Blog RSSExploits RSSFacebook

WEB

Date D   Description Plat. Author
2009-09-10   MYRE Holiday Rental Manager - 'action' SQL Injection 28 WEB Mr.SQL
2009-09-10   Graffiti CMS 1.x - Arbitrary File Upload 31 WEB Alexander Concha
2009-09-10   nullam blog 0.1.2 - Local File Inclusion / File Disclosure / SQL Injection / Cross-Site Scripting 31 WEB Salvatore Fresta
2009-09-10   Advanced Comment System 1.0 - Multiple Remote File Inclusions 30 WEB Kurd-Team
2009-09-09   ChartDirector 5.0.1 - 'cacheId' Arbitrary File Disclosure 28 WEB DokFLeed
2009-09-09   PHPNagios 1.2.0 - 'menu.php' Local File Inclusion 30 WEB CoBRa_21
2009-09-09   Mambo Component Hestar - SQL Injection 31 WEB M3NW5
2009-09-09   Agoko CMS 0.4 - Remote Command Execution 29 WEB StAkeR
2009-09-09   Joomla! Component Joomloc 1.0 - 'id' SQL Injection 29 WEB Chip d3 bi0s
2009-09-09   Model Agency Manager Pro - 'user_id' SQL Injection 31 WEB R3d-D3V!L
2009-09-09   Joomla! Component TPDugg 1.1 - Blind SQL Injection 30 WEB NoGe
2009-09-09   Joomla! Component BF Survey Pro Free - SQL Injection 29 WEB jdc
2009-09-09   OBOphiX 2.7.0 - 'fonctions_racine.php' Remote File Inclusion 29 WEB EA Ngel
2009-09-09   The Rat CMS Alpha 2 - Arbitrary File Upload 31 WEB Securitylab.ir
2009-09-04   Joomla! Component com_Joomlaub - 'aid' SQL Injection 26 WEB 599eme Man
2009-09-04   Ticket Support Script - 'ticket.php' Arbitrary File Upload 29 WEB InjEctOr5
2009-09-04   ZeroBoard 4.1 pl7 - 'now_connect()' Remote Code Execution 29 WEB SpeeDr00t
2009-09-04   Mambo Component com_zoom - 'catid' Blind SQL Injection 29 WEB boom3rang
2009-09-03   PHPope 1.0.0 - Multiple Remote File Inclusions 28 WEB cr4wl3r
2009-09-03   FreeSchool 1.1.0 - Multiple Remote File Inclusions 32 WEB cr4wl3r
2009-09-02   PHP Live! 3.3 - 'deptid' SQL Injection 29 WEB v3n0m
2009-09-02   Ve-EDIT 0.1.4 - 'highlighter' Remote File Inclusion 28 WEB RoMaNcYxHaCkEr
2009-09-02   Discuz! Plugin JiangHu 1.1 - 'id' SQL Injection 29 WEB ZhaoHuAn
2009-09-01   DataLife Engine 8.2 - dle_config_api Remote File Inclusion 30 WEB Kurd-Team
2009-09-01   Joomla! Component com_gameserver 1.0 - 'id' SQL Injection 31 WEB v3n0m
2009-09-01   Ve-EDIT 0.1.4 - 'debug_PHP.php' Local File Inclusion 28 WEB CoBRa_21
2009-09-01   phpBB3 - addon prime_quick_style GetAdmin 29 WEB -SmoG-
2009-09-01   KingCMS 0.6.0 - 'menu.php' Remote File Inclusion 31 WEB CoBRa_21
2009-09-01   Xstate Real Estate 1.0 - Blind SQL Injection / Cross-Site Scripting 29 WEB Moudi
2009-09-01   Joomla! Component Agora 3.0.0b (com_agora) - Local File Inclusion 34 WEB ByALBAYX
2009-09-01   Joomla! Component com_artportal 1.0 - 'portalid' SQL Injection 27 WEB 599eme Man
2009-09-01   JSFTemplating / Mojarra Scales / GlassFish - File Disclosure 31 WEB SEC Consult
2009-08-31   osCommerce Online Merchant 2.2 RC2a - Code Execution 29 WEB flyh4t
2009-08-31   Mybuxscript PTC-BUX - 'spnews.php' SQL Injection 31 WEB HxH
2009-08-31   Rock Band CMS 0.10 - 'news.php' Multiple SQL Injections (1) 28 WEB Affix
2009-08-31   Re-Script 0.99 Beta - 'listings.php?op' SQL Injection 33 WEB Mr.SQL
2009-08-31   Modern Script 5.0 - 'index.php?s' SQL Injection 29 WEB Red-D3v1L
2009-08-28   Silurus Classifieds System - 'category.php' SQL Injection 36 WEB Mr.SQL
2009-08-27   Uiga Church Portal - 'year' SQL Injection 31 WEB Mr.SQL
2009-08-27   Joomla! Component com_digifolio 1.52 - 'id' SQL Injection 28 WEB v3n0m
2009-08-26   PHPSANE 0.5.0 - 'save.php' Remote File Inclusion 28 WEB CoBRa_21
