|
2010-12-24
|
|
iDevSpot iDevCart 1.10 - Multiple Local File Inclusions
|
4 |
WEB
|
v3n0m
|
|
2010-12-23
|
|
CubeCart 3.0.4 - SQL Injection
|
4 |
WEB
|
Dr.NeT
|
|
2010-12-23
|
|
Joomla! Component com_adsmanager - Remote File Inclusion
|
4 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2010-12-23
|
|
Joomla! Component com_ponygallery - Remote File Inclusion
|
4 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2010-12-23
|
|
IPN Development Handler 2.0 - Multiple Vulnerabilities
|
4 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2010-12-23
|
|
Ypninc Realty Classifieds - SQL Injection
|
4 |
WEB
|
Br0ly
|
|
2010-12-23
|
|
Built2Go PHP Shopping - SQL Injection
|
4 |
WEB
|
Br0ly
|
|
2010-12-23
|
|
D-Link WBR-1310 - Authentication Bypass
|
4 |
WEB
|
Craig Heffner
|
|
2010-12-22
|
|
WordPress Plugin Accept Signups 0.1 - Cross-Site Scripting
|
4 |
WEB
|
clshack
|
|
2010-12-22
|
|
Mitel AWC - Command Execution
|
3 |
WEB
|
Procheckup
|
|
2010-12-21
|
|
jobappr 1.4 - Multiple Vulnerabilities
|
4 |
WEB
|
giudinvx
|
|
2010-12-21
|
|
Joomla! Component com_xgallery 1.0 - Local File Inclusion
|
3 |
WEB
|
KelvinX
|
|
2010-12-21
|
|
html-edit CMS - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-21
|
|
Habari Blog - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-21
|
|
Injader CMS - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-21
|
|
Hycus CMS - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-21
|
|
S9Y Serendipity 1.5.4 - Arbitrary File Upload
|
4 |
WEB
|
pentesters.ir
|
|
2010-12-20
|
|
Vacation Rental Script 4.0 - Arbitrary File Upload
|
4 |
WEB
|
Br0ly
|
|
2010-12-20
|
|
Joomla! Component JotLoader 2.2.1 - Local File Inclusion
|
4 |
WEB
|
v3n0m
|
|
2010-12-20
|
|
PHP Web Scripts Ad Manager Pro 3.0 - SQL Injection
|
4 |
WEB
|
R4dc0re
|
|
2010-12-20
|
|
plx Ad Trader 3.2 - Authentication Bypass
|
4 |
WEB
|
R4dc0re
|
|
2010-12-20
|
|
Elcom CommunityManager.NET - Authentication Bypass
|
3 |
WEB
|
Sense of Security
|
|
2010-12-20
|
|
PHP-Nuke MaticMarket 2.02 - Local File Inclusion
|
4 |
WEB
|
xer0x
|
|
2010-12-20
|
|
Inout Webmail Script - Persistent Cross-Site Scripting
|
5 |
WEB
|
Sid3^effects
|
|
2010-12-19
|
|
Joomla! Component JE Auto - Local File Inclusion
|
4 |
WEB
|
Sid3^effects
|
|
2010-12-19
|
|
Oto Galery 1.0 - Multiple SQL Injections
|
3 |
WEB
|
DeadLy DeMon
|
|
2010-12-18
|
|
Virtual Store Open 3.0 - Acess SQL Injection
|
4 |
WEB
|
Br0ly
|
|
2010-12-18
|
|
Mafia Game Script - SQL Injection
|
5 |
WEB
|
DeadLy DeMon
|
|
2010-12-18
|
|
Projekt Shop - 'details.php' Multiple SQL Injections
|
5 |
WEB
|
DeadLy DeMon
|
|
2010-12-18
|
|
PayPal Shop Digital - SQL Injection
|
4 |
WEB
|
DeadLy DeMon
|
|
2010-12-18
|
|
SchuldnerBeratung - SQL Injection
|
3 |
WEB
|
DeadLy DeMon
|
|
2010-12-18
|
|
Download Center 2.2 - SQL Injection
|
5 |
WEB
|
DeadLy DeMon
|
|
2010-12-18
|
|
Ero Auktion 2010 - 'item.php' SQL Injection
|
4 |
WEB
|
DeadLy DeMon
|
|
2010-12-18
|
|
MCFileManager Plugin for TinyMCE 3.2.2.3 - Arbitrary File Upload
|
4 |
WEB
|
Vladimir Vorontsov
|
|
2010-12-17
|
|
Radius Manager 3.8.0 - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Rodrigo Rubira Branco
|
|
2010-12-17
|
|
CubeCart 3.x - Arbitrary File Upload
|
3 |
WEB
|
StunTMaN!
