|
2008-10-16
|
|
Mic_blog 0.0.3 - SQL Injection / Privilege Escalation
|
7 |
WEB
|
StAkeR
|
|
2008-10-16
|
|
Mosaic Commerce - 'cid' SQL Injection
|
8 |
WEB
|
Ali Abbasi
|
|
2008-10-16
|
|
CafeEngine - Multiple SQL Injections
|
7 |
WEB
|
0xFFFFFF
|
|
2008-10-15
|
|
myEvent 1.6 - 'eventdate' SQL Injection
|
7 |
WEB
|
JosS
|
|
2008-10-15
|
|
mystats - 'hits.php' Multiple Vulnerabilities
|
8 |
WEB
|
JosS
|
|
2008-10-15
|
|
AstroSPACES 1.1.1 - 'id' SQL Injection
|
8 |
WEB
|
TurkishWarriorr
|
|
2008-10-14
|
|
PHPWebGallery 1.7.2 - Session Hijacking / Code Execution
|
8 |
WEB
|
EgiX
|
|
2008-10-14
|
|
My PHP Dating - 'id' SQL Injection
|
7 |
WEB
|
Hakxer
|
|
2008-10-14
|
|
SezHoo 0.1 - Remote File Inclusion
|
7 |
WEB
|
DaRkLiFe
|
|
2008-10-14
|
|
Nuked-klaN 1.7.7 / SP4.4 - Multiple Vulnerabilities
|
7 |
WEB
|
Charles Fol
|
|
2008-10-14
|
|
XOOPS Module xhresim - SQL Injection
|
7 |
WEB
|
EcHoLL
|
|
2008-10-14
|
|
WordPress Plugin WP Comment Remix 1.4.3 - SQL Injection
|
7 |
WEB
|
g30rg3_x
|
|
2008-10-13
|
|
IndexScript 3.0 - 'parent_id' SQL Injection
|
7 |
WEB
|
d3v1l
|
|
2008-10-13
|
|
ParsBlogger - 'links.asp' SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-10-13
|
|
LokiCMS 0.3.4 - 'admin.php' Create Local File Inclusion
|
7 |
WEB
|
JosS
|
|
2008-10-13
|
|
LokiCMS 0.3.4 - 'writeconfig()' Remote Command Execution
|
7 |
WEB
|
girex
|
|
2008-10-12
|
|
My PHP Indexer 1.0 - 'index.php' Local File Download
|
7 |
WEB
|
JosS
|
|
2008-10-12
|
|
NewLife Blogger 3.0 - Insecure Cookie Handling / SQL Injection
|
7 |
WEB
|
Pepelux
|
|
2008-10-12
|
|
LokiCMS 0.3.4 - 'index.php' Arbitrary Check File
|
7 |
WEB
|
JosS
|
|
2008-10-12
|
|
Real Estate Scripts 2008 - 'cat' SQL Injection
|
7 |
WEB
|
Hakxer
|
|
2008-10-12
|
|
Globsy 1.0 - Remote File Rewriting
|
7 |
WEB
|
StAkeR
|
|
2008-10-12
|
|
mini-pub 0.3 - Local Directory Traversal / File Disclosure
|
8 |
WEB
|
GoLd_M
|
|
2008-10-12
|
|
mini-pub 0.3 - File Disclosure / Code Execution
|
7 |
WEB
|
muuratsalo
|
|
2008-10-11
|
|
Absolute Poll Manager XE 4.1 - 'xlacomments.asp' SQL Injection
|
7 |
WEB
|
Hakxer
|
|
2008-10-11
|
|
Joomla! Component ownbiblio 1.5.3 - 'catid' SQL Injection
|
7 |
WEB
|
H!tm@N
|
|
2008-10-10
|
|
SlimCMS 1.0.0 - 'redirect.php' Privilege Escalation
|
6 |
WEB
|
StAkeR
|
|
2008-10-10
|
|
Easynet4u Link Host - 'cat_id' SQL Injection
|
7 |
WEB
|
BeyazKurt
|
|
2008-10-10
|
|
MunzurSoft Wep Portal W3 - 'kat' SQL Injection
|
7 |
WEB
|
LUPUS
|
|
2008-10-10
|
|
Joomla! Component mad4Joomla! - SQL Injection
|
6 |
WEB
|
H!tm@N
|
|
2008-10-10
|
|
Joomla! Component Ignite Gallery 0.8.3 - SQL Injection
|
7 |
WEB
|
H!tm@N
|
|
2008-10-10
|
|
Easynet4u faq Host - 'faq.php' SQL Injection
|
7 |
WEB
|
SuB-ZeRo
|
|
2008-10-10
|
|
Easynet4u Forum Host - 'forum.php' SQL Injection
