Loading...
Creditee: High-Tech Bridge SA
| Disc. Date | OSVDB ID | CVEID | Title |
|---|---|---|---|
| 2013-05-15 | 93448 | 2013-3295 | Exponent CMS /install/popup.php page Parameter Traversal Arbitrary File Access |
| 2013-05-15 | 93447 | 2013-3294 | Exponent CMS index.php Multiple Parameter SQL Injection |
| 2013-05-08 | 93104 | 2013-2754 | UMI.CMS Admin User Creation CSRF |
| 2013-05-06 | 93438 | 2013-3082 | Jojo CMS /forgot-password/ search Parameter XSS |
| 2013-05-06 | 93437 | 2013-3081 | Jojo CMS /articles/test/ X-Forwarded-For HTTP Header SQL Injection |
| 2013-05-01 | 92905 | 2013-2945 | b2evolution /blogs/admin.php show_statuses[] Parameter SQL Injection |
| 2013-05-01 | 92906 | b2evolution SQL Query Manipulation CSRF | |
| 2013-04-26 | 92914 | 2013-1420 | GetSimple CMS /admin/edit.php Multiple Parameter XSS |
| 2013-04-26 | 92915 | 2013-1420 | GetSimple CMS /admin/filebrowser.php Multiple Parameter XSS |
| 2013-04-03 | 91983 | Symphony /symphony/system/authors/ Multiple Function CSRF | |
| 2013-03-31 | 92568 | 2013-2712 | KrisonAV CMS /services/get_article.php content Parameter XSS |
| 2013-03-31 | 92567 | 2013-2713 | KrisonAV CMS /users_maint.html Account Creation CSRF |
| 2013-03-26 | 91700 | 2012-5879 | McAfee Virtual Technician (MVT) / ePolicy Orchestrator (ePO MVT) McHealthCheck.dll ActiveX Save() Function Arbitrary File Overwrite |
| 2013-03-20 | 91616 | 2013-2649 | Hero Framework /users/login username Parameter XSS |
| 2013-03-20 | 92229 | 2013-2649 | Hero Framework /users/forgot_password error Parameter XSS |
| 2013-03-13 | 91615 | 2013-2559 | Symphony /symphony/lib/toolkit/class.authormanager.php sortby Parameter SQL Injection |
| 2013-03-07 | 91041 | 2012-4900 | Corel WordPerfect WPWIN16.DLL STARTAPP Function WPD File Handling DoS |
| 2013-03-07 | 91039 | 2012-4728 | Corel Quattro Pro QPW160.dll QProGetNotebookWindowHandle Function Value Transfer QPW File Handling NULL Pointer Dereference DoS |
| 2013-03-07 | 91040 | 2012-4728 | Corel Quattro Pro QPW160.dll Ordinal132 Function Buffer Copying QPW File Handling NULL Pointer Dereference DoS |
| 2013-03-06 | 91132 | 2013-2474 | AWS XMS importer.php what Parameter Traversal Arbitrary File Access |
| 2013-03-06 | 90927 | 2013-1668 | CosCms /gallery/upload/index $_FILES['file']['name'] Parameter exec() Call Remote Command Execution |
| 2013-02-21 | 91409 | 2013-2267 | FUDforum /adm/admreplace.php preg_replace() Function Multiple Parameter Crafted Request Handling Remote Code Execution |
| 2013-02-20 | 90546 | 2013-1470 | Geeklog /calendar/index.php calendar_type Parameter XSS |
| 2013-02-19 | 90504 | 2013-1468 | Piwigo LocalFiles Editor Plugin File Creation CSRF |
| 2013-02-18 | 90357 | 2013-1469 | Piwigo install.php dl Parameter Traversal Arbitrary File Access |
| 2013-02-06 | 89924 | 2013-1408 | Wysija Newsletters Plugin for WordPress /wp-admin/admin.php search Parameter SQL Injection |
| 2013-01-30 | 89699 | 2013-0804 | Novell GroupWise Client ActiveX (gwabdlg.dll) InvokeContact() Method pInvokeParams Argument Handling Pointer Dereference Remote Code Execution |
| 2013-01-30 | 90402 | 2013-1466 | glFusion /links/index.php Multiple Parameter XSS |
| 2013-01-30 | 90403 | 2013-1466 | glFusion /admin/plugins/mediagallery/xppubwiz.php URI XSS |
| 2013-01-30 | 90401 | 2013-1466 | glFusion /profiles.php subject Parameter XSS |
| 2013-01-30 | 90400 | 2013-1466 | glFusion /calendar/index.php Multiple Parameter XSS |
| 2013-01-23 | 89513 | 2012-6290 | ImageCMS /admin/admin_search/ q Parameter SQL Injection |
| 2013-01-23 | 89536 | 2013-0807 | gpEasy CMS include/tool/editing_page.php section Parameter XSS |
| 2013-01-23 | 89512 | ImageCMS Multiple Admin Action CSRF | |
| 2013-01-17 | 89488 | 2013-1407 | Events Manager Plugin for WordPress templates/forms/bookingform/booking-fields.php Multiple Parameter XSS |
| 2013-01-17 | 89487 | 2013-1407 | Events Manager Plugin for WordPress templates/templates/events-search.php Multiple Parameter XSS |
| 2013-01-17 | 89486 | 2013-1407 | Events Manager Plugin for WordPress XSS classes/em-bookings-table.php wp_nonce Parameter XSS |
| 2013-01-09 | 89151 | 2012-5877 | Nero MediaHome NMMediaServer.dll Missing Header Name Parsing NULL Pointer Dereference |
| 2013-01-09 | 89120 | 2012-6430 | Quick.Cms admin.php URI XSS |
| 2013-01-09 | 89119 | 2012-6430 | Quick.Cart admin.php URI XSS |
| 2013-01-09 | 89118 | 2012-6429 | Samsung Kies SyncService.dll ActiveX PrepareSync() Method Buffer Overflow |
| 2013-01-09 | 89150 | Nero MediaHome NMMediaServer.dll Long Request Line Off-By-One Overflow | |
| 2013-01-09 | 89149 | 2012-5876 | Nero MediaHome NMMediaServer.dll Long HTTP Request Header Value Parsing Off-By-One Overflow |
| 2012-12-19 | 88538 | 2012-5244 | Banana Dance /functions/print.php category Parameter SQL Injection |
| 2012-12-19 | 88537 | 2012-5244 | Banana Dance /functions/ajax.php name Parameter SQL Injection |
| 2012-12-19 | 88531 | 2012-5874 | Elite Bulletin Board /includes/user_function.php Multiple Function SQL Injection |
| 2012-12-19 | 88532 | 2012-5875 | Firefly Media Server firefly.exe Malformed HTTP Request Remote DoS |
| 2012-12-19 | 88536 | 2012-5244 | Banana Dance /functions/suggest.php Multiple Parameter SQL Injection |
| 2012-12-19 | 88535 | 2012-5244 | Banana Dance /functions/widgets.php id Parameter SQL Injection |
| 2012-12-19 | 88534 | 2012-5242 | Banana Dance /functions/ajax.php name Parameter Traversal Arbitrary File Access |
| 2012-12-19 | 88533 | 2012-5243 | Banana Dance /functions/suggest.php Arbitrary Database Table Disclosure |
| 2012-12-10 | 88456 | 2012-5878 | Smartphone Pentest Framework androidwebkit.pl Remote Command Execution |
| 2012-12-10 | 88457 | 2012-5878 | Smartphone Pentest Framework directdownload.pl Remote Command Execution |
| 2012-12-05 | 88175 | 2012-5849 | ClipBucket /view_channel.php user Parameter SQL Injection |
| 2012-12-05 | 88176 | 2012-5849 | ClipBucket /view_page.php pid Parameter SQL Injection |
| 2012-12-05 | 88177 | 2012-5849 | ClipBucket /view_topic.php tid Parameter SQL Injection |
| 2012-12-05 | 88178 | 2012-5849 | ClipBucket /watch_video.php v Parameter SQL Injection |
| 2012-12-05 | 88174 | 2012-5451 | TVMOBiLi Media Server HttpUtils.dll CHTTPServerTransaction::LoadResource() Method Request Parsing Overflow DoS |
| 2012-12-05 | 88179 | 2012-5849 | ClipBucket /ajax.php Multiple Parameter SQL Injection |
| 2012-12-05 | 88180 | 2012-5849 | ClipBucket /user_contacts.php user Parameter SQL Injection |
| 2012-12-05 | 88274 | 2012-5451 | TVMOBiLi Media Server HttpUtils.dll CHTTPServerTransaction::LoadFile() Method Request Parsing Overflow |
| 2012-12-05 | 88184 | 2012-5865 | Achievo dispatch.php activityid Parameter SQL Injection |
| 2012-11-22 | 87627 | 2012-5702 | dotProject index.php Multiple Parameter XSS |
| 2012-11-21 | 87626 | dotProject Multiple Function CSRF | |
| 2012-11-21 | 87625 | 2012-5701 | dotProject index.php Multiple Parameter SQL Injection |
| 2012-11-14 | 87324 | 2012-5694 | Smartphone Pentest Framework (SPF) /frameworkgui/attach2Agents.pl Multiple Parameter SQL Injection |
| 2012-11-14 | 87308 | Baby Gekko admin/index.php Admin Password Manipulation CSRF | |
| 2012-11-14 | 87323 | 2012-5693 | Smartphone Pentest Framework (SPF) /frameworkgui/attach2agents.pl Multiple Parameter Remote Command Execution |
| 2012-11-14 | 87322 | 2012-5693 | Smartphone Pentest Framework (SPF) /frameworkgui/attachMobileModem.pl Multiple Parameter Remote Command Execution |
| 2012-11-14 | 87325 | 2012-5694 | Smartphone Pentest Framework (SPF) /frameworkgui/attachMobileModem.pl Multiple Parameter SQL Injection |
| 2012-11-14 | 87326 | 2012-5696 | Smartphone Pentest Framework (SPF) frameworkgui/config Configuration File Direct Request Remote Information Disclosure |
| 2012-11-14 | 87328 | 2012-5697 | Smartphone Pentest Framework (SPF) /frameworkgui/ Permission Weakness Local Arbitrary File Manipulation |
| 2012-11-14 | 87312 | 2012-5699 | Baby Gekko index.php app Parameter Traversal Arbitrary File Access |
| 2012-11-14 | 87311 | 2012-5700 | Baby Gekko admin/index.php id Parameter XSS |
| 2012-11-14 | 87310 | 2012-5700 | Baby Gekko index.php Multiple Parameter XSS |
| 2012-11-14 | 87320 | 2012-5693 | Smartphone Pentest Framework (SPF) /frameworkgui/CSAttack.pl Multiple Parameter Remote Command Execution |
| 2012-11-14 | 87309 | 2012-5698 | Baby Gekko admin/index.php Multiple Parameter SQL Injection |
