|
2011-05-06
|
|
phpThumb - 'phpThumbDebug' Information Disclosure
|
4 |
WEB
|
mook
|
|
2011-05-06
|
|
PHPDug 2.0.0 - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-04
|
|
Sothink DHTML Menu - SQL Injection
|
4 |
WEB
|
Caddy-Dz
|
|
2011-05-03
|
|
Time and Expense Management System - Multiple Vulnerabilities
|
5 |
WEB
|
AutoSec Tools
|
|
2011-05-03
|
|
Front Accounting 2.3.4 - Cross-Site Request Forgery
|
4 |
WEB
|
AutoSec Tools
|
|
2011-05-03
|
|
Horizon Web Builder - 'fshow.php' SQL Injection
|
3 |
WEB
|
Iolo Morganwg
|
|
2011-05-02
|
|
Travel411 - SQL Injection
|
4 |
WEB
|
Caddy-Dz
|
|
2011-05-02
|
|
Exponent CMS 2.0 Beta 1.1 - Cross-Site Request Forgery (Add Administrator Account)
|
4 |
WEB
|
outlaw.dll
|
|
2011-05-02
|
|
Parnian Opendata CMS - SQL Injection
|
5 |
WEB
|
Alexander
|
|
2011-04-29
|
|
SOOP Portal Raven 1.0b - SQL Injection
|
4 |
WEB
|
Evil-Thinker
|
|
2011-04-29
|
|
phpGraphy 0.9.13b - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-28
|
|
kusaba x 0.9.1 - Multiple Vulnerabilities
|
4 |
WEB
|
Emilio Pinna
|
|
2011-04-28
|
|
eyeos 1.9.0.2 - Persistent Cross-Site Scripting Using Image Files
|
3 |
WEB
|
Alberto Ortega
|
|
2011-04-27
|
|
Symphony CMS 2.1.2 - Blind SQL Injection
|
5 |
WEB
|
Wireghoul
|
|
2011-04-26
|
|
Quick.CMS 3.0 - Cross-Site Request Forgery
|
5 |
WEB
|
^Xecuti0N3r
|
|
2011-04-26
|
|
Snom IP Phone Web Interface < 8 - Multiple Vulnerabilities
|
4 |
WEB
|
Yakir Wizman
|
|
2011-04-26
|
|
WordPress Plugin SermonBrowser 0.43 - SQL Injection
|
4 |
WEB
|
Ma3sTr0-Dz
|
|
2011-04-25
|
|
phpmychat plus 1.93 - Multiple Vulnerabilities
|
3 |
WEB
|
AutoSec Tools
|
|
2011-04-25
|
|
OrangeHRM 2.6.3 - 'PluginController.php' Local File Inclusion
|
4 |
WEB
|
AutoSec Tools
|
|
2011-04-25
|
|
mySeatXT 0.1781 - SQL Injection
|
5 |
WEB
|
AutoSec Tools
|
|
2011-04-24
|
|
SoftMP3 - SQL Injection
|
4 |
WEB
|
mArTi
|
|
2011-04-22
|
|
WordPress Plugin Ajax Category Dropdown 0.1.5 - Multiple Vulnerabilities
|
5 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-22
|
|
Realmarketing CMS - Multiple SQL Injections
|
5 |
WEB
|
^Xecuti0N3r
|
|
2011-04-22
|
|
4Images 1.7.9 - Multiple Vulnerabilities
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-22
|
|
DynMedia Pro Web CMS 4.0 - Local File Disclosure
|
4 |
WEB
|
Mbah_Semar
|
|
2011-04-22
|
|
Web2Project 2.3 - SQL Injection
|
4 |
WEB
|
AutoSec Tools
|
|
2011-04-22
|
|
Dolibarr ERP/CRM 3.0.0 - Multiple Vulnerabilities
|
4 |
WEB
|
AutoSec Tools
|
|
2011-04-22
|
|
ZenPhoto 1.4.0.3 - x-forwarded-for HTTP Header Persistent Cross-Site Scripting
|
4 |
WEB
|
Saif
|
|
2011-04-22
|
|
360 Web Manager 3.0 - Multiple Vulnerabilities
|
4 |
WEB
|
Ignacio Garrido
|
|
2011-04-22
|
|
First Escort Marketing CMS - Multiple SQL Injections Vulnerabilities
|
4 |
WEB
|
NoNameMT
|
|
2011-04-20
|
|
SocialCMS 1.0.2 - Multiple Cross-Site Request Forgery Vulnerabilities
|
4 |
WEB
|
vir0e5
|
|
2011-04-20
|
|
