diff --git a/files.csv b/files.csv index 1e587ed75..8f5922c64 100644 --- a/files.csv +++ b/files.csv @@ -394,7 +394,7 @@ id,file,description,date,author,platform,type,port 2444,platforms/multiple/dos/2444.sh,"OpenSSH 4.3 p1 - (Duplicated Block) Remote Denial of Service",2006-09-27,"Tavis Ormandy",multiple,dos,0 2515,platforms/multiple/dos/2515.txt,"Kmail 1.9.1 - (IMG SRC) Remote Denial of Service",2006-10-11,nnp,multiple,dos,0 2523,platforms/windows/dos/2523.pl,"Microsoft Office 2003 - '.PPT' Local Buffer Overflow (PoC)",2006-10-12,Nanika,windows,dos,0 -2524,platforms/bsd/dos/2524.c,"FreeBSD 5.4/6.0 - (ptrace PT_LWPINFO) Local Denial of Service",2006-10-12,kokanin,bsd,dos,0 +2524,platforms/bsd/dos/2524.c,"FreeBSD 5.4/6.0 - 'ptrace PT_LWPINFO' Local Denial of Service",2006-10-12,kokanin,bsd,dos,0 2541,platforms/bsd/dos/2541.c,"FreeBSD 6.1-RELEASE-p10 - (ftruncate) Local Denial of Service",2006-10-13,kokanin,bsd,dos,0 2542,platforms/bsd/dos/2542.c,"FreeBSD 6.1-RELEASE-p10 - (scheduler) Local Denial of Service",2006-10-13,kokanin,bsd,dos,0 2571,platforms/windows/dos/2571.pl,"Xfire 1.6.4 - Remote Denial of Service (Perl)",2006-10-16,n00b,windows,dos,0 @@ -4642,7 +4642,7 @@ id,file,description,date,author,platform,type,port 37848,platforms/windows/dos/37848.txt,"Adobe Flash AS2 - textfield.filters Use-After-Free (2)",2015-08-19,bilou,windows,dos,0 37849,platforms/windows/dos/37849.txt,"Adobe Flash - Display List Handling Use-After-Free",2015-08-19,KeenTeam,windows,dos,0 37850,platforms/multiple/dos/37850.txt,"Adobe Flash - NetConnection.connect Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 -37852,platforms/multiple/dos/37852.txt,"Adobe Flash - 'Setting' Variable Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 +37852,platforms/multiple/dos/37852.txt,"Adobe Flash - 'Setting' Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 37853,platforms/windows/dos/37853.txt,"Adobe Flash AS2 - DisplacementMapFilter.mapBitmap Use-After-Free (1)",2015-08-19,"Google Security Research",windows,dos,0 37854,platforms/windows/dos/37854.txt,"Adobe Flash AS2 - MovieClip.scrollRect Use-After-Free",2015-08-19,"Google Security Research",windows,dos,0 37855,platforms/multiple/dos/37855.txt,"Adobe Flash - Setting Value Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 @@ -4906,7 +4906,7 @@ id,file,description,date,author,platform,type,port 39046,platforms/windows/dos/39046.txt,"Adobe Flash TextField.setFormat - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 39047,platforms/windows/dos/39047.txt,"Adobe Flash TextField.replaceSel - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 39048,platforms/windows/dos/39048.txt,"Adobe Flash TextField.replaceText - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 -39049,platforms/windows/dos/39049.txt,"Adobe Flash - 'TextField' Variable Use-After Free",2015-12-18,"Google Security Research",windows,dos,0 +39049,platforms/windows/dos/39049.txt,"Adobe Flash - 'TextField' Use-After Free",2015-12-18,"Google Security Research",windows,dos,0 39050,platforms/windows/dos/39050.txt,"Adobe Flash - TextField.Variable Setter Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 39051,platforms/windows/dos/39051.txt,"Adobe Flash TextField.htmlText Setter - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 39052,platforms/windows/dos/39052.txt,"Adobe Flash TextField.type Setter - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 @@ -8132,7 +8132,7 @@ id,file,description,date,author,platform,type,port 22912,platforms/unix/local/22912.c,"IBM UniVerse 10.0.0.9 - uvadmsh Privilege Escalation",2003-07-16,kf,unix,local,0 22943,platforms/linux/local/22943.c,"Top 1.x/2.0 - 'Home Environment' Parameter Local Buffer Overflow",2003-07-22,UHAGr,linux,local,0 22946,platforms/windows/local/22946.txt,"MySQL AB ODBC Driver 3.51 - Plain Text Password",2003-07-22,hanez,windows,local,0 -22965,platforms/linux/local/22965.c,"XBlast 2.6.1 - 'HOME Environment' Variable Buffer Overflow",2003-07-28,c0wboy,linux,local,0 +22965,platforms/linux/local/22965.c,"XBlast 2.6.1 - 'HOME Environment' Buffer Overflow",2003-07-28,c0wboy,linux,local,0 22923,platforms/unix/local/22923.c,"Tolis Group BRU 17.0 - Privilege Escalation (1)",2003-07-16,DVDMAN,unix,local,0 22924,platforms/unix/local/22924.c,"Tolis Group BRU 17.0 - Privilege Escalation (2)",2003-07-16,nic,unix,local,0 22928,platforms/linux/local/22928.pl,"mcrypt 2.5.8 - Stack Based Overflow",2012-11-26,Tosh,linux,local,0 @@ -8148,7 +8148,7 @@ id,file,description,date,author,platform,type,port 22988,platforms/unix/local/22988.sh,"IBM DB2 db2job - File Overwrite",2003-08-05,"Juan Manuel Pascual Escribá",unix,local,0 22989,platforms/unix/local/22989.pl,"IBM DB2 - Shared Library Injection",2003-08-05,daniels@legend.co.uk,unix,local,0 22993,platforms/linux/local/22993.txt,"IPNetSentryX / IPNetMonitorX - Unauthorized Network Reconnaissance",2003-07-07,@stake,linux,local,0 -22996,platforms/linux/local/22996.c,"XPCD 2.0.8 - 'Home Environment' Variable Local Buffer Overflow",2003-07-18,r-code,linux,local,0 +22996,platforms/linux/local/22996.c,"XPCD 2.0.8 - 'HOME Environment' Local Buffer Overflow",2003-07-18,r-code,linux,local,0 23022,platforms/php/local/23022.c,"PHP 4.x - DLOpen Memory Disclosure (1)",2003-08-13,"Andrew Griffiths",php,local,0 23023,platforms/php/local/23023.c,"PHP 4.x - DLOpen Memory Disclosure (2)",2003-08-13,andrewg,php,local,0 23041,platforms/windows/local/23041.txt,"DeskSoft CheckMail 1.2 - Password Disclosure",2003-08-19,"cyber talon",windows,local,0 @@ -8195,7 +8195,7 @@ id,file,description,date,author,platform,type,port 23479,platforms/linux/local/23479.sh,"GNU Indent 2.2.9 - Local Heap Overflow",2003-12-26,"Pooh Hacking Squadron",linux,local,0 23481,platforms/linux/local/23481.c,"Apache 2.0.4x mod_php - File Descriptor Leakage (1)",2003-12-26,"Steve Grubb",linux,local,0 23482,platforms/linux/local/23482.c,"Apache 2.0.4x mod_php - File Descriptor Leakage (2)",2003-12-26,"frauk\x41ser",linux,local,0 -23510,platforms/linux/local/23510.c,"XSOK 1.0 2 - 'LANG Environment' Variable Local Buffer Overrun",2003-12-30,N2n-Hacker,linux,local,0 +23510,platforms/linux/local/23510.c,"XSOK 1.0 2 - 'LANG Environment' Local Buffer Overrun",2003-12-30,N2n-Hacker,linux,local,0 23511,platforms/windows/local/23511.txt,"Surfnet 1.31 - Unauthorized Account Depositing",2004-01-02,Rift_XT,windows,local,0 23581,platforms/linux/local/23581.pl,"Apache 2.0.4x mod_perl - File Descriptor Leakage (3)",2004-01-21,"Steve Grubb",linux,local,0 23609,platforms/unix/local/23609.sh,"IBM Informix Dynamic Server 9.40/Informix Extended Parallel Server 8.40 - Multiple Vulnerabilities (1)",2003-08-08,pask,unix,local,0 @@ -11674,7 +11674,7 @@ id,file,description,date,author,platform,type,port 17948,platforms/windows/remote/17948.rb,"ScriptFTP 3.3 - LIST Remote Buffer Overflow (Metasploit) (2)",2011-10-09,Metasploit,windows,remote,0 17969,platforms/multiple/remote/17969.py,"Apache mod_proxy - Reverse Proxy Exposure (PoC)",2011-10-11,"Rodrigo Marcos",multiple,remote,0 17960,platforms/windows/remote/17960.rb,"Opera Browser 10/11/12 - 'SVG Layout' Memory Corruption (Metasploit)",2011-10-10,"Jose A. Vazquez",windows,remote,0 -17974,platforms/windows/remote/17974.html,"Mozilla Firefox - Array.reduceRight() Integer Overflow (1)",2011-10-12,ryujin,windows,remote,0 +17974,platforms/windows/remote/17974.html,"Mozilla Firefox - 'Array.reduceRight()' Integer Overflow (1)",2011-10-12,ryujin,windows,remote,0 17975,platforms/windows/remote/17975.rb,"PcVue 10.0 SV.UIGrdCtrl.1 - 'LoadObject()/SaveObject()' Trusted DWORD (Metasploit)",2011-10-12,Metasploit,windows,remote,0 17976,platforms/windows/remote/17976.rb,"Mozilla Firefox - Array.reduceRight() Integer Overflow (Metasploit) (2)",2011-10-13,Metasploit,windows,remote,0 17977,platforms/windows/remote/17977.txt,"JBoss AS 2.0 - Remote Exploit",2011-10-11,kingcope,windows,remote,0 @@ -14352,7 +14352,7 @@ id,file,description,date,author,platform,type,port 30636,platforms/windows/remote/30636.pl,"Microsoft Windows Server 2000/2003 - Recursive DNS Spoofing (2)",2007-11-13,"Alla Berzroutchko",windows,remote,0 30643,platforms/multiple/remote/30643.txt,"DropTeam 1.3.3 - Multiple Remote Vulnerabilities",2007-10-05,"Luigi Auriemma",multiple,remote,0 30645,platforms/windows/remote/30645.txt,"Microsoft Windows - URI Handler Command Execution",2007-10-05,"Billy Rios",windows,remote,0 -30650,platforms/hardware/remote/30650.txt,"Linksys SPA941 - SIP From Field HTML Injection",2007-10-09,"Radu State",hardware,remote,0 +30650,platforms/hardware/remote/30650.txt,"Linksys SPA941 - 'SIP From' HTML Injection",2007-10-09,"Radu State",hardware,remote,0 30652,platforms/hardware/remote/30652.txt,"Cisco IOS 12.3 - 'LPD' Remote Buffer Overflow",2007-10-10,"Andy Davis",hardware,remote,0 30673,platforms/hardware/remote/30673.txt,"NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting",2007-10-15,SkyOut,hardware,remote,0 30677,platforms/linux/remote/30677.pl,"Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module - SQL Injection",2007-10-16,"Humberto J. Abdelnur",linux,remote,0 @@ -15214,7 +15214,7 @@ id,file,description,date,author,platform,type,port 36256,platforms/hardware/remote/36256.txt,"Cisco - 'file' Parameter Directory Traversal",2011-10-26,"Sandro Gauci",hardware,remote,0 36258,platforms/windows/remote/36258.txt,"XAMPP 1.7.4 - Cross-Site Scripting",2011-10-26,Sangteamtham,windows,remote,0 36264,platforms/php/remote/36264.rb,"Seagate Business NAS - Unauthenticated Remote Command Execution (Metasploit)",2015-03-04,Metasploit,php,remote,80 -36291,platforms/windows/remote/36291.txt,"XAMPP 1.7.7 - 'PHP_SELF' Variable Multiple Cross-Site Scripting Vulnerabilities",2011-11-07,"Gjoko Krstic",windows,remote,0 +36291,platforms/windows/remote/36291.txt,"XAMPP 1.7.7 - 'PHP_SELF' Multiple Cross-Site Scripting Vulnerabilities",2011-11-07,"Gjoko Krstic",windows,remote,0 36304,platforms/windows/remote/36304.rb,"HP Data Protector 8.10 - Remote Command Execution (Metasploit)",2015-03-06,Metasploit,windows,remote,5555 36318,platforms/windows/remote/36318.txt,"Jetty Web Server - Directory Traversal",2011-11-18,"Alexey Sintsov",windows,remote,0 36319,platforms/windows/remote/36319.txt,"GoAhead Web Server 2.5 - 'goform/formTest' Multiple Cross-Site Scripting Vulnerabilities",2011-11-18,"Prabhu S Angadi",windows,remote,0 @@ -17502,11 +17502,11 @@ id,file,description,date,author,platform,type,port 2526,platforms/php/webapps/2526.txt,"PHPht Topsites - 'common.php' Remote File Inclusion",2006-10-12,"Mehmet Ince",php,webapps,0 2527,platforms/php/webapps/2527.c,"Invision Gallery 2.0.7 (Linux) - 'readfile()' / SQL Injection",2006-10-12,ShadOS,php,webapps,0 2528,platforms/php/webapps/2528.txt,"MiniBB keyword_replacer 1.0 - 'pathToFiles' Parameter File Inclusion",2006-10-12,Kw3[R]Ln,php,webapps,0 -2529,platforms/php/webapps/2529.txt,"AFGB Guestbook 2.2 - (Htmls) Remote File Inclusion",2006-10-12,mdx,php,webapps,0 +2529,platforms/php/webapps/2529.txt,"AFGB Guestbook 2.2 - 'Htmls' Remote File Inclusion",2006-10-12,mdx,php,webapps,0 2531,platforms/php/webapps/2531.txt,"phpBB Import Tools Mod 0.1.4 - Remote File Inclusion",2006-10-12,boecke,php,webapps,0 2532,platforms/php/webapps/2532.txt,"phpBB Ajax Shoutbox 0.0.5 - Remote File Inclusion",2006-10-12,boecke,php,webapps,0 2533,platforms/php/webapps/2533.txt,"phpBB SpamBlocker Mod 1.0.2 - Remote File Inclusion",2006-10-12,"Nima Salehi",php,webapps,0 -2534,platforms/php/webapps/2534.pl,"Redaction System 1.0 - (lang_prefix) Remote File Inclusion",2006-10-12,r0ut3r,php,webapps,0 +2534,platforms/php/webapps/2534.pl,"Redaction System 1.0 - 'lang_prefix' Remote File Inclusion",2006-10-12,r0ut3r,php,webapps,0 2535,platforms/php/webapps/2535.txt,"PHPMyConferences 8.0.2 - 'menu.inc.php' File Inclusion",2006-10-13,k1tk4t,php,webapps,0 2536,platforms/php/webapps/2536.txt,"Open Conference Systems 1.1.4 - 'fullpath' File Inclusion",2006-10-13,k1tk4t,php,webapps,0 2537,platforms/php/webapps/2537.pl,"maluinfo 206.2.38 - 'bb_usage_stats.php' Remote File Inclusion",2006-10-13,"Nima Salehi",php,webapps,0 @@ -23325,7 +23325,7 @@ id,file,description,date,author,platform,type,port 11687,platforms/php/webapps/11687.txt,"Ane CMS 1 - Persistent Cross-Site Scripting",2010-03-11,"pratul agrawal",php,webapps,0 11688,platforms/php/webapps/11688.txt,"Joomla! Component com_blog - SQL Injection",2010-03-11,"DevilZ TM",php,webapps,0 11689,platforms/php/webapps/11689.txt,"Eros Erotik Webkatalog - start.php (rubrik&id) SQL Injection",2010-03-11,"Easy Laster",php,webapps,0 -11691,platforms/php/webapps/11691.txt,"Joomla! Component com_products 'intCategoryId' - SQL Injection",2010-03-11,N2n-Hacker,php,webapps,0 +11691,platforms/php/webapps/11691.txt,"Joomla! Component com_products - 'intCategoryId' SQL Injection",2010-03-11,N2n-Hacker,php,webapps,0 11692,platforms/php/webapps/11692.txt,"Joomla! Component com_gigfe - SQL Injection",2010-03-11,"DevilZ TM",php,webapps,0 11693,platforms/php/webapps/11693.txt,"Joomla! Component com_color - SQL Injection",2010-03-11,"DevilZ TM",php,webapps,0 11695,platforms/php/webapps/11695.txt,"Joomla! Component com_party - SQL Injection",2010-03-11,"DevilZ TM",php,webapps,0 @@ -23408,7 +23408,7 @@ id,file,description,date,author,platform,type,port 11808,platforms/php/webapps/11808.txt,"quality point 1.0 newsfeed - SQL Injection / Cross-Site Scripting",2010-03-19,Red-D3v1L,php,webapps,0 11811,platforms/php/webapps/11811.txt,"PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php Exploit",2010-03-19,"Easy Laster",php,webapps,0 11813,platforms/php/webapps/11813.txt,"DirectAdmin 1.34.4 - Multiple Cross-Site Request Forgerys",2010-03-19,K053,php,webapps,0 -11814,platforms/php/webapps/11814.txt,"Joomla! Component & Plugin 'JE Tooltip' 1.0 - Local File Inclusion",2010-03-19,"Chip d3 bi0s",php,webapps,0 +11814,platforms/php/webapps/11814.txt,"Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion",2010-03-19,"Chip d3 bi0s",php,webapps,0 11815,platforms/php/webapps/11815.txt,"Joomla! Component Gift Exchange com_giftexchange 1.0 Beta - (pkg) SQL Injection",2010-03-20,"Chip d3 bi0s",php,webapps,0 11816,platforms/php/webapps/11816.txt,"Pay Per Watch & Bid Auktions System - (id_auk) auktion.php Blind SQL Injection",2010-03-20,"Easy Laster",php,webapps,0 11823,platforms/cgi/webapps/11823.txt,"Trouble Ticket Software - 'ttx.cgi' Arbitrary File Download",2010-03-20,n01d,cgi,webapps,0 @@ -23552,12 +23552,12 @@ id,file,description,date,author,platform,type,port 12052,platforms/php/webapps/12052.txt,"SAGU-PRO 1.0 - Multiple Remote File Inclusion",2010-04-04,mat,php,webapps,0 12054,platforms/php/webapps/12054.txt,"Joomla! Component redSHOP 1.0 - Local File Inclusion",2010-04-04,NoGe,php,webapps,0 12055,platforms/php/webapps/12055.txt,"Joomla! Component redTWITTER 1.0 - Local File Inclusion",2010-04-04,NoGe,php,webapps,0 -12056,platforms/php/webapps/12056.txt,"Joomla! Component 'com_wisroyq' 1.1 - Local File Inclusion",2010-04-04,NoGe,php,webapps,0 -12057,platforms/php/webapps/12057.txt,"Joomla! Component 'com_press' - SQL Injection",2010-04-04,"DevilZ TM",php,webapps,0 +12056,platforms/php/webapps/12056.txt,"Joomla! Component com_wisroyq 1.1 - Local File Inclusion",2010-04-04,NoGe,php,webapps,0 +12057,platforms/php/webapps/12057.txt,"Joomla! Component com_press - SQL Injection",2010-04-04,"DevilZ TM",php,webapps,0 12058,platforms/php/webapps/12058.txt,"Joomla! Component Picasa 2.0 - Local File Inclusion",2010-04-04,Vrs-hCk,php,webapps,0 -12060,platforms/php/webapps/12060.txt,"Joomla! Component 'com_serie' - SQL Injection",2010-04-04,"DevilZ TM",php,webapps,0 +12060,platforms/php/webapps/12060.txt,"Joomla! Component com_serie - SQL Injection",2010-04-04,"DevilZ TM",php,webapps,0 12061,platforms/php/webapps/12061.txt,"Facil-CMS 0.1RC2 - Local/Remote File Inclusion",2010-04-04,eidelweiss,php,webapps,0 -12062,platforms/php/webapps/12062.txt,"Joomla! Component 'com_ranking' - SQL Injection",2010-04-04,"DevilZ TM",php,webapps,0 +12062,platforms/php/webapps/12062.txt,"Joomla! Component com_ranking - SQL Injection",2010-04-04,"DevilZ TM",php,webapps,0 12065,platforms/php/webapps/12065.txt,"Joomla! Component JInventory 1.23.02 - Local File Inclusion",2010-04-05,"Chip d3 bi0s",php,webapps,0 12066,platforms/php/webapps/12066.txt,"Joomla! Component SVMap 1.1.1 - Local File Inclusion",2010-04-05,Vrs-hCk,php,webapps,0 12067,platforms/php/webapps/12067.txt,"Joomla! Component Shoutbox Pro - Local File Inclusion",2010-04-05,Vrs-hCk,php,webapps,0 @@ -23588,7 +23588,7 @@ id,file,description,date,author,platform,type,port 12106,platforms/php/webapps/12106.txt,"Istgah for Centerhost - Multiple Vulnerabilities",2010-04-07,indoushka,php,webapps,0 12107,platforms/php/webapps/12107.txt,"Plume CMS 1.2.4 - Multiple Local File Inclusion",2010-04-07,eidelweiss,php,webapps,0 12108,platforms/php/webapps/12108.txt,"Joomla! Component com_articles - SQL Injection",2010-04-08,"pratul agrawal",php,webapps,0 -12111,platforms/php/webapps/12111.txt,"Joomla! Component 'com_webeecomment' 2.0 - Local File Inclusion",2010-04-08,AntiSecurity,php,webapps,0 +12111,platforms/php/webapps/12111.txt,"Joomla! Component com_webeecomment 2.0 - Local File Inclusion",2010-04-08,AntiSecurity,php,webapps,0 12112,platforms/php/webapps/12112.txt,"Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion (1)",2010-04-08,AntiSecurity,php,webapps,0 12113,platforms/php/webapps/12113.txt,"Joomla! Component AWDwall 1.5.4 - Local File Inclusion / SQL Injection",2010-04-08,AntiSecurity,php,webapps,0 12115,platforms/php/webapps/12115.txt,"Kubeit CMS - SQL Injection",2010-04-08,Phenom,php,webapps,0 @@ -23609,13 +23609,13 @@ id,file,description,date,author,platform,type,port 12140,platforms/php/webapps/12140.php,"xBtiTracker - SQL Injection",2010-04-11,InATeam,php,webapps,0 12141,platforms/php/webapps/12141.txt,"MediaInSpot CMS - Local File Inclusion (1)",2010-04-11,"Amoo Arash",php,webapps,0 12142,platforms/php/webapps/12142.txt,"Joomla! Component TweetLA 1.0.1 - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 -12143,platforms/php/webapps/12143.txt,"Joomla! Component 'com_ticketbook' - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 -12144,platforms/php/webapps/12144.txt,"Joomla! Component 'com_jajobboard' - Multiple Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 +12143,platforms/php/webapps/12143.txt,"Joomla! Component com_ticketbook - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 +12144,platforms/php/webapps/12144.txt,"Joomla! Component com_jajobboard - Multiple Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12145,platforms/php/webapps/12145.txt,"Joomla! Component Jfeedback 1.2 - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12146,platforms/php/webapps/12146.txt,"Joomla! Component JProject Manager 1.0 - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12147,platforms/php/webapps/12147.txt,"Joomla! Component Preventive And Reservation 1.0.5 - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12148,platforms/php/webapps/12148.txt,"Joomla! Component RokModule 1.1 - 'moduleid' Parameter Blind SQL Injection",2010-04-11,AntiSecurity,php,webapps,0 -12149,platforms/php/webapps/12149.txt,"Joomla! Component 'com_spsnewsletter' - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 +12149,platforms/php/webapps/12149.txt,"Joomla! Component com_spsnewsletter - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12150,platforms/php/webapps/12150.txt,"Joomla! Component AlphaUserPoints 1.5.5 - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12151,platforms/php/webapps/12151.txt,"Joomla! Component TRAVELbook 1.0.1 - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12153,platforms/php/webapps/12153.txt,"Joomla! Component education - SQL Injection",2010-04-11,bumble_be,php,webapps,0 @@ -23624,7 +23624,7 @@ id,file,description,date,author,platform,type,port 12158,platforms/php/webapps/12158.py,"Elite Gaming Ladders 3.5 - (match) SQL Injection",2010-04-11,"Easy Laster",php,webapps,0 12159,platforms/php/webapps/12159.txt,"Joomla! Component Multi-Venue Restaurant Menu Manager 1.5.2 - SQL Injection",2010-04-11,Valentin,php,webapps,0 12160,platforms/php/webapps/12160.txt,"HotNews 0.7.2 - Remote File Inclusion",2010-04-11,team_elite,php,webapps,0 -12162,platforms/php/webapps/12162.txt,"Joomla! Component 'mv_restaurantmenumanager' - SQL Injection",2010-04-11,Sudden_death,php,webapps,0 +12162,platforms/php/webapps/12162.txt,"Joomla! Component mv_restaurantmenumanager - SQL Injection",2010-04-11,Sudden_death,php,webapps,0 12163,platforms/php/webapps/12163.txt,"Worldviewer.com CMS - SQL Injection",2010-04-12,"41.w4r10r aka AN1L",php,webapps,0 12164,platforms/php/webapps/12164.txt,"YaPiG 0.94.0u - Remote File Inclusion",2010-04-12,JIKO,php,webapps,0 12166,platforms/php/webapps/12166.txt,"Joomla! Component Web TV 1.0 - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 @@ -23641,8 +23641,8 @@ id,file,description,date,author,platform,type,port 12177,platforms/php/webapps/12177.txt,"Joomla! Component Online Market 2.x - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 12178,platforms/php/webapps/12178.txt,"Joomla! Component Digital Diary 1.5.0 - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 12179,platforms/php/webapps/12179.txt,"FusionForge 5.0 - Multiple Remote File Inclusion",2010-04-12,cr4wl3r,php,webapps,0 -12180,platforms/php/webapps/12180.txt,"Joomla! Component 'com_worldrates' - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 -12181,platforms/php/webapps/12181.txt,"Joomla! Component 'com_record' - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 +12180,platforms/php/webapps/12180.txt,"Joomla! Component com_worldrates - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 +12181,platforms/php/webapps/12181.txt,"Joomla! Component com_record - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 12182,platforms/php/webapps/12182.txt,"Joomla! Component Sweetykeeper 1.5 - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 12183,platforms/php/webapps/12183.txt,"Joomla! Component com_jdrugstopics - SQL Injection",2010-04-12,SadHaCkEr,php,webapps,0 12184,platforms/php/webapps/12184.txt,"Joomla! Component SermonSpeaker - SQL Injection",2010-04-12,SadHaCkEr,php,webapps,0 @@ -23668,8 +23668,8 @@ id,file,description,date,author,platform,type,port 12224,platforms/php/webapps/12224.txt,"Mihalism Multi Host 4.0.0 - Arbitrary File Upload",2010-04-14,indoushka,php,webapps,0 12226,platforms/php/webapps/12226.txt,"Magic Uploader Mini - Arbitrary File Upload",2010-04-14,indoushka,php,webapps,0 12227,platforms/php/webapps/12227.txt,"YUI Images Script - Arbitrary File Upload",2010-04-14,Mr.P3rfekT,php,webapps,0 -12230,platforms/php/webapps/12230.txt,"Joomla! Component 'com_wgpicasa' - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0 -12231,platforms/php/webapps/12231.txt,"Joomla! Component 'com_s5clanroster' - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0 +12230,platforms/php/webapps/12230.txt,"Joomla! Component com_wgpicasa - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0 +12231,platforms/php/webapps/12231.txt,"Joomla! Component com_s5clanroster - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0 12232,platforms/php/webapps/12232.txt,"Joomla! Component Photo Battle 1.0.1 - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0 12233,platforms/php/webapps/12233.txt,"Joomla! Component MT Fire Eagle 1.2 - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0 12234,platforms/php/webapps/12234.txt,"Joomla! Component Media Mall Factory 1.0.4 - Blind SQL Injection",2010-04-14,AntiSecurity,php,webapps,0 @@ -23708,7 +23708,7 @@ id,file,description,date,author,platform,type,port 12287,platforms/php/webapps/12287.txt,"Joomla! Component iNetLanka Multiple root 1.0 - Local File Inclusion",2010-04-18,AntiSecurity,php,webapps,0 12288,platforms/php/webapps/12288.txt,"Joomla! Component iNetLanka Multiple Map 1.0 - Local File Inclusion",2010-04-18,AntiSecurity,php,webapps,0 12289,platforms/php/webapps/12289.txt,"Joomla! Component iNetLanka Contact Us Draw Root Map 1.1 - Local File Inclusion",2010-04-18,AntiSecurity,php,webapps,0 -12290,platforms/php/webapps/12290.txt,"Joomla! Component 'com_google' - Local File Inclusion",2010-04-18,AntiSecurity,php,webapps,0 +12290,platforms/php/webapps/12290.txt,"Joomla! Component com_google - Local File Inclusion",2010-04-18,AntiSecurity,php,webapps,0 12291,platforms/php/webapps/12291.txt,"Joomla! Component iF surfALERT 1.2 - Local File Inclusion",2010-04-18,AntiSecurity,php,webapps,0 12292,platforms/php/webapps/12292.txt,"Flex File Manager - Arbitrary File Upload",2010-04-19,Mr.MLL,php,webapps,0 12295,platforms/php/webapps/12295.txt,"N/X Web CMS (N/X WCMS 4.5) - Multiple Vulnerabilities",2010-04-19,eidelweiss,php,webapps,0 @@ -23726,7 +23726,7 @@ id,file,description,date,author,platform,type,port 12319,platforms/php/webapps/12319.txt,"e107 CMS 0.7.19 - Cross-Site Request Forgery",2010-04-21,"High-Tech Bridge SA",php,webapps,0 12322,platforms/php/webapps/12322.txt,"LightNEasy 3.1.x - Multiple Vulnerabilities",2010-04-21,ITSecTeam,php,webapps,0 12323,platforms/php/webapps/12323.txt,"wb news (webmobo) 2.3.3 - Persistent Cross-Site Scripting",2010-04-21,ITSecTeam,php,webapps,0 -12325,platforms/php/webapps/12325.txt,"Joomla! Component 'com_portfolio' - Local File Disclosure",2010-04-21,Mr.tro0oqy,php,webapps,0 +12325,platforms/php/webapps/12325.txt,"Joomla! Component com_portfolio - Local File Disclosure",2010-04-21,Mr.tro0oqy,php,webapps,0 12329,platforms/asp/webapps/12329.txt,"CactuShop - User Invoices Persistent Cross-Site Scripting",2010-04-21,7Safe,asp,webapps,0 12330,platforms/php/webapps/12330.txt,"Apache OFBiz - Multiple Cross-Site Scripting",2010-04-21,"Lucas Apa",php,webapps,0 12333,platforms/php/webapps/12333.txt,"cms (id) 5.0 - SQL Injection",2010-04-22,spykit,php,webapps,0 @@ -23793,7 +23793,7 @@ id,file,description,date,author,platform,type,port 12436,platforms/php/webapps/12436.txt,"Pligg CMS 1.0.4 - 'story.php' SQL Injection",2010-04-28,"Don Tukulesto",php,webapps,0 12438,platforms/php/webapps/12438.txt,"SoftBizScripts Dating Script - SQL Injection",2010-04-28,41.w4r10r,php,webapps,0 12439,platforms/php/webapps/12439.txt,"SoftBizScripts Hosting Script - SQL Injection",2010-04-28,41.w4r10r,php,webapps,0 -12440,platforms/php/webapps/12440.txt,"Joomla! Component 'Wap4Joomla' - 'wapmain.php' SQL Injection",2010-04-28,Manas58,php,webapps,0 +12440,platforms/php/webapps/12440.txt,"Joomla! Component Wap4Joomla - 'wapmain.php' SQL Injection",2010-04-28,Manas58,php,webapps,0 12441,platforms/php/webapps/12441.html,"gpEasy 1.6.1 - Cross-Site Request Forgery (Add Admin)",2010-04-28,"Giuseppe 'giudinvx' D'Inverno",php,webapps,0 12442,platforms/php/webapps/12442.txt,"GeneShop 5.1.1 - SQL Injection",2010-04-28,41.w4r10r,php,webapps,0 12443,platforms/php/webapps/12443.txt,"Modelbook - 'casting_view.php' SQL Injection",2010-04-28,v3n0m,php,webapps,0 @@ -23823,12 +23823,12 @@ id,file,description,date,author,platform,type,port 12468,platforms/php/webapps/12468.txt,"Alibaba Clone Platinum - 'offers_buy.php' SQL Injection",2010-04-30,v3n0m,php,webapps,0 12471,platforms/asp/webapps/12471.txt,"Comersus 8 Shopping Cart - SQL Injection / Cross-Site Request Forgery",2010-05-01,Sid3^effects,asp,webapps,0 12472,platforms/php/webapps/12472.txt,"CF Image Host 1.1 - Remote File Inclusion",2010-05-01,The.Morpheus,php,webapps,0 -12473,platforms/php/webapps/12473.txt,"Joomla! Component 'Table JX' - Cross-Site Scripting",2010-05-01,Valentin,php,webapps,0 +12473,platforms/php/webapps/12473.txt,"Joomla! Component Table JX - Cross-Site Scripting",2010-05-01,Valentin,php,webapps,0 12474,platforms/php/webapps/12474.txt,"Joomla! Component Card View JX - Cross-Site Scripting",2010-05-01,Valentin,php,webapps,0 12475,platforms/php/webapps/12475.txt,"Opencatalogue 1.024 - Local File Inclusion",2010-05-01,cr4wl3r,php,webapps,0 12476,platforms/php/webapps/12476.txt,"Opencimetiere 2.01 - Multiple Remote File Inclusion",2010-05-01,cr4wl3r,php,webapps,0 