|
2009-12-13
|
|
Frog CMS 0.9.5 - Cross-Site Request Forgery
|
10 |
WEB
|
Milos Zivanovic
|
|
2009-12-13
|
|
Acc PHP eMail 1.1 - Cross-Site Request Forgery
|
12 |
WEB
|
bi0
|
|
2009-12-10
|
|
phpLDAPadmin - Local File Inclusion
|
11 |
WEB
|
ipsecs
|
|
2009-12-13
|
|
SpireCMS 2.0 - SQL Injection
|
10 |
WEB
|
Dr.0rYX & Cr3W-DZ
|
|
2009-12-13
|
|
Joomla! Component com_virtuemart 1.0 - 'Product_ID' SQL Injection
|
10 |
WEB
|
SOA Crew
|
|
2009-12-13
|
|
AccStatistics 1.1 - Cross-Site Request Forgery (Change Admin Settings)
|
11 |
WEB
|
Milos Zivanovic
|
|
2009-12-13
|
|
Interspire Shopping Cart - Full Path Disclosure
|
12 |
WEB
|
Mr.aFiR
|
|
2009-12-13
|
|
Uploadscript 1.0 - Multiple Vulnerabilities
|
11 |
WEB
|
Mr.aFiR
|
|
2009-12-13
|
|
Acc Auto Dealer Script 5.0 - Persistent Cross-Site Scripting / SQL Backup
|
11 |
WEB
|
bi0
|
|
2009-12-12
|
|
ZeeCareers 2.x - PHP HR Manager Website (Cross-Site Scripting / Authentication Bypass)
|
12 |
WEB
|
bi0
|
|
2009-12-12
|
|
Miniweb 2.0 - Full Path Disclosure
|
12 |
WEB
|
Salvatore Fresta
|
|
2009-12-11
|
|
B2C Booking Centre Systems - SQL Injection
|
10 |
WEB
|
Salvatore Fresta
|
|
2009-12-11
|
|
XAMPP 1.7.2 - Change Administrative Password
|
10 |
WEB
|
bi0
|
|
2009-12-11
|
|
phpCollegeExchange 0.1.5c - Multiple SQL Injections
|
13 |
WEB
|
Salvatore Fresta
|
|
2009-12-11
|
|
Illogator Shop - SQL Injection Bypass
|
11 |
WEB
|
bi0
|
|
2009-12-11
|
|
Chipmunk NewsLetter - Cross-Site Request Forgery
|
10 |
WEB
|
Milos Zivanovic
|
|
2005-05-07
|
|
Sun Solaris AnswerBook2 - Multiple Cross-Site Scripting Vulnerabilities
|
11 |
WEB
|
Thomas Liam Romanis
|
|
2009-12-11
|
|
E-Store - SQL Injection
|
10 |
WEB
|
Salvatore Fresta
|
|
2009-12-11
|
|
Digital Scribe 1.4.1 - Multiple SQL Injections
|
10 |
WEB
|
Salvatore Fresta
|
|
2009-12-11
|
|
oBlog - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Admin Brute Force
|
9 |
WEB
|
Milos Zivanovic
|
|
2009-12-10
|
|
Nuggetz CMS 1.0 - Remote Code Execution
|
12 |
WEB
|
Amol Naik
|
|
2009-12-11
|
|
Billwerx RC 3.1 - Multiple Vulnerabilities
|
11 |
WEB
|
mr_me
|
|
2009-12-10
|
|
OPMANAGER - Blind SQL Injection / XPath Injection
|
11 |
WEB
|
Asheesh kumar Mani Tripathi
|
|
2009-12-10
|
|
PHP Inventory 1.2 - Authentication Bypass
|
10 |
WEB
|
mr_me
|
|
2009-12-10
|
|
Joomla! Component Mamboleto 2.0 RC3 - Remote File Inclusion
|
10 |
