|
2011-02-19
|
|
eventum issue tracking system 2.3.1 - Persistent Cross-Site Scripting
|
9 |
WEB
|
Saif El-Sherei
|
|
2011-02-17
|
|
GAzie 5.10 - 'Login' Multiple Vulnerabilities
|
11 |
WEB
|
LiquidWorm
|
|
2011-02-17
|
|
WordPress Plugin User Photo Component - Arbitrary File Upload
|
10 |
WEB
|
ADVtools
|
|
2011-02-16
|
|
Rae Media Real Estate Multi Agent - SQL Injection
|
9 |
WEB
|
R4dc0re
|
|
2011-02-16
|
|
Rae Media Real Estate Single Agent - SQL Injection
|
9 |
WEB
|
R4dc0re
|
|
2011-02-15
|
|
Seo Panel 2.2.0 - SQL Injection
|
9 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-15
|
|
omegabill 1.0 build 6 - Multiple Vulnerabilities
|
9 |
WEB
|
AutoSec Tools
|
|
2011-02-15
|
|
Lingxia I.C.E CMS - Blind SQL Injection
|
9 |
WEB
|
mr_me
|
|
2011-02-15
|
|
phpMyBitTorrent 2.0.4 - SQL Injection
|
10 |
WEB
|
#forkbombers
|
|
2011-02-14
|
|
RunCMS 2.2.2 - Multiple Vulnerabilities
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-14
|
|
jSchool Advanced - SQL Injection
|
9 |
WEB
|
eXa.DisC
|
|
2011-02-14
|
|
AWCM 2.2 Final - Persistent Cross-Site Scripting
|
10 |
WEB
|
_84kur10_
|
|
2011-02-12
|
|
PixelPost 1.7.3 - Multiple POST SQL Injections
|
9 |
WEB
|
LiquidWorm
|
|
2011-02-12
|
|
Escort Agency CMS - Blind SQL Injection
|
11 |
WEB
|
NoNameMT
|
|
2011-02-12
|
|
TaskFreak! 0.6.4 - Multiple Cross-Site Scripting Vulnerabilities
|
9 |
WEB
|
LiquidWorm
|
|
2011-02-11
|
|
Openedit 5.1294 - Remote Code Execution
|
10 |
WEB
|
mr_me
|
|
2011-02-11
|
|
Kunena < 1.5.13 / < 1.6.3 - SQL Injection
|
9 |
WEB
|
Red Matter
|
|
2011-02-11
|
|
Geomi CMS 1.2/3.0 - SQL Injection
|
10 |
WEB
|
ThunDEr HeaD
|
|
2011-02-11
|
|
Horde - Horde_Image::factory driver Argument Local File Inclusion
|
9 |
WEB
|
skysbsb
|
|
2011-02-10
|
|
LocatePC 1.05 (Ligatt Version + Others) - SQL Injection
|
8 |
WEB
|
anonymous
|
|
2011-02-09
|
|
SourceBans 1.4.7 - Cross-Site Scripting
|
10 |
WEB
|
Sw1tCh
|
|
2011-02-09
|
|
WordPress Plugin Enable Media Replace - Multiple Vulnerabilities
|
10 |
WEB
|
Ulf Harnhammar
|
|
2011-02-09
|
|
MihanTools Script 1.3.3 - SQL Injection
|
13 |
WEB
|
WHITE_DEVIL
|
|
2011-02-09
|
|
Web 2.0 Social Network Freunde Community - SQL Injection
|
8 |
WEB
|
NoNameMT
|
|
2011-02-09
|
|
Auto Database System 1.0 Infusion Addon - SQL Injection
|
9 |
WEB
|
Saif
|
|
2011-02-08
|
|
AIOCP 1.4.001 - Cross-Site Request Forgery
|
8 |
WEB
|
AutoSec Tools
|
|
2011-02-08
|
|
dotProject 2.1.5 - Cross-Site Request Forgery
|
10 |
WEB
|
AutoSec Tools
|
|
2011-02-08
|
|
Model Agentur Script - SQL Injection
|
10 |
WEB
|
NoNameMT
|
|
2011-02-07
|
|
SWFupload 2.5.0 Beta 3 - Arbitrary File Upload
|
11 |
WEB
|
Daniel Godoy
|
|
2011-02-07
|
|
MyMarket 1.71 - 'index.php' SQL Injection
|
10 |
WEB
|
ahmadso
|
|
2011-02-07
|
|
jakcms 2.0 pro rc5 - Persistent Cross-Site Scripting via useragent http header Injection
|
11 |
WEB
|
Saif El-Sherei
|
|
2011-02-07
|
|
T-Content Managment System - Multiple Vulnerabilities
