|
2008-11-07
|
|
TurnkeyForms Local Classifieds - Cross-Site Scripting / SQL Injection
|
3 |
WEB
|
TR-ShaRk
|
|
2008-11-07
|
|
U&M Software Event Lister 1.0 - Authentication Bypass
|
3 |
WEB
|
G4N0K
|
|
2008-11-07
|
|
U&M Software JustBookIt 1.0 - Authentication Bypass
|
2 |
WEB
|
G4N0K
|
|
2008-11-07
|
|
U&M Software Signup 1.1 - Authentication Bypass
|
3 |
WEB
|
G4N0K
|
|
2008-11-07
|
|
e-Vision CMS 2.0.2 - Multiple Local File Inclusions
|
3 |
WEB
|
StAkeR
|
|
2008-11-07
|
|
Mole Group Pizza - 'manufacturers_id' SQL Injection
|
3 |
WEB
|
InjEctOr5
|
|
2008-11-07
|
|
TurnkeyForms Business Survey Pro 1.0 - 'id' SQL Injection
|
3 |
WEB
|
G4N0K
|
|
2008-11-07
|
|
TurnkeyForms Entertainment Portal 2.0 - Insecure Cookie Handling
|
3 |
WEB
|
G4N0K
|
|
2008-11-06
|
|
Prozilla Software Directory - Cross-Site Scripting / SQL Injection
|
3 |
WEB
|
G4N0K
|
|
2008-11-06
|
|
SoftComplex PHP Image Gallery - 'ctg' SQL Injection
|
3 |
WEB
|
Hussin X
|
|
2008-11-06
|
|
DELTAScripts PHP Shop 1.0 - Authentication Bypass
|
3 |
WEB
|
ZoRLu
|
|
2008-11-06
|
|
DELTAScripts PHP Links 1.3 - Authentication Bypass
|
3 |
WEB
|
ZoRLu
|
|
2008-11-06
|
|
DELTAScripts PHP Classifieds 7.5 - Authentication Bypass
|
3 |
WEB
|
ZoRLu
|
|
2008-11-06
|
|
LoveCMS 1.6.2 Final - Arbitrary File Delete
|
3 |
WEB
|
cOndemned
|
|
2008-11-06
|
|
SoftComplex PHP Image Gallery 1.0 - Authentication Bypass
|
3 |
WEB
|
Cyber-Zone
|
|
2008-11-06
|
|
MySQL Quick Admin 1.5.5 - Local File Inclusion
|
3 |
WEB
|
Vinod Sharma
|
|
2008-11-06
|
|
Arab Portal 2.1 (Windows) - Remote File Disclosure
|
3 |
WEB
|
Khashayar Fereidani
|
|
2008-11-06
|
|
NICE FAQ Script - Authentication Bypass
|
3 |
WEB
|
r45c4l
|
|
2008-11-06
|
|
Pre ADS Portal 2.0 - Authentication Bypass / Cross-Site Scripting
|
3 |
WEB
|
G4N0K
|
|
2008-11-06
|
|
DevelopItEasy Photo Gallery 1.2 - SQL Injection
|
2 |
WEB
|
InjEctOr5
|
|
2008-11-06
|
|
DevelopItEasy Membership System 1.3 - Authentication Bypass
|
3 |
WEB
|
InjEctOr5
|
|
2008-11-06
|
|
DevelopItEasy News And Article System 1.4 - SQL Injection
|
3 |
WEB
|
InjEctOr5
|
|
2008-11-06
|
|
DevelopItEasy Events Calendar 1.2 - Multiple SQL Injections
|
3 |
WEB
|
InjEctOr5
|
|
2008-11-06
|
|
hMAilServer 4.4.2 - 'PHPWebAdmin' File Inclusion
|
3 |
WEB
|
Nine:Situations:Group
|
|
2008-11-05
|
|
Simple Machines Forum (SMF) 1.1.6 - Local File Inclusion / Code Execution
|
3 |
WEB
|
~elmysterio
|
|
2008-11-05
|
|
Mole Group Taxi Calc Dist Script - Authentication Bypass
|
4 |
WEB
|
InjEctOr5
|
|
2008-11-05
|
|
Mole Group Airline Ticket Script - SQL Injection
|
4 |
WEB
|
InjEctOr5
|
|
2008-11-05
|
|
Pre Real Estate Listings - Authentication Bypass
|
4 |
WEB
|
Cyber-Zone
|
|
2008-11-05
|
|
Harlandscripts drinks - 'recid' SQL Injection
