|
2011-01-11
|
|
diafan.cms 4.3 - Multiple Vulnerabilities
|
17 |
WEB
|
High-Tech Bridge SA
|
|
2011-01-11
|
|
vam shop 1.6 - Multiple Vulnerabilities
|
15 |
WEB
|
High-Tech Bridge SA
|
|
2011-01-11
|
|
energine 2.3.8 - Multiple Vulnerabilities
|
19 |
WEB
|
High-Tech Bridge SA
|
|
2011-01-11
|
|
Extcalendar 2 - 'calendar.php' SQL Injection
|
17 |
WEB
|
Lagripe-Dz & Mca-Crb
|
|
2011-01-10
|
|
Lotus CMS Fraise 3.0 - Local File Inclusion / Remote Code Execution
|
17 |
WEB
|
mr_me
|
|
2011-01-10
|
|
TinyBB 1.2 - SQL Injection
|
20 |
WEB
|
Aodrulez
|
|
2011-01-10
|
|
Maximus CMS 1.1.2 - 'FCKeditor' Arbitrary File Upload
|
18 |
WEB
|
eidelweiss
|
|
2011-01-09
|
|
Joomla! Plugin Captcha 4.5.1 - Local File Disclosure
|
17 |
WEB
|
dun
|
|
2011-01-08
|
|
Zwii 2.1.1 - Remote File Inclusion
|
17 |
WEB
|
Abdi Mohamed
|
|
2011-01-08
|
|
WordPress Plugin mingle forum 1.0.26 - Multiple Vulnerabilities
|
16 |
WEB
|
Charles Hooper
|
|
2011-01-08
|
|
sahana agasti 0.6.5 - Multiple Vulnerabilities
|
21 |
WEB
|
dun
|
|
2011-01-08
|
|
Elxis CMS 2009.2 - Remote File Inclusion
|
17 |
WEB
|
n0n0x
|
|
2011-01-08
|
|
axdcms-0.1.1 - Local File Inclusion
|
20 |
WEB
|
n0n0x
|
|
2011-01-07
|
|
openSite 0.2.2 Beta - Local File Inclusion
|
20 |
WEB
|
n0n0x
|
|
2011-01-06
|
|
PHP MicroCMS 1.0.1 - Cross-Site Request Forgery / Cross-Site Scripting
|
15 |
WEB
|
High-Tech Bridge SA
|
|
2011-01-06
|
|
Phenotype CMS 3.0 - SQL Injection
|
15 |
WEB
|
High-Tech Bridge SA
|
|
2011-01-06
|
|
phpMySport 1.4 - SQL Injection / Authentication Bypass / Full Path Disclosure
|
15 |
WEB
|
High-Tech Bridge SA
|
|
2011-01-06
|
|
F3Site 2011 alfa 1 - Cross-Site Scripting / Cross-Site Request Forgery
|
17 |
WEB
|
High-Tech Bridge SA
|
|
2011-01-06
|
|
Openfire 3.6.4 - Multiple Cross-Site Request Forgery Vulnerabilities
|
14 |
WEB
|
Riyaz Ahemed Walikar
|
|
2011-01-06
|
|
Ignition 1.3 - 'comment.php' Local File Inclusion
|
19 |
WEB
|
n0n0x
|
|
2011-01-05
|
|
Concrete CMS 5.4.1.1 - Cross-Site Scripting / Remote Code Execution
|
18 |
WEB
|
mr_me
|
|
2011-01-05
|
|
PhpGedView 4.2.3 - Local File Inclusion
|
17 |
WEB
|
dun
|
|
2011-01-05
|
|
Nucleus 3.61 - Multiple Remote File Inclusions
|
16 |
WEB
|
n0n0x
|
|
2011-01-04
|
|
S40 CMS 0.4.1 - Cross-Site Request Forgery (Change Admin Password)
|
21 |
WEB
|
pentesters.ir
|
|
2011-01-03
|
|
Sahana Agasti 0.6.4 - Multiple Remote File Inclusions
|
16 |
WEB
|
n0n0x
|
|
2011-01-02
|
|
amoeba CMS 1.01 - Multiple Vulnerabilities
|
19 |
WEB
|
mr_me
|
|
2011-01-02
|
|
YourTube 1.0 - Cross-Site Request Forgery (Add User)
|
21 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-01-02
|
|
GALLARIFIC PHP Photo Gallery Script - 'gallery.php' SQL Injection
|
23 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2011-01-01
|
|
Tech Shop Technote 7 - SQL Injection
|
19 |
WEB
|
MaJ3stY
|
|
2011-01-01
|
|
Sahana Agasti 0.6.4 - SQL Injection
|
21 |
WEB
|
dun
|
|
2011-01-01
|
|
ChurchInfo 1.2.12 - SQL Injection
|
20 |
WEB
|
dun
|
|
2011-01-01
|
|
KLINK - SQL Injection
|
21 |
WEB
|
Mauro Rossi & Andres Gomez
|
|
2010-12-30
|
|
Ignition 1.3 - Remote Code Execution
