|
2011-05-25
|
|
AWStats Totals 1.14 multisort - Remote Command Execution (Metasploit)
|
8 |
WEB
|
Metasploit
|
|
2011-05-25
|
|
eGroupWare 1.8.001.20110421 - Multiple Vulnerabilities
|
7 |
WEB
|
AutoSec Tools
|
|
2011-05-25
|
|
Extcalendar 2.0b2 - 'cal_search.php' SQL Injection
|
5 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-25
|
|
i-doIT 0.9.9-4 - Local File Inclusion
|
6 |
WEB
|
AutoSec Tools
|
|
2011-05-25
|
|
Tickets 2.13 - SQL Injection
|
8 |
WEB
|
AutoSec Tools
|
|
2011-05-23
|
|
PHPortfolio - SQL Injection
|
8 |
WEB
|
lionaneesh
|
|
2011-05-23
|
|
vBulletin 4.0.x 4.1.2 - 'search.php' SQL Injection
|
9 |
WEB
|
D4rkB1t
|
|
2011-05-22
|
|
Tugux CMS 1.2 - Multiple Vulnerabilities
|
11 |
WEB
|
LiquidWorm
|
|
2011-05-21
|
|
E-Manage MySchool 7.02 - SQL Injection
|
10 |
WEB
|
az7rb
|
|
2011-05-20
|
|
PHP Captcha / Securimage 2.0.2 - Authentication Bypass
|
10 |
WEB
|
Sense of Security
|
|
2011-05-20
|
|
Zen Cart 1.3.9h - Multiple Vulnerabilities
|
10 |
WEB
|
Dr. Alberto Fontanella
|
|
2011-05-20
|
|
Ultimate PHP Board 2.2.7 - Broken Authentication and Session Management
|
10 |
WEB
|
i2sec
|
|
2011-05-18
|
|
Joomla! Component jDownloads 1.0 - Arbitrary File Upload
|
11 |
WEB
|
Al-Ghamdi
|
|
2011-05-17
|
|
Pligg CMS 1.1.4 - SQL Injection
|
9 |
WEB
|
Null-0x00
|
|
2011-05-17
|
|
WordPress Plugin Is-human 1.4.2 - Remote Command Execution
|
9 |
WEB
|
neworder
|
|
2011-05-16
|
|
Jcow 4.2.1 - Local File Inclusion
|
10 |
WEB
|
AutoSec Tools
|
|
2011-05-16
|
|
NoticeBoardPro 1.0 - Multiple Vulnerabilities
|
10 |
WEB
|
AutoSec Tools
|
|
2011-05-16
|
|
Vanilla Forum 2.0.17.9 - Local File Inclusion
|
10 |
WEB
|
AutoSec Tools
|
|
2011-05-16
|
|
MediaInSpot CMS - SQL Injection
|
10 |
WEB
|
Iolo Morganwg
|
|
2011-05-16
|
|
MediaInSpot CMS - Local File Inclusion (2)
|
9 |
WEB
|
wlhaan haker
|
|
2011-05-15
|
|
frame-oshop - SQL Injection
|
10 |
WEB
|
-SmoG-
|
|
2011-05-15
|
|
Joomla! Component com_question - SQL Injection
|
9 |
WEB
|
NeX HaCkEr
|
|
2011-05-14
|
|
osCommerce 2.3.1 - 'banner_manager.php' Arbitrary File Upload
|
10 |
WEB
|
Number 7
|
|
2011-05-14
|
|
WordPress Plugin EditorMonkey 2.5 - 'FCKeditor' Arbitrary File Upload
|
10 |
WEB
|
kaMtiEz
|
|
2011-05-12
|
|
Oracle GlassFish Server - Administration Console Authentication Bypass
|
11 |
WEB
|
Core Security
|
|
2011-05-10
|
|
Traidnt UP 2.0 - 'view.php' SQL Injection
|
9 |
WEB
|
ScOrPiOn
|
|
2011-05-09
|
|
Joomla! Component com_hello - SQL Injection
|
9 |
WEB
|
the_cyber_nuxbie
|
|
2011-05-09
|
|
Joomla! Component com_versioning - SQL Injection
|
9 |
WEB
|
the_cyber_nuxbie
|
|
2011-05-07
|
|
f-fileman 7.0 - Directory Traversal
|
8 |
WEB
|
Raffaele Forte
|
|
2011-05-06
|
|
VCalendar 1.1.5 - Cross-Site Request Forgery
|
11 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-06
|
|
phpThumb - 'phpThumbDebug' Information Disclosure
|
9 |
WEB
|
mook
|
|
2011-05-06
|
|
PHPDug 2.0.0 - Multiple Vulnerabilities
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2011-05-04
