|
2009-10-17
|
|
DWebPro - Command Injection
|
21 |
WEB
|
Rafael Sousa
|
|
2009-10-14
|
|
DeDeCMS 5.1 - SQL Injection
|
24 |
WEB
|
Securitylab Security Research
|
|
2009-10-30
|
|
CubeCart 4 - Session Management Bypass
|
24 |
WEB
|
Bogdan Calin
|
|
2009-10-28
|
|
Cherokee 0.5.4 - Directory Traversal
|
22 |
WEB
|
Dr_IDE
|
|
2009-10-20
|
|
boxalino 09.05.25-0421 - Directory Traversal
|
26 |
WEB
|
Axel Neumann
|
|
2009-10-19
|
|
Amiro.CMS 5.4.0.0 - Path Disclosure
|
24 |
WEB
|
Vladimir Vorontsov
|
|
2009-10-14
|
|
Achievo 1.3.4 - Cross-Site Scripting
|
24 |
WEB
|
Ryan Dewhurst
|
|
2009-10-30
|
|
Nagios3 - 'statuswml.cgi' Command Injection (Metasploit)
|
23 |
WEB
|
H D Moore
|
|
2009-10-05
|
|
AfterLogic WebMail Pro 4.7.10 - Cross-Site Scripting
|
27 |
WEB
|
Sébastien Duquette
|
|
2009-10-15
|
|
Snitz Forums 2000 - Multiple Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
Andrea Fabrizi
|
|
2009-10-03
|
|
Geeklog 1.6.0sr2 - Arbitrary File Upload
|
23 |
WEB
|
JaL0h
|
|
2009-11-02
|
|
TFTgallery .13 - Directory Traversal
|
25 |
WEB
|
blake
|
|
2009-11-03
|
|
Xerox Fiery Webtools - SQL Injection
|
24 |
WEB
|
Bernardo Trigo
|
|
2009-11-03
|
|
PunBB Extension Attachment 1.0.2 - SQL Injection
|
27 |
WEB
|
puret_t
|
|
2009-11-04
|
|
Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities (1)
|
24 |
WEB
|
Abysssec
|
|
2009-09-22
|
|
BPHolidayLettings 1.0 - Blind SQL Injection
|
24 |
WEB
|
OoN Boy
|
|
2009-09-22
|
|
Joomla! Component GroupJive 1.8 B4 - Remote File Inclusion
|
25 |
WEB
|
M3NW5
|
|
2009-09-22
|
|
Achievo 1.3.4 - Remote File Inclusion
|
23 |
WEB
|
M3NW5
|
|
2009-09-22
|
|
BPGames 1.0 - Blind SQL Injection
|
23 |
WEB
|
OoN Boy
|
|
2009-09-22
|
|
BPStudent 1.0 - Blind SQL Injection
|
24 |
WEB
|
OoN Boy
|
|
2009-09-22
|
|
BPMusic 1.0 - Blind SQL Injection
|
22 |
WEB
|
OoN Boy
|
|
2009-09-22
|
|
HB CMS 1.7 - SQL Injection
|
23 |
WEB
|
Securitylab Security Research
|
|
2009-09-22
|
|
BPLawyerCaseDocuments - SQL Injection
|
22 |
WEB
|
OoN Boy
|
|
2009-09-22
|
|
Joomla! Component com_facebook - SQL Injection
|
22 |
WEB
|
kaMtiEz
|
|
2009-09-22
|
|
Joomla! / Mambo Component Tupinambis - SQL Injection
|
22 |
WEB
|
Don Tukulesto
|
|
2009-09-23
|
|
Cour Supreme - SQL Injection
|
23 |
WEB
|
CrAzY CrAcKeR
|
|
2009-09-23
|
|
OSSIM 2.1 - SQL Injection / Cross-Site Scripting
|
25 |
WEB
|
Alexey Sintsov
|
|
2009-09-24
|
|
MindSculpt CMS - SQL Injection
|
23 |
WEB
|
kaMitEz
|
|
2009-09-24
|
|
e107 0.7.16 - Referer header Cross-Site Scripting
|
22 |
WEB
|
MustLive
|
|
2009-09-24
|
|
Swiss Mango CMS - SQL Injection
|
23 |
WEB
|
kaMtiEz
|
|
2009-09-24
|
|
Joomla! Component Fastball 1.1.0 < 1.2 - 'league' SQL Injection
|
27 |
WEB
|
kaMtiEz
|
|
2009-09-24
|
|
FSphp 0.2.1 - Remote File Inclusion
|
22 |
WEB
|
NoGe
|
|
2009-09-24
|
|
Regental Medien - Blind SQL Injection
|
23 |
WEB
|
NoGe
|
|
2009-09-25
|
|
Engeman 6.x - SQL Injection
|
27 |
WEB
|
crashbrz
|