|
17 |
WEB
|
cOndemned
|
|
2010-12-30
|
|
Ignition 1.3 - 'page.php' Local File Inclusion
|
14 |
WEB
|
cOndemned
|
|
2010-12-29
|
|
LightNEasy 3.2.2 - Multiple Vulnerabilities
|
20 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-29
|
|
WordPress Core 3.0.3 - Persistent Cross-Site Scripting (Internet Explorer 6/7 / NS8.1)
|
18 |
WEB
|
Saif
|
|
2010-12-29
|
|
Discovery TorrentTrader 2.6 - Multiple Vulnerabilities
|
17 |
WEB
|
EsS4ndre
|
|
2010-12-29
|
|
TYPO3 - Arbitrary File Retrieval
|
19 |
WEB
|
ikki
|
|
2010-12-29
|
|
DGNews 2.1 - SQL Injection
|
18 |
WEB
|
kalashnikov
|
|
2010-12-29
|
|
Siteframe CMS 3.2.3 - 'user.php' SQL Injection
|
20 |
WEB
|
AnGrY BoY
|
|
2010-12-29
|
|
PiXie CMS 1.04 - Multiple Cross-Site Request Forgery Vulnerabilities
|
21 |
WEB
|
Ali Raheem
|
|
2010-12-29
|
|
LoveCMS 1.6.2 - Cross-Site Request Forgery / Code Injection
|
21 |
WEB
|
hiphop
|
|
2010-12-29
|
|
PHP-AddressBook 6.2.4 - 'group.php' SQL Injection
|
19 |
WEB
|
hiphop
|
|
2010-12-29
|
|
DzTube - SQL Injection
|
20 |
WEB
|
errnick qwe
|
|
2010-12-29
|
|
kaibb 1.0.1 - Multiple Vulnerabilities
|
15 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-29
|
|
News Script PHP Pro - 'FCKeditor' Arbitrary File Upload
|
19 |
WEB
|
Net.Edit0r
|
|
2010-12-29
|
|
ardeaCore 2.25 - PHP Framework Remote File Inclusion
|
17 |
WEB
|
n0n0x
|
|
2010-12-28
|
|
OpenClassifieds 1.7.0.3 - Chained: Captcha Bypass / SQL Injection / Persistent Cross-Site Scripting
|
22 |
WEB
|
Michael Brooks
|
|
2010-12-27
|
|
Web@all 1.1 - Remote Admin Settings Change
|
17 |
WEB
|
Giuseppe D'Inverno
|
|
2010-12-27
|
|
OpenEMR 3.2.0 - SQL Injection / Cross-Site Scripting
|
18 |
WEB
|
blake
|
|
2010-12-27
|
|
pecio CMS 2.0.5 - Cross-Site Request Forgery (Add Admin)
|
17 |
WEB
|
P0C T34M
|
|
2010-12-26
|
|
Interact 2.4.1 - SQL Injection
|
18 |
WEB
|
IR Security
|
|
2010-12-25
|
|
LoveCMS 1.6.2 Final - Multiple Local File Inclusions
|
17 |
WEB
|
cOndemned
|
|
2010-12-25
|
|
Social Engine 4.x (Music Plugin) - Arbitrary File Upload
|
19 |
WEB
|
MyDoom
|
|
2010-12-25
|
|
Vacation Rental Script 4.0 - Cross-Site Request Forgery
|
21 |
WEB
|
OnurTURKESHAN
|
|
2010-12-25
|
|
Joomla! Component com_idoblog - SQL Injection
|
18 |
WEB
|
NOCKAR1111
|
|
2010-12-25
|
|
Traidnt Up 3.0 - Cross-Site Request Forgery
|
18 |
WEB
|
P0C T34M
|
|
2010-12-25
|
|
openauto 1.6.3 - Multiple Vulnerabilities
|
16 |
WEB
|
Michael Brooks
|
|
2010-12-25
|
|
Pligg CMS 1.1.2 - Blind SQL Injection / Cross-Site Scripting
|
17 |
WEB
|
Michael Brooks
|
|
2010-12-24
|
|
CubeCart 3.0.6 - Cross-Site Request Forgery (Add Admin)
|
21 |
WEB
|
P0C T34M
|
|
2010-12-24
|
|
SquareCMS 0.3.1 - 'post.php' SQL Injection
|
19 |
WEB
|
cOndemned
|
|
2010-12-24
|
|
Joomla! Component com_xmovie 1.0 - Local File Inclusion
|
20 |
WEB
|
KelvinX
|
|
2010-12-24
|
|
iDevSpot iDevCart 1.10 - Multiple Local File Inclusions
|
17 |
WEB
|
v3n0m
|
|
2010-12-23
|
|
CubeCart 3.0.4 - SQL Injection
|
18 |
WEB
|
Dr.NeT
|
|
2010-12-23
|
|
Joomla! Component com_adsmanager - Remote File Inclusion
|
18 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2010-12-23
