|
2008-10-31
|
|
Absolute FAQ Manager 6.0 - Insecure Cookie Handling
|
4 |
WEB
|
Hakxer
|
|
2008-10-31
|
|
Absolute News Feed 1.0 - Remote Insecure Cookie Handling
|
4 |
WEB
|
Hakxer
|
|
2008-10-31
|
|
Absolute News Manager 5.1 - Insecure Cookie Handling
|
5 |
WEB
|
Hakxer
|
|
2008-10-31
|
|
U-Mail Webmail 4.91 - 'edit.php' Arbitrary File Write
|
4 |
WEB
|
Shennan Wang
|
|
2008-10-31
|
|
cPanel 11.x - Cross-Site Scripting / Local File Inclusion
|
4 |
WEB
|
Khashayar Fereidani
|
|
2008-10-31
|
|
Logz podcast CMS 1.3.1 - 'art' SQL Injection
|
4 |
WEB
|
ZoRLu
|
|
2008-10-31
|
|
SFS EZ Adult Directory - 'directory.php' SQL Injection
|
3 |
WEB
|
Hurley
|
|
2008-10-31
|
|
SFS EZ Gaming Directory - 'directory.php' SQL Injection
|
4 |
WEB
|
Hurley
|
|
2008-10-31
|
|
Absolute Control Panel XE 1.5 - Insecure Cookie Handling
|
4 |
WEB
|
Hakxer
|
|
2008-10-31
|
|
Absolute Live Support 5.1 - Insecure Cookie Handling
|
4 |
WEB
|
Hakxer
|
|
2008-10-31
|
|
Absolute Form Processor 4.0 - Insecure Cookie Handling
|
4 |
WEB
|
Hakxer
|
|
2008-10-31
|
|
Absolute Banner Manager - Insecure Cookie Handling
|
4 |
WEB
|
Hakxer
|
|
2008-10-31
|
|
Absolute Content Rotator 6.0 - Insecure Cookie Handling
|
4 |
WEB
|
Hakxer
|
|
2008-10-31
|
|
Tribiq CMS 5.0.10a (Windows) - Local File Inclusion
|
4 |
WEB
|
GoLd_M
|
|
2008-10-31
|
|
Cybershade CMS 0.2b - Remote File Inclusion
|
4 |
WEB
|
w0cker
|
|
2008-10-31
|
|
Tribiq CMS 5.0.9a (Beta) - Insecure Cookie Handling
|
4 |
WEB
|
ZoRLu
|
|
2008-10-31
|
|
e107 Plugin lyrics_menu - 'l_id' SQL Injection
|
4 |
WEB
|
ZoRLu
|
|
2008-10-30
|
|
Absolute Poll Manager XE 4.1 - Insecure Cookie Handling
|
4 |
WEB
|
Hakxer
|
|
2008-10-30
|
|
Absolute Podcast 1.0 - Remote Insecure Cookie Handling
|
3 |
WEB
|
Hakxer
|
|
2008-10-30
|
|
Absolute File Send 1.0 - Remote Insecure Cookie Handling
|
4 |
WEB
|
Hakxer
|
|
2008-10-30
|
|
MyPHP Forum 3.0 - Edit Topics / Blind SQL Injection
|
4 |
WEB
|
StAkeR
|
|
2008-10-29
|
|
Pro Traffic One - 'poll_results.php' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-10-29
|
|
Venalsur on-line Booking Centre - Cross-Site Scripting / SQL Injection
|
5 |
WEB
|
d3b4g
|
|
2008-10-29
|
|
Harlandscripts Pro Traffic One - 'mypage.php' SQL Injection
|
4 |
WEB
|
Beenu Arora
|
|
2008-10-29
|
|
WebCards 1.3 - SQL Injection
|
3 |
WEB
|
t0pP8uZz
|
|
2008-10-29
|
|
Mambo Component SimpleBoard 1.0.1 - Arbitrary File Upload
|
4 |
WEB
|
t0pP8uZz
|
|
2008-10-29
|
|
WordPress Plugin E-Commerce 3.4 - Arbitrary File Upload
|
4 |
WEB
|
t0pP8uZz
|
|
2008-10-29
|
|
7Shop 1.1 - Arbitrary File Upload
|
4 |
WEB
|
t0pP8uZz
|
|
2008-10-29
|
|
e107 plugin fm pro 1 - File Disclosure / Arbitrary File Upload / Directory Traversal
|
4 |
WEB
|
GoLd_M
|
|
2008-10-29
|
|
Sepal SPBOARD 4.5 - 'board.cgi' Remote Command Execution
|
4 |
