|
2010-11-02
|
|
Dolphin 7.0.3 - Multiple Vulnerabilities
|
9 |
WEB
|
anT!-Tr0J4n
|
|
2010-11-02
|
|
Site2Nite Business eListings - SQL Injection
|
11 |
WEB
|
L0rd CrusAd3r
|
|
2010-11-02
|
|
Digger Solutions NewsLetter Open Source - SQL Injection
|
10 |
WEB
|
L0rd CrusAd3r
|
|
2010-11-02
|
|
Online Work Order System (OWOS) Professional Edition - Authentication Bypass
|
10 |
WEB
|
L0rd CrusAd3r
|
|
2010-11-02
|
|
Comrie Software Pay Roll Time Sheet & Punch Card - Authentication Bypass
|
10 |
WEB
|
L0rd CrusAd3r
|
|
2010-11-02
|
|
Site2Ntite Vacation Rental (VRBO) Listings - SQL Injection
|
10 |
WEB
|
L0rd CrusAd3r
|
|
2010-11-02
|
|
Azaronline Design - SQL Injection
|
11 |
WEB
|
XroGuE
|
|
2010-11-02
|
|
MetInfo 3.0 - 'FCKeditor' Arbitrary File Upload
|
12 |
WEB
|
[sh3n]
|
|
2010-11-02
|
|
Webmedia Explorer 6.13.1 - Persistent Cross-Site Scripting
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-02
|
|
MemHT Portal 4.0.1 - Persistent Cross-Site Scripting
|
11 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-02
|
|
Kandidat CMS 1.4.2 - Persistent Cross-Site Scripting
|
12 |
WEB
|
High-Tech Bridge SA
|
|
2010-11-01
|
|
douran portal 3.9.7.55 - Multiple Vulnerabilities
|
11 |
WEB
|
ITSecTeam
|
|
2010-11-01
|
|
Collabtive 0.65 - SQL Injection
|
10 |
WEB
|
Anatolia Security
|
|
2010-11-01
|
|
XAMPP 1.7.3 - Multiple Vulnerabilities
|
14 |
WEB
|
TheLeader
|
|
2010-10-31
|
|
Auto CMS 1.8 - Remote Code Execution
|
11 |
WEB
|
Giuseppe D'Inverno
|
|
2010-10-31
|
|
Joomla! Component Sponsor Wall 1.1 - SQL Injection
|
10 |
WEB
|
FL0RiX
|
|
2010-10-31
|
|
Joomla! Component Pulse Infotech Flip Wall - SQL Injection
|
11 |
WEB
|
FL0RiX
|
|
2010-10-31
|
|
MetInfo 3.0 - PHP Code Injection
|
12 |
WEB
|
Beach
|
|
2010-10-31
|
|
MetInfo 2.0 - PHP Code Injection
|
9 |
WEB
|
Beach
|
|
2010-10-30
|
|
Simpli Easy (AFC Simple) NewsLetter 4.2 - Cross-Site Scripting / Information Leakage
|
15 |
WEB
|
p0deje
|
|
2010-10-30
|
|
Zoopeer 0.1/0.2 - 'FCKeditor' Arbitrary File Upload
|
13 |
WEB
|
Net.Edit0r
|
|
2010-10-30
|
|
Joomla! Component com_jfuploader < 2.12 - Arbitrary File Upload
|
14 |
WEB
|
Setr0nix
|
|
2010-10-29
|
|
mygamingladder MGL Combo System 7.5 - 'game.php' SQL Injection
|
14 |
WEB
|
Easy Laster
|
|
2010-10-29
|
|
PHPKit 1.6.1 R2 - 'overview.php' SQL Injection
|
10 |
WEB
|
Easy Laster
|
|
2010-10-28
|
|
Pub-Me CMS - Blind SQL Injection
|
11 |
WEB
|
H4f
|
|
2010-10-28
|
|
TFTgallery 0.13.1 - Local File Inclusion
|
13 |
WEB
|
Havok
|
|
2010-10-28
|
|
RoSPORA 1.5.0 - Remote PHP Code Injection
|
11 |
WEB
|
EgiX
|
|
2010-10-27
|
|
mycart 2.0 - Multiple Vulnerabilities
|
11 |
WEB
|
Salvatore Fresta
|
|
2010-10-27
|
|
ACC IMoveis 4.0 - SQL Injection
|
12 |
WEB
|
EraGoN
|
|
2010-10-27
|
|
Alstrasoft e-Friends 4.96 - Multiple Vulnerabilities
|
11 |
WEB
|
Salvatore Fresta
|
|
2010-10-27
|
|
BlogBird Platform - Multiple Cross-Site Scripting Vulnerabilities
|