|
|
Joomla! Component com_ponygallery - Remote File Inclusion
|
19 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2010-12-23
|
|
IPN Development Handler 2.0 - Multiple Vulnerabilities
|
15 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2010-12-23
|
|
Ypninc Realty Classifieds - SQL Injection
|
17 |
WEB
|
Br0ly
|
|
2010-12-23
|
|
Built2Go PHP Shopping - SQL Injection
|
18 |
WEB
|
Br0ly
|
|
2010-12-23
|
|
D-Link WBR-1310 - Authentication Bypass
|
20 |
WEB
|
Craig Heffner
|
|
2010-12-22
|
|
WordPress Plugin Accept Signups 0.1 - Cross-Site Scripting
|
18 |
WEB
|
clshack
|
|
2010-12-22
|
|
Mitel AWC - Command Execution
|
17 |
WEB
|
Procheckup
|
|
2010-12-21
|
|
jobappr 1.4 - Multiple Vulnerabilities
|
18 |
WEB
|
giudinvx
|
|
2010-12-21
|
|
Joomla! Component com_xgallery 1.0 - Local File Inclusion
|
16 |
WEB
|
KelvinX
|
|
2010-12-21
|
|
html-edit CMS - Multiple Vulnerabilities
|
15 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-21
|
|
Habari Blog - Multiple Vulnerabilities
|
19 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-21
|
|
Injader CMS - Multiple Vulnerabilities
|
16 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-21
|
|
Hycus CMS - Multiple Vulnerabilities
|
15 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-21
|
|
S9Y Serendipity 1.5.4 - Arbitrary File Upload
|
15 |
WEB
|
pentesters.ir
|
|
2010-12-20
|
|
Vacation Rental Script 4.0 - Arbitrary File Upload
|
16 |
WEB
|
Br0ly
|
|
2010-12-20
|
|
Joomla! Component JotLoader 2.2.1 - Local File Inclusion
|
16 |
WEB
|
v3n0m
|
|
2010-12-20
|
|
PHP Web Scripts Ad Manager Pro 3.0 - SQL Injection
|
18 |
WEB
|
R4dc0re
|
|
2010-12-20
|
|
plx Ad Trader 3.2 - Authentication Bypass
|
16 |
WEB
|
R4dc0re
|
|
2010-12-20
|
|
Elcom CommunityManager.NET - Authentication Bypass
|
17 |
WEB
|
Sense of Security
|
|
2010-12-20
|
|
PHP-Nuke MaticMarket 2.02 - Local File Inclusion
|
16 |
WEB
|
xer0x
|
|
2010-12-20
|
|
Inout Webmail Script - Persistent Cross-Site Scripting
|
18 |
WEB
|
Sid3^effects
|
|
2010-12-19
|
|
Joomla! Component JE Auto - Local File Inclusion
|
16 |
WEB
|
Sid3^effects
|
|
2010-12-19
|
|
Oto Galery 1.0 - Multiple SQL Injections
|
14 |
WEB
|
DeadLy DeMon
|
|
2010-12-18
|
|
Virtual Store Open 3.0 - Acess SQL Injection
|
19 |
WEB
|
Br0ly
|
|
2010-12-18
|
|
Mafia Game Script - SQL Injection
|
20 |
WEB
|
DeadLy DeMon
|
|
2010-12-18
|
|
Projekt Shop - 'details.php' Multiple SQL Injections
|
22 |
WEB
|
DeadLy DeMon
|
|
2010-12-18
|
|
PayPal Shop Digital - SQL Injection
|
19 |
WEB
|
DeadLy DeMon
|
|
2010-12-18
|
|
SchuldnerBeratung - SQL Injection
|
17 |
WEB
|
DeadLy DeMon
|
|
2010-12-18
|
|
Download Center 2.2 - SQL Injection
|
20 |
WEB
|
DeadLy DeMon
|
|
2010-12-18
|
|
Ero Auktion 2010 - 'item.php' SQL Injection
|
19 |
WEB
|
DeadLy DeMon
|
|
2010-12-18
|
|
MCFileManager Plugin for TinyMCE 3.2.2.3 - Arbitrary File Upload
|
17 |
WEB
|
Vladimir Vorontsov
|
|
2010-12-17
|
|
Radius Manager 3.8.0 - Multiple Cross-Site Scripting Vulnerabilities
|
15 |
WEB
|
Rodrigo Rubira Branco
|
|
2010-12-17
|
|
CubeCart 3.x - Arbitrary File Upload
|
18 |
WEB
|
StunTMaN!