|
2009-09-25
|
|
Klonet E-Commerce - 'products.php' SQL Injection
|
25 |
WEB
|
S3T4N
|
|
2009-09-28
|
|
Joomla! Component IRCm Basic - SQL Injection
|
20 |
WEB
|
kaMtiEz
|
|
2009-09-28
|
|
HEAT Call Logging 8.01 - SQL Injection
|
22 |
WEB
|
0 0
|
|
2009-09-29
|
|
Flatpress 0.804 < 0.812.1 - Local File Inclusion
|
25 |
WEB
|
Giuseppe Fuggiano
|
|
2009-09-21
|
|
Joomla! Component com_mytube (user_id) 1.0 Beta - Blind SQL Injection
|
23 |
WEB
|
Chip d3 bi0s
|
|
2009-09-21
|
|
Joomla! Component com_jinc 0.2 - 'newsid' Blind SQL Injection
|
22 |
WEB
|
Chip d3 bi0s
|
|
2009-09-21
|
|
WX Guestbook 1.1.208 - SQL Injection / Persistent Cross-Site Scripting
|
24 |
WEB
|
learn3r
|
|
2009-09-21
|
|
Loggix Project 9.4.5 - Multiple Remote File Inclusions
|
24 |
WEB
|
cr4wl3r
|
|
2009-09-21
|
|
ProdLer 2.0 - Remote File Inclusion
|
22 |
WEB
|
cr4wl3r
|
|
2009-09-21
|
|
CMScontrol (Content Management Portal Solutions) - SQL Injection
|
26 |
WEB
|
ph1l1ster
|
|
2009-09-21
|
|
cP Creator 2.7.1 - SQL Injection
|
24 |
WEB
|
Sina Yazdanmehr
|
|
2009-09-21
|
|
BAnner ROtation System mini - Multiple Remote File Inclusions
|
25 |
WEB
|
EA Ngel
|
|
2009-09-21
|
|
Joomla! Component com_jbudgetsmagic 0.3.2 < 0.4.0 - 'bid' SQL Injection
|
22 |
WEB
|
kaMtiEz
|
|
2009-09-21
|
|
DDL CMS 1.0 - Multiple Remote File Inclusions
|
24 |
WEB
|
HxH
|
|
2009-09-21
|
|
Joomla! Component com_surveymanager 1.5.0 - 'stype' SQL Injection
|
24 |
WEB
|
kaMtiEz
|
|
2009-09-18
|
|
FSphp 0.2.1 - Multiple Remote File Inclusions
|
23 |
WEB
|
NoGe
|
|
2009-09-18
|
|
FanUpdate 2.2.1 - 'show-cat.php' SQL Injection
|
21 |
WEB
|
(In)Security Romania
|
|
2009-09-18
|
|
Network Management/Inventory System - 'header.php' Remote File Inclusion
|
25 |
WEB
|
EA Ngel
|
|
2009-09-18
|
|
Zainu 1.0 - SQL Injection
|
21 |
WEB
|
snakespc
|
|
2009-10-18
|
|
Mambo Component com_koesubmit 1.0.0 - Remote File Inclusion
|
23 |
WEB
|
Don Tukulesto
|
|
2009-09-17
|
|
Joomla! Component com_jreservation 1.5 - 'pid' Blind SQL Injection
|
25 |
WEB
|
Chip d3 bi0s
|
|
2009-09-17
|
|
Nephp Publisher Enterprise 4.5 - Authentication Bypass
|
22 |
WEB
|
learn3r hacker
|
|
2009-09-17
|
|
FMyClone 2.3 - Multiple SQL Injections
|
25 |
WEB
|
learn3r hacker
|
|
2009-09-17
|
|
CF Shopkart 5.3x - 'itemID' SQL Injection
|
23 |
WEB
|
learn3r hacker
|
|
2009-09-17
|
|
OpenSiteAdmin 0.9.7b - 'pageHeader.php?path' Remote File Inclusion
|
25 |
WEB
|
EA Ngel
|
|
2009-09-17
|
|
Joomla! Component com_album 1.14 - Directory Traversal
|
22 |
WEB
|
DreamTurk
|
|
2009-09-16
|
|
phpPollScript 1.3 - 'include_class' Remote File Inclusion
|
25 |
WEB
|
cr4wl3r
|
|
2009-09-16
|
|
Elite Gaming Ladders 3.2 - 'platform' SQL Injection
|
21 |
WEB
|
snakespc
|
|
2009-09-16
|
|
SaphpLesson 4.3 - Blind SQL Injection
|
23 |
WEB
|
Jafer Al Zidjali
|
|
2009-09-16
|
|
Micro CMS 3.5 - SQL Injection / Local File Inclusion
|
20 |
WEB
|
learn3r hacker
|
|
2009-09-16
