|
2008-06-22
|
|
Joomla! Component EXP Shop - 'catid' SQL Injection
|
4 |
WEB
|
His0k4
|
|
2008-06-21
|
|
phpAuction 3.2.1 - 'item.php' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-06-21
|
|
AJ HYIP ACME - 'news.php' SQL Injection
|
3 |
WEB
|
Hussin X
|
|
2008-06-21
|
|
Online Fantasy Football League (OFFL) 0.2.6 - 'teams.php' SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2008-06-21
|
|
CCLeague Pro 1.2 - Insecure Cookie Authentication
|
4 |
WEB
|
t0pP8uZz
|
|
2008-06-21
|
|
LE.CMS 1.4 - Arbitrary File Upload
|
4 |
WEB
|
t0pP8uZz
|
|
2008-06-21
|
|
LaserNet CMS 1.5 - Arbitrary File Upload
|
4 |
WEB
|
t0pP8uZz
|
|
2008-06-21
|
|
Scientific Image DataBase 0.41 - Blind SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2008-06-21
|
|
Aprox CMS Engine 5.1.0.4 - Local File Inclusion
|
4 |
WEB
|
SkyOut
|
|
2008-06-21
|
|
PHP KnowledgeBase Script 2.4 - 'cat_id' SQL Injection
|
4 |
WEB
|
S.L TEAM
|
|
2008-06-21
|
|
eNews 0.1 - 'delete.php' Arbitrary Delete Post
|
4 |
WEB
|
ilker Kandemir
|
|
2008-06-21
|
|
@CMS 2.1.1 - SQL Injection
|
4 |
WEB
|
Mr.SQL
|
|
2008-06-21
|
|
SiteXS CMS 0.1.1 - Arbitrary File Upload / Cross-Site Scripting
|
3 |
WEB
|
CWH Underground
|
|
2008-06-20
|
|
phpAuction - 'profile.php' SQL Injection (1)
|
4 |
WEB
|
Mr.SQL
|
|
2008-06-20
|
|
emuCMS 0.3 - 'cat_id' SQL Injection
|
4 |
WEB
|
TurkishWarriorr
|
|
2008-06-20
|
|
jaxultrabb 2.0 - Local File Inclusion / Cross-Site Scripting
|
5 |
WEB
|
CWH Underground
|
|
2008-06-20
|
|
Jamroom 3.3.5 - Remote File Inclusion
|
4 |
WEB
|
cyberlog
|
|
2008-06-20
|
|
CiBlog 3.1 - 'id' SQL Injection
|
3 |
WEB
|
Mr.SQL
|
|
2008-06-20
|
|
IPTBB 0.5.6 - 'act' Local File Inclusion
|
4 |
WEB
|
storm
|
|
2008-06-20
|
|
Lightweight news portal (LNP) 1.0b - Multiple Vulnerabilities
|
4 |
WEB
|
storm
|
|
2008-06-20
|
|
FubarForum 1.5 - 'index.php' Local File Inclusion
|
3 |
WEB
|
cOndemned
|
|
2008-06-20
|
|
FireAnt 1.3 - 'index.php' Local File Inclusion
|
4 |
WEB
|
cOndemned
|
|
2008-06-20
|
|
GL-SH Deaf Forum 6.5.5 - Multiple Vulnerabilities
|
4 |
WEB
|
BugReport.IR
|
|
2008-06-20
|
|
Virtual Support Office XP 3.0.29 - Multiple Vulnerabilities
|
4 |
WEB
|
BugReport.IR
|
|
2008-06-19
|
|
AJ Auction 1.0 - 'id' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-06-19
|
|
AJ Auction Web 2.0 - 'cate_id' SQL Injection
|
4 |
WEB
|
Hussin X
|
|
2008-06-19
|
|
Lotus Core CMS 1.0.1 - Remote File Inclusion
|
4 |
WEB
|
Ciph3r
|
|
2008-06-19
|
|
CaupoShop Classic 1.3 - 'saArticle[ID]' SQL Injection
|
4 |
WEB
|
anonymous
|
|
2008-06-19
|
|
Orlando CMS 0.6 - Remote File Inclusion
|
4 |
WEB
|
Ciph3r
|
|
2008-06-19
|
|
CMS-BRD - 'menuclick' SQL Injection
|
4 |
WEB
|
dun
|
|
2008-06-19
|
|
samart-cms 2.0 - 'contentsid' SQL Injection
|
4 |
WEB
|
dun
|
|
2008-06-19
|
|
Yektaweb Academic Web Tools CMS 1.4.2.8 - Multiple Vulnerabilities
