|
2010-11-20
|
|
Joomla! Component Jimtawl 1.0.2 - Local File Inclusion
|
5 |
WEB
|
Mask_magicianz
|
|
2010-11-19
|
|
DVD Rental Software - SQL Injection
|
4 |
WEB
|
JaMbA
|
|
2010-11-19
|
|
Plogger Gallery 1.0 - Cross-Site Request Forgery (Change Admin Password)
|
4 |
WEB
|
Or4nG.M4N
|
|
2010-11-19
|
|
Arabian YouTube Script - Blind SQL Injection
|
4 |
WEB
|
R3d-D3V!L
|
|
2010-11-19
|
|
PHPGallery 1.1.0 - Cross-Site Request Forgery
|
4 |
WEB
|
Or4nG.M4N
|
|
2010-11-19
|
|
ViArt Shop 4.0.5 - Multiple Vulnerabilities
|
3 |
WEB
|
Ariko-Security
|
|
2010-11-18
|
|
Fozzcom Shopping < 7.94 / < 8.04 - Multiple Vulnerabilities
|
4 |
WEB
|
Dr.0rYX & Cr3W-DZ
|
|
2010-11-18
|
|
Joomla! Component com_mtree 2.1.6 - Overwrite Cross-Site Request Forgery
|
4 |
WEB
|
jdc
|
|
2010-11-18
|
|
chCounter 3.1.3 - SQL Injection
|
4 |
WEB
|
Matias Fontanini
|
|
2010-11-18
|
|
WebRCSdiff 0.9 - 'viewver.php' Remote File Inclusion
|
4 |
WEB
|
FL0RiX
|
|
2010-11-17
|
|
Front Accounting 2.3RC2 - Multiple SQL Injections
|
3 |
WEB
|
Juan Manuel Garcia
|
|
2010-11-17
|
|
Front Accounting 2.3RC2 - Multiple Persistent Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Juan Manuel Garcia
|
|
2010-11-17
|
|
Sitefinity CMS - 'ASP.NET' Arbitrary File Upload
|
2 |
WEB
|
Net.Edit0r
|
|
2010-11-16
|
|
CompactCMS 1.4.1 - SQL Injection
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-16
|
|
ClanSphere 2010.0 Final - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-16
|
|
IceBB 1.0-rc10 - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-16
|
|
openEngine 2.0 100226 - Local File Inclusion / Cross-Site Scripting
|
4 |
WEB
|
SecPod Research
|
|
2010-11-16
|
|
Joomla! Component com_maianmedia - SQL Injection
|
4 |
WEB
|
v3n0m
|
|
2010-11-16
|
|
BPRealestate Real Estate - Authentication Bypass
|
4 |
WEB
|
v3n0m
|
|
2010-11-16
|
|
BPConferenceReporting Web Reporting - Authentication Bypass
|
4 |
WEB
|
v3n0m
|
|
2010-11-16
|
|
BPDirectory Business Directory - Authentication Bypass
|
4 |
WEB
|
v3n0m
|
|
2010-11-16
|
|
BPAffiliate Affiliate Tracking - Authentication Bypass
|
4 |
WEB
|
v3n0m
|
|
2010-11-16
|
|
vBulletin 4.0.8 - Persistent Cross-Site Scripting via Profile Customization
|
4 |
WEB
|
MaXe
|
|
2010-11-15
|
|
Joomla! Component com_alfurqan15x - SQL Injection
|
3 |
WEB
|
kaMtiEz
|
|
2010-11-15
|
|
Nuked-klaN Module Boutique - Blind SQL Injection
|
4 |
WEB
|
[AR51]Kevinos
|
|
2010-11-15
|
|
Web Wiz NewsPad Express Edition 1.03 - Database File Disclosure
|
4 |
WEB
|
keracker
|
|
2010-11-15
|
|
Chameleon Social Networking Software - Persistent Cross-Site Scripting
|
4 |
WEB
|
Dr-mosta
|
|
2010-11-14
|
|
BSI Advance Hotel Booking System 1.0 - SQL Injection
|
4 |
WEB
|
v3n0m
|
|
2010-11-13
|
|
Pre Online Tests Generator Pro - SQL Injection
|
3 |
WEB
|
Cru3l.b0y
|
|
2010-11-13
|
|
Pre ADS Portal - Authentication Bypass
|
2 |
WEB
|
Cru3l.b0y
|
|
2010-11-13
|
|
