txt,"Getsimple CMS 2.01 - admin/template/error_checking.php Multiple Parameter Cross-Site Scripting",2010-07-15,Leonard,php,webapps,0
|
|
|
|
|
34321,platforms/php/webapps/34321.txt,"Spitfire 1.0.381 - Cross-Site Scripting / Cross-Site Request Forgery",2010-07-15,"Nijel the Destroyer",php,webapps,0
|
|
|
|
|
34322,platforms/php/webapps/34322.txt,"PHPWCMS 1.4.5 - 'PHPwcms.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0
|
|
|
|
|
34323,platforms/php/webapps/34323.html,"DSite CMS 4.81 - 'modmenu.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0
|
|
|
|
|
@ -33635,7 +33624,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
34786,platforms/php/webapps/34786.txt,"eCardMAX - Multiple Cross-Site Scripting Vulnerabilities",2009-07-14,Moudi,php,webapps,0
|
|
|
|
|
34787,platforms/php/webapps/34787.txt,"MODx 2.0.2-pl - manager/index.php modahsh Parameter Cross-Site Scripting",2010-09-29,"John Leitch",php,webapps,0
|
|
|
|
|
34788,platforms/php/webapps/34788.txt,"MODx manager - /controllers/default/resource/tvs.php class_key Parameter Traversal Local File Inclusion",2010-09-29,"John Leitch",php,webapps,0
|
|
|
|
|
34789,platforms/php/webapps/34789.html,"Getsimple CMS 2.01 - 'admin/changedata.php' Cross-Site Scripting",2010-09-29,"High-Tech Bridge SA",php,webapps,0
|
|
|
|
|
34789,platforms/php/webapps/34789.html,"Getsimple CMS 2.01 - 'changedata.php' Cross-Site Scripting",2010-09-29,"High-Tech Bridge SA",php,webapps,0
|
|
|
|
|
34790,platforms/php/webapps/34790.txt,"Pluck 4.6.3 - 'cont1' Parameter HTML Injection",2010-09-29,"High-Tech Bridge SA",php,webapps,0
|
|
|
|
|
34791,platforms/php/webapps/34791.txt,"Swinger Club Portal - start.php id Parameter SQL Injection",2009-07-07,Moudi,php,webapps,0
|
|
|
|
|
34792,platforms/php/webapps/34792.txt,"Swinger Club Portal - start.php go Parameter Remote File Inclusion",2009-07-07,Moudi,php,webapps,0
|
|
|
|
|
@ -33982,7 +33971,7 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
35349,platforms/php/webapps/35349.txt,"Gollos 2.8 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-15,"High-Tech Bridge SA",php,webapps,0
|
|
|
|
|
35350,platforms/php/webapps/35350.txt,"Wikipad 1.6.0 - Cross-Site Scripting / HTML Injection / Information Disclosure",2011-02-15,"High-Tech Bridge SA",php,webapps,0
|
|
|
|
|
35351,platforms/php/webapps/35351.txt,"Photopad 1.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-15,"High-Tech Bridge SA",php,webapps,0
|
|
|
|
|
35353,platforms/php/webapps/35353.txt,"Getsimple CMS 2.03 - 'admin/upload-ajax.php' Arbitrary File Upload",2011-02-15,"s3rg3770 and Chuzz",php,webapps,0
|
|
|
|
|
35353,platforms/php/webapps/35353.txt,"Getsimple CMS 2.03 - 'upload-ajax.php' Arbitrary File Upload",2011-02-15,"s3rg3770 and Chuzz",php,webapps,0
|
|
|
|
|
35357,platforms/cgi/webapps/35357.txt,"Advantech EKI-6340 - Command Injection",2014-11-24,"Core Security",cgi,webapps,80
|
|
|
|
|
35360,platforms/php/webapps/35360.txt,"WSN Guest 1.24 - 'wsnuser' Cookie Parameter SQL Injection",2011-02-18,"Aliaksandr Hartsuyeu",php,webapps,0
|
|
|
|
|
35362,platforms/php/webapps/35362.txt,"Batavi 1.0 - Multiple Local File Inclusion / Cross-Site Scripting Vulnerabilities",2011-02-21,"AutoSec Tools",php,webapps,0
|
|
|
|
|
@ -34476,7 +34465,6 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
36166,platforms/php/webapps/36166.txt,"WordPress Plugin BuddyPress 1.2.10 / WordPress Theme DEV Blogs Mu 1.2.6 (WordPress 3.1.4) - Regular Subscriber HTML Injection",2011-09-26,knull,php,webapps,0
|
|
|
|
|
36167,platforms/php/webapps/36167.txt,"AdaptCMS 2.0.1 - Cross-Site Scripting / Information Disclosure",2011-09-26,"Stefan Schurtz",php,webapps,0
|
|
|
|
|
36168,platforms/php/webapps/36168.txt,"S9Y Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting",2011-09-26,"Stefan Schurtz",php,webapps,0
|