|
|
2010-12-17
|
|
MHP Downloadshop - SQL Injection
|
4 |
WEB
|
Easy Laster
|
|
2010-12-17
|
|
Easy Online Shop - SQL Injection
|
4 |
WEB
|
Easy Laster
|
|
2010-12-17
|
|
Immo Makler Script - SQL Injection
|
4 |
WEB
|
Easy Laster
|
|
2010-12-17
|
|
D-Link DIR-300 - Cross-Site Request Forgery (Change Admin Account Settings)
|
4 |
WEB
|
outlaw.dll
|
|
2010-12-17
|
|
Softbiz PHP Joke Site Software - Multiple SQL Injections
|
4 |
WEB
|
v3n0m
|
|
2010-12-16
|
|
Joomla! Component JRadio - Local File Inclusion
|
4 |
WEB
|
Sid3^effects
|
|
2010-12-16
|
|
QualDev eCommerce script - SQL Injection
|
5 |
WEB
|
ErrNick
|
|
2010-12-15
|
|
gitWeb 1.7.3.3 - Cross-Site Scripting
|
5 |
WEB
|
emgent
|
|
2010-12-15
|
|
Blog:CMS 4.2.1e - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-15
|
|
BEdita 3.0.1.2550 - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-15
|
|
Pointter PHP Micro-Blogging Social Network - Unauthorized Privilege Escalation
|
5 |
WEB
|
Mark Stanislav
|
|
2010-12-15
|
|
Pointter PHP Content Management System - Unauthorized Privilege Escalation
|
4 |
WEB
|
Mark Stanislav
|
|
2010-12-15
|
|
Google Urchin 5.7.03 - Local File Inclusion
|
4 |
WEB
|
Kristian Erik Hermansen
|
|
2010-12-15
|
|
Mantis Bug Tracker 1.2.3 - 'db_type' Local File Inclusion
|
4 |
WEB
|
LiquidWorm
|
|
2010-12-15
|
|
Mantis Bug Tracker 1.2.3 - 'db_type' Cross-Site Scripting / Full Path Disclosure
|
4 |
WEB
|
LiquidWorm
|
|
2010-12-12
|
|
Clear iSpot/Clearspot 2.0.0.0 - Cross-Site Request Forgery
|
4 |
WEB
|
Trustwave's SpiderLabs
|
|
2010-12-10
|
|
Joomla! Component com_billyportfolio 1.1.2 - Blind SQL Injection
|
4 |
WEB
|
jdc
|
|
2010-12-10
|
|
Sulata iSoft - 'stream.php' Local File Disclosure
|
4 |
WEB
|
Sudden_death
|
|
2010-12-09
|
|
Joomla! Component JE Messenger 1.0 - Arbitrary File Upload
|
3 |
WEB
|
Salvatore Fresta
|
|
2010-12-09
|
|
AJ Matrix DNA - SQL Injection
|
4 |
WEB
|
Br0ly
|
|
2010-12-09
|
|
CMScout 2.09 - Cross-Site Request Forgery
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-09
|
|
Joomla! Component JE Auto 1.0 - SQL Injection
|
4 |
WEB
|
Salvatore Fresta
|
|
2010-12-09
|
|
Abtp Portal Project 0.1.0 - Local File Inclusion
|
3 |
WEB
|
Br0ly
|
|
2010-12-09
|
|
Apache Archiva 1.0 < 1.3.1 - Cross-Site Request Forgery
|
4 |
WEB
|
Anatolia Security
|
|
2010-12-07
|
|
SOOP Portal Raven 1.0b - Arbitrary File Upload
|
4 |
WEB
|
Sun Army
|
|
2010-12-06
|
|
MODx REvolution CMS 2.0.4-pl2 - POST injection Cross-Site Scripting
|
4 |
WEB
|
LiquidWorm
|
|
2010-12-06
|
|
phpMyAdmin - Client-Side Code Injection / Redirect Link Falsification
|
3 |
WEB
|
emgent white_sheep & scox
|
|
2010-12-05
|
|
Pulse CMS Basic - Local File Inclusion
|
5 |
WEB
|
Mark Stanislav
|
|
2010-12-05
|
|
SOOP Portal 2.0 - Arbitrary File Upload