|
7 |
WEB
|
SuB-ZeRo
|
|
2008-10-10
|
|
Ayco Okul Portali - 'linkid' SQL Injection
|
7 |
WEB
|
Crackers_Child
|
|
2008-10-09
|
|
Scriptsez Easy Image Downloader - Local File Download
|
7 |
WEB
|
JosS
|
|
2008-10-09
|
|
Stash 1.0.3 - SQL Injection User Credentials Disclosure
|
8 |
WEB
|
gnix
|
|
2008-10-09
|
|
Scriptsez Mini Hosting Panel - 'members.php' Local File Inclusion
|
7 |
WEB
|
JosS
|
|
2008-10-09
|
|
IranMC Arad Center - SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-10-09
|
|
Kusaba 1.0.4 - Remote Code Execution (2)
|
7 |
WEB
|
Sausage
|
|
2008-10-09
|
|
Camera Life 2.6.2b4 - SQL Injection / Cross-Site Scripting
|
7 |
WEB
|
BackDoor
|
|
2008-10-09
|
|
Joomla! Component Joomtracker 1.01 - SQL Injection
|
7 |
WEB
|
rsauron
|
|
2008-10-09
|
|
Gforge 4.6 rc1 - 'skill_edit' SQL Injection
|
7 |
WEB
|
beford
|
|
2008-10-09
|
|
GForge 4.5.19 - Multiple SQL Injections
|
8 |
WEB
|
beford
|
|
2008-10-09
|
|
Kusaba 1.0.4 - Remote Code Execution (1)
|
7 |
WEB
|
Sausage
|
|
2008-10-08
|
|
WebBiscuits Modules Controller 1.1 - Remote File Inclusion / Remote File Disclosure
|
7 |
WEB
|
GoLd_M
|
|
2008-10-08
|
|
AdMan 1.1.20070907 - 'campaignId' SQL Injection
|
6 |
WEB
|
SuB-ZeRo
|
|
2008-10-08
|
|
HispaH textlinksads - 'index.php' SQL Injection
|
7 |
WEB
|
InjEctOr5
|
|
2008-10-08
|
|
DFF PHP Framework API - 'Data Feed File' Remote File Inclusion
|
7 |
WEB
|
GoLd_M
|
|
2008-10-07
|
|
TorrentTrader Classic 1.04 - Blind SQL Injection
|
7 |
WEB
|
BazOka-HaCkEr
|
|
2008-10-07
|
|
Built2Go PHP Realestate 1.5 - 'event_detail.php' SQL Injection
|
7 |
WEB
|
d3v1l
|
|
2008-10-07
|
|
PHP Autos 2.9.1 - 'catid' SQL Injection
|
7 |
WEB
|
Mr.SQL
|
|
2008-10-07
|
|
PHP Auto Dealer 2.7 - 'v_cat' SQL Injection
|
7 |
WEB
|
Mr.SQL
|
|
2008-10-07
|
|
PHP Realtor 1.5 - 'v_cat' SQL Injection
|
7 |
WEB
|
Mr.SQL
|
|
2008-10-07
|
|
Yourownbux 4.0 - 'cookie' SQL Injection
|
7 |
WEB
|
Tec-n0x
|
|
2008-10-07
|
|
Joomla! Component com_hotspots - SQL Injection
|
7 |
WEB
|
cOndemned
|
|
2008-10-07
|
|
Yerba SACphp 6.3 - Multiple Vulnerabilities
|
6 |
WEB
|
StAkeR
|
|
2008-10-06
|
|
Yerba SACphp 6.3 - Local File Inclusion
|
7 |
WEB
|
Pepelux
|
|
2008-10-06
|
|
asiCMS alpha 0.208 - Multiple Remote File Inclusions
|
7 |
WEB
|
NoGe
|
|
2008-10-05
|
|
PHP-Fusion Mod triscoop_race_system - 'raceid' SQL Injection
|
7 |
WEB
|
boom3rang
|
|
2008-10-05
|
|
PHP-Fusion Mod recept - 'kat_id' SQL Injection
|
7 |
WEB
|
boom3rang
|
|
2008-10-05
|
|
PHP-Fusion Mod raidtracker_panel - 'INFO_RAID_ID' SQL Injection
|
7 |
WEB
|
boom3rang
|
|
2008-10-05
|
|
PHP-Fusion Mod manuals - 'manual' SQL Injection
|
7 |
WEB
|
boom3rang
|
|
2008-10-05
|
|
FOSS Gallery Public 1.0 - Arbitrary File Upload (PoC)
|
7 |
WEB
|
Pepelux
|