12478,platforms/asp/webapps/12478.txt,"Mesut Manþet Haber 1.0 - Authentication Bypass",2010-05-02,LionTurk,asp,webapps,0 -12479,platforms/php/webapps/12479.txt,"Joomla! Component 'com_djClassifieds' 0.9.1 - Arbitrary File Upload",2010-05-02,Sid3^effects,php,webapps,0 +12479,platforms/php/webapps/12479.txt,"Joomla! Component com_djClassifieds 0.9.1 - Arbitrary File Upload",2010-05-02,Sid3^effects,php,webapps,0 12481,platforms/php/webapps/12481.txt,"WHMCompleteSolution (WHMCS) Control 2 - 'announcements.php' SQL Injection",2010-05-02,"Islam DefenDers",php,webapps,0 12484,platforms/php/webapps/12484.txt,"GuppY 4.5.18 - Blind SQL Injection / XPath Injection",2010-05-02,indoushka,php,webapps,0 12485,platforms/php/webapps/12485.txt,"Burning Board Lite 1.0.2 - Arbitrary File Upload",2010-05-02,indoushka,php,webapps,0 @@ -23846,7 +23846,7 @@ id,file,description,date,author,platform,type,port 12514,platforms/php/webapps/12514.txt,"PHP-Nuke 5.0 - Viewslink SQL Injection",2010-05-05,CMD,php,webapps,0 12515,platforms/php/webapps/12515.txt,"Slooze PHP Web Photo Album 0.2.7 - Command Execution",2010-05-05,"Sn!pEr.S!Te Hacker",php,webapps,0 12517,platforms/php/webapps/12517.txt,"Getsimple 2.01 - Local File Inclusion",2010-05-06,Batch,php,webapps,0 -12519,platforms/php/webapps/12519.txt,"AV Arcade - Search Field Cross-Site Scripting / HTML Injection",2010-05-06,"Vadim Toptunov",php,webapps,0 +12519,platforms/php/webapps/12519.txt,"AV Arcade - 'Search' Cross-Site Scripting / HTML Injection",2010-05-06,"Vadim Toptunov",php,webapps,0 12520,platforms/php/webapps/12520.html,"OCS Inventory NG Server 1.3.1 - 'LOGIN' Remote Authentication Bypass",2010-05-06,"Nicolas DEROUET",php,webapps,0 12521,platforms/php/webapps/12521.txt,"Factux - Local File Inclusion",2010-05-06,ALTBTA,php,webapps,0 12522,platforms/php/webapps/12522.txt,"WeBProdZ CMS - SQL Injection",2010-05-06,MasterGipy,php,webapps,0 @@ -23882,11 +23882,11 @@ id,file,description,date,author,platform,type,port 12570,platforms/php/webapps/12570.txt,"Uploader 0.1.5 - Multiple Vulnerabilities",2010-05-11,indoushka,php,webapps,0 12571,platforms/asp/webapps/12571.txt,"e-webtech - 'page.asp' SQL Injection",2010-05-11,CoBRa_21,asp,webapps,0 12572,platforms/php/webapps/12572.txt,"Free Advertisment CMS - 'user_info.php' SQL Injection",2010-05-11,XroGuE,php,webapps,0 -12574,platforms/php/webapps/12574.txt,"Joomla! Component 'mod_VisitorData' 1.1 - Remote code Execution",2010-05-11,"Chip d3 bi0s",php,webapps,0 +12574,platforms/php/webapps/12574.txt,"Joomla! Component mod_VisitorData 1.1 - Remote code Execution",2010-05-11,"Chip d3 bi0s",php,webapps,0 12575,platforms/php/webapps/12575.txt,"Marinet CMS - SQL Injection",2010-05-11,XroGuE,php,webapps,0 12576,platforms/php/webapps/12576.txt,"Woodall Creative - SQL Injection",2010-05-11,XroGuE,php,webapps,0 12577,platforms/php/webapps/12577.txt,"Marinet CMS - SQL Injection / Cross-Site Scripting / HTML Injection",2010-05-11,CoBRa_21,php,webapps,0 -12579,platforms/php/webapps/12579.txt,"Joomla! Component 'com_PHP' 0.1 - Local File Inclusion",2010-05-12,"Chip d3 bi0s",php,webapps,0 +12579,platforms/php/webapps/12579.txt,"Joomla! Component com_PHP 0.1 - Local File Inclusion",2010-05-12,"Chip d3 bi0s",php,webapps,0 12583,platforms/php/webapps/12583.txt,"e-webtech - 'fixed_page.asp' SQL Injection",2010-05-12,FL0RiX,php,webapps,0 12584,platforms/php/webapps/12584.txt,"PolyPager 1.0rc10 - 'FCKeditor' Arbitrary File Upload",2010-05-12,eidelweiss,php,webapps,0 12585,platforms/php/webapps/12585.txt,"4Images 1.7.7 - 'image_utils.php' Remote Command Execution",2010-05-12,"Sn!pEr.S!Te Hacker",php,webapps,0 @@ -23895,7 +23895,7 @@ id,file,description,date,author,platform,type,port 12591,platforms/php/webapps/12591.txt,"BlaB! Lite 0.5 - Remote File Inclusion",2010-05-13,"Sn!pEr.S!Te Hacker",php,webapps,0 12592,platforms/php/webapps/12592.txt,"Joomla! Component aardvertiser 2.0 - Local File Inclusion",2010-05-13,eidelweiss,php,webapps,0 12593,platforms/php/webapps/12593.txt,"damianov.net Shoutbox - Cross-Site Scripting",2010-05-13,"Valentin Hoebel",php,webapps,0 -12594,platforms/php/webapps/12594.txt,"Joomla! Component 'com_sebercart' - 'getPic.php' Local File Disclosure",2010-05-13,AntiSecurity,php,webapps,0 +12594,platforms/php/webapps/12594.txt,"Joomla! Component com_sebercart - 'getPic.php' Local File Disclosure",2010-05-13,AntiSecurity,php,webapps,0 12595,platforms/php/webapps/12595.txt,"Joomla! Component FDione Form Wizard 1.0.2 - Local File Inclusion",2010-05-13,"Chip d3 bi0s",php,webapps,0 12596,platforms/php/webapps/12596.txt,"Link Bid Script - 'links.php' SQL Injection",2010-05-14,R3d-D3V!L,php,webapps,0 12597,platforms/php/webapps/12597.txt,"Press Release Script - 'page.php id' SQL Injection",2010-05-14,R3d-D3V!L,php,webapps,0 @@ -24021,7 +24021,7 @@ id,file,description,date,author,platform,type,port 12766,platforms/php/webapps/12766.txt,"PPhlogger 2.2.5 - 'trace.php' Remote Command Execution",2010-05-27,"Sn!pEr.S!Te Hacker",php,webapps,0 12767,platforms/php/webapps/12767.txt,"parlic Design - SQL Injection / Cross-Site Scripting / HTML Injection",2010-05-27,XroGuE,php,webapps,0 12768,platforms/php/webapps/12768.txt,"Hampshire Trading Standards Script - SQL Injection",2010-05-27,Mr.P3rfekT,php,webapps,0 -12769,platforms/php/webapps/12769.txt,"Joomla! Component 'com_mediqna' 1.1 - Local File Inclusion",2010-05-27,kaMtiEz,php,webapps,0 +12769,platforms/php/webapps/12769.txt,"Joomla! Component com_mediqna 1.1 - Local File Inclusion",2010-05-27,kaMtiEz,php,webapps,0 12770,platforms/php/webapps/12770.txt,"toronja CMS - SQL Injection",2010-05-27,cyberlog,php,webapps,0 12771,platforms/php/webapps/12771.txt,"Toronja CMS - HTML / Cross-Site Scripting Injection",2010-05-27,CoBRa_21,php,webapps,0 12772,platforms/php/webapps/12772.txt,"Realtor WebSite System E-Commerce - SQL Injection",2010-05-27,cyberlog,php,webapps,0 @@ -24051,9 +24051,9 @@ id,file,description,date,author,platform,type,port 12808,platforms/php/webapps/12808.txt,"PTC Site's - Remote Code Execution / Cross-Site Scripting",2010-05-30,CrazyMember,php,webapps,0 12809,platforms/php/webapps/12809.txt,"Symphony CMS - Local File Inclusion",2010-05-30,AntiSecurity,php,webapps,0 12811,platforms/php/webapps/12811.txt,"osCommerce Online Merchant 2.2 - Arbitrary File Upload",2010-05-30,MasterGipy,php,webapps,0 -12812,platforms/php/webapps/12812.txt,"Joomla! Component 'com_quran' - SQL Injection",2010-05-30,r3m1ck,php,webapps,0 +12812,platforms/php/webapps/12812.txt,"Joomla! Component com_quran - SQL Injection",2010-05-30,r3m1ck,php,webapps,0 12813,platforms/php/webapps/12813.txt,"WsCMS - Multiple SQL Injections",2010-05-31,cyberlog,php,webapps,0 -12814,platforms/php/webapps/12814.txt,"Joomla! Component 'com_g2bridge' - Local File Inclusion",2010-05-31,akatsuchi,php,webapps,0 +12814,platforms/php/webapps/12814.txt,"Joomla! Component com_g2bridge - Local File Inclusion",2010-05-31,akatsuchi,php,webapps,0 12817,platforms/php/webapps/12817.txt,"QuickTalk 1.2 - Source Code Disclosure",2010-05-31,indoushka,php,webapps,0 12818,platforms/php/webapps/12818.txt,"e107 0.7.21 full - Remote File Inclusion / Cross-Site Scripting",2010-05-31,indoushka,php,webapps,0 12819,platforms/php/webapps/12819.txt,"Persian E107 - Cross-Site Scripting",2010-05-31,indoushka,php,webapps,0 @@ -24123,7 +24123,7 @@ id,file,description,date,author,platform,type,port 14333,platforms/php/webapps/14333.html,"Orbis CMS 1.0.2 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-11,10n1z3d,php,webapps,0 13792,platforms/php/webapps/13792.txt,"Joomla! Component cinema - SQL Injection",2010-06-09,Sudden_death,php,webapps,0 13793,platforms/asp/webapps/13793.txt,"Online Notebook Manager - SQL Injection",2010-06-09,"L0rd CrusAd3r",asp,webapps,0 -13794,platforms/multiple/webapps/13794.txt,"Joomla! Component 'Jreservation' 1.5 - SQL Injection / Cross-Site Scripting",2010-06-09,Sid3^effects,multiple,webapps,0 +13794,platforms/multiple/webapps/13794.txt,"Joomla! Component Jreservation 1.5 - SQL Injection / Cross-Site Scripting",2010-06-09,Sid3^effects,multiple,webapps,0 27972,platforms/php/webapps/27972.txt,"ESTsoft InternetDisk - Arbitrary File Upload / Script Execution",2006-06-05,Kil13r,php,webapps,0 27973,platforms/php/webapps/27973.txt,"Bookmark4U 2.0 - inc/dbase.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0 27974,platforms/php/webapps/27974.txt,"Bookmark4U 2.0 - inc/config.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0 @@ -24205,13 +24205,13 @@ id,file,description,date,author,platform,type,port 13922,platforms/php/webapps/13922.txt,"Joomla! Component com_joomdocs - Cross-Site Scripting",2010-06-18,Sid3^effects,php,webapps,0 13923,platforms/php/webapps/13923.txt,"Joomla! Component Answers 2.3beta - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 13925,platforms/php/webapps/13925.txt,"Joomla! Component Ozio Gallery 2 - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 -13926,platforms/php/webapps/13926.txt,"Joomla! Component 'com_listbingo' 1.3 - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 +13926,platforms/php/webapps/13926.txt,"Joomla! Component com_listbingo 1.3 - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 13927,platforms/php/webapps/13927.txt,"MarketSaz - Arbitrary File Upload",2010-06-18,NetQurd,php,webapps,0 13929,platforms/php/webapps/13929.txt,"Banner Management Script - SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 13930,platforms/php/webapps/13930.txt,"Shopping Cart Script with Affiliate Program - SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 13931,platforms/php/webapps/13931.txt,"KubeLance 1.7.6 - 'profile.php' SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 13933,platforms/php/webapps/13933.txt,"UK One Media CMS - 'id' Error-Based SQL Injection",2010-06-19,LiquidWorm,php,webapps,0 -13935,platforms/php/webapps/13935.txt,"Joomla! Component 'RSComments' 1.0.0 - Persistent Cross-Site Scripting",2010-06-19,jdc,php,webapps,0 +13935,platforms/php/webapps/13935.txt,"Joomla! Component RSComments 1.0.0 - Persistent Cross-Site Scripting",2010-06-19,jdc,php,webapps,0 13936,platforms/php/webapps/13936.txt,"Elite Gaming Ladders 3.5 - SQL Injection (ladder[id])",2010-06-19,ahwak2000,php,webapps,0 13937,platforms/php/webapps/13937.txt,"SnowCade 3.0 - SQL Injection",2010-06-19,ahwak2000,php,webapps,0 13938,platforms/php/webapps/13938.html,"WebsiteBaker 2.8.1 - Cross-Site Request Forgery (PoC)",2010-06-19,"Luis Santana",php,webapps,0 @@ -24222,7 +24222,7 @@ id,file,description,date,author,platform,type,port 13947,platforms/php/webapps/13947.txt,"PHP Calendars Script - SQL Injection",2010-06-20,"L0rd CrusAd3r",php,webapps,0 13948,platforms/php/webapps/13948.txt,"OroHYIP - SQL Injection",2010-06-20,"L0rd CrusAd3r",php,webapps,0 13949,platforms/php/webapps/13949.txt,"Shareasale Script - SQL Injection",2010-06-20,"L0rd CrusAd3r",php,webapps,0 -13951,platforms/php/webapps/13951.txt,"Joomla! Component 'com_eportfolio' - Arbitrary File Upload",2010-06-20,Sid3^effects,php,webapps,0 +13951,platforms/php/webapps/13951.txt,"Joomla! Component com_eportfolio - Arbitrary File Upload",2010-06-20,Sid3^effects,php,webapps,0 13952,platforms/php/webapps/13952.txt,"Saffa Tunes CMS - 'news.php' SQL Injection",2010-06-21,"Th3 RDX",php,webapps,0 13954,platforms/php/webapps/13954.txt,"G.CMS Generator - SQL Injection",2010-06-21,Sid3^effects,php,webapps,0 13955,platforms/php/webapps/13955.txt,"Joomla! Component com_community - Persistent Cross-Site Scripting",2010-06-21,Sid3^effects,php,webapps,0 @@ -24232,7 +24232,7 @@ id,file,description,date,author,platform,type,port 14359,platforms/php/webapps/14359.html,"ZenPhoto CMS 1.3 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-14,10n1z3d,php,webapps,0 13960,platforms/php/webapps/13960.html,"PHPWCMS 1.4.5 r398 - Cross-Site Request Forgery",2010-06-21,"Jeremiah Talamantes",php,webapps,0 13961,platforms/php/webapps/13961.txt,"Alpin CMS 1.0 - SQL Injection",2010-06-21,"Th3 RDX",php,webapps,0 -13962,platforms/php/webapps/13962.txt,"Joomla! Component 'JomSocial' 1.6.288 - Multiple Cross-Site Scripting",2010-06-21,jdc,php,webapps,0 +13962,platforms/php/webapps/13962.txt,"Joomla! Component JomSocial 1.6.288 - Multiple Cross-Site Scripting",2010-06-21,jdc,php,webapps,0 13964,platforms/php/webapps/13964.txt,"Linker IMG 1.0 - Remote File Inclusion",2010-06-21,"Sn!pEr.S!Te Hacker",php,webapps,0 13966,platforms/php/webapps/13966.txt,"The Uploader 2.0.4 - Remote File Disclosure",2010-06-22,Xa7m3d,php,webapps,0 13967,platforms/php/webapps/13967.txt,"Online Classified System Script - SQL Injection / Cross-Site Scripting",2010-06-22,"L0rd CrusAd3r",php,webapps,0 @@ -24244,7 +24244,7 @@ id,file,description,date,author,platform,type,port 13976,platforms/php/webapps/13976.txt,"Top Sites Script - SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 13977,platforms/php/webapps/13977.txt,"Social Community Script - SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 13978,platforms/php/webapps/13978.txt,"Job Search Engine Script - SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 -13979,platforms/php/webapps/13979.txt,"Joomla! Component 'com_ybggal' 1.0 - 'catid' Parameter SQL Injection",2010-06-22,v3n0m,php,webapps,0 +13979,platforms/php/webapps/13979.txt,"Joomla! Component com_ybggal 1.0 - 'catid' Parameter SQL Injection",2010-06-22,v3n0m,php,webapps,0 13980,platforms/php/webapps/13980.txt,"Cornerstone CMS - SQL Injection",2010-06-22,"Th3 RDX",php,webapps,0 13981,platforms/php/webapps/13981.txt,"Joomla! Component Picasa2Gallery 1.2.8 - Local File Inclusion",2010-06-22,kaMtiEz,php,webapps,0 13982,platforms/php/webapps/13982.txt,"Alpin CMS - 'e4700.asp?id' SQL Injection",2010-06-22,CoBRa_21,php,webapps,0 @@ -24293,10 +24293,10 @@ id,file,description,date,author,platform,type,port 14057,platforms/php/webapps/14057.txt,"WordPress Plugin Cimy Counter - Exploit",2010-06-26,sebug,php,webapps,0 14058,platforms/aix/webapps/14058.html,"PHP-Nuke 8.2 - Arbitrary File Upload Exploit",2010-06-26,Net.Edit0r,aix,webapps,0 14059,platforms/php/webapps/14059.txt,"Joomla! Component JE Awd Song - Persistent Cross-Site Scripting",2010-06-26,Sid3^effects,php,webapps,0 -14060,platforms/php/webapps/14060.txt,"Joomla! Component 'JE Media Player' - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0 +14060,platforms/php/webapps/14060.txt,"Joomla! Component JE Media Player - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0 14085,platforms/php/webapps/14085.txt,"iNet Online Community - Blind SQL Injection",2010-06-28,JaMbA,php,webapps,0 14086,platforms/php/webapps/14086.txt,"PTCPay GEN4 - 'buyupg.php' SQL Injection",2010-06-28,Dark.Man,php,webapps,0 -14062,platforms/php/webapps/14062.txt,"Joomla! Component 'jeeventcalendar' - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0 +14062,platforms/php/webapps/14062.txt,"Joomla! Component jeeventcalendar - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0 14063,platforms/php/webapps/14063.txt,"Joomla! Component com_jejob - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0 14064,platforms/php/webapps/14064.txt,"Joomla! Component jesectionfinder - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0 14073,platforms/php/webapps/14073.txt,"2DayBiz Matrimonial Script - 'smartresult.php' SQL Injection",2010-06-27,"Easy Laster",php,webapps,0 @@ -24324,7 +24324,7 @@ id,file,description,date,author,platform,type,port 14115,platforms/windows/webapps/14115.txt,"Gekko CMS - SQL Injection",2010-06-29,[]0iZy5,windows,webapps,80 14117,platforms/multiple/webapps/14117.txt,"CubeCart PHP 4.3.x - 'shipkey' SQL Injection",2010-06-29,"Core Security",multiple,webapps,80 14118,platforms/multiple/webapps/14118.txt,"LIOOSYS CMS - 'news.php' SQL Injection",2010-06-29,GlaDiaT0R,multiple,webapps,80 -14274,platforms/php/webapps/14274.txt,"Joomla! Component 'Music Manager' - Local File Inclusion",2010-07-08,Sid3^effects,php,webapps,0 +14274,platforms/php/webapps/14274.txt,"Joomla! Component Music Manager - Local File Inclusion",2010-07-08,Sid3^effects,php,webapps,0 14123,platforms/php/webapps/14123.txt,"WebDM CMS - SQL Injection",2010-06-29,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 14124,platforms/php/webapps/14124.pl,"PHP-Nuke 8.0 - SQL Injection",2010-06-30,Dante90,php,webapps,0 14125,platforms/php/webapps/14125.pl,"ShopCartDx 4.30 - 'products.php' Blind SQL Injection",2010-06-30,Dante90,php,webapps,0 @@ -24341,7 +24341,7 @@ id,file,description,date,author,platform,type,port 14152,platforms/php/webapps/14152.pl,"Oxygen2PHP 1.1.3 - 'forumdisplay.php' Blind SQL Injection",2010-07-01,Dante90,php,webapps,0 14154,platforms/php/webapps/14154.txt,"Joomla! Component com_dateconverter 0.1 - SQL Injection",2010-07-01,RoAd_KiLlEr,php,webapps,0 14155,platforms/asp/webapps/14155.txt,"SIDA University System - SQL Injection",2010-07-01,K053,asp,webapps,0 -14209,platforms/php/webapps/14209.txt,"Joomla! Component 'Front-End Article Manager System' - Arbitrary File Upload",2010-07-04,Sid3^effects,php,webapps,0 +14209,platforms/php/webapps/14209.txt,"Joomla! Component Front-End Article Manager System - Arbitrary File Upload",2010-07-04,Sid3^effects,php,webapps,0 14165,platforms/php/webapps/14165.txt,"iScripts EasyBiller - Cross-Site Scripting",2010-07-02,Sangteamtham,php,webapps,0 14163,platforms/php/webapps/14163.txt,"iScripts ReserveLogic 1.0 - SQL Injection",2010-07-01,"Salvatore Fresta",php,webapps,0 14164,platforms/php/webapps/14164.txt,"iScripts CyberMatch 1.0 - Blind SQL Injection",2010-07-02,"Salvatore Fresta",php,webapps,0 @@ -24351,11 +24351,11 @@ id,file,description,date,author,platform,type,port 14176,platforms/php/webapps/14176.c,"iScripts Socialware 2.2.x - Arbitrary File Upload",2010-07-02,"Salvatore Fresta",php,webapps,0 14166,platforms/php/webapps/14166.txt,"Bit Weaver 2.7 - Local File Inclusion",2010-07-02,"John Leitch",php,webapps,0 14171,platforms/php/webapps/14171.txt,"Iphone Pointter Social Network - Local File Inclusion",2010-07-02,Sid3^effects,php,webapps,0 -14172,platforms/php/webapps/14172.txt,"Joomla! Component 'com_seyret' - Blind SQL Injection",2010-07-02,RoAd_KiLlEr,php,webapps,0 +14172,platforms/php/webapps/14172.txt,"Joomla! Component com_seyret - Blind SQL Injection",2010-07-02,RoAd_KiLlEr,php,webapps,0 14170,platforms/php/webapps/14170.txt,"Pointter Social Network - Local File Inclusion",2010-07-02,Sid3^effects,php,webapps,0 14168,platforms/asp/webapps/14168.txt,"VGM Forbin - 'article.asp' SQL Injection",2010-07-02,"Th3 RDX",asp,webapps,0 14169,platforms/asp/webapps/14169.txt,"MooreAdvice - 'productlist.asp' SQL Injection",2010-07-02,"Th3 RDX",asp,webapps,0 -14183,platforms/php/webapps/14183.txt,"Joomla! Component 'com_seyret' - Local File Inclusion",2010-07-03,"Cooler_ unix",php,webapps,0 +14183,platforms/php/webapps/14183.txt,"Joomla! Component com_seyret - Local File Inclusion",2010-07-03,"Cooler_ unix",php,webapps,0 14192,platforms/asp/webapps/14192.txt,"Ziggurat Farsi CMS - SQL Injection",2010-07-03,"Arash Saadatfar",asp,webapps,0 14184,platforms/php/webapps/14184.txt,"SweetRice < 0.6.4 - 'FCKeditor' Arbitrary File Upload",2010-07-03,ITSecTeam,php,webapps,0 14186,platforms/php/webapps/14186.txt,"Family Connections Who is Chatting AddOn - Remote File Inclusion",2010-07-03,lumut--,php,webapps,0 @@ -24376,7 +24376,7 @@ id,file,description,date,author,platform,type,port 14207,platforms/php/webapps/14207.txt,"Joomla! Component Phoca Gallery 2.7.3 - SQL Injection",2010-07-04,RoAd_KiLlEr,php,webapps,0 14210,platforms/php/webapps/14210.txt,"Joomla! Component Address Book - Blind SQL Injection",2010-07-04,Sid3^effects,php,webapps,0 14211,platforms/php/webapps/14211.txt,"Joomla! Component NinjaMonials - Blind SQL Injection",2010-07-04,Sid3^effects,php,webapps,0 -14213,platforms/php/webapps/14213.txt,"Joomla! Component 'com_sef' - Local File Inclusion",2010-07-05,_mlk_,php,webapps,0 +14213,platforms/php/webapps/14213.txt,"Joomla! Component com_sef - Local File Inclusion",2010-07-05,_mlk_,php,webapps,0 14214,platforms/php/webapps/14214.txt,"bbPress 1.0.2 - Cross-Site Request Forgery (Change Admin Password)",2010-07-05,saudi0hacker,php,webapps,0 14217,platforms/php/webapps/14217.txt,"WikiWebHelp 0.28 - SQL Injection",2010-07-05,"ADEO Security",php,webapps,0 14250,platforms/php/webapps/14250.txt,"Joomla! Component NeoRecruit 1.6.4 - 'Itemid' Parameter Blind SQL Injection",2010-07-06,Sid3^effects,php,webapps,0 @@ -24409,7 +24409,7 @@ id,file,description,date,author,platform,type,port 14262,platforms/php/webapps/14262.txt,"Simple Document Management System - SQL Injection",2010-07-07,Sid3^effects,php,webapps,0 14264,platforms/hardware/webapps/14264.html,"Harris Stratex StarMAX 2100 WIMAX Subscriber Station - Running Config Cross-Site Request Forgery",2010-07-07,kalyanakumar,hardware,webapps,0 14263,platforms/php/webapps/14263.txt,"Joomla! Component ArtForms 2.1b7.2 rc2 - Multiple Vulnerabilities",2010-07-07,"Salvatore Fresta",php,webapps,0 -14265,platforms/php/webapps/14265.txt,"Joomla! Component 'PaymentsPlus' 2.1.5 - Blind SQL Injection",2010-07-07,Sid3^effects,php,webapps,0 +14265,platforms/php/webapps/14265.txt,"Joomla! Component PaymentsPlus 2.1.5 - Blind SQL Injection",2010-07-07,Sid3^effects,php,webapps,0 14270,platforms/php/webapps/14270.txt,"Zylone IT - Multiple Blind SQL Injections",2010-07-08,Callo,php,webapps,0 14271,platforms/php/webapps/14271.txt,"Pithcms - (theme) Local/Remote File Inclusion",2010-07-08,eidelweiss,php,webapps,0 14277,platforms/php/webapps/14277.txt,"Inout Music 1.0 - Arbitrary File Upload",2010-07-08,SONIC,php,webapps,0 @@ -24420,8 +24420,8 @@ id,file,description,date,author,platform,type,port 14283,platforms/asp/webapps/14283.txt,"ClickGallery Server - SQL Injection",2010-07-08,SONIC,asp,webapps,0 14284,platforms/asp/webapps/14284.txt,"i-Gallery - Multiple Vulnerabilities",2010-07-08,SONIC,asp,webapps,0 14289,platforms/php/webapps/14289.html,"b2evolution 3.3.3 - Cross-Site Request Forgery",2010-07-09,saudi0hacker,php,webapps,0 -14293,platforms/php/webapps/14293.txt,"Joomla! Component 'Minify4Joomla' - Arbitrary File Upload / Persistent Cross-Site Scripting",2010-07-09,Sid3^effects,php,webapps,0 -14291,platforms/php/webapps/14291.txt,"Joomla! Component 'IXXO Cart' - SQL Injection",2010-07-09,Sid3^effects,php,webapps,0 +14293,platforms/php/webapps/14293.txt,"Joomla! Component Minify4Joomla - Arbitrary File Upload / Persistent Cross-Site Scripting",2010-07-09,Sid3^effects,php,webapps,0 +14291,platforms/php/webapps/14291.txt,"Joomla! Component IXXO Cart - SQL Injection",2010-07-09,Sid3^effects,php,webapps,0 14434,platforms/php/webapps/14434.txt,"Joomla! Component com_jomtube - 'user_id' Parameter Blind SQL Injection",2010-07-22,SixP4ck3r,php,webapps,0 14312,platforms/php/webapps/14312.txt,"Joomla! Component redSHOP 1.0 - 'pid' Parameter SQL Injection",2010-07-10,v3n0m,php,webapps,0 14296,platforms/php/webapps/14296.txt,"Joomla! Component QuickFAQ 1.0.3 - Blind SQL Injection",2010-07-09,RoAd_KiLlEr,php,webapps,0 @@ -24432,24 +24432,24 @@ id,file,description,date,author,platform,type,port 14310,platforms/php/webapps/14310.js,"dotDefender 3.8-5 - Unauthenticated Remote Code Execution (via Cross-Site Scripting)",2010-07-09,rAWjAW,php,webapps,80 14313,platforms/php/webapps/14313.txt,"Joomla! Component MyHome - Blind SQL Injection",2010-07-10,Sid3^effects,php,webapps,0 14315,platforms/php/webapps/14315.txt,"Joomla! Component MySMS - Arbitrary File Upload",2010-07-10,Sid3^effects,php,webapps,0 -14335,platforms/php/webapps/14335.txt,"Joomla! Component 'healthstats' - Persistent Cross-Site Scripting",2010-07-12,Sid3^effects,php,webapps,0 +14335,platforms/php/webapps/14335.txt,"Joomla! Component healthstats - Persistent Cross-Site Scripting",2010-07-12,Sid3^effects,php,webapps,0 14318,platforms/php/webapps/14318.html,"Elite CMS 1.01 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities",2010-07-10,10n1z3d,php,webapps,0 14319,platforms/php/webapps/14319.pl,"PHP-Nuke 8.1.0.3.5b - Remote Command Execution",2010-07-10,yawn,php,webapps,0 14320,platforms/php/webapps/14320.pl,"PHP-Nuke 8.1.0.3.5b (Your_Account Module) - Blind SQL Injection (Benchmark Mode)",2010-07-10,yawn,php,webapps,0 14324,platforms/php/webapps/14324.txt,"Sillaj time tracking tool - Authentication Bypass",2010-07-10,"L0rd CrusAd3r",php,webapps,0 14325,platforms/php/webapps/14325.txt,"My Kazaam Notes Management System - Multiple Vulnerabilities",2010-07-10,"L0rd CrusAd3r",php,webapps,0 14326,platforms/php/webapps/14326.txt,"My Kazaam Address & Contact ORGanizer - SQL Injection",2010-07-10,v3n0m,php,webapps,0 -14327,platforms/php/webapps/14327.txt,"Joomla! Component 'Rapid-Recipe' - Persistent Cross-Site Scripting",2010-07-10,Sid3^effects,php,webapps,0 +14327,platforms/php/webapps/14327.txt,"Joomla! Component Rapid-Recipe - Persistent Cross-Site Scripting",2010-07-10,Sid3^effects,php,webapps,0 14328,platforms/php/webapps/14328.html,"Macs CMS 1.1.4 - Cross-Site Scripting / Cross-Site Request Forgery",2010-07-11,10n1z3d,php,webapps,0 14329,platforms/php/webapps/14329.html,"Frog CMS 0.9.5 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-11,10n1z3d,php,webapps,0 14330,platforms/php/webapps/14330.html,"TomatoCart 1.