|
2008-11-23
|
|
PG Job Site - Blind SQL Injection
|
4 |
WEB
|
ZoRLu
|
|
2008-11-23
|
|
Pilot Group PG Roommate Finder Solution - Authentication Bypass
|
4 |
WEB
|
ZoRLu
|
|
2008-11-23
|
|
PG Real Estate - Authentication Bypass
|
4 |
WEB
|
ZoRLu
|
|
2008-11-23
|
|
Netartmedia Blog System - SQL Injection
|
4 |
WEB
|
snakespc
|
|
2008-11-23
|
|
Netartmedia Cars Portal 2.0 - SQL Injection
|
4 |
WEB
|
snakespc
|
|
2008-11-23
|
|
Goople CMS 1.7 - Arbitrary File Upload
|
4 |
WEB
|
x0r
|
|
2008-11-23
|
|
Prozilla Hosting Index - 'id' SQL Injection
|
4 |
WEB
|
snakespc
|
|
2008-11-22
|
|
LoveCMS 1.6.2 Final (Simple Forum 3.1d) - Change Admin Password
|
4 |
WEB
|
cOndemned
|
|
2008-11-22
|
|
Ez Ringtone Manager - Multiple Remote File Disclosure Vulnerabilities
|
4 |
WEB
|
b3hz4d
|
|
2008-11-22
|
|
getaphpsite Auto Dealers - Arbitrary File Upload
|
4 |
WEB
|
ZoRLu
|
|
2008-11-22
|
|
getaphpsite Real Estate - Arbitrary File Upload
|
4 |
WEB
|
ZoRLu
|
|
2008-11-22
|
|
Vlog System 1.1 - SQL Injection
|
4 |
WEB
|
Mr.SQL
|
|
2008-11-22
|
|
Discuz! - Remote Reset User Password
|
4 |
WEB
|
80vul
|
|
2008-11-22
|
|
e107 Plugin ZoGo-Shop 1.15.4 - 'product' SQL Injection
|
5 |
WEB
|
NoGe
|
|
2008-11-21
|
|
Joomla! Component Thyme 1.0 - SQL Injection
|
4 |
WEB
|
Ded MustD!e
|
|
2008-11-20
|
|
VCalendar - Remote Database Disclosure
|
4 |
WEB
|
Swan
|
|
2008-11-20
|
|
Natterchat 1.1 - Remote Authentication Bypass
|
4 |
WEB
|
Stack
|
|
2008-11-20
|
|
ToursManager - 'tourview.php' Blind SQL Injection
|
4 |
WEB
|
XaDoS
|
|
2008-11-20
|
|
Natterchat 1.12 - Authentication Bypass
|
4 |
WEB
|
Stack
|
|
2008-11-20
|
|
vBulletin 3.7.3 - Visitor Message Cross-Site Request Forgery / Worm
|
4 |
WEB
|
Mx
|
|
2008-11-20
|
|
PHP-Fusion 7.00.1 - 'messages.php' SQL Injection
|
4 |
WEB
|
irk4z
|
|
2008-11-20
|
|
Natterchat 1.1 - Authentication Bypass
|
4 |
WEB
|
Bl@ckbe@rD
|
|
2008-11-20
|
|
wPortfolio 0.3 - Admin Password Changing
|
4 |
WEB
|
G4N0K
|
|
2008-11-20
|
|
PunBB Mod PunPortal 0.1 - Local File Inclusion
|
4 |
WEB
|
StAkeR
|
|
2008-11-19
|
|
AskPert - Authentication Bypass
|
4 |
WEB
|
TR-ShaRk
|
|
2008-11-19
|
|
wPortfolio 0.3 - Arbitrary File Upload
|
4 |
WEB
|
Osirys
|
|
2008-11-19
|
|
Pre Job Board - Authentication Bypass
|
4 |
WEB
|
R3d-D3V!L
|
|
2008-11-19
|
|
RevSense 1.0 - Authentication Bypass
|
5 |
WEB
|
d3b4g
|
|
2008-11-19
|
|
MauryCMS 0.53.2 - Arbitrary File Upload
|
4 |
WEB
|
StAkeR
|
|
2008-11-19
|
|
MyTopix 1.3.0 - SQL Injection
|
4 |
WEB
|
cOndemned
|
|
2008-11-19
|
|
PunBB (Private Messaging System 1.2.x) - Multiple Local File Inclusions
|
4 |
WEB
|
StAkeR
|
|
2008-11-19
|
|
Alex Article-Engine 1.3.0 - 'FCKeditor' Arbitrary File Upload
|
4 |
WEB
|
Batter
|
|
2008-11-19
|
|
Alex News-Engine 1.5.1 - Arbitrary File Upload
|
4 |
WEB
|
Batter
|
|
2008-11-18
|
|