| 2012-11-14 | 87321 | 2012-5693 | Smartphone Pentest Framework (SPF) /frameworkgui/guessPassword.pl ipAddressTB Parameter Remote Command Execution |
| 2012-11-14 | 87852 | 2012-5694 | Smartphone Pentest Framework (SPF) /frameworkgui/getDatabase.pl Multiple Parameter SQL Injection |
| 2012-11-14 | 87851 | 2012-5694 | Smartphone Pentest Framework (SPF) /frameworkgui/SEAttack.pl modemNoDD Parameter SQL Injection |
| 2012-11-14 | 87850 | 2012-5694 | Smartphone Pentest Framework (SPF) /frameworkgui/sendSMS.pl Multiple Parameter SQL Injection |
| 2012-11-14 | 87849 | 2012-5694 | Smartphone Pentest Framework (SPF) /frameworkgui/takePic.pl Multiple Parameter SQL Injection |
| 2012-11-14 | 87848 | 2012-5694 | Smartphone Pentest Framework (SPF) /frameworkgui/CSAttack.pl modemNoDD2 Parameter SQL Injection |
| 2012-11-14 | 87327 | 2012-5695 | Smartphone Pentest Framework (SPF) Multiple Function CSRF |
| 2012-11-14 | 87319 | 2012-5693 | Smartphone Pentest Framework (SPF) /frameworkgui/SEAttack.pl Multiple Parameter Remote Command Execution |
| 2012-11-14 | 87847 | 2012-5694 | Smartphone Pentest Framework (SPF) /frameworkgui/escalatePrivileges.pl Multiple Parameter SQL Injection |
| 2012-11-14 | 87846 | 2012-5694 | Smartphone Pentest Framework (SPF) /frameworkgui/getContacts.pl Multiple Parameter SQL Injection |
| 2012-11-07 | 88158 | 2012-6064 | CMS Made Simple lib/filemanager/imagemanager/images.php deld Parameter Traversal Arbitrary File Deletion |
| 2012-10-31 | 86858 | 2012-5367 | OrangeHRM /symfony/web/index.php sortField Parameter SQL Injection |
| 2012-10-31 | 86853 | 2012-4233 | LibreOffice tllo.dll WMF File PolyPolygon Record Handling NULL Pointer Dereference DoS |
| 2012-10-31 | 86852 | 2012-4233 | LibreOffice scfiltlo.dll XLS File Handling NULL Pointer Dereference DoS |
| 2012-10-31 | 86849 | 2012-4233 | LibreOffice vcllo.dll ODT File Handling NULL Pointer Dereference DoS |
| 2012-10-31 | 86848 | 2012-4233 | LibreOffice svxcorelo.dll ODG File Handling NULL Pointer Dereference DoS |
| 2012-10-31 | 86850 | OrangeHRM Multiple Admin Function CSRF | |
| 2012-10-17 | 86418 | 2012-4771 | Subrion CMS admin/manage/fields/edit/ id Parameter XSS |
| 2012-10-17 | 86419 | 2012-4771 | Subrion CMS admin/manage/blocks/edit/ id Parameter XSS |
| 2012-10-17 | 86420 | 2012-4773 | Subrion CMS Admin User Creation CSRF |
| 2012-10-17 | 86424 | 2012-5167 2012-5453 |
AContent user/index_inline_editor_submit.php field Parameter SQL Injection |
| 2012-10-17 | 86421 | 2012-4772 | Subrion CMS /register/ plan_id Parameter SQL Injection |
| 2012-10-17 | 86422 | 2012-4771 | Subrion CMS admin/accounts/edit/ id Parameter XSS |
| 2012-10-17 | 86425 | 2012-5167 | AContent user/user_password.php id Parameter SQL Injection |
| 2012-10-17 | 86428 | 2012-5168 2012-5454 |
AContent Multiple Script Authentication Weakness Multiple Functionality Manipulation |
| 2012-10-17 | 86426 | 2012-5169 | AContent file_manager/preview_top.php Multiple Parameter XSS |
| 2012-10-17 | 86423 | 2012-4771 | Subrion CMS admin/configuration/ group Parameter XSS |
| 2012-10-17 | 87235 | 2012-5450 | CMS Made Simple Arbitrary Content Deletion CSRF |
| 2012-10-17 | 86427 | 2012-5167 | AContent course_category/index_inline_editor_submit.php field Parameter SQL Injection |
| 2012-10-17 | 86494 | 2012-4232 | jCore /admin/index.php memberloginid Cookie Parameter SQL Injection |
| 2012-10-17 | 86495 | 2012-4231 | jCore /admin/index.php path Parameter XSS |
| 2012-10-15 | 86500 | 2012-3806 | Samsung Kies Samsung.DeviceService.DCA.DeviceDataParagonATGM.1 ActiveX (DCAPARAGONGM.dll) GetDataTable() Method NULL-Pointer Dereference DoS |
| 2012-10-15 | 86501 | 2012-3810 2012-3807 2012-3808 2012-3809 |
Samsung Kies CmdAgent.dll ICommandAgent Interface Multiple Method Remote Privilege Escalation |
| 2012-10-10 | 86179 | 2012-5378 | ActiveTcl on Windows Path Subversion Arbitrary DLL Injection Code Execution |
| 2012-10-10 | 86175 | 2012-5383 | Oracle MySQL on Windows Path Subversion Arbitrary DLL Injection Code Execution |
| 2012-10-10 | 86178 | Python on Windows Path Subversion Arbitrary DLL Injection Code Execution | |
| 2012-10-10 | 86092 | 2012-4989 | OpenX /www/admin/plugin-index.php parent Parameter XSS |
| 2012-10-10 | 86093 | 2012-4990 | OpenX /www/admin/campaign-zone-link.php ids[] Parameter SQL Injection |
| 2012-10-09 | 86177 | 2012-5377 | ActivePerl on Windows Path Subversion Arbitrary DLL Injection Code Execution |
| 2012-10-09 | 86176 | 2012-5379 | ActivePython on Windows Path Subversion Arbitrary DLL Injection Code Execution |
| 2012-10-09 | 86174 | 2012-5382 | Zend Server on Windows Path Subversion Arbitrary DLL Injection Code Execution |
| 2012-10-09 | 86173 | 2012-5380 | RubyInstaller on Windows Path Subversion Arbitrary DLL Injection Code Execution |
| 2012-10-09 | 86172 | 2012-5381 | PHP on Windows Path Subversion Arbitrary DLL Injection Code Execution |
| 2012-10-03 | 85895 | 2012-4901 | Template CMS admin/index.php themes_editor Parameter XSS |
| 2012-10-03 | 85896 | 2012-4902 | Template CMS Admin User Creation CSRF |
| 2012-09-05 | 85189 | 2012-3233 | Kayako Fusion __swift/thirdparty/PHPExcel/PHPExcel/Shared/JAMA/docs/download.php URI XSS |
| 2012-09-05 | 85487 | 2012-4336 | Flogr index.php URI XSS |
| 2012-08-29 | 85011 | 2012-2517 | PrestaShop [admin]/ajax.php product[] Parameter XSS |
| 2012-08-24 | 85022 | 2012-4234 | Phorum control.php group Parameter XSS |
| 2012-08-22 | 85471 | 2012-4601 | TCExam /admin/code/tce_edit_test.php user_groups[] Parameter SQL Injection |
| 2012-08-22 | 85472 | 2012-4602 | TCExam /admin/code/tce_select_users_popup.php Multiple Parameter XSS |
| 2012-08-15 | 84770 | 2012-4052 | Jease Comment Creation Multiple Parameter XSS |
| 2012-08-08 | 84479 | 2012-4036 | PBBoard admin.php xml_name Parameter Arbitrary PHP Code Execution |
| 2012-08-08 | 84480 | 2012-4034 | PBBoard index.php Multiple Parameter SQL Injection |
| 2012-08-08 | 84481 | 2012-4035 | PBBoard member_id Parameter Validation Password Manipulation |
| 2012-08-08 | 84482 | 2012-3952 | phpList admin/index.php unconfirmed Parameter XSS |
| 2012-08-08 | 84483 | 2012-3953 | phpList admin/index.php delete Parameter SQL Injection |
| 2012-07-23 | 84114 | 2012-3869 | REDAXO index.php subpage Parameter XSS |
| 2012-07-11 | 83691 | 2012-3805 | Kajona index.php Multiple Parameter XSS |
| 2012-07-04 | 83538 | 2012-3350 | Webmatic index.php HTTP Header Referer: Field SQL Injection |
| 2012-06-20 | 83283 | 2012-3231 | web@all File Manipulation CSRF |
| 2012-06-20 | 83284 | 2012-3232 | web@all /search.php _text[title] Parameter XSS |
| 2012-06-13 | 83168 | 2012-2931 | TinyWebGallery /admin/index.php user Parameter Remote PHP Code Execution |
| 2012-06-13 | 82961 | 2012-2930 2012-2931 |
TinyWebGallery PHP Code Execution CSRF |
| 2012-06-13 | 82962 | 2012-2932 | TinyWebGallery /admin/index.php Multiple Parameter XSS |
| 2012-05-30 | 82401 | 2012-0985 | Sony VAIO Wireless Manager WifiMan.dll Multiple Method String Parameter Length HTML Page Handling Overflow |
| 2012-05-23 | 82057 | 2012-2435 | Pligg CMS module.php captcha Parameter Traversal Local File Inclusion |
| 2012-05-23 | 82058 | 2012-2452 | pragmaMx modules.php URI XSS |
| 2012-05-23 | 82059 | 2012-2452 | pragmaMx includes/wysiwyg/spaw/editor/plugins/imgpopup/img_popup.php img_url Parameter XSS |
| 2012-05-21 | 82046 | 2012-2436 2012-2936 |
Pligg CMS admin/admin_index.php list Parameter XSS |
| 2012-05-21 | 82056 | 2012-2436 | Pligg CMS module.php Multiple Parameter XSS |
| 2012-05-16 | 82036 | 2012-2762 | Serendipity comment.php url Parameter SQL Injection |
| 2012-05-09 | 81743 | 2012-1506 | OrangeHRM plugins/ajaxCalls/haltResumeHsp.php hspSummaryId Parameter SQL Injection |
| 2012-05-09 | 81744 | 2012-1507 | OrangeHRM plugins/ajaxCalls/haltResumeHsp.php newHspStatus Parameter XSS |
| 2012-05-09 | 81745 | 2012-1507 | OrangeHRM templates/hrfunct/emppop.php sortOrder1 Parameter XSS |
| 2012-05-09 | 81746 | 2012-1507 | OrangeHRM index.php uri Parameter XSS |
| 2012-05-09 | 81747 | 2012-2274 | PivotX ajaxhelper.php file Parameter XSS |
| 2012-05-02 | 81638 | 2012-2227 | PluXml /update/index.php default_lang Parameter Traversal Arbitrary File Access |
| 2012-04-25 | 81488 | 2012-2208 | Piwigo upgrade.php language Parameter Traversal Local File Inclusion |
| 2012-04-25 | 81489 | 2012-2209 | Piwigo admin.php Multiple Parameter XSS |
| 2012-04-18 | 81212 | 2012-0984 | XOOPS /modules/pm/pmlite.php to_userid Parameter XSS |
| 2012-04-18 | 81213 | 2012-0984 | XOOPS /tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php Multiple Parameter XSS |
