|
2009-09-07
|
|
MundiMail 0.8.2 - Remote Code Execution
|
25 |
WEB
|
Dedalo
|
|
2009-11-25
|
|
OpenCSP - Multiple Remote File Inclusions
|
21 |
WEB
|
EANgel
|
|
2009-12-01
|
|
Public Media Manager - Remote File Inclusion
|
22 |
WEB
|
cr4wl3r
|
|
2009-11-30
|
|
ita-forum 5.1.32 - SQL Injection
|
25 |
WEB
|
BAYBORA
|
|
2009-12-03
|
|
Thatware 0.5.3 - Multiple Remote File Inclusions
|
21 |
WEB
|
cr4wl3r
|
|
2009-12-03
|
|
Huawei MT882 Modem/Router - Multiple Vulnerabilities
|
25 |
WEB
|
DecodeX01
|
|
2009-12-02
|
|
Kide Shoutbox 0.4.6 - Cross-Site Scripting / AXFR
|
21 |
WEB
|
andresg888
|
|
2009-12-02
|
|
Simple Machines Forum (SMF) 1.1.10/2.0 RC2 - Multiple Vulnerabilities
|
20 |
WEB
|
SimpleAudit Team
|
|
2009-12-01
|
|
Joomla! Component MojoBlog 0.15 - Multiple Remote File Inclusions
|
21 |
WEB
|
kaMtiEz
|
|
2009-12-01
|
|
Joomla! Component Joaktree 1.0 - SQL Injection
|
22 |
WEB
|
Don Tukulesto
|
|
2009-12-01
|
|
Quate CMS 0.3.5 - Local/Remote File Inclusion
|
22 |
WEB
|
cr4wl3r
|
|
2009-12-01
|
|
ISPworker 1.23 - Remote File Disclosure
|
20 |
WEB
|
cr4wl3r
|
|
2009-12-01
|
|
dotDefender 3.8-5 - Remote Command Execution
|
22 |
WEB
|
John Dos
|
|
2009-12-01
|
|
Robert Zimmerman PHP / MySQL Scripts - Authentication Bypass
|
22 |
WEB
|
DUNDEE
|
|
2009-12-01
|
|
Ciamos CMS 0.9.5 - 'module_path' Remote File Inclusion
|
24 |
WEB
|
cr4wl3r
|
|
2009-11-30
|
|
WordPress Plugin WP-Polls 2.x - Incorrect Flood Filter
|
21 |
WEB
|
Jbyte
|
|
2009-11-30
|
|
Xxasp 3.3.2 - SQL Injection
|
27 |
WEB
|
Secu_lab_ir
|
|
2009-11-30
|
|
Eshopbuilde CMS - SQL Injection
|
26 |
WEB
|
Isfahan
|
|
2009-11-30
|
|
Joomla! Component Quick News - SQL Injection
|
24 |
WEB
|
Don Tukulesto
|
|
2009-11-30
|
|
Joomla! Component MusicGallery - SQL Injection
|
24 |
WEB
|
Don Tukulesto
|
|
2009-11-29
|
|
AdaptCMS Lite 1.5 - Remote File Inclusion
|
24 |
WEB
|
v3n0m
|
|
2009-11-29
|
|
Sugar CRM 5.5.0.rc2/5.2.0j - Multiple Vulnerabilities
|
27 |
WEB
|
waraxe
|
|
2009-11-27
|
|
Micronet SP1910 Data Access Controller UI - Cross-Site Scripting / HTML Code Injection
|
22 |
WEB
|
K053
|
|
2009-11-29
|
|
SweetRice 0.5.3 - Remote File Inclusion
|
23 |
WEB
|
cr4wl3r
|
|
2009-11-28
|
|
phpBazar 2.1.1fix - 'cid' SQL Injection
|
22 |
WEB
|
MizoZ
|
|
2009-11-28
|
|
Uploaderr 1.0 File Hosting Script - Arbitrary File Upload
|
23 |
WEB
|
DigitALL
|
|
2009-11-28
|
|
Joomla! Component com_lyftenbloggie 1.04 - SQL Injection