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-11,10n1z3d,php,webapps,0 14331,platforms/php/webapps/14331.html,"TomatoCMS 2.0.5 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-11,10n1z3d,php,webapps,0 -14336,platforms/php/webapps/14336.txt,"Joomla! Component 'EasyBlog' - Persistent Cross-Site Scripting",2010-07-12,Sid3^effects,php,webapps,0 +14336,platforms/php/webapps/14336.txt,"Joomla! Component EasyBlog - Persistent Cross-Site Scripting",2010-07-12,Sid3^effects,php,webapps,0 14337,platforms/php/webapps/14337.html,"TheHostingTool 1.2.2 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0 14338,platforms/php/webapps/14338.html,"Getsimple CMS 2.01 - Multiple Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0 14342,platforms/php/webapps/14342.html,"Grafik CMS 1.1.2 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0 14355,platforms/windows/webapps/14355.txt,"dotDefender 4.02 - Authentication Bypass",2010-07-13,"David K",windows,webapps,0 -14350,platforms/php/webapps/14350.txt,"Joomla! Component 'com_qcontacts' - SQL Injection",2010-07-13,_mlk_,php,webapps,0 +14350,platforms/php/webapps/14350.txt,"Joomla! Component com_qcontacts - SQL Injection",2010-07-13,_mlk_,php,webapps,0 14351,platforms/php/webapps/14351.txt,"I-net Enquiry Management Script - SQL Injection",2010-07-13,D4rk357,php,webapps,0 14353,platforms/php/webapps/14353.html,"Diferior CMS 8.03 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-13,10n1z3d,php,webapps,0 14354,platforms/php/webapps/14354.txt,"AJ Article 3.0 - Cross-Site Scripting",2010-07-13,Sid3^effects,php,webapps,0 @@ -24477,7 +24477,7 @@ id,file,description,date,author,platform,type,port 14391,platforms/php/webapps/14391.txt,"Subrion Auto Classifieds - Persistent Cross-Site Scripting",2010-07-17,Sid3^effects,php,webapps,0 14392,platforms/php/webapps/14392.txt,"Kayako eSupport 3.70.02 - SQL Injection",2010-07-17,Sid3^effects,php,webapps,0 14393,platforms/php/webapps/14393.txt,"Calendarix - 'cal_cat.php' SQL Injection",2010-07-17,SixP4ck3r,php,webapps,0 -14394,platforms/php/webapps/14394.txt,"Joomla! Component 'com_spa' - SQL Injection (2)",2010-07-17,"Palyo34 and KroNicKq",php,webapps,0 +14394,platforms/php/webapps/14394.txt,"Joomla! Component com_spa - SQL Injection (2)",2010-07-17,"Palyo34 and KroNicKq",php,webapps,0 14395,platforms/php/webapps/14395.txt,"Joomla! Component StaticXT - SQL Injection",2010-07-17,"Palyo34 and KroNicKq",php,webapps,0 14404,platforms/php/webapps/14404.txt,"Kayako eSupport 3.70.02 - 'functions.php' SQL Injection",2010-07-18,ScOrPiOn,php,webapps,0 14405,platforms/php/webapps/14405.txt,"PHP-Fusion - Remote Command Execution",2010-07-18,"ViRuS Qalaa",php,webapps,0 @@ -24485,7 +24485,7 @@ id,file,description,date,author,platform,type,port 14410,platforms/php/webapps/14410.txt,"rapidCMS 2.0 - Authentication Bypass",2010-07-18,Mahjong,php,webapps,0 14415,platforms/php/webapps/14415.html,"EZ-osCommerce 3.1 - Arbitrary File Upload",2010-07-20,indoushka,php,webapps,0 14419,platforms/asp/webapps/14419.txt,"Caner Hikaye Script - SQL Injection",2010-07-20,v0calist,asp,webapps,0 -14423,platforms/php/webapps/14423.txt,"Joomla! Component 'com_spa' - SQL Injection (1)",2010-07-20,ALTBTA,php,webapps,0 +14423,platforms/php/webapps/14423.txt,"Joomla! Component com_spa - SQL Injection (1)",2010-07-20,ALTBTA,php,webapps,0 14425,platforms/php/webapps/14425.txt,"PHP Chat for 123 Flash Chat - Remote File Inclusion",2010-07-20,"HaCkEr arar",php,webapps,0 14426,platforms/php/webapps/14426.pl,"Imagine-cms 2.50 - SQL Injection",2010-07-21,Metropolis,php,webapps,0 14427,platforms/windows/webapps/14427.txt,"Outlook Web Access 2003 - Cross-Site Request Forgery",2010-07-21,anonymous,windows,webapps,0 @@ -24527,15 +24527,15 @@ id,file,description,date,author,platform,type,port 14476,platforms/php/webapps/14476.txt,"Joomla! Component Visites 1.1 RC2 - Remote File Inclusion",2010-07-26,Li0n-PaL,php,webapps,0 14481,platforms/php/webapps/14481.txt,"Joomla! Component TTVideo 1.0 - SQL Injection",2010-07-27,"Salvatore Fresta",php,webapps,0 14485,platforms/php/webapps/14485.txt,"nuBuilder 10.04.20 - Local File Inclusion",2010-07-27,"John Leitch",php,webapps,0 -14488,platforms/php/webapps/14488.txt,"Joomla! Component 'com_appointinator' 1.0.1 - Multiple Vulnerabilities",2010-07-27,"Salvatore Fresta",php,webapps,0 +14488,platforms/php/webapps/14488.txt,"Joomla! Component com_appointinator 1.0.1 - Multiple Vulnerabilities",2010-07-27,"Salvatore Fresta",php,webapps,0 14490,platforms/php/webapps/14490.txt,"nuBuilder - Remote File Inclusion",2010-07-28,Ahlspiess,php,webapps,0 14494,platforms/php/webapps/14494.txt,"AV Arcade 3 - Cookie SQL Injection / Authentication Bypass",2010-07-28,saudi0hacker,php,webapps,0 14495,platforms/php/webapps/14495.txt,"Joomla! Component com_photomapgallery 1.6.0 - Multiple Blind SQL Injections",2010-07-28,"Salvatore Fresta",php,webapps,0 -14499,platforms/php/webapps/14499.txt,"Joomla! Component 'com_pbbooking' 1.0.4_3 - Multiple Blind SQL Injection",2010-07-29,"Salvatore Fresta",php,webapps,0 +14499,platforms/php/webapps/14499.txt,"Joomla! Component com_pbbooking 1.0.4_3 - Multiple Blind SQL Injection",2010-07-29,"Salvatore Fresta",php,webapps,0 14500,platforms/php/webapps/14500.txt,"Whizzy CMS 10.02 - Local File Inclusion",2010-07-29,"Anarchy Angel",php,webapps,0 -14501,platforms/php/webapps/14501.txt,"Joomla! Component 'com_SimpleShop' - SQL Injection",2010-07-29,"UnD3rGr0unD W4rri0rZ",php,webapps,0 +14501,platforms/php/webapps/14501.txt,"Joomla! Component com_SimpleShop - SQL Injection",2010-07-29,"UnD3rGr0unD W4rri0rZ",php,webapps,0 14502,platforms/php/webapps/14502.txt,"Joomla! Component com_beamospetition - SQL Injection",2010-07-29,Forza-Dz,php,webapps,0 -14518,platforms/php/webapps/14518.txt,"Joomla! Component 'com_spielothek' 1.6.9 - Multiple Blind SQL Injection",2010-07-31,"Salvatore Fresta",php,webapps,0 +14518,platforms/php/webapps/14518.txt,"Joomla! Component com_spielothek 1.6.9 - Multiple Blind SQL Injection",2010-07-31,"Salvatore Fresta",php,webapps,0 14521,platforms/hardware/webapps/14521.txt,"Intellinet IP Camera MNC-L10 - Authentication Bypass",2010-08-01,Magnefikko,hardware,webapps,0 14523,platforms/php/webapps/14523.txt,"SnoGrafx - 'cat.php?cat' SQL Injection",2010-08-02,CoBRa_21,php,webapps,0 14528,platforms/php/webapps/14528.txt,"APT-WEBSHOP-SYSTEM - modules.php SQL Injection",2010-08-02,secret,php,webapps,0 @@ -24549,7 +24549,7 @@ id,file,description,date,author,platform,type,port 14556,platforms/php/webapps/14556.txt,"Nuked-klaN Module Partenaires NK 1.5 - Blind SQL Injection",2010-08-05,Metropolis,php,webapps,0 14559,platforms/php/webapps/14559.txt,"APBoard 2.1.0 - 'board.php?id=' SQL Injection",2010-08-05,secret,php,webapps,0 14560,platforms/php/webapps/14560.txt,"ccTiddly 1.7.6 - Multiple Remote File Inclusion",2010-08-05,eidelweiss,php,webapps,0 -14569,platforms/php/webapps/14569.txt,"Joomla! Component 'com_cgtestimonial' 2.2 - Multiple Vulnerabilities",2010-08-06,"Salvatore Fresta",php,webapps,0 +14569,platforms/php/webapps/14569.txt,"Joomla! Component com_cgtestimonial 2.2 - Multiple Vulnerabilities",2010-08-06,"Salvatore Fresta",php,webapps,0 14562,platforms/php/webapps/14562.html,"Open Blog 1.2.1 - Cross-Site Request Forgery",2010-08-05,"High-Tech Bridge SA",php,webapps,0 14563,platforms/php/webapps/14563.html,"BXR 0.6.8 - Cross-Site Request Forgery",2010-08-05,"High-Tech Bridge SA",php,webapps,0 14564,platforms/php/webapps/14564.html,"Amethyst 0.1.5 - Cross-Site Scripting",2010-08-05,"High-Tech Bridge SA",php,webapps,0 @@ -24560,7 +24560,7 @@ id,file,description,date,author,platform,type,port 14585,platforms/php/webapps/14585.php,"kleeja 1.0.0RC6 - Database Disclosure",2010-08-09,indoushka,php,webapps,0 14598,platforms/php/webapps/14598.txt,"Joomla! Component Teams - Multiple Blind SQL Injections",2010-08-10,"Salvatore Fresta",php,webapps,0 14589,platforms/php/webapps/14589.txt,"PHP-Nuke 8.x.x - Blind SQL Injection",2010-08-09,ITSecTeam,php,webapps,0 -14592,platforms/php/webapps/14592.txt,"Joomla! Component 'com_yellowpages' - SQL Injection",2010-08-09,"al bayraqim",php,webapps,0 +14592,platforms/php/webapps/14592.txt,"Joomla! Component com_yellowpages - SQL Injection",2010-08-09,"al bayraqim",php,webapps,0 14595,platforms/php/webapps/14595.html,"wizmall 6.4 - Cross-Site Request Forgery",2010-08-09,pyw1414,php,webapps,0 14596,platforms/php/webapps/14596.txt,"Joomla! Component Amblog 1.0 - Multiple SQL Injections",2010-08-10,"Salvatore Fresta",php,webapps,0 14606,platforms/multiple/webapps/14606.html,"Zendesk - Multiple Vulnerabilities",2010-08-10,"Luis Santana",multiple,webapps,0 @@ -24583,14 +24583,14 @@ id,file,description,date,author,platform,type,port 14650,platforms/php/webapps/14650.html,"Zomplog 3.9 - Cross-Site Scripting / Cross-Site Request Forgery",2010-08-15,10n1z3d,php,webapps,0 14654,platforms/php/webapps/14654.php,"CMSQLite 1.2 / CMySQLite 1.3.1 - Remote Code Execution",2010-08-15,BlackHawk,php,webapps,0 14655,platforms/php/webapps/14655.txt,"Joomla! Component com_equipment - SQL Injection",2010-08-16,Forza-Dz,php,webapps,0 -14656,platforms/php/webapps/14656.txt,"Joomla! Component 'com_jgrid' 1.0 - Local File Inclusion",2010-08-16,"Salvatore Fresta",php,webapps,0 -14659,platforms/php/webapps/14659.txt,"Joomla! Component 'com_ongallery' - SQL Injection",2010-08-16,"al bayraqim",php,webapps,0 +14656,platforms/php/webapps/14656.txt,"Joomla! Component com_jgrid 1.0 - Local File Inclusion",2010-08-16,"Salvatore Fresta",php,webapps,0 +14659,platforms/php/webapps/14659.txt,"Joomla! Component com_ongallery - SQL Injection",2010-08-16,"al bayraqim",php,webapps,0 14672,platforms/php/webapps/14672.txt,"Free Simple Software 1.0 - Remote File Inclusion",2010-08-17,Dr.$audi,php,webapps,0 14684,platforms/php/webapps/14684.php,"Open-Realty 2.5.7 - Local File Disclosure",2010-08-18,"Nikola Petrov",php,webapps,0 14686,platforms/php/webapps/14686.txt,"vbbuletin 4.0.4 - Multiple Vulnerabilities",2010-08-19,mc2_s3lector,php,webapps,0 14707,platforms/php/webapps/14707.txt,"Joomla! Component Fabrik - SQL Injection",2010-08-21,Mkr0x,php,webapps,0 14694,platforms/php/webapps/14694.txt,"Joomla! Component com_extcalendar - Blind SQL Injection",2010-08-20,Lagripe-Dz,php,webapps,0 -14702,platforms/php/webapps/14702.txt,"Joomla! Component 'com_zina' - SQL Injection",2010-08-21,"Th3 RDX",php,webapps,0 +14702,platforms/php/webapps/14702.txt,"Joomla! Component com_zina - SQL Injection",2010-08-21,"Th3 RDX",php,webapps,0 14703,platforms/php/webapps/14703.txt,"Joomla! Component Biblioteca 1.0 Beta - Multiple SQL Injections",2010-08-21,"Salvatore Fresta",php,webapps,0 14704,platforms/asp/webapps/14704.txt,"T-dreams Announcement Script - SQL Injection",2010-08-21,"Br0wn Sug4r",asp,webapps,0 14709,platforms/asp/webapps/14709.txt,"netStartEnterprise 4.0 - SQL Injection",2010-08-22,L1nK,asp,webapps,0 @@ -24598,7 +24598,7 @@ id,file,description,date,author,platform,type,port 14714,platforms/php/webapps/14714.txt,"Gazelle CMS - Multiple Vulnerabilities",2010-08-23,Sweet,php,webapps,0 14716,platforms/php/webapps/14716.txt,"AneCMS - '/registre/next' SQL Injection",2010-08-23,Sweet,php,webapps,0 14717,platforms/php/webapps/14717.txt,"Link CMS - SQL Injection",2010-08-23,hacker@sr.gov.yu,php,webapps,0 -14718,platforms/php/webapps/14718.txt,"Joomla! Component 'com_zoomportfolio' - SQL Injection",2010-08-23,"Chip d3 bi0s",php,webapps,0 +14718,platforms/php/webapps/14718.txt,"Joomla! Component com_zoomportfolio - SQL Injection",2010-08-23,"Chip d3 bi0s",php,webapps,0 14722,platforms/php/webapps/14722.txt,"Joomla! 1.5 - URL Redirecting",2010-08-24,Mr.MLL,php,webapps,0 14828,platforms/php/webapps/14828.txt,"XOOPS 2.0.14 - 'article.php' SQL Injection",2010-08-28,[]0iZy5,php,webapps,0 14737,platforms/php/webapps/14737.txt,"Simple Forum PHP - Multiple Vulnerabilities",2010-08-25,arnab_s,php,webapps,0 @@ -24609,7 +24609,7 @@ id,file,description,date,author,platform,type,port 14799,platforms/php/webapps/14799.txt,"osCommerce Online Merchant - Remote File Inclusion",2010-08-26,LoSt.HaCkEr,php,webapps,0 14801,platforms/php/webapps/14801.txt,"Atomic Photo Album 1.0.2 - Multiple Vulnerabilities",2010-08-26,sh00t0ut,php,webapps,0 14802,platforms/php/webapps/14802.html,"Hycus CMS 1.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-08-26,10n1z3d,php,webapps,0 -14811,platforms/php/webapps/14811.txt,"Joomla! Component 'com_remository' - Arbitrary File Upload",2010-08-26,J3yk0ob,php,webapps,0 +14811,platforms/php/webapps/14811.txt,"Joomla! Component com_remository - Arbitrary File Upload",2010-08-26,J3yk0ob,php,webapps,0 14808,platforms/php/webapps/14808.pl,"Mini-CMS / News Script Light 1.0 - Remote File Inclusion",2010-08-26,bd0rk,php,webapps,0 14809,platforms/php/webapps/14809.txt,"kontakt formular 1.1 - Remote File Inclusion",2010-08-26,bd0rk,php,webapps,0 14810,platforms/php/webapps/14810.txt,"Gaestebuch 1.2 - Remote File Inclusion",2010-08-26,bd0rk,php,webapps,0 @@ -24670,7 +24670,7 @@ id,file,description,date,author,platform,type,port 14952,platforms/php/webapps/14952.txt,"Visitors Google Map Lite 1.0.1 - (FREE) module mod_visitorsgooglemap SQL Injection",2010-09-09,"Chip d3 bi0s",php,webapps,0 14954,platforms/asp/webapps/14954.txt,"aradblog - Multiple Vulnerabilities",2010-09-09,Abysssec,asp,webapps,0 15442,platforms/php/webapps/15442.txt,"Zeeways Adserver - Multiple Vulnerabilities",2010-11-06,Valentin,php,webapps,0 -15443,platforms/php/webapps/15443.txt,"Joomla! Component 'com_forme' 1.0.5 - Multiple Vulnerabilities",2010-11-06,jdc,php,webapps,0 +15443,platforms/php/webapps/15443.txt,"Joomla! Component com_forme 1.0.5 - Multiple Vulnerabilities",2010-11-06,jdc,php,webapps,0 14960,platforms/php/webapps/14960.txt,"ES Simple Download 1.0. - Local File Inclusion",2010-09-09,Kazza,php,webapps,0 14962,platforms/multiple/webapps/14962.txt,"CS-Cart 1.3.3 - 'install.php' Cross-Site Scripting",2010-09-09,crmpays,multiple,webapps,80 14964,platforms/php/webapps/14964.txt,"Joomla! Component Jphone 1.0 Alpha 3 - Local File Inclusion",2010-09-10,"Chip d3 bi0s",php,webapps,0 @@ -24685,7 +24685,7 @@ id,file,description,date,author,platform,type,port 14988,platforms/php/webapps/14988.txt,"Group Office 3.5.9 - SQL Injection",2010-09-13,ViciOuS,php,webapps,0 14989,platforms/php/webapps/14989.txt,"osDate - 'uploadvideos.php' Arbitrary File Upload",2010-09-13,Xa7m3d,php,webapps,0 14991,platforms/asp/webapps/14991.txt,"Luftguitar CMS - Upload Arbitrary File",2010-09-13,Abysssec,asp,webapps,0 -14995,platforms/php/webapps/14995.txt,"Joomla! Component 'com_mtree' 2.1.5 - Arbitrary File Upload",2010-09-13,jdc,php,webapps,0 +14995,platforms/php/webapps/14995.txt,"Joomla! Component com_mtree 2.1.5 - Arbitrary File Upload",2010-09-13,jdc,php,webapps,0 14996,platforms/php/webapps/14996.txt,"Storyteller CMS - (var) Local File Inclusion",2010-09-13,"BorN To K!LL",php,webapps,0 14997,platforms/php/webapps/14997.txt,"UCenter Home 2.0 - SQL Injection",2010-09-13,KnocKout,php,webapps,0 14998,platforms/php/webapps/14998.txt,"Joomla! Component JGen 0.9.33 - SQL Injection",2010-09-14,**RoAd_KiLlEr**,php,webapps,0 @@ -24939,7 +24939,7 @@ id,file,description,date,author,platform,type,port 15565,platforms/php/webapps/15565.txt,"Front Accounting 2.3RC2 - Multiple SQL Injections",2010-11-17,"Juan Manuel Garcia",php,webapps,0 15567,platforms/php/webapps/15567.txt,"WebRCSdiff 0.9 - 'viewver.php' Remote File Inclusion",2010-11-18,FL0RiX,php,webapps,0 15568,platforms/php/webapps/15568.py,"chCounter 3.1.3 - SQL Injection",2010-11-18,"Matias Fontanini",php,webapps,0 -15570,platforms/php/webapps/15570.php,"Joomla! Component 'com_mtree' 2.1.6 - Overwrite Cross-Site Request Forgery",2010-11-18,jdc,php,webapps,0 +15570,platforms/php/webapps/15570.php,"Joomla! Component com_mtree 2.1.6 - Overwrite Cross-Site Request Forgery",2010-11-18,jdc,php,webapps,0 15571,platforms/php/webapps/15571.txt,"Fozzcom Shopping < 7.94 / < 8.04 - Multiple Vulnerabilities",2010-11-18,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 15572,platforms/php/webapps/15572.txt,"ViArt Shop 4.0.5 - Multiple Vulnerabilities",2010-11-19,Ariko-Security,php,webapps,0 15573,platforms/php/webapps/15573.html,"PHPGallery 1.1.0 - Cross-Site Request Forgery",2010-11-19,Or4nG.M4N,php,webapps,0 @@ -25010,7 +25010,7 @@ id,file,description,date,author,platform,type,port 15720,platforms/php/webapps/15720.txt,"Sulata iSoft - 'stream.php' Local File Disclosure",2010-12-10,Sudden_death,php,webapps,0 15718,platforms/php/webapps/15718.txt,"AJ Matrix DNA - SQL Injection",2010-12-09,Br0ly,php,webapps,0 15719,platforms/php/webapps/15719.txt,"Joomla! Component JE Messenger 1.0 - Arbitrary File Upload",2010-12-09,"Salvatore Fresta",php,webapps,0 -15721,platforms/php/webapps/15721.txt,"Joomla! Component 'com_billyportfolio' 1.1.2 - Blind SQL Injection",2010-12-10,jdc,php,webapps,0 +15721,platforms/php/webapps/15721.txt,"Joomla! Component com_billyportfolio 1.1.2 - Blind SQL Injection",2010-12-10,jdc,php,webapps,0 15728,platforms/hardware/webapps/15728.txt,"Clear iSpot/Clearspot 2.0.0.0 - Cross-Site Request Forgery",2010-12-12,"Trustwave's SpiderLabs",hardware,webapps,0 15735,platforms/php/webapps/15735.txt,"MantisBT 1.2.3 (db_type) - Cross-Site Scripting / Full Path Disclosure",2010-12-15,LiquidWorm,php,webapps,0 15736,platforms/php/webapps/15736.txt,"MantisBT 1.2.3 (db_type) - Local File Inclusion",2010-12-15,LiquidWorm,php,webapps,0 @@ -25050,7 +25050,7 @@ id,file,description,date,author,platform,type,port 15798,platforms/php/webapps/15798.txt,"Injader CMS - Multiple Vulnerabilities",2010-12-21,"High-Tech Bridge SA",php,webapps,0 15799,platforms/php/webapps/15799.txt,"Habari Blog - Multiple Vulnerabilities",2010-12-21,"High-Tech Bridge SA",php,webapps,0 15800,platforms/php/webapps/15800.txt,"html-edit CMS - Multiple Vulnerabilities",2010-12-21,"High-Tech Bridge SA",php,webapps,0 -15801,platforms/php/webapps/15801.txt,"Joomla! Component 'com_xgallery' 1.0 - Local File Inclusion",2010-12-21,KelvinX,php,webapps,0 +15801,platforms/php/webapps/15801.txt,"Joomla! Component com_xgallery 1.0 - Local File Inclusion",2010-12-21,KelvinX,php,webapps,0 15804,platforms/php/webapps/15804.txt,"jobappr 1.4 - Multiple Vulnerabilities",2010-12-21,giudinvx,php,webapps,0 15807,platforms/cgi/webapps/15807.txt,"Mitel AWC - Unauthenticated Command Execution",2010-12-22,Procheckup,cgi,webapps,0 15808,platforms/php/webapps/15808.txt,"WordPress Plugin Accept Signups 0.1 - Cross-Site Scripting",2010-12-22,clshack,php,webapps,0 @@ -25058,11 +25058,11 @@ id,file,description,date,author,platform,type,port 15811,platforms/php/webapps/15811.txt,"Built2Go PHP Shopping - SQL Injection",2010-12-23,Br0ly,php,webapps,0 15812,platforms/php/webapps/15812.txt,"Ypninc Realty Classifieds - SQL Injection",2010-12-23,Br0ly,php,webapps,0 15813,platforms/php/webapps/15813.txt,"IPN Development Handler 2.0 - Multiple Vulnerabilities",2010-12-23,AtT4CKxT3rR0r1ST,php,webapps,0 -15814,platforms/php/webapps/15814.txt,"Joomla! Component 'com_ponygallery' - Remote File Inclusion",2010-12-23,AtT4CKxT3rR0r1ST,php,webapps,0 +15814,platforms/php/webapps/15814.txt,"Joomla! Component com_ponygallery - Remote File Inclusion",2010-12-23,AtT4CKxT3rR0r1ST,php,webapps,0 15815,platforms/php/webapps/15815.txt,"Joomla! Component com_adsmanager - Remote File Inclusion",2010-12-23,AtT4CKxT3rR0r1ST,php,webapps,0 15816,platforms/php/webapps/15816.txt,"CubeCart 3.0.4 - SQL Injection",2010-12-23,Dr.NeT,php,webapps,0 15818,platforms/php/webapps/15818.txt,"iDevSpot iDevCart 1.10 - Multiple Local File Inclusion",2010-12-24,v3n0m,php,webapps,0 -15819,platforms/php/webapps/15819.txt,"Joomla! Component 'com_xmovie' 1.0 - Local File Inclusion",2010-12-24,KelvinX,php,webapps,0 +15819,platforms/php/webapps/15819.txt,"Joomla! Component com_xmovie 1.0 - Local File Inclusion",2010-12-24,KelvinX,php,webapps,0 15820,platforms/php/webapps/15820.txt,"SquareCMS 0.3.1 - 'post.php' SQL Injection",2010-12-24,cOndemned,php,webapps,0 15822,platforms/php/webapps/15822.html,"CubeCart 3.0.6 - Cross-Site Request Forgery (Add Admin)",2010-12-24,"P0C T34M",php,webapps,0 15824,platforms/php/webapps/15824.txt,"Pligg CMS 1.1.2 - Blind SQL Injection / Cross-Site Scripting",2010-12-25,"Michael Brooks",php,webapps,0 @@ -25116,7 +25116,7 @@ id,file,description,date,author,platform,type,port 15942,platforms/php/webapps/15942.txt,"sahana agasti 0.6.5 - Multiple Vulnerabilities",2011-01-08,dun,php,webapps,0 15943,platforms/php/webapps/15943.txt,"WordPress Plugin mingle forum 1.0.26 - Multiple Vulnerabilities",2011-01-08,"Charles Hooper",php,webapps,0 15945,platforms/php/webapps/15945.txt,"Zwii 2.1.1 - Remote File Inclusion",2011-01-08,"Abdi Mohamed",php,webapps,0 -15958,platforms/php/webapps/15958.txt,"Joomla! Plugin 'Captcha' 4.5.1 - Local File Disclosure",2011-01-09,dun,php,webapps,0 +15958,platforms/php/webapps/15958.txt,"Joomla! Plugin Captcha 4.5.1 - Local File Disclosure",2011-01-09,dun,php,webapps,0 15960,platforms/php/webapps/15960.txt,"Maximus CMS 1.1.2 - 'FCKeditor' Arbitrary File Upload",2011-01-10,eidelweiss,php,webapps,0 15964,platforms/php/webapps/15964.py,"Lotus CMS Fraise 3.0 - Local File Inclusion / Remote Code Execution",2011-01-10,mr_me,php,webapps,0 15968,platforms/php/webapps/15968.txt,"vam shop 1.6 - Multiple Vulnerabilities",2011-01-11,"High-Tech Bridge SA",php,webapps,0 @@ -25145,7 +25145,7 @@ id,file,description,date,author,platform,type,port 16013,platforms/php/webapps/16013.html,"N-13 News 3.4 - Cross-Site Request Forgery (Admin Add)",2011-01-18,anT!-Tr0J4n,php,webapps,0 17209,platforms/php/webapps/17209.txt,"SoftMP3 - SQL Injection",2011-04-24,mArTi,php,webapps,0 16016,platforms/php/webapps/16016.txt,"Simploo CMS 1.7.1 - PHP Code Execution",2011-01-19,"David Vieira-Kurz",php,webapps,0 -16039,platforms/php/webapps/16039.txt,"Joomla! Component 'com_b2portfolio' 1.0.0 - Multiple SQL Injections",2011-01-24,"Salvatore Fresta",php,webapps,0 +16039,platforms/php/webapps/16039.txt,"Joomla! Component com_b2portfolio 1.0.0 - Multiple SQL Injections",2011-01-24,"Salvatore Fresta",php,webapps,0 16018,platforms/php/webapps/16018.txt,"PHP auctions - 'viewfaqs.php' Blind SQL Injection",2011-01-19,"BorN To K!LL",php,webapps,0 16019,platforms/php/webapps/16019.txt,"phpCMS 2008 - SQL Injection",2011-01-20,R3d-D3V!L,php,webapps,0 16027,platforms/php/webapps/16027.txt,"phpCMS 9.0 - Blind SQL Injection",2011-01-22,eidelweiss,php,webapps,0 @@ -25239,7 +25239,7 @@ id,file,description,date,author,platform,type,port 16235,platforms/php/webapps/16235.txt,"WordPress Plugin Forum Server 1.6.5 - SQL Injection",2011-02-24,"High-Tech Bridge SA",php,webapps,0 16236,platforms/php/webapps/16236.txt,"WordPress Plugin IWantOneButton 3.0.1 - Multiple Vulnerabilities",2011-02-24,"High-Tech Bridge SA",php,webapps,0 16241,platforms/asp/webapps/16241.txt,"RaksoCT - Multiple SQL Injections",2011-02-25,p0pc0rn,asp,webapps,0 -16246,platforms/php/webapps/16246.py,"Joomla! Component 'com_xcloner-backupandrestore' - Remote Command Execution",2011-02-25,mr_me,php,webapps,0 +16246,platforms/php/webapps/16246.py,"Joomla! Component com_xcloner-backupandrestore - Remote Command Execution",2011-02-25,mr_me,php,webapps,0 16247,platforms/php/webapps/16247.txt,"Pragyan CMS 3.0 - Multiple Vulnerabilities",2011-02-25,"Villy and Abhishek Lyall",php,webapps,0 16249,platforms/php/webapps/16249.txt,"phreebooks r30rc4 - Multiple Vulnerabilities",2011-02-26,"AutoSec Tools",php,webapps,0 16250,platforms/php/webapps/16250.txt,"WordPress Plugin jQuery Mega Menu 1.0 - Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 @@ -25288,7 +25288,7 @@ id,file,description,date,author,platform,type,port 16902,platforms/php/webapps/16902.rb,"CakePHP 1.3.5/1.2.8 - Cache Corruption Exploit (Metasploit)",2011-01-14,Metasploit,php,webapps,0 16904,platforms/php/webapps/16904.rb,"Fonality trixbox CE 2.6.1 - 'langChoice' Parameter Local File Inclusion (Metasploit)",2011-01-08,Metasploit,php,webapps,0 16905,platforms/cgi/webapps/16905.rb,"AWStats 6.1 < 6.2 - configdir Remote Command Execution (Metasploit)",2009-12-26,Metasploit,cgi,webapps,0 -16906,platforms/php/webapps/16906.rb,"Joomla! Plugin 'tinybrowser' 1.5.12 - Arbitrary File Upload / Code Execution (Metasploit)",2010-06-15,Metasploit,php,webapps,0 +16906,platforms/php/webapps/16906.rb,"Joomla! Plugin tinybrowser 1.5.12 - Arbitrary File Upload / Code Execution (Metasploit)",2010-06-15,Metasploit,php,webapps,0 16907,platforms/hardware/webapps/16907.rb,"Google Appliance ProxyStyleSheet - Command Execution (Metasploit)",2010-07-01,Metasploit,hardware,webapps,0 16908,platforms/cgi/webapps/16908.rb,"Nagios3 - statuswml.cgi Ping Command Execution (Metasploit)",2010-07-14,Metasploit,cgi,webapps,0 16909,platforms/php/webapps/16909.rb,"Coppermine Photo Gallery 1.4.14 - picEditor.php Command Execution (Metasploit)",2010-07-03,Metasploit,php,webapps,0 @@ -25326,7 +25326,7 @@ id,file,description,date,author,platform,type,port 16988,platforms/php/webapps/16988.txt,"WikiWig 5.01 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-16,"AutoSec Tools",php,webapps,0 16989,platforms/php/webapps/16989.txt,"b2evolution 4.0.3 - Persistent Cross-Site Scripting",2011-03-16,"AutoSec Tools",php,webapps,0 16992,platforms/php/webapps/16992.txt,"Joomla! 1.6 - Multiple SQL Injections",2011-03-17,"Aung Khant",php,webapps,0 -16995,platforms/php/webapps/16995.txt,"Joomla! Component 'com_booklibrary' - SQL Injection",2011-03-17,"Marc Doudiet",php,webapps,0 +16995,platforms/php/webapps/16995.txt,"Joomla! Component com_booklibrary - SQL Injection",2011-03-17,"Marc Doudiet",php,webapps,0 16997,platforms/php/webapps/16997.txt,"Tugux CMS 1.0_final - Multiple Vulnerabilities",2011-03-17,Aodrulez,php,webapps,0 17000,platforms/php/webapps/17000.txt,"Tugux CMS - (nid) Blind SQL Injection",2011-03-18,eidelweiss,php,webapps,0 17002,platforms/php/webapps/17002.txt,"CMS Loko Media - Local File Download",2011-03-18,Xr0b0t,php,webapps,0 @@ -25392,7 +25392,7 @@ id,file,description,date,author,platform,type,port 17127,platforms/php/webapps/17127.txt,"eyeos 2.3 - Multiple Vulnerabilities",2011-04-06,"AutoSec Tools",php,webapps,0 17128,platforms/php/webapps/17128.txt,"greenpants 0.1.7 - Multiple Vulnerabilities",2011-04-06,"Ptrace Security",php,webapps,0 17129,platforms/php/webapps/17129.txt,"S40 CMS 0.4.2b - Local File Inclusion",2011-04-07,Osirys,php,webapps,0 -17132,platforms/php/webapps/17132.py,"Joomla! Component 'com_virtuemart' 1.1.7 - Blind SQL Injection",2011-04-08,"TecR0c and mr_me",php,webapps,0 +17132,platforms/php/webapps/17132.py,"Joomla! Component com_virtuemart 1.1.7 - Blind SQL Injection",2011-04-08,"TecR0c and mr_me",php,webapps,0 17134,platforms/php/webapps/17134.txt,"phpcollab 2.5 - Multiple Vulnerabilities",2011-04-08,"High-Tech Bridge SA",php,webapps,0 17135,platforms/php/webapps/17135.txt,"viscacha 0.8.1 - Multiple Vulnerabilities",2011-04-08,"High-Tech Bridge SA",php,webapps,0 17136,platforms/php/webapps/17136.txt,"Joomla! Component joomlacontenteditor - Blind SQL Injection",2011-04-09,eidelweiss,php,webapps,0 @@ -25445,13 +25445,13 @@ id,file,description,date,author,platform,type,port 17250,platforms/php/webapps/17250.txt,"phpThumb - 'phpThumbDebug' Information Disclosure",2011-05-06,mook,php,webapps,0 17251,platforms/php/webapps/17251.html,"VCalendar 1.1.5 - Cross-Site Request Forgery",2011-05-06,"High-Tech Bridge SA",php,webapps,0 17259,platforms/cgi/webapps/17259.txt,"f-fileman 7.0 - Directory Traversal",2011-05-07,"Raffaele Forte",cgi,webapps,0 -17264,platforms/php/webapps/17264.txt,"Joomla! Component 'com_versioning' - SQL Injection",2011-05-09,the_cyber_nuxbie,php,webapps,0 +17264,platforms/php/webapps/17264.txt,"Joomla! Component com_versioning - SQL Injection",2011-05-09,the_cyber_nuxbie,php,webapps,0 17265,platforms/php/webapps/17265.txt,"Joomla! Component com_hello - SQL Injection",2011-05-09,the_cyber_nuxbie,php,webapps,0 17267,platforms/php/webapps/17267.txt,"Traidnt UP 2.0 - 'view.php' SQL Injection",2011-05-10,ScOrPiOn,php,webapps,0 17276,platforms/windows/webapps/17276.txt,"Oracle GlassFish Server - Administration Console Authentication Bypass",2011-05-12,"Core Security",windows,webapps,0 17284,platforms/php/webapps/17284.txt,"WordPress Plugin EditorMonkey 2.5 - 'FCKeditor' Arbitrary File Upload",2011-05-14,kaMtiEz,php,webapps,0 17285,platforms/php/webapps/17285.php,"osCommerce 2.3.1 - 'banner_manager.php' Arbitrary File Upload",2011-05-14,"Number 7",php,webapps,0 -17288,platforms/php/webapps/17288.txt,"Joomla! Component 'com_question' - SQL Injection",2011-05-15,"NeX HaCkEr",php,webapps,0 +17288,platforms/php/webapps/17288.txt,"Joomla! Component com_question - SQL Injection",2011-05-15,"NeX HaCkEr",php,webapps,0 17289,platforms/php/webapps/17289.txt,"frame-oshop - SQL Injection",2011-05-15,-SmoG-,php,webapps,0 17292,platforms/php/webapps/17292.txt,"MediaInSpot CMS - Local File Inclusion (2)",2011-05-16,"wlhaan haker",php,webapps,0 17293,platforms/php/webapps/17293.txt,"MediaInSpot CMS - SQL Injection",2011-05-16,"Iolo Morganwg",php,webapps,0 @@ -25477,8 +25477,8 @@ id,file,description,date,author,platform,type,port 17330,platforms/php/webapps/17330.html,"cPanel < 11.25 - Cross-Site Request Forgery (Add User PHP Script)",2011-05-27,ninjashell,php,webapps,0 17335,platforms/php/webapps/17335.txt,"Duhok Forum 1.1 - SQL Injection",2011-05-28,M.Jock3R,php,webapps,0 17336,platforms/php/webapps/17336.txt,"Guru Penny Auction Pro 3.0 - Blind SQL Injection",2011-05-28,v3n0m,php,webapps,0 -17338,platforms/php/webapps/17338.txt,"Joomla! Component 'com_jmsfileseller' - Local File Inclusion",2011-05-28,Valentin,php,webapps,0 -17341,platforms/php/webapps/17341.txt,"Joomla! Component 'com_joomnik' - SQL Injection",2011-05-29,SOLVER,php,webapps,0 +17338,platforms/php/webapps/17338.txt,"Joomla! Component com_jmsfileseller - Local File Inclusion",2011-05-28,Valentin,php,webapps,0 +17341,platforms/php/webapps/17341.txt,"Joomla! Component com_joomnik - SQL Injection",2011-05-29,SOLVER,php,webapps,0 17343,platforms/php/webapps/17343.txt,"Puzzle Apps CMS 3.2 - Local File Inclusion",2011-05-29,"Treasure Priyamal",php,webapps,0 17344,platforms/php/webapps/17344.txt,"Invisionix Roaming System Remote metasys 0.2 - Local File Inclusion",2011-05-29,"Treasure Priyamal",php,webapps,0 17346,platforms/php/webapps/17346.php,"w-Agora Forum 4.2.1 - Arbitrary File Upload",2011-05-30,"Treasure Priyamal",php,webapps,0 @@ -25494,11 +25494,11 @@ id,file,description,date,author,platform,type,port 17379,platforms/php/webapps/17379.txt,"Pacer Edition CMS 2.1 - (l Parameter) Local File Inclusion",2011-06-10,LiquidWorm,php,webapps,0 17380,platforms/php/webapps/17380.txt,"Angora Guestbook 1.5 - Local File Inclusion",2011-06-10,"AutoSec Tools",php,webapps,0 17382,platforms/windows/webapps/17382.txt,"Tele Data Contact Management Server - Directory Traversal",2011-06-10,"AutoSec