|
2008-10-11
|
|
Joomla! Component ownbiblio 1.5.3 - 'catid' SQL Injection
|
4 |
WEB
|
H!tm@N
|
|
2008-10-10
|
|
SlimCMS 1.0.0 - 'redirect.php' Privilege Escalation
|
3 |
WEB
|
StAkeR
|
|
2008-10-10
|
|
Easynet4u Link Host - 'cat_id' SQL Injection
|
4 |
WEB
|
BeyazKurt
|
|
2008-10-10
|
|
MunzurSoft Wep Portal W3 - 'kat' SQL Injection
|
4 |
WEB
|
LUPUS
|
|
2008-10-10
|
|
Joomla! Component mad4Joomla! - SQL Injection
|
3 |
WEB
|
H!tm@N
|
|
2008-10-10
|
|
Joomla! Component Ignite Gallery 0.8.3 - SQL Injection
|
4 |
WEB
|
H!tm@N
|
|
2008-10-10
|
|
Easynet4u faq Host - 'faq.php' SQL Injection
|
4 |
WEB
|
SuB-ZeRo
|
|
2008-10-10
|
|
Easynet4u Forum Host - 'forum.php' SQL Injection
|
4 |
WEB
|
SuB-ZeRo
|
|
2008-10-10
|
|
Ayco Okul Portali - 'linkid' SQL Injection
|
4 |
WEB
|
Crackers_Child
|
|
2008-10-09
|
|
Scriptsez Easy Image Downloader - Local File Download
|
4 |
WEB
|
JosS
|
|
2008-10-09
|
|
Stash 1.0.3 - SQL Injection User Credentials Disclosure
|
5 |
WEB
|
gnix
|
|
2008-10-09
|
|
Scriptsez Mini Hosting Panel - 'members.php' Local File Inclusion
|
4 |
WEB
|
JosS
|
|
2008-10-09
|
|
IranMC Arad Center - SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-10-09
|
|
Kusaba 1.0.4 - Remote Code Execution (2)
|
4 |
WEB
|
Sausage
|
|
2008-10-09
|
|
Camera Life 2.6.2b4 - SQL Injection / Cross-Site Scripting
|
4 |
WEB
|
BackDoor
|
|
2008-10-09
|
|
Joomla! Component Joomtracker 1.01 - SQL Injection
|
4 |
WEB
|
rsauron
|
|
2008-10-09
|
|
Gforge 4.6 rc1 - 'skill_edit' SQL Injection
|
4 |
WEB
|
beford
|
|
2008-10-09
|
|
GForge 4.5.19 - Multiple SQL Injections
|
5 |
WEB
|
beford
|
|
2008-10-09
|
|
Kusaba 1.0.4 - Remote Code Execution (1)
|
4 |
WEB
|
Sausage
|
|
2008-10-08
|
|
WebBiscuits Modules Controller 1.1 - Remote File Inclusion / Remote File Disclosure
|
4 |
WEB
|
GoLd_M
|
|
2008-10-08
|
|
AdMan 1.1.20070907 - 'campaignId' SQL Injection
|
3 |
WEB
|
SuB-ZeRo
|
|
2008-10-08
|
|
HispaH textlinksads - 'index.php' SQL Injection
|
4 |
WEB
|
InjEctOr5
|
|
2008-10-08
|
|
DFF PHP Framework API - 'Data Feed File' Remote File Inclusion
|
4 |
WEB
|
GoLd_M
|
|
2008-10-07
|
|
TorrentTrader Classic 1.04 - Blind SQL Injection
|
4 |
WEB
|
BazOka-HaCkEr
|
|
2008-10-07
|
|
Built2Go PHP Realestate 1.5 - 'event_detail.php' SQL Injection
|
4 |
WEB
|
d3v1l
|
|
2008-10-07
|
|
PHP Autos 2.9.1 - 'catid' SQL Injection
|
4 |
WEB
|
Mr.SQL
|
|
2008-10-07
|
|
PHP Auto Dealer 2.7 - 'v_cat' SQL Injection
|
4 |
WEB
|
Mr.SQL
|
|
2008-10-07
|
|
PHP Realtor 1.5 - 'v_cat' SQL Injection
|
4 |
WEB
|
Mr.SQL
|
|
2008-10-07
|
|
Yourownbux 4.0 - 'cookie' SQL Injection
|
4 |
WEB
|
Tec-n0x
|
|
2008-10-07
|
|
Joomla! Component com_hotspots - SQL Injection
|
4 |
WEB
|
cOndemned
|
|
2008-10-07
|
|
Yerba SACphp 6.3 - Multiple Vulnerabilities
|
3 |
WEB
|
StAkeR
|
|
