|
2009-12-17
|
|
VirtueMart - 'Product_ID' SQL Injection
|
4 |
WEB
|
Neo-GabrieL
|
|
2009-12-17
|
|
Piwik Open Flash Chart - Remote Code Execution
|
4 |
WEB
|
Braeden Thomas
|
|
2009-12-17
|
|
jCore CMS - Cross-Site Scripting
|
4 |
WEB
|
loneferret
|
|
2009-12-17
|
|
eWebquiz 8 - Blind SQL Injection
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-17
|
|
V.H.S. Booking - 'hotel_habitaciones.php?HotelID' SQL Injection
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-17
|
|
ReVou Software - SQL Injection
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-17
|
|
ActiveBuyandSell 6.2 - 'buyersend.asp?catid' Blind SQL Injection
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-17
|
|
Pre Jobo .NET - Authentication Bypass
|
4 |
WEB
|
bi0
|
|
2009-12-17
|
|
Uploader by CeleronDude 5.3.0 - Arbitrary File Upload (1)
|
4 |
WEB
|
Stink
|
|
2009-12-17
|
|
Pre Job Board 1.0 - Authentication Bypass
|
5 |
WEB
|
bi0
|
|
2009-12-17
|
|
Active Auction House 3.6 - Blind SQL Injection
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-17
|
|
Matrimony Script - Cross-Site Request Forgery
|
4 |
WEB
|
bi0
|
|
2009-12-17
|
|
Jobscript4Web 3.5 - Multiple Cross-Site Request Forgery Vulnerabilities
|
4 |
WEB
|
bi0
|
|
2009-12-17
|
|
Basic PHP Events Lister 2 - Arbitrary Add Admin
|
3 |
WEB
|
RENO
|
|
2009-12-17
|
|
dblog - 'dblog.mdb' Remote Database Disclosure
|
4 |
WEB
|
AnTi SeCuRe
|
|
2009-12-17
|
|
Sitecore Staging Module 5.4.0 - Authentication Bypass / File Manipulation
|
4 |
WEB
|
L. Weichselbaum
|
|
2009-12-17
|
|
Horde 3.3.5 - 'PHP_SELF' Cross-Site Scripting
|
4 |
WEB
|
Juan Galiana Lara
|
|
2009-12-17
|
|
PHP F1 Upload - Arbitrary File Upload
|
4 |
WEB
|
wlhaan hacker
|
|
2009-12-17
|
|
Charon Cart 3.0 - 'ContentID' Blind SQL Injection
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-17
|
|
Multi-Lingual Application - Blind SQL Injection
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-16
|
|
Smart ASPad - 'campaignEdit.asp?CCam' Blind SQL Injection
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-16
|
|
ASPGuest - 'edit.asp?ID' Blind SQL Injection
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-16
|
|
Pre Hotels&Resorts Management System - Authentication Bypass
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-16
|
|
Texas Rankem - 'player_id' SQL Injection
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-16
|
|
Omnistar Affiliate - Authentication Bypass
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-16
|
|
eUploader PRO 3.1.1 - Cross-Site Request Forgery / Cross-Site Scripting
|
4 |
WEB
|
Milos Zivanovic
|
|
2009-12-16
|
|
Pre Hospital Management System - 'department.php?id' SQL Injection
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-16
|
|
File Share 1.0 - SQL Injection
|
4 |
WEB
|
TOP SAT 13
|
|
2009-12-16
|
|
Digiappz Freekot - Authentication Bypass
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-16
|
|
PhpLinkExchange 1.02 - Cross-Site Scripting / Upload
|
4 |