|
|
Sothink DHTML Menu - SQL Injection
|
10 |
WEB
|
Caddy-Dz
|
|
2011-05-03
|
|
Time and Expense Management System - Multiple Vulnerabilities
|
10 |
WEB
|
AutoSec Tools
|
|
2011-05-03
|
|
Front Accounting 2.3.4 - Cross-Site Request Forgery
|
8 |
WEB
|
AutoSec Tools
|
|
2011-05-03
|
|
Horizon Web Builder - 'fshow.php' SQL Injection
|
9 |
WEB
|
Iolo Morganwg
|
|
2011-05-02
|
|
Travel411 - SQL Injection
|
9 |
WEB
|
Caddy-Dz
|
|
2011-05-02
|
|
Exponent CMS 2.0 Beta 1.1 - Cross-Site Request Forgery (Add Administrator Account)
|
9 |
WEB
|
outlaw.dll
|
|
2011-05-02
|
|
Parnian Opendata CMS - SQL Injection
|
9 |
WEB
|
Alexander
|
|
2011-04-29
|
|
SOOP Portal Raven 1.0b - SQL Injection
|
8 |
WEB
|
Evil-Thinker
|
|
2011-04-29
|
|
phpGraphy 0.9.13b - Multiple Vulnerabilities
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-28
|
|
kusaba x 0.9.1 - Multiple Vulnerabilities
|
8 |
WEB
|
Emilio Pinna
|
|
2011-04-28
|
|
eyeos 1.9.0.2 - Persistent Cross-Site Scripting Using Image Files
|
7 |
WEB
|
Alberto Ortega
|
|
2011-04-27
|
|
Symphony CMS 2.1.2 - Blind SQL Injection
|
10 |
WEB
|
Wireghoul
|
|
2011-04-26
|
|
Quick.CMS 3.0 - Cross-Site Request Forgery
|
11 |
WEB
|
^Xecuti0N3r
|
|
2011-04-26
|
|
Snom IP Phone Web Interface < 8 - Multiple Vulnerabilities
|
8 |
WEB
|
Yakir Wizman
|
|
2011-04-26
|
|
WordPress Plugin SermonBrowser 0.43 - SQL Injection
|
7 |
WEB
|
Ma3sTr0-Dz
|
|
2011-04-25
|
|
phpmychat plus 1.93 - Multiple Vulnerabilities
|
7 |
WEB
|
AutoSec Tools
|
|
2011-04-25
|
|
OrangeHRM 2.6.3 - 'PluginController.php' Local File Inclusion
|
8 |
WEB
|
AutoSec Tools
|
|
2011-04-25
|
|
mySeatXT 0.1781 - SQL Injection
|
10 |
WEB
|
AutoSec Tools
|
|
2011-04-24
|
|
SoftMP3 - SQL Injection
|
10 |
WEB
|
mArTi
|
|
2011-04-22
|
|
WordPress Plugin Ajax Category Dropdown 0.1.5 - Multiple Vulnerabilities
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-22
|
|
Realmarketing CMS - Multiple SQL Injections
|
10 |
WEB
|
^Xecuti0N3r
|
|
2011-04-22
|
|
4Images 1.7.9 - Multiple Vulnerabilities
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-22
|
|
DynMedia Pro Web CMS 4.0 - Local File Disclosure
|
9 |
WEB
|
Mbah_Semar
|
|
2011-04-22
|
|
Web2Project 2.3 - SQL Injection
|
7 |
WEB
|
AutoSec Tools
|
|
2011-04-22
|
|
Dolibarr ERP/CRM 3.0.0 - Multiple Vulnerabilities
|
8 |
WEB
|
AutoSec Tools
|
|
2011-04-22
|
|
ZenPhoto 1.4.0.3 - x-forwarded-for HTTP Header Persistent Cross-Site Scripting
|
9 |
WEB
|
Saif
|
|
2011-04-22
|
|
360 Web Manager 3.0 - Multiple Vulnerabilities
|
7 |
WEB
|
Ignacio Garrido
|
|
2011-04-22
|
|
First Escort Marketing CMS - Multiple SQL Injections Vulnerabilities
|
7 |
WEB
|
NoNameMT
|
|
2011-04-20
|
|
SocialCMS 1.0.2 - Multiple Cross-Site Request Forgery Vulnerabilities
|
8 |
WEB
|
vir0e5
|
|
2011-04-20
|
|
docuFORM Mercury WebApp 6.16a/5.20 - Multiple Cross-Site Scripting Vulnerabilities
|
8 |
WEB
|
LiquidWorm
|
|
2011-04-20
|
|
Ultimate eShop - Error-Based SQL Injection
|
8 |
WEB
|
Romka
|
|
2011-04-19
|
|
