|
2010-03-26
|
|
Joomla! Component dcsFlashGames 2.0RC1 - 'catid' SQL Injection
|
7 |
WEB
|
kaMtiEz
|
|
2010-03-25
|
|
WebsiteBaker 2.8.1 - DataBase Backup Disclosure
|
8 |
WEB
|
Tr0y-x
|
|
2010-03-25
|
|
Direct News 4.10.2 - Multiple Remote File Inclusions
|
8 |
WEB
|
mat
|
|
2010-03-25
|
|
SiteX CMS 0.7.4 Beta - 'photo.php' SQL Injection
|
8 |
WEB
|
Sc0rpi0n
|
|
2010-03-25
|
|
justVisual 2.0 - 'index.php' Local File Inclusion
|
8 |
WEB
|
eidelweiss
|
|
2010-03-25
|
|
Easy-Clanpage 2.01 - SQL Injection
|
8 |
WEB
|
Easy Laster
|
|
2010-03-25
|
|
INVOhost - SQL Injection
|
8 |
WEB
|
Andrés Gómez
|
|
2010-03-25
|
|
Interactivefx.ie CMS - SQL Injection
|
8 |
WEB
|
Inj3ct0r
|
|
2010-03-24
|
|
vBulletin Blog 4.0.2 - Title Cross-Site Scripting
|
8 |
WEB
|
FormatXformat
|
|
2010-03-24
|
|
Joomla! Component com_software - SQL Injection
|
8 |
WEB
|
DevilZ TM
|
|
2010-03-24
|
|
Joomla! Component com_wallpapers - SQL Injection
|
8 |
WEB
|
DevilZ TM
|
|
2010-03-24
|
|
New-CMS - Local File Inclusion
|
6 |
WEB
|
Xash
|
|
2010-03-24
|
|
Joomla! Component com_universal - Remote File Inclusion
|
8 |
WEB
|
eidelweiss
|
|
2010-03-24
|
|
E-PHP CMS - SQL Injection
|
8 |
WEB
|
Th3 RDX
|
|
2010-03-24
|
|
CMS By SoftnSolv - 'index.php' SQL Injection
|
8 |
WEB
|
Th3 RDX
|
|
2010-03-24
|
|
Easy-Clanpage 2.0 - Blind SQL Injection
|
8 |
WEB
|
Easy Laster
|
|
2010-03-23
|
|
Joomla! Component SMEStorage - Local File Inclusion
|
8 |
WEB
|
Chip d3 bi0s
|
|
2010-03-23
|
|
Xataface - Admin Authentication Bypass
|
7 |
WEB
|
Xinapse
|
|
2010-03-23
|
|
Joomla! Component Property - Local File Inclusion
|
8 |
WEB
|
Chip d3 bi0s
|
|
2010-03-23
|
|
Zephyrus CMS - 'index.php' SQL Injection
|
8 |
WEB
|
Phenom
|
|
2010-03-23
|
|
Insky CMS 006-0111 - Multiple Remote File Inclusions
|
8 |
WEB
|
mat
|
|
2010-03-23
|
|
Joomla! Component com_gds - SQL Injection
|
8 |
WEB
|
DevilZ TM
|
|
2010-03-23
|
|
Uiga Business Portal - 'index.php' SQL Injection
|
8 |
WEB
|
Easy Laster
|
|
2010-03-23
|
|
Joomla! Component com_jwmmxtd - Remote File Inclusion
|
8 |
WEB
|
eidelweiss
|
|
2010-03-22
|
|
Joomla! Component com_flash - SQL Injection
|
9 |
WEB
|
DevilZ TM
|
|
2010-03-22
|
|
New Advisore Stack 1.1 - Directory Traversal
|
8 |
WEB
|
R3VAN_BASTARD
|
|
2010-03-22
|
|
PowieSys 0.7.7 alpha - 'index.php' shownews SQL Injection
|
8 |
WEB
|
Easy Laster
|
|
2010-03-22
|
|
Uiga Fan Club - SQL Injection
|
8 |
WEB
|
Sioma Labs
|
|
2010-03-22
|
|
CMS Openpage - 'index.php' SQL Injection
|
7 |
WEB
|
Phenom
|
|
2010-03-22
|
|
Mini-CMS RibaFS 1.0 - Authentication Bypass
|
8 |
WEB
|
cr4wl3r
|
|
2010-03-21
|
|
4x CMS r26 - Authentication Bypass
|
9 |
WEB
|
cr4wl3r
|
|
2010-03-21
|
|
NotSopureEdit 1.4.1 - Remote File Inclusion
|
8 |
WEB
|
cr4wl3r
|
|
2010-03-21
|
|
WebMaid CMS 0.2-6 Beta - Multiple Remote File Inclusions
|
8 |
WEB
|
cr4wl3r
|
|
2010-03-21
|
|