Tools",windows,webapps,0 -17388,platforms/windows/webapps/17388.txt,"trend micro data loss prevention virtual Appliance 5.5 - Directory Traversal",2011-06-11,"White Hat Consultores",windows,webapps,0 +17388,platforms/windows/webapps/17388.txt,"Trend Micro Data Loss Prevention Virtual Appliance 5.5 - Directory Traversal",2011-06-11,"White Hat Consultores",windows,webapps,0 17389,platforms/php/webapps/17389.py,"Technote 7.2 - Blind SQL Injection",2011-06-11,BlueH4G,php,webapps,0 17390,platforms/php/webapps/17390.txt,"SUBRION CMS - Multiple Vulnerabilities",2011-06-11,"Karthik R",php,webapps,0 17393,platforms/multiple/webapps/17393.txt,"Oracle HTTP Server - Cross-Site Scripting Header Injection",2011-06-13,"Yasser ABOUKIR",multiple,webapps,0 -17394,platforms/php/webapps/17394.txt,"Joomla! Component 'Scriptegrator' 1.5 - Local File Inclusion",2011-06-13,jdc,php,webapps,0 +17394,platforms/php/webapps/17394.txt,"Joomla! Component Scriptegrator 1.5 - Local File Inclusion",2011-06-13,jdc,php,webapps,0 17395,platforms/php/webapps/17395.txt,"cubecart 2.0.7 - Multiple Vulnerabilities",2011-06-14,Shamus,php,webapps,0 17402,platforms/php/webapps/17402.txt,"AMHSHOP 3.7.0 - SQL Injection",2011-06-15,"Yassin Aboukir",php,webapps,0 17403,platforms/php/webapps/17403.txt,"Free Simple CMS 1.0 - Multiple Vulnerabilities",2011-06-15,"High-Tech Bridge SA",php,webapps,0 @@ -25507,9 +25507,9 @@ id,file,description,date,author,platform,type,port 17408,platforms/php/webapps/17408.txt,"WeBid 1.0.2 - Persistent Cross-Site Scripting (via SQL Injection)",2011-06-17,Saif,php,webapps,0 17410,platforms/php/webapps/17410.txt,"AiCart 2.0 - Multiple Vulnerabilities",2011-06-18,takeshix,php,webapps,0 17411,platforms/php/webapps/17411.txt,"Joomla! Component A Cool Debate 1.0.3 - Local File Inclusion",2011-06-18,"Chip d3 bi0s",php,webapps,0 -17412,platforms/php/webapps/17412.txt,"Joomla! Component 'com_team' - SQL Injection",2011-06-19,CoBRa_21,php,webapps,0 +17412,platforms/php/webapps/17412.txt,"Joomla! Component com_team - SQL Injection",2011-06-19,CoBRa_21,php,webapps,0 17413,platforms/php/webapps/17413.txt,"Burning Board 3.1.5 - Full Path Disclosure",2011-06-19,linc0ln.dll,php,webapps,0 -17414,platforms/php/webapps/17414.txt,"Joomla! Component 'com_calcbuilder' - 'id' Parameter Blind SQL Injection",2011-06-19,"Chip d3 bi0s",php,webapps,0 +17414,platforms/php/webapps/17414.txt,"Joomla! Component com_calcbuilder - 'id' Parameter Blind SQL Injection",2011-06-19,"Chip d3 bi0s",php,webapps,0 17418,platforms/php/webapps/17418.rb,"IF-CMS 2.07 - Unauthenticated Local File Inclusion (Metasploit) (2)",2011-06-20,TecR0c,php,webapps,0 17423,platforms/php/webapps/17423.txt,"WordPress Plugin WPtouch 1.9.27 - URL redirection",2011-06-21,MaKyOtOx,php,webapps,0 17426,platforms/php/webapps/17426.txt,"iGiveTest 2.1.0 - SQL Injection",2011-06-21,"Brendan Coles",php,webapps,0 @@ -25522,7 +25522,7 @@ id,file,description,date,author,platform,type,port 17444,platforms/php/webapps/17444.txt,"Webcat - Multiple Blind SQL Injections",2011-06-23,w0rd,php,webapps,0 17445,platforms/php/webapps/17445.txt,"2Point Solutions - 'cmspages.php' SQL Injection",2011-06-23,"Newbie Campuz",php,webapps,0 17446,platforms/php/webapps/17446.txt,"nodesforum 1.059 - Remote File Inclusion",2011-06-23,bd0rk,php,webapps,0 -17452,platforms/php/webapps/17452.txt,"Joomla! Component 'JoomlaXi' - Persistent Cross-Site Scripting",2011-06-26,"Karthik R",php,webapps,0 +17452,platforms/php/webapps/17452.txt,"Joomla! Component JoomlaXi - Persistent Cross-Site Scripting",2011-06-26,"Karthik R",php,webapps,0 17453,platforms/php/webapps/17453.txt,"WordPress Plugin Beer Recipes 1.0 - Cross-Site Scripting",2011-06-26,TheUzuki.',php,webapps,0 17457,platforms/php/webapps/17457.txt,"rgboard 4.2.1 - SQL Injection",2011-06-28,hamt0ry,php,webapps,0 17464,platforms/php/webapps/17464.txt,"Joomla! Component mDigg 2.2.8 - SQL Injection",2011-07-01,"Caddy Dz",php,webapps,0 @@ -25553,19 +25553,19 @@ id,file,description,date,author,platform,type,port 17522,platforms/php/webapps/17522.txt,"Fire Soft Board 2.0.1 - Persistent Cross-Site Scripting (Admin Panel)",2011-07-12,"_jill for A-S",php,webapps,0 17523,platforms/php/webapps/17523.txt,"Tradingeye E-Commerce Shopping Cart - Multiple Vulnerabilities",2011-07-12,"$#4d0\/\/[r007k17]",php,webapps,0 17524,platforms/php/webapps/17524.html,"Pandora Fms 3.2.1 - Cross-Site Request Forgery",2011-07-12,"mehdi boukazoula",php,webapps,0 -17525,platforms/php/webapps/17525.txt,"Joomla! Component 'com_xmap' 1.2.11 - Blind SQL Injection",2011-07-12,jdc,php,webapps,0 +17525,platforms/php/webapps/17525.txt,"Joomla! Component com_xmap 1.2.11 - Blind SQL Injection",2011-07-12,jdc,php,webapps,0 17528,platforms/php/webapps/17528.txt,"LiteRadius 3.2 - Multiple Blind SQL Injections",2011-07-13,"Robert Cooper",php,webapps,0 17529,platforms/php/webapps/17529.txt,"TCExam 11.2.011 - Multiple SQL Injections",2011-07-13,LiquidWorm,php,webapps,0 -17530,platforms/php/webapps/17530.txt,"Joomla! Component 'com_sobi2' 2.9.3.2 - Blind SQL Injections",2011-07-14,jdc,php,webapps,0 +17530,platforms/php/webapps/17530.txt,"Joomla! Component com_sobi2 2.9.3.2 - Blind SQL Injections",2011-07-14,jdc,php,webapps,0 17531,platforms/php/webapps/17531.txt,"PG eLms Pro vDEC_2007_01 - 'contact_us.php' Multiple POST Cross-Site Scripting Vulnerabilities",2011-07-14,LiquidWorm,php,webapps,0 17532,platforms/php/webapps/17532.txt,"PG eLms Pro vDEC_2007_01 - Multiple Blind SQL Injections",2011-07-14,LiquidWorm,php,webapps,0 17533,platforms/php/webapps/17533.txt,"Inscribe Webmedia - SQL Injection",2011-07-14,Netrondoank,php,webapps,0 -17553,platforms/php/webapps/17553.txt,"Joomla! Component 'com_rsappt_pro2' - Local File Inclusion",2011-07-20,"Don Tukulesto",php,webapps,0 +17553,platforms/php/webapps/17553.txt,"Joomla! Component com_rsappt_pro2 - Local File Inclusion",2011-07-20,"Don Tukulesto",php,webapps,0 17554,platforms/php/webapps/17554.txt,"Mevin Basic PHP Events Lister 2.03 - Cross-Site Request Forgery",2011-07-21,Crazy_Hacker,php,webapps,0 17551,platforms/jsp/webapps/17551.txt,"Oracle Sun GlassFish Enterprise Server - Persistent Cross-Site Scripting",2011-07-20,"Sense of Security",jsp,webapps,0 17555,platforms/php/webapps/17555.txt,"vBulletin 4.0.x 4.1.3 - 'messagegroupid' SQL Injection",2011-07-21,fb1h2s,php,webapps,0 17556,platforms/php/webapps/17556.txt,"Joomla! Component JE Story Submit - Local File Inclusion",2011-07-21,v3n0m,php,webapps,0 -17560,platforms/php/webapps/17560.txt,"Joomla! Component 'mod_spo' - SQL Injection",2011-07-21,SeguridadBlanca,php,webapps,0 +17560,platforms/php/webapps/17560.txt,"Joomla! Component mod_spo - SQL Injection",2011-07-21,SeguridadBlanca,php,webapps,0 17562,platforms/php/webapps/17562.php,"ExtCalendar2 - (Authentication Bypass / Cookie) SQL Injection",2011-07-23,Lagripe-Dz,php,webapps,0 17574,platforms/jsp/webapps/17574.php,"CA ARCserve D2D r15 GWT RPC - Multiple Vulnerabilities",2011-07-26,rgod,jsp,webapps,0 17570,platforms/php/webapps/17570.txt,"MusicBox 3.7 - Multiple Vulnerabilities",2011-07-25,R@1D3N,php,webapps,0 @@ -25573,7 +25573,7 @@ id,file,description,date,author,platform,type,port 17572,platforms/multiple/webapps/17572.txt,"ManageEngine ServiceDesk Plus 8.0.0 Build 8013 - Improper User Privileges",2011-07-26,"Narendra Shinde",multiple,webapps,0 17573,platforms/php/webapps/17573.txt,"PHP-Barcode 0.3pl1 - Remote Code Execution",2011-07-26,beford,php,webapps,0 17577,platforms/cgi/webapps/17577.txt,"SWAT Samba Web Administration Tool - Cross-Site Request Forgery (PoC)",2011-07-27,"Narendra Shinde",cgi,webapps,0 -17579,platforms/php/webapps/17579.rb,"Joomla! Component 'com_virtuemart' 1.1.7/1.5 - Blind Time-Based SQL Injection (Metasploit)",2011-07-28,TecR0c,php,webapps,0 +17579,platforms/php/webapps/17579.rb,"Joomla! Component com_virtuemart 1.1.7/1.5 - Blind Time-Based SQL Injection (Metasploit)",2011-07-28,TecR0c,php,webapps,0 17584,platforms/php/webapps/17584.php,"cFTP 0.1 - (r80) Arbitrary File Upload",2011-07-29,leviathan,php,webapps,0 17586,platforms/jsp/webapps/17586.txt,"ManageEngine ServiceDesk Plus 8.0 Build 8013 - Multiple Cross-Site Scripting Vulnerabilities",2011-07-29,"Narendra Shinde",jsp,webapps,0 17587,platforms/php/webapps/17587.txt,"Link Station Pro - Multiple Vulnerabilities",2011-07-30,"$#4d0\/\/[r007k17]",php,webapps,0 @@ -25650,7 +25650,7 @@ id,file,description,date,author,platform,type,port 17731,platforms/php/webapps/17731.txt,"WordPress Plugin Photoracer 1.0 - Multiple Vulnerabilities",2011-08-27,"Yakir Wizman",php,webapps,0 17733,platforms/asp/webapps/17733.txt,"Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities",2011-08-28,AmnPardaz,asp,webapps,0 17734,platforms/php/webapps/17734.txt,"Joomla! Component joomlacontenteditor 2.0.10 - Multiple Vulnerabilities",2011-08-28,AmnPardaz,php,webapps,0 -17736,platforms/php/webapps/17736.txt,"Joomla! Component 'mod_simpleFileLister' 1.0 - Directory Traversal",2011-08-28,evilsocket,php,webapps,0 +17736,platforms/php/webapps/17736.txt,"Joomla! Component mod_simpleFileLister 1.0 - Directory Traversal",2011-08-28,evilsocket,php,webapps,0 17737,platforms/php/webapps/17737.txt,"WordPress Plugin Facebook Promotions 1.3.3 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 17738,platforms/php/webapps/17738.txt,"WordPress Plugin Evarisk 5.1.3.6 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 17739,platforms/php/webapps/17739.txt,"WordPress Plugin Profiles 2.0 RC1 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 @@ -25750,7 +25750,7 @@ id,file,description,date,author,platform,type,port 17925,platforms/php/webapps/17925.txt,"Concrete5 CMS < 5.4.2.1 - Multiple Vulnerabilities",2011-10-04,"Ryan Dewhurst",php,webapps,0 17926,platforms/php/webapps/17926.txt,"Easy Hosting Control Panel - Admin Authentication Bypass",2011-10-04,Jasman,php,webapps,0 17927,platforms/php/webapps/17927.txt,"CF Image Hosting Script 1.3.82 - File Disclosure",2011-10-04,bd0rk,php,webapps,0 -18033,platforms/php/webapps/18033.txt,"Joomla! Component 'com_yjcontactus' - Local File Inclusion",2011-10-25,MeGo,php,webapps,0 +18033,platforms/php/webapps/18033.txt,"Joomla! Component com_yjcontactus - Local File Inclusion",2011-10-25,MeGo,php,webapps,0 17935,platforms/php/webapps/17935.txt,"Tsmim Lessons Library - 'show.php' SQL Injection",2011-10-06,M.Jock3R,php,webapps,0 17937,platforms/php/webapps/17937.txt,"URL Shortener Script 1.0 - SQL Injection",2011-10-07,M.Jock3R,php,webapps,0 17938,platforms/php/webapps/17938.txt,"EFront 3.6.9 Community Edition - Multiple Vulnerabilities",2011-10-07,IHTeam,php,webapps,0 @@ -25806,7 +25806,7 @@ id,file,description,date,author,platform,type,port 18037,platforms/php/webapps/18037.rb,"phpScheduleIt 1.2.10 - 'reserve.php' Arbitrary Code Injection (Metasploit)",2011-10-26,Metasploit,php,webapps,0 18039,platforms/php/webapps/18039.txt,"WordPress Plugin wptouch - SQL Injection",2011-10-27,longrifle0x,php,webapps,0 18045,platforms/php/webapps/18045.txt,"PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities",2011-10-29,"BHG Security Center",php,webapps,0 -18047,platforms/php/webapps/18047.txt,"Joomla! Component 'com_jeemasms' 3.2 - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0 +18047,platforms/php/webapps/18047.txt,"Joomla! Component com_jeemasms 3.2 - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0 18048,platforms/php/webapps/18048.txt,"Joomla! Component Vik Real Estate 1.0 - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0 18050,platforms/php/webapps/18050.txt,"Joomla! Component HM Community - Multiple Vulnerabilities",2011-10-31,"599eme Man",php,webapps,0 18053,platforms/php/webapps/18053.txt,"WordPress Theme classipress 3.1.4 - Persistent Cross-Site Scripting",2011-10-31,"Paul Loftness",php,webapps,0 @@ -25858,7 +25858,7 @@ id,file,description,date,author,platform,type,port 18167,platforms/php/webapps/18167.zip,"JQuery-Real-Person plugin - Bypass captcha",2011-11-28,Alberto_García_Illera,php,webapps,0 18177,platforms/php/webapps/18177.txt,"WikkaWiki 1.3.2 - Multiple Vulnerabilities",2011-11-30,EgiX,php,webapps,0 18185,platforms/php/webapps/18185.txt,"Muster Render Farm Management System - Arbitrary File Download",2011-12-01,"Nick Freeman",php,webapps,0 -18192,platforms/php/webapps/18192.txt,"Joomla! Component 'com_jobprofile' - SQL Injection",2011-12-02,kaMtiEz,php,webapps,0 +18192,platforms/php/webapps/18192.txt,"Joomla! Component com_jobprofile - SQL Injection",2011-12-02,kaMtiEz,php,webapps,0 18193,platforms/php/webapps/18193.txt,"WSN Classifieds 6.2.12/6.2.18 - Multiple Vulnerabilities",2011-12-02,d3v1l,php,webapps,0 18198,platforms/php/webapps/18198.php,"Family Connections CMS 2.5.0/2.7.1 - 'less.php' Remote Command Execution",2011-12-04,mr_me,php,webapps,0 18202,platforms/php/webapps/18202.txt,"Meditate Web Content Editor 'username_input' - SQL Injection",2011-12-05,"Stefan Schurtz",php,webapps,0 @@ -25866,7 +25866,7 @@ id,file,description,date,author,platform,type,port 18208,platforms/php/webapps/18208.rb,"Family Connections CMS 2.7.1 - 'less.php' Remote Command Execution (Metasploit)",2011-12-07,Metasploit,php,webapps,0 18215,platforms/php/webapps/18215.txt,"SourceBans 1.4.8 - SQL Injection / Local File Inclusion Injection",2011-12-07,Havok,php,webapps,0 18217,platforms/php/webapps/18217.txt,"SantriaCMS - SQL Injection",2011-12-08,Troy,php,webapps,0 -18218,platforms/php/webapps/18218.txt,"Joomla! Component 'com_qcontacts' 1.0.6 - SQL Injection",2011-12-08,Don,php,webapps,0 +18218,platforms/php/webapps/18218.txt,"Joomla! Component com_qcontacts 1.0.6 - SQL Injection",2011-12-08,Don,php,webapps,0 18210,platforms/php/webapps/18210.txt,"PHP City Portal Script Software - SQL Injection",2011-12-07,Don,php,webapps,0 18212,platforms/php/webapps/18212.txt,"phpBB MyPage Plugin - SQL Injection",2011-12-07,CrazyMouse,php,webapps,0 18213,platforms/php/webapps/18213.php,"Traq 2.3 - Authentication Bypass / Remote Code Execution",2011-12-07,EgiX,php,webapps,0 @@ -25885,7 +25885,7 @@ id,file,description,date,author,platform,type,port 18248,platforms/php/webapps/18248.pl,"mPDF 5.3 - File Disclosure",2011-12-16,ZadYree,php,webapps,0 18249,platforms/php/webapps/18249.txt,"appRain CMF 0.1.5 - Multiple Web Vulnerabilities",2011-12-19,Vulnerability-Lab,php,webapps,0 18250,platforms/php/webapps/18250.txt,"DotA OpenStats 1.3.9 - SQL Injection",2011-12-19,HvM17,php,webapps,0 -18251,platforms/php/webapps/18251.txt,"Joomla! Component 'com_dshop' - SQL Injection",2011-12-19,CoBRa_21,php,webapps,0 +18251,platforms/php/webapps/18251.txt,"Joomla! Component com_dshop - SQL Injection",2011-12-19,CoBRa_21,php,webapps,0 18259,platforms/php/webapps/18259.txt,"Infoproject Business Hero - Multiple Vulnerabilities",2011-12-21,LiquidWorm,php,webapps,0 18260,platforms/jsp/webapps/18260.txt,"Barracuda Control Center 620 - Multiple Web Vulnerabilities",2011-12-21,Vulnerability-Lab,jsp,webapps,0 18261,platforms/php/webapps/18261.txt,"SpamTitan 5.08 - Multiple Vulnerabilities",2011-12-21,Vulnerability-Lab,php,webapps,0 @@ -25934,7 +25934,7 @@ id,file,description,date,author,platform,type,port 18373,platforms/jsp/webapps/18373.txt,"Cloupia End-to-end FlexPod Management - Directory Traversal",2012-01-15,"Chris Rock",jsp,webapps,0 18374,platforms/php/webapps/18374.txt,"PHPDomainRegister 0.4a-RC2-dev - Multiple Vulnerabilities",2012-01-16,Or4nG.M4N,php,webapps,0 18371,platforms/php/webapps/18371.rb,"phpMyAdmin 3.3.x/3.4.x - Local File Inclusion via XXE Injection (Metasploit)",2012-01-14,"Marco Batista",php,webapps,0 -18380,platforms/php/webapps/18380.txt,"Joomla! Component 'com_discussions' - SQL Injection",2012-01-17,"Red Security TEAM",php,webapps,0 +18380,platforms/php/webapps/18380.txt,"Joomla! Component com_discussions - SQL Injection",2012-01-17,"Red Security TEAM",php,webapps,0 18975,platforms/php/webapps/18975.rb,"Log1 CMS - 'writeInfo()' PHP Code Injection (Metasploit)",2012-06-03,Metasploit,php,webapps,0 18383,platforms/php/webapps/18383.txt,"pGB 2.12 - kommentar.php SQL Injection",2012-01-18,3spi0n,php,webapps,0 18384,platforms/php/webapps/18384.txt,"PHPBridges Blog System - members.php SQL Injection",2012-01-18,3spi0n,php,webapps,0 @@ -26087,11 +26087,11 @@ id,file,description,date,author,platform,type,port 18724,platforms/php/webapps/18724.rb,"Dolibarr ERP/CRM 3 - Authenticated OS Command Injection (Metasploit)",2012-04-09,Metasploit,php,webapps,0 18725,platforms/php/webapps/18725.txt,"Dolibarr ERP/CRM - OS Command Injection",2012-04-09,"Nahuel Grisolia",php,webapps,0 18728,platforms/php/webapps/18728.txt,"Joomla! Component Estate Agent - SQL Injection",2012-04-10,xDarkSton3x,php,webapps,0 -18729,platforms/php/webapps/18729.txt,"Joomla! Component 'com_bearleague' - SQL Injection",2012-04-10,xDarkSton3x,php,webapps,0 +18729,platforms/php/webapps/18729.txt,"Joomla! Component com_bearleague - SQL Injection",2012-04-10,xDarkSton3x,php,webapps,0 18732,platforms/php/webapps/18732.txt,"SoftwareDEP Classified Script 2.5 - SQL Injection (2)",2012-04-12,"hordcode security",php,webapps,0 18736,platforms/php/webapps/18736.txt,"Invision Power Board 3.3.0 - Local File Inclusion",2012-04-13,waraxe,php,webapps,0 18737,platforms/php/webapps/18737.txt,"Ushahidi 2.2 - Multiple Vulnerabilities",2012-04-13,shpendk,php,webapps,0 -18741,platforms/php/webapps/18741.txt,"Joomla! Component 'com_ponygallery' - SQL Injection",2012-04-15,xDarkSton3x,php,webapps,0 +18741,platforms/php/webapps/18741.txt,"Joomla! Component com_ponygallery - SQL Injection",2012-04-15,xDarkSton3x,php,webapps,0 18742,platforms/php/webapps/18742.php,"NetworX CMS - Cross-Site Request Forgery (Add Admin)",2012-04-15,N3t.Crack3r,php,webapps,0 18743,platforms/php/webapps/18743.txt,"MediaXxx Adult Video / Media Script - SQL Injection",2012-04-15,"Daniel Godoy",php,webapps,0 18745,platforms/multiple/webapps/18745.txt,"ManageEngine Support Center Plus 7903 - Multiple Vulnerabilities",2012-04-15,xistence,multiple,webapps,0 @@ -26283,7 +26283,7 @@ id,file,description,date,author,platform,type,port 19775,platforms/php/webapps/19775.txt,"Reserve Logic 1.2 Booking CMS - Multiple Vulnerabilities",2012-07-12,Vulnerability-Lab,php,webapps,0 19790,platforms/php/webapps/19790.txt,"webpagetest 2.6 - Multiple Vulnerabilities",2012-07-13,dun,php,webapps,0 19791,platforms/php/webapps/19791.txt,"WordPress Plugin Resume Submissions & Job Postings 2.5.1 - Unrestricted Arbitrary File Upload",2012-07-13,"Chris Kellum",php,webapps,0 -19792,platforms/php/webapps/19792.txt,"Joomla! Component 'com_ksadvertiser' - Remote File / Bypass Upload",2012-07-13,D4NB4R,php,webapps,0 +19792,platforms/php/webapps/19792.txt,"Joomla! Component com_ksadvertiser - Remote File / Bypass Upload",2012-07-13,D4NB4R,php,webapps,0 19825,platforms/php/webapps/19825.php,"Shopware 3.5 - SQL Injection",2012-07-14,Kataklysmos,php,webapps,0 19964,platforms/php/webapps/19964.txt,"PHP-Nuke module (SPChat) - SQL Injection",2012-07-20,"Yakir Wizman",php,webapps,0 19829,platforms/php/webapps/19829.txt,"Joomla! Component com_osproperty 2.0.2 - Unrestricted Arbitrary File Upload",2012-07-14,D4NB4R,php,webapps,0 @@ -26313,12 +26313,12 @@ id,file,description,date,author,platform,type,port 20123,platforms/php/webapps/20123.py,"Symantec Web Gateway 5.0.3.18 - 'deptUploads_data.php groupid' Parameter Blind SQL Injection",2012-07-30,Kc57,php,webapps,0 20124,platforms/windows/webapps/20124.txt,"Dr. Web Control Center 6.00.3.201111300 - Cross-Site Scripting",2012-07-31,"Oliver Karow",windows,webapps,0 20158,platforms/php/webapps/20158.txt,"PHP-Nuke 1.0/2.5 - Administrative Privileges",2000-08-21,bruj0,php,webapps,0 -20166,platforms/php/webapps/20166.txt,"Joomla! Component 'com_niceajaxpoll' 1.3.0 - SQL Injection",2012-08-01,"Patrick de Brouwer",php,webapps,0 -20170,platforms/php/webapps/20170.txt,"Joomla! Component 'com_movm' - SQL Injection",2012-08-01,D4NB4R,php,webapps,0 +20166,platforms/php/webapps/20166.txt,"Joomla! Component com_niceajaxpoll 1.3.0 - SQL Injection",2012-08-01,"Patrick de Brouwer",php,webapps,0 +20170,platforms/php/webapps/20170.txt,"Joomla! Component com_movm - SQL Injection",2012-08-01,D4NB4R,php,webapps,0 20171,platforms/php/webapps/20171.txt,"ManageEngine Application Manager 10 - Multiple Vulnerabilities",2012-08-01,Vulnerability-Lab,php,webapps,0 20172,platforms/php/webapps/20172.txt,"ManageEngine Mobile Application Manager 10 - SQL Injection",2012-08-01,Vulnerability-Lab,php,webapps,0 20173,platforms/php/webapps/20173.rb,"WebPageTest - Arbitrary '.PHP' File Upload (Metasploit)",2012-08-02,Metasploit,php,webapps,0 -20197,platforms/php/webapps/20197.txt,"Joomla! Component 'com_joomgalaxy' 1.2.0.4 - Multiple Vulnerabilities",2012-08-02,D4NB4R,php,webapps,0 +20197,platforms/php/webapps/20197.txt,"Joomla! Component com_joomgalaxy 1.2.0.4 - Multiple Vulnerabilities",2012-08-02,D4NB4R,php,webapps,0 20198,platforms/php/webapps/20198.txt,"am4ss 1.2 - Multiple Vulnerabilities",2012-08-02,s3n4t00r,php,webapps,0 20199,platforms/php/webapps/20199.php,"am4ss Support System 1.2 - PHP Code Injection",2012-08-02,i-Hmx,php,webapps,0 20208,platforms/php/webapps/20208.txt,"nathan purciful phpphotoalbum 0.9.9 - Directory Traversal",2000-09-07,pestilence,php,webapps,0 @@ -26329,7 +26329,7 @@ id,file,description,date,author,platform,type,port 20320,platforms/windows/webapps/20320.txt,"Zoho BugTracker - Multiple Persistent Cross-Site Scripting Vulnerabilities",2012-08-07,LiquidWorm,windows,webapps,0 40892,platforms/php/webapps/40892.txt,"Roundcube 1.2.2 - Remote Code Execution",2016-12-09,"Robin Peraglie",php,webapps,80 20342,platforms/php/webapps/20342.php,"WespaJuris 3.0 - Multiple Vulnerabilities",2012-08-08,WhiteCollarGroup,php,webapps,0 -20343,platforms/php/webapps/20343.pl,"Joomla! Component 'com_enmasse' 1.2.0.4 - SQL Injection",2012-08-08,D4NB4R,php,webapps,0 +20343,platforms/php/webapps/20343.pl,"Joomla! Component com_enmasse 1.2.0.4 - SQL Injection",2012-08-08,D4NB4R,php,webapps,0 20344,platforms/php/webapps/20344.php,"AraDown - Blind SQL Injection",2012-08-08,G-B,php,webapps,0 20345,platforms/php/webapps/20345.txt,"iauto mobile Application 2012 - Multiple Vulnerabilities",2012-08-08,Vulnerability-Lab,php,webapps,0 20346,platforms/php/webapps/20346.txt,"Inout Mobile Webmail APP - Persistent Cross-Site Scripting",2012-08-08,Vulnerability-Lab,php,webapps,0 @@ -26353,7 +26353,7 @@ id,file,description,date,author,platform,type,port 20366,platforms/windows/webapps/20366.py,"winwebmail server 3.8.1.6 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20367,platforms/windows/webapps/20367.py,"xeams email server 4.4 build 5720 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20368,platforms/windows/webapps/20368.py,"IBM Proventia Network Mail Security System 2.5 - POST File Read",2012-08-08,muts,windows,webapps,0 -20390,platforms/php/webapps/20390.txt,"Joomla! Component 'com_fireboard' - SQL Injection",2012-08-09,Vulnerability-Lab,php,webapps,0 +20390,platforms/php/webapps/20390.txt,"Joomla! Component com_fireboard - SQL Injection",2012-08-09,Vulnerability-Lab,php,webapps,0 20391,platforms/php/webapps/20391.php,"Kamads Classifieds 2.0 - Admin Hash Disclosure",2012-08-09,Mr.tro0oqy,php,webapps,0 20393,platforms/windows/webapps/20393.py,"Cyclope Employee Surveillance Solution 6.0/6.1.0/6.2.0/6.2.1/6.3.0 - SQL Injection",2012-08-09,loneferret,windows,webapps,0 20398,platforms/php/webapps/20398.txt,"MobileCartly 1.0 - Arbitrary File Deletion",2012-08-10,GoLd_M,php,webapps,0 @@ -26611,7 +26611,7 @@ id,file,description,date,author,platform,type,port 21660,platforms/php/webapps/21660.txt,"phpBB2 Gender Mod 1.1.3 - SQL Injection",2002-07-29,"langtuhaohoa caothuvolam",php,webapps,0 21661,platforms/php/webapps/21661.txt,"dotProject 0.2.1 - User Cookie Authentication Bypass",2002-07-29,pokleyzz,php,webapps,0 21665,platforms/php/webapps/21665.txt,"phptax 0.8 - Remote Code Execution",2012-10-02,"Jean Pascal Pereira",php,webapps,0 -21668,platforms/php/webapps/21668.txt,"ShoutBox 1.2 - Form Field HTML Injection",2002-07-29,delusion,php,webapps,0 +21668,platforms/php/webapps/21668.txt,"ShoutBox 1.2 - 'Form' HTML Injection",2002-07-29,delusion,php,webapps,0 40361,platforms/php/webapps/40361.py,"Cherry Music 0.35.1 - Arbitrary File Disclosure",2016-09-13,feedersec,php,webapps,80 40364,platforms/php/webapps/40364.txt,"wdCalendar 2 - SQL Injection",2016-09-13,"Alfonso Castillo Angel",php,webapps,80 40366,platforms/php/webapps/40366.txt,"Contrexx CMS egov Module 1.0.0 - SQL Injection",2016-09-13,"hamidreza borghei",php,webapps,80 @@ -26712,7 +26712,7 @@ id,file,description,date,author,platform,type,port 21992,platforms/hardware/webapps/21992.txt,"BigPond 3G21WB - Multiple Vulnerabilities",2012-10-15,"Roberto Paleari",hardware,webapps,0 21995,platforms/cgi/webapps/21995.txt,"CuteCast 1.2 - User Credential Disclosure",2002-11-07,Zero-X,cgi,webapps,0 22003,platforms/php/webapps/22003.txt,"MyBB Profile Albums Plugin 0.9 - 'albums.php album' Parameter SQL Injection",2012-10-16,Zixem,php,webapps,0 -22004,platforms/php/webapps/22004.txt,"Joomla! Component 'com_icagenda' - 'id' Parameter Multiple Vulnerabilities",2012-10-16,Dark-Puzzle,php,webapps,0 +22004,platforms/php/webapps/22004.txt,"Joomla! Component com_icagenda - 'id' Parameter Multiple Vulnerabilities",2012-10-16,Dark-Puzzle,php,webapps,0 22005,platforms/hardware/webapps/22005.txt,"Visual Tools DVR3.0.6.16_ vx series 4.2.19.2 - Multiple Vulnerabilities",2012-10-16,"Andrea Fabrizi",hardware,webapps,0 22009,platforms/php/webapps/22009.txt,"EZ Systems HTTPBench 1.1 - Information Disclosure",2002-11-11,"Tacettin Karadeniz",php,webapps,0 22015,platforms/cgi/webapps/22015.txt,"W3Mail 1.0.6 - File Disclosure",2002-11-12,"Tim Brown",cgi,webapps,0 @@ -26746,8 +26746,8 @@ id,file,description,date,author,platform,type,port 22089,platforms/php/webapps/22089.txt,"PHP-Nuke 6.0 - Web Mail Remote PHP Script Execution",2002-12-16,"Ulf Harnhammar",php,webapps,0 22090,platforms/php/webapps/22090.txt,"PHP-Nuke 6.0 - Web Mail Script Injection",2002-12-16,"Ulf Harnhammar",php,webapps,0 22092,platforms/multiple/webapps/22092.py,"ManageEngine Security Manager Plus 5.5 build 5505 - Directory Traversal",2012-10-19,xistence,multiple,webapps,0 -22097,platforms/php/webapps/22097.txt,"Joomla! Component 'com_fss' 1.9.1.1447 - SQL Injection",2012-10-19,D4NB4R,php,webapps,0 -22098,platforms/php/webapps/22098.txt,"Joomla! Component 'com_tag' - 'tag' Parameter SQL Injection",2012-10-19,D4NB4R,php,webapps,0 +22097,platforms/php/webapps/22097.txt,"Joomla! Component com_fss 1.9.1.1447 - SQL Injection",2012-10-19,D4NB4R,php,webapps,0 +22098,platforms/php/webapps/22098.txt,"Joomla! Component com_tag - 'tag' Parameter SQL Injection",2012-10-19,D4NB4R,php,webapps,0 22099,platforms/php/webapps/22099.txt,"CMSQLite 1.3.2 - Multiple Vulnerabilities",2012-10-19,Vulnerability-Lab,php,webapps,0 22102,platforms/php/webapps/22102.txt,"PHP-Nuke 6.0 - Multiple Full Path Disclosure Vulnerabilities",2002-12-16,frog,php,webapps,0 22103,platforms/php/webapps/22103.txt,"PHP-Nuke 6.0 - Multiple Cross-Site Scripting Vulnerabilities",2002-12-16,frog,php,webapps,0 @@ -26770,8 +26770,8 @@ id,file,description,date,author,platform,type,port 22149,platforms/php/webapps/22149.txt,"W-Agora 4.1.6 - 'index.php' bn Parameter Traversal Arbitrary File Access",2003-01-13,sonyy,php,webapps,0 22150,platforms/php/webapps/22150.txt,"W-Agora 4.1.6 - 'modules.php' File Parameter Traversal Arbitrary File Access",2003-01-13,sonyy,php,webapps,0 22151,platforms/php/webapps/22151.txt,"Movable Type Pro 5.13en - Persistent Cross-Site Scripting",2012-10-22,sqlhacker,php,webapps,0 -22152,platforms/php/webapps/22152.txt,"Joomla! Component 'com_commedia' - 'task' Parameter SQL Injection",2012-10-22,D4NB4R,php,webapps,0 -22153,platforms/php/webapps/22153.pl,"Joomla! Component 'com_kunena' - 'search' Parameter SQL Injection",2012-10-22,D35m0nd142,php,webapps,0 +22152,platforms/php/webapps/22152.txt,"Joomla! Component com_commedia - 'task' Parameter SQL Injection",2012-10-22,D4NB4R,php,webapps,0 +22153,platforms/php/webapps/22153.pl,"Joomla! Component