|
2008-08-31
|
|
myPHPNuke < 1.8.8_8rc2 - Cross-Site Scripting / SQL Injection
|
2 |
WEB
|
MustLive
|
|
2008-08-31
|
|
Words tag script 1.2 - 'word' SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-08-31
|
|
Web Directory Script 1.5.3 - 'site' SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-08-30
|
|
Brim 2.0.0 - SQL Injection / Cross-Site Scripting
|
2 |
WEB
|
InjEctOr5
|
|
2008-08-29
|
|
Invision Power Board (IP.Board) 2.3.5 - Multiple Vulnerabilities (2)
|
2 |
WEB
|
DarkFig
|
|
2008-08-27
|
|
Yourownbux 3.1/3.2 Beta - SQL Injection
|
1 |
WEB
|
~!Dok_tOR!~
|
|
2008-08-27
|
|
PHPMyRealty 1.0.9 - Multiple SQL Injections
|
2 |
WEB
|
~!Dok_tOR!~
|
|
2008-08-26
|
|
MyBulletinBoard (MyBB) 1.2.11 - 'private.php' SQL Injection (2)
|
2 |
WEB
|
c411k
|
|
2008-08-26
|
|
iFdate 2.0.3 - SQL Injection
|
2 |
WEB
|
~!Dok_tOR!~
|
|
2008-08-26
|
|
Thickbox Gallery 2.0 - 'Admins.php' Admin Data Disclosure
|
2 |
WEB
|
SirGod
|
|
2008-08-26
|
|
CMME 1.12 - Local File Inclusion / Cross-Site Scripting / Cross-Site Request Forgery/Download Backup
|
1 |
WEB
|
SirGod
|
|
2008-08-26
|
|
k-rate - SQL Injection / Cross-Site Scripting
|
2 |
WEB
|
Corwin
|
|
2008-08-26
|
|
Simple PHP Blog (SPHPBlog) 0.5.1 - Code Execution
|
2 |
WEB
|
mAXzA
|
|
2008-08-26
|
|
Kolifa.net Download Script 1.2 - 'id' SQL Injection
|
2 |
WEB
|
Kacak
|
|
2008-08-26
|
|
z-breaknews 2.0 - 'single.php' SQL Injection
|
2 |
WEB
|
cOndemned
|
|
2008-08-25
|
|
Crafty Syntax Live Help 2.14.6 - 'department' SQL Injection
|
2 |
WEB
|
GulfTech Security
|
|
2008-08-25
|
|
GeekLog 1.5.0 - Arbitrary File Upload
|
2 |
WEB
|
t0pP8uZz
|
|
2008-08-25
|
|
WebBoard 2.0 - Arbitrary SQL Question/Anwser Delete
|
3 |
WEB
|
t0pP8uZz
|
|
2008-08-25
|
|
EZContents CMS 2.0.3 - Multiple Local File Inclusions
|
2 |
WEB
|
DSecRG
|
|
2008-08-25
|
|
Pluck CMS 4.5.2 - Multiple Local File Inclusions
|
2 |
WEB
|
DSecRG
|
|
2008-08-25
|
|
Web Directory Script 2.0 - 'name' SQL Injection
|
2 |
WEB
|
~!Dok_tOR!~
|
|
2008-08-25
|
|
Matterdaddy Market 1.1 - 'index.php' Multiple SQL Injections
|
2 |
WEB
|
~!Dok_tOR!~
|
|
2008-08-25
|
|
BtiTracker 1.4.7 / xbtit 2.0.542 - SQL Injection
|
2 |
WEB
|
InATeam
|
|
2008-08-24
|
|
MiaCMS 4.6.5 - Multiple SQL Injections
|
2 |
WEB
|
~!Dok_tOR!~
|
|
2008-08-24
|
|
5 star review - Cross-Site Scripting / SQL Injection
|
2 |
WEB
|
Mr.SQL
|
|
2008-08-23
|
|
onenews Beta 2 - Cross-Site Scripting / HTML Injection / SQL Injection
|
2 |
WEB
|
suN8Hclf
|
|
2008-08-23
|
|
noname script 1.1 - Multiple Vulnerabilities
|
2 |
WEB
|
SirGod
|
|
2008-08-21
|
|
easysite 2.3 - Multiple Vulnerabilities
|
2 |
WEB
|
SirGod
|
|
2008-08-21
|
|
TinyCMS 1.1.2 - 'templater.php' Local File Inclusion
|
2 |
WEB
|
cOndemned
|
|
2008-08-21
|
|
BandSite CMS 1.1.4 - Download Backup / Cross-Site Scripting / Cross-Site Request Forgery
|
2 |
WEB
|
SirGod
|
|
2008-08-21
|
|
Photocart 3.9 - Multiple SQL Injections
|
2 |
WEB
|
~!Dok_tOR!~
|
|
2008-08-21
|
|
CustomCMS 4.0 - 'print.php' SQL Injection
|
3 |
WEB
|
~!Dok_tOR!~
|
|
2008-08-20
|
|
webEdition CMS - 'we_objectID' Blind SQL Injection
|
2 |
WEB
|
Lidloses_Auge
|
|
2008-08-20
|
|
phpBazar 2.0.2 - 'adid' SQL Injection
|
2 |
WEB
|
e.wiZz!