|
23 |
WEB
|
kaMtiEz
|
|
2009-11-26
|
|
Flashden - Multiple Arbitrary File Uploads
|
23 |
WEB
|
DigitALL
|
|
2009-11-26
|
|
Cacti 0.8.7e - Multiple Vulnerabilities
|
26 |
WEB
|
Moritz Naumann
|
|
2009-11-25
|
|
phpBazar-2.1.1fix - Remote Administration-Panel
|
26 |
WEB
|
kurdish hackers team
|
|
2009-11-25
|
|
Joomla! Component com_gcalendar 1.1.2 - 'gcid' SQL Injection
|
27 |
WEB
|
Yogyacarderlink Crew
|
|
2009-11-25
|
|
Radio istek scripti 2.5 - Remote Configuration Disclosure
|
23 |
WEB
|
kurdish hackers team
|
|
2009-11-25
|
|
Fake Hit Generator 2.2 - Arbitrary File Upload
|
26 |
WEB
|
DigitALL
|
|
2009-11-25
|
|
WordPress Plugin WP-Cumulus 1.20 - Full Path Disclosure / Cross-Site Scripting
|
23 |
WEB
|
MustLive
|
|
2009-11-25
|
|
Joomla! Component com_mygallery - 'cid' SQL Injection
|
23 |
WEB
|
S@BUN
|
|
2006-05-26
|
|
MDaemon WebAdmin 2.0.x - SQL Injection
|
23 |
WEB
|
KOUSULIN
|
|
2009-11-24
|
|
Quick.Cart 3.4 / Quick.CMS 2.4 - Cross-Site Request Forgery
|
22 |
WEB
|
Alice Kaerast
|
|
2009-11-24
|
|
W3infotech - Authentication Bypass
|
26 |
WEB
|
ViRuS_HiMa
|
|
2009-11-24
|
|
pointcomma 3.8b2 - Remote File Inclusion
|
22 |
WEB
|
cr4wl3r
|
|
2009-11-24
|
|
phptraverse 0.8.0 - Remote File Inclusion
|
23 |
WEB
|
cr4wl3r
|
|
2009-11-24
|
|
outreach project tool 1.2.6 - Remote File Inclusion
|
23 |
WEB
|
cr4wl3r
|
|
2009-11-24
|
|
NukeHall 0.3 - Multiple Remote File Inclusions
|
21 |
WEB
|
cr4wl3r
|
|
2009-11-24
|
|
kr-web 1.1b2 - Remote File Inclusion
|
23 |
WEB
|
cr4wl3r
|
|
2009-11-23
|
|
Joomla! Component mygallery - 'farbinform_krell' SQL Injection
|
28 |
WEB
|
Manas58 BAYBORA
|
|
2009-10-14
|
|
Everfocus 1.4 - EDSR Remote Authentication Bypass
|
21 |
WEB
|
Andrea Fabrizi
|
|
2009-11-21
|
|
Joomla! Component Com_Joomclip - 'cat' SQL Injection
|
22 |
WEB
|
599eme Man
|
|
2009-11-21
|
|
Betsy CMS versions 3.5 - Local File Inclusion
|
22 |
WEB
|
MizoZ
|
|
2009-11-19
|
|
Joomla! 1.5.12 TinyMCE - Remote Code Execution (via Arbitrary File Upload)
|
24 |
WEB
|
daath
|
|
2005-06-15
|
|
Bitrix Site Manager 4.0.5 - Remote File Inclusion
|
23 |
WEB
|
Don Tukulesto
|
|
2009-11-16
|
|
Simplog 0.9.3.2 - Multiple Vulnerabilities
|
25 |
WEB
|
Amol Naik
|
|
2009-10-20
|
|
Joomla! / Mambo Component D4J eZine 2.1 - Remote File Inclusion
|
24 |
WEB
|
kaMtiEz
|
|
2009-11-18
|
|
Joomla! Extension iF Portfolio Nexus - SQL Injection
|
22 |
WEB
|
599eme Man
