|
2009-08-03
|
|
Arab Portal 2.2 - 'mod.php' Local File Inclusion
|
4 |
WEB
|
Qabandi
|
|
2009-08-03
|
|
Multi Website 1.5 - index PHP action SQL Injection
|
4 |
WEB
|
SarBoT511
|
|
2009-08-03
|
|
elvin bts 1.2.2 - SQL Injection / Cross-Site Scripting
|
4 |
WEB
|
599eme Man
|
|
2009-08-03
|
|
Questions Answered 1.3 - Authentication Bypass
|
4 |
WEB
|
snakespc
|
|
2009-08-03
|
|
x10 media adult script 1.7 - Multiple Vulnerabilities
|
4 |
WEB
|
Moudi
|
|
2009-08-03
|
|
Miniweb 2.0 Module Survey Pro - Blind SQL Injection / Cross-Site Scripting
|
3 |
WEB
|
Moudi
|
|
2009-08-03
|
|
Miniweb 2.0 Module Publisher - Blind SQL Injection / Cross-Site Scripting
|
3 |
WEB
|
Moudi
|
|
2009-08-03
|
|
simplePHPWeb 0.2 - 'files.php' Authentication Bypass
|
4 |
WEB
|
SirGod
|
|
2009-08-03
|
|
SimpleLoginSys 0.5 - Authentication Bypass
|
4 |
WEB
|
SirGod
|
|
2009-08-03
|
|
TT Web Site Manager 0.5 - Authentication Bypass
|
4 |
WEB
|
SirGod
|
|
2009-08-03
|
|
QuickDev 4 - 'download.php' File Disclosure
|
4 |
WEB
|
SirGod
|
|
2009-08-03
|
|
Netpet CMS 1.9 - 'confirm.php?language' Local File Inclusion
|
4 |
WEB
|
SirGod
|
|
2009-08-03
|
|
Ajax Short URL Script - Authentication Bypass
|
4 |
WEB
|
Cicklow
|
|
2009-08-03
|
|
ProjectButler 1.5.0 - 'pda_projects.php?offset' Remote File Inclusion
|
4 |
WEB
|
cr4wl3r
|
|
2009-08-03
|
|
AW BannerAd - Authentication Bypass
|
4 |
WEB
|
Ro0T-MaFia
|
|
2009-08-01
|
|
Mobilelib Gold 3.0 - Authentication Bypass / SQL Injection
|
4 |
WEB
|
SwEET-DeViL
|
|
2009-08-01
|
|
aa33code 0.0.1 - Local File Inclusion / Authentication Bypass / File Disclosure
|
4 |
WEB
|
SirGod
|
|
2009-08-01
|
|
PortalXP Teacher Edition 1.2 - Multiple SQL Injections
|
4 |
WEB
|
SirGod
|
|
2009-08-01
|
|
Joomla! Component com_jfusion - 'itemID' Blind SQL Injection
|
4 |
WEB
|
Chip d3 bi0s
|
|
2009-08-01
|
|
MAXcms 3.11.20b - Multiple Remote File Inclusions
|
5 |
WEB
|
NoGe
|
|
2009-08-01
|
|
Arab Portal 2.x - 'forum.php' SQL Injection
|
4 |
WEB
|
rEcruit
|
|
2009-07-30
|
|
linkSpheric 0.74b6 - 'listID' SQL Injection
|
4 |
WEB
|
NoGe
|
|
2009-07-30
|
|
PunBB Reputation.php Mod 2.0.4 - Local File Inclusion
|
4 |
WEB
|
Dante90
|
|
2009-07-30
|
|
MUJE CMS 1.0.4.34 - Local File Inclusion
|
4 |
WEB
|
SirGod
|
|
2009-07-30
|
|
Really Simple CMS 0.3a - 'PT' Local File Inclusion
|
4 |
WEB
|
SirGod
|
|