|
5 |
WEB
|
Ex Tacy
|
|
2008-11-05
|
|
PHP JOBWEBSITE PRO - Authentication Bypass
|
4 |
WEB
|
Cyber-Zone
|
|
2008-11-05
|
|
Pre Simple CMS - Authentication Bypass
|
4 |
WEB
|
Hussin X
|
|
2008-11-05
|
|
PHP Auto Listings - 'pg' SQL Injection
|
4 |
WEB
|
G4N0K
|
|
2008-11-05
|
|
Joomla! Component Dada Mail Manager 2.6 - Remote File Inclusion
|
4 |
WEB
|
NoGe
|
|
2008-11-05
|
|
DFLabs PTK 1.0 - Local Command Execution
|
3 |
WEB
|
ikki
|
|
2008-11-05
|
|
Pre Classified Listings - Insecure Cookie Handling
|
4 |
WEB
|
G4N0K
|
|
2008-11-05
|
|
PreProject Multi-Vendor Shopping Malls - Multiple Vulnerabilities
|
4 |
WEB
|
G4N0K
|
|
2008-11-05
|
|
Pre Shopping Mall - Insecure Cookie Handling
|
4 |
WEB
|
G4N0K
|
|
2008-11-05
|
|
Pre Podcast Portal - SQL Injection
|
4 |
WEB
|
G4N0K
|
|
2008-11-05
|
|
PHPX 3.5.16 - 'news_id' SQL Injection
|
4 |
WEB
|
StAkeR
|
|
2008-11-05
|
|
phpBB Mod Small ShoutBox 1.4 - Remote Edit/Delete Messages
|
4 |
WEB
|
StAkeR
|
|
2008-11-04
|
|
Simple Machines Forum (SMF) 1.1.6 - Code Execution
|
4 |
WEB
|
Charles Fol
|
|
2008-11-04
|
|
wotw 5.0 - Local/Remote File Inclusion
|
4 |
WEB
|
dun
|
|
2008-11-04
|
|
TR News 2.1 - 'login.php' Remote Authentication Bypass
|
5 |
WEB
|
StAkeR
|
|
2008-11-04
|
|
nicLOR Sito - includefile Local File Inclusion
|
4 |
WEB
|
StAkeR
|
|
2008-11-04
|
|
WEBBDOMAIN Post Card 1.02 - Authentication Bypass
|
3 |
WEB
|
x0r
|
|
2008-11-04
|
|
Tours Manager 1.0 - SQL Injection
|
2 |
WEB
|
G4N0K
|
|
2008-11-04
|
|
Simple Document Management System 1.1.4 - Authentication Bypass
|
4 |
WEB
|
Yuri
|
|
2008-11-04
|
|
WEBBDOMAIN Webshop 1.02 - Authentication Bypass
|
4 |
WEB
|
Hakxer
|
|
2008-11-04
|
|
WEBBDOMAIN Quiz 1.02 - Authentication Bypass
|
4 |
WEB
|
Hakxer
|
|
2008-11-04
|
|
WEBBDOMAIN Polls 1.01 - Authentication Bypass
|
4 |
WEB
|
Hakxer
|
|
2008-11-04
|
|
WEBBDOMAIN Petition 1.02/2.0/3.0 - Authentication Bypass
|
4 |
WEB
|
Hakxer
|
|
2008-11-04
|
|
CMS-School 2005 - 'showarticle.php' SQL Injection
|
4 |
WEB
|
Cyber-Zone
|
|
2008-11-04
|
|
Vibro-School-CMS - 'nID' SQL Injection
|
4 |
WEB
|
Cyber-Zone
|
|
2008-11-04
|
|
Joomla! Component ProDesk 1.0/1.2 - Local File Inclusion
|
4 |
WEB
|
d3v1l
|
|
2008-11-04
|
|
nicLOR Puglia Landscape - Local File Inclusion
|
4 |
WEB
|
StAkeR
|
|
2008-11-04
|
|
Vibro-CMS - Multiple SQL Injections
|
4 |
WEB
|
StAkeR
|
|
2008-11-04
|
|
WEBBDOMAIN Post Card 1.02 - 'catid' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-04
|
|
Joomla! Component ongumatimesheet20 4b - Remote File Inclusion
|
4 |
WEB
|
NoGe
|
|
2008-11-04
|
|
Joomla! Component VirtueMart Google Base 1.1 - Remote File Inclusion
|
4 |
WEB
|
NoGe
|
|
2008-11-04
|
|
WEBBDOMAIN WebShop 1.02 - SQL Injection / Cross-Site Scripting