|
|
2008-08-20
|
|
Pars4U Videosharing 1.0 - Cross-Site Scripting / Blind SQL Injection
|
2 |
WEB
|
Mr.SQL
|
|
2008-08-19
|
|
Active PHP BookMarks 1.1.02 - SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-08-19
|
|
Banner Management Script - 'id' SQL Injection
|
2 |
WEB
|
S.W.A.T.
|
|
2008-08-19
|
|
SunShop Shopping Cart 4.1.4 - 'id' SQL Injection
|
2 |
WEB
|
GulfTech Security
|
|
2008-08-19
|
|
Ad Board - 'id' SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-08-19
|
|
Affiliate Directory - 'id' SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-08-19
|
|
TWiki 4.2.0 - 'configure' Remote File Disclosure
|
2 |
WEB
|
Th1nk3r
|
|
2008-08-18
|
|
PHP Live Helper 2.0.1 - Multiple Vulnerabilities
|
2 |
WEB
|
GulfTech Security
|
|
2008-08-18
|
|
cyberBB 0.6 - Multiple SQL Injections
|
2 |
WEB
|
cOndemned
|
|
2008-08-18
|
|
VidiScript (Avatar) - Arbitrary File Upload
|
2 |
WEB
|
InjEctOr5
|
|
2008-08-17
|
|
PHPBasket - 'pro_id' SQL Injection
|
2 |
WEB
|
r45c4l
|
|
2008-08-17
|
|
phpArcadeScript 4 - 'cat' SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-08-17
|
|
XNova 0.8 sp1 - 'xnova_root_path' Remote File Inclusion
|
2 |
WEB
|
NuclearHaxor
|
|
2008-08-15
|
|
deeemm CMS (dmcms) 0.7.4 - Multiple Vulnerabilities
|
2 |
WEB
|
Khashayar Fereidani
|
|
2008-08-15
|
|
Zeeways ZeeJobsite 2.0 - 'adid' SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-08-15
|
|
dotCMS 1.6 - 'id' Local File Inclusion
|
2 |
WEB
|
Don
|
|
2008-08-13
|
|
gelato CMS 0.95 - 'img' Remote File Disclosure
|
2 |
WEB
|
JIKO
|
|
2008-08-12
|
|
Joomla! 1.5.x - 'Token' Remote Admin Change Password
|
2 |
WEB
|
d3m0n
|
|
2008-08-12
|
|
BBlog 0.7.6 - 'mod' SQL Injection
|
3 |
WEB
|
IP-Sh0k
|
|
2008-08-11
|
|
Ovidentia 6.6.5 - 'item' SQL Injection
|
2 |
WEB
|
Khashayar Fereidani
|
|
2008-08-11
|
|
pPIM 1.0 - Upload/Change Password
|
2 |
WEB
|
Stack
|
|
2008-08-11
|
|
ZeeBuddy 2.1 - 'adid' SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-08-10
|
|
OpenImpro 1.1 - 'image.php' SQL Injection
|
3 |
WEB
|
nuclear
|
|
2008-08-10
|
|
psipuss 1.0 - Multiple SQL Injections
|
3 |
WEB
|
Virangar Security
|
|
2008-08-10
|
|
PHP-Ring Webring System 0.9.1 - Insecure Cookie Handling
|
2 |
WEB
|
Virangar Security
|
|
2008-08-10
|
|
txtSQL 2.2 Final - 'startup.php' Remote File Inclusion
|
2 |
WEB
|
CraCkEr
|
|
2008-08-10
|
|
Quicksilver Forums 1.4.1 - SQL Injection
|
2 |
WEB
|
irk4z
|
|
2008-08-10
|
|
Vacation Rental Script 3.0 - 'id' SQL Injection
|
2 |
WEB
|
CraCkEr
|
|
2008-08-10
|
|
e107 < 0.7.11 - Arbitrary Variable Overwriting
|
2 |
WEB
|
GulfTech Security
|
|
2008-08-10
|
|
pPIM 1.0 - Arbitrary File Delete / Cross-Site Scripting
|
2 |
WEB
|
BeyazKurt
|
|
2008-08-06
|
|
Discuz! 6.0.1 - 'searchid' SQL Injection
|
2 |
WEB
|
james