|
|
Joomla! Component com_jlord_rss - 'id' Blind SQL Injection
|
23 |
WEB
|
Chip d3 bi0s
|
|
2009-09-16
|
|
Joomla! Component com_foobla_suggestions (idea_id) 1.5.11 - SQL Injection
|
23 |
WEB
|
Chip d3 bi0s
|
|
2009-09-16
|
|
AdsDX 3.05 - Authentication Bypass
|
23 |
WEB
|
snakespc
|
|
2009-09-15
|
|
Joomla! Component com_djcatalog - SQL Injection / Blind SQL Injection
|
23 |
WEB
|
Chip d3 bi0s
|
|
2009-09-15
|
|
iBoutique.MALL 1.2 - 'cat' Blind SQL Injection
|
24 |
WEB
|
InjEctOr5
|
|
2009-09-15
|
|
efront 3.5.4 - 'database.php?path' Remote File Inclusion
|
23 |
WEB
|
cr4wl3r
|
|
2009-09-15
|
|
HotWeb Rentals - 'details.asp?PropId' Blind SQL Injection
|
22 |
WEB
|
R3d-D3V!L
|
|
2009-09-15
|
|
Three Pillars Help Desk 3.0 - Authentication Bypass
|
23 |
WEB
|
snakespc
|
|
2009-09-14
|
|
Bs Counter 2.5.3 - 'page' SQL Injection
|
26 |
WEB
|
Bgh7
|
|
2009-09-14
|
|
PHP Pro Bid - Blind SQL Injection
|
22 |
WEB
|
NoGe
|
|
2009-09-14
|
|
Aurora CMS 1.0.2 - 'install.plugin.php' Remote File Inclusion
|
24 |
WEB
|
EA Ngel
|
|
2009-09-14
|
|
Joomla! Component AlphaUserPoints - SQL Injection
|
23 |
WEB
|
jdc
|
|
2009-09-14
|
|
Joomla! Component Turtushout 0.11 - 'Name' SQL Injection
|
26 |
WEB
|
jdc
|
|
2009-09-11
|
|
Joomla! Component Hotel Booking System - Cross-Site Scripting / SQL Injection
|
21 |
WEB
|
K-159
|
|
2009-09-11
|
|
PHP-IPNMonitor - 'maincat_id' SQL Injection
|
24 |
WEB
|
noname
|
|
2009-09-11
|
|
gyro 5.0 - SQL Injection / Cross-Site Scripting
|
26 |
WEB
|
OoN_Boy
|
|
2009-09-11
|
|
Image voting 1.0 - 'index.php?show' SQL Injection
|
28 |
WEB
|
SkuLL-HackeR
|
|
2009-09-10
|
|
T-HTB Manager 0.5 - Multiple Blind SQL Injections
|
24 |
WEB
|
Salvatore Fresta
|
|
2009-09-10
|
|
An image Gallery 1.0 - 'navigation.php' Local Directory Traversal
|
25 |
WEB
|
ThE g0bL!N
|
|
2009-09-10
|
|
Drunken:Golem Gaming Portal - 'admin_news_bot.php' Remote File Inclusion
|
27 |
WEB
|
EA Ngel
|
|
2009-09-10
|
|
Adult Portal escort listing - 'user_id' SQL Injection
|
25 |
WEB
|
Mr.SQL
|
|
2009-09-10
|
|
Bus Script - 'sitetext_id' SQL Injection
|
23 |
WEB
|
Mr.SQL
|
|
2009-09-10
|
|
Accommodation Hotel Booking Portal - 'hotel_id' SQL Injection
|
25 |
WEB
|
Mr.SQL
|
|
2009-09-10
|
|
iDesk - 'download.php?cat_id' SQL Injection
|
24 |
WEB
|
Mr.SQL
|
|
2009-09-10
|
|
MYRE Holiday Rental Manager - 'action' SQL Injection
|
22 |
WEB
|
Mr.SQL
|
|
2009-09-10
|
|
Graffiti CMS 1.x - Arbitrary File Upload
|
25 |
WEB
|
Alexander Concha
|
|
2009-09-10
|
|
nullam blog 0.1.2 - Local File Inclusion / File Disclosure / SQL Injection / Cross-Site Scripting
|
25 |
WEB
|
Salvatore Fresta
|
|
2009-09-10
|
|
Advanced Comment System 1.0 - Multiple Remote File Inclusions
|
23 |
WEB
|
Kurd-Team
|
|
2009-09-09
|
|
ChartDirector 5.0.1 - 'cacheId' Arbitrary File Disclosure
|
23 |
WEB
|
DokFLeed
|
|
2009-09-09
|
|
PHPNagios 1.2.0 - 'menu.php' Local File Inclusion
|
24 |
WEB
|
CoBRa_21
|
|