| 2012-04-11 | 81068 | 2012-1835 | All-in-One Event Calendar Plugin for WordPress /wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget-form.php title Parameter XSS |
| 2012-04-11 | 81070 | 2012-1835 | All-in-One Event Calendar Plugin for WordPress /wp-content/plugins/all-in-one-event-calendar/app/view/box_publish_button.php button_value Parameter XSS |
| 2012-04-11 | 81071 | 2012-1835 | All-in-One Event Calendar Plugin for WordPress /wp-content/plugins/all-in-one-event-calendar/app/view/save_successful.php msg Parameter XSS |
| 2012-04-11 | 81069 | 2012-1835 | All-in-One Event Calendar Plugin for WordPress /wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php Multiple Parameter XSS |
| 2012-04-05 | 81217 | 2012-1934 | Newscoop /admin/country/edit.php f_country_code Parameter SQL Injection |
| 2012-04-05 | 81218 | 2012-1935 | Newscoop /admin/ad.php Back Parameter XSS |
| 2012-04-05 | 81220 | 2012-1935 | Newscoop /admin/password_check_token.php Multiple Parameter XSS |
| 2012-04-05 | 81214 | 2012-1933 | Newscoop /include/phorum_load.php require_once() Function GLOBALS[g_campsiteDir] Parameter Remote File Inclusion |
| 2012-04-05 | 81215 | 2012-1933 | Newscoop /conf/install_conf.php require_once() Function GLOBALS[g_campsiteDir] Parameter Remote File Inclusion |
| 2012-04-05 | 81216 | 2012-1933 | Newscoop /conf/liveuser_configuration.php require_once() Function GLOBALS[g_campsiteDir] Parameter Remote File Inclusion |
| 2012-04-05 | 81219 | 2012-4679 | Newscoop /admin/login.php f_user_name Parameter XSS |
| 2012-04-04 | 80902 | 2012-1665 | osCMax admin/login.php username Parameter SQL Injection |
| 2012-04-04 | 80904 | 2012-1664 | osCMax admin/login.php username Parameter XSS |
| 2012-04-04 | 80905 | 2012-1664 | osCMax admin/htaccess.php Multiple Parameter XSS |
| 2012-04-04 | 80906 | 2012-1664 | osCMax admin/information_form.php title Parameter XSS |
| 2012-04-04 | 80907 | 2012-1664 | osCMax admin/xsell.php search Parameter XSS |
| 2012-04-04 | 80908 | 2012-1664 | osCMax admin/stats_products_purchased.php Multiple Parameter XSS |
| 2012-04-04 | 80909 | 2012-1664 | osCMax admin/stats_monthly_sales.php status Parameter XSS |
| 2012-04-04 | 80910 | 2012-1664 | osCMax admin/stats_customers.php sorted Parameter XSS |
| 2012-04-04 | 80911 | 2012-1664 | osCMax admin/information_manager.php information_id Parameter XSS |
| 2012-04-04 | 80912 | 2012-1664 | osCMax admin/geo_zones.php zID Parameter XSS |
| 2012-04-04 | 80900 | 2012-1665 | osCMax admin/stats_monthly_sales.php status Parameter SQL Injection |
| 2012-04-04 | 80901 | 2012-1665 | osCMax admin/create_account_process.php country Parameter SQL Injection |
| 2012-04-04 | 80903 | 2012-1664 | osCMax admin/new_attributes_include.php Multiple Parameter XSS |
| 2012-03-26 | 80573 | 2012-1834 | CMS Tree Page View Plugin for WordPress wp-content/plugins/cms-tree-page-view/functions.php cms_tpv_admin_head() Function cms_tpv_view Parameter XSS |
| 2012-03-21 | 80253 | 2012-1467 | Open Journal Systems (OJS) /lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/scripts/rfiles.php param Parameter Multiple Function Traversal Arbitrary File Manipulation |
| 2012-03-21 | 80254 | 2012-1468 | Open Journal Systems (OJS) Multiple Script Arbitrary File Upload |
| 2012-03-21 | 80255 | 2012-1469 | Open Journal Systems (OJS) /lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/ibrowser.php Multiple Parameter XSS |
| 2012-03-21 | 80256 | 2012-1469 | Open Journal Systems (OJS) index.php authors[][url] Parameter XSS |
| 2012-03-21 | 80257 | 2012-1469 | Open Journal Systems (OJS) /lib/pkp/classes/core/String.inc.php String::stripUnsafeHtml() Method XSS |
| 2012-03-21 | 80651 | 2012-1470 | ocPortal code_editor.php Multiple Parameter XSS |
| 2012-03-21 | 80652 | 2012-1471 | ocPortal site/catalogue_file.php file Parameter Traversal Arbitrary File Access |
| 2012-03-07 | 80065 | 2012-1188 | Fork CMS private/en/locale/index name Parameter XSS |
| 2012-03-07 | 80066 | 2012-1188 | Fork CMS backend/modules/error/actions/index.php parse() Function Multiple Parameter Error Display XSS |
| 2012-02-23 | 79490 | 2012-1296 | Elefant CMS apps/admin/handlers/preview.php Multiple Parameter XSS |
| 2012-02-22 | 79816 | 2012-1295 | Elefant CMS lib/Model.php Unspecified SQL Injection |
| 2012-02-22 | 80180 | 2012-1295 | Elefant CMS Multiple Admin Script offset Parameter SQL Injection |
| 2012-02-22 | 80181 | Elefant CMS Multiple Admin Script CSRF | |
| 2012-02-15 | 79309 | 2012-0996 | 11in1 CMS index.php class Parameter Traversal Local File Inclusion |
| 2012-02-15 | 79313 | 2012-1000 | LEPTON CMS admins/login/forgot/index.php message Parameter XSS |
| 2012-02-15 | 79314 | 2012-1000 | LEPTON CMS account/preferences.php Multiple Parameter XSS |
| 2012-02-15 | 79307 | 2012-0997 | 11in1 CMS Admin Password Manipulation CSRF |
| 2012-02-15 | 79308 | 2012-0996 | 11in1 CMS admin/index.php class Parameter Traversal Local File Inclusion |
| 2012-02-15 | 79312 | 2012-0999 | LEPTON CMS /modules/news/rss.php group_id Parameter SQL Injection |
| 2012-02-15 | 79311 | 2012-0998 | LEPTON CMS account/preferences.php language Parameter Traversal Local File Inclusion |
| 2012-02-11 | 79697 | 2012-1039 | Dotclear /admin/auth.php login_data Parameter XSS |
| 2012-02-11 | 79699 | 2012-1039 | Dotclear /admin/blogs.php nb Parameter XSS |
| 2012-02-11 | 79698 | 2012-1039 | Dotclear /admin/comments.php Multiple Parameter XSS |
| 2012-02-11 | 79700 | 2012-1039 | Dotclear /admin/plugin.php page Parameter XSS |
| 2012-02-03 | 78981 | 2012-0995 | zenphoto zp-core/admin.php Multiple Parameter XSS |
| 2012-02-03 | 78982 | 2012-0995 | zenphoto zp-core/admin-edit.php album Parameter XSS |
| 2012-02-02 | 78979 | 2012-0993 | zenphoto viewer_size_image_saved Cookie Value eval() Call Remote PHP Code Execution |
| 2012-02-02 | 78980 | 2012-0994 | zenphoto zp-core/admin-albumsort.php sortableList Parameter SQL Injection |
| 2012-02-02 | 79456 | 2012-1001 | Chyrp includes/ajax.php content Parameter XSS |
| 2012-02-01 | 78728 | 2012-0991 | OpenEMR interface/patient_file/encounter/trend_form.php formname Parameter Traversal Local File Inclusion |
| 2012-02-01 | 78727 | 2012-0991 | OpenEMR interface/patient_file/encounter/load_form.php formname Parameter Traversal Local File Inclusion |
| 2012-02-01 | 78729 | 2012-0991 | OpenEMR interface/patient_file/encounter/view_form.php formname Parameter Traversal Local File Inclusion |
| 2012-02-01 | 78730 | 2012-0991 | OpenEMR contrib/acog/print_form.php formname Parameter Traversal Local File Inclusion |
| 2012-02-01 | 78731 | 2012-0992 | OpenEMR interface/fax/fax_dispatch.php file Parameter exec() Call Arbitrary Shell Command Execution |
| 2012-01-30 | 82732 | OSClass /oc-admin/index.php id Parameter XSS | |
| 2012-01-25 | 78557 | 2012-0990 | DClassifieds Admin Password Manipulation CSRF |
| 2012-01-18 | 82709 | 2012-0989 | OneOrZero Action & Information Management System (AIMS) index.php PATH_INFO Parameter XSS |
| 2012-01-16 | 78503 | 2012-0974 2012-5163 |
OSClass index.php getParam() Function Multiple Parameter XSS |
| 2012-01-16 | 78504 | 2012-0973 2012-5162 |
OSClass index.php Multiple Parameter SQL Injection |
| 2012-01-04 | 78140 | 2012-0986 | ImpressCMS notifications.php URI XSS |
| 2012-01-04 | 78141 | 2012-0986 | ImpressCMS modules/system/admin/images/browser.php URI XSS |
| 2012-01-04 | 78142 | 2012-0986 | ImpressCMS modules/content/admin/content.php URI XSS |
| 2012-01-04 | 78143 | 2012-0987 | ImpressCMS edituser.php icmsConfigPlugins[sanitizer_plugins][] Parameter Traversal Local File Inclusion |
| 2011-12-21 | 78009 | 2011-5144 | Open Business Management (OBM) test.php phpinfo() Function Direct Request Information Disclosure |
| 2011-12-21 | 78003 | 2011-5141 | Open Business Management (OBM) /exportcsv/exportcsv_index.php module Parameter Traversal Local File Inclusion |
| 2011-12-21 | 78004 | 2011-5145 | Open Business Management (OBM) /obm.php Multiple Parameter SQL Injection |
| 2011-12-21 | 78005 | 2011-5145 | Open Business Management (OBM) /settings/settings_index.php Multiple Parameter SQL Injection |
| 2011-12-21 | 78006 | 2011-5145 | Open Business Management (OBM) /host/host_index.php Multiple Parameter SQL Injection |
| 2011-12-21 | 78007 | 2011-5142 | Open Business Management (OBM) /host/host_index.php Multiple Parameter XSS |
| 2011-12-21 | 78008 | 2011-5142 | Open Business Management (OBM) /obm.php login Parameter XSS |