com_kunena - 'search' Parameter SQL Injection",2012-10-22,D35m0nd142,php,webapps,0 22156,platforms/php/webapps/22156.txt,"WordPress Plugin White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting",2012-10-22,pcsjj,php,webapps,0 22157,platforms/php/webapps/22157.txt,"Schoolhos CMS Beta 2.29 - 'id' Parameter SQL Injection",2012-10-22,Cumi,php,webapps,0 22158,platforms/php/webapps/22158.txt,"WordPress Plugin social discussions 6.1.1 - Multiple Vulnerabilities",2012-10-22,waraxe,php,webapps,0 @@ -26780,7 +26780,7 @@ id,file,description,date,author,platform,type,port 22163,platforms/php/webapps/22163.txt,"Geeklog 1.3.7 - profiles.php Multiple Cross-Site Scripting Vulnerabilities",2003-01-14,snooq,php,webapps,0 22164,platforms/php/webapps/22164.txt,"Geeklog 1.3.7 - users.php uid Parameter Cross-Site Scripting",2003-01-14,snooq,php,webapps,0 22165,platforms/php/webapps/22165.txt,"Geeklog 1.3.7 - comment.php cid Parameter Cross-Site Scripting",2003-01-14,snooq,php,webapps,0 -22166,platforms/php/webapps/22166.txt,"Geeklog 1.3.7 - Homepage User Field HTML Injection",2003-01-14,snooq,php,webapps,0 +22166,platforms/php/webapps/22166.txt,"Geeklog 1.3.7 - 'Homepage User' HTML Injection",2003-01-14,snooq,php,webapps,0 22167,platforms/php/webapps/22167.txt,"vAuthenticate 2.8 - SQL Injection",2003-01-14,frog,php,webapps,0 22168,platforms/php/webapps/22168.txt,"vSignup 2.1 - SQL Injection",2003-01-14,frog,php,webapps,0 22169,platforms/cgi/webapps/22169.pl,"Psunami Bulletin Board 0.x - 'Psunami.cgi' Remote Command Execution (1)",2003-01-13,dodo,cgi,webapps,0 @@ -26835,7 +26835,7 @@ id,file,description,date,author,platform,type,port 22315,platforms/php/webapps/22315.pl,"Typo3 3.5 b5 - HTML Hidden Form Field Information Disclosure Weakness (1)",2003-02-28,"Martin Eiszner",php,webapps,0 22316,platforms/php/webapps/22316.pl,"Typo3 3.5 b5 - HTML Hidden Form Field Information Disclosure Weakness (2)",2003-02-28,"Martin Eiszner",php,webapps,0 22317,platforms/php/webapps/22317.txt,"GTCatalog 0.8.16/0.9 - Remote File Inclusion",2003-03-03,frog,php,webapps,0 -40413,platforms/php/webapps/40413.txt,"Joomla! Component 'com_videogallerylite' 1.0.9 - SQL Injection",2016-09-22,"Larry W. Cashdollar",php,webapps,80 +40413,platforms/php/webapps/40413.txt,"Joomla! Component com_videogallerylite 1.0.9 - SQL Injection",2016-09-22,"Larry W. Cashdollar",php,webapps,80 22318,platforms/php/webapps/22318.txt,"Webchat 0.77 - 'Defines.php' Remote File Inclusion",2003-03-03,frog,php,webapps,0 22336,platforms/php/webapps/22336.txt,"PHPPing 0.1 - Remote Command Execution",2003-03-06,"gregory Le Bras",php,webapps,0 22337,platforms/cgi/webapps/22337.txt,"Wordit Logbook 098b3 - Logbook.pl Remote Command Execution",2003-03-07,"Aleksey Sintsov",cgi,webapps,0 @@ -26934,7 +26934,7 @@ id,file,description,date,author,platform,type,port 22572,platforms/cgi/webapps/22572.pl,"HappyMall E-Commerce Software 4.3/4.4 - Member_HTML.cgi Command Execution",2003-05-08,"Revin Aldi",cgi,webapps,0 22577,platforms/php/webapps/22577.txt,"ttCMS 2.2 / ttForum 1.1 - news.php template Parameter Remote File Inclusion",2003-05-09,"Charles Reinold",php,webapps,0 22578,platforms/php/webapps/22578.txt,"ttCMS 2.2 / ttForum 1.1 - install.php installdir Parameter Remote File Inclusion",2003-05-09,"Charles Reinold",php,webapps,0 -22579,platforms/php/webapps/22579.txt,"Phorum 3.4.x - Message Form Field HTML Injection Variant",2003-05-09,WiciU,php,webapps,0 +22579,platforms/php/webapps/22579.txt,"Phorum 3.4.x - 'Message Form' HTML Injection",2003-05-09,WiciU,php,webapps,0 22583,platforms/asp/webapps/22583.pl,"Snitz Forums 2000 - register.asp SQL Injection",2003-05-10,sharpiemarker,asp,webapps,0 22588,platforms/cgi/webapps/22588.txt,"Happymall E-Commerce Software 4.3/4.4 - Normal_HTML.cgi Cross-Site Scripting",2003-05-12,"Julio Cesar",cgi,webapps,0 22589,platforms/php/webapps/22589.txt,"PHP-Nuke 5.x/6.x Web_Links Module - SQL Injection",2003-05-12,"Albert Puigsech Galicia",php,webapps,0 @@ -26986,7 +26986,7 @@ id,file,description,date,author,platform,type,port 22716,platforms/php/webapps/22716.txt,"WebChat 2.0 - users.php Cross-Site Scripting",2003-06-02,"Rynho Zeros Web",php,webapps,0 22717,platforms/php/webapps/22717.txt,"SPChat 0.8 Module - Remote File Inclusion",2003-06-02,"Rynho Zeros Web",php,webapps,0 22724,platforms/asp/webapps/22724.txt,"Xpressions Interactive - Multiple SQL Injections",2003-06-04,"Paul Craig",asp,webapps,0 -22725,platforms/php/webapps/22725.txt,"PHP 4 - PHPInfo Cross-Site Scripting",2002-10-12,"Matthew Murphy",php,webapps,0 +22725,platforms/php/webapps/22725.txt,"PHP 4 - 'PHPInfo()' Cross-Site Scripting",2002-10-12,"Matthew Murphy",php,webapps,0 22730,platforms/asp/webapps/22730.txt,"Mailtraq 2.2 - Browse.asp Cross-Site Scripting",2003-06-04,"Ziv Kamir",asp,webapps,0 22731,platforms/asp/webapps/22731.txt,"Mailtraq 2.2 - Webmail Utility Full Path Disclosure",2003-06-04,"Ziv Kamir",asp,webapps,0 22735,platforms/php/webapps/22735.txt,"iDev Rentals 1.0 - Multiple Vulnerabilities",2012-11-15,Vulnerability-Lab,php,webapps,0 @@ -27071,7 +27071,7 @@ id,file,description,date,author,platform,type,port 22927,platforms/php/webapps/22927.txt,"SimpNews 2.0.1/2.13 - 'path_simpnews' Parameter Remote File Inclusion",2003-07-18,PUPET,php,webapps,0 22929,platforms/php/webapps/22929.txt,"BuyClassifiedScript - PHP Code Injection",2012-11-26,d3b4g,php,webapps,0 22961,platforms/php/webapps/22961.txt,"Gallery 1.2/1.3.x - Search Engine Cross-Site Scripting",2003-07-27,"Larry Nguyen",php,webapps,0 -23008,platforms/php/webapps/23008.txt,"DCForum+ 1.2 - Subject Field HTML Injection",2003-08-11,G00db0y,php,webapps,0 +23008,platforms/php/webapps/23008.txt,"DCForum+ 1.2 - 'Subject' HTML Injection",2003-08-11,G00db0y,php,webapps,0 23009,platforms/php/webapps/23009.txt,"Stellar Docs 1.2 - Full Path Disclosure",2003-08-11,G00db0y,php,webapps,0 23010,platforms/php/webapps/23010.txt,"Better Basket Pro 3.0 Store Builder - Full Path Disclosure",2003-08-11,G00db0y,php,webapps,0 23011,platforms/php/webapps/23011.txt,"PHPOutSourcing Zorum 3.x - Cross-Site Scripting",2003-08-11,G00db0y,php,webapps,0 @@ -27118,7 +27118,7 @@ id,file,description,date,author,platform,type,port 23065,platforms/php/webapps/23065.txt,"AldWeb MiniPortail 1.9/2.x - LNG Parameter Cross-Site Scripting",2003-08-27,"Bahaa Naamneh",php,webapps,0 23067,platforms/php/webapps/23067.txt,"eNdonesia 8.2/8.3 - Mod Parameter Cross-Site Scripting",2003-08-27,"Bahaa Naamneh",php,webapps,0 23072,platforms/php/webapps/23072.txt,"Ezboard - 'invitefriends.php3' Cross-Site Scripting",2003-09-01,"David F. Madrid",php,webapps,0 -23084,platforms/php/webapps/23084.txt,"TSguestbook 2.1 - Message Field HTML Injection",2003-09-01,Trash-80,php,webapps,0 +23084,platforms/php/webapps/23084.txt,"TSguestbook 2.1 - 'Message' HTML Injection",2003-09-01,Trash-80,php,webapps,0 23085,platforms/cgi/webapps/23085.html,"Sitebuilder 1.4 - 'sitebuilder.cgi' Directory Traversal",2003-09-01,"Zero X",cgi,webapps,0 23099,platforms/php/webapps/23099.txt,"WebCalendar 0.9.x - (Multiple Modules) SQL Injection",2003-09-03,noconflic,php,webapps,0 23103,platforms/php/webapps/23103.txt,"Digital Scribe 1.x - Error Function Cross-Site Scripting",2003-09-05,Secunia,php,webapps,0 @@ -27141,7 +27141,7 @@ id,file,description,date,author,platform,type,port 23163,platforms/php/webapps/23163.txt,"Flying Dog Software Powerslave 4.3 Portalmanager - 'sql_id' Information Disclosure",2003-09-19,"H Zero Seven",php,webapps,0 23164,platforms/php/webapps/23164.txt,"myPHPNuke 1.8.8 - 'auth.inc.php' SQL Injection",2003-09-20,"Lifo Fifo",php,webapps,0 40403,platforms/php/webapps/40403.txt,"Dolphin 7.3.0 - Error-Based SQL Injection",2016-09-20,"Kacper Szurek",php,webapps,80 -23175,platforms/php/webapps/23175.txt,"yMonda Thread-IT 1.6 - Multiple Fields HTML Injection",2003-09-24,"Bahaa Naamneh",php,webapps,0 +23175,platforms/php/webapps/23175.txt,"yMonda Thread-IT 1.6 - Multiple HTML Injections",2003-09-24,"Bahaa Naamneh",php,webapps,0 23180,platforms/php/webapps/23180.txt,"Kordil EDms 2.2.60rc3 - SQL Injection",2012-12-06,"Woody Hughes",php,webapps,0 23184,platforms/windows/webapps/23184.txt,"Software602 602Pro LAN SUITE 2003 - Sensitive User Information Storage",2003-09-25,"Phuong Nguyen",windows,webapps,0 23192,platforms/php/webapps/23192.txt,"GuppY 2.4 - HTML Injection",2003-09-29,"David Suzanne",php,webapps,0 @@ -27179,10 +27179,10 @@ id,file,description,date,author,platform,type,port 23269,platforms/php/webapps/23269.txt,"FuzzyMonkey 2.11 - MyClassifieds Email Variable SQL Injection",2003-10-21,Ezhilan,php,webapps,0 23275,platforms/cgi/webapps/23275.txt,"DansGuardian 2.2.x - Denied URL Cross-Site Scripting",2003-10-22,"Richard Maudsley",cgi,webapps,0 23284,platforms/php/webapps/23284.txt,"MyBB Bank- 3 Plugin - SQL Injection",2012-12-11,Red_Hat,php,webapps,0 -23286,platforms/php/webapps/23286.txt,"Joomla! Component 'com_jooproperty' 1.13.0 - Multiple Vulnerabilities",2012-12-11,D4NB4R,php,webapps,0 +23286,platforms/php/webapps/23286.txt,"Joomla! Component com_jooproperty 1.13.0 - Multiple Vulnerabilities",2012-12-11,D4NB4R,php,webapps,0 23287,platforms/php/webapps/23287.txt,"MyBB Profile Blogs Plugin 1.2 - Multiple Vulnerabilities",2012-12-11,Zixem,php,webapps,0 23289,platforms/php/webapps/23289.txt,"PHP-Nuke 8.2.4 - Cross-Site Request Forgery",2012-12-11,sajith,php,webapps,0 -23313,platforms/php/webapps/23313.txt,"Ledscripts LedForums - Multiple Fields HTML Injection",2003-10-30,ProXy,php,webapps,0 +23313,platforms/php/webapps/23313.txt,"Ledscripts LedForums - Multiple HTML Injections",2003-10-30,ProXy,php,webapps,0 23294,platforms/php/webapps/23294.txt,"Chi Kien Uong Guestbook 1.51 - Cross-Site Scripting",2003-10-27,"Joshua P. Miller",php,webapps,0 23302,platforms/php/webapps/23302.txt,"Les Visiteurs 2.0 - Remote File Inclusion",2003-10-27,"Matthieu Peschaud",php,webapps,0 23315,platforms/jsp/webapps/23315.txt,"BEA WebLogic 6/7/8 - InteractiveQuery.jsp Cross-Site Scripting",2003-10-31,"Corsaire Limited",jsp,webapps,0 @@ -27594,7 +27594,7 @@ id,file,description,date,author,platform,type,port 24217,platforms/php/webapps/24217.txt,"phpHeaven phpMyChat 0.14.5 - admin.php3 Arbitrary File Access",2004-06-15,HEX,php,webapps,0 24225,platforms/php/webapps/24225.php,"osTicket STS 1.2 - Attachment Remote Command Execution",2004-06-21,"Guy Pearce",php,webapps,0 24227,platforms/php/webapps/24227.txt,"SqWebMail 4.0.4.20040524 - Email Header HTML Injection",2004-06-21,"Luca Legato",php,webapps,0 -24228,platforms/php/webapps/24228.txt,"Joomla! Component 'com_collector' - Arbitrary File Upload",2013-01-19,"Red Dragon_al",php,webapps,0 +24228,platforms/php/webapps/24228.txt,"Joomla! Component com_collector - Arbitrary File Upload",2013-01-19,"Red Dragon_al",php,webapps,0 24229,platforms/php/webapps/24229.txt,"WordPress Plugin Ripe HD FLV Player - SQL Injection",2013-01-19,Zikou-16,php,webapps,0 24231,platforms/php/webapps/24231.txt,"ArbitroWeb PHP Proxy 0.5/0.6 - Cross-Site Scripting",2004-06-22,"Josh Gilmour",php,webapps,0 24232,platforms/php/webapps/24232.txt,"PHP-Nuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x - Multiple Vulnerabilities",2004-06-23,"Janek Vind",php,webapps,0 @@ -27919,7 +27919,7 @@ id,file,description,date,author,platform,type,port 24847,platforms/php/webapps/24847.txt,"phpGroupWare 0.9.x - 'index.php' Multiple Parameter SQL Injection",2004-12-15,"James Bercegay",php,webapps,0 24849,platforms/php/webapps/24849.txt,"DaloRadius - Multiple Vulnerabilities",2013-03-18,"Saadi Siddiqui",php,webapps,0 24850,platforms/php/webapps/24850.txt,"WordPress Plugin Simply Poll 1.4.1 - Multiple Vulnerabilities",2013-03-18,m3tamantra,php,webapps,0 -24851,platforms/php/webapps/24851.txt,"Joomla! Component 'com_rsfiles' - 'cid' Parameter SQL Injection",2013-03-18,ByEge,php,webapps,0 +24851,platforms/php/webapps/24851.txt,"Joomla! Component com_rsfiles - 'cid' Parameter SQL Injection",2013-03-18,ByEge,php,webapps,0 24858,platforms/php/webapps/24858.html,"WordPress Plugin Occasions 1.0.4 - Cross-Site Request Forgery",2013-03-19,m3tamantra,php,webapps,0 24859,platforms/php/webapps/24859.rb,"WordPress Plugin Count Per Day 3.2.5 - 'counter.php' Cross-Site Scripting",2013-03-19,m3tamantra,php,webapps,0 24860,platforms/hardware/webapps/24860.txt,"Verizon Fios Router MI424WR-GEN3I - Cross-Site Request Forgery",2013-03-19,"Jacob Holcomb",hardware,webapps,0 @@ -28117,7 +28117,7 @@ id,file,description,date,author,platform,type,port 25244,platforms/php/webapps/25244.txt,"CzarNews 1.13/1.14 - 'headlines.php' Remote File Inclusion",2005-03-21,brOmstar,php,webapps,0 25245,platforms/php/webapps/25245.txt,"Social Site Generator 2.2 - Cross-Site Request Forgery (Add Admin)",2013-05-06,Fallaga,php,webapps,0 25247,platforms/php/webapps/25247.txt,"Craigslist Gold - SQL Injection",2013-05-06,Fallaga,php,webapps,0 -25248,platforms/php/webapps/25248.txt,"Joomla! Component 'dj-classifieds' 2.0 - Blind SQL Injection",2013-05-06,Napsterakos,php,webapps,0 +25248,platforms/php/webapps/25248.txt,"Joomla! Component dj-classifieds 2.0 - Blind SQL Injection",2013-05-06,Napsterakos,php,webapps,0 25249,platforms/php/webapps/25249.txt,"WeBid 1.0.6 - Multiple Vulnerabilities",2013-05-06,"Ahmed Aboul-Ela",php,webapps,0 25250,platforms/php/webapps/25250.txt,"OpenDocMan 1.2.6.5 - Persistent Cross-Site Scripting",2013-05-06,drone,php,webapps,0 25251,platforms/hardware/webapps/25251.txt,"D-Link DSL-320B - Multiple Vulnerabilities",2013-05-06,m-1-k-3,hardware,webapps,0 @@ -28164,9 +28164,9 @@ id,file,description,date,author,platform,type,port 25310,platforms/php/webapps/25310.txt,"PhotoPost Pro 5.1 - Slideshow.php photo Parameter Cross-Site Scripting",2005-03-28,"Diabolic Crab",php,webapps,0 25311,platforms/php/webapps/25311.txt,"PhotoPost Pro 5.1 - showmembers.php sl Parameter SQL Injection",2005-03-28,"Diabolic Crab",php,webapps,0 25312,platforms/php/webapps/25312.txt,"PhotoPost Pro 5.1 - showphoto.php photo Parameter SQL Injection",2005-03-28,"Diabolic Crab",php,webapps,0 -25313,platforms/asp/webapps/25313.txt,"ACS Blog 0.8/0.9/1.0/1.1 - Name Field HTML Injection",2005-03-28,"Dan Crowley",asp,webapps,0 +25313,platforms/asp/webapps/25313.txt,"ACS Blog 0.8/0.9/1.0/1.1 - 'Name' HTML Injection",2005-03-28,"Dan Crowley",asp,webapps,0 25314,platforms/php/webapps/25314.txt,"The Includer 1.0/1.1 - Remote File Inclusion",2005-03-29,"hoang yen",php,webapps,0 -25315,platforms/php/webapps/25315.html,"Chatness 2.5 - Message Form Field HTML Injection",2005-03-29,3nitro,php,webapps,0 +25315,platforms/php/webapps/25315.html,"Chatness 2.5 - 'Message Form' HTML Injection",2005-03-29,3nitro,php,webapps,0 25316,platforms/php/webapps/25316.txt,"CPG Dragonfly 9.0.2.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-29,mircia,php,webapps,0 25317,platforms/php/webapps/25317.txt,"UApplication Ublog 1.0.x - Cross-Site Scripting",2005-03-29,"PersianHacker Team",php,webapps,0 25318,platforms/asp/webapps/25318.txt,"Iatek IntranetApp 2.3 - ad_click.asp banner_id Parameter SQL Injection",2005-03-29,"Diabolic Crab",asp,webapps,0 @@ -28227,7 +28227,7 @@ id,file,description,date,author,platform,type,port 25404,platforms/php/webapps/25404.txt,"phpBB Photo Album Module 2.0.53 - Album_Comment.php Cross-Site Scripting",2005-04-13,Dcrab,php,webapps,0 25405,platforms/php/webapps/25405.txt,"Getsimple CMS 3.2.1 - Arbitrary File Upload",2013-05-13,"Ahmed Elhady Mohamed",php,webapps,0 25409,platforms/php/webapps/25409.txt,"Ajax Availability Calendar 3.x.x - Multiple Vulnerabilities",2013-05-13,AtT4CKxT3rR0r1ST,php,webapps,0 -25410,platforms/php/webapps/25410.txt,"Joomla! Component 'com_s5clanroster' - 'id' Parameter SQL Injection",2013-05-13,AtT4CKxT3rR0r1ST,php,webapps,0 +25410,platforms/php/webapps/25410.txt,"Joomla! Component com_s5clanroster - 'id' Parameter SQL Injection",2013-05-13,AtT4CKxT3rR0r1ST,php,webapps,0 25412,platforms/ios/webapps/25412.txt,"Wireless Disk PRO 2.3 iOS - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,ios,webapps,0 25413,platforms/hardware/webapps/25413.txt,"Wifi Photo Transfer 2.1/1.1 PRO - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,hardware,webapps,0 25414,platforms/ios/webapps/25414.txt,"Wifi Album 1.47 iOS - Command Injection",2013-05-13,Vulnerability-Lab,ios,webapps,0 @@ -28264,9 +28264,9 @@ id,file,description,date,author,platform,type,port 25464,platforms/php/webapps/25464.txt,"CityPost Simple PHP Upload - Simple-upload-53.php Cross-Site Scripting",2005-04-19,Thom,php,webapps,0 25466,platforms/asp/webapps/25466.txt,"ECommPro 3.0 - Admin/login.asp SQL Injection",2005-04-20,c0d3r,asp,webapps,0 25467,platforms/php/webapps/25467.txt,"Netref 4.2 - Cat_for_gen.php Remote PHP Script Injection",2005-04-20,jaguar,php,webapps,0 -25468,platforms/php/webapps/25468.txt,"PHP Labs - '.proFile' Dir URI Variable Cross-Site Scripting",2005-04-20,sNKenjoi,php,webapps,0 +25468,platforms/php/webapps/25468.txt,"PHP Labs - '.proFile' Dir URI Cross-Site Scripting",2005-04-20,sNKenjoi,php,webapps,0 25469,platforms/php/webapps/25469.txt,"Ocean12 Calendar Manager 1.0 - Admin Form SQL Injection",2005-04-20,Zinho,php,webapps,0 -25473,platforms/php/webapps/25473.txt,"PHP Labs - '.proFile' File URI Variable Cross-Site Scripting",2005-04-20,sNKenjoi,php,webapps,0 +25473,platforms/php/webapps/25473.txt,"PHP Labs - '.proFile' File URI Cross-Site Scripting",2005-04-20,sNKenjoi,php,webapps,0 25474,platforms/php/webapps/25474.txt,"phpBB-Auction Module 1.0/1.2 - Auction_Rating.php SQL Injection",2005-04-20,sNKenjoi,php,webapps,0 25475,platforms/php/webapps/25475.txt,"phpBB-Auction Module 1.0/1.2 - Auction_Offer.php SQL Injection",2005-04-20,sNKenjoi,php,webapps,0 25476,platforms/asp/webapps/25476.txt,"DUportal Pro 3.4 - 'default.asp' Multiple Parameter SQL Injections",2005-04-20,Dcrab,asp,webapps,0 @@ -28853,7 +28853,7 @@ id,file,description,date,author,platform,type,port 26215,platforms/php/webapps/26215.txt,"FlatNuke 2.5.6 - USR Parameter Cross-Site Scripting",2005-08-31,rgod,php,webapps,0 26217,platforms/php/webapps/26217.html,"CMS Made Simple 0.10 - 'Lang.php' Remote File Inclusion",2005-08-31,groszynskif,php,webapps,0 26223,platforms/php/webapps/26223.txt,"Land Down Under 601/602/700/701/800/801 - events.php HTML Injection",2005-09-06,conor.e.buckley,php,webapps,0 -26224,platforms/php/webapps/26224.txt,"Unclassified NewsBoard 1.5.3 - Description Field HTML Injection",2005-09-06,retrogod@aliceposta.it,php,webapps,0 +26224,platforms/php/webapps/26224.txt,"Unclassified NewsBoard 1.5.3 - 'Description' HTML Injection",2005-09-06,retrogod@aliceposta.it,php,webapps,0 26225,platforms/php/webapps/26225.txt,"MAXdev MD-Pro 1.0.73 - Arbitrary File Upload",2005-09-06,rgod,php,webapps,0 26226,platforms/php/webapps/26226.txt,"MAXdev MD-Pro 1.0.73 - Multiple Cross-Site Scripting Vulnerabilities",2005-09-06,rgod,php,webapps,0 26228,platforms/php/webapps/26228.txt,"MyBulletinBoard (MyBB) 1.0 - Multiple SQL Injections",2005-09-06,stranger-killer,php,webapps,0 @@ -29728,7 +29728,7 @@ id,file,description,date,author,platform,type,port 27340,platforms/php/webapps/27340.txt,"SMBlog 1.2 - Arbitrary PHP Command Execution",2006-03-01,botan,php,webapps,0 27341,platforms/php/webapps/27341.txt,"DCI-Designs Dawaween 1.03 - Poems.php SQL Injection",2006-03-02,sherba,php,webapps,0 27342,platforms/php/webapps/27342.txt,"PluggedOut Nexus 0.1 - forgotten_password.php SQL Injection",2006-03-02,"Hamid Ebadi",php,webapps,0 -27343,platforms/php/webapps/27343.txt,"vBulletin 3.0/3.5 - profile.php Email Field HTML Injection",2006-03-02,imei,php,webapps,0 +27343,platforms/php/webapps/27343.txt,"vBulletin 3.0/3.5 - 'profile.php Email' HTML Injection",2006-03-02,imei,php,webapps,0 27344,platforms/php/webapps/27344.txt,"NZ eCommerce System - 'index.php' Multiple Parameter SQL Injection",2006-03-02,r0t,php,webapps,0 27345,platforms/php/webapps/27345.txt,"LogIT 1.3/1.4 - Remote File Inclusion",2006-03-02,botan,php,webapps,0 27346,platforms/php/webapps/27346.txt,"VBZoom Forum 1.11 - show.php MainID SQL Injection",2006-03-04,Mr.SNAKE,php,webapps,0 @@ -29736,7 +29736,7 @@ id,file,description,date,author,platform,type,port 27348,platforms/php/webapps/27348.txt,"VBZooM Forum 1.11 - contact.php UserID Parameter Cross-Site Scripting",2006-03-04,Mr.SNAKE,php,webapps,0 27354,platforms/php/webapps/27354.txt,"Easy Forum 2.5 - New User Image File HTML Injection",2006-03-04,"Aliaksandr Hartsuyeu",php,webapps,0 27355,platforms/php/webapps/27355.txt,"Woltlab Burning Board 2.3.4 - misc.php Cross-Site Scripting",2006-03-04,r57shell,php,webapps,0 -27362,platforms/php/webapps/27362.txt,"Bitweaver 1.1/1.2 - Title Field HTML Injection",2006-03-06,Kiki,php,webapps,0 +27362,platforms/php/webapps/27362.txt,"Bitweaver 1.1/1.2 - 'Title' HTML Injection",2006-03-06,Kiki,php,webapps,0 27363,platforms/php/webapps/27363.txt,"PHORUM 3.x/5.x - 'Common.php' Remote File Inclusion",2006-03-06,ERNE,php,webapps,0 27364,platforms/php/webapps/27364.txt,"Game-Panel 2.6 - 'login.php' Cross-Site Scripting",2006-03-06,Retard,php,webapps,0 27557,platforms/php/webapps/27557.pl,"PHPSelect Submit-A-Link - HTML Injection",2006-04-01,s3rv3r_hack3r,php,webapps,0 @@ -29748,9 +29748,9 @@ id,file,description,date,author,platform,type,port 27372,platforms/php/webapps/27372.txt,"HitHost 1.0 - viewuser.php hits Parameter Cross-Site Scripting",2006-03-06,Retard,php,webapps,0 27373,platforms/php/webapps/27373.txt,"TextFileBB 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-08,Retard,php,webapps,0 27374,platforms/php/webapps/27374.txt,"sBlog 0.7.2 - 'search.php keyword' Parameter POST Method Cross-Site Scripting",2006-03-09,Kiki,php,webapps,0 -27375,platforms/php/webapps/27375.txt,"sBlog 0.7.2 - 'comments_do.php' Multiple Variable POST Method Cross-Site Scripting",2006-03-09,Kiki,php,webapps,0 +27375,platforms/php/webapps/27375.txt,"sBlog 0.7.2 - 'comments_do.php' Multiple POST Method Cross-Site Scripting",2006-03-09,Kiki,php,webapps,0 27376,platforms/ios/webapps/27376.txt,"FTP OnConnect 1.4.11 iOS - Multiple Vulnerabilities",2013-08-07,Vulnerability-Lab,ios,webapps,0 -27379,platforms/php/webapps/27379.txt,"ADP Forum 2.0.x - Subject Field HTML Injection",2006-03-09,liz0,php,webapps,0 +27379,platforms/php/webapps/27379.txt,"ADP Forum 2.0.x - 'Subject' HTML Injection",2006-03-09,liz0,php,webapps,0 27380,platforms/php/webapps/27380.txt,"MyBloggie 2.1.2/2.1.3 - 'upload.php' Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27381,platforms/php/webapps/27381.txt,"MyBloggie 2.1.2/2.1.3 - 'delcomment.php' Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27382,platforms/php/webapps/27382.txt,"MyBloggie 2.1.2/2.1.3 - 'deluser.php' Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 @@ -29772,7 +29772,7 @@ id,file,description,date,author,platform,type,port 27399,platforms/php/webapps/27399.txt,"WordPress Plugin Booking Calendar 4.1.4 - Cross-Site Request Forgery",2013-08-07,"Dylan Irzi",php,webapps,0 27402,platforms/hardware/webapps/27402.txt,"Hikvision IP Cameras 4.1.0 b130111 - Multiple Vulnerabilities",2013-08-07,"Core Security",hardware,webapps,0 27403,platforms/php/webapps/27403.txt,"WordPress Plugin Usernoise 3.7.8 - Persistent Cross-Site Scripting",2013-08-07,RogueCoder,php,webapps,0 -27405,platforms/php/webapps/27405.txt,"Joomla! Component 'com_sectionex' 2.5.96 - SQL Injection",2013-08-07,"Matias Fontanini",php,webapps,0 +27405,platforms/php/webapps/27405.txt,"Joomla! Component com_sectionex 2.5.96 - SQL Injection",2013-08-07,"Matias Fontanini",php,webapps,0 27406,platforms/windows/webapps/27406.txt,"McAfee SuperScan 4.0 - Cross-Site Scripting",2013-08-07,"Trustwave's SpiderLabs",windows,webapps,0 27408,platforms/php/webapps/27408.txt,"txtForum 1.0.3/1.0.4 - Remote PHP Script Code Injection",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27409,platforms/php/webapps/27409.txt,"QwikiWiki 1.4/1.5 - 'index.php' Multiple Parameter Cross-Site Scripting",2006-03-10,Kiki,php,webapps,0 @@ -30125,7 +30125,7 @@ id,file,description,date,author,platform,type,port 27872,platforms/php/webapps/27872.txt,"PhpVibe 3.1 - Multiple Vulnerabilities",2013-08-26,Esac,php,webapps,0 27876,platforms/php/webapps/27876.txt,"MusicBox 2.3.8 - Multiple Vulnerabilities",2013-08-26,DevilScreaM,php,webapps,0 27878,platforms/hardware/webapps/27878.txt,"Loftek Nexus 543 IP Cameras - Multiple Vulnerabilities",2013-08-26,"Craig Young",hardware,webapps,0 -27879,platforms/php/webapps/27879.txt,"Joomla! Component 'com_virtuemart' 2.0.22a - SQL Injection",2013-08-26,"Matias Fontanini",php,webapps,0 +27879,platforms/php/webapps/27879.txt,"Joomla! Component com_virtuemart 2.0.22a - SQL Injection",2013-08-26,"Matias Fontanini",php,webapps,0 27880,platforms/php/webapps/27880.pl,"RadScripts RadLance 7.0 - 'popup.php' Local File Inclusion",2006-05-15,Mr.CrackerZ,php,webapps,0 27881,platforms/php/webapps/27881.txt,"PHPODP 1.5 - ODP.php Cross-Site Scripting",2006-05-15,Kiki,php,webapps,0 27883,platforms/php/webapps/27883.txt,"MonoChat 1.0 - HTML Injection",2005-05-15,X-BOY,php,webapps,0 @@ -30251,7 +30251,7 @@ id,file,description,date,author,platform,type,port 28074,platforms/php/webapps/28074.txt,"V3 Chat Instant Messenger - expire.php cust_name Parameter Cross-Site Scripting",2006-06-20,Luny,php,webapps,0 28075,platforms/php/webapps/28075.txt,"V3 Chat Instant Messenger - mycontacts.php membername Arbitrary User Buddy List Manipulation",2006-06-20,Luny,php,webapps,0 28076,platforms/php/webapps/28076.txt,"vBulletin 3.0.9/3.5.x - member.php Cross-Site Scripting",2006-06-20,CrAzY.CrAcKeR,php,webapps,0 -28078,platforms/php/webapps/28078.txt,"e107 0.7.5 - Subject field HTML Injection",2006-06-21,"EllipSiS Security",php,webapps,0 +28078,platforms/php/webapps/28078.txt,"e107 0.7.5 - 'Subject' HTML Injection",2006-06-21,"EllipSiS Security",php,webapps,0 28086,platforms/asp/webapps/28086.txt,"Maximus SchoolMAX 4.0.1 - Error_msg Parameter Cross-Site Scripting",2006-06-21,"Charles Hooper",asp,webapps,0 28088,platforms/php/webapps/28088.txt,"PHP Event Calendar 4.2 - SQL Injection",2006-06-22,Silitix,php,webapps,0 28089,platforms/php/webapps/28089.txt,"Woltlab Burning Board 1.2/2.0/2.3 - newthread.php boardid Parameter SQL Injection",2006-06-22,"CrAzY CrAcKeR",php,webapps,0 @@ -30753,10 +30753,10 @@ id,file,description,date,author,platform,type,port 28787,platforms/php/webapps/28787.txt,"Dokeos 1.6.4 - Multiple Remote File Inclusions Vulnerabilities",2006-10-11,viper-haCker,php,webapps,0 28790,platforms/php/webapps/28790.txt,"phpList 2.x - Public Pages MultipleCross-Site Scripting Vulnerabilities",2006-10-12,"Michiel Dethmers",php,webapps,0 28791,platforms/php/webapps/28791.txt,"PHP TopSites FREE 1.022b - 'config.php' Remote File Inclusion",2006-10-12,"Le CoPrA",php,webapps,0 -28792,platforms/php/webapps/28792.txt,"MamboLaiThai ExtCalThai 0.9.1 - admin_events.php CONFIG_EXT[LANGUAGES_DIR] Parameter Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0 -28793,platforms/php/webapps/28793.txt,"MamboLaiThai ExtCalThai 0.9.1 - mail.inc.php CONFIG_EXT[LIB_DIR] Parameter Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0 +28792,platforms/php/webapps/28792.txt,"MamboLaiThai ExtCalThai 0.9.1 - 'admin_events.php CONFIG_EXT[LANGUAGES_DIR]' Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0 +28793,platforms/php/webapps/28793.txt,"MamboLaiThai ExtCalThai 0.9.1 - 'mail.inc.php CONFIG_EXT[LIB_DIR]' Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0 28794,platforms/php/webapps/28794.txt,"4Images 1.7 - 'details.php' Cross-Site Scripting",2006-10-12,"Christian Marthen",php,webapps,0 -28795,platforms/php/webapps/28795.php,"FreeWPS 2.11 - upload.php Remote Command Execution",2006-10-12,"HACKERS PAL",php,webapps,0 +28795,platforms/php/webapps/28795.php,"FreeWPS 2.11 - 'upload.php' Remote Command Execution",2006-10-12,"HACKERS PAL",php,webapps,0 28796,platforms/php/webapps/28796.pl,"Buzlas 2006-1 Full - 'Archive_Topic.php' Remote File Inclusion",2006-09-29,"Nima Salehi",php,webapps,0 28797,platforms/php/webapps/28797.txt,"Bloq 0.5.4 - 