|
|
2009-11-18
|
|
Xerver 4.31/4.32 - HTTP Response Splitting
|
20 |
WEB
|
s4squatch
|
|
2009-11-16
|
|
phpMyBackupPro - Arbitrary File Download
|
24 |
WEB
|
Amol Naik
|
|
2009-11-18
|
|
Shoutbox 1.0 - HTML / Cross-Site Scripting Injection
|
23 |
WEB
|
SkuLL-HackeR
|
|
2009-11-17
|
|
ActiveBids - 'default.asp' Blind SQL Injection
|
25 |
WEB
|
Hussin X
|
|
2009-11-17
|
|
ActiveTrade 2.0 - 'default.asp' Blind SQL Injection
|
22 |
WEB
|
Hussin X
|
|
2009-11-17
|
|
TelebidAuctionScript - 'aid' Blind SQL Injection
|
22 |
WEB
|
Hussin X
|
|
2009-11-17
|
|
JBS 2.0 / JBSX - Administration Panel Bypass / Arbitrary File Upload
|
21 |
WEB
|
blackenedsecurity
|
|
2009-11-16
|
|
Cifshanghai - 'chanpin_info.php' CMS SQL Injection
|
22 |
WEB
|
ProF.Code
|
|
2009-11-16
|
|
telepark wiki 2.4.23 - Multiple Vulnerabilities
|
22 |
WEB
|
Abysssec
|
|
2009-11-13
|
|
OS Commerce 2.2r2 - Authentication Bypass
|
19 |
WEB
|
Stuart Udall
|
|
2009-10-15
|
|
IBM Rational RequisitePro 7.10 / ReqWebHelp - Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
IBM
|
|
2009-11-10
|
|
WordPress MU 1.2.2 < 1.3.1 - '/wp-includes/wpmu-functions.php' Cross-Site Scripting
|
19 |
WEB
|
Juan Galiana Lara
|
|
2009-11-11
|
|
WordPress Core < 2.8.5 - Unrestricted Arbitrary File Upload / Arbitrary PHP Code Execution
|
24 |
WEB
|
Dawid Golunski
|
|
2009-11-10
|
|
WordPress Core 2.0 < 2.7.1 - 'admin.php' Module Configuration Security Bypass
|
21 |
WEB
|
Fernando Arnaboldi
|
|
2009-11-07
|
|
toutvirtual virtualiq pro 3.2 - Multiple Vulnerabilities
|
25 |
WEB
|
Alberto Trivero
|
|
2009-10-06
|
|
PBBoard 2.0.2 - Full Path Disclosure
|
23 |
WEB
|
rUnViRuS
|
|
2009-09-23
|
|
Novell Edirectory 8.8 SP5 - Cross-Site Scripting
|
23 |
WEB
|
Francis Provencher
|
|
2009-10-01
|
|
Novell eDirectory 8.8 SP5 - 'dconserv.dlm' Cross-Site Scripting
|
22 |
WEB
|
Francis Provencher
|
|
2009-10-05
|
|
Empire CMS 47 - SQL Injection
|
24 |
WEB
|
Securitylab Security Research
|
|
2009-10-05
|
|
Joomla! Component Soundset 1.0 - SQL Injection
|
23 |
WEB
|
kaMtiEz
|
|
2009-10-05
|
|
Joomla! Component CB Resume Builder - SQL Injection
|
27 |
WEB
|
kaMtiEz
|
|
2009-11-12
|
|
McAfee Network Security Manager < 5.1.11.8.1 - Multiple Cross-Site Scripting Vulnerabilities
|
23 |
WEB
|
Daniel King
|
|
2009-11-12
|
|
McAfee Network Security Manager < 5.1.11.8.1 - Information Disclosure
|
24 |
WEB
|
Daniel King
|
|
2009-10-07
|
|