|
4 |
WEB
|
Net.Edit0r
|
|
2010-12-05
|
|
HotWebScripts HotWeb Rentals - 'resorts.asp' SQL Injection
|
4 |
WEB
|
R4dc0re
|
|
2010-12-05
|
|
Ecommercemax Solutions Digital Goods Seller - SQL Injection
|
4 |
WEB
|
R4dc0re
|
|
2010-12-05
|
|
Gatesoft Docusafe 4.1.0 - SQL Injection
|
4 |
WEB
|
R4dc0re
|
|
2010-12-05
|
|
PHPKF Forum 1.80 - 'profil_degistir.php' Cross-Site Request Forgery
|
4 |
WEB
|
FreWaL
|
|
2010-12-05
|
|
WordPress Core 3.0.1 - 'do_trackbacks()' SQL Injection
|
4 |
WEB
|
M4g
|
|
2010-12-04
|
|
ASPSiteWare Contact Directory 1.0 - SQL Injection
|
4 |
WEB
|
R4dc0re
|
|
2010-12-04
|
|
ASPSiteWare ASP Gallery 1.0 - SQL Injection
|
4 |
WEB
|
R4dc0re
|
|
2010-12-04
|
|
ASPSiteWare JobPost 1.0 - SQL Injection
|
4 |
WEB
|
R4dc0re
|
|
2010-12-04
|
|
ASPSiteWare Project Reporter - SQL Injection
|
4 |
WEB
|
R4dc0re
|
|
2010-12-04
|
|
ASPSiteWare Recipe ORGanizer - SQL Injection
|
3 |
WEB
|
R4dc0re
|
|
2010-12-04
|
|
T-Dreams Job Seekers Package 3.0 - SQL Injection
|
4 |
WEB
|
R4dc0re
|
|
2010-12-04
|
|
T-Dreams Cars Ads Package 2.0 - SQL Injection
|
4 |
WEB
|
R4dc0re
|
|
2010-12-04
|
|
Linksys Routers - Cross-Site Request Forgery
|
4 |
WEB
|
Martin Barbella
|
|
2010-12-04
|
|
Dejcom Market CMS - 'showbrand.aspx' SQL Injection
|
4 |
WEB
|
Mormoroth
|
|
2010-12-03
|
|
D-Link Routers - Authentication Bypass (1)
|
4 |
WEB
|
Craig Heffner
|
|
2010-12-03
|
|
Easy Travel Portal 2 - 'travelbycountry.asp' SQL Injection
|
4 |
WEB
|
Ulrik Persson
|
|
2010-12-02
|
|
Ananda Real Estate 3.4 - 'list.asp' Multiple SQL Injections
|
4 |
WEB
|
underground-stockholm.com
|
|
2010-12-02
|
|
etomite 1.1 - Multiple Vulnerabilities
|
5 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-02
|
|
Contenido CMS 4.8.12 - Cross-Site Scripting
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-01
|
|
LittlePhpGallery 1.0.2 - Local File Inclusion
|
4 |
WEB
|
kire bozorge khavarmian
|
|
2010-12-01
|
|
Digitalus 1.10.0 Alpha2 - Arbitrary File Upload
|
4 |
WEB
|
eidelweiss
|
|
2010-12-01
|
|
BugTracker.NET 3.4.4 - Multiple Vulnerabilities
|
4 |
WEB
|
Core Security
|
|
2010-12-01
|
|
OsCSS 1.2 - Arbitrary File Upload
|
4 |
WEB
|
Shichemt Alen
|
|
2010-12-01
|
|
Alibaba Clone B2B 3.4 - SQL Injection
|
4 |
WEB
|
Dr.0rYX & Cr3W-DZ
|
|
2010-11-30
|
|
Elxis CMS 2009.2 - SQL Injection
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-30
|
|
DynPG 4.2.0 - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-30
|
|
enano CMS 1.1.7pl1 - Multiple Vulnerabilities
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-30
|
|
Eclime 1.1.2b - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-30
|
|
Pandora Fms 3.1 - Directory Traversal / Local File Inclusion
|
3 |
WEB
|
Juan Galiana Lara
|
|
2010-11-30
|
|
Pandora Fms 3.1 - Blind SQL Injection