Fw-BofF (oolime-resurrection) 1.5.3beta - Multiple Remote File Inclusions
|
8 |
WEB
|
cr4wl3r
|
|
2010-03-21
|
|
Woltlab Burning Board Lite Addon - 'lexikon.php' SQL Injection
|
9 |
WEB
|
n3w7u
|
|
2010-03-21
|
|
Jewelry Cart Software - 'product.php' SQL Injection
|
8 |
WEB
|
Asyraf
|
|
2010-03-21
|
|
Adult Video Site Script - Multiple Vulnerabilities
|
8 |
WEB
|
indoushka
|
|
2010-03-21
|
|
Woltlab Burning Board Teamsite Hack 3.0 - 'ts_other.php' SQL Injection
|
8 |
WEB
|
Easy Laster
|
|
2010-03-20
|
|
Trouble Ticket Software - 'ttx.cgi' Arbitrary File Download
|
10 |
WEB
|
n01d
|
|
2010-03-20
|
|
Pay Per Watch & Bid Auktions System - 'auktion.php?id_auk' Blind SQL Injection
|
7 |
WEB
|
Easy Laster
|
|
2010-03-20
|
|
Joomla! Component Gift Exchange com_giftexchange 1.0 Beta - 'pkg' SQL Injection
|
8 |
WEB
|
Chip d3 bi0s
|
|
2010-03-19
|
|
Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion
|
8 |
WEB
|
Chip d3 bi0s
|
|
2010-03-19
|
|
DirectAdmin 1.34.4 - Multiple Cross-Site Request Forgerys
|
8 |
WEB
|
K053
|
|
2010-03-19
|
|
PHPscripte24 Preisschlacht Liveshop System - 'index.php?aid' SQL Injection
|
8 |
WEB
|
Easy Laster
|
|
2010-03-19
|
|
quality point 1.0 newsfeed - SQL Injection / Cross-Site Scripting
|
8 |
WEB
|
Red-D3v1L
|
|
2010-03-18
|
|
SOFTSAURUS 2.01 - Multiple Remote File Inclusions
|
8 |
WEB
|
cr4wl3r
|
|
2010-03-18
|
|
nensor CMS 2.01 - Multiple Vulnerabilities
|
8 |
WEB
|
cr4wl3r
|
|
2010-03-18
|
|
phpscripte24 Niedrig Gebote Pro Auktions System II - Blind SQL Injection
|
9 |
WEB
|
Easy Laster
|
|
2010-03-18
|
|
philboard 1.02 - SQL Injection
|
8 |
WEB
|
ViRuS_HiMa
|
|
2010-03-18
|
|
phpAuthent 0.2.1 - SQL Injection
|
8 |
WEB
|
Gamoscu
|
|
2010-03-18
|
|
SiteDone Custom Edition 2.0 - SQL Injection / Cross-Site Scripting
|
9 |
WEB
|
d3v1l
|
|
2010-03-18
|
|
DewNewPHPLinks 2.1.0.1 - Local File Inclusion
|
8 |
WEB
|
ITSecTeam
|
|
2010-03-18
|
|
ManageEngine ServiceDesk Plus 7.6 - woID SQL Injection
|
8 |
WEB
|
Nahuel Grisolia
|
|
2010-03-17
|
|
Joomla! Component com_vxdate - Multiple Vulnerabilities
|
8 |
WEB
|
MustLive
|
|
2010-03-17
|
|
PHP-Nuke - ratedownload SQL Injection
|
9 |
WEB
|
ITSecTeam
|
|
2010-03-17
|
|
Joomla! Component com_ckforms - Multiple Vulnerabilities
|
7 |
WEB
|
ALTBTA
|
|
2010-03-17
|
|
PostNuke FormExpress Module - Blind SQL Injection
|
7 |
WEB
|
Ali Abbasi
|
|
2010-03-17
|
|
Preisschlacht Multi Liveshop System - 'index.php?aid' SQL Injection
|
8 |
WEB
|
Easy Laster
|
|
2010-03-17
|
|
Joomla! Component com_include - SQL Injection
|
8 |
WEB
|
DevilZ TM
|
|
2010-03-17
|
|
ChillyCMS - Cross-Site Request Forgery
|
9 |
WEB
|
pratul agrawal
|
|
2010-03-17
|
|
Clain_TIger_CMS - Cross-Site Request Forgery
|
9 |
WEB
|
pratul agrawal
|
|
2010-03-16
|
|
OSSIM 2.2 - Multiple Vulnerabilities
|
9 |
WEB
|
Nahuel Grisolia
|
|
2010-03-16
|
|
eGroupWare 1.6.002 and eGroupWare premium line 9.1 - Multiple Vulnerabilities