E-topbiz Link Back Checker 1 - Insecure Cookie Handling
|
4 |
WEB
|
x0r
|
|
2008-11-18
|
|
Free Directory Script 1.1.1 - 'API_HOME_DIR' Remote File Inclusion
|
4 |
WEB
|
Ghost Hacker
|
|
2008-11-18
|
|
Pluck CMS 4.5.3 - 'g_pcltar_lib_dir' Local File Inclusion
|
4 |
WEB
|
DSecRG
|
|
2008-11-18
|
|
MusicBox 2.3.8 - 'viewalbums.php' SQL Injection
|
3 |
WEB
|
snakespc
|
|
2008-11-17
|
|
VideoScript 4.0.1.50 - Change Admin Password
|
4 |
WEB
|
G4N0K
|
|
2008-11-17
|
|
Ultrastats 0.2.144/0.3.11 - 'serverid' SQL Injection
|
4 |
WEB
|
eek
|
|
2008-11-17
|
|
SaturnCMS - Blind SQL Injection
|
3 |
WEB
|
Hussin X
|
|
2008-11-17
|
|
Simple Customer 1.2 - Authentication Bypass
|
5 |
WEB
|
d3b4g
|
|
2008-11-17
|
|
Jadu Galaxies - 'categoryId' Blind SQL Injection
|
5 |
WEB
|
ZoRLu
|
|
2008-11-17
|
|
PHPfan 3.3.4 - 'init.php' Remote File Inclusion
|
5 |
WEB
|
ahmadbady
|
|
2008-11-17
|
|
Q-Shop 3.0 - Cross-Site Scripting / SQL Injection
|
5 |
WEB
|
Bl@ckbe@rD
|
|
2008-11-17
|
|
FREEze Greetings 1.0 - Remote Password Retrieve
|
4 |
WEB
|
cOndemned
|
|
2008-11-17
|
|
E-topbiz ADManager 4 - 'group' Blind SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-17
|
|
OpenASP 3.0 - Blind SQL Injection
|
4 |
WEB
|
StAkeR
|
|
2008-11-17
|
|
mxCamArchive 2.2 - Bypass Configuration Download
|
4 |
WEB
|
ahmadbady
|
|
2008-11-16
|
|
PHPstore Wholesale - 'id' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-16
|
|
FloSites Blog - Multiple SQL Injections
|
5 |
WEB
|
Vrs-hCk
|
|
2008-11-16
|
|
yahoo answers - 'id' SQL Injection
|
4 |
WEB
|
snakespc
|
|
2008-11-15
|
|
Minigal b13 - Remote File Disclosure
|
4 |
WEB
|
Alfons Luja
|
|
2008-11-15
|
|
ClipShare Pro 2006-2007 - 'chid' SQL Injection
|
4 |
WEB
|
snakespc
|
|
2008-11-14
|
|
TurnkeyForms Text Link Sales - 'id' Cross-Site Scripting / SQL Injection
|
4 |
WEB
|
ZoRLu
|
|
2008-11-14
|
|
X7 Chat 2.0.5 - Authentication Bypass
|
4 |
WEB
|
ZoRLu
|
|
2008-11-14
|
|
GS Real Estate Portal - Multiple SQL Injections
|
4 |
WEB
|
InjEctOr5
|
|
2008-11-14
|
|
SlimCMS 1.0.0 - 'edit.php' SQL Injection
|
4 |
WEB
|
StAkeR
|
|
2008-11-14
|
|
Bankoi Webhost Panel 1.20 - Authentication Bypass
|
4 |
WEB
|
R3d-D3V!L
|
|
2008-11-14
|
|
Discuz! 6.x/7.x - Remote Code Execution
|
4 |
WEB
|
80vul
|
|
2008-11-14
|
|
TurnkeyForms - Text Link Sales Authentication Bypass
|
4 |
WEB
|
G4N0K
|
|
2008-11-14
|
|
GS Real Estate Portal US/International Module - Multiple Vulnerabilities
|
4 |
WEB
|
ZoRLu
|
|
2008-11-14
|
|
Alstrasoft Web Host Directory 1.2 - Multiple Vulnerabilities
|
4 |
WEB
|
G4N0K
|
|
2008-11-13
|
|
MemHT Portal 4.0.1 - SQL Injection / Code Execution
|
4 |
WEB
|
Ams
|
|
2008-11-13
|
|
BandSite CMS 1.1.4 - Insecure Cookie Handling
|
4 |
WEB
|
Stack
|
|
2008-11-13
|
|
ScriptsFeed (SF) Recipes Listing Portal - Arbitrary File Upload
|
4 |
WEB
|
ZoRLu