|
4 |
WEB
|
BugReport.IR
|
|
2008-06-19
|
|
OwnRS blog beta3 - SQL Injection / Cross-Site Scripting
|
3 |
WEB
|
CWH Underground
|
|
2008-06-19
|
|
eLineStudio Site Composer (ESC) 2.6 - Multiple Vulnerabilities
|
4 |
WEB
|
BugReport.IR
|
|
2008-06-18
|
|
BoatScripts Classifieds - 'type' SQL Injection
|
3 |
WEB
|
Stack
|
|
2008-06-18
|
|
Carscripts Classifieds - 'cat' SQL Injection
|
3 |
WEB
|
Stack
|
|
2008-06-18
|
|
nweb2fax 0.2.7 - Multiple Vulnerabilities
|
3 |
WEB
|
dun
|
|
2008-06-18
|
|
Easy Webstore 1.2 - SQL Injection
|
4 |
WEB
|
Mr.SQL
|
|
2008-06-18
|
|
Mybizz-Classifieds - 'cat' SQL Injection
|
4 |
WEB
|
HaCkeR_EgY
|
|
2008-06-18
|
|
Maxtrade AIO 1.3.23 - 'categori' SQL Injection
|
4 |
WEB
|
HaCkeR_EgY
|
|
2008-06-18
|
|
netBIOS - 'newsid' SQL Injection
|
4 |
WEB
|
security fears team
|
|
2008-06-18
|
|
AspWebCalendar 2008 - Arbitrary File Upload
|
4 |
WEB
|
Alemin_Krali
|
|
2008-06-18
|
|
doITlive CMS 2.50 - SQL Injection / Cross-Site Scripting
|
4 |
WEB
|
BugReport.IR
|
|
2008-06-18
|
|
traindepot 0.1 - Local File Inclusion / Cross-Site Scripting
|
4 |
WEB
|
CWH Underground
|
|
2008-06-17
|
|
WebCalendar 1.0.4 - 'includedir' Remote File Inclusion
|
4 |
WEB
|
Cr@zy_King
|
|
2008-06-17
|
|
eroCMS 1.4 - 'site' SQL Injection
|
4 |
WEB
|
Mr.SQL
|
|
2008-06-17
|
|
MyShoutPro 1.2 - Final Insecure Cookie Handling
|
4 |
WEB
|
Stack
|
|
2008-06-17
|
|
FreeCMS.us 0.2 - 'FCKeditor' Arbitrary File Upload
|
4 |
WEB
|
Stack
|
|
2008-06-17
|
|
PHP Site Lock 2.0 - 'index.php' SQL Injection
|
4 |
WEB
|
Mr.SQL
|
|
2008-06-17
|
|
ThaiQuickCart 3 - 'sLanguage' Cookie Local File Inclusion
|
4 |
WEB
|
CWH Underground
|
|
2008-06-17
|
|
easyTrade 2.x - 'id' SQL Injection
|
4 |
WEB
|
anonymous
|
|
2008-06-17
|
|
ClipShare < 3.0.1 - 'tid' SQL Injection
|
4 |
WEB
|
SuNHouSe2
|
|
2008-06-17
|
|
FreeCMS.us 0.2 - 'index.php' SQL Injection
|
4 |
WEB
|
Mr.SQL
|
|
2008-06-17
|
|
Basic-CMS - SQL Injection
|
4 |
WEB
|
Mr.SQL
|
|
2008-06-17
|
|
Bizon-CMS 2.0 - 'Id' SQL Injection
|
5 |
WEB
|
Mr.SQL
|
|
2008-06-17
|
|
Comparison Engine Power 1.0 - Blind SQL Injection
|
4 |
WEB
|
Mr.SQL
|
|
2008-06-16
|
|
Joomla! Component Simple Shop Galore 3.x - 'catid' SQL Injection
|
4 |
WEB
|
eXeCuTeR
|
|
2008-06-16
|
|
MyMarket 1.72 - Blind SQL Injection
|
4 |
WEB
|
anonymous
|
|
2008-06-16
|
|
Open Azimyt CMS 0.22 - 'lang' Local File Inclusion
|
4 |
WEB
|
DSecRG
|
|
2008-06-16
|
|
Nitro Web Gallery 1.4.3 - 'section' SQL Injection
|
4 |
WEB
|
Mr.SQL
|
|
2008-06-15
|
|
SH-News 3.0 - Insecure Cookie Handling
|
4 |
WEB
|
Virangar Security
|
|
2008-06-15
|
|
Oxygen 2.0 - 'repquote' SQL Injection
|
4 |
WEB
|
anonymous
|
|
2008-06-15
|
|
Simple Machines Forum (SMF) 1.1.4 - SQL Injection
|
3 |
WEB
|
The:Paradox
|
|
2008-06-15
|
|
Anata CMS 1.0b5 - 'change.php' Arbitrary Add Admin