'index.php' page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0 28798,platforms/php/webapps/28798.txt,"Bloq 0.5.4 - admin.php page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0 @@ -32016,7 +32016,7 @@ id,file,description,date,author,platform,type,port 30675,platforms/jsp/webapps/30675.txt,"InnovaPortal - tc/contents/home001.jsp contentid Parameter Cross-Site Scripting",2007-10-15,JosS,jsp,webapps,0 30676,platforms/jsp/webapps/30676.txt,"InnovaPortal - msg.jsp msg Parameter Cross-Site Scripting",2007-10-15,JosS,jsp,webapps,0 30682,platforms/php/webapps/30682.txt,"SiteBar 3.3.8 - translator.php dir Parameter Traversal Arbitrary File Access",2007-10-18,"Robert Buchholz",php,webapps,0 -30683,platforms/php/webapps/30683.txt,"SiteBar 3.3.8 - 'translator.php' upd cmd Action edit Variable Arbitrary PHP Code Execution",2007-10-18,"Robert Buchholz",php,webapps,0 +30683,platforms/php/webapps/30683.txt,"SiteBar 3.3.8 - 'translator.php upd/cmd/Action/edit' Arbitrary PHP Code Execution",2007-10-18,"Robert Buchholz",php,webapps,0 30684,platforms/php/webapps/30684.txt,"SiteBar 3.3.8 - integrator.php lang Parameter Cross-Site Scripting",2007-10-18,"Robert Buchholz",php,webapps,0 30685,platforms/php/webapps/30685.txt,"SiteBar 3.3.8 - 'index.php' target Parameter Cross-Site Scripting",2007-10-18,"Robert Buchholz",php,webapps,0 30686,platforms/php/webapps/30686.txt,"SiteBar 3.3.8 - command.php Modify User Action uid Parameter Cross-Site Scripting",2007-10-18,"Robert Buchholz",php,webapps,0 @@ -32239,7 +32239,7 @@ id,file,description,date,author,platform,type,port 31073,platforms/java/webapps/31073.html,"SunGard Banner Student 7.3 - 'add1' Parameter Cross-Site Scripting",2008-01-29,"Brendan M. Hickey",java,webapps,0 31074,platforms/php/webapps/31074.txt,"Nucleus CMS 3.22 - 'action.php' Cross-Site Scripting",2008-01-20,"Alexandr Polyakov",php,webapps,0 31075,platforms/php/webapps/31075.txt,"AmpJuke 0.7 - 'index.php' Cross-Site Scripting",2008-01-29,ShaFuck31,php,webapps,0 -31077,platforms/php/webapps/31077.txt,"Joomla! / Mambo Component 'com_buslicense' - 'aid' Parameter SQL Injection",2008-01-30,S@BUN,php,webapps,0 +31077,platforms/php/webapps/31077.txt,"Joomla! / Mambo Component com_buslicense - 'aid' Parameter SQL Injection",2008-01-30,S@BUN,php,webapps,0 31079,platforms/php/webapps/31079.txt,"webSPELL 4.1.2 - 'whoisonline.php' Cross-Site Scripting",2008-01-30,NBBN,php,webapps,0 31080,platforms/php/webapps/31080.txt,"YeSiL KoRiDoR Ziyaretçi Defteri - 'index.php' SQL Injection",2008-01-30,ShaFuck31,php,webapps,0 31081,platforms/cgi/webapps/31081.txt,"OpenBSD 4.1 - bgplg 'cmd' Parameter Cross-Site Scripting",2007-10-10,"Anton Karpov",cgi,webapps,0 @@ -32269,7 +32269,7 @@ id,file,description,date,author,platform,type,port 31116,platforms/php/webapps/31116.txt,"Pagetool 1.07 - 'search_term' Parameter Cross-Site Scripting",2008-02-06,Phanter-Root,php,webapps,0 31117,platforms/asp/webapps/31117.txt,"Ipswitch WS_FTP Server 6 - '/WSFTPSVR/FTPLogServer/LogViewer.asp' Authentication Bypass",2008-02-06,"Luigi Auriemma",asp,webapps,0 31120,platforms/php/webapps/31120.txt,"MODx 0.9.6 - 'index.php' Multiple Parameter Cross-Site Scripting",2008-02-07,"Alexandr Polyakov",php,webapps,0 -31121,platforms/php/webapps/31121.txt,"Joomla! / Mambo Component 'com_sermon' 0.2 - 'gid' Parameter SQL Injection",2008-02-07,S@BUN,php,webapps,0 +31121,platforms/php/webapps/31121.txt,"Joomla! / Mambo Component com_sermon 0.2 - 'gid' Parameter SQL Injection",2008-02-07,S@BUN,php,webapps,0 31124,platforms/php/webapps/31124.txt,"Calimero.CMS 3.3 - 'id' Parameter Cross-Site Scripting",2008-02-08,Psiczn,php,webapps,0 31125,platforms/php/webapps/31125.txt,"Joovili 2.1 - 'members_help.php' Remote File Inclusion",2008-02-08,Cr@zy_King,php,webapps,0 31126,platforms/php/webapps/31126.txt,"S9Y Serendipity Freetag-plugin 2.95 - 'style' Parameter Cross-Site Scripting",2008-02-08,"Alexander Brachmann",php,webapps,0 @@ -32277,7 +32277,7 @@ id,file,description,date,author,platform,type,port 31131,platforms/php/webapps/31131.txt,"PK-Designs PKs Movie Database 3.0.3 - 'index.php' SQL Injection / Cross-Site Scripting",2008-02-09,Houssamix,php,webapps,0 31134,platforms/php/webapps/31134.txt,"VWar 1.5 - 'calendar.php' SQL Injection",2008-02-11,Pouya_Server,php,webapps,0 31135,platforms/php/webapps/31135.txt,"Rapid-Source Rapid-Recipe Component - Multiple SQL Injections",2008-02-11,breaker_unit,php,webapps,0 -31137,platforms/php/webapps/31137.txt,"Joomla! / Mambo Component 'com_comments' 0.5.8.5g - 'id' Parameter SQL Injection",2008-02-11,CheebaHawk215,php,webapps,0 +31137,platforms/php/webapps/31137.txt,"Joomla! / Mambo Component com_comments 0.5.8.5g - 'id' Parameter SQL Injection",2008-02-11,CheebaHawk215,php,webapps,0 31140,platforms/php/webapps/31140.txt,"iTechClassifieds 3.03.057 - SQL Injection",2014-01-23,vinicius777,php,webapps,0 31141,platforms/php/webapps/31141.txt,"godontologico 5 - SQL Injection",2014-01-23,vinicius777,php,webapps,0 31142,platforms/php/webapps/31142.txt,"Simple E-document 1.31 - Login Bypass",2014-01-23,vinicius777,php,webapps,0 @@ -32287,7 +32287,7 @@ id,file,description,date,author,platform,type,port 31146,platforms/php/webapps/31146.txt,"Cells Blog 3.3 - Reflected Cross-Site Scripting / Blind SQLite Injection",2014-01-23,vinicius777,php,webapps,0 31147,platforms/php/webapps/31147.txt,"Adult WebMaster PHP - Password Disclosure",2014-01-23,vinicius777,php,webapps,0 31154,platforms/php/webapps/31154.txt,"Counter Strike Portals - 'download' SQL Injection",2008-02-12,S@BUN,php,webapps,0 -31155,platforms/php/webapps/31155.txt,"Joomla! / Mambo Component 'com_iomezun' - 'id' Parameter SQL Injection",2008-02-12,S@BUN,php,webapps,0 +31155,platforms/php/webapps/31155.txt,"Joomla! / Mambo Component com_iomezun - 'id' Parameter SQL Injection",2008-02-12,S@BUN,php,webapps,0 31156,platforms/php/webapps/31156.txt,"Cacti 0.8.7 - graph_view.php graph_list Parameter SQL Injection",2008-02-12,aScii,php,webapps,0 31157,platforms/php/webapps/31157.txt,"Cacti 0.8.7 - graph.php view_type Parameter Cross-Site Scripting",2008-02-12,aScii,php,webapps,0 31158,platforms/php/webapps/31158.txt,"Cacti 0.8.7 - graph_view.php filter Parameter Cross-Site Scripting",2008-02-12,aScii,php,webapps,0 @@ -32306,9 +32306,9 @@ id,file,description,date,author,platform,type,port 31175,platforms/php/webapps/31175.txt,"Joomla! Component JV Comment 3.0.2 - 'id' Parameter SQL Injection",2014-01-24,"High-Tech Bridge SA",php,webapps,80 31180,platforms/hardware/webapps/31180.txt,"Franklin Fueling TS-550 evo 2.0.0.6833 - Multiple Vulnerabilities",2014-01-24,"Trustwave's SpiderLabs",hardware,webapps,10001 31183,platforms/php/webapps/31183.txt,"Skybluecanvas CMS 1.1 r248-03 - Remote Command Execution",2014-01-24,"Scott Parish",php,webapps,80 -31272,platforms/php/webapps/31272.txt,"Joomla! / Mambo Component 'com_Joomlavvz' - 'id' Parameter SQL Injection",2008-02-20,S@BUN,php,webapps,0 -31273,platforms/php/webapps/31273.txt,"Joomla! / Mambo Component 'com_most' - 'secid' Parameter SQL Injection",2008-02-21,S@BUN,php,webapps,0 -31274,platforms/php/webapps/31274.txt,"Joomla! / Mambo Component 'com_asortyment' - 'katid' Parameter SQL Injection",2008-02-21,S@BUN,php,webapps,0 +31272,platforms/php/webapps/31272.txt,"Joomla! / Mambo Component com_Joomlavvz - 'id' Parameter SQL Injection",2008-02-20,S@BUN,php,webapps,0 +31273,platforms/php/webapps/31273.txt,"Joomla! / Mambo Component com_most - 'secid' Parameter SQL Injection",2008-02-21,S@BUN,php,webapps,0 +31274,platforms/php/webapps/31274.txt,"Joomla! / Mambo Component com_asortyment - 'katid' Parameter SQL Injection",2008-02-21,S@BUN,php,webapps,0 31269,platforms/php/webapps/31269.txt,"Spyce 2.1.3 - spyce/examples/formtag.spy Multiple Parameter Cross-Site Scripting",2007-02-19,"Richard Brain",php,webapps,0 31270,platforms/php/webapps/31270.txt,"Spyce 2.1.3 - spyce/examples/automaton.spy Direct Request Error Message Information Disclosure",2007-02-19,"Richard Brain",php,webapps,0 31265,platforms/php/webapps/31265.txt,"Spyce 2.1.3 - docs/examples/redirect.spy Multiple Parameter Cross-Site Scripting",2007-02-19,"Richard Brain",php,webapps,0 @@ -32317,8 +32317,8 @@ id,file,description,date,author,platform,type,port 31268,platforms/php/webapps/31268.txt,"Spyce 2.1.3 - spyce/examples/getpost.spy Name Parameter Cross-Site Scripting",2007-02-19,"Richard Brain",php,webapps,0 31189,platforms/java/webapps/31189.txt,"Cisco Unified Communications Manager 6.1 - 'key' Parameter SQL Injection",2008-02-13,"Nico Leidecker",java,webapps,0 31191,platforms/asp/webapps/31191.txt,"Site2Nite Real Estate Web - 'agentlist.asp' Multiple SQL Injections",2008-02-13,S@BUN,asp,webapps,0 -31192,platforms/php/webapps/31192.txt,"Joomla! / Mambo Component 'com_model' - 'objid' Parameter SQL Injection",2008-02-13,S@BUN,php,webapps,0 -31193,platforms/php/webapps/31193.txt,"Joomla! / Mambo Component 'com_omnirealestate' - 'objid' Parameter SQL Injection",2008-02-13,S@BUN,php,webapps,0 +31192,platforms/php/webapps/31192.txt,"Joomla! / Mambo Component com_model - 'objid' Parameter SQL Injection",2008-02-13,S@BUN,php,webapps,0 +31193,platforms/php/webapps/31193.txt,"Joomla! / Mambo Component com_omnirealestate - 'objid' Parameter SQL Injection",2008-02-13,S@BUN,php,webapps,0 31194,platforms/php/webapps/31194.txt,"Dokeos 1.8.4 - whoisonline.php id Parameter SQL Injection",2008-02-15,"Alexandr Polyakov",php,webapps,0 31195,platforms/php/webapps/31195.txt,"Dokeos 1.8.4 - main/inc/lib/events.lib.inc.php Referer HTTP Header SQL Injection",2008-02-15,"Alexandr Polyakov",php,webapps,0 31196,platforms/php/webapps/31196.txt,"Dokeos 1.8.4 - main/calendar/myagenda.php courseCode Parameter Cross-Site Scripting",2008-02-15,"Alexandr Polyakov",php,webapps,0 @@ -32328,15 +32328,15 @@ id,file,description,date,author,platform,type,port 31200,platforms/php/webapps/31200.txt,"Dokeos 1.8.4 - main/create_course/add_course.php tutor_name Parameter SQL Injection",2008-02-15,"Alexandr Polyakov",php,webapps,0 31201,platforms/php/webapps/31201.txt,"artmedic webdesign weblog - Multiple Local File Inclusion",2008-02-14,muuratsalo,php,webapps,0 31202,platforms/php/webapps/31202.txt,"PlutoStatus Locator 1.0pre alpha - 'index.php' Local File Inclusion",2008-02-14,muuratsalo,php,webapps,0 -31206,platforms/php/webapps/31206.txt,"Joomla! / Mambo Component 'com_smslist' - 'listid' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 -31207,platforms/php/webapps/31207.txt,"Joomla! / Mambo Component 'com_activities' - 'id' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 +31206,platforms/php/webapps/31206.txt,"Joomla! / Mambo Component com_smslist - 'listid' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 +31207,platforms/php/webapps/31207.txt,"Joomla! / Mambo Component com_activities - 'id' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 31208,platforms/php/webapps/31208.txt,"Joomla! / Mambo Component com_sg - 'pid' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 31209,platforms/php/webapps/31209.txt,"Joomla! / Mambo Component faq - 'catid' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 31210,platforms/php/webapps/31210.txt,"Yellow Swordfish Simple Forum 1.10/1.11 - 'topic' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 31211,platforms/php/webapps/31211.txt,"Yellow Swordfish Simple Forum 1.7/1.9 - 'index.php' SQL Injection",2008-02-15,S@BUN,php,webapps,0 31212,platforms/php/webapps/31212.txt,"Yellow Swordfish Simple Forum 1.x - 'topic' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 31213,platforms/php/webapps/31213.txt,"Joomla! / Mambo Component com_salesrep - 'rid' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 -31214,platforms/php/webapps/31214.txt,"Joomla! / Mambo Component 'com_lexikon' - 'id' Parameter SQL Injection",2008-02-16,S@BUN,php,webapps,0 +31214,platforms/php/webapps/31214.txt,"Joomla! / Mambo Component com_lexikon - 'id' Parameter SQL Injection",2008-02-16,S@BUN,php,webapps,0 31215,platforms/php/webapps/31215.txt,"Joomla! / Mambo Component Filebase - 'filecatid' Parameter SQL Injection",2008-02-16,S@BUN,php,webapps,0 31216,platforms/php/webapps/31216.txt,"Joomla! / Mambo Component com_scheduling - 'id' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 31217,platforms/php/webapps/31217.txt,"BanPro Dms 1.0 - 'index.php' Local File Inclusion",2008-02-16,muuratsalo,php,webapps,0 @@ -32362,13 +32362,13 @@ id,file,description,date,author,platform,type,port 31237,platforms/php/webapps/31237.txt,"Jinzora 2.7.5 - slim.php Multiple Parameter Cross-Site Scripting",2008-02-19,"Alexandr Polyakov",php,webapps,0 31238,platforms/php/webapps/31238.txt,"Jinzora 2.7.5 - popup.php Multiple Parameter Cross-Site Scripting",2008-02-19,"Alexandr Polyakov",php,webapps,0 31239,platforms/php/webapps/31239.txt,"Google Hack Honeypot File Upload Manager 1.3 - 'delall' Unauthorized File Access",2008-02-19,Mr-m07,php,webapps,0 -31240,platforms/php/webapps/31240.txt,"SmarterTools SmarterMail 4.3 - Subject Field HTML Injection",2008-02-19,"Juan Pablo Lopez Yacubian",php,webapps,0 +31240,platforms/php/webapps/31240.txt,"SmarterTools SmarterMail 4.3 - 'Subject' HTML Injection",2008-02-19,"Juan Pablo Lopez Yacubian",php,webapps,0 31241,platforms/php/webapps/31241.txt,"PHP-Nuke Sections Module - 'artid' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0 31242,platforms/php/webapps/31242.txt,"Facile Forms 1.x - 'catid' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0 -31243,platforms/php/webapps/31243.txt,"Joomla! / Mambo Component 'com_team' - SQL Injection",2008-02-19,S@BUN,php,webapps,0 -31244,platforms/php/webapps/31244.txt,"Joomla! / Mambo Component 'com_iigcatalog' - 'cat' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0 -31245,platforms/php/webapps/31245.txt,"Joomla! / Mambo Component 'com_formtool' - 'catid' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0 -31246,platforms/php/webapps/31246.txt,"Joomla! / Mambo Component 'com_genealogy' - 'id' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0 +31243,platforms/php/webapps/31243.txt,"Joomla! / Mambo Component com_team - SQL Injection",2008-02-19,S@BUN,php,webapps,0 +31244,platforms/php/webapps/31244.txt,"Joomla! / Mambo Component com_iigcatalog - 'cat' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0 +31245,platforms/php/webapps/31245.txt,"Joomla! / Mambo Component com_formtool - 'catid' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0 +31246,platforms/php/webapps/31246.txt,"Joomla! / Mambo Component com_genealogy - 'id' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0 31247,platforms/php/webapps/31247.txt,"Joomla! Component iJoomla! com_magazine - 'pageid' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0 31248,platforms/php/webapps/31248.txt,"XOOPS 'vacatures' Module - 'cid' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0 31249,platforms/php/webapps/31249.txt,"XOOPS 'events' Module - 'id' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0 @@ -32393,18 +32393,18 @@ id,file,description,date,author,platform,type,port 31284,platforms/php/webapps/31284.txt,"XOOPS 'prayerlist' Module - 'cid' Parameter SQL Injection",2008-02-21,S@BUN,php,webapps,0 31286,platforms/asp/webapps/31286.txt,"Citrix Metaframe Web Manager - 'login.asp' Cross-Site Scripting",2008-02-22,Handrix,asp,webapps,0 31287,platforms/php/webapps/31287.txt,"PHP-Nuke Recipe Module 1.3 - 'recipeid' Parameter SQL Injection",2008-02-23,S@BUN,php,webapps,0 -31288,platforms/php/webapps/31288.txt,"Joomla! / Mambo Component 'com_hello_world' - 'id' Parameter SQL Injection",2008-02-23,S@BUN,php,webapps,0 +31288,platforms/php/webapps/31288.txt,"Joomla! / Mambo Component com_hello_world - 'id' Parameter SQL Injection",2008-02-23,S@BUN,php,webapps,0 31289,platforms/php/webapps/31289.txt,"PHP-Nuke Gallery 1.3 Module - 'artid' Parameter SQL Injection",2008-02-23,S@BUN,php,webapps,0 31290,platforms/php/webapps/31290.txt,"AuraCMS 2.2 - 'lihatberita' Module SQL Injection",2008-02-23,S@BUN,php,webapps,0 -31291,platforms/php/webapps/31291.txt,"Joomla! / Mambo Component 'com_publication' - 'pid' Parameter SQL Injection",2008-02-25,"Aria-Security Team",php,webapps,0 -31292,platforms/php/webapps/31292.txt,"Joomla! / Mambo Component 'com_blog' - 'pid' Parameter SQL Injection",2008-02-25,"Aria-Security Team",php,webapps,0 +31291,platforms/php/webapps/31291.txt,"Joomla! / Mambo Component com_publication - 'pid' Parameter SQL Injection",2008-02-25,"Aria-Security Team",php,webapps,0 +31292,platforms/php/webapps/31292.txt,"Joomla! / Mambo Component com_blog - 'pid' Parameter SQL Injection",2008-02-25,"Aria-Security Team",php,webapps,0 31293,platforms/php/webapps/31293.txt,"Gary's Cookbook 3.0 - 'id' Parameter SQL Injection",2008-02-25,S@BUN,php,webapps,0 31294,platforms/php/webapps/31294.txt,"Softbiz Jokes and Funny Pictures Script - 'sbcat_id' Parameter SQL Injection",2008-02-25,-=Mizo=-,php,webapps,0 -31295,platforms/php/webapps/31295.txt,"Joomla! / Mambo Component 'com_wines' 1.0 - 'id' Parameter SQL Injection",2008-02-25,S@BUN,php,webapps,0 +31295,platforms/php/webapps/31295.txt,"Joomla! / Mambo Component com_wines 1.0 - 'id' Parameter SQL Injection",2008-02-25,S@BUN,php,webapps,0 31296,platforms/php/webapps/31296.txt,"Galore Simple Shop 3.1 - 'section' Parameter SQL Injection",2008-02-25,S@BUN,php,webapps,0 31297,platforms/php/webapps/31297.txt,"PHP-Nuke Sell Module - 'cid' Parameter SQL Injection",2008-02-25,"Aria-Security Team",php,webapps,0 31299,platforms/jsp/webapps/31299.txt,"Alkacon OpenCMS 7.0.3 - 'tree_files.jsp' Cross-Site Scripting",2008-02-25,nnposter,jsp,webapps,0 -31303,platforms/php/webapps/31303.txt,"Joomla! / Mambo Component 'com_inter' - 'id' Parameter SQL Injection",2008-02-25,The-0utl4w,php,webapps,0 +31303,platforms/php/webapps/31303.txt,"Joomla! / Mambo Component com_inter - 'id' Parameter SQL Injection",2008-02-25,The-0utl4w,php,webapps,0 31304,platforms/php/webapps/31304.txt,"Plume CMS 1.2.2 - 'manager/xmedia.php' Cross-Site Scripting",2008-02-21,"Omer Singer",php,webapps,0 31313,platforms/cgi/webapps/31313.txt,"Juniper Networks Secure Access 2000 Web - Root Full Path Disclosure",2008-02-28,"Richard Brain",cgi,webapps,0 31314,platforms/asp/webapps/31314.txt,"Flicks Software AuthentiX 6.3b1 - 'Username' Parameter Multiple Cross-Site Scripting Vulnerabilities",2008-02-28,"William Hicks",asp,webapps,0 @@ -32465,7 +32465,7 @@ id,file,description,date,author,platform,type,port 31404,platforms/asp/webapps/31404.txt,"Virtual Support Office XP 2 - 'MyIssuesView.asp' SQL Injection",2008-03-13,The-0utl4w,asp,webapps,0 31406,platforms/php/webapps/31406.txt,"SNewsCMS 2.x - 'search.php' Cross-Site Scripting",2008-03-17,medprostuda.ru,php,webapps,0 31408,platforms/php/webapps/31408.txt,"Cfnetgs 0.24 - 'index.php' Cross-Site Scripting",2008-03-17,ZoRLu,php,webapps,0 -31410,platforms/php/webapps/31410.txt,"Joomla! / Mambo Component 'com_guide' - 'category' Parameter SQL Injection",2008-03-17,The-0utl4w,php,webapps,0 +31410,platforms/php/webapps/31410.txt,"Joomla! / Mambo Component com_guide - 'category' Parameter SQL Injection",2008-03-17,The-0utl4w,php,webapps,0 31411,platforms/cgi/webapps/31411.txt,"RSA WebID 5.3 - 'IISWebAgentIF.dll' Cross-Site Scripting",2008-03-17,quentin.berdugo,cgi,webapps,0 31413,platforms/asp/webapps/31413.txt,"Imperva SecureSphere 5.0 - Cross-Site Scripting",2008-03-17,Berezniski,asp,webapps,0 31414,platforms/php/webapps/31414.txt,"phpStats 0.1_alpha - 'phpStats.php' Cross-Site Scripting",2008-03-18,"Hanno Boeck",php,webapps,0 @@ -32482,7 +32482,7 @@ id,file,description,date,author,platform,type,port 31427,platforms/php/webapps/31427.txt,"ownCloud 6.0.0a - Multiple Vulnerabilities",2014-02-05,absane,php,webapps,80 31430,platforms/hardware/webapps/31430.txt,"Inteno DG301 - Command Injection",2014-02-05,"Juan J. Guelfo",hardware,webapps,80 31431,platforms/php/webapps/31431.txt,"ImpressCMS 1.3.5 - Multiple Vulnerabilities",2014-02-05,"Pedro Ribeiro",php,webapps,80 -31435,platforms/php/webapps/31435.py,"Joomla! Component 'com_community' 2.6 - Code Execution",2014-02-05,"Matias Fontanini",php,webapps,80 +31435,platforms/php/webapps/31435.py,"Joomla! Component com_community 2.6 - Code Execution",2014-02-05,"Matias Fontanini",php,webapps,80 31436,platforms/php/webapps/31436.txt,"Pandora Fms 5.0RC1 - Remote Command Injection",2014-02-05,xistence,php,webapps,80 31438,platforms/java/webapps/31438.txt,"IBM Rational ClearQuest 7.0 - Multiple Parameters Multiple Cross-Site Scripting Vulnerabilities",2008-03-19,sasquatch,java,webapps,0 31439,platforms/php/webapps/31439.txt,"cPanel 11.18.3 - List Directories and Folders Information Disclosure",2008-03-18,Linux_Drox,php,webapps,0 @@ -32858,7 +32858,7 @@ id,file,description,date,author,platform,type,port 32004,platforms/php/webapps/32004.txt,"FaName 1.0 - 'index.php' Multiple Parameter Cross-Site Scripting",2008-06-30,"Jesper Jurcenoks",php,webapps,0 32005,platforms/php/webapps/32005.txt,"FaName 1.0 - 'page.php' name Parameter Cross-Site Scripting",2008-06-30,"Jesper Jurcenoks",php,webapps,0 32131,platforms/php/webapps/32131.txt,"ClipSharePro 4.1 - Local File Inclusion",2014-03-09,"Saadi Siddiqui",php,webapps,0 -32010,platforms/php/webapps/32010.txt,"Joomla! / Mambo Component 'com_is' 1.0.1 - Multiple SQL Injections",2008-07-02,"H-T Team",php,webapps,0 +32010,platforms/php/webapps/32010.txt,"Joomla! / Mambo Component com_is 1.0.1 - Multiple SQL Injections",2008-07-02,"H-T Team",php,webapps,0 32011,platforms/php/webapps/32011.txt,"DodosMail 2.5 - 'dodosmail.php' Local File Inclusion",2008-07-07,ahmadbady,php,webapps,0 32013,platforms/php/webapps/32013.txt,"Zoph 0.7.2.1 - Unspecified SQL Injection",2008-07-07,"Julian Rodriguez",php,webapps,0 32014,platforms/php/webapps/32014.txt,"Zoph 0.7.2.1 - search.php _off Parameter Cross-Site Scripting",2008-07-07,"Julian Rodriguez",php,webapps,0 @@ -32983,7 +32983,7 @@ id,file,description,date,author,platform,type,port 32184,platforms/asp/webapps/32184.txt,"KAPhotoservice - order.asp page Parameter Cross-Site Scripting",2008-08-06,by_casper41,asp,webapps,0 32185,platforms/asp/webapps/32185.txt,"KAPhotoservice - search.asp Filename Parameter Cross-Site Scripting",2008-08-06,by_casper41,asp,webapps,0 32186,platforms/php/webapps/32186.txt,"Quate CMS 0.3.4 - Multiple Cross-Site Scripting Vulnerabilities",2008-08-06,CraCkEr,php,webapps,0 -32187,platforms/php/webapps/32187.txt,"Joomla! / Mambo Component 'com_utchat' 0.2 - Multiple Remote File Inclusion",2008-08-06,by_casper41,php,webapps,0 +32187,platforms/php/webapps/32187.txt,"Joomla! / Mambo Component com_utchat 0.2 - Multiple Remote File Inclusion",2008-08-06,by_casper41,php,webapps,0 32188,platforms/php/webapps/32188.txt,"Multiple WebmasterSite Products - Remote Command Execution",2008-08-06,otmorozok428,php,webapps,0 32190,platforms/php/webapps/32190.txt,"Kshop 2.22 - 'kshop_search.php' Cross-Site Scripting",2008-08-06,Lostmon,php,webapps,0 32191,platforms/php/webapps/32191.txt,"PHP-Nuke Kleinanzeigen Module - 'lid' Parameter SQL Injection",2008-08-06,Lovebug,php,webapps,0 @@ -33687,7 +33687,7 @@ id,file,description,date,author,platform,type,port 33485,platforms/php/webapps/33485.txt,"Jamit Job Board - 'post_id' Parameter Cross-Site Scripting",2010-01-11,Crux,php,webapps,0 33486,platforms/php/webapps/33486.txt,"@lex Guestbook 5.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-11,"D3V!L FUCKER",php,webapps,0 33487,platforms/php/webapps/33487.txt,"PHPepperShop 2.5 - 'USER_ARTIKEL_HANDLING_AUFRUF.php' Cross-Site Scripting",2010-01-12,Crux,php,webapps,0 -33488,platforms/php/webapps/33488.txt,"Active Calendar 1.2 - '$_SERVER['PHP_SELF']' Variable Multiple Cross-Site Scripting Vulnerabilities",2010-01-11,"Martin Barbella",php,webapps,0 +33488,platforms/php/webapps/33488.txt,"Active Calendar 1.2 - '$_SERVER['PHP_SELF']' Multiple Cross-Site Scripting Vulnerabilities",2010-01-11,"Martin Barbella",php,webapps,0 33493,platforms/multiple/webapps/33493.txt,"Mayan-EDms web-based document management OS system - Multiple Persistent Cross-Site Scripting",2014-05-24,"Dolev Farhi",multiple,webapps,0 33494,platforms/cgi/webapps/33494.txt,"Web Terra 1.1 - books.cgi Remote Command Execution",2014-05-24,"felipe andrian",cgi,webapps,0 33582,platforms/php/webapps/33582.txt,"Joomla! Component com_rsgallery2 2.0 - 'catid' Parameter SQL Injection",2010-01-31,snakespc,php,webapps,0 @@ -33983,7 +33983,7 @@ id,file,description,date,author,platform,type,port 34067,platforms/php/webapps/34067.txt,"Smart Statistics 1.0 - 'smart_Statistics_admin.php' Cross-Site Scripting",2010-01-10,R3d-D3V!L,php,webapps,0 34068,platforms/php/webapps/34068.html,"CMS Made Simple 1.x - Cross-Site Scripting / Cross-Site Request Forgery",2010-01-01,"Truong Thao Nguyen",php,webapps,0 34070,platforms/php/webapps/34070.txt,"Datetopia Match Agency BiZ - Multiple Cross-Site Scripting Vulnerabilities",2010-01-07,R3d-D3V!L,php,webapps,0 -34071,platforms/php/webapps/34071.txt,"Joomla! Component 'com_sar_news' - 'id' Parameter SQL Injection",2010-06-02,LynX,php,webapps,0 +34071,platforms/php/webapps/34071.txt,"Joomla! Component com_sar_news - 'id' Parameter SQL Injection",2010-06-02,LynX,php,webapps,0 34072,platforms/php/webapps/34072.txt,"Hexjector 1.0.7.2 - 'hexjector.php' Cross-Site Scripting",2010-06-01,hexon,php,webapps,0 34073,platforms/php/webapps/34073.py,"TCExam 10.1.7 - 'admin/code/tce_functions_tcecode_editor.php' Arbitrary File Upload",2010-06-02,"John Leitch",php,webapps,0 34086,platforms/linux/webapps/34086.txt,"BitDefender GravityZone 5.1.5.386 - Multiple Vulnerabilities",2014-07-16,"SEC Consult",linux,webapps,443 @@ -34125,7 +34125,7 @@ id,file,description,date,author,platform,type,port 34288,platforms/php/webapps/34288.txt,"pragmaMX 0.1.11 - 'modules.php' Multiple SQL Injections",2009-12-22,"Hadi Kiamarsi",php,webapps,0 34289,platforms/php/webapps/34289.txt,"Web Cocoon simpleCMS - 'show.php' SQL Injection",2009-12-21,anonymous,php,webapps,0 34290,platforms/java/webapps/34290.txt,"Mac's CMS 1.1.4 - 'SearchString' Parameter Cross-Site Scripting",2010-07-11,10n1z3d,java,webapps,0 -34291,platforms/php/webapps/34291.txt,"Joomla! Component 'Rapid-Recipe' - HTML Injection",2010-07-10,Sid3^effects,php,webapps,0 +34291,platforms/php/webapps/34291.txt,"Joomla! Component Rapid-Recipe - HTML Injection",2010-07-10,Sid3^effects,php,webapps,0 34292,platforms/php/webapps/34292.txt,"eliteCMS 1.01 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-10,10n1z3d,php,webapps,0 34293,platforms/java/webapps/34293.txt,"dotDefender 4.02 - 'clave' Parameter Cross-Site Scripting",2010-07-12,"David K",java,webapps,0 34294,platforms/php/webapps/34294.txt,"WordPress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-09,"Jelmer de Hen",php,webapps,0 @@ -34262,8 +34262,8 @@ id,file,description,date,author,platform,type,port 34519,platforms/jsp/webapps/34519.txt,"ManageEngine EventLog Analyzer - Multiple Vulnerabilities",2014-09-01,"Hans-Martin Muench",jsp,webapps,8400 34524,platforms/php/webapps/34524.txt,"WordPress Plugin Huge-IT Image Gallery 1.0.1 - Authenticated SQL Injection",2014-09-02,"Claudio Viviani",php,webapps,80 34525,platforms/multiple/webapps/34525.txt,"Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting (Python Exploit)",2014-09-02,"Dolev Farhi",multiple,webapps,0 -34637,platforms/php/webapps/34637.txt,"Joomla! Component 'com_formmaker' 3.4 - SQL Injection",2014-09-12,"Claudio Viviani",php,webapps,0 -34684,platforms/php/webapps/34684.pl,"Joomla! Component 'com_spain' - 'nv' Parameter SQL Injection",2010-09-20,FL0RiX,php,webapps,0 +34637,platforms/php/webapps/34637.txt,"Joomla! Component com_formmaker 3.4 - SQL Injection",2014-09-12,"Claudio Viviani",php,webapps,0 +34684,platforms/php/webapps/34684.pl,"Joomla! Component com_spain - 'nv' Parameter SQL Injection",2010-09-20,FL0RiX,php,webapps,0 34531,platforms/php/webapps/34531.txt,"BlastChat Client 3.3 - Cross-Site Scripting",2010-08-25,"Aung Khant",php,webapps,0 34533,platforms/php/webapps/34533.txt,"Auto CMS 1.6 - 'autocms.php' Cross-Site Scripting",2010-08-23,"High-Tech Bridge