2009-07-30
|
|
d.net CMS - Local File Inclusion / SQL Injection
|
4 |
WEB
|
SirGod
|
|
2009-07-30
|
|
cmsphp 0.21 - Local File Inclusion / Cross-Site Scripting
|
4 |
WEB
|
SirGod
|
|
2009-07-30
|
|
dit.cms 1.3 - 'path/sitemap/relPath' Local File Inclusion
|
4 |
WEB
|
SirGod
|
|
2009-07-30
|
|
Orbis CMS 1.0 - File Delete / Download File / Arbitrary File Upload / SQL Injection
|
4 |
WEB
|
SirGod
|
|
2009-07-30
|
|
justVisual 1.2 - 'fs_jVroot' Remote File Inclusion
|
4 |
WEB
|
SirGod
|
|
2009-07-30
|
|
Ultrize TimeSheet 1.2.2 - 'readfile()' Local File Disclosure
|
5 |
WEB
|
GoLd_M
|
|
2009-07-28
|
|
ultrize timesheet 1.2.2 - Remote File Inclusion
|
4 |
WEB
|
NoGe
|
|
2009-07-28
|
|
TinyBrowser (TinyMCE Editor File browser) 1.41.6 - Multiple Vulnerabilities
|
3 |
WEB
|
Aung Khant
|
|
2009-07-28
|
|
PaoLiber 1.1 - 'login_ok' Authentication Bypass
|
4 |
WEB
|
SirGod
|
|
2009-07-28
|
|
PaoBacheca Guestbook 2.1 - 'login_ok' Authentication Bypass
|
4 |
WEB
|
SirGod
|
|
2009-07-28
|
|
PaoLink 1.0 - 'login_ok' Authentication Bypass
|
5 |
WEB
|
SirGod
|
|
2009-07-28
|
|
In-portal 4.3.1 - Arbitrary File Upload
|
4 |
WEB
|
Mr.tro0oqy
|
|
2009-07-28
|
|
PunBB Reputation.php Mod 2.0.4 - Blind SQL Injection
|
4 |
WEB
|
Dante90
|
|
2009-07-28
|
|
phpArcadeScript 4.0 - 'id' SQL Injection
|
4 |
WEB
|
MizoZ
|
|
2009-07-28
|
|
PHP Paid 4 Mail Script - 'paidbanner.php?ID' SQL Injection
|
4 |
WEB
|
ThE g0bL!N
|
|
2009-07-27
|
|
SerWeb 2.1.0-dev1 2009-07-02 - Multiple Remote File Inclusions
|
3 |
WEB
|
GoLd_M
|
|
2009-07-27
|
|
Magician Blog 1.0 - Authentication Bypass
|
4 |
WEB
|
Evil-Cod3r
|
|
2009-07-27
|
|
Magician Blog 1.0 - 'ids' SQL Injection
|
4 |
WEB
|
Evil-Cod3r
|
|
2009-07-27
|
|
Limny 1.01 - Authentication Bypass
|
4 |
WEB
|
SirGod
|
|
2009-07-27
|
|
PunBB Automatic Image Upload 1.3.5 - Arbitrary File Delete
|
4 |
WEB
|
Dante90
|
|
2009-07-27
|
|
PunBB Automatic Image Upload 1.3.5 - SQL Injection
|
4 |
WEB
|
Dante90
|
|
2009-07-27
|
|
Joomla! Component IXXO Cart! Standalone and - SQL Injection
|
4 |
WEB
|
sm0k3
|
|
2009-07-27
|
|
Allomani Movies & Clips 2.7.0 - Blind SQL Injection
|
3 |
WEB
|
Qabandi
|
|
2009-07-27
|
|
Allomani Songs & Clips 2.7.0 - Blind SQL Injection
|
4 |
WEB
|
Qabandi
|
|
2009-07-27
|
|
Allomani Mobile 2.5 - Blind SQL Injection
|
4 |
WEB
|
Qabandi
|
|
2009-07-27
|
|
