|
2008-11-08
|
|
Zeeways Shaadi Clone 2.0 - Authentication Bypass (1)
|
6 |
WEB
|
G4N0K
|
|
2008-11-08
|
|
Cyberfolio 7.12.2 - 'theme' Local File Inclusion
|
7 |
WEB
|
dun
|
|
2008-11-08
|
|
Mambo Component n-form - 'form_id' Blind SQL Injection
|
7 |
WEB
|
boom3rang
|
|
2008-11-08
|
|
V3 Chat Profiles/Dating Script 3.0.2 - Insecure Cookie Handling
|
7 |
WEB
|
Stack
|
|
2008-11-08
|
|
Zeeways ZeeJobsite 2.0 - Arbitrary File Upload
|
7 |
WEB
|
ZoRLu
|
|
2008-11-08
|
|
V3 Chat Profiles/Dating Script 3.0.2 - Authentication Bypass
|
7 |
WEB
|
d3b4g
|
|
2008-11-08
|
|
Enthusiast 3.1.4 - 'show_joined.php' Remote File Inclusion
|
7 |
WEB
|
BugReport.IR
|
|
2008-11-08
|
|
zeeproperty 1.0 - Arbitrary File Upload / Cross-Site Scripting
|
7 |
WEB
|
ZoRLu
|
|
2008-11-08
|
|
MemHT Portal 4.0 - Remote Code Execution
|
7 |
WEB
|
Ams
|
|
2008-11-07
|
|
Myiosoft EasyBookMarker 4 - 'Parent' SQL Injection
|
7 |
WEB
|
G4N0K
|
|
2008-11-07
|
|
Domain Seller Pro 1.5 - 'id' SQL Injection
|
7 |
WEB
|
TR-ShaRk
|
|
2008-11-07
|
|
E-topbiz Number Links 1 - 'id' SQL Injection
|
6 |
WEB
|
Hussin X
|
|
2008-11-07
|
|
Mini Web Calendar 1.2 - File Disclosure / Cross-Site Scripting
|
7 |
WEB
|
ahmadbady
|
|
2008-11-07
|
|
E-topbiz Online Store 1 - 'cat_id' SQL Injection
|
7 |
WEB
|
Stack
|
|
2008-11-07
|
|
DELTAScripts PHP Classifieds 7.5 - SQL Injection
|
7 |
WEB
|
ZoRLu
|
|
2008-11-07
|
|
MyioSoft EasyCalendar - Authentication Bypass
|
6 |
WEB
|
ZoRLu
|
|
2008-11-07
|
|
MyioSoft EasyBookMarker 4.0 - Authentication Bypass
|
6 |
WEB
|
ZoRLu
|
|
2008-11-07
|
|
MyioSoft Ajax Portal 3.0 - Authentication Bypass
|
7 |
WEB
|
ZoRLu
|
|
2008-11-07
|
|
Mole Group Rental Script - Authentication Bypass
|
7 |
WEB
|
Cyber-Zone
|
|
2008-11-07
|
|
PHP Auto Listings Script - Authentication Bypass
|
7 |
WEB
|
r45c4l
|
|
2008-11-07
|
|
E-topbiz Online Store 1 - Authentication Bypass
|
6 |
WEB
|
ZoRLu
|
|
2008-11-07
|
|
Joomla! Component Feederator 1.0.5 - Multiple Remote File Inclusions
|
7 |
WEB
|
NoGe
|
|
2008-11-07
|
|
Joomla! Component Recly!Competitions 1.0.0 - Multiple Remote File Inclusions
|
7 |
WEB
|
NoGe
|
|
2008-11-07
|
|
Joomla! Component ClickHeat 1.0.1 - Multiple Remote File Inclusions
|
7 |
WEB
|
NoGe
|
|
2008-11-07
|
|
TurnkeyForms Local Classifieds - Cross-Site Scripting / SQL Injection
|
7 |
WEB
|
TR-ShaRk
|
|
2008-11-07
|
|
U&M Software Event Lister 1.0 - Authentication Bypass
|
7 |
WEB
|
G4N0K
|
|
2008-11-07
|
|
U&M Software JustBookIt 1.0 - Authentication Bypass
|
6 |
WEB
|
G4N0K
|
|
2008-11-07
|
|
U&M Software Signup 1.1 - Authentication Bypass
|
7 |
WEB
|
G4N0K
|
|
2008-11-07
|
|
e-Vision CMS 2.0.2 - Multiple Local File Inclusions
|
7 |
WEB
|
StAkeR
|
|
2008-11-07
|
|
Mole Group Pizza - 'manufacturers_id' SQL Injection
|
7 |
WEB
|
InjEctOr5
|
|