OneOrZero AIms 2.6.0 Members Edition - Multiple Vulnerabilities
|
3 |
WEB
|
Valentin
|
|
2010-11-13
|
|
Joomla! Component CCBoard 1.2-RC - Multiple Vulnerabilities
|
3 |
WEB
|
jdc
|
|
2010-11-13
|
|
Webmatic - 'index.php' SQL Injection
|
4 |
WEB
|
v3n0m
|
|
2010-11-13
|
|
EasyJobPortal - Arbitrary File Upload
|
3 |
WEB
|
MeGo
|
|
2010-11-13
|
|
Invision Power Board 3 - 'search_app' SQL Injection
|
3 |
WEB
|
Lord Tittis3000
|
|
2010-11-13
|
|
WordPress Plugin Event Registration 5.32 - SQL Injection
|
4 |
WEB
|
k3m4n9i
|
|
2010-11-13
|
|
DBSite - SQL Injection
|
4 |
WEB
|
God_Of_Pain
|
|
2010-11-13
|
|
AWCM 2.1 Final - Remote File Inclusion
|
4 |
WEB
|
LoSt.HaCkEr
|
|
2010-11-13
|
|
Build a Niche Store 3.0 - 'BANS' Authentication Bypass
|
4 |
WEB
|
ThunDEr HeaD
|
|
2010-11-13
|
|
Camtron CMNC-200 IP Camera - Undocumented Default Accounts
|
4 |
WEB
|
Trustwave's SpiderLabs
|
|
2010-11-13
|
|
Camtron CMNC-200 IP Camera - Authentication Bypass
|
4 |
WEB
|
Trustwave's SpiderLabs
|
|
2010-11-12
|
|
Joomla! Component JSupport 1.5.6 - SQL Injection
|
4 |
WEB
|
Valentin
|
|
2010-11-12
|
|
Joomla! Component JSupport 1.5.6 - Cross-Site Scripting
|
4 |
WEB
|
Valentin
|
|
2010-11-12
|
|
Woltlab Burning Board 2.3.4 - File Disclosure
|
4 |
WEB
|
sfx
|
|
2010-11-12
|
|
ASPilot Pilot Cart 7.3 - 'newsroom.asp' SQL Injection
|
4 |
WEB
|
Daikin
|
|
2010-11-12
|
|
Metinfo 3.0 - Multiple Vulnerabilities
|
3 |
WEB
|
anT!-Tr0J4n
|
|
2010-11-11
|
|
E-Xoopport 3.1 - 'display.php?katid' SQL Injection
|
4 |
WEB
|
Vis Intelligendi
|
|
2010-11-11
|
|
XT:Commerce < 3.04 SP2.1 - Cross-Site Scripting
|
4 |
WEB
|
Philipp Niedziela
|
|
2010-11-11
|
|
Landesk - OS command Injection
|
3 |
WEB
|
Aureliano Calvo
|
|
2010-11-10
|
|
eBlog 1.7 - Multiple SQL Injections
|
4 |
WEB
|
Salvatore Fresta
|
|
2010-11-10
|
|
FCKEditor Core 2.x 2.4.3 - 'FileManager upload.php' Arbitrary File Upload
|
4 |
WEB
|
grabz
|
|
2010-11-09
|
|
IBM OmniFind - Cross-Site Request Forgery
|
4 |
WEB
|
Fatih Kilic
|
|
2010-11-09
|
|
osCommerce 2.2 - Cross-Site Request Forgery
|
4 |
WEB
|
daandeveloper33
|
|
2010-11-09
|
|
Joomla! Component com_img - Local File Inclusion
|
4 |
WEB
|
CoBRa_21
|
|
2010-11-09
|
|
Joomla! Component com_markt - SQL Injection
|
4 |
WEB
|
CoBRa_21
|
|
2010-11-09
|
|
Joomla! Component btg_oglas - HTML / Cross-Site Scripting Injection
|
4 |
WEB
|
CoBRa_21
|
|
2010-11-09
|
|
Joomla! Component JQuarks4s 1.0.0 - Blind SQL Injection
|
4 |
WEB
|
Salvatore Fresta
|
|
2010-11-09
|
|
Woltlab Burning Board Userlocator 2.5 - SQL Injection
|
4 |
WEB
|
Easy Laster
|
|
2010-11-08
|
|
Joomla! Component ProDesk 1.5 - Local File Inclusion
|
4 |
WEB
|
d3v1l
|
|
2010-11-08
|
|
Seo Panel 2.1.0 - Critical File Disclosure
|
4 |
WEB
|
MaXe
|
|
2010-11-08
|
|
Joomla! Component com_clanlist - SQL Injection
|
4 |
WEB
|
CoBRa_21
|
|
2010-11-08
|
|
xt:Commerce Shopsoftware 3/4 - 'FCKeditor' Arbitrary File Upload
|
3 |
WEB
|
Net.Edit0r