|
|
2008-08-06
|
|
Free Hosting Manager 1.2/2.0 - Insecure Cookie Handling
|
2 |
WEB
|
Scary-Boys
|
|
2008-08-06
|
|
Quate CMS 0.3.4 - Local File Inclusion / Cross-Site Scripting
|
3 |
WEB
|
CraCkEr
|
|
2008-08-06
|
|
LoveCMS 1.6.2 Final - Update Settings
|
2 |
WEB
|
PoMdaPiMp
|
|
2008-08-06
|
|
LoveCMS 1.6.2 Final - Remote Code Execution
|
3 |
WEB
|
PoMdaPiMp
|
|
2008-08-06
|
|
Wsn (Multiple Products) - Local File Inclusion / Code Execution
|
2 |
WEB
|
otmorozok428
|
|
2008-08-05
|
|
LiteNews 0.1 - 'id' SQL Injection
|
2 |
WEB
|
Stack
|
|
2008-08-05
|
|
LiteNews 0.1 - Insecure Cookie Handling
|
2 |
WEB
|
Scary-Boys
|
|
2008-08-05
|
|
iges CMS 2.0 - Cross-Site Scripting / SQL Injection
|
2 |
WEB
|
BugReport.IR
|
|
2008-08-05
|
|
Plogger 3.0 - SQL Injection
|
2 |
WEB
|
GulfTech Security
|
|
2008-08-04
|
|
Dayfox Blog 4 - Multiple Local File Inclusions
|
2 |
WEB
|
Virangar Security
|
|
2008-08-03
|
|
syzygyCMS 0.3 - 'index.php' Local File Inclusion
|
2 |
WEB
|
SirGod
|
|
2008-08-03
|
|
Joomla! Component EZ Store Remote - Blind SQL Injection
|
2 |
WEB
|
His0k4
|
|
2008-08-02
|
|
moziloCMS 1.10.1 - 'download.php' Arbitrary Download File
|
2 |
WEB
|
Ams
|
|
2008-08-02
|
|
E-Store Kit-1 < 2 PayPal Edition - 'pid' SQL Injection
|
2 |
WEB
|
Mr.SQL
|
|
2008-08-02
|
|
k-links directory - SQL Injection / Cross-Site Scripting
|
3 |
WEB
|
Corwin
|
|
2008-08-02
|
|
e-vision CMS 2.02 - SQL Injection / Arbitrary File Upload / Information Gathering
|
2 |
WEB
|
Khashayar Fereidani
|
|
2008-08-01
|
|
phsBlog 0.1.1 - Multiple SQL Injections
|
2 |
WEB
|
cOndemned
|
|
2008-08-01
|
|
GreenCart PHP Shopping Cart - 'id' SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-08-01
|
|
eStoreAff 0.1 - 'cid' SQL Injection
|
1 |
WEB
|
Mr.SQL
|
|
2008-08-01
|
|
Scripts24 iPost 1.0.1 - 'id' SQL Injection
|
2 |
WEB
|
Mr.SQL
|
|
2008-08-01
|
|
Scripts24 iTGP 1.0.4 - 'id' SQL Injection
|
2 |
WEB
|
Mr.SQL
|
|
2008-08-01
|
|
E-topbiz Dating 3 PHP Script - 'mail_id' SQL Injection
|
2 |
WEB
|
Corwin
|
|
2008-08-01
|
|
ABG Blocking Script 1.0a - 'abg_path' Remote File Inclusion
|
1 |
WEB
|
Lo$er
|
|
2008-08-01
|
|
phpAuction GPL Enhanced 2.51 - 'profile.php' SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-08-01
|
|
phpMyRealty 2.0.0 - 'location' SQL Injection
|
2 |
WEB
|
CraCkEr
|
|
2008-07-31
|
|
LetterIt 2 - 'Language' Local File Inclusion
|
2 |
WEB
|
NoGe
|
|
2008-07-31
|
|
Coppermine Photo Gallery 1.4.18 - Local File Inclusion / Remote Code Execution
|
2 |
WEB
|
EgiX
|
|
2008-07-31
|
|
Symphony 1.7.01 (non-patched) - Remote Code Execution
|
2 |
WEB
|
Raz0r
|
|
2008-07-31
|
|
PHPX 3.5.16 - Cookie Poisoning / Authentication Bypass
|
2 |
WEB
|
gnix
|
|
2008-07-30
|
|
Pligg CMS 9.9.0 - Cross-Site Scripting / Local File Inclusion / SQL Injection