Joomla! Component Recerca - SQL Injection
|
23 |
WEB
|
Don Tukulesto
|
|
2009-10-07
|
|
AIOCP 1.4.001 - Remote File Inclusion
|
20 |
WEB
|
Hadi Kiamarsi
|
|
2009-10-08
|
|
The BMW - 'inventory.php' SQL Injection
|
24 |
WEB
|
Dazz
|
|
2009-10-08
|
|
QuickCart 3.x - Cross-Site Scripting / Cross-Site Request Forgery / Local File Inclusion / Directory
|
21 |
WEB
|
kl3ryk
|
|
2009-10-12
|
|
EZRecipeZee CMS 91 - Remote File Inclusion
|
23 |
WEB
|
kaMtiEz
|
|
2009-10-12
|
|
EZsneezyCal CMS 95.1-95.2 - Remote File Inclusion
|
20 |
WEB
|
kaMtiEz
|
|
2009-10-12
|
|
Dazzle Blast - Remote File Inclusion
|
23 |
WEB
|
NoGe
|
|
2009-10-12
|
|
Community Translate - Remote File Inclusion
|
24 |
WEB
|
NoGe
|
|
2009-10-02
|
|
redcat media - SQL Injection
|
25 |
WEB
|
s4va
|
|
2009-10-14
|
|
Achievo 1.3.4 - SQL Injection
|
23 |
WEB
|
Ryan Dewhurst
|
|
2007-09-17
|
|
Alcatel-Lucent OmniPCX Enterprise Communication Server 7.1 - masterCGI Command Injection (Metasploit
|
22 |
WEB
|
patrick
|
|
2009-11-10
|
|
Joomla! Component JForJoomla! Jreservation 1.5 - 'pid' SQL Injection
|
26 |
WEB
|
Chip d3 bi0s
|
|
2009-10-02
|
|
Hyperic HQ 3.2 < 4.2-beta1 - Multiple Cross-Site Scripting Vulnerabilities
|
24 |
WEB
|
CoreLabs
|
|
2009-09-25
|
|
html2ps - 'include file' Server-Side Include Directive Directory Traversal
|
26 |
WEB
|
epiphant
|
|
2009-10-08
|
|
DreamPoll 3.1 - SQL Injection
|
25 |
WEB
|
Mark from infosecstuff
|
|
2009-10-09
|
|
Docebo 3.6.0.3 - Multiple SQL Injections
|
20 |
WEB
|
Andrea Fabrizi
|
|
2009-11-10
|
|
CuteNews and UTF-8 CuteNews - Multiple Vulnerabilities
|
22 |
WEB
|
Andrew Horton
|
|
2009-10-20
|
|
Websense Email Security - Cross-Site Scripting
|
25 |
WEB
|
Nikolas Sotiriu
|
|
2009-10-22
|
|
Vivvo CMS 4.1.5.1 - file Disclosure
|
24 |
WEB
|
Janek Vind
|
|
2009-10-23
|
|
TwonkyMedia Server 4.4.17/5.0.65 - Cross-Site Scripting
|
23 |
WEB
|
Davide Canali
|
|
2009-11-16
|
|
Alteon OS BBI (Nortell) - Cross-Site Scripting / Cross-Site Request Forgery
|
23 |
WEB
|
Alexey Sintsov
|
|
2009-10-26
|
|
SharePoint 2007 - Team Services Source Code Disclosure
|
23 |
WEB
|
Daniel Martin
|
|
2009-10-26
|
|
RunCMS 2ma - 'post.php' SQL Injection
|
23 |
WEB
|
bookoo
|
|
2009-10-26
|
|
RunCMS 2m1 - 'store()' SQL Injection
|
24 |
WEB
|
bookoo
|
|
2009-10-14
|
|
QuickTeam 2.2 - SQL Injection
|
24 |
WEB
|
drunken danish rednecks
|
|
2009-10-19
|
|
Piwik 1357 2009-08-02 - Arbitrary File Upload / Code Execution