|
8 |
WEB
|
Nahuel Grisolia
|
|
2010-03-16
|
|
phpscripte24 Auktionshaus Community Standart System - Blind SQL Injection
|
8 |
WEB
|
Easy Laster
|
|
2010-03-16
|
|
Short URL 1.01 - Local File Inclusion
|
8 |
WEB
|
Pouya Daneshmand
|
|
2010-03-16
|
|
Online Community CMS by I-net - SQL Injection
|
8 |
WEB
|
Th3 RDX
|
|
2010-03-16
|
|
Free Real Estate Contact Form 1.09 - Local File Inclusion
|
8 |
WEB
|
Pouya Daneshmand
|
|
2010-03-16
|
|
Joomla! Component com_rwcards - Local File Inclusion
|
8 |
WEB
|
ALTBTA
|
|
2010-03-16
|
|
osCMax 2.0 - 'FCKeditor' Arbitrary File Upload
|
8 |
WEB
|
ITSecTeam
|
|
2010-03-15
|
|
Newbie CMS - File Disclosure
|
8 |
WEB
|
JIKO
|
|
2010-03-15
|
|
Joomla! Component com_route - SQL Injection
|
8 |
WEB
|
N2n-Hacker
|
|
2010-03-15
|
|
Joomla! Component com_bidding - SQL Injection
|
9 |
WEB
|
N2n-Hacker
|
|
2010-03-15
|
|
Preisschlacht 4.0 Flash System - 'index.php?aid' SQL Injection
|
8 |
WEB
|
Easy Laster
|
|
2010-03-15
|
|
Joomla! Component com_rokdownloads - Local File Inclusion
|
9 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2010-03-15
|
|
Joomla! Component com_sectionex - Local File Inclusion
|
8 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2010-03-15
|
|
Joomla! Component com_ganalytics - Local File Inclusion
|
8 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2010-03-15
|
|
Joomla! Component com_janews - Local File Inclusion
|
7 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2010-03-15
|
|
Joomla! Component com_linkr - Local File Inclusion
|
8 |
WEB
|
AtT4CKxT3rR0r1ST
|
|
2010-03-15
|
|
osDate 2.1.9 - Remote File Inclusion
|
8 |
WEB
|
NoGe
|
|
2010-03-15
|
|
Address Book Script 1.09 - Local File Inclusion
|
8 |
WEB
|
Pouya Daneshmand
|
|
2010-03-15
|
|
Joomla! Component com_org - 'letter' SQL Injection
|
8 |
WEB
|
kazuya
|
|
2010-03-15
|
|
Subdreamer 3.0.1 - CMS upload
|
7 |
WEB
|
indoushka
|
|
2010-03-15
|
|
Interspire SHOPPING CART 5.5.4 - Ultimate Edition backup dump
|
8 |
WEB
|
indoushka
|
|
2010-03-15
|
|
CH-CMS.ch 2 - Arbitrary File Upload
|
8 |
WEB
|
EL-KAHINA
|
|
2010-03-15
|
|
Torrent Hoster - Remount Upload
|
8 |
WEB
|
EL-KAHINA
|
|
2010-03-15
|
|
FreeHost 1.00 - Arbitrary File Upload
|
8 |
WEB
|
indoushka
|
|
2010-03-15
|
|
Duhok Forum 1.0 script - Cross-Site Scripting
|
7 |
WEB
|
indoushka
|
|
2010-03-15
|
|
Joomla! Component com_rpx Ulti RPX 2.1.0 - Local File Inclusion
|
8 |
WEB
|
jdc
|
|
2010-03-15
|
|
Phenix 3.5b - SQL Injection
|
8 |
WEB
|
ITSecTeam
|
|
2010-03-15
|
|
Ninja RSS Syndicator 1.0.8 - Local File Inclusion
|
9 |
WEB
|
jdc
|
|
2010-03-15
|
|
PHP Classifieds 7.5 - Blind SQL Injection
|
8 |
WEB
|
ITSecTeam
|
|
2010-03-15
|
|
Joomla! Component com_gcalendar Suite 2.1.5 - Local File Inclusion
|
8 |
WEB
|
jdc
|
|
2010-03-14
|
|
PhpMyLogon 2.0 - SQL Injection
|
8 |
WEB
|
blake
|
|
2010-03-14
|