2009-08-26   allomani 2007 - 'cat' SQL Injection 27 WEB NeX HaCkEr
2009-08-26   PAD Site Scripts 3.6 - 'list.php?string' SQL Injection 29 WEB Mr.SQL
2009-08-26   Open Auto Classifieds 1.5.9 - Multiple Vulnerabilities 28 WEB Andrew Horton
2009-08-26   Discuz! Plugin Crazy Star 2.0 - 'fmid' SQL Injection 30 WEB ZhaoHuAn
2009-08-26   Simple CMS Framework 1.0 - 'page' SQL Injection 30 WEB Red-D3v1L
2009-08-26   Moa Gallery 1.2.0 - 'p_filename' Remote File Disclosure 28 WEB GoLd_M
2009-08-26   totalcalendar 2.4 - Blind SQL Injection / Local File Inclusion 26 WEB Moudi
2009-08-26   Moa Gallery 1.2.0 - 'index.php?action' SQL Injection 30 WEB Mr.SQL
2009-08-26   Moa Gallery 1.2.0 - Multiple Remote File Inclusions 32 WEB cr4wl3r
2009-08-25   EMO Breader Manager - 'video.php?movie' SQL Injection 34 WEB Mr.SQL
2009-08-25   TCPDB 3.8 - Remote Content Change Bypass 27 WEB Securitylab.ir
2009-08-25   Turnkey Arcade Script - SQL Injection (2) 29 WEB Red-D3v1L
2009-08-25   Joomla! Component com_siirler 1.2 - 'sid' SQL Injection 29 WEB v3n0m
2009-08-24   Geeklog 1.6.0sr1 - Arbitrary File Upload 28 WEB JaL0h
2009-08-24   Joomla! Component com_jtips 1.0.x - 'season' Blind SQL Injection 30 WEB Chip d3 bi0s
2009-08-24   Joomla! Component com_ninjamonial 1.1 - 'testimID' SQL Injection 28 WEB Chip d3 bi0s
2009-08-24   New5starRating 1.0 - 'rating.php' SQL Injection 29 WEB Bgh7
2009-08-24   ITechBids 8.0 - 'ProductID' Blind SQL Injection 31 WEB Mr.SQL
2009-08-24   humanCMS - Authentication Bypass 33 WEB next
2009-08-24   Uebimiau Webmail 3.2.0-2.0 - Arbitrary Database Disclosure 29 WEB Septemb0x
2009-11-16   Dow Group - 'new.php' SQL Injection 30 WEB ProF.Code
2009-08-24   Lanai Core 0.6 - Remote File Disclosure / Info Disclosure 30 WEB Khashayar Fereidani
2009-08-24   Cuteflow 2.10.3 - 'edituser.php' Security Bypass 32 WEB Hever Costa Rocha
2009-08-24   PHP Dir Submit - 'aid' SQL Injection 32 WEB Mr.tro0oqy
2009-08-24   Arcade Trade Script 1.0b - (Authentication Bypass) Insecure Cookie Handling 35 WEB Mr.tro0oqy
2009-08-24   Moa Gallery 1.1.0 - 'gallery_id' SQL Injection 29 WEB Mr.tro0oqy
2009-08-18   asaher pro 1.0.4 - Remote Database Backup 31 WEB alnjm33
2009-08-18   Traidnt UP 2.0 - SQL Injection 28 WEB Jafer Al Zidjali
2009-08-18   Best Dating Script - Arbitrary File Upload 31 WEB jetli007
2009-08-18   CBAuthority - ClickBank Affiliate Management SQL Injection 31 WEB Angela Chang
2009-08-18   PHP Email Manager - 'remove.php?ID' SQL Injection 32 WEB MuShTaQ
2009-08-18   Ultimate Fade-in Slideshow 1.51 - Arbitrary File Upload 30 WEB NeX HaCkEr
2009-08-18   phpfreeBB 1.0 - Blind SQL Injection 30 WEB Moudi
2009-08-18   Fotoshow PRO - 'category' SQL Injection 30 WEB darkmasking
2009-08-18   Joomla! Component MisterEstate - Blind SQL Injection 28 WEB jdc
2009-08-18   Infinity 2.x - 'options[style_dir]' Local File Disclosure 25 WEB SwEET-DeViL
2009-08-18   E CMS 1.0 - 'index.php?s' SQL Injection 28 WEB Red-D3v1L
2009-08-18   autonomous lan party 0.98.3 - Remote File Inclusion 29 WEB cr4wl3r
2009-08-18   2WIRE Gateway - Authentication Bypass / Password Reset (2) 30 WEB bugz
2009-08-18   Videos Broadcast Yourself 2 - 'UploadID' SQL Injection 28 WEB Mr.SQL
2009-08-18   Arcadem Pro 2.8 - 'article' Blind SQL Injection 31 WEB Mr.SQL
2009-08-18   DreamPics Builder - 'exhibition_id' SQL Injection 28 WEB Mr.SQL
2009-08-18   vTiger CRM 5.0.4 - Remote Code Execution / Cross-Site Request Forgery / Local File Inclusion / Cross 33 WEB USH