docuFORM Mercury WebApp 6.16a/5.20 - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
LiquidWorm
|
|
2011-04-20
|
|
Ultimate eShop - Error-Based SQL Injection
|
4 |
WEB
|
Romka
|
|
2011-04-19
|
|
dalbum 1.43 - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-17
|
|
osPHPSite - SQL Injection
|
5 |
WEB
|
vir0e5
|
|
2011-04-16
|
|
Shape Web Solutions CMS - SQL Injection
|
5 |
WEB
|
Ashiyane Digital Security Team
|
|
2011-04-16
|
|
Bedder CMS - Blind SQL Injection
|
5 |
WEB
|
^Xecuti0N3r
|
|
2011-04-16
|
|
Blue Hat - Sensitive Database Disclosure / SQL Injection
|
6 |
WEB
|
^Xecuti0N3r
|
|
2011-04-16
|
|
SoftXMLCMS - Arbitrary File Upload
|
5 |
WEB
|
Alexander
|
|
2011-04-15
|
|
SQL-Ledger 2.8.33 - (Authenticated) Local File Inclusion / Edit
|
5 |
WEB
|
bitform
|
|
2011-04-15
|
|
TextAds 2.08 Script - Cross-Site Scripting
|
5 |
WEB
|
Ashiyane Digital Security Team
|
|
2011-04-15
|
|
cPassMan 1.82 - Arbitrary File Download
|
5 |
WEB
|
Sense of Security
|
|
2011-04-14
|
|
EZ-Shop 1.02 - Lateral SQL Injection
|
5 |
WEB
|
Osirys
|
|
2011-04-13
|
|
TinyBB 1.4 - Blind SQL Injection / Full Path Disclosure
|
5 |
WEB
|
swami
|
|
2011-04-11
|
|
K-Links - Link Directory Script SQL Injection
|
6 |
WEB
|
R3d-D3V!L
|
|
2011-04-10
|
|
Point Market System 3.1x vBulletin plugin - SQL Injection
|
4 |
WEB
|
Net.Edit0r
|
|
2011-04-09
|
|
Nooms CMS 1.1.1 - Cross-Site Request Forgery
|
4 |
WEB
|
loneferret
|
|
2011-04-09
|
|
Joomla! Component joomlacontenteditor - Blind SQL Injection
|
4 |
WEB
|
eidelweiss
|
|
2011-04-08
|
|
viscacha 0.8.1 - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-08
|
|
phpcollab 2.5 - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-08
|
|
Joomla! Component com_virtuemart 1.1.7 - Blind SQL Injection
|
3 |
WEB
|
TecR0c & mr_me
|
|
2011-04-07
|
|
S40 CMS 0.4.2b - Local File Inclusion
|
4 |
WEB
|
Osirys
|
|
2011-04-06
|
|
greenpants 0.1.7 - Multiple Vulnerabilities
|
4 |
WEB
|
Ptrace Security
|
|
2011-04-06
|
|
eyeos 2.3 - Multiple Vulnerabilities
|
3 |
WEB
|
AutoSec Tools
|
|
2011-04-06
|
|
Graugon Forum 1.3 - SQL Injection
|
4 |
WEB
|
AutoSec Tools
|
|
2011-04-06
|
|
Dream Vision Technologies Web Portal - SQL Injection
|
5 |
WEB
|
eXeSoul
|
|
2011-04-05
|
|
Tutorialms 1.4 - 'show' SQL Injection
|
4 |
WEB
|
LiquidWorm
|
|
2011-04-05
|
|
WordPress Plugin Custom Pages 0.5.0.1 - Local File Inclusion
|
5 |
WEB
|
AutoSec Tools
|
|
2011-04-05
|
|
OpenEMR 4.0.0 - Multiple Vulnerabilities
|
4 |
WEB
|
AutoSec Tools
|
|
2011-04-04
|
|
Planet FPS-1101 - Cross-Site Scripting
|
4 |
WEB
|
b0telh0
|
|
2011-04-04
|
|
Longshine Multiple Print Servers - Cross-Site Scripting
|
4 |
WEB
|
b0telh0
|
|
2011-04-04
|
|
ZO Tech Multiple Print Servers - Cross-Site Scripting
|
4 |
WEB
|
b0telh0
|
|
2011-04-04
|
|
Planex Mini-300PU & Mini100s - Cross-Site Scripting
|
4 |
WEB
|
b0telh0
|
|
2011-04-04
|
|
TP-Link TL-PS110U / TL-PS110P - Cross-Site Scripting
|
3 |
WEB
|