2009-09-09
|
|
Mambo Component Hestar - SQL Injection
|
25 |
WEB
|
M3NW5
|
|
2009-09-09
|
|
Agoko CMS 0.4 - Remote Command Execution
|
23 |
WEB
|
StAkeR
|
|
2009-09-09
|
|
Joomla! Component Joomloc 1.0 - 'id' SQL Injection
|
23 |
WEB
|
Chip d3 bi0s
|
|
2009-09-09
|
|
Model Agency Manager Pro - 'user_id' SQL Injection
|
25 |
WEB
|
R3d-D3V!L
|
|
2009-09-09
|
|
Joomla! Component TPDugg 1.1 - Blind SQL Injection
|
26 |
WEB
|
NoGe
|
|
2009-09-09
|
|
Joomla! Component BF Survey Pro Free - SQL Injection
|
23 |
WEB
|
jdc
|
|
2009-09-09
|
|
OBOphiX 2.7.0 - 'fonctions_racine.php' Remote File Inclusion
|
24 |
WEB
|
EA Ngel
|
|
2009-09-09
|
|
The Rat CMS Alpha 2 - Arbitrary File Upload
|
24 |
WEB
|
Securitylab.ir
|
|
2009-09-04
|
|
Joomla! Component com_Joomlaub - 'aid' SQL Injection
|
21 |
WEB
|
599eme Man
|
|
2009-09-04
|
|
Ticket Support Script - 'ticket.php' Arbitrary File Upload
|
23 |
WEB
|
InjEctOr5
|
|
2009-09-04
|
|
ZeroBoard 4.1 pl7 - 'now_connect()' Remote Code Execution
|
25 |
WEB
|
SpeeDr00t
|
|
2009-09-04
|
|
Mambo Component com_zoom - 'catid' Blind SQL Injection
|
21 |
WEB
|
boom3rang
|
|
2009-09-03
|
|
PHPope 1.0.0 - Multiple Remote File Inclusions
|
23 |
WEB
|
cr4wl3r
|
|
2009-09-03
|
|
FreeSchool 1.1.0 - Multiple Remote File Inclusions
|
25 |
WEB
|
cr4wl3r
|
|
2009-09-02
|
|
PHP Live! 3.3 - 'deptid' SQL Injection
|
24 |
WEB
|
v3n0m
|
|
2009-09-02
|
|
Ve-EDIT 0.1.4 - 'highlighter' Remote File Inclusion
|
23 |
WEB
|
RoMaNcYxHaCkEr
|
|
2009-09-02
|
|
Discuz! Plugin JiangHu 1.1 - 'id' SQL Injection
|
23 |
WEB
|
ZhaoHuAn
|
|
2009-09-01
|
|
DataLife Engine 8.2 - dle_config_api Remote File Inclusion
|
24 |
WEB
|
Kurd-Team
|
|
2009-09-01
|
|
Joomla! Component com_gameserver 1.0 - 'id' SQL Injection
|
25 |
WEB
|
v3n0m
|
|
2009-09-01
|
|
Ve-EDIT 0.1.4 - 'debug_PHP.php' Local File Inclusion
|
21 |
WEB
|
CoBRa_21
|
|
2009-09-01
|
|
phpBB3 - addon prime_quick_style GetAdmin
|
23 |
WEB
|
-SmoG-
|
|
2009-09-01
|
|
KingCMS 0.6.0 - 'menu.php' Remote File Inclusion
|
25 |
WEB
|
CoBRa_21
|
|
2009-09-01
|
|
Xstate Real Estate 1.0 - Blind SQL Injection / Cross-Site Scripting
|
23 |
WEB
|
Moudi
|
|
2009-09-01
|
|
Joomla! Component Agora 3.0.0b (com_agora) - Local File Inclusion
|
27 |
WEB
|
ByALBAYX
|
|
2009-09-01
|
|
Joomla! Component com_artportal 1.0 - 'portalid' SQL Injection
|
22 |
WEB
|
599eme Man
|
|
2009-09-01
|
|
JSFTemplating / Mojarra Scales / GlassFish - File Disclosure
|
23 |
WEB
|
SEC Consult
|
|
2009-08-31
|
|
osCommerce Online Merchant 2.2 RC2a - Code Execution
|
24 |
WEB
|
flyh4t
|
|
2009-08-31
|
|
Mybuxscript PTC-BUX - 'spnews.php' SQL Injection
|
24 |
WEB
|
HxH
|
|
2009-08-31
|
|
Rock Band CMS 0.10 - 'news.php' Multiple SQL Injections (1)
|
21 |
WEB
|
Affix
|
|
2009-08-31
|
|
Re-Script 0.99 Beta - 'listings.php?op' SQL Injection
|
27 |
WEB
|
Mr.SQL
|
|
2009-08-31
|
|
Modern Script 5.0 - 'index.php?s' SQL Injection
|
24 |
WEB
|
Red-D3v1L
|