|
4 |
WEB
|
G4N0K
|
|
2008-11-04
|
|
TBmnetCMS 1.0 - Local File Inclusion
|
4 |
WEB
|
d3v1l
|
|
2008-11-03
|
|
pppBlog 0.3.11 - File Disclosure
|
4 |
WEB
|
JosS
|
|
2008-11-03
|
|
MatPo Link 1.2b - Blind SQL Injection / Cross-Site Scripting
|
4 |
WEB
|
Hakxer
|
|
2008-11-03
|
|
Apoll 0.7b - Authentication Bypass
|
4 |
WEB
|
ZoRLu
|
|
2008-11-03
|
|
Acc Autos 4.0 - Insecure Cookie Handling
|
4 |
WEB
|
x0r
|
|
2008-11-03
|
|
MatPo Link 1.2b - SQL Injection
|
4 |
WEB
|
ZoRLu
|
|
2008-11-03
|
|
Acc PHP eMail 1.1 - Insecure Cookie Handling
|
4 |
WEB
|
Hakxer
|
|
2008-11-03
|
|
Acc Statistics 1.1 - Insecure Cookie Handling
|
4 |
WEB
|
Hakxer
|
|
2008-11-03
|
|
Acc Real Estate 4.0 - Insecure Cookie Handling
|
4 |
WEB
|
Hakxer
|
|
2008-11-03
|
|
BosClassifieds - 'cat_id' SQL Injection
|
5 |
WEB
|
ZoRLu
|
|
2008-11-02
|
|
DZCP (deV!L_z Clanportal) 1.4.9.6 - Blind SQL Injection
|
4 |
WEB
|
anonymous
|
|
2008-11-02
|
|
1st News - SQL Injection
|
4 |
WEB
|
TR-ShaRk
|
|
2008-11-02
|
|
Maran PHP Shop - 'prodshow.php' SQL Injection
|
4 |
WEB
|
d3v1l
|
|
2008-11-02
|
|
NetRisk 2.0 - Cross-Site Scripting / SQL Injection
|
4 |
WEB
|
StAkeR
|
|
2008-11-02
|
|
Apartment Search Script - Arbitrary File Upload / Cross-Site Scripting
|
4 |
WEB
|
ZoRLu
|
|
2008-11-02
|
|
Joovili 3.1.4 - Insecure Cookie Handling
|
4 |
WEB
|
ZoRLu
|
|
2008-11-02
|
|
Maran PHP Shop - 'admin.php' Insecure Cookie Handling
|
4 |
WEB
|
JosS
|
|
2008-11-02
|
|
Maran PHP Shop - 'prod.php' SQL Injection
|
4 |
WEB
|
JosS
|
|
2008-11-02
|
|
YourFreeWorld Shopping Cart - Blind SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-02
|
|
Downline Goldmine newdownlinebuilder - SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-02
|
|
Downline Goldmine paidversion - SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld URL Rotator - SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Classifieds Hosting - SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
Downline Goldmine Category Addon - SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
Downline Goldmine Builder - SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Classifieds - 'category' SQL Injection
|
3 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Classifieds Blaster - SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Reminder Service - SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Scrolling Text Ads - SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Viral Marketing - SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Short Url & Url Tracker - SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Forced Matrix Script - SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Autoresponder Hosting - 'tr.php' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Blog Blaster - 'tr.php' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Banner Management - SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Downline Builder - 'tr.php' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