|
|
2010-12-17
|
|
MHP Downloadshop - SQL Injection
|
18 |
WEB
|
Easy Laster
|
|
2010-12-17
|
|
Easy Online Shop - SQL Injection
|
20 |
WEB
|
Easy Laster
|
|
2010-12-17
|
|
Immo Makler Script - SQL Injection
|
20 |
WEB
|
Easy Laster
|
|
2010-12-17
|
|
D-Link DIR-300 - Cross-Site Request Forgery (Change Admin Account Settings)
|
19 |
WEB
|
outlaw.dll
|
|
2010-12-17
|
|
Softbiz PHP Joke Site Software - Multiple SQL Injections
|
21 |
WEB
|
v3n0m
|
|
2010-12-16
|
|
Joomla! Component JRadio - Local File Inclusion
|
20 |
WEB
|
Sid3^effects
|
|
2010-12-16
|
|
QualDev eCommerce script - SQL Injection
|
21 |
WEB
|
ErrNick
|
|
2010-12-15
|
|
gitWeb 1.7.3.3 - Cross-Site Scripting
|
23 |
WEB
|
emgent
|
|
2010-12-15
|
|
Blog:CMS 4.2.1e - Multiple Vulnerabilities
|
21 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-15
|
|
BEdita 3.0.1.2550 - Multiple Vulnerabilities
|
17 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-15
|
|
Pointter PHP Micro-Blogging Social Network - Unauthorized Privilege Escalation
|
18 |
WEB
|
Mark Stanislav
|
|
2010-12-15
|
|
Pointter PHP Content Management System - Unauthorized Privilege Escalation
|
21 |
WEB
|
Mark Stanislav
|
|
2010-12-15
|
|
Google Urchin 5.7.03 - Local File Inclusion
|
19 |
WEB
|
Kristian Erik Hermansen
|
|
2010-12-15
|
|
Mantis Bug Tracker 1.2.3 - 'db_type' Local File Inclusion
|
19 |
WEB
|
LiquidWorm
|
|
2010-12-15
|
|
Mantis Bug Tracker 1.2.3 - 'db_type' Cross-Site Scripting / Full Path Disclosure
|
17 |
WEB
|
LiquidWorm
|
|
2010-12-12
|
|
Clear iSpot/Clearspot 2.0.0.0 - Cross-Site Request Forgery
|
19 |
WEB
|
Trustwave's SpiderLabs
|
|
2010-12-10
|
|
Joomla! Component com_billyportfolio 1.1.2 - Blind SQL Injection
|
23 |
WEB
|
jdc
|
|
2010-12-10
|
|
Sulata iSoft - 'stream.php' Local File Disclosure
|
18 |
WEB
|
Sudden_death
|
|
2010-12-09
|
|
Joomla! Component JE Messenger 1.0 - Arbitrary File Upload
|
21 |
WEB
|
Salvatore Fresta
|
|
2010-12-09
|
|
AJ Matrix DNA - SQL Injection
|
17 |
WEB
|
Br0ly
|
|
2010-12-09
|
|
CMScout 2.09 - Cross-Site Request Forgery
|
19 |
WEB
|
High-Tech Bridge SA
|
|
2010-12-09
|
|
Joomla! Component JE Auto 1.0 - SQL Injection
|
18 |
WEB
|
Salvatore Fresta
|
|
2010-12-09
|
|
Abtp Portal Project 0.1.0 - Local File Inclusion
|
17 |
WEB
|
Br0ly
|
|
2010-12-09
|
|
Apache Archiva 1.0 < 1.3.1 - Cross-Site Request Forgery
|
21 |
WEB
|
Anatolia Security
|
|
2010-12-07
|
|
SOOP Portal Raven 1.0b - Arbitrary File Upload
|
22 |
WEB
|
Sun Army
|
|
2010-12-06
|
|
MODx REvolution CMS 2.0.4-pl2 - POST injection Cross-Site Scripting
|
18 |
WEB
|
LiquidWorm
|
|
2010-12-06
|
|
phpMyAdmin - Client-Side Code Injection / Redirect Link Falsification
|
20 |
WEB
|
emgent white_sheep & scox
|