13 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
Zomplog 3.9 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities
|
11 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
NinkoBB 1.3RC5 - Cross-Site Scripting
|
12 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
Zomplog 3.9 - Cross-Site Request Forgery
|
11 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
BloofoxCMS Registration Plugin - SQL Injection
|
11 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
Energine CMS - SQL Injection
|
12 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
BloofoxCMS 0.3.5 - Information Disclosure
|
12 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
MyBB 1.6 - Full Path Disclosure
|
12 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
Novaboard 1.1.4 - Local File Inclusion
|
12 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
DZCP (deV!L_z Clanportal) 1.5.4 - Local File Inclusion
|
13 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
phpLiterAdmin 1.0 RC1 - Authentication Bypass
|
11 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-27
|
|
DBHcms 1.1.4 - 'dbhcms_user/SearchString' SQL Injection
|
13 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-26
|
|
BigACE 2.7.3 - Cross-Site Request Forgery (Change Admin Password)
|
14 |
WEB
|
Sweet
|
|
2010-10-25
|
|
Plesk Small Business Manager 10.2.0 and Site Editor - Multiple Vulnerabilities
|
14 |
WEB
|
David Hoyt
|
|
2010-10-25
|
|
Jamb - Cross-Site Request Forgery (Add a Post)
|
11 |
WEB
|
Stoke
|
|
2010-10-24
|
|
DBHcms 1.1.4 - 'dbhcms_pid' SQL Injection
|
11 |
WEB
|
ZonTa
|
|
2010-10-24
|
|
Pulse Pro 1.4.3 - Persistent Cross-Site Scripting
|
13 |
WEB
|
Th3 RDX
|
|
2010-10-21
|
|
Squirrelcart PRO 3.0.0 - Blind SQL Injection
|
10 |
WEB
|
Salvatore Fresta
|
|
2010-10-21
|
|
sNews CMS - Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
High-Tech Bridge SA
|
|
2010-10-20
|
|
Oracle Sun Java System Web Server - HTTP Response Splitting
|
10 |
WEB
|
Roberto Suggi Liverani
|
|
2010-10-19
|
|
phpCheckZ 1.1.0 - Blind SQL Injection
|
12 |
WEB
|
Salvatore Fresta
|
|
2010-10-19
|
|
Event Ticket Portal Script Admin Password Change - Cross-Site Request Forgery
|
10 |
WEB
|
KnocKout
|
|
2010-10-19
|
|
Travel Portal Script - Cross-Site Request Forgery (Admin Password Change)
|
11 |
WEB
|
KnocKout
|
|
2010-10-18
|
|
Brooky CubeCart 2.0.1 - SQL Injection
|
11 |
WEB
|
X_AviaTique_X
|
|
2010-10-18
|
|
GeekLog 1.7.0 - 'FCKeditor' Arbitrary File Upload
|
10 |
WEB
|
Kubanezi AHG
|
|
2010-10-18
|
|
411cc - Multiple SQL Injections
|
11 |
WEB
|
KnocKout
|
|
2010-10-17
|
|
Kisisel Radyo Script - Multiple Vulnerabilities
|
14 |
WEB
|
FuRty
|
|
2010-10-17
|
|
Tastydir 1.2 (1216) - Multiple Vulnerabilities
|
10 |
WEB
|
R
|
|
2010-10-17
|
|
WikiWebHelp 0.3.3 - Insecure Cookie Handling
|
10 |
WEB
|
FuRty
|
|
2010-10-15
|
|
KCFinder 2.2 - Arbitrary File Upload
|
13 |
WEB
|
saudi0hacker
|
|
2010-10-14
|
|
Xlrstats 2.0.1 - SQL Injection