Shahrood - Blind SQL Injection
|
4 |
WEB
|
BazOka-HaCkEr
|
|
2008-11-01
|
|
Micro CMS 0.3.5 - Remote Add/Delete/Password Change
|
4 |
WEB
|
StAkeR
|
|
2008-11-01
|
|
AJ Article 1.0 - Authentication Bypass
|
4 |
WEB
|
Hakxer
|
|
2008-11-01
|
|
YourFreeWorld Programs Rating - SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
GO4I.NET ASP Forum 1.0 - SQL Injection
|
4 |
WEB
|
Bl@ckbe@rD
|
|
2008-11-01
|
|
Graugon PHP Article Publisher Pro 1.5 - Insecure Cookie Handling
|
4 |
WEB
|
ZoRLu
|
|
2008-11-01
|
|
Joomla! Component Flash Tree Gallery 1.0 - Remote File Inclusion
|
4 |
WEB
|
NoGe
|
|
2008-11-01
|
|
Bloggie Lite 0.0.2 Beta - Insecure Cookie Handling / SQL Injection
|
4 |
WEB
|
JosS
|
|
2008-11-01
|
|
SFS EZ Gaming Cheats - SQL Injection
|
4 |
WEB
|
ZoRLu
|
|
2008-11-01
|
|
SFS EZ Pub Site - SQL Injection
|
4 |
WEB
|
Hakxer
|
|
2008-11-01
|
|
SFS EZ Webstore - 'where' SQL Injection
|
5 |
WEB
|
ZoRLu
|
|
2008-10-31
|
|
SFS EZ Top Sites - SQL Injection
|
5 |
WEB
|
Stack
|
|
2008-10-31
|
|
SFS EZ Career - SQL Injection
|
4 |
WEB
|
Stack
|
|
2008-10-31
|
|
SFS EZ Auction - Blind SQL Injection
|
5 |
WEB
|
Stack
|
|
2008-10-31
|
|
Article Publisher PRO - 'userid' SQL Injection
|
4 |
WEB
|
Stack
|
|
2008-10-31
|
|
ModernBill 4.4.x - Cross-Site Scripting / Remote File Inclusion
|
4 |
WEB
|
nigh7f411
|
|
2008-10-31
|
|
SFS EZ Software - 'id' SQL Injection
|
3 |
WEB
|
x0r
|
|
2008-10-31
|
|
SFS EZ Hot or Not - 'phid' SQL Injection
|
4 |
WEB
|
d3b4g
|
|
2008-10-31
|
|
SFS EZ Webring - 'cat' SQL Injection
|
4 |
WEB
|
d3b4g
|
|
2008-10-31
|
|
Article Publisher PRO 1.5 - Authentication Bypass
|
4 |
WEB
|
Hakxer
|
|
2008-10-31
|
|
SFS EZ Affiliate - 'cat_id' SQL Injection
|
4 |
WEB
|
d3b4g
|
|
2008-10-31
|
|
SFS EZ BIZ PRO - SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-10-31
|
|
Adult Banner Exchange Website - 'targetid' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-10-31
|
|
SFS EZ Link Directory - 'cat_id' SQL Injection
|
4 |
WEB
|
BeyazKurt
|
|
2008-10-31
|
|
SFS EZ Home Business Directory - 'cat_id' SQL Injection
|
4 |
WEB
|
BeyazKurt
|
|
2008-10-31
|
|
SFS EZ Gaming Directory - 'cat_id' SQL Injection
|
4 |
WEB
|
BeyazKurt
|
|
2008-10-31
|
|
SFS EZ Hosting Directory - 'cat_id' SQL Injection
|
4 |
WEB
|
BeyazKurt
|
|
2008-10-31
|
|
Absolute NewsLetter 6.1 - Insecure Cookie Handling
|
4 |
WEB
|
x0r
|
|
2008-10-31
|
|
SFS EZ HotScripts-like Site - 'cid' SQL Injection
|
4 |
WEB
|
TR-ShaRk
|