2008-10-06
|
|
Yerba SACphp 6.3 - Local File Inclusion
|
4 |
WEB
|
Pepelux
|
|
2008-10-06
|
|
asiCMS alpha 0.208 - Multiple Remote File Inclusions
|
4 |
WEB
|
NoGe
|
|
2008-10-05
|
|
PHP-Fusion Mod triscoop_race_system - 'raceid' SQL Injection
|
4 |
WEB
|
boom3rang
|
|
2008-10-05
|
|
PHP-Fusion Mod recept - 'kat_id' SQL Injection
|
4 |
WEB
|
boom3rang
|
|
2008-10-05
|
|
PHP-Fusion Mod raidtracker_panel - 'INFO_RAID_ID' SQL Injection
|
4 |
WEB
|
boom3rang
|
|
2008-10-05
|
|
PHP-Fusion Mod manuals - 'manual' SQL Injection
|
4 |
WEB
|
boom3rang
|
|
2008-10-05
|
|
FOSS Gallery Public 1.0 - Arbitrary File Upload (PoC)
|
3 |
WEB
|
Pepelux
|
|
2008-10-05
|
|
phpAbook 0.8.8b - 'cookie' Local File Inclusion
|
3 |
WEB
|
JosS
|
|
2008-10-05
|
|
Fastpublish CMS 1.9999 - Local File Inclusion / SQL Injection
|
4 |
WEB
|
~!Dok_tOR!~
|
|
2008-10-05
|
|
geccBBlite 2.0 - 'id' SQL Injection
|
4 |
WEB
|
Piker
|
|
2008-10-05
|
|
OpenNMS < 1.5.96 - Multiple Vulnerabilities
|
4 |
WEB
|
BugSec LTD
|
|
2008-10-05
|
|
Galerie 3.2 - 'pic' WBB Lite Addon Blind SQL Injection
|
5 |
WEB
|
J0hn.X3r
|
|
2008-10-05
|
|
FOSS Gallery Public 1.0 - Arbitrary File Upload
|
4 |
WEB
|
JosS
|
|
2008-10-04
|
|
FOSS Gallery Admin 1.0 - Arbitrary File Upload
|
4 |
WEB
|
Pepelux
|
|
2008-10-04
|
|
JMweb - 'src' Local File Inclusion
|
4 |
WEB
|
SirGod
|
|
2008-10-04
|
|
pPIM 1.01 - 'notes.php' Local File Inclusion
|
4 |
WEB
|
JosS
|
|
2008-10-03
|
|
Kwalbum 2.0.2 - Arbitrary File Upload
|
4 |
WEB
|
CWH Underground
|
|
2008-10-03
|
|
CCMS 3.1 - 'skin' Local File Inclusion
|
4 |
WEB
|
SirGod
|
|
2008-10-03
|
|
AdaptCMS Lite 1.3 - Blind SQL Injection
|
4 |
WEB
|
StAkeR
|
|
2008-10-03
|
|
Full PHP Emlak Script - 'arsaprint.php' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-10-03
|
|
IP Reg 0.4 - Blind SQL Injection
|
4 |
WEB
|
StAkeR
|
|
2008-10-02
|
|
OpenX 2.6 - 'bannerid' Blind SQL Injection
|
4 |
WEB
|
d00m3r4ng
|
|
2008-10-02
|
|
OLIB 7 WebView 2.5.1.1 - 'infile' Local File Inclusion
|
4 |
WEB
|
ZeN
|
|
2008-10-02
|
|
Bux.to Clone Script - Insecure Cookie Handling
|
4 |
WEB
|
SirGod
|
|
2008-10-01
|
|
Link Trader - 'lnkid' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-10-01
|
|
phpscripts Ranking Script - Insecure Cookie Handling
|
4 |
WEB
|
Crackers_Child
|
|
2008-10-01
|
|
RPortal 1.1 - 'file_op' Remote File Inclusion
|
4 |
WEB
|
Kad
|
|
2008-10-01
|
|
phpScheduleIt 1.2.10 - 'reserve.php' Remote Code Execution
|
4 |
WEB
|
EgiX
|
|
2008-10-01
|
|
Crux Gallery 1.32 - 'theme' Local File Inclusion
|
4 |
WEB
|
StAkeR
|
|
2008-10-01
|
|
Noname CMS 1.0 - Multiple SQL Injections
|
3 |
WEB
|
~!Dok_tOR!~
|
|
2008-10-01
|
|
Discussion Forums 2k 3.3 - Multiple SQL Injections
|
4 |
WEB
|
~!Dok_tOR!~
|
|
2008-10-01
|
|
BMForum 5.6 - 'tagname' SQL Injection