|
10 |
WEB
|
Sky4
|
|
2010-10-14
|
|
Data/File - upload and Management Arbitrary File Upload
|
10 |
WEB
|
saudi0hacker
|
|
2010-10-13
|
|
Exponent CMS 0.97 - Multiple Vulnerabilities
|
10 |
WEB
|
LiquidWorm
|
|
2010-10-12
|
|
Collabtive 0.65 - Multiple Vulnerabilities
|
11 |
WEB
|
Anatolia Security
|
|
2010-10-12
|
|
WikiWebHelp 0.3.3 - Cross-Site Request Forgery
|
10 |
WEB
|
Yoyahack
|
|
2010-10-12
|
|
AdaptCMS 2.0.1 Beta - Remote File Inclusion (Metasploit)
|
10 |
WEB
|
v3n0m
|
|
2010-10-11
|
|
BaconMap 1.0 - Local File Disclosure
|
11 |
WEB
|
John Leitch
|
|
2010-10-11
|
|
BaconMap 1.0 - SQL Injection
|
10 |
WEB
|
John Leitch
|
|
2010-10-11
|
|
OrangeHRM 2.6.0.1 - Local File Inclusion
|
11 |
WEB
|
ZonTa
|
|
2010-10-10
|
|
Site2Nite Auto e-Manager - SQL Injection
|
12 |
WEB
|
KnocKout
|
|
2010-10-10
|
|
PHP-Fusion Mod Mg User Fotoalbum 1.0.1 - SQL Injection
|
14 |
WEB
|
Easy Laster
|
|
2010-10-09
|
|
VideoDB 3.0.3 - Multiple Vulnerabilities
|
12 |
WEB
|
Valentin
|
|
2010-10-09
|
|
Joomla! Component JS Calendar 1.5.1 - Multiple Vulnerabilities
|
11 |
WEB
|
Salvatore Fresta
|
|
2010-10-09
|
|
Chipmunk Pwngame - Multiple SQL Injections
|
13 |
WEB
|
KnocKout
|
|
2010-10-09
|
|
Joomla! Component Community Builder Enhanced (CBE) 1.4.8/1.4.9/1.4.10 - Local File Inclusion / Remot
|
11 |
WEB
|
Delf Tonder
|
|
2010-10-08
|
|
Flex Timesheet - Authentication Bypass
|
13 |
WEB
|
KnocKout
|
|
2010-10-08
|
|
xWeblog 2.2 - 'arsiv.asp?tarih' SQL Injection
|
12 |
WEB
|
ZoRLu
|
|
2010-10-07
|
|
xWeblog 2.2 - 'oku.asp?makale_id' SQL Injection
|
11 |
WEB
|
KnocKout
|
|
2010-10-07
|
|
Feindura File Manager 1.0(rc) - Arbitrary File Upload
|
10 |
WEB
|
KnocKout
|
|
2010-10-05
|
|
Cag CMS 0.2 - Cross-Site Scripting / Blind SQL Injection
|
14 |
WEB
|
Shamus
|
|
2010-10-05
|
|
SPAW Editor 2.0.8.1 - Local File Inclusion
|
12 |
WEB
|
soorakh kos
|
|
2010-10-05
|
|
CuteNews - 'page' Local File Inclusion
|
11 |
WEB
|
eidelweiss
|
|
2010-10-04
|
|
Uebimiau Webmail 3.2.0-2.0 - Local File Inclusion
|
13 |
WEB
|
blake
|
|
2010-10-04
|
|
Aspect Ratio CMS - Blind SQL Injection
|
12 |
WEB
|
Stephan Sattler
|
|
2010-10-04
|
|
DNET Live-Stats 0.8 - Local File Inclusion
|
11 |
WEB
|
blake
|
|
2010-10-04
|
|
FAQMasterFlex 1.2 - SQL Injection
|
13 |
WEB
|
cyb3r.anbu
|
|
2010-10-04
|
|
Cilem Haber 1.4.4 (Tr) - Database Disclosure
|
12 |
WEB
|
ZoRLu
|
|
2010-10-03
|
|
Aprox CMS Engine 6.0 - Multiple Vulnerabilities
|
12 |
WEB
|
Stephan Sattler
|
|
2010-10-03
|
|
TinyMCE MCFileManager 2.1.2 - Arbitrary File Upload
|
11 |
WEB
|
Hackeri-AL
|
|
2010-10-02
|
|
TradeMC E-Ticaret - SQL Injection / Cross-Site Scripting
|
10 |
WEB
|
KnocKout
|
|
2010-10-02
|
|
SmarterMail < 7.2.3925 - LDAP Injection
|
12 |
WEB
|
sqlhacker
|
|
2010-10-02
|
|
SmarterMail < 7.2.3925 - Persistent Cross-Site Scripting
|
10 |
WEB
|
sqlhacker
|
|
2010-10-02
|
|
Bka Haber 1.0 (Tr) - File Disclosure
|
10 |
WEB
|
ZoRLu
|
|
2010-10-01
|
|