2008-11-07
|
|
TurnkeyForms Business Survey Pro 1.0 - 'id' SQL Injection
|
7 |
WEB
|
G4N0K
|
|
2008-11-07
|
|
TurnkeyForms Entertainment Portal 2.0 - Insecure Cookie Handling
|
7 |
WEB
|
G4N0K
|
|
2008-11-06
|
|
Prozilla Software Directory - Cross-Site Scripting / SQL Injection
|
7 |
WEB
|
G4N0K
|
|
2008-11-06
|
|
SoftComplex PHP Image Gallery - 'ctg' SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-06
|
|
DELTAScripts PHP Shop 1.0 - Authentication Bypass
|
7 |
WEB
|
ZoRLu
|
|
2008-11-06
|
|
DELTAScripts PHP Links 1.3 - Authentication Bypass
|
7 |
WEB
|
ZoRLu
|
|
2008-11-06
|
|
DELTAScripts PHP Classifieds 7.5 - Authentication Bypass
|
7 |
WEB
|
ZoRLu
|
|
2008-11-06
|
|
LoveCMS 1.6.2 Final - Arbitrary File Delete
|
7 |
WEB
|
cOndemned
|
|
2008-11-06
|
|
SoftComplex PHP Image Gallery 1.0 - Authentication Bypass
|
7 |
WEB
|
Cyber-Zone
|
|
2008-11-06
|
|
MySQL Quick Admin 1.5.5 - Local File Inclusion
|
7 |
WEB
|
Vinod Sharma
|
|
2008-11-06
|
|
Arab Portal 2.1 (Windows) - Remote File Disclosure
|
7 |
WEB
|
Khashayar Fereidani
|
|
2008-11-06
|
|
NICE FAQ Script - Authentication Bypass
|
7 |
WEB
|
r45c4l
|
|
2008-11-06
|
|
Pre ADS Portal 2.0 - Authentication Bypass / Cross-Site Scripting
|
7 |
WEB
|
G4N0K
|
|
2008-11-06
|
|
DevelopItEasy Photo Gallery 1.2 - SQL Injection
|
7 |
WEB
|
InjEctOr5
|
|
2008-11-06
|
|
DevelopItEasy Membership System 1.3 - Authentication Bypass
|
7 |
WEB
|
InjEctOr5
|
|
2008-11-06
|
|
DevelopItEasy News And Article System 1.4 - SQL Injection
|
7 |
WEB
|
InjEctOr5
|
|
2008-11-06
|
|
DevelopItEasy Events Calendar 1.2 - Multiple SQL Injections
|
7 |
WEB
|
InjEctOr5
|
|
2008-11-06
|
|
hMAilServer 4.4.2 - 'PHPWebAdmin' File Inclusion
|
7 |
WEB
|
Nine:Situations:Group
|
|
2008-11-05
|
|
Simple Machines Forum (SMF) 1.1.6 - Local File Inclusion / Code Execution
|
6 |
WEB
|
~elmysterio
|
|
2008-11-05
|
|
Mole Group Taxi Calc Dist Script - Authentication Bypass
|
7 |
WEB
|
InjEctOr5
|
|
2008-11-05
|
|
Mole Group Airline Ticket Script - SQL Injection
|
7 |
WEB
|
InjEctOr5
|
|
2008-11-05
|
|
Pre Real Estate Listings - Authentication Bypass
|
7 |
WEB
|
Cyber-Zone
|
|
2008-11-05
|
|
Harlandscripts drinks - 'recid' SQL Injection
|
8 |
WEB
|
Ex Tacy
|
|
2008-11-05
|
|
PHP JOBWEBSITE PRO - Authentication Bypass
|
7 |
WEB
|
Cyber-Zone
|
|
2008-11-05
|
|
Pre Simple CMS - Authentication Bypass
|
7 |
WEB
|
Hussin X
|
|
2008-11-05
|
|
PHP Auto Listings - 'pg' SQL Injection
|
7 |
WEB
|
G4N0K
|
|
2008-11-05
|
|
Joomla! Component Dada Mail Manager 2.6 - Remote File Inclusion
|
8 |
WEB
|
NoGe
|
|
2008-11-05
|
|
DFLabs PTK 1.0 - Local Command Execution
|
6 |
WEB
|
ikki
|
|
2008-11-05
|
|
Pre Classified Listings - Insecure Cookie Handling
|
7 |
WEB
|
G4N0K
|
|
2008-11-05
|
|
PreProject Multi-Vendor Shopping Malls - Multiple Vulnerabilities