|
3 |
WEB
|
CWH Underground
|
|
2008-06-15
|
|
Advanced Webhost Billing System (AWBS) 2.7.1 - 'news.php' SQL Injection
|
4 |
WEB
|
Mr.SQL
|
|
2008-06-15
|
|
Devalcms 1.4a - 'currentfile' Local File Inclusion
|
4 |
WEB
|
CWH Underground
|
|
2008-06-14
|
|
Alstrasoft AskMe Pro 2.1 - Multiple SQL Injections
|
4 |
WEB
|
t0pP8uZz
|
|
2008-06-14
|
|
PHPEasyNews 1.13 RC2 - 'POST' SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2008-06-14
|
|
ezcms 1.2 - Blind SQL Injection / Authentication Bypass
|
3 |
WEB
|
t0pP8uZz
|
|
2008-06-14
|
|
xeCMS 1.0.0 RC2 - Insecure Cookie Handling
|
4 |
WEB
|
t0pP8uZz
|
|
2008-06-14
|
|
DIY - 'did' Blind SQL Injection
|
4 |
WEB
|
Mr.SQL
|
|
2008-06-14
|
|
Cartweaver 3 - 'prodId' Blind SQL Injection
|
4 |
WEB
|
anonymous
|
|
2008-06-14
|
|
SHOUTcast Admin Panel 2.0 - 'page' Local File Inclusion
|
4 |
WEB
|
CWH Underground
|
|
2008-06-14
|
|
PHPMyCart 1.3 - 'cat' SQL Injection
|
4 |
WEB
|
anonymous
|
|
2008-06-14
|
|
Family Connections CMS 1.4 - Multiple SQL Injections
|
4 |
WEB
|
CWH Underground
|
|
2008-06-14
|
|
Contenido 4.8.4 - Remote File Inclusion / Cross-Site Scripting
|
4 |
WEB
|
RoMaNcYxHaCkEr
|
|
2008-06-14
|
|
Pre Job Board - 'JobSearch.php' SQL Injection
|
4 |
WEB
|
JosS
|
|
2008-06-13
|
|
Mambo 4.6.4 - 'Output.php' Remote File Inclusion
|
4 |
WEB
|
irk4z
|
|
2008-06-13
|
|
PHP JOBWEBSITE PRO - 'JobSearch3.php' SQL Injection
|
3 |
WEB
|
JosS
|
|
2008-06-13
|
|
GLLCTS2 - 'sort' Blind SQL Injection
|
3 |
WEB
|
anonymous
|
|
2008-06-13
|
|
E-Smart Cart - 'productsofcat.asp' SQL Injection
|
3 |
WEB
|
JosS
|
|
2008-06-13
|
|
Pre ADS Portal 2.0 - SQL Injection
|
4 |
WEB
|
K-159
|
|
2008-06-13
|
|
Pre News Manager 1.0 - 'id' SQL Injection
|
4 |
WEB
|
K-159
|
|
2008-06-13
|
|
WebChamado 1.1 - 'tsk_id' SQL Injection
|
4 |
WEB
|
Virangar Security
|
|
2008-06-13
|
|
Easy-Clanpage 3.0b1 - 'section' Local File Inclusion
|
4 |
WEB
|
Loader007
|
|
2008-06-13
|
|
Butterfly ORGanizer 2.0.0 - Arbitrary Delete (Category/Account)
|
3 |
WEB
|
Stack
|
|
2008-06-13
|
|
Mambo Component Galleries 1.0 - 'aid' SQL Injection
|
4 |
WEB
|
Houssamix
|
|
2008-06-13
|
|
WebChamado 1.1 - Arbitrary Add Admin
|
4 |
WEB
|
CWH Underground
|
|
2008-06-13
|
|
Butterfly ORGanizer 2.0.0 - SQL Injection / Cross-Site Scripting
|
3 |
WEB
|
CWH Underground
|
|
2008-06-12
|
|
GLLCTS2 < 4.2.4 - 'detail' SQL Injection
|
4 |
WEB
|
TheDefaced
|
|
2008-06-12
|
|
Clever Copy 3.0 - 'results.php' SQL Injection
|
4 |
WEB
|
anonymous
|
|
2008-06-12
|
|
Facil-CMS 0.1RC - Multiple Local File Inclusions
|
4 |
WEB
|
CWH Underground
|
|
2008-06-12
|
|
Gravity Board X 2.0 Beta - SQL Injection / Cross-Site Scripting
|
4 |
WEB
|
CWH Underground
|
|
2008-06-11
|
|
JAMM CMS - 'id' Blind SQL Injection
|
4 |
WEB
|
anonymous
|
|
2008-06-11
|
|