Inout Adserver - 'id' SQL Injection
|
4 |
WEB
|
boom3rang
|
|
2009-07-27
|
|
Super Mod System 3.0 - 's' SQL Injection
|
4 |
WEB
|
MizoZ
|
|
2009-07-27
|
|
PHP Paid 4 Mail Script - 'home.php' Remote File Inclusion
|
4 |
WEB
|
int_main();
|
|
2009-07-27
|
|
VS PANEL 7.5.5 - 'Cat_ID' SQL Injection
|
4 |
WEB
|
octopos
|
|
2009-07-27
|
|
iwiccle 1.01 - Local File Inclusion / SQL Injection
|
4 |
WEB
|
SirGod
|
|
2009-07-27
|
|
URA 3.0 - 'cat' SQL Injection
|
3 |
WEB
|
Chip d3 bi0s
|
|
2009-07-27
|
|
garagesalesjunkie - SQL Injection / Cross-Site Scripting
|
4 |
WEB
|
Moudi
|
|
2009-07-27
|
|
XOOPS Celepar Module Qas - Blind SQL Injection / Cross-Site Scripting
|
4 |
WEB
|
Moudi
|
|
2009-07-27
|
|
skadate dating - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting
|
4 |
WEB
|
Moudi
|
|
2009-07-27
|
|
almond Classifieds ads - Blind SQL Injection / Cross-Site Scripting
|
3 |
WEB
|
Moudi
|
|
2009-07-27
|
|
Joomla! Component Almond Classifieds com_aclassf 7.5 - Multiple Vulnerabilities
|
4 |
WEB
|
Moudi
|
|
2009-07-24
|
|
Pixaria Gallery 2.3.5 - 'file' Remote File Disclosure
|
4 |
WEB
|
Qabandi
|
|
2009-07-24
|
|
Scripteen Free Image Hosting Script 2.3 - Insecure Cookie Handling
|
4 |
WEB
|
Qabandi
|
|
2009-07-24
|
|
Clip Bucket 1.7.1 - Insecure Cookie Handling
|
4 |
WEB
|
Qabandi
|
|
2009-07-24
|
|
PHP Live! 3.2.2 - 'questid' SQL Injection (2)
|
4 |
WEB
|
skys
|
|
2009-07-24
|
|
Scripteen Free Image Hosting Script 2.3 - SQL Injection
|
4 |
WEB
|
Coksnuss
|
|
2009-07-24
|
|
Deonixscripts Templates Management 1.3 - SQL Injection
|
4 |
WEB
|
d3b4g
|
|
2009-07-24
|
|
WordPress Core 2.8.1 - 'url' Cross-Site Scripting
|
4 |
WEB
|
superfreakaz0rz
|
|
2009-07-24
|
|
XOOPS Celepar Module Qas - 'codigo' SQL Injection
|
4 |
WEB
|
s4r4d0
|
|
2009-07-24
|
|
SaphpLesson 4.0 - Authentication Bypass
|
4 |
WEB
|
SwEET-DeViL
|
|
2009-07-24
|
|
Basilic 1.5.13 - 'index.php?idAuthor' SQL Injection
|
4 |
WEB
|
NoGe
|
|
2009-07-24
|
|
Joomla! Extension UIajaxIM 1.1 - JavaScript Execution
|
4 |
WEB
|
599eme Man
|
|
2009-07-24
|
|
Million-Dollar Pixel Ads Platinum - SQL Injection / Cross-Site Scripting
|
4 |
WEB
|
Moudi
|
|
2009-07-23
|
|
PHP Melody 1.5.3 - Arbitrary File Upload Injection
|
4 |
WEB
|
Chip d3 bi0s
|
|
2009-07-23
|
|
Joomla! Component com_Joomlaoads - 'packageId' SQL Injection
|
3 |
WEB
|
Mr.tro0oqy