SA",php,webapps,0 34534,platforms/php/webapps/34534.txt,"TCMS - Multiple Input Validation Vulnerabilities",2010-08-26,"High-Tech Bridge SA",php,webapps,0 @@ -34397,7 +34397,7 @@ id,file,description,date,author,platform,type,port 34705,platforms/php/webapps/34705.txt,"APBook 1.3 - Admin Login Multiple SQL Injections",2009-07-21,n3w7u,php,webapps,0 34706,platforms/php/webapps/34706.txt,"MyDLstore Meta Search Engine Script 1.0 - 'url' Parameter Remote File Inclusion",2009-07-21,Moudi,php,webapps,0 34707,platforms/php/webapps/34707.txt,"RadAFFILIATE Links - 'index.php' Cross-Site Scripting",2009-08-17,Moudi,php,webapps,0 -34708,platforms/php/webapps/34708.pl,"Joomla! Component 'com_tax' - 'eid' Parameter SQL Injection",2010-09-23,FL0RiX,php,webapps,0 +34708,platforms/php/webapps/34708.pl,"Joomla! Component com_tax - 'eid' Parameter SQL Injection",2010-09-23,FL0RiX,php,webapps,0 34709,platforms/php/webapps/34709.txt,"Astrology - 'celebrities.php' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 34710,platforms/php/webapps/34710.txt,"Paypal Shopping Cart Script - 'index.php' Multiple Parameter Cross-Site Scripting",2009-08-21,"599eme Man",php,webapps,0 34711,platforms/php/webapps/34711.txt,"Paypal Shopping Cart Script - 'index.php' cid Parameter SQL Injection",2009-08-21,"599eme Man",php,webapps,0 @@ -34435,8 +34435,8 @@ id,file,description,date,author,platform,type,port 34748,platforms/php/webapps/34748.txt,"Classified Linktrader Script - 'addlink.php' SQL Injection",2009-07-21,Moudi,php,webapps,0 34749,platforms/php/webapps/34749.txt,"CJ Dynamic Poll Pro 2.0 - 'admin_index.php' Cross-Site Scripting",2009-07-21,Moudi,php,webapps,0 34753,platforms/asp/webapps/34753.py,"Onlineon E-Ticaret - Database Disclosure",2014-09-24,ZoRLu,asp,webapps,80 -34754,platforms/php/webapps/34754.py,"Joomla! Component 'com_facegallery' 1.0 - Multiple Vulnerabilities",2014-09-24,"Claudio Viviani",php,webapps,80 -34755,platforms/php/webapps/34755.py,"Joomla! Component 'com_macgallery' 1.5 - Arbitrary File Download",2014-09-24,"Claudio Viviani",php,webapps,80 +34754,platforms/php/webapps/34754.py,"Joomla! Component com_facegallery 1.0 - Multiple Vulnerabilities",2014-09-24,"Claudio Viviani",php,webapps,80 +34755,platforms/php/webapps/34755.py,"Joomla! Component com_macgallery 1.5 - Arbitrary File Download",2014-09-24,"Claudio Viviani",php,webapps,80 34758,platforms/php/webapps/34758.txt,"Glype 1.4.9 - Cookie Injection Directory Traversal Local File Inclusion",2014-09-24,Securify,php,webapps,80 34759,platforms/php/webapps/34759.txt,"Glype 1.4.9 - Local Address Filter Bypass",2014-09-24,Securify,php,webapps,80 34760,platforms/php/webapps/34760.txt,"Restaurant Script (PizzaInn Project) - Persistent Cross-Site Scripting",2014-09-24,"Kenneth F. Belva",php,webapps,80 @@ -34486,7 +34486,7 @@ id,file,description,date,author,platform,type,port 34977,platforms/php/webapps/34977.txt,"WordPress Plugin jRSS Widget 1.1.1 - 'url' Parameter Information Disclosure",2010-11-08,"John Leitch",php,webapps,0 34827,platforms/php/webapps/34827.txt,"Recipe Script 5.0 - 'First Name' HTML Injection",2009-06-15,"ThE g0bL!N",php,webapps,0 34828,platforms/php/webapps/34828.txt,"Backbone Technology Expression 18.9.2010 - Cross-Site Scripting",2010-10-06,"High-Tech Bridge SA",php,webapps,0 -34833,platforms/php/webapps/34833.txt,"Joomla! / Mambo Component 'com_trade' - 'PID' Parameter Cross-Site Scripting",2010-10-11,FL0RiX,php,webapps,0 +34833,platforms/php/webapps/34833.txt,"Joomla! / Mambo Component com_trade - 'PID' Parameter Cross-Site Scripting",2010-10-11,FL0RiX,php,webapps,0 34834,platforms/jsp/webapps/34834.txt,"Oracle Fusion Middleware 10.1.2/10.1.3 - BPEL Console Cross-Site Scripting",2010-10-12,"Alexander Polyakov",jsp,webapps,0 34837,platforms/php/webapps/34837.txt,"Joomla! Component Jstore - 'Controller' Parameter Local File Inclusion",2010-10-13,jos_ali_joe,php,webapps,0 34839,platforms/cgi/webapps/34839.py,"IPFire - Cgi Web Interface Authenticated Bash Environment Variable Code Injection",2014-10-01,"Claudio Viviani",cgi,webapps,0 @@ -34596,7 +34596,7 @@ id,file,description,date,author,platform,type,port 35016,platforms/php/webapps/35016.txt,"Easy Banner 2009.05.18 - 'member.php' Multiple Parameter SQL Injection / Authentication Bypass",2010-11-26,"Aliaksandr Hartsuyeu",php,webapps,0 35017,platforms/php/webapps/35017.txt,"Easy Banner 2009.05.18 - 'index.php' Multiple Parameter Cross-Site Scripting",2010-11-26,"Aliaksandr Hartsuyeu",php,webapps,0 35025,platforms/php/webapps/35025.html,"Car Portal 2.0 - 'car_make' Parameter Cross-Site Scripting",2010-11-29,"Underground Stockholm",php,webapps,0 -35026,platforms/php/webapps/35026.txt,"Joomla! Component 'com_storedirectory' - 'id' Parameter SQL Injection",2010-11-30,XroGuE,php,webapps,0 +35026,platforms/php/webapps/35026.txt,"Joomla! Component com_storedirectory - 'id' Parameter SQL Injection",2010-11-30,XroGuE,php,webapps,0 35027,platforms/php/webapps/35027.txt,"E-lokaler CMS 2 - Admin Login Multiple SQL Injections",2010-11-26,ali_err0r,php,webapps,0 35028,platforms/php/webapps/35028.txt,"SmartBox - 'page_id' Parameter SQL Injection",2010-11-26,KnocKout,php,webapps,0 35031,platforms/asp/webapps/35031.txt,"BugTracker.NET 3.4.4 - SQL Injection / Cross-Site Scripting",2010-11-30,BugTracker.NET,asp,webapps,0 @@ -34645,7 +34645,7 @@ id,file,description,date,author,platform,type,port 35093,platforms/cgi/webapps/35093.txt,"BizDir 05.10 - 'f_srch' Parameter Cross-Site Scripting",2010-12-10,"Aliaksandr Hartsuyeu",cgi,webapps,0 35094,platforms/php/webapps/35094.txt,"slickMsg 0.7-alpha - 'top.php' Cross-Site Scripting",2010-12-10,"Aliaksandr Hartsuyeu",php,webapps,0 35096,platforms/php/webapps/35096.txt,"Joomla! Component com_mailto - Multiple Cross-Site Scripting Vulnerabilities",2010-12-10,MustLive,php,webapps,0 -35097,platforms/php/webapps/35097.txt,"Joomla! Component 'com_redirect' 1.5.19 - Local File Inclusion",2010-12-13,jos_ali_joe,php,webapps,0 +35097,platforms/php/webapps/35097.txt,"Joomla! Component com_redirect 1.5.19 - Local File Inclusion",2010-12-13,jos_ali_joe,php,webapps,0 35098,platforms/php/webapps/35098.txt,"Enalean Tuleap 7.4.99.5 - Blind SQL Injection",2014-10-28,Portcullis,php,webapps,80 35099,platforms/php/webapps/35099.txt,"Enalean Tuleap 7.2 - XXE File Disclosure",2014-10-28,Portcullis,php,webapps,80 35100,platforms/php/webapps/35100.txt,"Enalean Tuleap 7.4.99.5 - Remote Command Execution",2014-10-28,Portcullis,php,webapps,80 @@ -34721,7 +34721,7 @@ id,file,description,date,author,platform,type,port 35221,platforms/php/webapps/35221.txt,"Piwigo 2.6.0 - 'picture.php rate' Parameter SQL Injection",2014-11-13,"Manuel García Cárdenas",php,webapps,80 35218,platforms/php/webapps/35218.txt,"WordPress Plugin SupportEzzy Ticket System 1.2.5 - Persistent Cross-Site Scripting",2014-11-12,"Halil Dalabasmaz",php,webapps,80 35219,platforms/multiple/webapps/35219.txt,"Proticaret E-Commerce Script 3.0 - SQL Injection (1)",2014-11-13,"Onur Alanbel (BGA)",multiple,webapps,0 -35220,platforms/multiple/webapps/35220.txt,"Joomla! Component 'com_hdflvplayer' < 2.1.0.1 - SQL Injection",2014-11-13,"Claudio Viviani",multiple,webapps,0 +35220,platforms/multiple/webapps/35220.txt,"Joomla! Component com_hdflvplayer < 2.1.0.1 - SQL Injection",2014-11-13,"Claudio Viviani",multiple,webapps,0 35222,platforms/jsp/webapps/35222.txt,"F5 BIG-IP 10.1.0 - Directory Traversal",2014-11-13,"Anastasios Monachos",jsp,webapps,0 35223,platforms/php/webapps/35223.txt,"Digi Online Examination System 2.0 - Unrestricted Arbitrary File Upload",2014-11-13,"Halil Dalabasmaz",php,webapps,80 35224,platforms/php/webapps/35224.txt,"MyBB 1.8.x - Multiple Vulnerabilities",2014-11-13,smash,php,webapps,80 @@ -34733,9 +34733,9 @@ id,file,description,date,author,platform,type,port 35238,platforms/multiple/webapps/35238.txt,"Gogs - users and repos q SQL Injection",2014-11-14,"Timo Schmid",multiple,webapps,0 35239,platforms/php/webapps/35239.txt,"phpCMS 2008 V2 - 'data.php' SQL Injection",2011-01-17,R3d-D3V!L,php,webapps,0 35245,platforms/php/webapps/35245.txt,"PHPAuctions - 'viewfaqs.php' SQL Injection",2011-01-19,"BorN To K!LL",php,webapps,0 -35246,platforms/php/webapps/35246.py,"Joomla! Component 'com_hdflvplayer' < 2.1.0.1 - Arbitrary File Download",2014-11-15,"Claudio Viviani",php,webapps,0 +35246,platforms/php/webapps/35246.py,"Joomla! Component com_hdflvplayer < 2.1.0.1 - Arbitrary File Download",2014-11-15,"Claudio Viviani",php,webapps,0 35248,platforms/multiple/webapps/35248.txt,"clientResponse Client Management 4.1 - Cross-Site Scripting",2014-11-15,"Halil Dalabasmaz",multiple,webapps,0 -35293,platforms/php/webapps/35293.txt,"Joomla! Component 'com_virtuemart' 1.1.6 - SQL Injection",2011-01-31,"Andrea Fabrizi",php,webapps,0 +35293,platforms/php/webapps/35293.txt,"Joomla! Component com_virtuemart 1.1.6 - SQL Injection",2011-01-31,"Andrea Fabrizi",php,webapps,0 35288,platforms/php/webapps/35288.txt,"WordPress Plugin oQey-Gallery 0.2 - 'tbpv_domain' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 35289,platforms/php/webapps/35289.txt,"WordPress Plugin FCChat Widget 2.1.7 - 'path' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 35290,platforms/php/webapps/35290.txt,"SimpGB 1.49.2 - 'Guestbook.php' Multiple Cross-Site Scripting Vulnerabilities",2011-01-26,MustLive,php,webapps,0 @@ -35064,7 +35064,7 @@ id,file,description,date,author,platform,type,port 35791,platforms/php/webapps/35791.txt,"Ajax Chat 1.0 - 'ajax-chat.php' Cross-Site Scripting",2011-05-24,"High-Tech Bridge SA",php,webapps,0 35803,platforms/php/webapps/35803.txt,"Cotonti 0.9.2 - Multiple SQL Injections",2011-05-30,KedAns-Dz,php,webapps,0 35796,platforms/php/webapps/35796.txt,"MidiCMS Website Builder - Local File Inclusion / Arbitrary File Upload",2011-05-25,KedAns-Dz,php,webapps,0 -35797,platforms/php/webapps/35797.txt,"Joomla! Component 'com_shop' - SQL Injection",2011-05-25,"ThunDEr HeaD",php,webapps,0 +35797,platforms/php/webapps/35797.txt,"Joomla! Component com_shop - SQL Injection",2011-05-25,"ThunDEr HeaD",php,webapps,0 35798,platforms/php/webapps/35798.txt,"Kryn.cms 0.9 - '_kurl' Parameter Cross-Site Scripting",2011-05-25,"AutoSec Tools",php,webapps,0 35802,platforms/cgi/webapps/35802.txt,"BlackBoard Learn 8.0 - 'keywordraw' Parameter Cross-Site Scripting",2011-05-25,"Matt Jezorek",cgi,webapps,0 35807,platforms/asp/webapps/35807.txt,"Kentico CMS 5.5R2.23 - 'userContextMenu_Parameter' Parameter Cross-Site Scripting",2011-05-31,LiquidWorm,asp,webapps,0 @@ -35077,7 +35077,7 @@ id,file,description,date,author,platform,type,port 35824,platforms/php/webapps/35824.txt,"vBulletin vBExperience 3 - 'sortorder' Parameter Cross-Site Scripting",2011-06-06,Mr.ThieF,php,webapps,0 35985,platforms/php/webapps/35985.txt,"Support Incident Tracker (SiT!) 3.63 p1 - report_marketing.php exc[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 35986,platforms/php/webapps/35986.txt,"Support Incident Tracker (SiT!) 3.63 p1 - billable_incidents.php sites[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 -35984,platforms/php/webapps/35984.txt,"Joomla! Component 'com_virtualmoney' 1.5 - SQL Injection",2011-07-25,FL0RiX,php,webapps,0 +35984,platforms/php/webapps/35984.txt,"Joomla! Component com_virtualmoney 1.5 - SQL Injection",2011-07-25,FL0RiX,php,webapps,0 35826,platforms/php/webapps/35826.txt,"Joomla! Component CCBoard - SQL Injection / Arbitrary File Upload",2011-06-06,KedAns-Dz,php,webapps,0 35829,platforms/php/webapps/35829.txt,"Nakid CMS 1.0.2 - 'CKEditorFuncNum' Parameter Cross-Site Scripting",2011-06-06,"AutoSec Tools",php,webapps,0 35830,platforms/php/webapps/35830.txt,"Multiple WordPress WooThemes Themes - 'test.php' Cross-Site Scripting",2011-06-06,MustLive,php,webapps,0 @@ -35141,7 +35141,7 @@ id,file,description,date,author,platform,type,port 35923,platforms/asp/webapps/35923.txt,"Paliz Portal - Cross-Site Scripting / Multiple SQL Injections",2011-07-02,Net.Edit0r,asp,webapps,0 35926,platforms/asp/webapps/35926.txt,"eTAWASOL - 'id' Parameter SQL Injection",2011-07-03,Bl4ck.Viper,asp,webapps,0 35927,platforms/php/webapps/35927.txt,"Classified Script - c-BrowseClassified URL Cross-Site Scripting",2011-07-05,"Raghavendra Karthik D",php,webapps,0 -35929,platforms/php/webapps/35929.txt,"Joomla! Component 'com_voj' - SQL Injection",2011-07-08,CoBRa_21,php,webapps,0 +35929,platforms/php/webapps/35929.txt,"Joomla! Component com_voj - SQL Injection",2011-07-08,CoBRa_21,php,webapps,0 35930,platforms/php/webapps/35930.txt,"Prontus CMS - 'page' Parameter Cross-Site Scripting",2011-07-11,Zerial,php,webapps,0 35931,platforms/php/webapps/35931.txt,"ICMusic 1.2 - 'music_id' Parameter SQL Injection",2011-07-11,kaMtiEz,php,webapps,0 35933,platforms/hardware/webapps/35933.txt,"ManageEngine Firewall Analyzer 8.0 - Directory Traversal / Cross-Site Scripting",2015-01-29,"Sepahan TelCom IT Group",hardware,webapps,0 @@ -35184,7 +35184,7 @@ id,file,description,date,author,platform,type,port 36009,platforms/php/webapps/36009.txt,"mt LinkDatenbank - 'b' Parameter Cross-Site Scripting",2011-08-03,Err0R,php,webapps,0 36010,platforms/asp/webapps/36010.txt,"BESNI OKUL PORTAL - 'sayfa.asp' Cross-Site Scripting",2011-08-03,Err0R,asp,webapps,0 36011,platforms/asp/webapps/36011.txt,"Ataccan E-Ticaret Scripti - 'id' Parameter SQL Injection",2011-08-03,Err0R,asp,webapps,0 -36012,platforms/php/webapps/36012.txt,"Joomla! Component 'com_xeslidegalfx' - 'id' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0 +36012,platforms/php/webapps/36012.txt,"Joomla! Component com_xeslidegalfx - 'id' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0 36015,platforms/php/webapps/36015.txt,"Joomla! Component com_community - 'userid' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0 36017,platforms/php/webapps/36017.txt,"HESK 2.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-03,"High-Tech Bridge SA",php,webapps,0 36018,platforms/php/webapps/36018.txt,"WordPress Plugin WP E-Commerce 3.8.6 - 'cart_messages[]' Parameter Cross-Site Scripting",2011-08-04,"High-Tech Bridge SA",php,webapps,0 @@ -35337,12 +35337,12 @@ id,file,description,date,author,platform,type,port 36216,platforms/php/webapps/36216.txt,"Jaws 0.8.14 - Multiple Remote File Inclusion",2011-10-10,indoushka,php,webapps,0 36220,platforms/php/webapps/36220.txt,"Joomla! Component com_tree - 'key' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0 36221,platforms/php/webapps/36221.txt,"Joomla! Component com_br - 'state_id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0 -36222,platforms/php/webapps/36222.txt,"Joomla! Component 'com_shop' - 'id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0 +36222,platforms/php/webapps/36222.txt,"Joomla! Component com_shop - 'id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0 36223,platforms/php/webapps/36223.txt,"2Moons 1.4 - Multiple Remote File Inclusion",2011-10-11,indoushka,php,webapps,0 36224,platforms/php/webapps/36224.txt,"6KBBS 8.0 build 20101201 - Cross-Site Scripting / Information Disclosure",2011-10-10,"labs insight",php,webapps,0 36225,platforms/php/webapps/36225.txt,"ContaoCMS 2.10.1 - Cross-Site Scripting",2011-10-02,"Stefan Schurtz",php,webapps,0 36226,platforms/php/webapps/36226.txt,"Silverstripe CMS 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-11,"Stefan Schurtz",php,webapps,0 -36227,platforms/php/webapps/36227.txt,"Joomla! Component 'com_sgicatalog' 1.0 - 'id' Parameter SQL Injection",2011-10-12,"BHG Security Center",php,webapps,0 +36227,platforms/php/webapps/36227.txt,"Joomla! Component com_sgicatalog 1.0 - 'id' Parameter SQL Injection",2011-10-12,"BHG Security Center",php,webapps,0 36228,platforms/php/webapps/36228.txt,"BugFree 2.1.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-12,"High-Tech Bridge SA",php,webapps,0 36230,platforms/php/webapps/36230.txt,"WordPress Plugin Calculated Fields Form 1.0.10 - SQL Injection",2015-03-02,"Ibrahim Raafat",php,webapps,0 36231,platforms/php/webapps/36231.py,"GoAutoDial CE 2.0 - Arbitrary File Upload",2015-02-28,R-73eN,php,webapps,0 @@ -35440,7 +35440,7 @@ id,file,description,date,author,platform,type,port 36369,platforms/xml/webapps/36369.txt,"Citrix Netscaler NS10.5 - WAF Bypass (Via HTTP Header Pollution)",2015-03-12,"BGA Security",xml,webapps,0 36371,platforms/php/webapps/36371.txt,"Codiad 2.5.3 - Local File Inclusion",2015-03-12,"TUNISIAN CYBER",php,webapps,0 36372,platforms/php/webapps/36372.txt,"WordPress Theme DesignFolio Plus 1.2 - Arbitrary File Upload",2015-03-04,CrashBandicot,php,webapps,0 -36373,platforms/php/webapps/36373.txt,"Joomla! Component 'com_simplephotogallery' 1.0 - Arbitrary File Upload",2015-03-10,CrashBandicot,php,webapps,0 +36373,platforms/php/webapps/36373.txt,"Joomla! Component com_simplephotogallery 1.0 - Arbitrary File Upload",2015-03-10,CrashBandicot,php,webapps,0 36374,platforms/php/webapps/36374.txt,"WordPress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload",2015-03-08,CrashBandicot,php,webapps,0 36375,platforms/asp/webapps/36375.txt,"Virtual Vertex Muster 6.1.6 - Web Interface Directory Traversal",2011-11-29,"Nick Freeman",asp,webapps,0 36379,platforms/php/webapps/36379.txt,"OrangeHRM 2.6.11 - 'index.php' Multiple Parameter Cross-Site Scripting",2011-11-30,"High-Tech Bridge SA",php,webapps,0 @@ -35449,7 +35449,7 @@ id,file,description,date,author,platform,type,port 36382,platforms/php/webapps/36382.txt,"WordPress Plugin 1-jquery-photo-gallery-Slideshow-flash 1.01 - Cross-Site Scripting",2011-11-30,Am!r,php,webapps,0 36383,platforms/php/webapps/36383.txt,"WordPress Plugin flash-album-gallery - 'facebook.php' Cross-Site Scripting",2011-11-30,Am!r,php,webapps,0 36384,platforms/php/webapps/36384.txt,"SugarCRM Community Edition 6.3.0RC1 - 'index.php' Multiple SQL Injections",2011-11-30,"High-Tech Bridge SA",php,webapps,0 -36385,platforms/php/webapps/36385.txt,"Joomla! Component 'com_simplephotogallery' 1.0 - SQL Injection",2015-03-16,"Moneer Masoud",php,webapps,0 +36385,platforms/php/webapps/36385.txt,"Joomla! Component com_simplephotogallery 1.0 - SQL Injection",2015-03-16,"Moneer Masoud",php,webapps,0 36386,platforms/php/webapps/36386.txt,"Smart PHP Poll - Authentication Bypass",2015-03-16,"Mr.tro0oqy yemen",php,webapps,0 36406,platforms/php/webapps/36406.txt,"Elxis CMS 2009 - 'index.php' task Parameter Cross-Site Scripting",2011-12-05,"Ewerson Guimaraes",php,webapps,0 36481,platforms/php/webapps/36481.txt,"WordPress Plugin TheCartPress 1.6 - 'OptionsPostsList.php' Cross-Site Scripting",2011-12-31,6Scan,php,webapps,0 @@ -35498,7 +35498,7 @@ id,file,description,date,author,platform,type,port 36464,platforms/php/webapps/36464.txt,"Joomla! Component Spider FAQ - SQL Injection",2015-03-22,"Manish Tanwar",php,webapps,0 36466,platforms/php/webapps/36466.txt,"WordPress Plugin Marketplace 2.4.0 - Arbitrary File Download",2015-03-22,"Kacper Szurek",php,webapps,0 36468,platforms/php/webapps/36468.txt,"PHP Booking Calendar 10e - 'page_info_message' Parameter Cross-Site Scripting",2011-12-19,G13,php,webapps,0 -36469,platforms/php/webapps/36469.txt,"Joomla! Component 'com_tsonymf' - 'idofitem' Parameter SQL Injection",2011-12-20,CoBRa_21,php,webapps,0 +36469,platforms/php/webapps/36469.txt,"Joomla! Component com_tsonymf - 'idofitem' Parameter SQL Injection",2011-12-20,CoBRa_21,php,webapps,0 36470,platforms/php/webapps/36470.txt,"Tiki Wiki CMS Groupware 8.1 - 'show_errors' Parameter HTML Injection",2011-12-20,"Stefan Schurtz",php,webapps,0 36471,platforms/php/webapps/36471.txt,"PHPShop CMS 3.4 - Multiple Cross-Site Scripting / SQL Injection",2011-12-20,"High-Tech Bridge SA",php,webapps,0 36472,platforms/php/webapps/36472.txt,"Joomla! Component com_caproductprices - 'id' Parameter SQL Injection",2011-12-20,CoBRa_21,php,webapps,0 @@ -35547,14 +35547,14 @@ id,file,description,date,author,platform,type,port 36544,platforms/php/webapps/36544.txt,"Kayako SupportSuite 3.x - Multiple Vulnerabilities",2012-01-11,"Yuri Goltsev",php,webapps,0 36547,platforms/asp/webapps/36547.txt,"MailEnable 6.02 - 'ForgottonPassword.aspx' Cross-Site Scripting",2012-01-12,"Sajjad Pourali",asp,webapps,0 36548,platforms/java/webapps/36548.txt,"Contus Job Portal - 'Category' Parameter SQL Injection",2012-01-13,Lazmania61,java,webapps,0 -36549,platforms/php/webapps/36549.txt,"Joomla! Component 'com_contushdvideoshare' 1.3 - 'id' Parameter SQL Injection",2012-01-12,Lazmania61,php,webapps,0 +36549,platforms/php/webapps/36549.txt,"Joomla! Component com_contushdvideoshare 1.3 - 'id' Parameter SQL Injection",2012-01-12,Lazmania61,php,webapps,0 36550,platforms/php/webapps/36550.txt,"PHP Membership Site Manager Script 2.1 - 'index.php' Cross-Site Scripting",2012-01-16,Atmon3r,php,webapps,0 36551,platforms/php/webapps/36551.txt,"PHP Ringtone Website - 'ringtones.php' Multiple Cross-Site Scripting Vulnerabilities",2012-01-15,Atmon3r,php,webapps,0 36552,platforms/php/webapps/36552.txt,"BoltWire 3.4.16 - Multiple 'index.php' Cross-Site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 36553,platforms/java/webapps/36553.java,"JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution",2015-03-30,ikki,java,webapps,0 36554,platforms/php/webapps/36554.txt,"WordPress Plugin Slider REvolution 4.1.4 - Arbitrary File Download",2015-03-30,"Claudio Viviani",php,webapps,0 36559,platforms/php/webapps/36559.txt,"WordPress Plugin aspose-doc-exporter 1.0 - Arbitrary File Download",2015-03-30,ACC3SS,php,webapps,0 -36560,platforms/php/webapps/36560.txt,"Joomla! Component 'com_gallery_wd' - SQL Injection",2015-03-30,CrashBandicot,php,webapps,0 +36560,platforms/php/webapps/36560.txt,"Joomla! Component com_gallery_wd - SQL Injection",2015-03-30,CrashBandicot,php,webapps,0 36561,platforms/php/webapps/36561.txt,"Joomla! Component Contact Form Maker 1.0.1 - SQL Injection",2015-03-30,"TUNISIAN CYBER",php,webapps,0 36565,platforms/php/webapps/36565.txt,"ATutor 2.0.3 - Multiple Cross-Site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 36566,platforms/php/webapps/36566.txt,"Beehive Forum 101 - Multiple Cross-Site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 @@ -35578,15 +35578,15 @@ id,file,description,date,author,platform,type,port 36590,platforms/php/webapps/36590.txt,"Tribiq CMS - 'index.php' SQL Injection",2012-01-21,"Skote Vahshat",php,webapps,0 36591,platforms/php/webapps/36591.txt,"Joomla! Component Full - 'id' Parameter SQL Injection",2012-01-21,the_cyber_nuxbie,php,webapps,0 36592,platforms/php/webapps/36592.txt,"Joomla! Component Vik Real Estate 1.0 - Multiple SQL Injections",2012-01-21,the_cyber_nuxbie,php,webapps,0 -36593,platforms/php/webapps/36593.txt,"Joomla! Component 'com_xball' - 'team_id' Parameter SQL Injection",2012-01-23,CoBRa_21,php,webapps,0 +36593,platforms/php/webapps/36593.txt,"Joomla! Component com_xball - 'team_id' Parameter SQL Injection",2012-01-23,CoBRa_21,php,webapps,0 36594,platforms/php/webapps/36594.txt,"Joomla! Component com_boss - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 36595,platforms/php/webapps/36595.txt,"Joomla! Component com_car - Multiple SQL Injections",2012-01-21,the_cyber_nuxbie,php,webapps,0 -36596,platforms/php/webapps/36596.txt,"Joomla! Component 'com_some' - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 +36596,platforms/php/webapps/36596.txt,"Joomla! Component com_some - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 36597,platforms/php/webapps/36597.txt,"Joomla! Component com_bulkenquery - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 36598,platforms/php/webapps/36598.txt,"Joomla! Component com_kp - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 36599,platforms/asp/webapps/36599.txt,"Raven 1.0 - 'connector.asp' Arbitrary File Upload",2012-01-21,HELLBOY,asp,webapps,0 36600,platforms/php/webapps/36600.txt,"WordPress Plugin Business Intelligence - SQL Injection (Metasploit)",2015-04-02,"Jagriti Sahu",php,webapps,80 -36601,platforms/php/webapps/36601.txt,"Joomla! Component 'com_rand' - SQL Injection",2015-04-02,"Jagriti Sahu",php,webapps,80 +36601,platforms/php/webapps/36601.txt,"Joomla! Component com_rand - SQL Injection",2015-04-02,"Jagriti Sahu",php,webapps,80 36620,platforms/php/webapps/36620.txt,"WordPress Plugin YouSayToo auto-publishing 1.0 - 'submit' Parameter Cross-Site Scripting",2012-01-24,"H4ckCity Security Team",php,webapps,0 36609,platforms/multiple/webapps/36609.txt,"Kemp Load Master 7.1.16 - Multiple Vulnerabilities",2015-04-02,"Roberto Suggi Liverani",multiple,webapps,80 36610,platforms/php/webapps/36610.txt,"WordPress Plugin Video Gallery 2.8 - Multiple Cross-Site Request Forgery Vulnerabilities",2015-04-02,Divya,php,webapps,80 @@ -35607,13 +35607,13 @@ id,file,description,date,author,platform,type,port 36627,platforms/php/webapps/36627.txt,"DClassifieds 0.1 final - Cross-Site Request Forgery",2012-01-25,"High-Tech Bridge SA",php,webapps,0 36628,platforms/php/webapps/36628.txt,"vBadvanced CMPS 3.2.2 - 'vba_cmps_include_bottom.php' Remote File Inclusion",2012-01-25,PacketiK,php,webapps,0 36629,platforms/php/webapps/36629.txt,"Joomla! Component com_motor - 'cid' Parameter SQL Injection",2012-01-26,the_cyber_nuxbie,php,webapps,0 -36630,platforms/php/webapps/36630.txt,"Joomla! Component 'com_products' - Multiple SQL Injections",2012-01-26,the_cyber_nuxbie,php,webapps,0 +36630,platforms/php/webapps/36630.txt,"Joomla! Component com_products - Multiple SQL Injections",2012-01-26,the_cyber_nuxbie,php,webapps,0 36631,platforms/php/webapps/36631.txt,"WordPress Plugin Slideshow Gallery 1.1.x - 'border' Parameter Cross-Site Scripting",2012-01-26,"Bret Hawk",php,webapps,0 36632,platforms/php/webapps/36632.txt,"xClick Cart 1.0.x - 'shopping_url' Parameter Cross-Site Scripting",2012-01-26,sonyy,php,webapps,0 -36634,platforms/php/webapps/36634.txt,"Joomla! Component 'com_visa' - Local File Inclusion / SQL Injection",2012-01-28,the_cyber_nuxbie,php,webapps,0 +36634,platforms/php/webapps/36634.txt,"Joomla! Component com_visa - Local File Inclusion / SQL Injection",2012-01-28,the_cyber_nuxbie,php,webapps,0 36635,platforms/php/webapps/36635.txt,"Joomla! Component com_firmy - 'Id' Parameter SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0 36638,platforms/php/webapps/36638.txt,"Joomla! Component com_crhotels - 'catid' Parameter SQL Injection",2012-01-31,the_cyber_nuxbie,php,webapps,0 -36639,platforms/php/webapps/36639.txt,"Joomla! Component 'com_propertylab' - 'id' Parameter SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0 +36639,platforms/php/webapps/36639.txt,"Joomla! Component com_propertylab - 'id' Parameter SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0 36640,platforms/php/webapps/36640.txt,"WordPress Plugin Work The Flow File Upload 2.5.2 - Arbitrary File Upload",2015-04-05,"Claudio Viviani",php,webapps,0 36641,platforms/php/webapps/36641.txt,"u-Auctions - Multiple Vulnerabilities",2015-04-05,*Don*,php,webapps,0 36642,platforms/php/webapps/36642.txt,"Joomla! Component com_bbs - Multiple SQL Injections",2012-01-30,the_cyber_nuxbie,php,webapps,0 @@ -35746,14 +35746,14 @@ id,file,description,date,author,platform,type,port 36823,platforms/php/webapps/36823.txt,"WordPress Plugin Ultimate Product Catalogue - Unauthenticated SQL Injection (1)",2015-04-23,"Felipe Molina",php,webapps,0 36824,platforms/php/webapps/36824.txt,"WordPress Plugin Ultimate Product Catalogue - Unauthenticated SQL Injection (2)",2015-04-23,"Felipe Molina",php,webapps,0 36830,platforms/php/webapps/36830.txt,"Impulsio CMS - 'id' Parameter SQL Injection",2012-02-16,sonyy,php,webapps,0 -36834,platforms/php/webapps/36834.txt,"Joomla! Component 'com_x-shop' - 'idd' Parameter SQL Injection",2012-02-18,KedAns-Dz,php,webapps,0 -36835,platforms/php/webapps/36835.txt,"Joomla! Component 'com_xcomp' - Local File Inclusion",2012-02-18,KedAns-Dz,php,webapps,0 +36834,platforms/php/webapps/36834.txt,"Joomla! Component com_x-shop - 'idd' Parameter SQL Injection",2012-02-18,KedAns-Dz,php,webapps,0 +36835,platforms/php/webapps/36835.txt,"Joomla! Component com_xcomp - Local File Inclusion",2012-02-18,KedAns-Dz,php,webapps,0 36844,platforms/php/webapps/36844.txt,"WordPress 4.2 - Persistent Cross-Site Scripting",2015-04-27,klikki,php,webapps,0 36842,platforms/php/webapps/36842.pl,"OTRS < 3.1.x / < 3.2.x / < 3.3.x - Persistent Cross-Site Scripting",2015-04-27,"Adam Ziaja",php,webapps,0 36994,platforms/cgi/webapps/36994.txt,"WebGlimpse 2.18.7 - 'DOC' Parameter Directory Traversal",2009-04-17,MustLive,cgi,webapps,0 36853,platforms/php/webapps/36853.txt,"Dolphin 7.0.x - viewFriends.php Multiple Parameter Cross-Site Scripting",2012-02-21,"Aung Khant",php,webapps,0 36854,platforms/php/webapps/36854.txt,"Dolphin 7.0.x - explanation.php explain Parameter Cross-Site Scripting",2012-02-21,"Aung Khant",php,webapps,0 -36856,platforms/php/webapps/36856.txt,"Joomla! Component 'com_xvs' - 'Controller' Parameter Local File Inclusion",2012-02-18,KedAns-Dz,php,webapps,0 +36856,platforms/php/webapps/36856.txt,"Joomla! Component com_xvs - 'Controller' Parameter Local File Inclusion",2012-02-18,KedAns-Dz,php,webapps,0 36860,platforms/php/webapps/36860.txt,"WordPress Plugin TheCartPress 1.3.9 - Multiple Vulnerabilities",2015-04-29,"High-Tech Bridge SA",php,webapps,80 36861,platforms/windows/webapps/36861.txt,"Wing FTP Server Admin 4.4.5 - Multiple Vulnerabilities",2015-04-29,hyp3rlinx,windows,webapps,5466 36862,platforms/php/webapps/36862.txt,"OS Solution OSProperty 2.8.0 - SQL Injection",2015-04-29,"Brandon Perry",php,webapps,80 @@ -35928,7 +35928,7 @@ id,file,description,date,author,platform,type,port 37255,platforms/php/webapps/37255.txt,"Pandora FMS 5.0/5.1 - Authentication Bypass",2015-06-10,"Manuel Mancera",php,webapps,0 37100,platforms/php/webapps/37100.txt,"Waylu CMS - 'products_xx.php' SQL Injection / HTML Injection",2012-04-20,TheCyberNuxbie,php,webapps,0 37101,platforms/php/webapps/37101.txt,"Joomla! Component CCNewsLetter 1.0.7 - 'id' Parameter SQL Injection",2012-04-23,E1nzte1N,php,webapps,0 -37102,platforms/php/webapps/37102.txt,"Joomla! Component 'com_videogallery' - Local File Inclusion / SQL Injection",2012-04-24,KedAns-Dz,php,webapps,0 +37102,platforms/php/webapps/37102.txt,"Joomla! Component com_videogallery - Local File Inclusion / SQL Injection",2012-04-24,KedAns-Dz,php,webapps,0 37103,platforms/php/webapps/37103.txt,"Concrete5 CMS 5.5.2.1 - Information Disclosure / SQL Injection / Cross-Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 37104,platforms/php/webapps/37104.txt,"gpEasy 2.3.3 - 'jsoncallback' Parameter Cross-Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 37105,platforms/php/webapps/37105.txt,"Quick.CMS 4.0 - 'p' Parameter Cross-Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 @@ -36093,21 +36093,21 @@ id,file,description,date,author,platform,type,port 37360,platforms/php/webapps/37360.txt,"GeniXCMS 0.0.3 - Cross-Site Scripting",2015-06-24,hyp3rlinx,php,webapps,80 37361,platforms/php/webapps/37361.txt,"WordPress Plugin Huge-IT Slider 2.7.5 - Multiple Vulnerabilities",2015-06-24,"i0akiN SEC-LABORATORY",php,webapps,0 37363,platforms/php/webapps/37363.txt,"GeniXCMS 0.0.3 - register.php SQL Injection",2015-06-24,cfreer,php,webapps,80 -37364,platforms/php/webapps/37364.txt,"Joomla! Component 'com_simpleimageupload' - Arbitrary File Upload",2015-06-24,CrashBandicot,php,webapps,80 +37364,platforms/php/webapps/37364.txt,"Joomla! Component com_simpleimageupload - Arbitrary File Upload",2015-06-24,CrashBandicot,php,webapps,80 37369,platforms/php/webapps/37369.txt,"Vesta Control Panel 0.9.8 - OS Command Injection",2015-06-24,"High-Tech Bridge SA",php,webapps,0 37370,platforms/php/webapps/37370.php,"WordPress Plugin FCChat Widget 2.2.x - 'upload.php' Arbitrary File Upload",2012-06-07,"Sammy FORGIT",php,webapps,0 37371,platforms/php/webapps/37371.php,"WordPress Plugin Picturesurf Gallery - 'upload.php' Arbitrary File Upload",2012-06-03,"Sammy FORGIT",php,webapps,0 37372,platforms/java/webapps/37372.html,"BMC Identity Management - Cross-Site Request Forgery",2012-06-11,"Travis Lee",java,webapps,0 37373,platforms/php/webapps/37373.php,"WordPress Plugin Contus Video Gallery - 'upload1.