dalbum 1.43 - Multiple Vulnerabilities
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-17
|
|
osPHPSite - SQL Injection
|
8 |
WEB
|
vir0e5
|
|
2011-04-16
|
|
Shape Web Solutions CMS - SQL Injection
|
8 |
WEB
|
Ashiyane Digital Security Team
|
|
2011-04-16
|
|
Bedder CMS - Blind SQL Injection
|
8 |
WEB
|
^Xecuti0N3r
|
|
2011-04-16
|
|
Blue Hat - Sensitive Database Disclosure / SQL Injection
|
12 |
WEB
|
^Xecuti0N3r
|
|
2011-04-16
|
|
SoftXMLCMS - Arbitrary File Upload
|
10 |
WEB
|
Alexander
|
|
2011-04-15
|
|
SQL-Ledger 2.8.33 - (Authenticated) Local File Inclusion / Edit
|
10 |
WEB
|
bitform
|
|
2011-04-15
|
|
TextAds 2.08 Script - Cross-Site Scripting
|
9 |
WEB
|
Ashiyane Digital Security Team
|
|
2011-04-15
|
|
cPassMan 1.82 - Arbitrary File Download
|
9 |
WEB
|
Sense of Security
|
|
2011-04-14
|
|
EZ-Shop 1.02 - Lateral SQL Injection
|
9 |
WEB
|
Osirys
|
|
2011-04-13
|
|
TinyBB 1.4 - Blind SQL Injection / Full Path Disclosure
|
9 |
WEB
|
swami
|
|
2011-04-11
|
|
K-Links - Link Directory Script SQL Injection
|
13 |
WEB
|
R3d-D3V!L
|
|
2011-04-10
|
|
Point Market System 3.1x vBulletin plugin - SQL Injection
|
9 |
WEB
|
Net.Edit0r
|
|
2011-04-09
|
|
Nooms CMS 1.1.1 - Cross-Site Request Forgery
|
7 |
WEB
|
loneferret
|
|
2011-04-09
|
|
Joomla! Component joomlacontenteditor - Blind SQL Injection
|
8 |
WEB
|
eidelweiss
|
|
2011-04-08
|
|
viscacha 0.8.1 - Multiple Vulnerabilities
|
7 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-08
|
|
phpcollab 2.5 - Multiple Vulnerabilities
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-08
|
|
Joomla! Component com_virtuemart 1.1.7 - Blind SQL Injection
|
7 |
WEB
|
TecR0c & mr_me
|
|
2011-04-07
|
|
S40 CMS 0.4.2b - Local File Inclusion
|
7 |
WEB
|
Osirys
|
|
2011-04-06
|
|
greenpants 0.1.7 - Multiple Vulnerabilities
|
7 |
WEB
|
Ptrace Security
|
|
2011-04-06
|
|
eyeos 2.3 - Multiple Vulnerabilities
|
6 |
WEB
|
AutoSec Tools
|
|
2011-04-06
|
|
Graugon Forum 1.3 - SQL Injection
|
7 |
WEB
|
AutoSec Tools
|
|
2011-04-06
|
|
Dream Vision Technologies Web Portal - SQL Injection
|
8 |
WEB
|
eXeSoul
|
|
2011-04-05
|
|
Tutorialms 1.4 - 'show' SQL Injection
|
8 |
WEB
|
LiquidWorm
|
|
2011-04-05
|
|
WordPress Plugin Custom Pages 0.5.0.1 - Local File Inclusion
|
9 |
WEB
|
AutoSec Tools
|
|
2011-04-05
|
|
OpenEMR 4.0.0 - Multiple Vulnerabilities
|
7 |
WEB
|
AutoSec Tools
|
|
2011-04-04
|
|
Planet FPS-1101 - Cross-Site Scripting
|
7 |
WEB
|
b0telh0
|
|
2011-04-04
|
|
Longshine Multiple Print Servers - Cross-Site Scripting
|
7 |
WEB
|
b0telh0
|
|
2011-04-04
|
|
ZO Tech Multiple Print Servers - Cross-Site Scripting
|
7 |
WEB
|
b0telh0
|
|
2011-04-04
|
|
Planex Mini-300PU & Mini100s - Cross-Site Scripting
|
7 |
WEB
|
b0telh0
|
|
2011-04-04
|
|
TP-Link TL-PS110U / TL-PS110P - Cross-Site Scripting
|
6 |
WEB
|
b0telh0
|
|
2011-04-04
|
|
Encore ENPS-2012 - Cross-Site Scripting
|
7 |
WEB
|
b0telh0
|
|
2011-04-04
|
|
Yaws-Wiki 1.88-1 (Erlang) - Persistent / Reflective Cross-Site Scripting