|
4 |
WEB
|
~!Dok_tOR!~
|
|
2008-10-01
|
|
MySQL Quick Admin 1.5.5 - 'cookie' Local File Inclusion
|
4 |
WEB
|
JosS
|
|
2008-10-01
|
|
ADN Forum 1.0b - Blind SQL Injection
|
4 |
WEB
|
StAkeR
|
|
2008-09-30
|
|
Pritlog 0.4 - 'Filename' Remote File Disclosure
|
4 |
WEB
|
Pepelux
|
|
2008-09-30
|
|
BookMarks Favourites Script - 'id' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-09-30
|
|
Rianxosencabos CMS 0.9 - Blind SQL Injection
|
3 |
WEB
|
ka0x
|
|
2008-09-30
|
|
SG Real Estate Portal 2.0 - Insecure Cookie Handling
|
4 |
WEB
|
Stack
|
|
2008-09-30
|
|
SG Real Estate Portal 2.0 - Blind SQL Injection
|
4 |
WEB
|
Stack
|
|
2008-09-30
|
|
eFront 3.5.1 / build 2710 - Arbitrary File Upload
|
4 |
WEB
|
Pepelux
|
|
2008-09-30
|
|
MiNBank 1.5.0 - Multiple Remote File Inclusions
|
4 |
WEB
|
DaRkLiFe
|
|
2008-09-30
|
|
SG Real Estate Portal 2.0 - Blind SQL Injection / Local File Inclusion
|
4 |
WEB
|
SirGod
|
|
2008-09-30
|
|
FAQ Management Script - 'catid' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-09-29
|
|
ArabCMS - 'rss.php' Local File Inclusion
|
4 |
WEB
|
JIKO
|
|
2008-09-29
|
|
PG Matchmaking Script - Multiple SQL Injections
|
4 |
WEB
|
Super Cristal
|
|
2008-09-29
|
|
Post Comments 3.0 - Insecure Cookie Handling
|
4 |
WEB
|
Crackers_Child
|
|
2008-09-29
|
|
Arcadem Pro - 'articlecat' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-09-29
|
|
events Calendar 1.1 - Remote File Inclusion
|
3 |
WEB
|
k3vin mitnick
|
|
2008-09-28
|
|
BbZL.php 0.92 - Insecure Cookie Handling
|
4 |
WEB
|
Stack
|
|
2008-09-28
|
|
PHP-Fusion Mod freshlinks - 'linkid' SQL Injection
|
4 |
WEB
|
boom3rang
|
|
2008-09-28
|
|
Joomla! Component imagebrowser 0.1.5 rc2 - Directory Traversal
|
4 |
WEB
|
Cr@zy_King
|
|
2008-09-28
|
|
BbZL.php 0.92 - 'lien_2' Local Directory Traversal
|
4 |
WEB
|
JIKO
|
|
2008-09-28
|
|
Pilot Group eTraining - 'news_read.php' SQL Injection
|
4 |
WEB
|
S.W.A.T.
|
|
2008-09-28
|
|
Pro Chat Rooms 3.0.3 - SQL Injection
|
4 |
WEB
|
~!Dok_tOR!~
|
|
2008-09-28
|
|
PHPcounter 1.3.2 - 'index.php' SQL Injection
|
4 |
WEB
|
StAkeR
|
|
2008-09-28
|
|
ParsaWeb CMS - 'Search' SQL Injection
|
4 |
WEB
|
BugReport.IR
|
|
2008-09-28
|
|
ZEELYRICS 2.0 - 'bannerclick.php' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-09-27
|
|
X7 Chat 2.0.1A1 - Local File Inclusion
|
4 |
WEB
|
JIKO
|
|
2008-09-27
|
|
Yoxel 1.23beta - 'itpm_estimate.php' Remote Code Execution
|
4 |
WEB
|
dun
|
|
2008-09-27
|
|
PHP-Lance 1.52 - 'catid' SQL Injection
|
4 |
WEB
|
InjEctOr5
|
|
2008-09-27
|
|
PowerPortal 2.0.13 - 'path' Local Directory Traversal
|
4 |
WEB
|
r45c4l
|
|
2008-09-27
|
|
MyCard 1.0.2 - 'id' SQL Injection
|
4 |
WEB
|
r45c4l
|
|
2008-09-27
|
|
PlugSpace 0.1 - 'navi' Local File Inclusion
|
4 |
WEB
|
dun
|
|