iGaming CMS 1.5 - Blind SQL Injection
|
10 |
WEB
|
plucky
|
|
2010-10-01
|
|
Chipmunk Board 1.3 - 'index.php?forumID' SQL Injection
|
10 |
WEB
|
Shamus
|
|
2010-10-01
|
|
Tiki Wiki CMS Groupware 5.2 - Multiple Vulnerabilities
|
10 |
WEB
|
John Leitch
|
|
2010-10-01
|
|
phpMyShopping 1.0.1505 - Multiple Vulnerabilities
|
10 |
WEB
|
Metropolis
|
|
2010-10-01
|
|
jCart 1.1 - Multiple Cross-Site Scripting / Cross-Site Request Forgery/Open Redirect Vulnerabilities
|
10 |
WEB
|
p0deje
|
|
2010-10-01
|
|
Evaria Content Management System 1.1 - File Disclosure
|
10 |
WEB
|
khayeye shotor
|
|
2010-10-01
|
|
Zen Cart 1.3.9f - 'typefilter' Local File Inclusion
|
11 |
WEB
|
LiquidWorm
|
|
2010-10-01
|
|
zen cart 1.3.9f - Multiple Vulnerabilities
|
11 |
WEB
|
LiquidWorm
|
|
2010-09-30
|
|
JomSocial 1.8.8 - Arbitrary File Upload
|
10 |
WEB
|
Jeff Channell
|
|
2010-09-30
|
|
Joomla! Component JE Directory 1.0 - SQL Injection
|
10 |
WEB
|
Easy Laster
|
|
2010-09-30
|
|
Joomla! Component JE Job - SQL Injection
|
10 |
WEB
|
Easy Laster
|
|
2010-09-30
|
|
ASPMass Shopping Cart - Arbitrary File Upload / Cross-Site Request Forgery
|
10 |
WEB
|
Abysssec
|
|
2010-09-30
|
|
Joomla! Component JE Guestbook 1.0 - Multiple Vulnerabilities
|
10 |
WEB
|
Salvatore Fresta
|
|
2010-09-29
|
|
MyPhpAuction 2010 - 'id' SQL Injection
|
10 |
WEB
|
h4ck3r
|
|
2010-09-29
|
|
Webspell 4.x - safe_query Bypass
|
12 |
WEB
|
silent vapor
|
|
2010-09-29
|
|
Webspell wCMS-Clanscript4.01.02net - static Blind SQL Injection
|
11 |
WEB
|
Easy Laster
|
|
2010-09-29
|
|
Webspell 4.2.1 - 'asearch.php' SQL Injection
|
11 |
WEB
|
silent vapor
|
|
2010-09-28
|
|
Micro CMS 1.0 b1 - Persistent Cross-Site Scripting
|
10 |
WEB
|
SecPod Research
|
|
2010-09-28
|
|
Achievo 1.4.3 - Cross-Site Request Forgery
|
10 |
WEB
|
Pablo Milano
|
|
2010-09-28
|
|
Achievo 1.4.3 - Multiple Authorisation Vulnerabilities
|
10 |
WEB
|
Pablo Milano
|
|
2010-09-28
|
|
Aleza Portal 1.6 - Insecure SQL Injection / Cookie Handling
|
12 |
WEB
|
KnocKout
|
|
2010-09-28
|
|
e107 0.7.23 - SQL Injection
|
11 |
WEB
|
High-Tech Bridge SA
|
|
2010-09-28
|
|
JE CMS 1.0.0 - Authentication Bypass
|
11 |
WEB
|
Abysssec
|
|
2010-09-28
|
|
AtomatiCMS - Upload Arbitrary File
|
13 |
WEB
|
Abysssec
|
|
2010-09-27
|
|
Car Portal 2.0 - Blind SQL Injection
|
10 |
WEB
|
**RoAd_KiLlEr**
|
|
2010-09-27
|
|
Barracuda Networks Spam & Virus Firewall 4.1.1.021 - Remote Configuration Retrieval
|
10 |
WEB
|
ShadowHatesYou
|
|
2010-09-27
|
|
Allpc 2.5 osCommerce - SQL Injection / Cross-Site Scripting
|
13 |
WEB
|
**RoAd_KiLlEr**
|
|
2010-09-27
|
|
Entrans - SQL Injection
|
9 |
WEB
|
keracker
|
|
2010-09-27
|
|
ndCMS - SQL Injection
|
11 |
WEB
|
Abysssec
|
|
2010-09-27
|
|
pbboard 2.1.1 - Multiple Vulnerabilities
|
12 |
WEB
|
JIKO
|
|
2010-09-26
|
|
Blue River Mura CMS - Directory Traversal
|
11 |
WEB
|
mr_me
|
|
2010-09-26
|
|
PEEL Premium 5.71 - SQL Injection
|
13 |
WEB
|
KnocKout
|