WEB
|
Don Tukulesto
|
|
2009-12-10
|
|
Free ASP Upload - Arbitrary File Upload
|
11 |
WEB
|
Mr.aFiR
|
|
2009-12-10
|
|
Joomla! Component com_jphoto - 'id' SQL Injection
|
10 |
WEB
|
kaMtiEz
|
|
2009-12-10
|
|
Joomla! Component com_jsjobs 1.0.5.6 - SQL Injection
|
10 |
WEB
|
kaMtiEz
|
|
2009-12-09
|
|
TestLink Test Management and Execution System - Multiple Cross-Site Scripting / Injection Vulnerabil
|
10 |
WEB
|
Core Security
|
|
2009-12-09
|
|
Real Estate Portal X.0 - Authentication Bypass
|
11 |
WEB
|
AnTi SeCuRe
|
|
2009-12-08
|
|
AlefMentor 2.0 < 5.0 - 'id' SQL Injection
|
12 |
WEB
|
Red-D3v1L
|
|
2009-12-08
|
|
Alqatari group 1.0 < 5.0 - 'id' SQL Injection
|
10 |
WEB
|
Red-D3v1L
|
|
2009-12-08
|
|
Joomla! Component com_job - 'showMoreUse' SQL Injection
|
11 |
WEB
|
Palyo34
|
|
2009-12-08
|
|
Viscacha 0.8 Gold - Persistent Cross-Site Scripting
|
10 |
WEB
|
mr_me
|
|
2009-12-07
|
|
MarieCMS 0.9 - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting
|
11 |
WEB
|
Amol Naik
|
|
2009-12-08
|
|
IRAN N.E.T E-Commerce Group - SQL Injection
|
10 |
WEB
|
Dr.0rYX & Cr3W-DZ
|
|
2009-12-07
|
|
Barracuda IMFirewall 620 - Multiple Vulnerabilities
|
11 |
WEB
|
Global-Evolution
|
|
2009-12-07
|
|
SiSplet CMS 2008-01-24 - Multiple Remote File Inclusions
|
10 |
WEB
|
cr4wl3r
|
|
2009-12-07
|
|
Chipmunk NewsLetter - Persistent Cross-Site Scripting
|
10 |
WEB
|
mr_me
|
|
2009-12-06
|
|
iWeb HTTP Server - Directory Traversal
|
10 |
WEB
|
mr_me
|
|
2009-12-06
|
|
Elkagroup - SQL Injection
|
10 |
WEB
|
SadHaCkEr
|
|
2009-12-06
|
|
AROUNDMe 1.1 - 'language_path' Remote File Inclusion
|
11 |
WEB
|
cr4wl3r
|
|
2009-12-05
|
|
WordPress Plugin Image Manager - Arbitrary File Upload
|
11 |
WEB
|
DigitALL
|
|
2009-12-05
|
|
phpShop 0.8.1 - Multiple Vulnerabilities
|
10 |
WEB
|
Andrea Fabrizi
|
|
2009-12-04
|
|
Joomla! Component yt_color YOOOtheme - Cross-Site Scripting / Cookie Stealing
|
13 |
WEB
|
andresg888
|
|
2009-12-04
|
|
BM Classifieds Ads - SQL Injection
|
9 |
WEB
|
Dr.0rYX & Cr3W-DZ
|
|
2009-12-04
|
|
Joomla! Component com_joomgallery 1.5.x - &func Incorrect Flood Filter
|
10 |
WEB
|
Jbyte
|
|
2009-12-04
|
|
Achievo 1.4.2 - Persistent Cross-Site Scripting
|
10 |
WEB
|
Nahuel Grisolia
|
|
2009-12-04
|
|
Achievo 1.4.2 - Arbitrary File Upload
|
12 |
WEB
|
Nahuel Grisolia
|
|
2009-12-04
|
|