|
|
2008-11-13
|
|
ScriptsFeed (SF) Auto Classifieds Software - Arbitrary File Upload
|
4 |
WEB
|
ZoRLu
|
|
2008-11-13
|
|
ScriptsFeed (SF) Real Estate Classifieds Software - Arbitrary File Upload
|
4 |
WEB
|
ZoRLu
|
|
2008-11-12
|
|
TurnkeyForms Web Hosting Directory - Multiple Vulnerabilities
|
5 |
WEB
|
G4N0K
|
|
2008-11-12
|
|
TurnkeyForms Local Classifieds - Authentication Bypass
|
4 |
WEB
|
G4N0K
|
|
2008-11-12
|
|
Quick Poll Script - 'id' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-12
|
|
Alstrasoft Web Host Directory - Authentication Bypass
|
4 |
WEB
|
ZoRLu
|
|
2008-11-12
|
|
Alstrasoft Article Manager Pro 1.6 - Authentication Bypass
|
4 |
WEB
|
ZoRLu
|
|
2008-11-12
|
|
Alstrasoft SendIt Pro - Arbitrary File Upload
|
4 |
WEB
|
ZoRLu
|
|
2008-11-11
|
|
PozScripts Business Directory Script - 'cid' SQL Injection
|
3 |
WEB
|
Hussin X
|
|
2008-11-11
|
|
Joomla! Component com_marketplace 1.2.1 - 'catid' SQL Injection
|
4 |
WEB
|
TR-ShaRk
|
|
2008-11-11
|
|
Joomla! Component Simple RSS Reader 1.0 - Remote File Inclusion
|
4 |
WEB
|
NoGe
|
|
2008-11-11
|
|
Joomla! / Mambo Component com_catalogproduction - 'id' SQL Injection
|
4 |
WEB
|
boom3rang
|
|
2008-11-11
|
|
Pre Real Estate Listings - Arbitrary File Upload
|
4 |
WEB
|
BackDoor
|
|
2008-11-11
|
|
Joomla! Component Contact Info 1.0 - SQL Injection
|
4 |
WEB
|
boom3rang
|
|
2008-11-11
|
|
Joomla! Component com_books - 'book_id' SQL Injection
|
4 |
WEB
|
boom3rang
|
|
2008-11-11
|
|
Aj Classifieds - Authentication Bypass
|
4 |
WEB
|
G4N0K
|
|
2008-11-10
|
|
AJ Auction - Authentication Bypass
|
4 |
WEB
|
G4N0K
|
|
2008-11-10
|
|
AJSquare Free Polling Script - 'DB' Multiple Vulnerabilities
|
4 |
WEB
|
G4N0K
|
|
2008-11-10
|
|
PHPStore Real Estate - Arbitrary File Upload
|
4 |
WEB
|
ZoRLu
|
|
2008-11-10
|
|
PHPStore Complete Classifieds Script - Arbitrary File Upload
|
4 |
WEB
|
ZoRLu
|
|
2008-11-10
|
|
PHPStore PHP Job Search Script - Arbitrary File Upload
|
4 |
WEB
|
ZoRLu
|
|
2008-11-10
|
|
PHPStore Car Dealers - Arbitrary File Upload
|
4 |
WEB
|
ZoRLu
|
|
2008-11-10
|
|
AJ Article 1.0 - Remote Authentication Bypass
|
4 |
WEB
|
G4N0K
|
|
2008-11-10
|
|
fresh email script 1.0 - Multiple Vulnerabilities
|
4 |
WEB
|
Don
|
|
2008-11-10
|
|
FREEsimplePHPGuestbook - 'Guestbook.php' Remote Code Execution
|
4 |
WEB
|
GoLd_M
|
|
2008-11-10
|
|
Joomla! Component JooBlog 0.1.1 - 'PostID' SQL Injection
|
4 |
WEB
|
boom3rang
|
|
2008-11-10
|
|
OTManager CMS 2.4 - 'Tipo' Remote File Inclusion
|
4 |
WEB
|
Colt7r
|
|
2008-11-10
|
|
Collabtive 0.4.8 - Cross-Site Scripting / Authentication Bypass / Arbitrary File Upload
|
4 |
WEB
|
USH
|
|
2008-11-09
|
|
Openfire Server 3.6.0a - Authentication Bypass / SQL Injection / Cross-Site Scripting
|
4 |
WEB
|
Andreas Kurtz
|
|
2008-11-09
|
|