|
23 |
WEB
|
boecke
|
|
2009-10-19
|
|
phpCMS 2008 - File Disclosure
|
23 |
WEB
|
Securitylab Security Research
|
|
2009-10-15
|
|
Pentaho 1.7.0.1062 - Cross-Site Scripting / Information Disclosure
|
22 |
WEB
|
antisnatchor
|
|
2009-10-28
|
|
PHP168 6.0 - Command Execution
|
25 |
WEB
|
Securitylab Security Research
|
|
2009-07-22
|
|
Joomla! Plugin tinybrowser 1.5.12 - Arbitrary File Upload / Execution
|
24 |
WEB
|
spinbad
|
|
2009-10-28
|
|
Oscailt CMS 3.3 - Local File Inclusion
|
25 |
WEB
|
s4r4d0
|
|
2009-02-25
|
|
ContentKeeper Web Appliance < 125.10 - Command Execution (Metasploit)
|
24 |
WEB
|
patrick
|
|
2005-01-15
|
|
AWStats 6.2 < 6.1 - configdir Command Injection (Metasploit)
|
24 |
WEB
|
Matteo Cantoni
|
|
2005-01-15
|
|
Cacti 0.8.6-d - 'graph_view.php' Command Injection (Metasploit)
|
23 |
WEB
|
David Maciejak
|
|
2006-05-04
|
|
AWStats 6.4 < 6.5 - AllowToUpdateStatsFromBrowser Command Injection (Metasploit)
|
23 |
WEB
|
patrick
|
|
2008-06-14
|
|
BASE 1.2.4 - 'base_qry_common.php' Remote File Inclusion (Metasploit)
|
24 |
WEB
|
MC
|
|
1999-11-05
|
|
The Matt Wright Guestbook.pl 2.3.1 - Server-Side Include
|
24 |
WEB
|
patrick
|
|
2008-06-14
|
|
Mambo 4.6.4 - Cache Lite Output Remote File Inclusion (Metasploit)
|
23 |
WEB
|
MC
|
|
2009-10-30
|
|
PSArt 1.2 - SQL Injection
|
23 |
WEB
|
Securitylab Research
|
|
2009-10-20
|
|
OpenDocMan 1.2.5 - Cross-Site Scripting / SQL Injection
|
23 |
WEB
|
Amol Naik
|
|
2009-10-29
|
|
Mura CMS 5.1 - Root Path Disclosure
|
26 |
WEB
|
Vladimir Vorontsov
|
|
2009-10-23
|
|
Mongoose Web Server 2.8 - Source Disclosure
|
26 |
WEB
|
Dr_IDE
|
|
2009-10-23
|
|
Joomla! Component Photo Blog alpha 3 < alpha 3a - SQL Injection
|
24 |
WEB
|
kaMtiEz
|
|
2009-10-23
|
|
Joomla! Component Jshop - SQL Injection
|
23 |
WEB
|
Don Tukulesto
|
|
2009-10-19
|
|
Joomla! Plugin JD-WordPress 2.0 RC2 - Remote File Inclusion
|
25 |
WEB
|
Don Tukulesto
|
|
2009-10-19
|
|
Joomla! Component Book Library 1.0 - Remote File Inclusion
|
24 |
WEB
|
kaMtiEz
|
|
2009-10-19
|
|
Joomla! Component Ajax Chat 1.0 - Remote File Inclusion
|
23 |
WEB
|
kaMtiEz
|
|
2009-10-26
|
|
jetty 6.x < 7.x - Cross-Site Scripting / Information Disclosure / Injection
|
27 |
WEB
|
Antonion Parata
|
|
2009-10-21
|
|
httpdx 1.4.6b - Source Disclosure
|
24 |
WEB
|
Dr_IDE
|
|
2009-11-04
|
|
eNdonesia CMS 8.4 - Local File Inclusion
|
21 |
WEB
|
s4r4d0
|