UBBCentral UBB.Threads 7.5.4 2 - Multiple File Inclusions
|
11 |
WEB
|
R3VAN_BASTARD
|
|
2009-12-04
|
|
Invision Power Board 2.3.6/3.0.4 - Local File Inclusion / SQL Injection
|
10 |
WEB
|
Dawid Golunski
|
|
2009-12-04
|
|
427BB 2.3.2 - SQL Injection
|
10 |
WEB
|
cr4wl3r
|
|
2009-12-04
|
|
GeN3 forum 1.3 - SQL Injection
|
11 |
WEB
|
Dr.0rYX & Cr3W-DZ
|
|
2009-12-03
|
|
Vivid Ads Shopping Cart - 'prodid' SQL Injection
|
10 |
WEB
|
Yakir Wizman
|
|
2009-11-24
|
|
OSI Codes PHP Live! Support 3.1 - Remote File Inclusion
|
9 |
WEB
|
Don Tukulesto
|
|
2009-11-27
|
|
PHP-Nuke 8.0 - News Module Cross-Site Scripting / HTML Code Injection
|
9 |
WEB
|
K053
|
|
2009-12-01
|
|
Apache Tomcat 3.2.1 - 404 Error Page Cross-Site Scripting
|
9 |
WEB
|
MustLive
|
|
2009-12-01
|
|
Joomla! Component ProofReader 1.0 RC6 - Cross-Site Scripting
|
9 |
WEB
|
MustLive
|
|
2009-12-03
|
|
Theeta CMS - Multiple Vulnerabilities
|
12 |
WEB
|
c0dy
|
|
2009-11-25
|
|
Power BB 1.8.3 - Remote File Inclusions
|
12 |
WEB
|
DigitALL
|
|
2009-12-03
|
|
SAPID SHOP 1.3 - Remote File Inclusion
|
9 |
WEB
|
cr4wl3r
|
|
2009-09-07
|
|
MundiMail 0.8.2 - Remote Code Execution
|
10 |
WEB
|
Dedalo
|
|
2009-11-25
|
|
OpenCSP - Multiple Remote File Inclusions
|
9 |
WEB
|
EANgel
|
|
2009-12-01
|
|
Public Media Manager - Remote File Inclusion
|
8 |
WEB
|
cr4wl3r
|
|
2009-11-30
|
|
ita-forum 5.1.32 - SQL Injection
|
11 |
WEB
|
BAYBORA
|
|
2009-12-03
|
|
Thatware 0.5.3 - Multiple Remote File Inclusions
|
11 |
WEB
|
cr4wl3r
|
|
2009-12-03
|
|
Huawei MT882 Modem/Router - Multiple Vulnerabilities
|
11 |
WEB
|
DecodeX01
|
|
2009-12-02
|
|
Kide Shoutbox 0.4.6 - Cross-Site Scripting / AXFR
|
9 |
WEB
|
andresg888
|
|
2009-12-02
|
|
Simple Machines Forum (SMF) 1.1.10/2.0 RC2 - Multiple Vulnerabilities
|
10 |
WEB
|
SimpleAudit Team
|
|
2009-12-01
|
|
Joomla! Component MojoBlog 0.15 - Multiple Remote File Inclusions
|
10 |
WEB
|
kaMtiEz
|
|
2009-12-01
|
|
Joomla! Component Joaktree 1.0 - SQL Injection
|
9 |
WEB
|
Don Tukulesto
|
|
2009-12-01
|
|
Quate CMS 0.3.5 - Local/Remote File Inclusion
|
9 |
WEB
|
cr4wl3r
|
|
2009-12-01
|
|
ISPworker 1.23 - Remote File Disclosure
|
10 |
WEB
|
cr4wl3r
|
|
2009-12-01
|
|
dotDefender 3.8-5 - Remote Command Execution
|
10 |
WEB
|
John Dos
|
|
2009-12-01
|
|
Robert Zimmerman PHP / MySQL Scripts - Authentication Bypass
|
10 |
WEB
|
DUNDEE
|
|
2009-12-01
|
|