2009-08-18   SPIP < 2.0.9 - Arbitrary Copy All Passwords to '.XML' File 30 WEB Kernel_Panik
2009-08-18   AJ Auction Pro OOPD 2.x - 'id' SQL Injection 28 WEB NoGe
2009-08-18   BaBB 2.8 - Remote Code Injection 28 WEB Khashayar Fereidani
2009-08-18   PHP-Lance 1.52 - Multiple Local File Inclusions 30 WEB jetli007
2009-08-14   MyWeight 1.0 - Arbitrary File Upload 29 WEB Mr.tro0oqy
2009-08-14   DS CMS 1.0 - 'nFileId' SQL Injection 27 WEB Mr.tro0oqy
2009-08-14   PHP Competition System 0.84 - 'competition' SQL Injection 28 WEB Mr.SQL
2009-08-14   Ignition 1.2 - 'comment' Remote Code Injection 29 WEB Khashayar Fereidani
2009-08-13   tgs CMS 0.x - Cross-Site Scripting / SQL Injection / File Disclosure 30 WEB []ViZiOn
2009-08-13   Gazelle CMS 1.0 - Arbitrary File Upload 31 WEB RoMaNcYxHaCkEr
2009-08-27   WordPress Plugin WP-Syntax 0.9.1 - Remote Command Execution 32 WEB Raz0r
2009-08-13   JBLOG 1.5.1 - SQL Table Backup 29 WEB Ams
2009-08-12   Gazelle CMS 1.0 - Multiple Vulnerabilities / Remote Code Execution 27 WEB IHTeam
2009-08-12   Plume CMS 1.2.3 - Multiple SQL Injections 29 WEB Sense of Security
2009-08-12   Gallarific 1.1 - '/gallery.php' Arbitrary Delete/Edit Category 29 WEB ilker Kandemir
2009-08-12   Shorty 0.7.1b - (Authentication Bypass) Insecure Cookie Handling 29 WEB Pedro Laguna
2009-08-11   OCS Inventory NG 1.2.1 - 'systemid' SQL Injection 32 WEB Guilherme Marinheiro
2009-08-11   Joomla! Component idoblog 1.1b30 (com_idoblog) - SQL Injection 30 WEB kkr
2009-08-11   WordPress Core 2.8.3 - Remote Admin Reset Password 29 WEB laurent gaffié
2009-08-10   Joomla! Component Kunena Forums (com_kunena) - Blind SQL Injection 32 WEB ilker Kandemir
2009-08-10   CMS Made Simple 1.6.2 - Local File Disclosure 29 WEB IHTeam
2009-08-10   Mini-CMS 1.0.1 - 'page.php' SQL Injection 30 WEB Ins3t
2009-08-10   Papoo CMS 3.7.3 - (Authenticated) Arbitrary Code Execution 30 WEB RedTeam Pentesting
2009-08-10   SmilieScript 1.0 - Authentication Bypass 33 WEB Mr.tro0oqy
2009-08-07   logoshows bbs 2.0 - File Disclosure / Insecure Cookie Handling 34 WEB ZoRLu
2009-08-07   Logoshows BBS 2.0 - Authentication Bypass 31 WEB Dns-Team
2009-08-07   Joomla! Component com_pms 2.0.4 - 'Ignore-List' SQL Injection 27 WEB M4dhead
2009-08-07   IsolSoft Support Center 2.5 - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting 31 WEB Moudi
2009-08-07   Facil Helpdesk - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting 29 WEB Moudi
2009-08-07   PHPCityPortal - Authentication Bypass 25 WEB CoBRa_21
2009-08-07   Arab Portal 2.2 - Blind Cookie Authentication Bypass 28 WEB Jafer Al Zidjali
2009-08-07   Typing Pal 1.0 - 'idTableProduit' SQL Injection 30 WEB Red-D3v1L
2009-08-07   Logoshows BBS 2.0 - 'forumid' SQL Injection 30 WEB Ruzgarin_Oglu
2009-08-07   Banner Exchange Script 1.0 - 'targetid' Blind SQL Injection 31 WEB 599eme Man
2009-08-07   PHotoLa Gallery 1.0 - Authentication Bypass 29 WEB Red-D3v1L
2009-08-07   Alwasel 1.5 - Multiple SQL Injections 31 WEB SwEET-DeViL
2009-08-06   LM Starmail 2.0 - SQL Injection / File Inclusion 31 WEB int_main();
2009-08-06   TYPO3 CMS 4.0 - 'showUid' SQL Injection 34 WEB Ro0T-MaFia
2009-08-06   PHP Script Forum Hoster - Topic Delete / Cross-Site Scripting 29 WEB int_main();
2009-08-05   Portel 2008 - 'decide.php?patron' Blind SQL Injection 32 WEB Chip d3 bi0s
2009-08-05   opennews 1.0 - SQL Injection / Remote Code Execution 31 WEB SirGod