b0telh0
|
|
2011-04-04
|
|
Encore ENPS-2012 - Cross-Site Scripting
|
4 |
WEB
|
b0telh0
|
|
2011-04-04
|
|
Yaws-Wiki 1.88-1 (Erlang) - Persistent / Reflective Cross-Site Scripting
|
4 |
WEB
|
Michael Brooks
|
|
2011-04-04
|
|
DoceboLms 4.0.4 - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
LiquidWorm
|
|
2011-04-03
|
|
OpenCart 1.4.9 - Multiple Local File Inclusions
|
4 |
WEB
|
KedAns-Dz
|
|
2011-04-03
|
|
Banner Ad Management Script - SQL Injection
|
4 |
WEB
|
Egyptian.H4x0rz
|
|
2011-04-03
|
|
Rash CMS - SQL Injection
|
3 |
WEB
|
keracker
|
|
2011-04-03
|
|
Advanced Image Hosting 2.2 - 'index.php' SQL Injection
|
4 |
WEB
|
keracker
|
|
2011-04-02
|
|
Anzeigenmarkt 2011 - 'index.php' SQL Injection
|
4 |
WEB
|
Easy Laster
|
|
2011-04-02
|
|
ilchClan 1.0.5 - 'regist.php' SQL Injection
|
4 |
WEB
|
Easy Laster
|
|
2011-04-02
|
|
spidaNews 1.0 - 'news.php?id' SQL Injection
|
4 |
WEB
|
Easy Laster
|
|
2011-04-01
|
|
Feng Office 1.7.3.3 - Cross-Site Request Forgery
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-01
|
|
InTerra Blog Machine 1.84 - Cross-Site Scripting
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-01
|
|
Allomani Super MultiMedia Library 2.5.0 - Cross-Site Request Forgery (Add Admin)
|
4 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-04-01
|
|
Allomani Audio and Video Library 2.7.0 - Cross-Site Request Forgery (Add Admin)
|
4 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-04-01
|
|
Allomani Web Links 1.0 - Cross-Site Request Forgery (Add Admin)
|
4 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-04-01
|
|
Allomani Movies Library 2.0 - Cross-Site Request Forgery (Add Admin)
|
4 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-04-01
|
|
Allomani News 1.0 - Cross-Site Request Forgery (Add Admin)
|
3 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-04-01
|
|
Allomani E-Store 1.0 - Cross-Site Request Forgery (Add Admin) (2)
|
4 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-03-31
|
|
PHPBoost 3.0 - Remote Download Backup
|
4 |
WEB
|
KedAns-Dz
|
|
2011-03-30
|
|
Andy's PHP KnowledgeBase 0.95.2 - 'viewusers.php' SQL Injection
|
5 |
WEB
|
Mark Stanislav
|
|
2011-03-30
|
|
CosmoQuest - Authentication Bypass
|
3 |
WEB
|
Net.Edit0r
|
|
2011-03-30
|
|
BigACE 2.7.5 - Arbitrary File Upload
|
3 |
WEB
|
Net.Edit0r
|
|
2011-03-30
|
|
IrIran Shoping Script - SQL Injection
|
4 |
WEB
|
Net.Edit0r
|
|
2011-03-30
|
|
Pligg CMS 1.1.3 - Multiple Vulnerabilities
|
4 |
WEB
|
Jelmer de Hen
|
|
2011-03-30
|
|
YaCOMAS 0.3.6 Alpha - Multiple Vulnerabilities
|
4 |
WEB
|
Pr@fesOr X
|
|
2011-03-29
|
|
oscss2 2.1.0 rc12 - Multiple Vulnerabilities
|
4 |
WEB
|
AutoSec Tools
|
|
2011-03-29
|
|
Claroline 1.10 - Persistent Cross-Site Scripting
|
4 |
WEB
|
AutoSec Tools
|
|
2011-03-29
|
|
Andy's PHP KnowledgeBase 0.95.4 - SQL Injection
|
3 |
WEB
|
AutoSec Tools
|
|
2011-03-28
|
|
webEdition CMS - Local File Inclusion
|
4 |
WEB