|
2 |
WEB
|
GulfTech Security
|
|
2008-07-30
|
|
Pligg CMS 9.9.0 - Remote Code Execution
|
2 |
WEB
|
GulfTech Security
|
|
2008-07-30
|
|
eNdonesia 8.4 (Calendar Module) - SQL Injection
|
2 |
WEB
|
Jack
|
|
2008-07-30
|
|
TubeGuru Video Sharing Script - 'UID' SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-07-30
|
|
PozScripts Classified Ads Script - 'cid' SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-07-30
|
|
HIOX Browser Statistics 2.0 - Arbitrary Add Admin
|
2 |
WEB
|
Stack
|
|
2008-07-30
|
|
Article Friendly Pro/Standard - SQL Injection
|
2 |
WEB
|
Mr.SQL
|
|
2008-07-30
|
|
HIOX Random Ad 1.3 - Arbitrary Add Admin
|
2 |
WEB
|
Stack
|
|
2008-07-30
|
|
ZeeReviews - SQL Injection
|
2 |
WEB
|
Mr.SQL
|
|
2008-07-30
|
|
nzFotolog 0.4.1 - 'action_file' Local File Inclusion
|
3 |
WEB
|
Khashayar Fereidani
|
|
2008-07-30
|
|
PHP Hosting Directory 2.0 - Insecure Cookie Handling
|
2 |
WEB
|
Stack
|
|
2008-07-30
|
|
HIOX Browser Statistics 2.0 - Remote File Inclusion
|
2 |
WEB
|
Ghost Hacker
|
|
2008-07-30
|
|
HIOX Random Ad 1.3 - Remote File Inclusion
|
2 |
WEB
|
Ghost Hacker
|
|
2008-07-29
|
|
PHP Hosting Directory 2.0 - Remote File Inclusion
|
3 |
WEB
|
RoMaNcYxHaCkEr
|
|
2008-07-29
|
|
Gregarius 0.5.4 - SQL Injection
|
2 |
WEB
|
GulfTech Security
|
|
2008-07-29
|
|
e107 Plugin BLOG Engine 2.2 - Blind SQL Injection
|
2 |
WEB
|
Virangar Security
|
|
2008-07-29
|
|
Minishowcase 09b136 - 'lang' Local File Inclusion
|
2 |
WEB
|
DSecRG
|
|
2008-07-28
|
|
ViArt Shop 3.5 - 'category_id' SQL Injection
|
2 |
WEB
|
GulfTech Security
|
|
2008-07-28
|
|
ATutor 1.6.1-pl1 - 'import.php' Remote File Inclusion
|
2 |
WEB
|
Khashayar Fereidani
|
|
2008-07-28
|
|
PixelPost 1.7.1 - 'language_full' Local File Inclusion
|
2 |
WEB
|
DSecRG
|
|
2008-07-28
|
|
Dokeos E-Learning System 1.8.5 - Local File Inclusion
|
2 |
WEB
|
DSecRG
|
|
2008-07-28
|
|
TalkBack 2.3.5 - 'Language' Local File Inclusion
|
2 |
WEB
|
NoGe
|
|
2008-07-28
|
|
Youtuber Clone - SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-07-28
|
|
Pligg CMS 9.9.0 - 'story.php' SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-07-27
|
|
SiteAdmin CMS - 'art' SQL Injection
|
1 |
WEB
|
Cr@zy_King
|
|
2008-07-27
|
|
GC Auction Platinum - 'cate_id' SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-07-27
|
|
Getacoder clone - 'sb_protype' SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-07-27
|
|
CMScout 2.05 - 'bit' Local File Inclusion
|
3 |
WEB
|
Khashayar Fereidani
|
|
2008-07-26
|
|
TriO 2.1 - 'browse.php' SQL Injection
|
2 |
WEB
|
dun
|
|
2008-07-26
|
|
phpLinkat 0.1 - Insecure Cookie Handling / SQL Injection
|
2 |
WEB
|
Encrypt3d.M!nd
|
|
2008-07-26
|
|
EPShop < 3.0 - 'pid' SQL Injection
|
1 |
WEB
|
mikeX
|