|
4 |
WEB
|
Juan Galiana Lara
|
|
2010-11-30
|
|
Pandora Fms 3.1 - SQL Injection
|
4 |
WEB
|
Juan Galiana Lara
|
|
2010-11-30
|
|
Pandora Fms 3.1 - OS Command Injection
|
4 |
WEB
|
Juan Galiana Lara
|
|
2010-11-30
|
|
Pandora FMS 3.1 - Authentication Bypass
|
4 |
WEB
|
Juan Galiana Lara
|
|
2010-11-30
|
|
Duhok Forum 1.1 - Arbitrary File Upload
|
4 |
WEB
|
BrOx-Dz
|
|
2010-11-30
|
|
Link Protect 1.2 - Persistent Cross-Site Scripting
|
4 |
WEB
|
Shichemt Alen
|
|
2010-11-30
|
|
Orbis CMS 1.0.2 - Arbitrary File Upload
|
4 |
WEB
|
Mark Stanislav
|
|
2010-11-29
|
|
Diferior 8.03 - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-29
|
|
MicroNetSoft RV Dealer Website - 'search.asp' / showAlllistings.asp' SQL Injection
|
4 |
WEB
|
underground-stockholm.com
|
|
2010-11-28
|
|
Site2Nite Big Truck Broker - 'txtSiteId' SQL Injection
|
5 |
WEB
|
underground-stockholm.com
|
|
2010-11-28
|
|
Skeletonz CMS - Persistent Cross-Site Scripting
|
4 |
WEB
|
Jbyte
|
|
2010-11-27
|
|
MemHT Portal 4.0.1 - 'User Agent' Persistent Cross-Site Scripting
|
4 |
WEB
|
ZonTa
|
|
2010-11-27
|
|
Jurpopage 0.2.0 - SQL Injection
|
5 |
WEB
|
Sudden_death
|
|
2010-11-25
|
|
Frog CMS 0.9.5 - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-25
|
|
Wolf CMS 0.6.0b - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-25
|
|
SiteEngine 7.1 - SQL Injection
|
4 |
WEB
|
Beach
|
|
2010-11-25
|
|
JDownloader Webinterface - Source Code Disclosure
|
5 |
WEB
|
Sil3nt_Dre4m
|
|
2010-11-25
|
|
Joomla! Component JE Ajax Event Calendar - SQL Injection
|
4 |
WEB
|
ALTBTA
|
|
2010-11-24
|
|
Free Simple Software - SQL Injection
|
5 |
WEB
|
Mark Stanislav
|
|
2010-11-24
|
|
WSN Links - SQL Injection
|
4 |
WEB
|
Mark Stanislav
|
|
2010-11-24
|
|
phpvidz 0.9.5 - Administrative Credentials Disclosure
|
3 |
WEB
|
Michael Brooks
|
|
2010-11-24
|
|
Getsimple CMS 2.01 < 2.02 - Administrative Credentials Disclosure
|
4 |
WEB
|
Michael Brooks
|
|
2010-11-23
|
|
PHPmotion 1.62 - 'FCKeditor' Arbitrary File Upload
|
4 |
WEB
|
trycyber
|
|
2010-11-22
|
|
Acidcat CMS 3.3 - 'FCKeditor' Arbitrary File Upload
|
4 |
WEB
|
Net.Edit0r
|
|
2010-11-22
|
|
JCMS 2010 - File Download
|
4 |
WEB
|
Beach
|
|
2010-11-22
|
|
jSchool Advanced - Blind SQL Injection
|
5 |
WEB
|
Don Tukulesto
|
|
2010-11-22
|
|
AuraCMS 1.62 - 'pfd.php' SQL Injection
|
4 |
WEB
|
Don Tukulesto
|
|
2010-11-21
|
|
cPanel 11.x - Cross-Site Request Forgery (Edit E-mail)
|
4 |
WEB
|
Mon7rF .
|
|
2010-11-21
|
|
sahitya graphics CMS - Multiple Vulnerabilities
|
4 |
WEB
|
Dr.0rYX & Cr3W-DZ
|
|
2010-11-20
|
|
vBulletin 4.0.8 PL1 - Cross-Site Scripting Filter Bypass within Profile Customization
|
4 |
WEB
|
MaXe
|
|
2010-11-20
|
|
S_CMS 2.5 - Multiple Vulnerabilities
|
5 |
WEB
|
LordTittiS
|