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 -37374,platforms/php/webapps/37374.txt,"Joomla! Component 'com_alphacontent' - 'limitstart' Parameter SQL Injection",2012-06-10,xDarkSton3x,php,webapps,0 +37374,platforms/php/webapps/37374.txt,"Joomla! Component com_alphacontent - 'limitstart' Parameter SQL Injection",2012-06-10,xDarkSton3x,php,webapps,0 37375,platforms/php/webapps/37375.php,"Joomla! Component Joomsport - SQL Injection / Arbitrary File Upload",2012-06-11,KedAns-Dz,php,webapps,0 37376,platforms/php/webapps/37376.php,"XOOPS Cube PROJECT FileManager - 'xupload.php' Arbitrary File Upload",2012-06-12,KedAns-Dz,php,webapps,0 37377,platforms/php/webapps/37377.php,"WordPress Plugin HD FLV Player - 'uploadVideo.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0 -37378,platforms/php/webapps/37378.php,"Joomla! Component 'com_simpleswfupload' - 'uploadhandler.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 -37379,platforms/php/webapps/37379.php,"Joomla! Component 'mod_artuploader' - 'upload.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 +37378,platforms/php/webapps/37378.php,"Joomla! Component com_simpleswfupload - 'uploadhandler.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 +37379,platforms/php/webapps/37379.php,"Joomla! Component mod_artuploader - 'upload.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 37380,platforms/php/webapps/37380.php,"Joomla! Component DentroVideo 1.2 - 'upload.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 -37381,platforms/php/webapps/37381.html,"Joomla! Component 'IDoEditor' - 'image.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0 -37382,platforms/php/webapps/37382.php,"Joomla! Component 'mod_jfancy' - 'script.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0 +37381,platforms/php/webapps/37381.html,"Joomla! Component IDoEditor - 'image.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0 +37382,platforms/php/webapps/37382.php,"Joomla! Component mod_jfancy - 'script.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0 37383,platforms/php/webapps/37383.php,"Joomla! Component Easy Flash Uploader - 'helper.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 37387,platforms/php/webapps/37387.txt,"Koha 3.20.1 - Multiple SQL Injections",2015-06-26,"Raschin Tavakoli_ Bernhard Garn_ Peter Aufner and Dimitris Simos",php,webapps,0 37388,platforms/php/webapps/37388.txt,"Koha 3.20.1 - Directory Traversal",2015-06-26,"Raschin Tavakoli_ Bernhard Garn_ Peter Aufner and Dimitris Simos",php,webapps,0 @@ -36151,7 +36151,7 @@ id,file,description,date,author,platform,type,port 37439,platforms/php/webapps/37439.txt,"Novius 5.0.1 - Multiple Vulnerabilities",2015-06-30,hyp3rlinx,php,webapps,80 37441,platforms/jsp/webapps/37441.txt,"WedgeOS 4.0.4 - Multiple Vulnerabilities",2015-06-30,Security-Assessment.com,jsp,webapps,0 37442,platforms/linux/webapps/37442.txt,"CollabNet Subversion Edge Management 4.0.11 - Local File Inclusion",2015-06-30,otr,linux,webapps,4434 -37443,platforms/php/webapps/37443.txt,"Joomla! Component 'com_szallasok' - 'id' Parameter SQL Injection",2012-06-21,CoBRa_21,php,webapps,0 +37443,platforms/php/webapps/37443.txt,"Joomla! Component com_szallasok - 'id' Parameter SQL Injection",2012-06-21,CoBRa_21,php,webapps,0 37444,platforms/php/webapps/37444.txt,"Cotonti - 'admin.php' SQL Injection",2012-06-22,AkaStep,php,webapps,0 37445,platforms/php/webapps/37445.txt,"CMS Lokomedia - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-06-22,the_cyber_nuxbie,php,webapps,0 37446,platforms/php/webapps/37446.txt,"Fiyo CMS 2.0_1.9.1 - SQL Injection",2015-06-30,cfreer,php,webapps,80 @@ -36240,7 +36240,7 @@ id,file,description,date,author,platform,type,port 37571,platforms/multiple/webapps/37571.txt,"Zenoss 3.2.1 - Multiple Vulnerabilities",2012-07-30,"Brendan Coles",multiple,webapps,0 37572,platforms/php/webapps/37572.txt,"Elefant CMS - 'id' Parameter Cross-Site Scripting",2012-08-03,PuN!Sh3r,php,webapps,0 37573,platforms/multiple/webapps/37573.txt,"Worksforweb iAuto - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-08-06,"Benjamin Kunz Mejri",multiple,webapps,0 -37575,platforms/php/webapps/37575.txt,"Joomla! Component 'com_photo' - Multiple SQL Injections",2012-08-06,"Chokri Ben Achor",php,webapps,0 +37575,platforms/php/webapps/37575.txt,"Joomla! Component com_photo - Multiple SQL Injections",2012-08-06,"Chokri Ben Achor",php,webapps,0 37577,platforms/asp/webapps/37577.txt,"PolarisCMS - 'WebForm_OnSubmit()' Cross-Site Scripting",2012-08-05,"Gjoko Krstic",asp,webapps,0 37578,platforms/php/webapps/37578.txt,"Open Constructor - users/users.php keyword Parameter Cross-Site Scripting",2012-08-04,"Lorenzo Cantoni",php,webapps,0 37579,platforms/php/webapps/37579.txt,"Open Constructor - data/file/edit.php result Parameter Cross-Site Scripting",2012-08-04,"Lorenzo Cantoni",php,webapps,0 @@ -36272,7 +36272,7 @@ id,file,description,date,author,platform,type,port 37615,platforms/php/webapps/37615.txt,"PBBoard - member_id Parameter Validation Password Manipulation",2012-08-08,"High-Tech Bridge",php,webapps,0 37616,platforms/php/webapps/37616.txt,"PBBoard - admin.php xml_name Parameter Arbitrary PHP Code Execution",2012-08-08,"High-Tech Bridge",php,webapps,0 37617,platforms/php/webapps/37617.txt,"dirLIST 0.3.0 - Local File Inclusion",2012-08-08,L0n3ly-H34rT,php,webapps,0 -37620,platforms/php/webapps/37620.txt,"Joomla! Component 'com_docman' - Multiple Vulnerabilities",2015-07-15,"Hugo Santiago",php,webapps,80 +37620,platforms/php/webapps/37620.txt,"Joomla! Component com_docman - Multiple Vulnerabilities",2015-07-15,"Hugo Santiago",php,webapps,80 37623,platforms/hardware/webapps/37623.txt,"15 TOTOLINK Router Models - Multiple Remote Code Execution Vulnerabilities",2015-07-16,"Pierre Kim",hardware,webapps,0 37624,platforms/hardware/webapps/37624.txt,"4 TOTOLINK Router Models - Cross-Site Request Forgery / Cross-Site Scripting",2015-07-16,"Pierre Kim",hardware,webapps,0 37625,platforms/hardware/webapps/37625.txt,"4 TOTOLINK Router Models - Backdoor Credentials",2015-07-16,"Pierre Kim",hardware,webapps,0 @@ -36305,7 +36305,7 @@ id,file,description,date,author,platform,type,port 37666,platforms/php/webapps/37666.txt,"Joomla! Component Helpdesk Pro < 1.4.0 - Multiple Vulnerabilities",2015-07-21,"Simon Rawet",php,webapps,80 37672,platforms/php/webapps/37672.txt,"JW Player - 'logo.link' Parameter Cross-Site Scripting",2012-08-29,MustLive,php,webapps,0 37674,platforms/php/webapps/37674.txt,"PHP Web Scripts Text Exchange Pro - 'page' Parameter Local File Inclusion",2012-08-24,"Yakir Wizman",php,webapps,0 -37675,platforms/php/webapps/37675.txt,"Joomla! Component 'Komento' - 'cid' Parameter SQL Injection",2012-08-27,Crim3R,php,webapps,0 +37675,platforms/php/webapps/37675.txt,"Joomla! Component Komento - 'cid' Parameter SQL Injection",2012-08-27,Crim3R,php,webapps,0 37676,platforms/asp/webapps/37676.txt,"Power-eCommerce - Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,asp,webapps,0 37677,platforms/php/webapps/37677.txt,"WordPress Plugin Finder - 'order' Parameter Cross-Site Scripting",2012-08-25,Crim3R,php,webapps,0 37678,platforms/asp/webapps/37678.txt,"Web Wiz Forums - Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,asp,webapps,0 @@ -36354,11 +36354,11 @@ id,file,description,date,author,platform,type,port 37757,platforms/multiple/webapps/37757.py,"Geoserver < 2.7.1.1 / < 2.6.4 / < 2.5.5.1 - XXE Exploit",2015-08-12,"David Bloom",multiple,webapps,0 37761,platforms/ios/webapps/37761.txt,"Printer Pro 5.4.3 IOS - Persistent Cross-Site Scripting",2015-08-12,"Taurus Omar",ios,webapps,0 37765,platforms/multiple/webapps/37765.txt,"Zend Framework 2.4.2 - PHP FPM XML eXternal Entity Injection",2015-08-13,"Dawid Golunski",multiple,webapps,0 -37767,platforms/multiple/webapps/37767.txt,"Joomla! Component 'com_jem' 2.1.4 - Multiple Vulnerabilities",2015-08-13,"Martino Sani",multiple,webapps,0 +37767,platforms/multiple/webapps/37767.txt,"Joomla! Component com_jem 2.1.4 - Multiple Vulnerabilities",2015-08-13,"Martino Sani",multiple,webapps,0 37769,platforms/php/webapps/37769.txt,"Gkplugins Picasaweb - Download File",2015-08-15,"TMT zno",php,webapps,0 37770,platforms/hardware/webapps/37770.txt,"TOTOLINK Routers - Backdoor / Remote Code Execution (PoC)",2015-08-15,MadMouse,hardware,webapps,0 -37773,platforms/php/webapps/37773.txt,"Joomla! Component 'com_memorix' - SQL Injection",2015-08-15,"BM Cloudx",php,webapps,0 -37774,platforms/php/webapps/37774.txt,"Joomla! Component 'com_informations' - SQL Injection",2015-08-15,"BM Cloudx",php,webapps,0 +37773,platforms/php/webapps/37773.txt,"Joomla! Component com_memorix - SQL Injection",2015-08-15,"BM Cloudx",php,webapps,0 +37774,platforms/php/webapps/37774.txt,"Joomla! Component com_informations - SQL Injection",2015-08-15,"BM Cloudx",php,webapps,0 37778,platforms/hardware/webapps/37778.txt,"Security IP Camera Star Vision DVR - Authentication Bypass",2015-08-15,"Meisam Monsef",hardware,webapps,0 37779,platforms/php/webapps/37779.txt,"Flogr - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2012-09-05,"High-Tech Bridge",php,webapps,0 37781,platforms/php/webapps/37781.txt,"Extcalendar 2.0 - Multiple SQL Injections / HTML Injection Vulnerabilities",2012-09-05,"Ashiyane Digital Security Team",php,webapps,0 @@ -36451,7 +36451,7 @@ id,file,description,date,author,platform,type,port 37989,platforms/php/webapps/37989.txt,"IP.Board 4.x - Persistent Cross-Site Scripting",2015-08-27,snop,php,webapps,0 37991,platforms/php/webapps/37991.txt,"WANem - Multiple Cross-Site Scripting Vulnerabilities",2012-10-16,"Brendan Coles",php,webapps,0 37992,platforms/php/webapps/37992.txt,"CorePlayer - 'callback' Parameter Cross-Site Scripting",2012-10-28,MustLive,php,webapps,0 -37993,platforms/php/webapps/37993.txt,"Joomla! Component 'com_quiz' - SQL Injection",2012-10-30,"Daniel Barragan",php,webapps,0 +37993,platforms/php/webapps/37993.txt,"Joomla! Component com_quiz - SQL Injection",2012-10-30,"Daniel Barragan",php,webapps,0 37994,platforms/php/webapps/37994.txt,"NetCat CMS - Multiple Cross-Site Scripting Vulnerabilities",2012-10-31,"Security Effect Team",php,webapps,0 37995,platforms/asp/webapps/37995.txt,"SolarWinds Orion IP Address Manager (IPAM) - 'search.aspx' Cross-Site Scripting",2012-10-31,"Anthony Trummer",asp,webapps,0 37998,platforms/php/webapps/37998.txt,"WordPress Plugin Responsive Thumbnail Slider 1.0 - Arbitrary File Upload",2015-08-28,"Arash Khazaei",php,webapps,80 @@ -36533,8 +36533,8 @@ id,file,description,date,author,platform,type,port 38130,platforms/java/webapps/38130.txt,"N-able N-central - Cross-Site Request Forgery",2012-12-13,Cartel,java,webapps,0 38131,platforms/php/webapps/38131.txt,"PHP Address Book - 'group' Parameter Cross-Site Scripting",2012-12-13,"Kenneth F. Belva",php,webapps,0 38133,platforms/php/webapps/38133.txt,"WordPress Plugin RokBox Plugin - '/wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf abouttext' Parameter Cross-Site Scripting",2012-12-17,MustLive,php,webapps,0 -38134,platforms/php/webapps/38134.txt,"Joomla! Component 'com_ztautolink' - 'Controller' Parameter Local File Inclusion",2012-12-19,Xr0b0t,php,webapps,0 -38135,platforms/php/webapps/38135.txt,"Joomla! Component 'com_bit' - 'Controller' Parameter Local File Inclusion",2012-12-19,Xr0b0t,php,webapps,0 +38134,platforms/php/webapps/38134.txt,"Joomla! Component com_ztautolink - 'Controller' Parameter Local File Inclusion",2012-12-19,Xr0b0t,php,webapps,0 +38135,platforms/php/webapps/38135.txt,"Joomla! Component com_bit - 'Controller' Parameter Local File Inclusion",2012-12-19,Xr0b0t,php,webapps,0 38139,platforms/php/webapps/38139.txt,"MyBB Transactions Plugin - 'transaction' Parameter SQL Injection",2012-12-18,limb0,php,webapps,0 38140,platforms/php/webapps/38140.php,"VoipNow Service Provider Edition - Arbitrary Command Execution",2012-12-21,i-Hmx,php,webapps,0 38141,platforms/php/webapps/38141.txt,"Hero Framework - search q Parameter Cross-Site Scripting",2012-12-24,"Stefan Schurtz",php,webapps,0 @@ -36559,7 +36559,7 @@ id,file,description,date,author,platform,type,port 38167,platforms/php/webapps/38167.php,"Multiple WordPress WPScientist Themes - Arbitrary File Upload",2013-01-04,JingoBD,php,webapps,0 38168,platforms/php/webapps/38168.txt,"TomatoCart - 'json.php' Security Bypass",2013-01-04,"Aung Khant",php,webapps,0 38169,platforms/php/webapps/38169.txt,"Havalite CMS - 'comment' Parameter HTML Injection",2013-01-06,"Henri Salo",php,webapps,0 -38171,platforms/php/webapps/38171.txt,"Joomla! Component 'com_incapsula' - Multiple Cross-Site Scripting Vulnerabilities",2013-01-08,"Gjoko Krstic",php,webapps,0 +38171,platforms/php/webapps/38171.txt,"Joomla! Component com_incapsula - Multiple Cross-Site Scripting Vulnerabilities",2013-01-08,"Gjoko Krstic",php,webapps,0 38178,platforms/php/webapps/38178.txt,"WordPress Plugin NextGEN Gallery - 'test-head' Parameter Cross-Site Scripting",2013-01-08,Am!r,php,webapps,0 38173,platforms/multiple/webapps/38173.txt,"ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Execution",2015-09-14,xistence,multiple,webapps,0 38174,platforms/multiple/webapps/38174.txt,"ManageEngine OpManager 11.5 - Multiple Vulnerabilities",2015-09-14,xistence,multiple,webapps,0 @@ -36689,7 +36689,7 @@ id,file,description,date,author,platform,type,port 38440,platforms/php/webapps/38440.txt,"phpMyAdmin - 'tbl_gis_visualization.php' Multiple Cross-Site Scripting Vulnerabilities",2013-04-09,waraxe,php,webapps,0 38441,platforms/php/webapps/38441.txt,"WordPress Plugin Spiffy XSPF Player - 'playlist_id' Parameter SQL Injection",2013-04-10,"Ashiyane Digital Security Team",php,webapps,0 38443,platforms/php/webapps/38443.txt,"Liferay 6.1.0 CE - Privilege Escalation",2015-10-11,"Massimo De Luca",php,webapps,0 -38445,platforms/php/webapps/38445.txt,"Joomla! Component 'com_realestatemanager' 3.7 - SQL Injection",2015-10-11,"Omer Ramić",php,webapps,0 +38445,platforms/php/webapps/38445.txt,"Joomla! Component com_realestatemanager 3.7 - SQL Injection",2015-10-11,"Omer Ramić",php,webapps,0 38446,platforms/php/webapps/38446.html,"Dream CMS 2.3.0 - Cross-Site Request Forgery (Add Extension) / Arbitrary File Upload / PHP Code Execution",2015-10-11,LiquidWorm,php,webapps,0 38448,platforms/hardware/webapps/38448.txt,"F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - Directory Traversal",2015-10-13,"Karn Ganeshen",hardware,webapps,0 38449,platforms/hardware/webapps/38449.txt,"NETGEAR Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities",2015-10-13,"Karn Ganeshen",hardware,webapps,0 @@ -36751,7 +36751,7 @@ id,file,description,date,author,platform,type,port 38561,platforms/php/webapps/38561.txt,"Caucho Resin - 'index.php' logout Parameter Cross-Site Scripting",2013-06-07,"Gjoko Krstic",php,webapps,0 38562,platforms/php/webapps/38562.txt,"HP Insight Diagnostics - Remote Code Injection",2013-06-10,"Markus Wulftange",php,webapps,0 38563,platforms/php/webapps/38563.txt,"HP Insight Diagnostics 9.4.0.4710 - Local File Inclusion",2013-06-10,"Markus Wulftange",php,webapps,0 -38565,platforms/php/webapps/38565.txt,"Joomla! Component 'com_jnews' 8.5.1 - SQL Injection",2015-10-29,"Omer Ramić",php,webapps,80 +38565,platforms/php/webapps/38565.txt,"Joomla! Component com_jnews 8.5.1 - SQL Injection",2015-10-29,"Omer Ramić",php,webapps,80 38567,platforms/php/webapps/38567.txt,"Max Forum - Multiple Vulnerabilities",2013-06-09,"CWH Underground",php,webapps,0 38568,platforms/php/webapps/38568.txt,"WordPress Theme Ambience - 'src' Parameter Cross-Site Scripting",2013-06-09,Darksnipper,php,webapps,0 38569,platforms/php/webapps/38569.txt,"Lokboard - 'index_4.php' PHP Code Injection",2013-06-10,"CWH Underground",php,webapps,0 @@ -36767,7 +36767,7 @@ id,file,description,date,author,platform,type,port 38585,platforms/php/webapps/38585.pl,"WordPress Plugin NextGEN Gallery - 'upload.php' Arbitrary File Upload",2013-06-12,"Marcos Garcia",php,webapps,0 38588,platforms/php/webapps/38588.php,"BloofoxCMS - 'index.php' Arbitrary File Upload",2013-06-17,"CWH Underground",php,webapps,0 38590,platforms/php/webapps/38590.txt,"et-chat - Privilege Escalation / Arbitrary File Upload",2013-06-18,MR.XpR,php,webapps,0 -38592,platforms/php/webapps/38592.php,"Joomla! Component 'com_rokdownloads' - Arbitrary File Upload",2013-06-19,Am!r,php,webapps,0 +38592,platforms/php/webapps/38592.php,"Joomla! Component com_rokdownloads - Arbitrary File Upload",2013-06-19,Am!r,php,webapps,0 38593,platforms/cgi/webapps/38593.txt,"FtpLocate - HTML Injection",2013-06-24,Chako,cgi,webapps,0 38594,platforms/php/webapps/38594.txt,"Barnraiser Prairie - 'get_file.php' Directory Traversal",2013-06-25,prairie,php,webapps,0 38596,platforms/php/webapps/38596.txt,"Xaraya - Multiple Cross-Site Scripting Vulnerabilities",2013-06-26,"High-Tech Bridge",php,webapps,0 @@ -36948,7 +36948,7 @@ id,file,description,date,author,platform,type,port 38938,platforms/php/webapps/38938.txt,"xBoard 5.0/5.5/6.0 - 'view.php' Local File Inclusion",2013-12-24,"TUNISIAN CYBER",php,webapps,0 38941,platforms/php/webapps/38941.txt,"GoAutoDial CE 3.3 - Multiple Vulnerabilities",2015-12-12,R-73eN,php,webapps,0 38942,platforms/php/webapps/38942.txt,"SPAMINA Cloud Email Firewall - Directory Traversal",2013-10-03,"Sisco Barrera",php,webapps,0 -38943,platforms/php/webapps/38943.txt,"Joomla! Component 'com_aclsfgpl' - 'index.php' Arbitrary File Upload",2014-01-07,"TUNISIAN CYBER",php,webapps,0 +38943,platforms/php/webapps/38943.txt,"Joomla! Component com_aclsfgpl - 'index.php' Arbitrary File Upload",2014-01-07,"TUNISIAN CYBER",php,webapps,0 38944,platforms/php/webapps/38944.txt,"Command School Student Management System - '/sw/admin_grades.php id' Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 38945,platforms/php/webapps/38945.txt,"Command School Student Management System - '/sw/admin_terms.php id' Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 38946,platforms/php/webapps/38946.txt,"Command School Student Management System - '/sw/admin_school_years.php id' Parameter SQL Injection",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,0 @@ -36967,7 +36967,7 @@ id,file,description,date,author,platform,type,port 38965,platforms/php/webapps/38965.txt,"ECommerceMajor - productdtl.php (prodid) SQL Injection",2015-12-14,"Rahul Pratap Singh",php,webapps,80 38966,platforms/php/webapps/38966.txt,"WordPress Plugin Admin Management Xtended 2.4.0 - Privilege escalation",2015-12-14,"Kacper Szurek",php,webapps,80 39096,platforms/php/webapps/39096.txt,"i-doit Pro - 'objID' Parameter SQL Injection",2014-02-17,"Stephan Rickauer",php,webapps,0 -39098,platforms/php/webapps/39098.txt,"Joomla! Component 'com_wire_immogest' - 'index.php' SQL Injection",2014-02-17,MR.XpR,php,webapps,0 +39098,platforms/php/webapps/39098.txt,"Joomla! Component com_wire_immogest - 'index.php' SQL Injection",2014-02-17,MR.XpR,php,webapps,0 39057,platforms/php/webapps/39057.txt,"Dell Kace 1000 Systems Management Appliance DS-2014-001 - Multiple SQL Injections",2014-01-13,"Rohan Stelling",php,webapps,0 38971,platforms/hardware/webapps/38971.txt,"Polycom VVX-Series Business Media Phones - Directory Traversal",2015-12-14,"Jake Reynolds",hardware,webapps,80 38975,platforms/php/webapps/38975.txt,"Bitrix bitrix.mpbuilder Module 1.0.10 - Local File Inclusion",2015-12-14,"High-Tech Bridge SA",php,webapps,80 @@ -37127,7 +37127,7 @@ id,file,description,date,author,platform,type,port 39289,platforms/php/webapps/39289.txt,"ArticleFR - 'id' Parameter SQL Injection",2014-08-20,"High-Tech Bridge",php,webapps,0 39290,platforms/php/webapps/39290.txt,"MyAwards MyBB Module - Cross-Site Request Forgery",2014-08-22,Vagineer,php,webapps,0 39291,platforms/php/webapps/39291.txt,"WordPress Plugin KenBurner Slider - 'admin-ajax.php' Arbitrary File Download",2014-08-24,MF0x,php,webapps,0 -39294,platforms/php/webapps/39294.txt,"Joomla! Component 'spidervideoplayer' - 'theme' Parameter SQL Injection",2014-08-26,"Claudio Viviani",php,webapps,0 +39294,platforms/php/webapps/39294.txt,"Joomla! Component spidervideoplayer - 'theme' Parameter SQL Injection",2014-08-26,"Claudio Viviani",php,webapps,0 39296,platforms/php/webapps/39296.txt,"WordPress Theme Urban City - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 39297,platforms/php/webapps/39297.txt,"WordPress Theme Authentic - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 39298,platforms/php/webapps/39298.txt,"WordPress Theme Epic - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 @@ -37217,7 +37217,7 @@ id,file,description,date,author,platform,type,port 39498,platforms/php/webapps/39498.txt,"WordPress Plugin Ocim MP3 - SQL Injection",2016-02-26,"xevil and Blankon33",php,webapps,80 39500,platforms/linux/webapps/39500.txt,"Zimbra 8.0.9 GA - Cross-Site Request Forgery",2016-02-26,Sysdream,linux,webapps,443 39501,platforms/php/webapps/39501.txt,"Centreon 2.5.3 - Remote Command Execution",2016-02-26,Sysdream,php,webapps,0 -39506,platforms/php/webapps/39506.txt,"Joomla! Component 'com_poweradmin' 2.3.0 - Multiple Vulnerabilities",2016-02-26,"RatioSec Research",php,webapps,80 +39506,platforms/php/webapps/39506.txt,"Joomla! Component com_poweradmin 2.3.0 - Multiple Vulnerabilities",2016-02-26,"RatioSec Research",php,webapps,80 39507,platforms/php/webapps/39507.txt,"WordPress Plugin More Fields 2.1 - Cross-Site Request Forgery",2016-02-29,"Aatif Shahdad",php,webapps,80 39513,platforms/php/webapps/39513.txt,"WordPress Plugin CP Polls 1.0.8 - Multiple Vulnerabilities",2016-03-01,"i0akiN SEC-LABORATORY",php,webapps,80 39521,platforms/php/webapps/39521.txt,"WordPress Plugin Bulk Delete 5.5.3 - Privilege Escalation",2016-03-03,"Panagiotis Vagenas",php,webapps,80 @@ -37339,7 +37339,7 @@ id,file,description,date,author,platform,type,port 39872,platforms/php/webapps/39872.txt,"ProcessMaker 3.0.1.7 - Multiple Vulnerabilities",2016-05-31,"Mickael Dorigny",php,webapps,80 39876,platforms/php/webapps/39876.txt,"AjaxExplorer 1.10.3.2 - Multiple Vulnerabilities",2016-06-01,hyp3rlinx,php,webapps,80 39965,platforms/php/webapps/39965.txt,"Tiki Wiki CMS Calendar 6.15/9.11 LTS/12.5 LTS/14.2 - Remote Code Execution",2016-06-16,"Dany Ouellet",php,webapps,80 -39879,platforms/php/webapps/39879.txt,"Joomla! Component 'SecurityCheck' 2.8.9 - Multiple Vulnerabilities",2016-06-02,"ADEO Security",php,webapps,80 +39879,platforms/php/webapps/39879.txt,"Joomla! Component SecurityCheck 2.8.9 - Multiple Vulnerabilities",2016-06-02,"ADEO Security",php,webapps,80 39880,platforms/jsp/webapps/39880.txt,"Liferay CE < 6.2 CE GA6 - Persistent Cross-Site Scripting",2016-06-02,"Fernando Câmara",jsp,webapps,0 39881,platforms/php/webapps/39881.txt,"Relay Ajax Directory Manager relayb01-071706/1.5.1/1.5.3 - Unauthenticated Arbitrary File Upload",2016-06-02,"RedTeam Pentesting GmbH",php,webapps,80 40463,platforms/cgi/webapps/40463.txt,"Cisco Firepower Threat Management Console 6.0.1 - Remote Command Execution",2016-10-05,KoreLogic,cgi,webapps,0 @@ -37396,7 +37396,7 @@ id,file,description,date,author,platform,type,port 39983,platforms/php/webapps/39983.txt,"Symphony CMS 2.6.7 - Session Fixation",2016-06-20,hyp3rlinx,php,webapps,80 39987,platforms/php/webapps/39987.html,"IonizeCMS 1.0.8 - Cross-Site Request Forgery (Add Admin)",2016-06-21,s0nk3y,php,webapps,80 39988,platforms/php/webapps/39988.html,"Yona CMS - Cross-Site Request Forgery",2016-06-21,s0nk3y,php,webapps,80 -39989,platforms/php/webapps/39989.txt,"Joomla! Component 'com_publisher' - SQL Injection",2016-06-21,s0nk3y,php,webapps,80 +39989,platforms/php/webapps/39989.txt,"Joomla! Component com_publisher - SQL Injection",2016-06-21,s0nk3y,php,webapps,80 39995,platforms/java/webapps/39995.txt,"SAP NetWeaver AS JAVA 7.1 < 7.5 - ctcprotocol Servlet XXE",2016-06-21,ERPScan,java,webapps,0 39996,platforms/java/webapps/39996.txt,"SAP NetWeaver AS JAVA 7.1 < 7.5 - Directory Traversal",2016-06-21,ERPScan,java,webapps,0 39997,platforms/ruby/webapps/39997.txt,"Radiant CMS 1.1.3 - Multiple Persistent Cross-Site Scripting",2016-06-21,"David Silveiro",ruby,webapps,80