| 2011-12-14 | 77728 | 2011-5214 | BrowserCRM Multiple Script URI XSS |
| 2011-12-14 | 77729 | 2011-5214 | BrowserCRM license/index.php framed Parameter XSS |
| 2011-12-14 | 77730 | 2011-5214 | BrowserCRM licence/view.php framed Parameter XSS |
| 2011-12-14 | 77731 | 2011-5214 | BrowserCRM pub/clients.php login[] Parameter XSS |
| 2011-12-14 | 77732 | 2011-5214 | BrowserCRM index.php login[] Parameter XSS |
| 2011-12-14 | 77733 | 2011-5213 | BrowserCRM modules/Documents/version_list.php parent_id Parameter SQL Injection |
| 2011-12-14 | 77734 | 2011-5213 | BrowserCRM modules/Documents/index.php contact_id Parameter SQL Injection |
| 2011-12-14 | 77735 | 2011-5213 | BrowserCRM index.php login[username] Parameter SQL Injection |
| 2011-12-08 | 77978 | epesi BIM admin/phpfm.php dir_atual Parameter XSS | |
| 2011-12-08 | 77979 | epesi BIM admin/themeup.php URI XSS | |
| 2011-12-08 | 77980 | epesi BIM admin/wfb.php msg Parameter XSS | |
| 2011-11-30 | 77416 | 2011-5258 | OrangeHRM index.php Multiple Parameter XSS |
| 2011-11-30 | 77417 | 2011-5258 | OrangeHRM lib/controllers/CentralController.php URI XSS |
| 2011-11-30 | 77418 | 2011-5259 | OrangeHRM lib/controllers/CentralController.php id Parameter SQL Injection |
| 2011-11-30 | 77459 | 2011-4833 | SugarCRM index.php Multiple Parameter SQL Injection |
| 2011-11-23 | 77339 | 2011-4814 | Dolibarr Multiple Script URI XSS |
| 2011-11-23 | 77340 | 2011-4802 | Dolibarr /user/index.php Multiple Parameter SQL Injection |
| 2011-11-23 | 77341 | 2011-4802 | Dolibarr /user/info.php id Parameter SQL Injection |
| 2011-11-23 | 77342 | 2011-4802 | Dolibarr /user/perms.php id Parameter SQL Injection |
| 2011-11-23 | 77343 | 2011-4802 | Dolibarr /user/param_ihm.php id Parameter SQL Injection |
| 2011-11-23 | 77344 | 2011-4802 | Dolibarr /user/note.php id Parameter SQL Injection |
| 2011-11-23 | 77345 | 2011-4802 | Dolibarr /user/fiche.php id Parameter SQL Injection |
| 2011-11-23 | 77346 | 2011-4802 | Dolibarr /admin/boxes.php rowid Parameter SQL Injection |
| 2011-11-23 | 77347 | 2011-4802 | Dolibarr /user/group/index.php Multiple Parameter SQL Injection |
| 2011-11-17 | 77194 | webERP Multiple Script URI XSS | |
| 2011-11-17 | 77200 | SPIP Authorization Check Weakness Remote Privilege Escalation | |
| 2011-11-17 | 77195 | webERP reportwriter/ReportMaker.php reportid Parameter SQL Injection | |
| 2011-11-17 | 77196 | webERP reportwriter/FormMaker.php ReportID Parameter SQL Injection | |
| 2011-11-17 | 77197 | webERPphpinfo.php Direct Request Remote Information Disclosure | |
| 2011-11-09 | 76959 | vtiger CRM index.php file Parameter Local File Inclusion | |
| 2011-11-09 | 76960 | vtiger CRM graph.php Multiple Parameter Local File Inclusion | |
| 2011-10-26 | 76745 | eFront index.php Multiple Parameter XSS | |
| 2011-10-26 | 76746 | eFront ask_information.php user2 Parameter SQL Injection | |
| 2011-10-26 | 76747 | eFront professor.php ctg Parameter XSS | |
| 2011-10-26 | 76748 | eFront student.php ctg Parameter XSS | |
| 2011-10-26 | 76749 | eFront view_test.php Multiple Parameter SQL Injection | |
| 2011-10-26 | 76750 | eFront administrator.php Multiple Parameter XSS | |
| 2011-10-26 | 76751 | eFront /modules/module_chat/admin.php loglessonid Parameter SQL Injection | |
| 2011-10-12 | 76301 | Pretty Link Plugin for WordPress wp-content/plugins/pretty-link/classes/views/prli-clicks/head.php min_date Parameter XSS | |
| 2011-10-12 | 76309 | BugFree Bug.php ActionType Parameter XSS | |
| 2011-10-12 | 76302 | Pretty Link Plugin for WordPress wp-content/plugins/pretty-link/classes/views/prli-dashboard-widget/widget.php message Parameter XSS | |
| 2011-10-12 | 76303 | Pretty Link Plugin for WordPress wp-content/plugins/pretty-link/classes/views/shared/errors.php errors[] Parameter XSS | |
| 2011-10-12 | 76304 | Pretty Link Plugin for WordPress wp-content/plugins/pretty-link/classes/views/shared/table-nav.php Multiple Parameter XSS | |
| 2011-10-12 | 76305 | Pretty Link Plugin for WordPress wp-content/plugins/pretty-link/classes/views/prli-links/form.php Multiple Parameter XSS | |
| 2011-10-12 | 76310 | BugFree Report.php ReportMode Parameter XSS | |
| 2011-10-12 | 76311 | BugFree ReportLeft.php ReportMode Parameter XSS | |
| 2011-10-12 | 76312 | BugFree Admin/AdminProjectList.php URI XSS | |
| 2011-10-12 | 76313 | BugFree Admin/AdminGroupList.php URI XSS | |
| 2011-10-12 | 76314 | BugFree Admin/AdminUserLogList.php URI XSS | |
| 2011-09-28 | 76162 | Traq admincp/components.php Multiple Parameter XSS | |
| 2011-09-28 | 76163 | Traq admincp/groups.php Multiple Parameter XSS | |
| 2011-09-28 | 76164 | Traq admincp/ticket_templates.php edit Parameter XSS | |
| 2011-09-28 | 76165 | Traq custom_fields.php edit Parameter XSS | |
| 2011-09-28 | 76166 | Traq admincp/milestones.php errors Parameter XSS | |
| 2011-09-28 | 76167 | Traq admincp/plugins.php errors Parameter XSS | |
| 2011-09-28 | 76168 | Traq admincp/projects.php errors Parameter XSS | |
| 2011-09-28 | 76169 | Traq admincp/repositories.php errors Parameter XSS | |
| 2011-09-28 | 76170 | Traq admincp/users.php errors Parameter XSS | |
| 2011-09-28 | 76171 | Traq user/login goto Parameter XSS | |
| 2011-09-28 | 76161 | Traq /tickets Multiple Parameter SQL Injection | |
| 2011-09-14 | 75403 | 2011-5074 | Support Incident Tracker (SiT!) Admin Addition CSRF |
| 2011-09-14 | 75412 | 2011-5073 | Support Incident Tracker (SiT!) contract_support.php mode Parameter XSS |
| 2011-09-14 | 75413 | 2011-5073 | Support Incident Tracker (SiT!) contract_add_service.php contractid Parameter XSS |
| 2011-09-14 | 75414 | 2011-5073 | Support Incident Tracker (SiT!) inbox.php action Parameter XSS |
| 2011-09-14 | 75415 | 2011-5073 | Support Incident Tracker (SiT!) incident_add.php search_string Parameter XSS |
| 2011-09-14 | 75416 | 2011-5073 | Support Incident Tracker (SiT!) report_customers.php table1 Parameter XSS |
| 2011-09-14 | 75417 | 2011-5073 | Support Incident Tracker (SiT!) report_incidents_by_engineer.php table1 Parameter XSS |
| 2011-09-14 | 75418 | 2011-5073 | Support Incident Tracker (SiT!) report_incidents_by_site.php table1 Parameter XSS |
| 2011-09-14 | 75419 | 2011-5073 | Support Incident Tracker (SiT!) report_marketing.php table1 Parameter XSS |
| 2011-09-14 | 75420 | 2011-5073 | Support Incident Tracker (SiT!) report_incidents_by_vendor.php Multiple Parameter XSS |
| 2011-09-14 | 75421 | 2011-5073 | Support Incident Tracker (SiT!) forgotpwd.php Referer Header XSS |
| 2011-09-14 | 75422 | 2011-5073 | Support Incident Tracker (SiT!) billable_incidents.php Referer Header XSS |
| 2011-09-14 | 75423 | 2011-5073 | Support Incident Tracker (SiT!) transactions.php Referer Header XSS |
| 2011-09-14 | 75405 | 2011-5072 | Support Incident Tracker (SiT!) contract_add_service.php contractid Parameter SQL Injection |
| 2011-09-14 | 75406 | 2011-5072 | Support Incident Tracker (SiT!) edit_escalation_path.php id Parameter SQL Injection |
| 2011-09-14 | 75407 | 2011-5072 | Support Incident Tracker (SiT!) holding_queue.php Multiple Parameter SQL Injection |
| 2011-09-14 | 75408 | 2011-5072 | Support Incident Tracker (SiT!) report_customers.php inc Parameter SQL Injection |
| 2011-09-14 | 75409 | 2011-5072 | Support Incident Tracker (SiT!) report_incidents_by_site.php inc Parameter SQL Injection |
| 2011-09-14 | 75410 | 2011-5072 | Support Incident Tracker (SiT!) search.php start Parameter SQL Injection |
| 2011-09-14 | 75404 | 2011-5072 | Support Incident Tracker (SiT!) transactions.php sites Parameter SQL Injection |
| 2011-09-14 | 75411 | 2011-5072 | Support Incident Tracker (SiT!) portal/kb.php start Parameter SQL Injection |
| 2011-08-22 | 74705 | WP Events Calendar Plugin for WordPress wp-admin/admin.php EC_id Parameter XSS | |
| 2011-08-17 | 74568 | Fast Secure Contact Form Plugin for WordPress wp-content/plugins/si-contact-form/captcha/test/index.php URI XSS | |
| 2011-08-17 | 74569 | WP-Stats-Dashboard Plugin for WordPress /wp-content/plugins/wp-stats-dashboard/view/admin/admin_profile_type.php Multiple Parameter XSS | |
| 2011-08-17 | 74570 | WP-Stats-Dashboard Plugin for WordPress /wp-content/plugins/wp-stats-dashboard/view/admin/blocks/select-trend.php onchange Parameter XSS | |
| 2011-08-17 | 74571 | WP-Stats-Dashboard Plugin for WordPress /wp-content/plugins/wp-stats-dashboard/view/admin/blocks/submenu.php Multiple Parameter XSS | |
| 2011-08-15 | 74611 | StudioLine Photo Basic ActiveX NMSDVDX.DVDEngineX.1 (NMSDVDXU.dll) Multiple Method Arbitrary File Overwrite | |