Ciamos CMS 0.9.5 - 'module_path' Remote File Inclusion
|
11 |
WEB
|
cr4wl3r
|
|
2009-11-30
|
|
WordPress Plugin WP-Polls 2.x - Incorrect Flood Filter
|
11 |
WEB
|
Jbyte
|
|
2009-11-30
|
|
Xxasp 3.3.2 - SQL Injection
|
14 |
WEB
|
Secu_lab_ir
|
|
2009-11-30
|
|
Eshopbuilde CMS - SQL Injection
|
10 |
WEB
|
Isfahan
|
|
2009-11-30
|
|
Joomla! Component Quick News - SQL Injection
|
10 |
WEB
|
Don Tukulesto
|
|
2009-11-30
|
|
Joomla! Component MusicGallery - SQL Injection
|
10 |
WEB
|
Don Tukulesto
|
|
2009-11-29
|
|
AdaptCMS Lite 1.5 - Remote File Inclusion
|
11 |
WEB
|
v3n0m
|
|
2009-11-29
|
|
Sugar CRM 5.5.0.rc2/5.2.0j - Multiple Vulnerabilities
|
13 |
WEB
|
waraxe
|
|
2009-11-27
|
|
Micronet SP1910 Data Access Controller UI - Cross-Site Scripting / HTML Code Injection
|
11 |
WEB
|
K053
|
|
2009-11-29
|
|
SweetRice 0.5.3 - Remote File Inclusion
|
10 |
WEB
|
cr4wl3r
|
|
2009-11-28
|
|
phpBazar 2.1.1fix - 'cid' SQL Injection
|
11 |
WEB
|
MizoZ
|
|
2009-11-28
|
|
Uploaderr 1.0 File Hosting Script - Arbitrary File Upload
|
10 |
WEB
|
DigitALL
|
|
2009-11-28
|
|
Joomla! Component com_lyftenbloggie 1.04 - SQL Injection
|
10 |
WEB
|
kaMtiEz
|
|
2009-11-26
|
|
Flashden - Multiple Arbitrary File Uploads
|
9 |
WEB
|
DigitALL
|
|
2009-11-26
|
|
Cacti 0.8.7e - Multiple Vulnerabilities
|
13 |
WEB
|
Moritz Naumann
|
|
2009-11-25
|
|
phpBazar-2.1.1fix - Remote Administration-Panel
|
10 |
WEB
|
kurdish hackers team
|
|
2009-11-25
|
|
Joomla! Component com_gcalendar 1.1.2 - 'gcid' SQL Injection
|
11 |
WEB
|
Yogyacarderlink Crew
|
|
2009-11-25
|
|
Radio istek scripti 2.5 - Remote Configuration Disclosure
|
9 |
WEB
|
kurdish hackers team
|
|
2009-11-25
|
|
Fake Hit Generator 2.2 - Arbitrary File Upload
|
10 |
WEB
|
DigitALL
|
|
2009-11-25
|
|
WordPress Plugin WP-Cumulus 1.20 - Full Path Disclosure / Cross-Site Scripting
|
10 |
WEB
|
MustLive
|
|
2009-11-25
|
|
Joomla! Component com_mygallery - 'cid' SQL Injection
|
10 |
WEB
|
S@BUN
|
|
2006-05-26
|
|
MDaemon WebAdmin 2.0.x - SQL Injection
|
11 |
WEB
|
KOUSULIN
|
|
2009-11-24
|
|
Quick.Cart 3.4 / Quick.CMS 2.4 - Cross-Site Request Forgery
|
9 |
WEB
|
Alice Kaerast
|
|
2009-11-24
|
|
W3infotech - Authentication Bypass
|
9 |
WEB
|
ViRuS_HiMa
|
|
2009-11-24
|
|
pointcomma 3.8b2 - Remote File Inclusion
|
10 |
WEB
|
cr4wl3r
|
|
2009-11-24
|
|
phptraverse 0.8.0 - Remote File Inclusion