|
eidelweiss
|
|
2011-03-28
|
|
WordPress Plugin BackWPup - Remote Code Execution / Local Code Execution
|
3 |
WEB
|
Sense of Security
|
|
2011-03-28
|
|
Honey Soft Web Solution - Multiple Vulnerabilities
|
4 |
WEB
|
**RoAd_KiLlEr**
|
|
2011-03-27
|
|
webEdition CMS 6.1.0.2 - Multiple Vulnerabilities
|
4 |
WEB
|
AutoSec Tools
|
|
2011-03-27
|
|
SimplisCMS 1.0.3.0 - Multiple Vulnerabilities
|
4 |
WEB
|
NassRawI
|
|
2011-03-26
|
|
Family Connections CMS 2.3.2 - Persistent Cross-Site Scripting / XML Injection
|
4 |
WEB
|
LiquidWorm
|
|
2011-03-24
|
|
SyndeoCMS 2.8.02 - Multiple Vulnerabilities (2)
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-23
|
|
Web Wiz Forum - Injection
|
4 |
WEB
|
eXeSoul
|
|
2011-03-23
|
|
Constructr CMS 3.03 - Arbitrary File Upload
|
4 |
WEB
|
plucky
|
|
2011-03-23
|
|
Symantec LiveUpdate Administrator Management GUI - HTML Injection
|
4 |
WEB
|
Nikolas Sotiriu
|
|
2011-03-21
|
|
Shimbi CMS - Multiple SQL Injections
|
3 |
WEB
|
p0pc0rn
|
|
2011-03-21
|
|
EAFlashUpload 2.5 - Arbitrary File Upload
|
4 |
WEB
|
Daniel Godoy
|
|
2011-03-21
|
|
Element-IT PowUpload 1.3 - Arbitrary File Upload
|
4 |
WEB
|
Daniel Godoy
|
|
2011-03-21
|
|
CMS Lokomedia 1.5 - Arbitrary File Upload
|
4 |
WEB
|
eidelweiss
|
|
2011-03-20
|
|
Douran 3.9.7.8 - File Download/Source Code Disclosure
|
4 |
WEB
|
AJAX Security Team
|
|
2011-03-19
|
|
CMS Balitbang 3.3 - Arbitrary File Upload
|
5 |
WEB
|
eidelweiss
|
|
2011-03-19
|
|
Phpbuddies - Arbitrary File Upload
|
5 |
WEB
|
Xr0b0t
|
|
2011-03-19
|
|
Balitbang CMS 3.3 - Multiple Vulnerabilities
|
4 |
WEB
|
Xr0b0t
|
|
2011-03-19
|
|
Kleophatra 0.1.4 - Arbitrary File Upload
|
4 |
WEB
|
Xr0b0t
|
|
2011-03-18
|
|
iCMS 1.1 - Admin SQL Injection / Brute Force
|
4 |
WEB
|
TecR0c
|
|
2011-03-18
|
|
CMS Loko Media - Local File Download
|
4 |
WEB
|
Xr0b0t
|
|
2011-03-18
|
|
Tugux CMS - 'nid' Blind SQL Injection
|
4 |
WEB
|
eidelweiss
|
|
2011-03-17
|
|
Tugux CMS 1.0_final - Multiple Vulnerabilities
|
4 |
WEB
|
Aodrulez
|
|
2011-03-17
|
|
Joomla! Component com_booklibrary - SQL Injection
|
4 |
WEB
|
Marc Doudiet
|
|
2011-03-17
|
|
Joomla! 1.6 - Multiple SQL Injections
|
4 |
WEB
|
Aung Khant
|
|
2011-03-16
|
|
b2evolution 4.0.3 - Persistent Cross-Site Scripting
|
4 |
WEB
|
AutoSec Tools
|
|
2011-03-16
|
|
WikiWig 5.01 - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
AutoSec Tools
|
|
2011-03-16
|
|
pointter PHP content management system 1.2 - Multiple Vulnerabilities
|
4 |
WEB
|
LiquidWorm
|
|
2011-03-16
|
|
LotusCMS 3.0.3 - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2011-03-15
|
|
IF-CMS 2.07 - Local File Inclusion (1)
|
5 |
WEB
|
TecR0c
|
|
2011-03-14
|
|
SmarterMail 8.0 - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Hoyt LLC Research
|
|
2011-03-14
|
|
Log1 CMS 2.0 - Multiple Vulnerabilities
|
4 |
WEB
|
Aodrulez
|
|
2011-03-13
|
|
Cover Vision - SQL Injection
|
4 |
WEB
|
Egyptian.H4x0rz
|