| 2011-08-10 | 74464 | eShop Plugin for WordPress wp-admin/admin.php Multiple Parameter XSS | |
| 2011-08-03 | 74295 | WP e-Commerce Plugin for WordPress wp-content/plugins/wp-e-commerce/wpsc-theme/wpsc-cart_widget.php cart_messages[] Parameter XSS | |
| 2011-08-03 | 74284 | HESK /inc/header.inc.php Multiple Parameter XSS | |
| 2011-08-03 | 74285 | HESK /language/en/text.php URI XSS | |
| 2011-08-03 | 74286 | HESK /inc/assignment_search.inc.php hesklang[attempt] Parameter XSS | |
| 2011-08-03 | 74287 | HESK /inc/attachments.inc.php hesklang[attempt] Parameter XSS | |
| 2011-08-03 | 74288 | HESK /inc/common.inc.php hesklang[attempt] Parameter XSS | |
| 2011-08-03 | 74289 | HESK /inc/database.inc.php hesklang[attempt] Parameter XSS | |
| 2011-08-03 | 74290 | HESK /inc/prepare_ticket_search.inc.php hesklang[attempt] Parameter XSS | |
| 2011-08-03 | 74291 | HESK /inc/print_tickets.inc.php hesklang[attempt] Parameter XSS | |
| 2011-08-03 | 74292 | HESK /inc/show_admin_nav.inc.php hesklang[attempt] Parameter XSS | |
| 2011-08-03 | 74293 | HESK /inc/show_search_form.inc.php hesklang[attempt] Parameter XSS | |
| 2011-08-03 | 74294 | HESK /inc/ticket_list.inc.php hesklang[attempt] Parameter XSS | |
| 2011-07-30 | 74304 | ThreeDify Designer ThreeDify.ThreeDifyDesigner.1 ActiveX (ActiveSolid.dll) Multiple Method Overflow | |
| 2011-07-30 | 74305 | ThreeDify Designer ThreeDify.ThreeDifyDesigner.1 ActiveX (ActiveSolid.dll) cmdSave() Method Arbitrary File Overwrite | |
| 2011-07-27 | 74156 | Free PHP Message Board (MBoard) go.php url Parameter Arbitrary Site Redirect | |
| 2011-07-27 | 74058 | PHP Guestbook admin_reply.php Multiple Parameter XSS | |
| 2011-07-27 | 74059 | PHP Guestbook comments.php Multiple Parameter XSS | |
| 2011-07-27 | 74060 | PHP Guestbook admin_tasks.php Multiple Parameter XSS | |
| 2011-07-27 | 74061 | PHP Guestbook emoticons_popup.php list_emoticons Parameter XSS | |
| 2011-07-27 | 74062 | PHP Guestbook error.php Multiple Parameter XSS | |
| 2011-07-27 | 74063 | PHP Guestbook no_comments.php lang Parameter XSS | |
| 2011-07-27 | 74064 | PHP Guestbook overall_footer.php settings Parameter XSS | |
| 2011-07-27 | 74065 | PHP Guestbook overall_header.php settings Parameter XSS | |
| 2011-07-27 | 74066 | PHP Guestbook sign_form.php name Parameter XSS | |
| 2011-07-20 | 74039 | 2011-4336 | Tiki Wiki CMS/Groupware snarf_ajax.php ajax Parameter XSS |
| 2011-06-28 | 73503 | FlatPress index.php Multiple Parameter XSS | |
| 2011-06-23 | 73321 | Kofax e-Transactions Sender LEADSmtp ActiveX (LTCML14n.dll) SaveMessage() Method Arbitrary File Overwrite | |
| 2011-06-22 | 73232 | Easewe FTP OCX ActiveX (EaseWeFtp.ocx) Multiple Method File Manipulation | |
| 2011-06-22 | 73304 | FanUpdate header.php pageTitle Parameter XSS | |
| 2011-06-22 | 73593 | Open-Realty index.php Multiple Parameter XSS | |
| 2011-06-22 | 73594 | Open-Realty include/class/ckeditor/custom/filemanager/connectors/php/filemanager.php path Parameter XSS | |
| 2011-06-22 | 73595 | Open-Realty admin/index.php type Parameter XSS | |
| 2011-06-22 | 73596 | Open-Realty admin/index.php type Parameter SQL Injection | |
| 2011-06-15 | 73091 | miniblog adm/list.php post_list Parameter XSS | |
| 2011-06-15 | 73092 | miniblog adm/login.php error_text Parameter XSS | |
| 2011-06-15 | 73096 | miniblog adm/options.php response_text Parameter XSS | |
| 2011-06-15 | 73095 | miniblog adm/password.php response_text Parameter XSS | |
| 2011-06-15 | 73094 | miniblog adm/edit.php Multiple Parameter XSS | |
| 2011-06-15 | 73093 | miniblog Post Addition CSRF | |
| 2011-06-15 | 73120 | 2011-4946 | e107 e107_admin/users_extended.php user_field Parameter SQL Injection |
| 2011-06-15 | 80992 | 2011-4947 | e107 e107_admin/users_extended.php user_include Parameter XSS |
| 2011-06-15 | 73086 | N-13 News index.php Multiple Parameter XSS | |
| 2011-06-15 | 73087 | N-13 News admin.php Multiple Parameter XSS | |
| 2011-06-15 | 73088 | N-13 News admin.php modules/editcomments.php Multiple Parameter XSS | |
| 2011-05-19 | 72745 | phpScheduleIt forgot_pwd.php URI XSS | |
| 2011-05-19 | 72747 | phpScheduleIt register.php URI XSS | |
| 2011-05-19 | 72746 | phpScheduleIt index.php URI XSS | |
| 2011-05-19 | 72748 | phpScheduleIt roschedule.php URI XSS | |
| 2011-05-19 | 72749 | phpScheduleIt popCalendar.php scheduleid Parameter XSS | |
| 2011-05-17 | 72377 | PHP Calendar index.php Multiple Parameter XSS | |
| 2011-05-17 | 72378 | PHP Calendar event_delete.php id Parameter XSS | |
| 2011-05-17 | 72379 | PHP Calendar event_add.php title Parameter XSS | |
| 2011-05-12 | 72330 | Open Classifieds Admin Credential Manipulation CSRF | |
| 2011-05-10 | 75962 | Calendarix cal_login.php URI XSS | |
| 2011-05-10 | 75963 | Calendarix cal_catview.php gocat Parameter XSS | |
| 2011-05-10 | 75964 | Calendarix cal_date.php Multiple Parameter XSS | |
| 2011-05-05 | 72134 | Directory Listing Script index.php URI XSS | |
| 2011-05-05 | 75709 | PHPDug adm/admin_edit.php id Parameter SQL Injection | |
| 2011-05-05 | 75710 | PHPDug adm/usergroup_edit.php id Parameter SQL Injection | |
| 2011-05-05 | 75711 | PHPDug adm/category_edit.php id Parameter SQL Injection | |
| 2011-05-03 | 75697 | YaPiG /template/default/add_comment_form.php I_ADD_COMMENT Parameter XSS | |
| 2011-05-03 | 75698 | YaPiG /template/default/admin_task_bar.php I_ADMIN_TASKS Parameter XSS | |
| 2011-05-03 | 75699 | YaPiG /template/default/delete_gallery_form.php I_SELECT_OPT Parameter XSS | |
| 2011-05-03 | 75700 | YaPiG /template/default/face_begin.php I_TITLE Parameter XSS | |
| 2011-05-03 | 75701 | YaPiG /slideshow.php interval Parameter XSS | |
| 2011-05-01 | 75703 | PHPDug add_story.php story_url Parameter XSS | |
| 2011-05-01 | 75704 | PHPDug editprofile.php email Parameter XSS | |
| 2011-05-01 | 75705 | PHPDug adm/content_add.php title Parameter XSS | |
| 2011-05-01 | 75706 | PHPDug adm/admin_edit.php username Parameter XSS | |
| 2011-04-28 | 72055 | 2011-5081 | BackupPC RestoreFile.pm XSS |
| 2011-04-28 | 72051 | phpGraphy themes/default/header.inc.php theme_dir Parameter XSS | |
| 2011-04-28 | 72052 | phpGraphy Admin User Creation CSRF | |
| 2011-04-28 | 72053 | WP Photo Album Plugin for WordPress wp-admin/admin.php id Parameter XSS | |
| 2011-04-28 | 72057 | Daily Maui Photo Widget Plugin for WordPress wp-content/plugins/daily-maui-photo-widget/wp-dailymaui-widget-control.php title Parameter XSS | |
| 2011-04-26 | 72047 | WP Ajax Recent Posts Plugin for WordPress index.php number Parameter XSS | |
| 2011-04-26 | 75528 | phpList admin/commonlib/lib/userlib.php email Parameter XSS | |
| 2011-04-26 | 75527 | phpList admin/template.php email Parameter XSS | |
| 2011-04-26 | 75526 | phpList admin/editlist.php email Parameter XSS | |
| 2011-04-21 | 71987 | zenphoto themes/zenpage/slideshow.php _zp_themeroot Parameter XSS | |
| 2011-04-21 | 71988 | zenphoto themes/stopdesign/comment_form.php _zp_themeroot Parameter XSS | |
| 2011-04-19 | 71966 | SocialGrid Plugin for WordPress inline-admin.js.php default_services Parameter XSS | |
| 2011-04-19 | 71891 | DAlbum pass.php Admin Password Manipulation CSRF | |
| 2011-04-19 | 71886 | Universal Post Manager Plugin for WordPress wp-content/plugins/universal-post-manager/template/email_screen_1.php num Parameter XSS | |
| 2011-04-19 | 71887 | Universal Post Manager Plugin for WordPress wp-content/plugins/universal-post-manager/template/email_screen_2.php num Parameter XSS | |
| 2011-04-19 | 71888 | Universal Post Manager Plugin for WordPress wp-content/plugins/universal-post-manager/template/bookmarks_slider_h.php number Parameter XSS | |
| 2011-04-19 | 71889 | Universal Post Manager Plugin for WordPress wp-content/plugins/universal-post-manager/includes/poll_logs.php qid Parameter SQL Injection | |
| 2011-04-19 | 71890 | Universal Post Manager Plugin for WordPress wp-content/plugins/universal-post-manager/includes/poll_result.php PID Parameter SQL Injection | |
| 2011-04-19 | 71892 | DAlbum editini.php url Parameter XSS | |
| 2011-04-19 | 71990 | webSPELL index.php Multiple Parameter XSS | |
| 2011-04-19 | 71985 | WP-StarsRateBox Plugin for WordPress wp-content/plugins/wp-starsratebox/wp-starsratebox.php q Parameter XSS | |
| 2011-04-19 | 71986 | WP-StarsRateBox Plugin for WordPress wp-content/plugins/wp-starsratebox/wp-starsratebox.php j Parameter SQL Injection | |
| 2011-04-19 | 71991 | webSPELL admin/admincenter.php Multiple Parameter XSS | |
| 2011-04-14 | 74980 | 2011-4806 | PHP Album main.php Multiple Parameter XSS |