|
|
2010-11-08
|
|
Joomla! Component com_clan - SQL Injection
|
4 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2010-11-08
|
|
Joomla! Component Cookex Agency CKForms - Local File Inclusion
|
2 |
WEB
|
ALTBTA
|
|
2010-11-07
|
|
Punbb 1.3.4 - Multiple Full Path Disclosures
|
3 |
WEB
|
SYSTEM_OVERIDE
|
|
2010-11-07
|
|
DeluxeBB 1.3 - Private Information Disclosure
|
3 |
WEB
|
Vis Intelligendi
|
|
2010-11-07
|
|
ASPilot Pilot Cart 7.3 - Multiple Vulnerabilities
|
4 |
WEB
|
Ariko-Security
|
|
2010-11-06
|
|
phpCow 2.1 - File Inclusion
|
4 |
WEB
|
ViRuS_HiMa
|
|
2010-11-06
|
|
Joomla! Component com_forme 1.0.5 - Multiple Vulnerabilities
|
4 |
WEB
|
jdc
|
|
2010-11-06
|
|
Zeeways Adserver - Multiple Vulnerabilities
|
4 |
WEB
|
Valentin
|
|
2010-11-06
|
|
MassMirror Uploader - Remote File Inclusion
|
4 |
WEB
|
ViciOuS
|
|
2010-11-06
|
|
Joomla! Component com_dcnews - Local File Inclusion
|
4 |
WEB
|
Th3 RDX
|
|
2010-11-06
|
|
Joomla! Component com_connect - Local File Inclusion
|
4 |
WEB
|
Th3 RDX
|
|
2010-11-05
|
|
Joomla! Component ccInvoices - SQL Injection
|
4 |
WEB
|
FL0RiX
|
|
2010-11-04
|
|
JBI CMS - SQL Injection
|
4 |
WEB
|
Cru3l.b0y
|
|
2010-11-04
|
|
MiniBB 2.5 - SQL Injection
|
5 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-04
|
|
JAF CMS 4.0 rc2 - Multiple Vulnerabilities
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-04
|
|
SweetRice 0.6.7 - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-04
|
|
eoCMS 0.9.04 - Multiple Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-03
|
|
Zen Cart 1.3.9h - Local File Inclusion
|
4 |
WEB
|
Salvatore Fresta
|
|
2010-11-03
|
|
digiSHOP 2.0.2 - SQL Injection
|
3 |
WEB
|
Silic0n
|
|
2010-11-03
|
|
eLouai's Force Download Script - Arbitrary Local File Download
|
4 |
WEB
|
v1R00Z
|
|
2010-11-02
|
|
Dolphin 7.0.3 - Multiple Vulnerabilities
|
3 |
WEB
|
anT!-Tr0J4n
|
|
2010-11-02
|
|
Site2Nite Business eListings - SQL Injection
|
5 |
WEB
|
L0rd CrusAd3r
|
|
2010-11-02
|
|
Digger Solutions NewsLetter Open Source - SQL Injection
|
3 |
WEB
|
L0rd CrusAd3r
|
|
2010-11-02
|
|
Online Work Order System (OWOS) Professional Edition - Authentication Bypass
|
4 |
WEB
|
L0rd CrusAd3r
|
|
2010-11-02
|
|
Comrie Software Pay Roll Time Sheet & Punch Card - Authentication Bypass
|
4 |
WEB
|
L0rd CrusAd3r
|
|
2010-11-02
|
|
Site2Ntite Vacation Rental (VRBO) Listings - SQL Injection
|
4 |
WEB
|
L0rd CrusAd3r
|
|
2010-11-02
|
|
Azaronline Design - SQL Injection
|
4 |
WEB
|
XroGuE
|
|
2010-11-02
|
|
MetInfo 3.0 - 'FCKeditor' Arbitrary File Upload
|
3 |
WEB
|
[sh3n]
|
|
2010-11-02
|
|
Webmedia Explorer 6.13.1 - Persistent Cross-Site Scripting
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-02
|
|
MemHT Portal 4.0.1 - Persistent Cross-Site Scripting
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-02
|
|
Kandidat CMS 1.4.2 - Persistent Cross-Site Scripting
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-01