|
|
2009-07-23
|
|
AWCM 2.1 - Local File Inclusion / Authentication Bypass
|
5 |
WEB
|
SwEET-DeViL
|
|
2009-07-23
|
|
Groone's GLink ORGanizer 2.1 - 'cat' Blind SQL Injection
|
4 |
WEB
|
599eme Man
|
|
2009-07-23
|
|
e107 Plugin my_gallery 2.4.1 - 'readfile()' Local File Disclosure
|
4 |
WEB
|
NoGe
|
|
2009-07-22
|
|
Phorum 5.2.11 - Persistent Cross-Site Scripting
|
4 |
WEB
|
Crashfr
|
|
2009-07-21
|
|
Meta Search Engine Script - 'url' Local File Disclosure
|
4 |
WEB
|
Moudi
|
|
2009-07-21
|
|
phpDirectorySource 1.0 - Cross-Site Scripting / SQL Injection
|
4 |
WEB
|
Moudi
|
|
2009-07-21
|
|
AnotherPHPBook (APB) 1.3.0 - Authentication Bypass
|
4 |
WEB
|
n3w7u
|
|
2009-07-20
|
|
powerUpload 2.4 - (Authentication Bypass) Insecure Cookie Handling
|
5 |
WEB
|
InjEctOr5
|
|
2009-07-20
|
|
E-Xoopport 3.1 Module MyAnnonces - 'lid' SQL Injection
|
4 |
WEB
|
Vrs-hCk
|
|
2009-07-20
|
|
Alibaba-clone CMS - SQL Injection / Blind SQL Injection
|
4 |
WEB
|
599eme Man
|
|
2009-07-20
|
|
mcshoutbox 1.1 - SQL Injection / Cross-Site Scripting / shell
|
4 |
WEB
|
SirGod
|
|
2009-07-20
|
|
MiniCWB 2.3.0 - 'lang' Remote File Inclusion
|
4 |
WEB
|
NoGe
|
|
2009-07-20
|
|
Netrix CMS 1.0 - Authentication Bypass
|
3 |
WEB
|
Mr.tro0oqy
|
|
2009-07-20
|
|
Silentum Guestbook 2.0.2 - 'silentum_Guestbook.php' SQL Injection
|
4 |
WEB
|
Bgh7
|
|
2009-07-17
|
|
radnics gold 5.0 - Multiple Vulnerabilities
|
4 |
WEB
|
Moudi
|
|
2009-07-17
|
|
radlance gold 7.5 - Multiple Vulnerabilities
|
4 |
WEB
|
Moudi
|
|
2009-07-17
|
|
radbids gold 4.0 - Multiple Vulnerabilities
|
4 |
WEB
|
Moudi
|
|
2009-07-17
|
|
WebVision 2.1 - 'news.php?n' SQL Injection
|
4 |
WEB
|
Mr.tro0oqy
|
|
2009-07-17
|
|
Joomla! Component Jobline 1.3.1 - Blind SQL Injection
|
5 |
WEB
|
ManhLuat93
|
|
2009-07-17
|
|
good/bad vote - Cross-Site Scripting / Local File Inclusion
|
4 |
WEB
|
Moudi
|
|
2009-07-17
|
|
Ger Versluis 2000 5.5 24 - 'SITE_fiche.php' SQL Injection
|
5 |
WEB
|
DeCo017
|
|
2009-07-17
|
|
Battle Blog 1.25 - Authentication Bypass / SQL Injection / HTML Injection
|
3 |
WEB
|
$qL_DoCt0r
|
|
2009-07-17
|
|
AJOX Poll - 'managepoll.php' Authentication Bypass
|
3 |
WEB
|
SirGod
|
|
2009-07-17
|
|
Super Simple Blog Script 2.5.4 - 'entry' SQL Injection
|
4 |
WEB
|
JIKO
|
|
2009-07-17
|
|
Super Simple Blog Script 2.5.4 - Local File Inclusion
