|
Previously unknown
vulnerabilities discovered using the VUPEN Web Application Security Scanner
Last Updated on : 2010-07-02 15:52:54
VUPEN-SR-2010-224
- N/A
VUPEN-SR-2010-223
- N/A
VUPEN-SR-2010-222
- N/A
VUPEN-SR-2010-221 -
Zoph Multiple Parameter Cross Site
Scripting Vulnerabilities
VUPEN-SR-2010-154 -
eFront "remote_theme"
Cross Site Scripting Vulnerability
VUPEN-SR-2010-153 -
eFront "math_server"
Cross Site Scripting Vulnerability
VUPEN-SR-2010-152 -
eFront "password_length"
Cross Site Scripting Vulnerability
VUPEN-SR-2010-151 -
eFront "system_email"
Cross Site Scripting Vulnerability
VUPEN-SR-2010-150 -
eFront "name" Parameter Cross
Site Scripting Vulnerability
VUPEN-SR-2010-149 -
eFront "site_motto" and "site_name"
Cross Site Scripting
VUPEN-SR-2010-148 -
Cacti "description" Parameter
Cross Site Scripting Vulnerability
VUPEN-SR-2010-147 -
Cacti "host_id" Parameter Cross
Site Scripting Vulnerability
VUPEN-SR-2010-146 -
Cacti "hostname" Parameter Cross
Site Scripting Vulnerability
VUPEN-SR-2010-145 -
PHP-Calendar "lastaction" Param.
Cross Site Scripting Vulnerability
VUPEN-SR-2010-144 -
PHP-Calendar "description" Param.
Cross Site Scripting Vulnerability
VUPEN-SR-2010-143 -
phpGroupWare "app" Parameter
Local File Inclusion Vulnerability
VUPEN-SR-2010-142 -
phpGroupWare
"class.auth_sql.inc.php" SQL Injection Vulnerability
VUPEN-SR-2010-141 -
phpGroupWare
"class.translation_sql.inc.php" Remote SQL Injection
VUPEN-SR-2010-140 -
phpGroupWare
"class.sessions_db.inc.php" Remote SQL Injection
#2
VUPEN-SR-2010-139 -
phpGroupWare
"class.sessions_db.inc.php" Remote SQL Injection
#1
VUPEN-SR-2010-138
-
1024 CMS SQL
Injection and Multiple Cross Site Scripting
Vulnerabilities
VUPEN-SR-2010-137
-
SoftBB Remote File
Inclusion and Cross Site Scripting Vulnerabilities
VUPEN-SR-2010-136
-
Piwigo "mail_address"
Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-135
-
Piwigo "login"
Parameter Handling Cross Site Scripting Vulnerability
VUPEN-SR-2010-134
-
NovaBoard Multiple Parameter Cross Site Scripting
Vulnerabilities
VUPEN-SR-2010-133
-
My Little Forum
Multiple Parameter Cross Site Scripting Vulnerabilities
VUPEN-SR-2010-132
-
Docmint Local File
Inclusion and Cross Site Scripting Vulnerabilities
VUPEN-SR-2010-131
-
PhpTroubleTicket
"link" Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-130
-
PhpTroubleTicket
"email" Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-129
-
PhpTroubleTicket
"password" Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-128
-
PhpTroubleTicket
"cognome" Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-127
-
PhpTroubleTicket
"nome" Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-126
-
PhpTroubleTicket
"id" Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-125
-
phpunity.newsmanager
"link" Parameter Cross Site Scripting
Vulnerability
VUPEN-SR-2010-124
-
phpunity.newsmanager
"link_name" Parameter Cross Site Scripting
VUPEN-SR-2010-123
-
phpunity.newsmanager
"email" Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-122
-
phpunity.newsmanager
"author"
Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-121
-
phpunity.newsmanager
"id" Parameter Cross Site Scripting
Vulnerability
VUPEN-SR-2010-120
-
phpunity.newsmanager
"a" Parameter Cross Site Scripting
Vulnerability
VUPEN-SR-2010-119
-
phpBugTracker
"projectid" Parameter SQL Injection Vulnerability
VUPEN-SR-2010-118
-
phpBugTracker
"status[]" Parameter SQL Injection Vulnerability
VUPEN-SR-2010-117
-
phpBugTracker
"form" Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-116
-
phpBugTracker "unassigned"
Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-115
-
phpBugTracker
"emailfield1[]" Parameter Cross Site Scripting
Vulnerability
VUPEN-SR-2010-114
-
phpBugTracker
"url"
Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-113
-
phpBugTracker
"savedqueryname" Parameter Cross Site Scripting
VUPEN-SR-2010-112
-
phpBugTracker
"savedqueryoverride" Parameter Cross Site Scripting
VUPEN-SR-2010-111
-
phpBugTracker
"description"
Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-110
-
phpBugTracker
"title"
Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-109
-
phpBugTracker
"open"
Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-108
-
phpBugTracker
"projects"
Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-107
-
PacerCMS
"id"
Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-106
-
PacerCMS
"action" Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-105
-
PacerCMS
"dest" Parameter Cross Site
Scripting Vulnerability
VUPEN-SR-2010-104