WEB
|
Stink'
|
|
2009-12-16
|
|
D-Tendencia Bt 2008 - SQL Injection
|
4 |
WEB
|
Dr.0rYX & Cr3W-DZ
|
|
2009-12-16
|
|
WHMCompleteSolution CMS - SQL Injection
|
4 |
WEB
|
Dr.0rYX & Cr3W-DZ
|
|
2009-12-16
|
|
Pre Hospital Management System - Authentication Bypass
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-16
|
|
WordPress Plugin WP-Forum 2.3 - SQL Injection / Blind SQL Injection
|
4 |
WEB
|
Juan Galiana Lara
|
|
2009-12-16
|
|
Drupal Module Sections - Cross-Site Scripting
|
4 |
WEB
|
Justin C. Klein Keane
|
|
2009-12-16
|
|
GuestBookPro Script - Remote Database Disclosure
|
4 |
WEB
|
ViRuSMaN
|
|
2009-12-16
|
|
Codefixer Membership - Remote Database Disclosure
|
4 |
WEB
|
ViRuSMaN
|
|
2009-12-16
|
|
OSSIM 2.1.5 - Arbitrary File Upload
|
4 |
WEB
|
Nahuel Grisolia
|
|
2009-12-16
|
|
OSSIM 2.1.5 - Remote Command Execution
|
4 |
WEB
|
Nahuel Grisolia
|
|
2009-12-16
|
|
OSSIM 2.1.5 - SQL Injection
|
4 |
WEB
|
Nahuel Grisolia
|
|
2009-12-16
|
|
iSupport 1.8 - Cross-Site Scripting / Local File Inclusion
|
4 |
WEB
|
Stink & Essandre
|
|
2009-12-16
|
|
RecipePal 1.0 - SQL Injection
|
5 |
WEB
|
R3d-D3V!L
|
|
2009-12-16
|
|
Article Directory - SQL Injection
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-16
|
|
V-SpacePal - SQL Injection
|
5 |
WEB
|
R3d-D3V!L
|
|
2009-12-16
|
|
Recipe Script 5.0 - Arbitrary File Upload / Cross-Site Request Forgery / Cross-Site Scripting
|
4 |
WEB
|
Milos Zivanovic
|
|
2009-12-16
|
|
JM CMS 1.0 - Authentication Bypass
|
4 |
WEB
|
Red-D3v1L
|
|
2009-12-16
|
|
family connections 2.1.3 - Multiple Vulnerabilities
|
4 |
WEB
|
Salvatore Fresta
|
|
2009-12-15
|
|
SitePal 1.1 - Authentication Bypass
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-15
|
|
GalleryPal FE 1.5 - Authentication Bypass
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-15
|
|
iGaming CMS 1.5 - Cross-Site Request Forgery
|
4 |
WEB
|
Nex
|
|
2009-12-15
|
|
DubSite CMS 1.0 - Cross-Site Request Forgery
|
4 |
WEB
|
Connection
|
|
2009-12-15
|
|
Ez Cart 1.0 - Multiple Cross-Site Request Forgery Vulnerabilities
|
4 |
WEB
|
Milos Zivanovic
|
|
2009-12-15
|
|
Ez Blog 1.0 - Cross-Site Scripting / Cross-Site Request Forgery
|
4 |
WEB
|
Milos Zivanovic
|
|
2009-12-15
|
|
LinkPal 1.0 - SQL Injection
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-15
|
|
ClickTrackerASP - 'sitedetails.asp?siteid' SQL Injection
|
4 |
WEB
|
R3d-D3V!L
|
|
2009-12-15
|
|
DesigNsbyjm CMS 1.0 - 'PageId' SQL Injection
|
4 |
WEB
|
Red-D3v1L
|
|
2009-12-15
|
|
Ez Faq Maker - Multiple Vulnerabilities
|
4 |
WEB
|
Milos Zivanovic
|
|
2009-12-15
|
|
SitioOnline - SQL Injection
|
4 |
WEB
|
4lG3r14n0-t3r0
|
|
2009-12-15
|
|
Ez News Manager / Pro - Cross-Site Request Forgery (Change Admin Password)
|
4 |
WEB
|
Milos Zivanovic
|
|
2009-12-15
|
|
Linkster - PHP/MySQL SQL Injection
|
4 |
WEB
|
Angela Zhang
|
|
2009-12-15
|
|
EEGshop 1.2 - SQL Injection
|
4 |
WEB
|
Securitylab.ir
|
|
2009-12-14
|
|
Oracle E-Business Suite - Multiple Vulnerabilities
|
4 |