|
10 |
WEB
|
cr4wl3r
|
|
2009-11-24
|
|
outreach project tool 1.2.6 - Remote File Inclusion
|
11 |
WEB
|
cr4wl3r
|
|
2009-11-24
|
|
NukeHall 0.3 - Multiple Remote File Inclusions
|
10 |
WEB
|
cr4wl3r
|
|
2009-11-24
|
|
kr-web 1.1b2 - Remote File Inclusion
|
10 |
WEB
|
cr4wl3r
|
|
2009-11-23
|
|
Joomla! Component mygallery - 'farbinform_krell' SQL Injection
|
12 |
WEB
|
Manas58 BAYBORA
|
|
2009-10-14
|
|
Everfocus 1.4 - EDSR Remote Authentication Bypass
|
9 |
WEB
|
Andrea Fabrizi
|
|
2009-11-21
|
|
Joomla! Component Com_Joomclip - 'cat' SQL Injection
|
10 |
WEB
|
599eme Man
|
|
2009-11-21
|
|
Betsy CMS versions 3.5 - Local File Inclusion
|
9 |
WEB
|
MizoZ
|
|
2009-11-19
|
|
Joomla! 1.5.12 TinyMCE - Remote Code Execution (via Arbitrary File Upload)
|
12 |
WEB
|
daath
|
|
2005-06-15
|
|
Bitrix Site Manager 4.0.5 - Remote File Inclusion
|
10 |
WEB
|
Don Tukulesto
|
|
2009-11-16
|
|
Simplog 0.9.3.2 - Multiple Vulnerabilities
|
10 |
WEB
|
Amol Naik
|
|
2009-10-20
|
|
Joomla! / Mambo Component D4J eZine 2.1 - Remote File Inclusion
|
11 |
WEB
|
kaMtiEz
|
|
2009-11-18
|
|
Joomla! Extension iF Portfolio Nexus - SQL Injection
|
9 |
WEB
|
599eme Man
|
|
2009-11-18
|
|
Xerver 4.31/4.32 - HTTP Response Splitting
|
10 |
WEB
|
s4squatch
|
|
2009-11-16
|
|
phpMyBackupPro - Arbitrary File Download
|
10 |
WEB
|
Amol Naik
|
|
2009-11-18
|
|
Shoutbox 1.0 - HTML / Cross-Site Scripting Injection
|
11 |
WEB
|
SkuLL-HackeR
|
|
2009-11-17
|
|
ActiveBids - 'default.asp' Blind SQL Injection
|
10 |
WEB
|
Hussin X
|
|
2009-11-17
|
|
ActiveTrade 2.0 - 'default.asp' Blind SQL Injection
|
10 |
WEB
|
Hussin X
|
|
2009-11-17
|
|
TelebidAuctionScript - 'aid' Blind SQL Injection
|
10 |
WEB
|
Hussin X
|
|
2009-11-17
|
|
JBS 2.0 / JBSX - Administration Panel Bypass / Arbitrary File Upload
|
10 |
WEB
|
blackenedsecurity
|
|
2009-11-16
|
|
Cifshanghai - 'chanpin_info.php' CMS SQL Injection
|
10 |
WEB
|
ProF.Code
|
|
2009-11-16
|
|
telepark wiki 2.4.23 - Multiple Vulnerabilities
|
9 |
WEB
|
Abysssec
|
|
2009-11-13
|
|
OS Commerce 2.2r2 - Authentication Bypass
|
10 |
WEB
|
Stuart Udall
|
|
2009-10-15
|
|
IBM Rational RequisitePro 7.10 / ReqWebHelp - Multiple Cross-Site Scripting Vulnerabilities
|
10 |
WEB
|
IBM
|
|
2009-11-10
|
|
WordPress MU 1.2.2 < 1.3.1 - '/wp-includes/wpmu-functions.php' Cross-Site Scripting
|
10 |
WEB
|
Juan Galiana Lara
|