X10media Mp3 Search Engine 1.6 - Remote File Disclosure
|
4 |
WEB
|
THUNDER
|
|
2008-11-09
|
|
ZEEMATRI 3.0 - 'adid' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-09
|
|
ExoPHPDesk 1.2 Final - Authentication Bypass
|
4 |
WEB
|
Cyber-Zone
|
|
2008-11-08
|
|
Zeeways PHOTOVIDEOTUBE 1.1 - Authentication Bypass
|
4 |
WEB
|
Stack
|
|
2008-11-08
|
|
V3 Chat Live Support 3.0.4 - Insecure Cookie Handling
|
4 |
WEB
|
Cyber-Zone
|
|
2008-11-08
|
|
Mole Group Airline Ticket Script - Authentication Bypass
|
4 |
WEB
|
Cyber-Zone
|
|
2008-11-08
|
|
DigiAffiliate 1.4 - Authentication Bypass
|
3 |
WEB
|
d3b4g
|
|
2008-11-08
|
|
Zeeways Shaadi Clone 2.0 - Authentication Bypass (1)
|
3 |
WEB
|
G4N0K
|
|
2008-11-08
|
|
Cyberfolio 7.12.2 - 'theme' Local File Inclusion
|
4 |
WEB
|
dun
|
|
2008-11-08
|
|
Mambo Component n-form - 'form_id' Blind SQL Injection
|
4 |
WEB
|
boom3rang
|
|
2008-11-08
|
|
V3 Chat Profiles/Dating Script 3.0.2 - Insecure Cookie Handling
|
4 |
WEB
|
Stack
|
|
2008-11-08
|
|
Zeeways ZeeJobsite 2.0 - Arbitrary File Upload
|
4 |
WEB
|
ZoRLu
|
|
2008-11-08
|
|
V3 Chat Profiles/Dating Script 3.0.2 - Authentication Bypass
|
4 |
WEB
|
d3b4g
|
|
2008-11-08
|
|
Enthusiast 3.1.4 - 'show_joined.php' Remote File Inclusion
|
4 |
WEB
|
BugReport.IR
|
|
2008-11-08
|
|
zeeproperty 1.0 - Arbitrary File Upload / Cross-Site Scripting
|
4 |
WEB
|
ZoRLu
|
|
2008-11-08
|
|
MemHT Portal 4.0 - Remote Code Execution
|
4 |
WEB
|
Ams
|
|
2008-11-07
|
|
Myiosoft EasyBookMarker 4 - 'Parent' SQL Injection
|
4 |
WEB
|
G4N0K
|
|
2008-11-07
|
|
Domain Seller Pro 1.5 - 'id' SQL Injection
|
4 |
WEB
|
TR-ShaRk
|
|
2008-11-07
|
|
E-topbiz Number Links 1 - 'id' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-07
|
|
Mini Web Calendar 1.2 - File Disclosure / Cross-Site Scripting
|
4 |
WEB
|
ahmadbady
|
|
2008-11-07
|
|
E-topbiz Online Store 1 - 'cat_id' SQL Injection
|
4 |
WEB
|
Stack
|
|
2008-11-07
|
|
DELTAScripts PHP Classifieds 7.5 - SQL Injection
|
4 |
WEB
|
ZoRLu
|
|
2008-11-07
|
|
MyioSoft EasyCalendar - Authentication Bypass
|
3 |
WEB
|
ZoRLu
|
|
2008-11-07
|
|
MyioSoft EasyBookMarker 4.0 - Authentication Bypass
|
3 |
WEB
|
ZoRLu
|
|
2008-11-07
|
|
MyioSoft Ajax Portal 3.0 - Authentication Bypass
|
3 |
WEB
|
ZoRLu
|
|
2008-11-07
|
|
Mole Group Rental Script - Authentication Bypass
|
3 |
WEB
|
Cyber-Zone
|
|
2008-11-07
|
|
PHP Auto Listings Script - Authentication Bypass
|
3 |
WEB
|
r45c4l
|
|
2008-11-07
|
|
E-topbiz Online Store 1 - Authentication Bypass
|
2 |
WEB
|
ZoRLu
|
|
2008-11-07
|
|
Joomla! Component Feederator 1.0.5 - Multiple Remote File Inclusions
|
3 |
WEB
|
NoGe
|
|
2008-11-07
|
|
Joomla! Component Recly!Competitions 1.0.0 - Multiple Remote File Inclusions
|
3 |
WEB
|
NoGe
|
|
2008-11-07
|
|
Joomla! Component ClickHeat 1.0.1 - Multiple Remote File Inclusions
|
3 |
WEB
|
NoGe
|