|
9 |
WEB
|
Daniel Godoy
|
|
2011-02-06
|
|
Dew-NewPHPLinks 2.1b - 'index.php' SQL Injection
|
10 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-02-05
|
|
Escort und Begleitservice Agentur Script - SQL Injection
|
10 |
WEB
|
NoNameMT
|
|
2011-02-05
|
|
Qcodo Development Framework 0.3.3 - Full Information Disclosure
|
10 |
WEB
|
Daniel Godoy
|
|
2011-02-05
|
|
Chamilo 1.8.7 / Dokeos 1.8.6 - Remote File Disclosure
|
11 |
WEB
|
beford
|
|
2011-02-04
|
|
osCommerce - Authentication Bypass
|
11 |
WEB
|
Nicolas Krassas
|
|
2011-02-04
|
|
reos 2.0.5 - Multiple Vulnerabilities
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-04
|
|
Podcast Generator 1.3 - Multiple Vulnerabilities
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-03
|
|
OemPro 3.6.4 - Multiple Vulnerabilities
|
10 |
WEB
|
Ignacio Garrido
|
|
2011-02-03
|
|
Islam Sound IV2 - 'details.php' SQL Injection
|
9 |
WEB
|
ZxH-Labs
|
|
2011-02-02
|
|
Zikula CMS 1.2.4 - Cross-Site Request Forgery
|
9 |
WEB
|
Aung Khant
|
|
2011-02-02
|
|
RedaxScript 0.3.2 - Multiple Vulnerabilities
|
9 |
WEB
|
High-Tech Bridge SA
|
|
2011-02-02
|
|
Raja Natarajan Guestbook 1.0 - Local File Inclusion
|
11 |
WEB
|
h0rd
|
|
2011-02-01
|
|
Joomla! 1.5/1.6 - JFilterInput Cross-Site Scripting Bypass
|
9 |
WEB
|
Jeff Channell
|
|
2011-02-01
|
|
TinyWebGallery 1.8.3 - Multiple Vulnerabilities
|
7 |
WEB
|
Yam Mesicka
|
|
2011-02-01
|
|
NetLink - Arbitrary File Upload
|
9 |
WEB
|
lumut--
|
|
2011-02-01
|
|
PMB Services 3.4.3 - SQL Injection
|
8 |
WEB
|
Luchador
|
|
2011-01-30
|
|
RW-Download 4.0.6 - 'index.php' SQL Injection
|
9 |
WEB
|
Dr.NeT
|
|
2011-01-30
|
|
vBSEO Sitemap 2.5/3.0 - Multiple Vulnerabilities
|
9 |
WEB
|
MaXe
|
|
2011-01-30
|
|
vBSEO 3.2.2/3.5.2 - Persistent Cross-Site Scripting via LinkBacks
|
10 |
WEB
|
MaXe
|
|
2011-01-29
|
|
MultiCMS - Local File Inclusion
|
10 |
WEB
|
R3VAN_BASTARD
|
|
2011-01-28
|
|
PHP Script Directory Software - 'sbcat_id' SQL Injection
|
9 |
WEB
|
h4ck3r
|
|
2011-01-28
|
|
PHP Classified ads software - 'cid' Blind SQL Injection
|
9 |
WEB
|
h4ck3r
|
|
2011-01-28
|
|
PHP Link Directory Software - 'sbcat_id' SQL Injection
|
9 |
WEB
|
h4ck3r
|
|
2011-01-27
|
|
comercioplus 5.6 - Multiple Vulnerabilities
|
10 |
WEB
|
Daniel Godoy
|
|
2011-01-26
|
|
Xnova Legacies 2009.2 - Cross-Site Request Forgery
|
8 |
WEB
|
Xploit A Day
|
|
2011-01-26
|
|
MultiPowUpload 2.1 - Arbitrary File Upload
|
9 |
WEB
|
DIES3L
|
|
2011-01-26
|
|
sap crystal report server 2008 - Directory Traversal
|
9 |
WEB
|
Dmitriy Chastuhin
|
|
2011-01-26
|
|
Froxlor 0.9.15 - Remote File Inclusion
|
9 |
WEB
|
DIES3L
|
|
2011-01-26
|
|
class.upload.php 0.30 - Arbitrary File Upload
|
9 |
WEB
|
DIES3L
|
|
2011-01-26
|
|
AWCM 2.2 Final - Local File Inclusion
|
10 |
WEB
|
Cucura
|
|
2011-01-26
|
|
PHPDirector Game Edition - 'game.php' SQL Injection
|
10 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-01-25
|