WEB
|
GoLd_M
|
|
2008-10-29
|
|
H2O-CMS 3.4 - Insecure Cookie Handling
|
4 |
WEB
|
Stack
|
|
2008-10-28
|
|
H2O-CMS 3.4 - Remote Command Execution
|
4 |
WEB
|
StAkeR
|
|
2008-10-28
|
|
TlGuestBook 1.2 - Insecure Cookie Handling
|
4 |
WEB
|
x0r
|
|
2008-10-28
|
|
Agares ThemeSiteScript 1.0 - 'loadadminpage' Remote File Inclusion
|
3 |
WEB
|
DaRkLiFe
|
|
2008-10-28
|
|
PersianBB - 'id' SQL Injection
|
3 |
WEB
|
Hussin X
|
|
2008-10-28
|
|
MyForum 1.3 - Insecure Cookie Handling
|
3 |
WEB
|
Stack
|
|
2008-10-28
|
|
e107 Plugin BLOG Engine 2.1.4 - SQL Injection
|
3 |
WEB
|
ZoRLu
|
|
2008-10-27
|
|
MyKtools 2.4 - Arbitrary Database Backup
|
4 |
WEB
|
Stack
|
|
2008-10-27
|
|
AIOCP 1.4 - 'poll_id' SQL Injection
|
4 |
WEB
|
ExSploiters
|
|
2008-10-27
|
|
QuestCMS - Cross-Site Scripting / Directory Traversal / SQL Injection
|
4 |
WEB
|
d3b4g
|
|
2008-10-27
|
|
e107 Plugin EasyShop - 'category_id' Blind SQL Injection
|
5 |
WEB
|
StAkeR
|
|
2008-10-27
|
|
MyKtools 2.4 - 'langage' Local File Inclusion
|
4 |
WEB
|
x0r
|
|
2008-10-27
|
|
e107 Plugin alternate_profiles - 'id' SQL Injection
|
4 |
WEB
|
boom3rang
|
|
2008-10-27
|
|
TlAds 1.0 - Remote Insecure Cookie Handling
|
4 |
WEB
|
x0r
|
|
2008-10-27
|
|
Persia BME E-Catalogue - SQL Injection
|
3 |
WEB
|
BugReport.IR
|
|
2008-10-27
|
|
MyForum 1.3 - 'padmin' Local File Inclusion
|
4 |
WEB
|
Vrs-hCk
|
|
2008-10-26
|
|
Ads Pro - 'dhtml.pl' Remote Command Execution
|
4 |
WEB
|
S0l1D
|
|
2008-10-26
|
|
MyForum 1.3 - 'lecture.php' SQL Injection
|
4 |
WEB
|
Vrs-hCk
|
|
2008-10-26
|
|
SFS Ez Forum - SQL Injection
|
4 |
WEB
|
Hurley
|
|
2008-10-26
|
|
WordPress Plugin Media Holder - SQL Injection
|
4 |
WEB
|
boom3rang
|
|
2008-10-26
|
|
PozScripts Classified Auctions - 'gotourl.php?id' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-10-25
|
|
Kasra CMS - 'index.php' Multiple SQL Injections
|
4 |
WEB
|
G4N0K
|
|
2008-10-25
|
|
Tlnews 2.2 - Insecure Cookie Handling
|
4 |
WEB
|
x0r
|
|
2008-10-24
|
|
BuzzyWall 1.3.1 - 'id' Remote File Disclosure
|
4 |
WEB
|
b3hz4d
|
|
2008-10-24
|
|
phpdaily - SQL Injection / Cross-Site Scripting / Local File Download
|
4 |
WEB
|
0xFFFFFF
|
|
2008-10-24
|
|
NEPT Image Uploader 1.0 - Arbitrary File Upload
|
4 |
WEB
|
Dentrasi
|
|
2008-10-24
|
|
Aj RSS Reader - 'url' SQL Injection
|
4 |
WEB
|
yassine_enp
|
|
2008-10-24
|
|
Joomla! Component Kbase 1.0 - SQL Injection
|
4 |
WEB
|
H!tm@N
|
|
2008-10-24
|
|
Joomla! Component archaic binary Gallery 0.2 - Directory Traversal
|
4 |
WEB
|
H!tm@N
|
|
2008-10-23
|
|
SiteEngine 5.x - Multiple Vulnerabilities
|
4 |
WEB
|
xy7
|
|
2008-10-23
|
|
WebSVN 2.0 - Cross-Site Scripting / File Handling / Code Execution
|
4 |
WEB
|
GulfTech Security
|
|
2008-10-23
|
|
miniPortail 2.2 - Cross-Site Scripting / Local File Inclusion
|
3 |
WEB
|