|
7 |
WEB
|
G4N0K
|
|
2008-11-05
|
|
Pre Shopping Mall - Insecure Cookie Handling
|
7 |
WEB
|
G4N0K
|
|
2008-11-05
|
|
Pre Podcast Portal - SQL Injection
|
7 |
WEB
|
G4N0K
|
|
2008-11-05
|
|
PHPX 3.5.16 - 'news_id' SQL Injection
|
7 |
WEB
|
StAkeR
|
|
2008-11-05
|
|
phpBB Mod Small ShoutBox 1.4 - Remote Edit/Delete Messages
|
6 |
WEB
|
StAkeR
|
|
2008-11-04
|
|
Simple Machines Forum (SMF) 1.1.6 - Code Execution
|
7 |
WEB
|
Charles Fol
|
|
2008-11-04
|
|
wotw 5.0 - Local/Remote File Inclusion
|
7 |
WEB
|
dun
|
|
2008-11-04
|
|
TR News 2.1 - 'login.php' Remote Authentication Bypass
|
8 |
WEB
|
StAkeR
|
|
2008-11-04
|
|
nicLOR Sito - includefile Local File Inclusion
|
7 |
WEB
|
StAkeR
|
|
2008-11-04
|
|
WEBBDOMAIN Post Card 1.02 - Authentication Bypass
|
6 |
WEB
|
x0r
|
|
2008-11-04
|
|
Tours Manager 1.0 - SQL Injection
|
6 |
WEB
|
G4N0K
|
|
2008-11-04
|
|
Simple Document Management System 1.1.4 - Authentication Bypass
|
7 |
WEB
|
Yuri
|
|
2008-11-04
|
|
WEBBDOMAIN Webshop 1.02 - Authentication Bypass
|
7 |
WEB
|
Hakxer
|
|
2008-11-04
|
|
WEBBDOMAIN Quiz 1.02 - Authentication Bypass
|
7 |
WEB
|
Hakxer
|
|
2008-11-04
|
|
WEBBDOMAIN Polls 1.01 - Authentication Bypass
|
7 |
WEB
|
Hakxer
|
|
2008-11-04
|
|
WEBBDOMAIN Petition 1.02/2.0/3.0 - Authentication Bypass
|
7 |
WEB
|
Hakxer
|
|
2008-11-04
|
|
CMS-School 2005 - 'showarticle.php' SQL Injection
|
7 |
WEB
|
Cyber-Zone
|
|
2008-11-04
|
|
Vibro-School-CMS - 'nID' SQL Injection
|
7 |
WEB
|
Cyber-Zone
|
|
2008-11-04
|
|
Joomla! Component ProDesk 1.0/1.2 - Local File Inclusion
|
7 |
WEB
|
d3v1l
|
|
2008-11-04
|
|
nicLOR Puglia Landscape - Local File Inclusion
|
7 |
WEB
|
StAkeR
|
|
2008-11-04
|
|
Vibro-CMS - Multiple SQL Injections
|
7 |
WEB
|
StAkeR
|
|
2008-11-04
|
|
WEBBDOMAIN Post Card 1.02 - 'catid' SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-04
|
|
Joomla! Component ongumatimesheet20 4b - Remote File Inclusion
|
7 |
WEB
|
NoGe
|
|
2008-11-04
|
|
Joomla! Component VirtueMart Google Base 1.1 - Remote File Inclusion
|
7 |
WEB
|
NoGe
|
|
2008-11-04
|
|
WEBBDOMAIN WebShop 1.02 - SQL Injection / Cross-Site Scripting
|
7 |
WEB
|
G4N0K
|
|
2008-11-04
|
|
TBmnetCMS 1.0 - Local File Inclusion
|
7 |
WEB
|
d3v1l
|
|
2008-11-03
|
|
pppBlog 0.3.11 - File Disclosure
|
7 |
WEB
|
JosS
|
|
2008-11-03
|
|
MatPo Link 1.2b - Blind SQL Injection / Cross-Site Scripting
|
7 |
WEB
|
Hakxer
|
|
2008-11-03
|
|
Apoll 0.7b - Authentication Bypass
|
7 |
WEB
|
ZoRLu
|
|
2008-11-03
|
|
Acc Autos 4.0 - Insecure Cookie Handling
|
7 |
WEB
|
x0r
|
|
2008-11-03
|
|
MatPo Link 1.2b - SQL Injection
|
7 |
WEB
|
ZoRLu
|
|
2008-11-03
|
|
Acc PHP eMail 1.1 - Insecure Cookie Handling
|
7 |
WEB
|
Hakxer
|
|
2008-11-03
|
|
Acc Statistics 1.1 - Insecure Cookie Handling
|
7 |
WEB
|
Hakxer