2008-09-27
|
|
LnBlog 0.9.0 - 'plugin' Local File Inclusion
|
4 |
WEB
|
dun
|
|
2008-09-27
|
|
Real Estate Manager 1.01 - 'cat_id' SQL Injection
|
4 |
WEB
|
CraCkEr
|
|
2008-09-27
|
|
CoAST 0.95 - 'sections_file' Remote File Inclusion
|
4 |
WEB
|
DaRkLiFe
|
|
2008-09-27
|
|
E-Uploader Pro 1.0 - Multiple SQL Injections
|
3 |
WEB
|
~!Dok_tOR!~
|
|
2008-09-27
|
|
Joovili 3.0 - Multiple SQL Injections
|
3 |
WEB
|
~!Dok_tOR!~
|
|
2008-09-27
|
|
Camera Life 2.6.2b4 - Arbitrary File Upload
|
3 |
WEB
|
Mi4night
|
|
2008-09-27
|
|
Vbgooglemap Hotspot Edition 1.0.3 - SQL Injection
|
4 |
WEB
|
elusiven
|
|
2008-09-27
|
|
X7 Chat 2.0.1A1 - 'mini.php' Local File Inclusion
|
4 |
WEB
|
NoGe
|
|
2008-09-27
|
|
RPG.Board 0.0.8Beta2 - Insecure Cookie Handling
|
4 |
WEB
|
Stack
|
|
2008-09-27
|
|
ASPapp Knowledge Base - 'CatId' SQL Injection (2)
|
4 |
WEB
|
Crackers_Child
|
|
2008-09-26
|
|
RPG.Board 0.0.8Beta2 - 'showtopic' SQL Injection
|
4 |
WEB
|
0x90
|
|
2008-09-26
|
|
The Gemini Portal 4.7 - 'lang' Remote File Inclusion
|
4 |
WEB
|
ZoRLu
|
|
2008-09-26
|
|
Crux Gallery 1.32 - Insecure Cookie Handling
|
4 |
WEB
|
Pepelux
|
|
2008-09-26
|
|
openEngine 2.0 beta2 - Remote File Inclusion
|
4 |
WEB
|
Crackers_Child
|
|
2008-09-26
|
|
The Gemini Portal 4.7 - Insecure Cookie Handling
|
4 |
WEB
|
Pepelux
|
|
2008-09-26
|
|
Esqlanelapse Software Project 2.6.2 - Insecure Cookie Handling
|
4 |
WEB
|
ZoRLu
|
|
2008-09-26
|
|
Atomic Photo Album 1.1.0pre4 - Insecure Cookie Handling
|
4 |
WEB
|
Stack
|
|
2008-09-26
|
|
Libra PHP File Manager 1.18 - Insecure Cookie Handling
|
4 |
WEB
|
Stack
|
|
2008-09-26
|
|
212Cafe Board 0.07 - 'qID' SQL Injection
|
4 |
WEB
|
CWH Underground
|
|
2008-09-26
|
|
PromoteWeb MySQL - 'id' SQL Injection
|
4 |
WEB
|
CWH Underground
|
|
2008-09-26
|
|
Ultimate WebBoard 3.00 - 'Category' SQL Injection
|
4 |
WEB
|
CWH Underground
|
|
2008-09-26
|
|
barcodegen 2.0.0 - 'class_dir' Remote File Inclusion
|
4 |
WEB
|
Br0k3n H34rT
|
|
2008-09-26
|
|
Atomic Photo Album 1.1.0pre4 - Blind SQL Injection
|
4 |
WEB
|
Stack
|
|
2008-09-25
|
|
LanSuite 3.3.2 - 'FCKeditor' Arbitrary File Upload
|
4 |
WEB
|
Stack
|
|
2008-09-25
|
|
Atomic Photo Album 1.1.0pre4 - Cross-Site Scripting / SQL Injection
|
3 |
WEB
|
d3v1l
|
|
2008-09-25
|
|
openEngine 2.0 beta4 - Remote File Inclusion
|
4 |
WEB
|
dun
|
|
2008-09-25
|
|
Vikingboard 0.2 Beta - SQL Column Truncation
|
4 |
WEB
|
StAkeR
|
|
2008-09-25
|
|
PHP infoBoard 7 - Plus Insecure Cookie Handling
|
4 |
WEB
|
Stack
|
|
2008-09-25
|
|
Libra PHP File Manager 1.18/2.0 - Local File Inclusion
|
4 |
WEB
|
Pepelux
|
|
2008-09-25
|
|
PHP infoboard 7 plus - Multiple Vulnerabilities
|
4 |
WEB
|
CWH Underground
|
|
2008-09-25
|
|
Vikingboard 0.2 Beta - 'task' Local File Inclusion
|
4 |
WEB
|
dun
|