|
2008-10-05
|
|
phpAbook 0.8.8b - 'cookie' Local File Inclusion
|
6 |
WEB
|
JosS
|
|
2008-10-05
|
|
Fastpublish CMS 1.9999 - Local File Inclusion / SQL Injection
|
7 |
WEB
|
~!Dok_tOR!~
|
|
2008-10-05
|
|
geccBBlite 2.0 - 'id' SQL Injection
|
7 |
WEB
|
Piker
|
|
2008-10-05
|
|
OpenNMS < 1.5.96 - Multiple Vulnerabilities
|
7 |
WEB
|
BugSec LTD
|
|
2008-10-05
|
|
Galerie 3.2 - 'pic' WBB Lite Addon Blind SQL Injection
|
8 |
WEB
|
J0hn.X3r
|
|
2008-10-05
|
|
FOSS Gallery Public 1.0 - Arbitrary File Upload
|
7 |
WEB
|
JosS
|
|
2008-10-04
|
|
FOSS Gallery Admin 1.0 - Arbitrary File Upload
|
7 |
WEB
|
Pepelux
|
|
2008-10-04
|
|
JMweb - 'src' Local File Inclusion
|
7 |
WEB
|
SirGod
|
|
2008-10-04
|
|
pPIM 1.01 - 'notes.php' Local File Inclusion
|
7 |
WEB
|
JosS
|
|
2008-10-03
|
|
Kwalbum 2.0.2 - Arbitrary File Upload
|
7 |
WEB
|
CWH Underground
|
|
2008-10-03
|
|
CCMS 3.1 - 'skin' Local File Inclusion
|
7 |
WEB
|
SirGod
|
|
2008-10-03
|
|
AdaptCMS Lite 1.3 - Blind SQL Injection
|
7 |
WEB
|
StAkeR
|
|
2008-10-03
|
|
Full PHP Emlak Script - 'arsaprint.php' SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-10-03
|
|
IP Reg 0.4 - Blind SQL Injection
|
7 |
WEB
|
StAkeR
|
|
2008-10-02
|
|
OpenX 2.6 - 'bannerid' Blind SQL Injection
|
7 |
WEB
|
d00m3r4ng
|
|
2008-10-02
|
|
OLIB 7 WebView 2.5.1.1 - 'infile' Local File Inclusion
|
7 |
WEB
|
ZeN
|
|
2008-10-02
|
|
Bux.to Clone Script - Insecure Cookie Handling
|
7 |
WEB
|
SirGod
|
|
2008-10-01
|
|
Link Trader - 'lnkid' SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-10-01
|
|
phpscripts Ranking Script - Insecure Cookie Handling
|
7 |
WEB
|
Crackers_Child
|
|
2008-10-01
|
|
RPortal 1.1 - 'file_op' Remote File Inclusion
|
7 |
WEB
|
Kad
|
|
2008-10-01
|
|
phpScheduleIt 1.2.10 - 'reserve.php' Remote Code Execution
|
7 |
WEB
|
EgiX
|
|
2008-10-01
|
|
Crux Gallery 1.32 - 'theme' Local File Inclusion
|
7 |
WEB
|
StAkeR
|
|
2008-10-01
|
|
Noname CMS 1.0 - Multiple SQL Injections
|
6 |
WEB
|
~!Dok_tOR!~
|
|
2008-10-01
|
|
Discussion Forums 2k 3.3 - Multiple SQL Injections
|
7 |
WEB
|
~!Dok_tOR!~
|
|
2008-10-01
|
|
BMForum 5.6 - 'tagname' SQL Injection
|
7 |
WEB
|
~!Dok_tOR!~
|
|
2008-10-01
|
|
MySQL Quick Admin 1.5.5 - 'cookie' Local File Inclusion
|
7 |
WEB
|
JosS
|
|
2008-10-01
|
|
ADN Forum 1.0b - Blind SQL Injection
|
7 |
WEB
|
StAkeR
|
|
2008-09-30
|
|
Pritlog 0.4 - 'Filename' Remote File Disclosure
|
7 |
WEB
|
Pepelux
|
|
2008-09-30
|
|
BookMarks Favourites Script - 'id' SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-09-30
|
|
Rianxosencabos CMS 0.9 - Blind SQL Injection
|
6 |
WEB
|
ka0x
|
|
2008-09-30
|
|
SG Real Estate Portal 2.0 - Insecure Cookie Handling
|
7 |
WEB
|
Stack
|
|
2008-09-30
|
|
SG Real Estate Portal 2.0 - Blind SQL Injection