|
ab Web CMS 1.35 - Multiple Vulnerabilities
|
10 |
WEB
|
Dr.0rYX & Cr3W-DZ
|
|
2011-01-24
|
|
Joomla! Component com_b2portfolio 1.0.0 - Multiple SQL Injections
|
10 |
WEB
|
Salvatore Fresta
|
|
2011-01-23
|
|
PHP Link Directory 4.1.0 - Cross-Site Request Forgery (Add Admin)
|
10 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-01-23
|
|
PHP Coupon Script 6.0 - 'bus' Blind SQL Injection
|
8 |
WEB
|
h4ck3r
|
|
2011-01-22
|
|
cultbooking 2.0.4 - Multiple Vulnerabilities
|
9 |
WEB
|
LiquidWorm
|
|
2011-01-22
|
|
phpCMS 9.0 - Blind SQL Injection
|
13 |
WEB
|
eidelweiss
|
|
2011-01-20
|
|
PHP Lowbids - 'viewfaqs.php' Blind SQL Injection
|
9 |
WEB
|
h4ck3r
|
|
2011-01-20
|
|
phpCMS 2008 - SQL Injection
|
8 |
WEB
|
R3d-D3V!L
|
|
2011-01-19
|
|
PHP auctions - 'viewfaqs.php' Blind SQL Injection
|
8 |
WEB
|
h4ck3r
|
|
2011-01-19
|
|
Simploo CMS 1.7.1 - PHP Code Execution
|
8 |
WEB
|
David Vieira-Kurz
|
|
2011-01-18
|
|
N-13 News 3.4 - Cross-Site Request Forgery (Admin Add)
|
8 |
WEB
|
anT!-Tr0J4n
|
|
2011-01-18
|
|
CakePHP 1.3.5/1.2.8 - 'Unserialize()' File Inclusion
|
8 |
WEB
|
felix
|
|
2011-01-18
|
|
Joomla! Component allCineVid 1.0.0 - Blind SQL Injection
|
9 |
WEB
|
Salvatore Fresta
|
|
2011-01-17
|
|
AneCMS 1.3 - Persistent Cross-Site Scripting
|
9 |
WEB
|
Penguin
|
|
2011-01-17
|
|
SmoothWall Express 3.0 - Multiple Vulnerabilities
|
8 |
WEB
|
dave b
|
|
2011-01-17
|
|
PHP-Fusion Teams Structure Infusion Addon - SQL Injection
|
8 |
WEB
|
Saif
|
|
2011-01-16
|
|
AWBS 2.9.2 - 'cart.php' Blind SQL Injection
|
8 |
WEB
|
ShivX
|
|
2011-01-16
|
|
Joomla! Component com_people 1.0.0 - Local File Inclusion
|
8 |
WEB
|
ALTBTA
|
|
2011-01-16
|
|
Seo Panel 2.2.0 - Cookie-Rendered Persistent Cross-Site Scripting
|
8 |
WEB
|
Mark Stanislav
|
|
2011-01-16
|
|
BetMore Site Suite 4 - 'bid' Blind SQL Injection
|
8 |
WEB
|
h4ck3r
|
|
2011-01-16
|
|
MeshCMS 3.5 - Remote Code Execution
|
8 |
WEB
|
mr_me
|
|
2011-01-15
|
|
CompactCMS 1.4.1 - Multiple Vulnerabilities
|
8 |
WEB
|
Patrick de Brouwer
|
|
2011-01-15
|
|
glfusion CMS 1.2.1 - 'img' Persistent Cross-Site Scripting
|
10 |
WEB
|
Saif
|
|
2011-01-15
|
|
ViArt Shop 4.0.5 - Cross-Site Request Forgery
|
9 |
WEB
|
Or4nG.M4N
|
|
2011-01-14
|
|
Joomla! Component People 1.0.0 - SQL Injection
|
8 |
WEB
|
Salvatore Fresta
|
|
2011-01-13
|
|
SiteScape Enterprise Forum 7 - TCL Injection
|
8 |
WEB
|
Spencer McIntyre
|
|
2011-01-12
|
|
LifeType 1.2.10 - HTTP Referer Persistent Cross-Site Scripting
|
8 |
WEB
|
Saif El-Sherei
|
|
2011-01-12
|
|
Joomla! 1.5.22 / 1.6.0 - 'com_mailto' Spam Mail Relay
|
9 |
WEB
|
Jeff Channell
|
|
2011-01-11
|
|
whCMS 0.115 - Cross-Site Request Forgery
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2011-01-11
|
|
Cambio 0.5a - Cross-Site Request Forgery
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2011-01-11
|
|
diafan.cms 4.3 - Multiple Vulnerabilities
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2011-01-11