|
|
2008-11-03
|
|
Acc Real Estate 4.0 - Insecure Cookie Handling
|
7 |
WEB
|
Hakxer
|
|
2008-11-03
|
|
BosClassifieds - 'cat_id' SQL Injection
|
8 |
WEB
|
ZoRLu
|
|
2008-11-02
|
|
DZCP (deV!L_z Clanportal) 1.4.9.6 - Blind SQL Injection
|
7 |
WEB
|
anonymous
|
|
2008-11-02
|
|
1st News - SQL Injection
|
8 |
WEB
|
TR-ShaRk
|
|
2008-11-02
|
|
Maran PHP Shop - 'prodshow.php' SQL Injection
|
7 |
WEB
|
d3v1l
|
|
2008-11-02
|
|
NetRisk 2.0 - Cross-Site Scripting / SQL Injection
|
7 |
WEB
|
StAkeR
|
|
2008-11-02
|
|
Apartment Search Script - Arbitrary File Upload / Cross-Site Scripting
|
7 |
WEB
|
ZoRLu
|
|
2008-11-02
|
|
Joovili 3.1.4 - Insecure Cookie Handling
|
7 |
WEB
|
ZoRLu
|
|
2008-11-02
|
|
Maran PHP Shop - 'admin.php' Insecure Cookie Handling
|
7 |
WEB
|
JosS
|
|
2008-11-02
|
|
Maran PHP Shop - 'prod.php' SQL Injection
|
7 |
WEB
|
JosS
|
|
2008-11-02
|
|
YourFreeWorld Shopping Cart - Blind SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-02
|
|
Downline Goldmine newdownlinebuilder - SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-02
|
|
Downline Goldmine paidversion - SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld URL Rotator - SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Classifieds Hosting - SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
Downline Goldmine Category Addon - SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
Downline Goldmine Builder - SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Classifieds - 'category' SQL Injection
|
6 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Classifieds Blaster - SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Reminder Service - SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Scrolling Text Ads - SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Viral Marketing - SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Short Url & Url Tracker - SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Forced Matrix Script - SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Autoresponder Hosting - 'tr.php' SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Blog Blaster - 'tr.php' SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Banner Management - SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
YourFreeWorld Downline Builder - 'tr.php' SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
Shahrood - Blind SQL Injection
|
7 |
WEB
|
BazOka-HaCkEr
|
|
2008-11-01
|
|
Micro CMS 0.3.5 - Remote Add/Delete/Password Change
|
7 |
WEB
|
StAkeR
|
|
2008-11-01
|
|
AJ Article 1.0 - Authentication Bypass
|
7 |
WEB
|
Hakxer
|
|
2008-11-01
|
|
YourFreeWorld Programs Rating - SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-11-01
|
|
GO4I.NET ASP Forum 1.0 - SQL Injection
|
7 |
WEB
|
Bl@ckbe@rD
|