| 2011-04-14 | 74979 | PHP Album main.php Admin Password Manipulation CSRF | |
| 2011-04-14 | 74981 | PHP Album main.php var3 Parameter Remote PHP Code Execution | |
| 2011-04-07 | 71687 | phpCollab users/edituser.php Admin Credential Manipulation CSRF | |
| 2011-04-07 | 71673 | Viscacha admin.php Multiple Parameter XSS | |
| 2011-04-07 | 71672 | Viscacha editprofile.php digest Parameter SQL Injection | |
| 2011-04-07 | 71688 | phpCollab clients/editclient.php url Parameter XSS | |
| 2011-04-07 | 71689 | phpCollab newsdesk/editnews.php links Parameter XSS | |
| 2011-04-07 | 71690 | phpCollab projects/editproject.php url_dev Parameter XSS | |
| 2011-04-07 | 71701 | phpCollab Multiple Script Direct Request Path Disclosure | |
| 2011-04-07 | 71702 | Viscacha editprofile.php Path Disclosure | |
| 2011-03-31 | 71464 | InTerra Blog Machine Arbitrary Entry Addition CSRF | |
| 2011-03-31 | 71472 | Feng Office Community Edition Admin Manipulation CSRF | |
| 2011-03-31 | 72017 | 2011-1666 | Tine Multiple Script Direct Request Path Disclosure |
| 2011-03-29 | 71297 | Spitfire index.php username Parameter XSS | |
| 2011-03-29 | 72031 | WordPress Multiple Script Direct Request Path Disclosure | |
| 2011-03-29 | 72019 | bbPress Multiple Script Direct Request Path Disclosure | |
| 2011-03-24 | 71324 | SyndeoCMS starnet/addons/scroll_page.php speed Parameter XSS | |
| 2011-03-24 | 71325 | SyndeoCMS starnet/addons/page_slideshow.php loc_id XSS | |
| 2011-03-24 | 71326 | SyndeoCMS starnet/addons/tv.php loc_id Parameter XSS | |
| 2011-03-24 | 71327 | SyndeoCMS index.php user_username Parameter SQL Injection | |
| 2011-03-24 | 71328 | SyndeoCMS Multiple Script Direct Request Path Disclosure | |
| 2011-03-24 | 71865 | Ripe Website Manager ripe/modules/nav/admin.php menu_id Parameter XSS | |
| 2011-03-24 | 75358 | Ripe Website Manager ripe/modules/page/admin.php id Parameter SQL Injection | |
| 2011-03-24 | 75359 | Ripe Website Manager ripe/modules/members/admin.php CSRF | |
| 2011-03-24 | 75360 | Ripe Website Manager ripe/index.php v Parameter SQL Injection | |
| 2011-03-17 | 71187 | Rating-Widget Plugin for WordPress wp-content/plugins/rating-widget/view/availability_options.php selected_key Parameter XSS | |
| 2011-03-17 | 71188 | Rating-Widget Plugin for WordPress wp-content/plugins/rating-widget/view/rating.php vars[type] Parameter XSS | |
| 2011-03-17 | 71189 | Rating-Widget Plugin for WordPress wp-content/plugins/rating-widget/view/save.php rw_form_hidden_field_name Parameter XSS | |
| 2011-03-17 | 71185 | SodaHead Polls Plugin for WordPress wp-content/plugins/sodahead-polls/poll.php customize Parameter XSS | |
| 2011-03-17 | 71186 | SodaHead Polls Plugin for WordPress wp-content/plugins/sodahead-polls/customizer.php poll_id Parameter XSS | |
| 2011-03-17 | 72043 | Smen Social Button Plugin for WordPress /wp-content/plugins/smen-social-button/settings_page.php Direct Request Path Disclosure | |
| 2011-03-15 | 71230 | LotusCMS core/model/GeneralSettingsModel.php title Parameter XSS | |
| 2011-03-15 | 71231 | LotusCMS core/model/SEOModel.php seodescription Parameter XSS | |
| 2011-03-15 | 71232 | LotusCMS core/model/PageModel.php page Parameter XSS | |
| 2011-03-15 | 71233 | LotusCMS core/model/UsersModel.php Arbitrary Admin Account Creation CSRF | |
| 2011-03-15 | 71237 | LotusCMS modules/Menu/MenuModuleAdmin.php title Parameter XSS | |
| 2011-03-15 | 72036 | xt:Commerce Multiple Script Direct Request Path Disclosure | |
| 2011-03-15 | 72039 | OXID eShop Multiple Script Direct Request Path Disclosure | |
| 2011-03-10 | 71057 | Lazyest Gallery Plugin for WordPress /wp-content/plugins/lazyest-gallery/lazyest-popup.php image Parameter XSS | |
| 2011-03-10 | 71058 | Lazyest Gallery Plugin for WordPress /wp-content/plugins/lazyest-gallery/lazyest-img.php file Parameter Path Disclosure | |
| 2011-03-10 | 71173 | Cosmoshop admin/rubrikadmin.cgi rcopy Parameter XSS | |
| 2011-03-10 | 71174 | Cosmoshop admin/artikeladmin.cgi typ Parameter XSS | |
| 2011-03-10 | 71175 | Cosmoshop admin/shophilfe_suche.cgi suchbegriff Parameter XSS | |
| 2011-03-10 | 71176 | Cosmoshop admin/edit_startseitentext.cgi text-de Parameter XSS | |
| 2011-03-10 | 71177 | Cosmoshop admin/index.cgi id Parameter SQL Injection | |
| 2011-03-10 | 73577 | CosmoShop admin/setup_edit.cgi hauptwaehrung Parameter XSS | |
| 2011-03-08 | 71029 | 1 Flash Gallery Plugin for WordPress wp-content/plugins/1-flash-gallery/folder.php Multiple Parameter XSS | |
| 2011-03-08 | 71030 | 1 Flash Gallery Plugin for WordPress wp-content/plugins/1-flash-gallery/massedit_album.php gall_id Parameter SQL Injection | |
| 2011-03-08 | 71072 | GRAND Flash Album Gallery Plugin for WordPress wp-content/plugins/flash-album-gallery/lib/hitcounter.php pid Parameter SQL Injection | |
| 2011-03-08 | 71073 | GRAND Flash Album Gallery Plugin for WordPress wp-content/plugins/flash-album-gallery/admin/news.php want2Read Parameter Traversal Arbitrary File Access | |
| 2011-03-08 | 71859 | Inline Gallery Plugin for WordPress browser.php do Parameter XSS | |
| 2011-03-08 | 71860 | PhotoSmash Plugin for WordPress /wp-content/plugins/photosmash-galleries/index.php action Parameter XSS | |
| 2011-03-08 | 72035 | Cool Video Gallery Plugin for WordPress /wp-content/plugins/cool-video-gallery/admin/gallery-sort.php Direct Request Path Disclosure | |
| 2011-03-03 | 72032 | PrestaShop Multiple Script Direct Request Path Disclosure | |
| 2011-03-03 | 72025 | Tribiq CMS Multiple Script Direct Request Path Disclosure | |
| 2011-03-03 | 73575 | Pragyan CMS My Page CKEditor1 parameter XSS | |
| 2011-03-01 | 71840 | Mingle Forum Plugin for WordPress wp-content/plugins/mingle-forum/wpf-insert.php message Parameter XSS | |
| 2011-03-01 | 72027 | Mingle Forum Plugin for WordPress Multiple Script Direct Request Path Disclosure | |
| 2011-03-01 | 71406 | Question and Answer Forum Plugin for WordPress index.php title Parameter XSS | |
| 2011-03-01 | 71355 | WP Forum Plugin for WordPress index.php group_id Parameter SQL Injection | |
| 2011-03-01 | 71356 | WP Forum Plugin for WordPress wp-content/plugins/wp-forum/forum_feed.php thread Parameter SQL Injection | |
| 2011-03-01 | 71357 | WP Forum Plugin for WordPress wp-content/plugins/wp-forum/sendmail.php id Parameter SQL Injection | |
| 2011-03-01 | 72023 | NextGEN Gallery Plugin for WordPress /wp-content/plugins/nextgen-gallery/xml/ajax.php Path Disclosure | |
| 2011-02-24 | 70994 | 2011-1047 | WP Forum Server Plugin for WordPress /wp-content/plugins/forum-server/feed.php topic Parameter SQL Injection |
| 2011-02-24 | 71111 | IWantOneButton Plugin for WordPress wp-content/plugins/wantHave/updateAJAX.php post_id Parameter XSS | |
| 2011-02-24 | 71112 | IWantOneButton Plugin for WordPress wp-content/plugins/wantHave/updateAJAX.php post_id Parameter SQL Injection | |
| 2011-02-22 | 71039 | cdnvote Plugin for WordPress cdnvote-post.php Multiple Parameter SQL Injection | |
| 2011-02-22 | 71006 | Z-Vote Plugin for WordPress wp-content/plugins/zvote/zvote.php zvote Parameter SQL Injection | |
| 2011-02-22 | 71044 | Comment Rating Plugin for WordPress ck-processkarma.php id Parameter SQL Injection | |
| 2011-02-22 | 71060 | GD Star Rating Plugin for WordPress wp-content/plugins/gd-star-rating/widgets/widget_top.php wpfn Parameter XSS | |
| 2011-02-22 | 73445 | Vote It Up Plugin for WordPress /wp-content/plugins/vote-it-up/resetcount.php Direct Request Path Disclosure | |
| 2011-02-17 | 72882 | FlatnuX CMS login.html Remote DoS | |
| 2011-02-17 | 72881 | FlatnuX CMS Multiple Script Direct Request Path Disclosure | |
| 2011-02-17 | 72883 | 2011-3722 | Coppermine Photo Gallery Multiple Script Direct Request Path Disclosure |
| 2011-02-15 | 70998 | Wikipad pages.php Multiple Parameter XSS | |
| 2011-02-15 | 70997 | Wikipad pages.php id Parameter Traversal Arbitrary .txt File Manipulation | |
| 2011-02-15 | 70953 | 2011-1063 | Photopad files.php Multiple Parameter XSS |
| 2011-02-15 | 70954 | 2011-1063 | Photopad gallery.php id Parameter XSS |
| 2011-02-15 | 70929 | Seo Panel reports.php website_id Parameter SQL Injection | |
| 2011-02-15 | 70930 | Seo Panel index.php lang_code Parameter SQL Injection | |
| 2011-02-15 | 72839 | Gollos /product/list.aspx q Parameter XSS | |
| 2011-02-15 | 72837 | Gollos Multiple Script returnurl Parameter XSS | |
| 2011-02-15 | 72836 | 2011-3705 | Arctic Fox CMS Multiple Script Direct Request MySQL Settings Disclosure |