StAkeR
|
|
2008-10-23
|
|
MindDezign Photo Gallery 2.2 - Arbitrary Add Admin
|
4 |
WEB
|
CWH Underground
|
|
2008-10-23
|
|
MindDezign Photo Gallery 2.2 - SQL Injection
|
5 |
WEB
|
CWH Underground
|
|
2008-10-23
|
|
aflog 1.01 - Multiple Insecure Cookie Handling Vulnerabilities
|
4 |
WEB
|
JosS
|
|
2008-10-23
|
|
Joomla! Component RWCards 3.0.11 - Local File Inclusion
|
4 |
WEB
|
Vrs-hCk
|
|
2008-10-23
|
|
txtshop 1.0b (Windows) - 'Language' Local File Inclusion
|
4 |
WEB
|
Pepelux
|
|
2008-10-23
|
|
CSPartner 1.0 - Delete All Users / SQL Injection
|
4 |
WEB
|
StAkeR
|
|
2008-10-22
|
|
YDC - 'cat' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-10-22
|
|
DorsaCMS - 'ShowPage.aspx' SQL Injection
|
4 |
WEB
|
syst3m_f4ult
|
|
2008-10-22
|
|
Joomla! Component ionFiles 4.4.2 - File Disclosure
|
4 |
WEB
|
Vrs-hCk
|
|
2008-10-22
|
|
LoudBlog 0.8.0a - 'ajax.php' SQL Injection
|
4 |
WEB
|
Xianur0
|
|
2008-10-22
|
|
phpcrs 2.06 - 'importFunction' Local File Inclusion
|
4 |
WEB
|
Pepelux
|
|
2008-10-22
|
|
Iamma Simple Gallery 1.0/2.0 - Arbitrary File Upload
|
6 |
WEB
|
x0r
|
|
2008-10-22
|
|
Joomla! Component Daily Message 1.0.3 - 'id' SQL Injection
|
5 |
WEB
|
H!tm@N
|
|
2008-10-21
|
|
ShopMaker CMS 1.0 - 'id' SQL Injection
|
5 |
WEB
|
Hussin X
|
|
2008-10-21
|
|
LightBlog 9.8 - 'GET' / 'POST' / 'COOKIE' Local File Inclusion
|
4 |
WEB
|
JosS
|
|
2008-10-21
|
|
Limbo CMS - Private Messaging Component SQL Injection
|
5 |
WEB
|
StAkeR
|
|
2008-10-20
|
|
XOOPS Module makale 0.26 - SQL Injection
|
4 |
WEB
|
EcHoLL
|
|
2008-10-20
|
|
Joomla! Component ds-syndicate - 'feed_id' SQL Injection
|
4 |
WEB
|
boom3rang
|
|
2008-10-19
|
|
e107 < 0.7.13 - 'usersettings.php' Blind SQL Injection
|
4 |
WEB
|
girex
|
|
2008-10-20
|
|
WBB Plugin rGallery 1.09 - 'itemID' Blind SQL Injection
|
4 |
WEB
|
Five-Three-Nine
|
|
2008-10-19
|
|
Vivvo CMS 3.4 - Multiple Vulnerabilities
|
4 |
WEB
|
Xianur0
|
|
2008-10-19
|
|
Yappa-ng 2.3.3-beta0 - 'album' Local File Inclusion
|
4 |
WEB
|
Vrs-hCk
|
|
2008-10-19
|
|
Fast Click SQL 1.1.7 Lite - 'init.php' Remote File Inclusion
|
4 |
WEB
|
NoGe
|
|
2008-10-18
|
|
PHP Easy Downloader 1.5 - Remote File Creation
|
4 |
WEB
|
StAkeR
|
|
2008-10-18
|
|
Nuke ET 3.4 - 'FCKeditor' Arbitrary File Upload
|
4 |
WEB
|
EgiX
|
|
2008-10-18
|
|
miniBloggie 1.0 - 'del.php' Blind SQL Injection
|
3 |
WEB
|
StAkeR
|
|
2008-10-18
|
|
Meeting Room Booking System (MRBS) < 1.4 - SQL Injection
|
4 |
WEB
|
Xianur0
|
|
2008-10-18
|
|
zeeproperty - 'adid' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-10-18
|
|
phpFastNews 1.0.0 - Insecure Cookie Handling
|
4 |
WEB
|
Qabandi
|
|
2008-10-18
|
|
XOOPS Module GesGaleri - SQL Injection
|
4 |
WEB
|
EcHoLL
|
|
2008-10-17
|
|
WordPress Plugin st_newsletter - 'stnl_iframe.php' SQL Injection
|
4 |
WEB
|