|
7 |
WEB
|
Michael Brooks
|
|
2011-04-04
|
|
DoceboLms 4.0.4 - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
7 |
WEB
|
LiquidWorm
|
|
2011-04-03
|
|
OpenCart 1.4.9 - Multiple Local File Inclusions
|
7 |
WEB
|
KedAns-Dz
|
|
2011-04-03
|
|
Banner Ad Management Script - SQL Injection
|
7 |
WEB
|
Egyptian.H4x0rz
|
|
2011-04-03
|
|
Rash CMS - SQL Injection
|
6 |
WEB
|
keracker
|
|
2011-04-03
|
|
Advanced Image Hosting 2.2 - 'index.php' SQL Injection
|
7 |
WEB
|
keracker
|
|
2011-04-02
|
|
Anzeigenmarkt 2011 - 'index.php' SQL Injection
|
7 |
WEB
|
Easy Laster
|
|
2011-04-02
|
|
ilchClan 1.0.5 - 'regist.php' SQL Injection
|
7 |
WEB
|
Easy Laster
|
|
2011-04-02
|
|
spidaNews 1.0 - 'news.php?id' SQL Injection
|
7 |
WEB
|
Easy Laster
|
|
2011-04-01
|
|
Feng Office 1.7.3.3 - Cross-Site Request Forgery
|
7 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-01
|
|
InTerra Blog Machine 1.84 - Cross-Site Scripting
|
7 |
WEB
|
High-Tech Bridge SA
|
|
2011-04-01
|
|
Allomani Super MultiMedia Library 2.5.0 - Cross-Site Request Forgery (Add Admin)
|
7 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-04-01
|
|
Allomani Audio and Video Library 2.7.0 - Cross-Site Request Forgery (Add Admin)
|
7 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-04-01
|
|
Allomani Web Links 1.0 - Cross-Site Request Forgery (Add Admin)
|
7 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-04-01
|
|
Allomani Movies Library 2.0 - Cross-Site Request Forgery (Add Admin)
|
7 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-04-01
|
|
Allomani News 1.0 - Cross-Site Request Forgery (Add Admin)
|
7 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-04-01
|
|
Allomani E-Store 1.0 - Cross-Site Request Forgery (Add Admin) (2)
|
7 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-03-31
|
|
PHPBoost 3.0 - Remote Download Backup
|
7 |
WEB
|
KedAns-Dz
|
|
2011-03-30
|
|
Andy's PHP KnowledgeBase 0.95.2 - 'viewusers.php' SQL Injection
|
8 |
WEB
|
Mark Stanislav
|
|
2011-03-30
|
|
CosmoQuest - Authentication Bypass
|
6 |
WEB
|
Net.Edit0r
|
|
2011-03-30
|
|
BigACE 2.7.5 - Arbitrary File Upload
|
6 |
WEB
|
Net.Edit0r
|
|
2011-03-30
|
|
IrIran Shoping Script - SQL Injection
|
8 |
WEB
|
Net.Edit0r
|
|
2011-03-30
|
|
Pligg CMS 1.1.3 - Multiple Vulnerabilities
|
8 |
WEB
|
Jelmer de Hen
|
|
2011-03-30
|
|
YaCOMAS 0.3.6 Alpha - Multiple Vulnerabilities
|
8 |
WEB
|
Pr@fesOr X
|
|
2011-03-29
|
|
oscss2 2.1.0 rc12 - Multiple Vulnerabilities
|
8 |
WEB
|
AutoSec Tools
|
|
2011-03-29
|
|
Claroline 1.10 - Persistent Cross-Site Scripting
|
8 |
WEB
|
AutoSec Tools
|
|
2011-03-29
|
|
Andy's PHP KnowledgeBase 0.95.4 - SQL Injection
|
7 |
WEB
|
AutoSec Tools
|
|
2011-03-28
|
|
webEdition CMS - Local File Inclusion
|
9 |
WEB
|
eidelweiss
|
|
2011-03-28
|
|
WordPress Plugin BackWPup - Remote Code Execution / Local Code Execution
|
8 |
WEB
|
Sense of Security
|
|
2011-03-28
|
|
Honey Soft Web Solution - Multiple Vulnerabilities
|
8 |
WEB
|
**RoAd_KiLlEr**
|