| 2011-02-15 | 72833 | ArtGK CMS Multiple Script Direct Request Path Disclosure | |
| 2011-02-15 | 72808 | Seo Panel websites.php url Parameter SQL Injection | |
| 2011-02-15 | 72517 | Xaraya Multiple Script Direct Request Path Disclosure | |
| 2011-02-15 | 72838 | Gollos Multiple Script returnurl Parameter Admin XSS | |
| 2011-02-10 | 70993 | 2011-1047 | WP Forum Server Plugin for WordPress index.php Multiple Parameter SQL Injection |
| 2011-02-10 | 70856 | RunCMS register.php timezone_offset Parameter SQL Injection | |
| 2011-02-10 | 72848 | RunCMS /include/registerform.php Direct Request Path Disclosure | |
| 2011-02-10 | 72840 | RunCMS user.php rc2_user Cookie XSS | |
| 2011-02-09 | 70975 | WebAsyst index.php app Parameter XSS | |
| 2011-02-08 | 70974 | WebAsyst SC/html/scripts/index.php Multiple Parameter XSS | |
| 2011-02-08 | 70845 | UMI.CMS /admin/users/edit/USERID/do/ Multiple Function CSRF | |
| 2011-02-08 | 72854 | UMI.CMS /admin/content/edit/PAGEID/do/ name Parameter XSS | |
| 2011-02-08 | 72852 | ViArt Shop /admin/admin_manufacturer.php manufacturer_name Parameter XSS | |
| 2011-02-08 | 72851 | ViArt Shop /admin/admin_global_settings.php html_below_footer Parameter XSS | |
| 2011-02-08 | 72850 | ViArt Shop /admin/admin_product.php item_id Parameter XSS | |
| 2011-02-08 | 72849 | UMI.CMS /admin/news/edit/4/do/ name Parameter XSS | |
| 2011-02-03 | 70784 | ReOS members.php Multiple Parameter SQL Injection | |
| 2011-02-03 | 70785 | ReOS index.php Multiple Parameter SQL Injection | |
| 2011-02-03 | 72858 | Podcast Generator language.php scriptlang Parameter Traversal Arbitrary File Access | |
| 2011-02-03 | 72857 | Podcast Generator themes.php L_failedopentheme Parameter XSS | |
| 2011-02-03 | 72856 | Podcast Generator episode.php Malformed name Parameter Path Disclosure | |
| 2011-02-01 | 70742 | Redaxscript includes/password.php Multiple Parameter SQL Injection | |
| 2011-02-01 | 72876 | Pluck /data/themes/default/theme.php Direct Request Path Disclosure | |
| 2011-02-01 | 72875 | Pluck index.php Malformed file[] Parameter Path Disclosure | |
| 2011-02-01 | 72860 | razorCMS Multiple Script Direct Request Path Disclosure | |
| 2011-02-01 | 72859 | Redaxscript index.php Direct Request Path Disclosure | |
| 2011-01-27 | 71065 | 2011-3745 | Hycus CMS template.php Direct Request Path Disclosure |
| 2011-01-27 | 71068 | KaiBB /admin/core/account.php Account Manipulation CSRF | |
| 2011-01-27 | 71066 | DBHcms ext.news.settings.php Direct Request Path Disclosure | |
| 2011-01-27 | 71067 | BLOG:CMS Multiple Script Direct Request Path Disclosure | |
| 2011-01-25 | 70800 | 2011-0774 | PivotX Multiple Script Direct Request Error Message Path Disclosure |
| 2011-01-25 | 71061 | Pixelpost Multiple Script Direct Request Path Disclosure | |
| 2011-01-25 | 71062 | Pixelpost Cookie lang Parameter Traversal Arbitrary File Content Disclosure | |
| 2011-01-25 | 71063 | Pixelpost Cookie visitorinfo Parameter XSS | |
| 2011-01-25 | 71064 | Pligg CMS captcha_settings.php Direct Request Path Disclosure | |
| 2011-01-20 | 77681 | 2011-4710 | Pixie CMS /index.php referer Parameter SQL Injection |
| 2011-01-20 | 72226 | 2011-4710 | Pixie CMS /admin/index.php GLOBALS[pixie_user] Parameter SQL Injection |
| 2011-01-11 | 70399 | diafan.CMS Admin User Creation CSRF | |
| 2011-01-11 | 70429 | 2011-0504 | VaM Shop admin/customers.php search Parameter XSS |
| 2011-01-11 | 70430 | 2011-0504 | VaM Shop admin/orders.php status Parameter XSS |
| 2011-01-11 | 70431 | 2011-0503 | VaM Shop User Permissions Manipulation CSRF |
| 2011-01-11 | 70603 | 2011-0504 | VaM Shop admin/configuration.php STORE_NAME Parameter XSS |
| 2011-01-11 | 70673 | 2011-0772 | PivotX pivotx/includes/blogroll.php color Parameter XSS |
| 2011-01-11 | 70674 | 2011-0772 | PivotX pivotx/includes/timwrapper.php src Parameter XSS |
| 2011-01-11 | 72071 | Energine ProductList.class.php Search Facility product Parameter SQL Injection | |
| 2011-01-11 | 72066 | 2011-3734 | Energine Multiple Script Direct Request Path Disclosure |
| 2011-01-11 | 72072 | Energine UserEditor.class.php Arbitrary User Manipulation CSRF | |
| 2011-01-11 | 72011 | diafan.CMS /admin/news/saveNEWS_ID descr Parameter XSS | |
| 2011-01-11 | 72010 | diafan.CMS /admin/site/save2 text Parameter XSS | |
| 2011-01-11 | 72127 | Cambio modules/user/user.admin.php Arbitrary User Manipulation CSRF | |
| 2011-01-11 | 72126 | whCMS modules/user/user.admin.php Arbitrary User Manipulation CSRF | |
| 2011-01-04 | 70308 | 2011-0407 | Phenotype CMS Gallery/gal_id/1/image1,1.html URL SQL Injection |
| 2011-01-04 | 70313 | F3Site admin/editAdmin.php Admin User Creation CSRF | |
| 2011-01-04 | 70304 | PHP MicroCMS index.php Admin Password Manipulation CSRF | |
| 2011-01-04 | 70315 | WonderCMS editText.php content Parameter XSS | |
| 2011-01-04 | 70316 | WonderCMS Post / Slogan Manipulation CSRF | |
| 2011-01-04 | 72001 | phpMySport Multiple Script Direct Request Path Disclosure | |
| 2011-01-04 | 72004 | phpMySport index.php Authentication Bypass | |
| 2011-01-04 | 72000 | PHP MicroCMS index.php page_text Parameter Admin Page Edit XSS / CSRF | |
| 2010-12-29 | 71866 | OpenCart index.php Malformed path Parameter Path Disclosure | |
| 2010-12-29 | 71868 | LightNEasy LightNEasy.php page Parameter SQL Database Prefix Disclosure | |
| 2010-12-29 | 71864 | LightNEasy /addons/contact/main.php set[language] Parameter Traversal Arbitrary File Access | |
| 2010-12-29 | 71861 | LightNEasy Multiple Script Direct Request Path Disclosure | |
| 2010-12-29 | 71870 | ocPortal index.php Malformed page[] Parameter Path Disclosure | |
| 2010-12-29 | 72879 | Nibbleblog /templates/default/index.php Direct Request Path Disclosure | |
| 2010-12-23 | 70211 | KaiBB New Topic [url] BBcode Tag XSS | |
| 2010-12-23 | 70210 | KaiBB index.php Multiple Parameter SQL Injection | |
| 2010-12-23 | 71885 | KaiBB index.php f Parameter Malformed Input Path Disclosure | |
| 2010-12-21 | 70145 | 2010-4612 | Hycus CMS user/1/hregister.html Multiple Parameter SQL Injection |
| 2010-12-21 | 70148 | 2010-4612 | Hycus CMS user/1/hlogin.html usr_email Parameter SQL Injection |
| 2010-12-21 | 70147 | 2010-4612 | Hycus CMS user/1/forgotpass.html useremail Parameter SQL Injection |
| 2010-12-21 | 70146 | 2010-4612 | Hycus CMS search/1.html q Parameter SQL Injection |
| 2010-12-21 | 69989 | 2010-4616 | ImpressCMS modules/content/admin/content.php quicksearch_ContentContent Parameter XSS |
| 2010-12-21 | 70217 | 2010-4613 | Hycus CMS index.php site Parameter Traversal Local File Inclusion |
| 2010-12-21 | 70218 | 2010-4613 | Hycus CMS admin.php site Parameter Traversal Local File Inclusion |
| 2010-12-21 | 71816 | Injader CMS search.php area1 Parameter SQL Injection | |
| 2010-12-21 | 71815 | Injader CMS comment.php txtGuestURL Parameter XSS | |
| 2010-12-21 | 71814 | Injader CMS index.php IJ-Login Cookie SQL Injection | |
| 2010-12-21 | 71813 | Injader CMS login.php Referer Header XSS | |
| 2010-12-16 | 70087 | 2010-4609 | Html-edit CMS index.php nuser Parameter SQL Injection |
| 2010-12-16 | 70177 | 2010-4607 | Habari system/admin/dash_additem.php additem_form Parameter XSS |
| 2010-12-16 | 70088 | 2010-4610 | Html-edit CMS index.php error Parameter XSS |
| 2010-12-16 | 70178 | 2010-4607 | Habari system/admin/dash_status.php status_data[] Parameter XSS |
| 2010-12-16 | 72880 | GetSimple CMS template.php Direct Request Path Disclosure | |
| 2010-12-14 | 70100 | BEdita Admin User Creation CSRF | |
| 2010-12-14 | 70115 | 2010-4749 | BLOG:CMS action.php body Parameter XSS |
| 2010-12-14 | 70112 | 2010-4749 | BLOG:CMS admin/index.php Multiple Parameter XSS |
| 2010-12-14 | 70113 | 2010-4750 | BLOG:CMS admin/libs/ADMIN.php Admin User Creation CSRF |
| 2010-12-14 | 71825 | BEdita home_controller.php searchstring Parameter XSS | |
| 2010-12-14 | 71824 | BEdita news_controller.php data[label] Parameter XSS | |
| 2010-12-09 | 70222 | 2010-4608 | Habari Multiple Script Direct Request Path Disclosure |
| 2010-12-06 | 69692 | Exponent CMS podcast.php module Parameter Traversal Local File Inclusion | |
| 2010-12-06 | 69693 | Exponent CMS rss.php module Parameter Traversal Local File Inclusion | |
| 2010-12-06 | 69698 | 2010-4513 | Zimplit CMS zimplit.php file Parameter XSS |
| 2010-12-06 | 69699 | 2010-4513 | Zimplit CMS English_manual_version_2.php client Parameter XSS |
| 2010-12-03 | 70221 | 2010-4611 | Html-edit CMS Multiple Script Direct Request Path Disclosure |