r45c4l
|
|
2008-10-16
|
|
Post Affiliate Pro 2.0 - 'md' Local File Inclusion
|
3 |
WEB
|
ZeN
|
|
2008-10-16
|
|
Calendars for the Web 4.02 - Admin Authentication Bypass
|
4 |
WEB
|
SecVuln
|
|
2008-10-16
|
|
PHP Easy Downloader 1.5 - 'file' File Disclosure
|
4 |
WEB
|
LMaster
|
|
2008-10-16
|
|
iGaming CMS 2.0 Alpha 1 - 'search.php' SQL Injection
|
4 |
WEB
|
StAkeR
|
|
2008-10-16
|
|
Mantis Bug Tracker 1.1.3 - Remote Code Execution
|
4 |
WEB
|
EgiX
|
|
2008-10-16
|
|
Kure 0.6.3 - 'index.php' Local File Inclusion
|
4 |
WEB
|
JosS
|
|
2008-10-16
|
|
PokerMax Poker League 0.13 - Insecure Cookie Handling
|
4 |
WEB
|
DaRkLiFe
|
|
2008-10-16
|
|
IP Reg 0.4 - Multiple SQL Injections
|
4 |
WEB
|
JosS
|
|
2008-10-16
|
|
Mic_blog 0.0.3 - SQL Injection / Privilege Escalation
|
4 |
WEB
|
StAkeR
|
|
2008-10-16
|
|
Mosaic Commerce - 'cid' SQL Injection
|
5 |
WEB
|
Ali Abbasi
|
|
2008-10-16
|
|
CafeEngine - Multiple SQL Injections
|
4 |
WEB
|
0xFFFFFF
|
|
2008-10-15
|
|
myEvent 1.6 - 'eventdate' SQL Injection
|
4 |
WEB
|
JosS
|
|
2008-10-15
|
|
mystats - 'hits.php' Multiple Vulnerabilities
|
4 |
WEB
|
JosS
|
|
2008-10-15
|
|
AstroSPACES 1.1.1 - 'id' SQL Injection
|
5 |
WEB
|
TurkishWarriorr
|
|
2008-10-14
|
|
PHPWebGallery 1.7.2 - Session Hijacking / Code Execution
|
5 |
WEB
|
EgiX
|
|
2008-10-14
|
|
My PHP Dating - 'id' SQL Injection
|
4 |
WEB
|
Hakxer
|
|
2008-10-14
|
|
SezHoo 0.1 - Remote File Inclusion
|
4 |
WEB
|
DaRkLiFe
|
|
2008-10-14
|
|
Nuked-klaN 1.7.7 / SP4.4 - Multiple Vulnerabilities
|
4 |
WEB
|
Charles Fol
|
|
2008-10-14
|
|
XOOPS Module xhresim - SQL Injection
|
4 |
WEB
|
EcHoLL
|
|
2008-10-14
|
|
WordPress Plugin WP Comment Remix 1.4.3 - SQL Injection
|
4 |
WEB
|
g30rg3_x
|
|
2008-10-13
|
|
IndexScript 3.0 - 'parent_id' SQL Injection
|
4 |
WEB
|
d3v1l
|
|
2008-10-13
|
|
ParsBlogger - 'links.asp' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-10-13
|
|
LokiCMS 0.3.4 - 'admin.php' Create Local File Inclusion
|
4 |
WEB
|
JosS
|
|
2008-10-13
|
|
LokiCMS 0.3.4 - 'writeconfig()' Remote Command Execution
|
4 |
WEB
|
girex
|
|
2008-10-12
|
|
My PHP Indexer 1.0 - 'index.php' Local File Download
|
4 |
WEB
|
JosS
|
|
2008-10-12
|
|
NewLife Blogger 3.0 - Insecure Cookie Handling / SQL Injection
|
4 |
WEB
|
Pepelux
|
|
2008-10-12
|
|
LokiCMS 0.3.4 - 'index.php' Arbitrary Check File
|
4 |
WEB
|
JosS
|
|
2008-10-12
|
|
Real Estate Scripts 2008 - 'cat' SQL Injection
|
4 |
WEB
|
Hakxer
|
|
2008-10-12
|
|
Globsy 1.0 - Remote File Rewriting
|
4 |
WEB
|
StAkeR
|
|
2008-10-12
|
|
mini-pub 0.3 - Local Directory Traversal / File Disclosure
|
5 |
WEB
|
GoLd_M
|
|
2008-10-12
|
|
mini-pub 0.3 - File Disclosure / Code Execution
|
4 |
WEB
|
muuratsalo
|
|
2008-10-11
|
|
Absolute Poll Manager XE 4.1 - 'xlacomments.asp' SQL Injection
|
4 |
WEB
|
Hakxer
|