|
|
vam shop 1.6 - Multiple Vulnerabilities
|
6 |
WEB
|
High-Tech Bridge SA
|
|
2011-01-11
|
|
energine 2.3.8 - Multiple Vulnerabilities
|
9 |
WEB
|
High-Tech Bridge SA
|
|
2011-01-11
|
|
Extcalendar 2 - 'calendar.php' SQL Injection
|
9 |
WEB
|
Lagripe-Dz & Mca-Crb
|
|
2011-01-10
|
|
Lotus CMS Fraise 3.0 - Local File Inclusion / Remote Code Execution
|
9 |
WEB
|
mr_me
|
|
2011-01-10
|
|
TinyBB 1.2 - SQL Injection
|
9 |
WEB
|
Aodrulez
|
|
2011-01-10
|
|
Maximus CMS 1.1.2 - 'FCKeditor' Arbitrary File Upload
|
8 |
WEB
|
eidelweiss
|
|
2011-01-09
|
|
Joomla! Plugin Captcha 4.5.1 - Local File Disclosure
|
8 |
WEB
|
dun
|
|
2011-01-08
|
|
Zwii 2.1.1 - Remote File Inclusion
|
8 |
WEB
|
Abdi Mohamed
|
|
2011-01-08
|
|
WordPress Plugin mingle forum 1.0.26 - Multiple Vulnerabilities
|
8 |
WEB
|
Charles Hooper
|
|
2011-01-08
|
|
sahana agasti 0.6.5 - Multiple Vulnerabilities
|
10 |
WEB
|
dun
|
|
2011-01-08
|
|
Elxis CMS 2009.2 - Remote File Inclusion
|
8 |
WEB
|
n0n0x
|
|
2011-01-08
|
|
axdcms-0.1.1 - Local File Inclusion
|
8 |
WEB
|
n0n0x
|
|
2011-01-07
|
|
openSite 0.2.2 Beta - Local File Inclusion
|
9 |
WEB
|
n0n0x
|
|
2011-01-06
|
|
PHP MicroCMS 1.0.1 - Cross-Site Request Forgery / Cross-Site Scripting
|
8 |
WEB
|
High-Tech Bridge SA
|
|
2011-01-06
|
|
Phenotype CMS 3.0 - SQL Injection
|
7 |
WEB
|
High-Tech Bridge SA
|
|
2011-01-06
|
|
phpMySport 1.4 - SQL Injection / Authentication Bypass / Full Path Disclosure
|
7 |
WEB
|
High-Tech Bridge SA
|
|
2011-01-06
|
|
F3Site 2011 alfa 1 - Cross-Site Scripting / Cross-Site Request Forgery
|
7 |
WEB
|
High-Tech Bridge SA
|
|
2011-01-06
|
|
Openfire 3.6.4 - Multiple Cross-Site Request Forgery Vulnerabilities
|
7 |
WEB
|
Riyaz Ahemed Walikar
|
|
2011-01-06
|
|
Ignition 1.3 - 'comment.php' Local File Inclusion
|
8 |
WEB
|
n0n0x
|
|
2011-01-05
|
|
Concrete CMS 5.4.1.1 - Cross-Site Scripting / Remote Code Execution
|
8 |
WEB
|
mr_me
|
|
2011-01-05
|
|
PhpGedView 4.2.3 - Local File Inclusion
|
8 |
WEB
|
dun
|
|
2011-01-05
|
|
Nucleus 3.61 - Multiple Remote File Inclusions
|
7 |
WEB
|
n0n0x
|
|
2011-01-04
|
|
S40 CMS 0.4.1 - Cross-Site Request Forgery (Change Admin Password)
|
7 |
WEB
|
pentesters.ir
|
|
2011-01-03
|
|
Sahana Agasti 0.6.4 - Multiple Remote File Inclusions
|
7 |
WEB
|
n0n0x
|
|
2011-01-02
|
|
amoeba CMS 1.01 - Multiple Vulnerabilities
|
7 |
WEB
|
mr_me
|
|
2011-01-02
|
|
YourTube 1.0 - Cross-Site Request Forgery (Add User)
|
8 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-01-02
|
|
GALLARIFIC PHP Photo Gallery Script - 'gallery.php' SQL Injection
|
8 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-01-01
|
|
Tech Shop Technote 7 - SQL Injection
|
7 |
WEB
|
MaJ3stY
|
|
2011-01-01
|
|
Sahana Agasti 0.6.4 - SQL Injection
|
8 |
WEB
|
dun
|
|
2011-01-01
|
|
ChurchInfo 1.2.12 - SQL Injection
|
10 |
WEB
|
dun
|
|
2011-01-01
|
|
KLINK - SQL Injection
|
9 |
WEB
|
Mauro Rossi & Andres Gomez
|