|
3 |
WEB
|
JIKO
|
|
2009-07-16
|
|
dB Masters MultiMedia's Content Manager 4.5 - SQL Injection
|
5 |
WEB
|
NoGe
|
|
2009-07-16
|
|
PHP Live! 3.2.1/2 - 'x' Blind SQL Injection
|
5 |
WEB
|
boom3rang
|
|
2009-07-16
|
|
VS PANEL 7.5.5 - 'results.php?Cat_ID' SQL Injection
|
4 |
WEB
|
C0D3R-Dz
|
|
2009-07-16
|
|
ZenPhoto Gallery 1.2.5 - Admin Password Reset (Cross-Site Request Forgery)
|
3 |
WEB
|
petros
|
|
2009-07-16
|
|
webLeague 2.2.0 - Authentication Bypass
|
4 |
WEB
|
ka0x
|
|
2009-07-16
|
|
webLeague 2.2.0 - 'install.php' Remote Change Password
|
4 |
WEB
|
TiGeR-Dz
|
|
2009-07-15
|
|
WebLeague 2.2.0 - 'profile.php' SQL Injection
|
4 |
WEB
|
Arka69
|
|
2009-07-15
|
|
Admin News Tools - Remote Contents Change
|
3 |
WEB
|
Securitylab.ir
|
|
2009-07-15
|
|
Infinity 2.0.5 - Arbitrary Create Admin
|
4 |
WEB
|
Qabandi
|
|
2009-07-15
|
|
Greenwood Content Manager 0.3.2 - Local File Inclusion
|
4 |
WEB
|
Khashayar Fereidani
|
|
2009-07-15
|
|
PHPGenealogy 2.0 - 'DataDirectory' Remote File Inclusion
|
3 |
WEB
|
Khashayar Fereidani
|
|
2009-07-15
|
|
ZenPhoto 1.2.5 - Completely Blind SQL Injection
|
3 |
WEB
|
petros
|
|
2009-07-15
|
|
Admin News Tools 2.5 - 'fichier' Remote File Disclosure
|
4 |
WEB
|
Securitylab.ir
|
|
2009-07-15
|
|
ILIAS Lms 3.9.9/3.10.7 - Arbitrary Edition / Information Disclosure
|
4 |
WEB
|
YEnH4ckEr
|
|
2009-07-15
|
|
WordPress Plugin My Category Order 2.8 - SQL Injection
|
5 |
WEB
|
Manh Luat
|
|
2009-07-14
|
|
Traidnt UP 2.0 - Blind SQL Injection
|
4 |
WEB
|
Qabandi
|
|
2009-07-14
|
|
Mobilelib Gold 3.0 - Local File Disclosure
|
4 |
WEB
|
Qabandi
|
|
2009-07-14
|
|
DJ Calendar - 'DJcalendar.cgi TEMPLATE' File Disclosure
|
5 |
WEB
|
cibbao
|
|
2009-07-13
|
|
onepound shop 1.x - 'products.php' SQL Injection
|
4 |
WEB
|
Affix
|
|
2009-07-13
|
|
RunCMS 1.6.3 - Remote Shell Injection
|
5 |
WEB
|
StAkeR
|
|
2009-07-12
|
|
PHP AdminPanel Free 1.0.5 - Remote File Disclosure
|
5 |
WEB
|
Khashayar Fereidani
|
|
2009-07-12
|
|
censura 1.16.04 - Blind SQL Injection / Cross-Site Scripting
|
4 |
WEB
|
Vrs-hCk
|
|
2009-07-11
|
|
d.net CMS - Arbitrary Reinstall/Blind SQL Injection
|
4 |
WEB
|
darkjoker
|
|
2009-07-11
|
|
Joomla! Component com_category - 'catid' SQL Injection
|
4 |
WEB
|
Prince_Pwn3r
|
|
2009-07-11
|
|
Ebay Clone 2009 - Multiple SQL Injections
|
4 |
WEB
|
MizoZ
|