|
|
|
|
36170,platforms/php/webapps/36170.txt,"PunBB 1.3.6 - 'browse.php' Cross-Site Scripting",2011-09-26,Amir,php,webapps,0
|
|
|
|
|
36171,platforms/php/webapps/36171.txt,"Joomla! Component 'com_biitatemplateshop' - 'groups' Parameter SQL Injection",2011-09-26,"BHG Security Group",php,webapps,0
|
|
|
|
|
36172,platforms/cfm/webapps/36172.txt,"Adobe ColdFusion 7 - Multiple Cross-Site Scripting Vulnerabilities",2011-09-27,MustLive,cfm,webapps,0
|
|
|
|
|
36173,platforms/php/webapps/36173.txt,"Vanira CMS - 'vtpidshow' Parameter SQL Injection",2011-09-27,"kurdish hackers team",php,webapps,0
|
|
|
|
|
@ -35153,10 +35141,6 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
37151,platforms/php/webapps/37151.txt,"TCPDF Library 5.9 - Arbitrary File Deletion",2015-05-29,"Filippo Roncari",php,webapps,80
|
|
|
|
|
37154,platforms/hardware/webapps/37154.rb,"ESC 8832 Data Controller - Multiple Vulnerabilities",2015-05-29,"Balazs Makany",hardware,webapps,80
|
|
|
|
|
37155,platforms/php/webapps/37155.txt,"WordPress Plugin WP-FaceThumb 0.1 - 'pagination_wp_facethum' Parameter Cross-Site Scripting",2012-05-13,d3v1l,php,webapps,0
|
|
|
|
|
37156,platforms/php/webapps/37156.txt,"Getsimple CMS 3.1 - admin/theme.php err Parameter Reflected Cross-Site Scripting",2012-05-12,"Chokri Ben Achor",php,webapps,0
|
|
|
|
|
37157,platforms/php/webapps/37157.txt,"Getsimple CMS 3.1 - admin/pages.php error Parameter Reflected Cross-Site Scripting",2012-05-12,"Chokri Ben Achor",php,webapps,0
|
|
|
|
|
37158,platforms/php/webapps/37158.txt,"Getsimple CMS 3.1 - admin/index.php Multiple Parameter Reflected Cross-Site Scripting",2012-05-12,"Chokri Ben Achor",php,webapps,0
|
|
|
|
|
37159,platforms/php/webapps/37159.txt,"Getsimple CMS 3.1 - admin/upload.php path Parameter Cross-Site Scripting",2012-05-12,"Chokri Ben Achor",php,webapps,0
|
|
|
|
|
37161,platforms/php/webapps/37161.txt,"WordPress Plugin GRAND Flash Album Gallery 1.71 - 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0
|
|
|
|
|
37162,platforms/php/webapps/37162.txt,"WordPress Plugin Dynamic Widgets 1.5.1 - 'themes.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0
|
|
|
|
|
37166,platforms/php/webapps/37166.php,"WordPress Plugin dzs-zoomsounds 2.0 - Arbitrary File Upload",2015-06-01,"nabil chris",php,webapps,0
|
|
|
|
|
@ -35911,8 +35895,6 @@ id,file,description,date,author,platform,type,port
|
|
|
|
|
38496,platforms/php/webapps/38496.txt,"RealtyScript 4.0.2 - Multiple Cross-Site Request Forgery / Persistent Cross-Site Scripting Vulnerabilities",2015-10-19,LiquidWorm,php,webapps,0
|
|
|
|
|
38497,platforms/php/webapps/38497.txt,"RealtyScript 4.0.2 - Multiple Time-Based Blind SQL Injection",2015-10-19,LiquidWorm,php,webapps,0
|
|
|
|
|
38499,platforms/php/webapps/38499.html,"PHPValley Micro Jobs Site Script - Spoofing",2013-04-27,"Jason Whelan",php,webapps,0
|
|
|
|
|
38502,platforms/php/webapps/38502.txt,"Getsimple CMS - /admin/edit.php Multiple Parameter Cross-Site Scripting",2013-05-01,"High-Tech Bridge",php,webapps,0
|
|
|
|
|
38503,platforms/php/webapps/38503.txt,"Getsimple CMS - /admin/filebrowser.php Multiple Parameter Cross-Site Scripting",2013-05-01,"High-Tech Bridge",php,webapps,0
|
|
|
|
|
38506,platforms/php/webapps/38506.txt,"NetApp OnCommand System Manager - /zapiServlet CIFS Configuration Management Interface Multiple Parameter Cross-Site Scripting",2013-05-07,"M. Heinzl",php,webapps,0
|
|
|
|
|
38507,platforms/php/webapps/38507.txt,"NetApp OnCommand System Manager - /zapiServlet User Management Interface Multiple Parameter Cross-Site Scripting",2013-05-07,"M. Heinzl",php,webapps,0
|
|
|
|
|
38508,platforms/php/webapps/38508.txt,"MyBB Game Section Plugin - 'games.php' Multiple Cross-Site Scripting Vulnerabilities",2013-05-07,anonymous,php,webapps,0
|
|
|
|
|
|
Offensive Security