|
|
douran portal 3.9.7.55 - Multiple Vulnerabilities
|
4 |
WEB
|
ITSecTeam
|
|
2010-11-01
|
|
Collabtive 0.65 - SQL Injection
|
4 |
WEB
|
Anatolia Security
|
|
2010-11-01
|
|
XAMPP 1.7.3 - Multiple Vulnerabilities
|
4 |
WEB
|
TheLeader
|
|
2010-10-31
|
|
Auto CMS 1.8 - Remote Code Execution
|
4 |
WEB
|
Giuseppe D'Inverno
|
|
2010-10-31
|
|
Joomla! Component Sponsor Wall 1.1 - SQL Injection
|
4 |
WEB
|
FL0RiX
|
|
2010-10-31
|
|
Joomla! Component Pulse Infotech Flip Wall - SQL Injection
|
4 |
WEB
|
FL0RiX
|
|
2010-10-31
|
|
MetInfo 3.0 - PHP Code Injection
|
4 |
WEB
|
Beach
|
|
2010-10-31
|
|
MetInfo 2.0 - PHP Code Injection
|
3 |
WEB
|
Beach
|
|
2010-10-30
|
|
Simpli Easy (AFC Simple) NewsLetter 4.2 - Cross-Site Scripting / Information Leakage
|
4 |
WEB
|
p0deje
|
|
2010-10-30
|
|
Zoopeer 0.1/0.2 - 'FCKeditor' Arbitrary File Upload
|
4 |
WEB
|
Net.Edit0r
|
|
2010-10-30
|
|
Joomla! Component com_jfuploader < 2.12 - Arbitrary File Upload
|
4 |
WEB
|
Setr0nix
|
|
2010-10-29
|
|
mygamingladder MGL Combo System 7.5 - 'game.php' SQL Injection
|
4 |
WEB
|
Easy Laster
|
|
2010-10-29
|
|
PHPKit 1.6.1 R2 - 'overview.php' SQL Injection
|
4 |
WEB
|
Easy Laster
|
|
2010-10-28
|
|
Pub-Me CMS - Blind SQL Injection
|
4 |
WEB
|
H4f
|
|
2010-10-28
|
|
TFTgallery 0.13.1 - Local File Inclusion
|
5 |
WEB
|
Havok
|
|
2010-10-28
|
|
RoSPORA 1.5.0 - Remote PHP Code Injection
|
3 |
WEB
|
EgiX
|
|
2010-10-27
|
|
mycart 2.0 - Multiple Vulnerabilities
|
4 |
WEB
|
Salvatore Fresta
|
|
2010-10-27
|
|
ACC IMoveis 4.0 - SQL Injection
|
4 |
WEB
|
EraGoN
|
|
2010-10-27
|
|
Alstrasoft e-Friends 4.96 - Multiple Vulnerabilities
|
4 |
WEB
|
Salvatore Fresta
|
|
2010-10-27
|
|
BlogBird Platform - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
Zomplog 3.9 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
NinkoBB 1.3RC5 - Cross-Site Scripting
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
Zomplog 3.9 - Cross-Site Request Forgery
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
BloofoxCMS Registration Plugin - SQL Injection
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
Energine CMS - SQL Injection
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
BloofoxCMS 0.3.5 - Information Disclosure
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
MyBB 1.6 - Full Path Disclosure
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
Novaboard 1.1.4 - Local File Inclusion
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
DZCP (deV!L_z Clanportal) 1.5.4 - Local File Inclusion
|
4 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
phpLiterAdmin 1.0 RC1 - Authentication Bypass
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
DBHcms 1.1.4 - 'dbhcms_user/SearchString' SQL Injection
|
3 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-26
|
|
BigACE 2.7.3 - Cross-Site Request Forgery (Change Admin Password)
|
4 |
WEB
|
Sweet
|