Pooya Site Builder (PSB) 6.0 - Multiple SQL Injections
|
4 |
WEB
|
BugReport.IR
|
|
2008-06-11
|
|
MycroCMS 0.5 - Blind SQL Injection
|
4 |
WEB
|
CWH Underground
|
|
2008-06-11
|
|
IPTBB 0.5.6 - Arbitrary Add Admin
|
4 |
WEB
|
CWH Underground
|
|
2008-06-11
|
|
eFiction 3.0 - 'toplists.php' SQL Injection
|
4 |
WEB
|
Mr.SQL
|
|
2008-06-11
|
|
FOG Forum 0.8.1 - Multiple Local File Inclusions
|
4 |
WEB
|
CWH Underground
|
|
2008-06-10
|
|
Yuhhu 2008 SuperStar - 'board' SQL Injection
|
4 |
WEB
|
RMx
|
|
2008-06-10
|
|
TNT Forum 0.9.4 - Local File Inclusion
|
4 |
WEB
|
CWH Underground
|
|
2008-06-10
|
|
Todd Woolums ASP News Management 2.2 - SQL Injection
|
4 |
WEB
|
Bl@ckbe@rD
|
|
2008-06-10
|
|
ASP Download 1.03 - Arbitrary Change Administrator Account
|
4 |
WEB
|
Zigma
|
|
2008-06-10
|
|
SyndeoCMS 2.6.0 - Local File Inclusion / Cross-Site Scripting
|
4 |
WEB
|
CWH Underground
|
|
2008-06-10
|
|
Experts 1.0.0 - 'answer.php' SQL Injection
|
4 |
WEB
|
CWH Underground
|
|
2008-06-10
|
|
ASPPortal Free Version - 'Topic_Id' SQL Injection
|
4 |
WEB
|
JosS
|
|
2008-06-10
|
|
Insanely Simple Blog 0.5 - SQL Injection
|
4 |
WEB
|
Unohope
|
|
2008-06-10
|
|
Yblog 0.2.2.2 - Cross-Site Scripting / SQL Injection
|
4 |
WEB
|
Unohope
|
|
2008-06-10
|
|
DCFM Blog 0.9.4 - SQL Injection
|
4 |
WEB
|
Unohope
|
|
2008-06-10
|
|
ErfurtWiki R1.02b - Local File Inclusion
|
4 |
WEB
|
Unohope
|
|
2008-06-09
|
|
Achievo 1.3.2 - 'FCKeditor' Arbitrary File Upload
|
4 |
WEB
|
EgiX
|
|
2008-06-09
|
|
Telephone Directory 2008 - Arbitrary Delete Contact
|
4 |
WEB
|
Stack
|
|
2008-06-09
|
|
pNews 2.08 - 'shownews' SQL Injection
|
4 |
WEB
|
Cr@zy_King
|
|
2008-06-09
|
|
Flux CMS 1.5.0 - 'loadsave.php' Arbitrary File Overwrite
|
4 |
WEB
|
EgiX
|
|
2008-06-09
|
|
realm CMS 2.3 - Multiple Vulnerabilities
|
4 |
WEB
|
BugReport.IR
|
|
2008-06-09
|
|
ASPilot Pilot Cart 7.3 - 'article' SQL Injection
|
4 |
WEB
|
Bl@ckbe@rD
|
|
2008-06-09
|
|
Telephone Directory 2008 - SQL Injection / Cross-Site Scripting
|
4 |
WEB
|
CWH Underground
|
|
2008-06-09
|
|
real estate Web site 1.0 - SQL Injection / Cross-Site Scripting
|
4 |
WEB
|
JosS
|
|
2008-06-09
|
|
ProManager 0.73 - 'config.php' Local File Inclusion
|
4 |
WEB
|
Stack
|
|
2008-06-09
|
|
Joomla! Component iJoomla! News Portal 1.0 - 'itemID' SQL Injection
|
4 |
WEB
|
ilker Kandemir
|
|
2008-06-09
|
|
Galatolo Web Manager 1.0 - SQL Injection
|
4 |
WEB
|
Stack
|
|
2008-06-08
|
|
Joomla! Component Rapid Recipe 1.6.6/1.6.7 - SQL Injection
|
4 |
WEB
|
His0k4
|
|
2008-06-08
|
|
Galatolo Web Manager 1.0 - Cross-Site Scripting / Local File Inclusion
|
4 |
WEB
|
StAkeR
|
|
2008-06-08
|
|
BrowserCRM 5.002.00 - 'clients.php' Remote File Inclusion
|
4 |
WEB
|
ahmadbady
|
|
2008-06-08
|
|
XOOPS Module Uploader 1.1 - 'Filename' File Disclosure
|
4 |
WEB
|
MEEKAAH
|
