DVguestbook versions 1.0 and 1.2.2 suffer from multiple cross site scripting flaws.
77e527786650af069b7dcca5fae0b701e0cc533c741277b09b04e4c6af83f69b
Bitweaver CMS version 1.2.1 allows for cross site scripting attacks via user supplied comments.
0ecc40da677e7e3ba4dc0ca07cbe8ad27fec6990fdf29911376bfbc3e6f448ee
PhotoBlogger versions 3.0 and below suffer from cross site scripting and SQL injection vulnerabilities.
449c56de560d9b374c3a92df9c3cdb251ac391d51f429449f2f2cbaf9334ecc7
Runcms version 1.x is susceptible to cross site scripting attacks in bigshow.php.
2dd1b86163b9bbba8736ffba9719fff071509e5ac0aa7760a2fbc2801b604b12
Invision Power Board v2.1.5 suffers from SQL injection.
49ab1f56d1bf8c7118b2a21c7a36a280551c816be939058e1042cfb1adcaaab6
vbzoom v1.11 is vulnerable to SQL injection and XSS.
57256753d4c283d77078566a6995f41252311246b1678ffebb987072fd749b2d
Game-Panel versions 2.6.1 and below suffer from a cross site scripting flaw.
7be2cbd6a123c6bdaac72620d9b60783bce6740ecb5047c40d578716792f7381
Simplog versions 1.0.2 and below suffer from cross site scripting and directory traversal attacks.
d31d9346d8ed8351831d3faa7cf144d9dce1479beacb790a04ad0fd4d6017f91
WBB version 2.3.4 suffers from a typical cross site scripting flaw.
0474108a80ff3577d3b0f88f92a023586a88fb00e126e502326b033e8b1a8cdb
TotalECommerce versions 1.0 and below suffer from SQL injection flaws.
dabc458869743449861b988a62604a28567faff3f82003a3fade5576abc40754
Pixel Post versions 1.4.3 and 1.5 beta1 have been found susceptible to SQL injection and cross site scripting attacks.
380878565a9c6bdabddd71ab710ce332a7eb9c1947b4866d464de3d52a1c8c38
Easy Forum version 2.5 is susceptible to cross site scripting attacks.
2528a10db4d0e57daa651ace1b7150286851c7ea5c9eb12323f0f66b33533f2e
PHP-Stats versions 0.1.9.1 and below suffer from remote directory traversal, SQL injection, and command execution flaws.
5e1bb3d424f9a3bfb779ba437927c5754cc6e55f28507e15a6b60e3aa1950db1
phpArcadeScript versions 2.0 and below suffer from multiple cross site scripting flaws.
937eb2d10d21bd5c3acac99bbf3edc9ec06548f936325f024a39dc7dcdcbfcd8
R25 WebViewer versions 3.2 and below are susceptible to cross site scripting attacks.
c0f3ecead194919393ae0627dbfbcd65dddb01676023d69724908cb0f9eeb57b
phpBB suffers from multiple denial of service vulnerabilities. Exploit included.
579f4aed32cf3643cb3948a0d11fd76f3e4169147f366bb140d989ef8aff46c5
Skate Board version 0.9 is susceptible to SQL injection, cross site scripting, authentication bypass, and PHP code injection flaws.
3a2dd7ec80e31dddd7d038168493fc1516d96e702e32204bf29c7f98ba83733b
Gregarius version 0.5.2 is susceptible to cross site scripting and SQL injection vulnerabilities.
294f633275da07fb851fc6607fc74fb15f79dcf10c16b5b68614c60c1de3b723
MyBB versions 1.04 and below remote SQL injection exploit using misc.php.
c924feb0cac352ee345d92eedde0b1c08817129dc83359105365d5da2b44354b
Arin.net suffers from a cross site scripting flaw.
46c5c19fc8544cfe09c2ff73461b4931791fe5181328ce530c9bd808acf26205
AZTEK forums version 4.0 suffers from cross site scripting and information leakage flaws.
0689da31436dbae71eafaeb3aa338739c769f32d95e09b7b1fc82e78b57ab01a
MyBB version 1.0.4 is susceptible to SQL injection attacks via the username variable in search.php.
fbbd5b3aa5aa7648b1093e6b4f08406899bc061657b58c26c47466da623cc88f
Dawaween version 1.03 is susceptible to SQL injection attacks. Details provided.
3599335064c4d821a09149f7be7a71b6caac49ba8c3d499b3cf15043aa669303
E-Blah Platinum is susceptible to cross site scripting via the use of HTTP_REFERER.
55babc2e2971ea8c2ef0b403d2867a558f33e305e565e64a60470a45507252f1
Direct download access of user password hashes in PHP Advanced Manager version 1.00 through 1.20 exists.
a67feb6dd1846b727f392b5ad41036cdb3fa20a1cde38238cf6dd80efae9093a