|
DZCP (deV!L_z Clanportal) 1.5.2 - Remote File Inclusion
|
8 |
WEB
|
cr4wl3r
|
|
2010-03-14
|
|
PHPpool media Domain Verkaufs und Auktions Portal - 'index.php' SQL Injection
|
8 |
WEB
|
Easy Laster
|
|
2010-03-14
|
|
PHP-Nuke - Local File Inclusion
|
8 |
WEB
|
ITSecTeam
|
|
2010-03-14
|
|
RogioBiz PHP Fle Manager 1.2 - Admin Bypass
|
8 |
WEB
|
ITSecTeam
|
|
2010-03-14
|
|
Joomla! Component com_nfnaddressbook - SQL Injection
|
8 |
WEB
|
snakespc
|
|
2010-03-14
|
|
DesktopOnNet 3 Beta9 - Local File Inclusion
|
8 |
WEB
|
cr4wl3r
|
|
2010-03-14
|
|
Front Door 0.4b - SQL Injection
|
8 |
WEB
|
blake
|
|
2010-03-14
|
|
PHP-Fusion 6.01.15.4 - 'downloads.php' SQL Injection
|
8 |
WEB
|
Inj3ct0r
|
|
2010-03-14
|
|
Joomla! Component com_org - SQL Injection
|
8 |
WEB
|
N2n-Hacker
|
|
2010-03-14
|
|
Trouble Ticket Express 3.01 - Remote Code Execution / Directory Traversal
|
8 |
WEB
|
zombiefx
|
|
2010-03-13
|
|
Ad Board Script 1.01 - Local File Inclusion
|
8 |
WEB
|
ITSecTeam
|
|
2010-03-13
|
|
GeekHelps ADMP 1.01 - Multiple Vulnerabilities
|
8 |
WEB
|
ITSecTeam
|
|
2010-03-13
|
|
Mambo Component MambAds - SQL Injection
|
8 |
WEB
|
Dreadful
|
|
2010-03-13
|
|
Xbtit 2.0.0 - SQL Injection
|
9 |
WEB
|
Ctacok
|
|
2010-03-13
|
|
systemsoftware Community Black - 'index.php' SQL Injection
|
9 |
WEB
|
Easy Laster
|
|
2010-03-13
|
|
Azeno CMS - SQL Injection
|
10 |
WEB
|
DevilZ TM
|
|
2010-03-13
|
|
Joomla! Component com_races - Blind SQL Injection
|
8 |
WEB
|
DevilZ TM
|
|
2010-03-13
|
|
Joomla! Component com_comp - SQL Injection
|
8 |
WEB
|
DevilZ TM
|
|
2010-03-13
|
|
Joomla! Component com_sbsfile - Local File Inclusion
|
21 |
WEB
|
DevilZ TM
|
|
2010-03-12
|
|
Joomla! Component com_juliaportfolio - Local File Inclusion
|
8 |
WEB
|
DevilZ TM
|
|
2010-03-12
|
|
dreamlive Auktionshaus script - 'news.php?id' SQL Injection
|
8 |
WEB
|
Easy Laster
|
|
2010-03-12
|
|
Invision Power Board Currency Mod 1.3 - 'edit' SQL Injection
|
8 |
WEB
|
Yakir Wizman
|
|
2010-03-12
|
|
Easynet Forum Host - 'topic.php' SQL Injection
|
8 |
WEB
|
Yakir Wizman
|
|
2010-03-12
|
|
Joomla! Component com_family - SQL Injection
|
8 |
WEB
|
DevilZ TM
|
|
2010-03-12
|
|
Joomla! Component com_leader - SQL Injection
|
7 |
WEB
|
DevilZ TM
|
|
2010-03-12
|
|
Joomla! Component com_start - SQL Injection
|
8 |
WEB
|
DevilZ TM
|
|
2010-03-11
|
|
Joomla! Component com_party - SQL Injection
|
8 |
WEB
|
DevilZ TM
|
|
2010-03-11
|
|
Joomla! Component com_color - SQL Injection
|
8 |
WEB
|
DevilZ TM
|
|
2010-03-11
|
|
Joomla! Component com_gigfe - SQL Injection
|
8 |
WEB
|
DevilZ TM
|
|
2010-03-11
|
|
Joomla! Component com_products - 'intCategoryId' SQL Injection
|
8 |
WEB
|
N2n-Hacker
|
|
2010-03-11
|
|
Eros Erotik Webkatalog - 'start.php?id' SQL Injection
|
8 |
WEB
|
Easy Laster
|
|
2010-03-11
|
|
Joomla! Component com_blog - SQL Injection
|
8 |
WEB
|
DevilZ TM
|