-
more.groupware
"url"
Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-095
-
more.groupware
"mod"
Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-094
-
more.groupware
"op" Parameter
Cross Site Scripting Vulnerability
VUPEN-SR-2010-093
-
more.groupware
"MGWSESSION"
Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-092
-
more.groupware
"groupsearch"
Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-091
-
more.groupware
"qsearch"
Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-090
-
more.groupware
"sort" Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-089
-
Karra "del_id" Parameter Remote SQL Injection
Vulnerability
VUPEN-SR-2010-088
-
Karra "id" Parameter Remote SQL
Injection Vulnerability
VUPEN-SR-2010-087
-
Karra "txtName" Parameter Cross
Site Scripting Vulnerability
VUPEN-SR-2010-086
-
FuturCMS
"id" Parameter Remote SQL Injection Vulnerability
VUPEN-SR-2010-085
-
FuturCMS
"wmeta" Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-084
-
FuturCMS
"wkeys" Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-083
-
FuturCMS
"wdesc" Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-082
-
FuturCMS
"wtdesc" Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-081
-
FuturCMS
"wtitle" Parameter Cross Site
Scripting Vulnerability
VUPEN-SR-2010-080
-
FuturCMS
"wname" Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-079
-
FuturCMS
"l" Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-078
-
Ebay Clone "txtPassword" SQL Injection and Cross Site
Scripting
VUPEN-SR-2010-077
-
Ebay Clone "txtUsername"
SQL Injection
and Cross Site Scripting
VUPEN-SR-2010-076
-
Ebay Clone "txtName" Parameter Cross Site Scripting
Vulnerability
VUPEN-SR-2010-075
-
Ebay Clone "txtCname" Parameter Cross Site Scripting
Vulnerability
VUPEN-SR-2010-074
-
Ebay Clone "txtUsername"
Parameter Cross Site Scripting Vulnerability
VUPEN-SR-2010-073
-
Ebay Clone "view" Parameter Cross
Site Scripting Vulnerability
VUPEN-SR-2010-072
-
Ebay Clone "item_id" Parameter Cross Site Scripting
Vulnerability
VUPEN-SR-2010-071
-
Ebay Clone "cate_id" SQL Injection and Cross Site
Scripting Vulnerability
VUPEN-SR-2010-070
-
AzDGDatingMedium "uname" Parameter Cross Site Scripting
Vulnerability
VUPEN-SR-2010-069
-
AzDGDatingMedium "goto" Parameter
Cross Site Scripting Vulnerability
VUPEN-SR-2010-068
-
WebAsyst Shop-Script FREE
"add2cart" Parameter SQL Injection
VUPEN-SR-2010-067
-
WebAsyst Shop-Script FREE "c_id"
Parameter SQL Injection
VUPEN-SR-2010-066
-
WebAsyst Shop-Script FREE
"categoryID" Parameter SQL Injection #2
VUPEN-SR-2010-065
-
WebAsyst Shop-Script FREE
"categoryID" Parameter SQL Injection #1
VUPEN-SR-2010-064
-
WebAsyst Shop-Script FREE
"currency_id_left" Cross Site Scripting
VUPEN-SR-2010-063 -
WebAsyst Shop-Script FREE
"currency_id_right" Cross Site Scripting
VUPEN-SR-2010-062
-
WebAsyst Shop-Script FREE
"darkcolor" Cross Site Scripting
VUPEN-SR-2010-061
-
WebAsyst Shop-Script FREE
"delete" Parameter SQL Injection
VUPEN-SR-2010-060
-
WebAsyst Shop-Script FREE "dpt"
Parameter Cross Site Scripting #2
VUPEN-SR-2010-059
-
WebAsyst Shop-Script FREE "dpt"
Parameter Cross Site Scripting #1
VUPEN-SR-2010-058
-
WebAsyst Shop-Script FREE
"lightcolor" Parameter Cross Site Scripting
VUPEN-SR-2010-057
-
WebAsyst Shop-Script FREE
"list_price" Parameter SQL Injection
VUPEN-SR-2010-056
-
WebAsyst Shop-Script FREE
"middlecolor" Cross Site Scripting
VUPEN-SR-2010-055
-
WebAsyst Shop-Script FREE "name"
Parameter SQL Injection
VUPEN-SR-2010-054
-
WebAsyst Shop-Script FREE
"new_offer" Parameter SQL Injection
VUPEN-SR-2010-053
-
WebAsyst Shop-Script FREE "price"
Parameter SQL Injection
VUPEN-SR-2010-052
-
WebAsyst Shop-Script FREE
"product_code" Parameter SQL Injection
VUPEN-SR-2010-051
-
WebAsyst Shop-Script FREE "productID" Parameter SQL
Injection #3
VUPEN-SR-2010-050
-
WebAsyst Shop-Script FREE
"productID" Parameter SQL Injection #2
VUPEN-SR-2010-049
-
WebAsyst Shop-Script FREE
"productID" Parameter SQL Injection #1
VUPEN-SR-2010-048
-
WebAsyst Shop-Script FREE
"rating" Parameter SQL Injection #2
VUPEN-SR-2010-047
-
WebAsyst Shop-Script FREE
"rating" Parameter SQL Injection #1
VUPEN-SR-2010-046 -
WebAsyst Shop-Script FREE
"save_product" SQL Injection #2
VUPEN-SR-2010-045
-
WebAsyst Shop-Script FREE
"save_product" SQL Injection #1
VUPEN-SR-2010-044
-
WebAsyst Shop-Script FREE "sub"
Parameter Directory Traversal
VUPEN-SR-2010-043
-
WebAsyst Shop-Script FREE "sub"
Parameter Local File Inclusion
VUPEN-SR-2010-042 -
WebAsyst Shop-Script FREE "w"
Parameter Cross Site Scripting
|