WEB
|
Hacktics
|
|
2009-12-14
|
|
Traidnt Discovery - Cross-Site Request Forgery (Create Staff Account)
|
2 |
WEB
|
G0D-F4Th3r
|
|
2009-12-14
|
|
WSCreator 1.1 - Blind SQL Injection
|
4 |
WEB
|
Salvatore Fresta
|
|
2009-12-14
|
|
Tender System 0.9.5b - Local File Inclusion
|
4 |
WEB
|
Packetdeath
|
|
2009-12-14
|
|
mini Hosting Panel - Cross-Site Request Forgery (Change Admin Settings)
|
4 |
WEB
|
Milos Zivanovic
|
|
2009-12-14
|
|
Text Exchange Pro - Cross-Site Request Forgery (Add Admin)
|
4 |
WEB
|
bi0
|
|
2009-12-14
|
|
Easy Banner Pro - Cross-Site Request Forgery (Add Admin)
|
4 |
WEB
|
bi0
|
|
2009-12-14
|
|
Ez Poll Hoster - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities
|
4 |
WEB
|
Milos Zivanovic
|
|
2009-12-14
|
|
AdManagerPro - Cross-Site Request Forgery (Add Admin)
|
4 |
WEB
|
bi0
|
|
2009-12-14
|
|
Smart PHP Subscriber - Multiple Disclosure Vulnerabilities
|
4 |
WEB
|
Milos Zivanovic
|
|
2009-12-14
|
|
Link Up Gold - Cross-Site Request Forgery (Add Admin)
|
4 |
WEB
|
bi0
|
|
2009-12-14
|
|
Mail Manager Pro - Cross-Site Request Forgery (Change Admin Password)
|
4 |
WEB
|
Milos Zivanovic
|
|
2009-12-14
|
|
Zabbix Server - Multiple Vulnerabilities
|
4 |
WEB
|
Nicob
|
|
2009-12-14
|
|
Zabbix Agent < 1.6.7 - Remote Bypass
|
4 |
WEB
|
Nicob
|
|
2009-12-14
|
|
NAS Uploader 1.0/1.5 - Arbitrary File Upload
|
4 |
WEB
|
ViRuSMaN
|
|
2009-12-14
|
|
myPHPupload 0.5.1 - Arbitrary File Upload
|
4 |
WEB
|
ViRuSMaN
|
|
2009-12-14
|
|
Maxs AJAX File Uploader - Arbitrary File Upload
|
4 |
WEB
|
ViRuSMaN
|
|
2009-12-14
|
|
Digital Hive - Multiple Vulnerabilities
|
3 |
WEB
|
ViRuSMaN
|
|
2009-12-14
|
|
[WS] upload - Arbitrary File Upload
|
4 |
WEB
|
ViRuSMaN
|
|
2009-12-14
|
|
Quartz Concept Content Manager 3.00 - Authentication Bypass
|
3 |
WEB
|
Mr.aFiR
|
|
2009-12-14
|
|
Redmine 0.8.6 - Cross-Site Request Forgery (Add Admin)
|
4 |
WEB
|
p0deje
|
|
2009-12-14
|
|
eoCMS 0.9.03 - Remote File Inclusion
|
4 |
WEB
|
1nd0n3s14n l4m3r
|
|
2009-12-14
|
|
Automne.ws CMS 4.0.0rc2 - Multiple Remote File Inclusions
|
4 |
WEB
|
1nd0n3s14n l4m3r
|
|
2009-12-14
|
|
Ez Guestbook 1.0 - Multiple Vulnerabilities
|
4 |
WEB
|
Milos Zivanovic
|
|
2009-12-13
|
|
Chipmunk Board Script 1.x - Multiple Cross-Site Request Forgery Vulnerabilities
|
4 |
WEB
|
Milos Zivanovic
|
|
2009-12-13
|
|
Ele Medios CMS - SQL Injection
|
4 |
WEB
|
Dr.0rYX & Cr3W-DZ
|
|
2009-12-13
|
|
Piwigo 2.0.6 - Multiple Vulnerabilities
|
4 |
WEB
|
mr_me
|
|
2009-12-13
|
|
Frog CMS 0.9.5 - Cross-Site Request Forgery
|
4 |
WEB
|
Milos Zivanovic
|
|
2009-12-13
|
|
Acc PHP eMail 1.1 - Cross-Site Request Forgery
|
4 |
WEB
|
bi0
|
|
2009-12-10
|
|
phpLDAPadmin - Local File Inclusion
|
4 |
WEB
|
ipsecs
|
|
2009-12-13
|
|
SpireCMS 2.0 - SQL Injection
|
4 |
WEB
|
Dr.0rYX & Cr3W-DZ
|
|
2009-12-13
|
|
Joomla! Component com_virtuemart 1.0 - 'Product_ID' SQL Injection
|
4 |
WEB
|
SOA Crew
|
|
2009-12-13
|
|
AccStatistics 1.1 - Cross-Site Request Forgery (Change Admin Settings)
|
5 |