|
7 |
WEB
|
Stack
|
|
2008-09-30
|
|
eFront 3.5.1 / build 2710 - Arbitrary File Upload
|
7 |
WEB
|
Pepelux
|
|
2008-09-30
|
|
MiNBank 1.5.0 - Multiple Remote File Inclusions
|
7 |
WEB
|
DaRkLiFe
|
|
2008-09-30
|
|
SG Real Estate Portal 2.0 - Blind SQL Injection / Local File Inclusion
|
7 |
WEB
|
SirGod
|
|
2008-09-30
|
|
FAQ Management Script - 'catid' SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-09-29
|
|
ArabCMS - 'rss.php' Local File Inclusion
|
7 |
WEB
|
JIKO
|
|
2008-09-29
|
|
PG Matchmaking Script - Multiple SQL Injections
|
7 |
WEB
|
Super Cristal
|
|
2008-09-29
|
|
Post Comments 3.0 - Insecure Cookie Handling
|
7 |
WEB
|
Crackers_Child
|
|
2008-09-29
|
|
Arcadem Pro - 'articlecat' SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-09-29
|
|
events Calendar 1.1 - Remote File Inclusion
|
6 |
WEB
|
k3vin mitnick
|
|
2008-09-28
|
|
BbZL.php 0.92 - Insecure Cookie Handling
|
7 |
WEB
|
Stack
|
|
2008-09-28
|
|
PHP-Fusion Mod freshlinks - 'linkid' SQL Injection
|
7 |
WEB
|
boom3rang
|
|
2008-09-28
|
|
Joomla! Component imagebrowser 0.1.5 rc2 - Directory Traversal
|
7 |
WEB
|
Cr@zy_King
|
|
2008-09-28
|
|
BbZL.php 0.92 - 'lien_2' Local Directory Traversal
|
7 |
WEB
|
JIKO
|
|
2008-09-28
|
|
Pilot Group eTraining - 'news_read.php' SQL Injection
|
7 |
WEB
|
S.W.A.T.
|
|
2008-09-28
|
|
Pro Chat Rooms 3.0.3 - SQL Injection
|
7 |
WEB
|
~!Dok_tOR!~
|
|
2008-09-28
|
|
PHPcounter 1.3.2 - 'index.php' SQL Injection
|
7 |
WEB
|
StAkeR
|
|
2008-09-28
|
|
ParsaWeb CMS - 'Search' SQL Injection
|
7 |
WEB
|
BugReport.IR
|
|
2008-09-28
|
|
ZEELYRICS 2.0 - 'bannerclick.php' SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-09-27
|
|
X7 Chat 2.0.1A1 - Local File Inclusion
|
7 |
WEB
|
JIKO
|
|
2008-09-27
|
|
Yoxel 1.23beta - 'itpm_estimate.php' Remote Code Execution
|
7 |
WEB
|
dun
|
|
2008-09-27
|
|
PHP-Lance 1.52 - 'catid' SQL Injection
|
7 |
WEB
|
InjEctOr5
|
|
2008-09-27
|
|
PowerPortal 2.0.13 - 'path' Local Directory Traversal
|
7 |
WEB
|
r45c4l
|
|
2008-09-27
|
|
MyCard 1.0.2 - 'id' SQL Injection
|
7 |
WEB
|
r45c4l
|
|
2008-09-27
|
|
PlugSpace 0.1 - 'navi' Local File Inclusion
|
7 |
WEB
|
dun
|
|
2008-09-27
|
|
LnBlog 0.9.0 - 'plugin' Local File Inclusion
|
7 |
WEB
|
dun
|
|
2008-09-27
|
|
Real Estate Manager 1.01 - 'cat_id' SQL Injection
|
7 |
WEB
|
CraCkEr
|
|
2008-09-27
|
|
CoAST 0.95 - 'sections_file' Remote File Inclusion
|
7 |
WEB
|
DaRkLiFe
|
|
2008-09-27
|
|
E-Uploader Pro 1.0 - Multiple SQL Injections
|
6 |
WEB
|
~!Dok_tOR!~
|
|
2008-09-27
|
|
Joovili 3.0 - Multiple SQL Injections
|
7 |
WEB
|
~!Dok_tOR!~
|
|
2008-09-27
|
|
Camera Life 2.6.2b4 - Arbitrary File Upload
|
6 |
WEB
|
Mi4night
|
|
2008-09-27
|
|
Vbgooglemap Hotspot Edition 1.0.3 - SQL Injection
|
7 |
WEB
|
elusiven
|