| 2010-12-02 | 69602 | 2010-4851 | Eclime create_account.php country Parameter SQL Injection |
| 2010-12-02 | 69603 | 2010-4851 | Eclime index.php Multiple Parameter SQL Injection |
| 2010-12-02 | 69592 | Etomite manager/actions/static/document_data.static.action.php id Parameter Traversal Arbitrary File Access | |
| 2010-12-02 | 69594 | Etomite index.php Referer HTTP Header SQL Injection | |
| 2010-12-02 | 69593 | Etomite index.php search POST Parameter SQL Injection | |
| 2010-12-02 | 69595 | Etomite manager/index.php location Parameter XSS | |
| 2010-12-01 | 69625 | Contenido CMS cms/front_content.php idart Parameter XSS | |
| 2010-11-30 | 69601 | 2010-4852 | Eclime login.php reason Parameter XSS |
| 2010-11-30 | 69538 | 2010-4779 | WPtouch Plugin for Wordpress wp-content/plugins/wptouch/include/adsense-new.php wptouch_settings Parameter XSS |
| 2010-11-30 | 69537 | 2010-4780 | Enano CMS index.php email Parameter SQL Injection |
| 2010-11-30 | 69539 | 2010-4399 | DynPG CMS index.php CHG_DYNPG_SET_LANGUAGE Parameter Traversal Arbitrary File Access |
| 2010-11-30 | 69631 | 2010-4400 | DynPG CMS in _rights.php giveRights_UserId Parameter SQL Injection |
| 2010-11-30 | 69632 | 2010-4401 | DynPG CMS languages.inc.php Direct Request Path Disclosure |
| 2010-11-23 | 69460 | Frog CMS index.php user[email] Parameter XSS | |
| 2010-11-18 | 71491 | CompactCMS /lib/includes/auth.inc.php userName Parameter XSS | |
| 2010-11-16 | 69351 | CompactCMS News Module id Parameter SQL Injection | |
| 2010-11-16 | 69380 | IceBB index.php Multiple Parameter SQL Injection | |
| 2010-11-16 | 69381 | IceBB admin/index.php s Parameter SQL Injection | |
| 2010-11-16 | 71492 | IceBB /modules/make_image.php Direct Request Path Disclosure | |
| 2010-11-16 | 71487 | 2011-3714 | ClanSphere Multiple Script Direct Request Path Disclosure |
| 2010-11-16 | 71486 | ClanSphere replays Module where Parameter SQL Injection | |
| 2010-11-15 | 69281 | ClanSphere BBCode img Tag XSS | |
| 2010-11-15 | 69283 | ClanSphere mods/gallery/print_now.php Multiple Parameter XSS | |
| 2010-11-15 | 69282 | ClanSphere index.php where Parameter XSS | |
| 2010-11-04 | 69016 | miniBB URI BBcode Arbitrary Script Injection | |
| 2010-11-04 | 69019 | SweetRice index.php Multiple Parameter SQL Injection | |
| 2010-11-04 | 69030 | SweetRice as/index.php Password Reset Token Validation Issue | |
| 2010-11-04 | 69031 | Textpattern Comment Message Field XSS | |
| 2010-11-04 | 69342 | eoCMS BBCode img Tag XSS | |
| 2010-11-04 | 69343 | eoCMS index.php eocms Cookie SQL Injection | |
| 2010-11-04 | 69344 | eoCMS index.php Multiple Parameter Traversal Local File Inclusion | |
| 2010-11-04 | 71430 | JAF CMS /module/log/vislog.php Traversal Arbitrary File Creation | |
| 2010-11-04 | 71425 | SweetRice as/index.php top_height Cookie XSS | |
| 2010-11-04 | 71421 | miniBB index.php Multiple Parameter SQL Injection | |
| 2010-11-04 | 71428 | eoCMS /search/forum.php Path Disclosure | |
| 2010-11-04 | 71429 | eoCMS /Plugins/forum_statistics/Layouts/Stats.php Path Disclosure | |
| 2010-11-02 | 68970 | MemHT Portal /admin/pages/articles/index.php nome Parameter XSS | |
| 2010-11-02 | 68969 | MemHT Portal /admin/pages/users/index.php adm_sito Parameter XSS | |
| 2010-11-02 | 68968 | MemHT Portal admin/pages/configuration/index.php copyright Parameter XSS | |
| 2010-11-02 | 68966 | Kandidat CMS admin/edit.php title POST Parameter XSS | |
| 2010-11-02 | 68967 | Kandidat CMS Multiple Admin Function CSRF | |
| 2010-11-02 | 71335 | Kandidat CMS /admin/settings.php title Parameter XSS | |
| 2010-11-02 | 71334 | Kandidat CMS /admin/news.php header Parameter XSS | |
| 2010-11-02 | 71333 | Webmedia Explorer /folder desc Parameter XSS | |
| 2010-10-27 | 68897 | 2010-4874 | NinkoBB users.php Multiple Parameter XSS |
| 2010-10-27 | 68908 | DZCP inc/bbcode.php language Parameter Traversal Local File Inclusion | |
| 2010-10-27 | 68896 | 2010-4185 | Energine index.php NRGNSID Cookie SQL Injection |
| 2010-10-27 | 71322 | 2010-4870 | BloofoxCMS index.php gender Parameter SQL Injection |
| 2010-10-27 | 71320 | Zomplog /admin/users.php Arbitrary User Creation CSRF | |
| 2010-10-27 | 71319 | Zomplog /admin/settings_menu.php about Parameter XSS | |
| 2010-10-27 | 71318 | Zomplog /admin/editor_pages.php id Parameter XSS | |
| 2010-10-27 | 71321 | 2010-4869 | DBHcms index.php Multiple Parameter SQL Injection |
| 2010-10-27 | 71317 | Zomplog /admin/settings.php weblog_subtitle Parameter XSS | |
| 2010-10-27 | 71315 | BloofoxCMS index.php Multiple Parameter Malformed Input Path Disclosure | |
| 2010-10-27 | 71314 | MyBB forumdisplay.php mybb[forumread] Cookie Malformed Input Path Disclosure | |
| 2010-10-19 | 68725 | sNews Admin Credentials Manipulation CSRF | |
| 2010-10-19 | 69207 | 2010-4152 | 4site CMS index.shtml cat Parameter SQL Injection |
| 2010-10-19 | 71079 | 2010-4151 | DeluxeBB misc.php xthedateformat Parameter SQL Injection |
| 2010-10-19 | 71078 | Tribiq CMS index.php Multiple Parameter Malformed Input Path Disclosure | |
| 2010-10-19 | 71077 | sNews snews.php Multiple Parameter XSS | |
| 2010-10-13 | 68643 | 2010-4095 | Robo-FTP Filename Specifier Traversal Arbitrary File Write |
| 2010-10-13 | 68657 | PluXml core/admin/article.php content Parameter XSS | |
| 2010-10-13 | 68658 | PluXml Admin Password Manipulation CSRF | |
| 2010-10-13 | 69868 | Ronny CMS modules/menu/admin/include/menu.php name parameter XSS | |
| 2010-10-13 | 69867 | Ronny CMS modules/system/admin/blocksadmin/blocksadmin.php btitle Parameter XSS | |
| 2010-10-13 | 69866 | Ronny CMS modules/pages/admin/include/pages.php pdesc Parameter XSS | |
| 2010-10-13 | 69865 | PluXml /core/admin/profil.php infos Parameter XSS | |
| 2010-10-13 | 69864 | PluXml /core/admin/parametres_base.php title Parameter XSS | |
| 2010-10-13 | 69863 | PluXml /core/admin/statique.php content Parameter XSS | |
| 2010-10-11 | 68666 | 2010-4148 | AnyConnect Filename Specifier Traversal Arbitrary File Write |
| 2010-10-11 | 68667 | 2010-4149 | Fresh FTP Filename Specifier Traversal Arbitrary File Write |
| 2010-10-11 | 68700 | 2010-4153 | CrossFTP Filename Specifier Traversal Arbitrary File Write |
| 2010-10-11 | 71069 | Lara /_ui/changepassword Password Manipulation CSRF | |
| 2010-10-08 | 69871 | Lantern CMS 7-home-page.asp signupemail Parameter XSS | |
| 2010-10-08 | 69870 | Lantern CMS 11-login.asp intPassedLocationID Parameter XSS | |
| 2010-10-08 | 69861 | Expression CMS Multiple Parameter XSS | |
| 2010-10-06 | 68607 | 2010-4154 | FTP Voyager Filename Specifier Traversal Arbitrary File Creation |
| 2010-10-06 | 68622 | 2010-4790 | FilterFTP Filename Specifier Traversal Arbitrary File Upload |
| 2010-10-05 | 69869 | Docebo Announcements doceboLms/index.php description Parameter XSS | |
| 2010-10-04 | 68654 | Elxis CMS administrator/index2.php Multiple Parameter XSS | |
| 2010-10-04 | 68655 | Elxis CMS administrator/index2.php id Parameter SQL Injection | |
| 2010-10-04 | 68656 | Elxis CMS Contact Information Manipulation CSRF | |
| 2010-09-29 | 69745 | 2010-4863 | GetSimple CMS admin/changedata.php post-title Parameter XSS |
| 2010-08-06 | 67054 | 2010-4963 | Hulihan BXR folder/list order_by Parameter SQL Injection |
| 2010-08-05 | 67042 | Hulihan Amethyst browse/create_comment comment[name] Parameter XSS | |
| 2010-08-05 | 67044 | Hulihan Amethyst admin/update_settings site[setting_title] Parameter XSS | |
| 2010-08-05 | 67045 | Hulihan Amethyst admin/update post[title] Parameter XSS | |
| 2010-08-05 | 67043 | 2010-5085 | Hulihan Amethyst /admin/update_user/ Arbitrary User Manipulation CSRF |
| 2010-06-28 | 66197 | OneCMS admin/admin.php cat Parameter SQL Injection | |
| 2010-06-28 | 66198 | OneCMS admin/admin.php cat Parameter XSS | |
| 2010-06-28 | 66202 | OneCMS admin/comments.php URI XSS | |
| 2010-06-24 | 66203 | OneCMS search.php search Parameter SQL Injection | |
| 2010-06-24 | 66204 | OneCMS index.php id Parameter SQL Injection | |
| 2010-06-11 | 65791 | 2010-2437 | AneCMS Blog modules/blog/index.php comment Parameter XSS |
| 2010-06-11 | 65792 | 2010-2436 | AneCMS Blog modules/blog/index.php PATH_INFO Parameter SQL Injection |
| 2010-05-13 | 64675 | NPDS REvolution download.php sortby Parameter SQL Injection | |
| 2010-05-13 | 64676 | NPDS REvolution viewtopic.php topic Parameter XSS | |
| 2010-04-21 | 63937 | e107 e107_admin/banner.php click_url Parameter SQL Injection | |
| 2009-01-30 | 51808 | 2009-0646 | 4Site CMS portfolio/index.shtml Multiple Parameter SQL Injection |