WEB
|
Milos Zivanovic
|
|
2009-12-13
|
|
Interspire Shopping Cart - Full Path Disclosure
|
4 |
WEB
|
Mr.aFiR
|
|
2009-12-13
|
|
Uploadscript 1.0 - Multiple Vulnerabilities
|
5 |
WEB
|
Mr.aFiR
|
|
2009-12-13
|
|
Acc Auto Dealer Script 5.0 - Persistent Cross-Site Scripting / SQL Backup
|
5 |
WEB
|
bi0
|
|
2009-12-12
|
|
ZeeCareers 2.x - PHP HR Manager Website (Cross-Site Scripting / Authentication Bypass)
|
4 |
WEB
|
bi0
|
|
2009-12-12
|
|
Miniweb 2.0 - Full Path Disclosure
|
6 |
WEB
|
Salvatore Fresta
|
|
2009-12-11
|
|
B2C Booking Centre Systems - SQL Injection
|
4 |
WEB
|
Salvatore Fresta
|
|
2009-12-11
|
|
XAMPP 1.7.2 - Change Administrative Password
|
4 |
WEB
|
bi0
|
|
2009-12-11
|
|
phpCollegeExchange 0.1.5c - Multiple SQL Injections
|
4 |
WEB
|
Salvatore Fresta
|
|
2009-12-11
|
|
Illogator Shop - SQL Injection Bypass
|
5 |
WEB
|
bi0
|
|
2009-12-11
|
|
Chipmunk NewsLetter - Cross-Site Request Forgery
|
4 |
WEB
|
Milos Zivanovic
|
|
2005-05-07
|
|
Sun Solaris AnswerBook2 - Multiple Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
Thomas Liam Romanis
|
|
2009-12-11
|
|
E-Store - SQL Injection
|
3 |
WEB
|
Salvatore Fresta
|
|
2009-12-11
|
|
Digital Scribe 1.4.1 - Multiple SQL Injections
|
4 |
WEB
|
Salvatore Fresta
|
|
2009-12-11
|
|
oBlog - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Admin Brute Force
|
2 |
WEB
|
Milos Zivanovic
|
|
2009-12-10
|
|
Nuggetz CMS 1.0 - Remote Code Execution
|
4 |
WEB
|
Amol Naik
|
|
2009-12-11
|
|
Billwerx RC 3.1 - Multiple Vulnerabilities
|
4 |
WEB
|
mr_me
|
|
2009-12-10
|
|
OPMANAGER - Blind SQL Injection / XPath Injection
|
4 |
WEB
|
Asheesh kumar Mani Tripathi
|
|
2009-12-10
|
|
PHP Inventory 1.2 - Authentication Bypass
|
4 |
WEB
|
mr_me
|
|
2009-12-10
|
|
Joomla! Component Mamboleto 2.0 RC3 - Remote File Inclusion
|
4 |
WEB
|
Don Tukulesto
|
|
2009-12-10
|
|
Free ASP Upload - Arbitrary File Upload
|
5 |
WEB
|
Mr.aFiR
|
|
2009-12-10
|
|
Joomla! Component com_jphoto - 'id' SQL Injection
|
4 |
WEB
|
kaMtiEz
|
|
2009-12-10
|
|
Joomla! Component com_jsjobs 1.0.5.6 - SQL Injection
|
4 |
WEB
|
kaMtiEz
|
|
2009-12-09
|
|
TestLink Test Management and Execution System - Multiple Cross-Site Scripting / Injection Vulnerabil
|
4 |
WEB
|
Core Security
|
|
2009-12-09
|
|
Real Estate Portal X.0 - Authentication Bypass
|
4 |
WEB
|
AnTi SeCuRe
|
|
2009-12-08
|
|
AlefMentor 2.0 < 5.0 - 'id' SQL Injection
|
4 |
WEB
|
Red-D3v1L
|
|
2009-12-08
|
|
Alqatari group 1.0 < 5.0 - 'id' SQL Injection
|
4 |
WEB
|
Red-D3v1L
|
|
2009-12-08
|
|
Joomla! Component com_job - 'showMoreUse' SQL Injection
|
5 |
WEB
|
Palyo34
|
|
2009-12-08
|
|
Viscacha 0.8 Gold - Persistent Cross-Site Scripting
|
4 |
WEB
|
mr_me
|
|
2009-12-07
|
|
MarieCMS 0.9 - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting
|
5 |
WEB
|
Amol Naik
|
|
2009-12-08
|
|
IRAN N.E.T E-Commerce Group - SQL Injection
|
4 |
WEB
|
Dr.0rYX & Cr3W-DZ
|
|
2009-12-07
|
|
Barracuda IMFirewall 620 - Multiple Vulnerabilities
|
4 |
WEB
|
Global-Evolution
|
