|
2008-06-23
|
|
TinXCMS 1.1 - Local File Inclusion / Cross-Site Scripting
|
7 |
WEB
|
CraCkEr
|
|
2008-06-23
|
|
Dagger CMS 2008 - 'dir_inc' Remote File Inclusion
|
7 |
WEB
|
CraCkEr
|
|
2008-06-23
|
|
Joomla! Component FacileForms 1.4.4 - Remote File Inclusion
|
7 |
WEB
|
Kacak
|
|
2008-06-23
|
|
Demo4 CMS - 'id' SQL Injection
|
7 |
WEB
|
CWH Underground
|
|
2008-06-23
|
|
MyBlog: PHP and MySQL Blog/CMS software - SQL Injection / Cross-Site Scripting
|
7 |
WEB
|
CWH Underground
|
|
2008-06-23
|
|
MVC-Web CMS 1.0/1.2 - 'newsid' SQL Injection
|
7 |
WEB
|
Bl@ckbe@rD
|
|
2008-06-23
|
|
ResearchGuide 0.5 - 'id' SQL Injection
|
7 |
WEB
|
dun
|
|
2008-06-23
|
|
Ready2Edit - 'menuid' SQL Injection
|
7 |
WEB
|
Mr.SQL
|
|
2008-06-23
|
|
BlogPHP 2.0 - Privilege Escalation / SQL Injection
|
7 |
WEB
|
Cod3rZ
|
|
2008-06-23
|
|
HoMaP-CMS 0.1 - 'go' SQL Injection
|
7 |
WEB
|
SxCx
|
|
2008-06-23
|
|
emuCMS 0.3 - 'FCKeditor' Arbitrary File Upload
|
7 |
WEB
|
Stack
|
|
2008-06-22
|
|
odars CMS 1.0.2 - Remote File Inclusion
|
7 |
WEB
|
CraCkEr
|
|
2008-06-22
|
|
cmreams CMS 1.3.1.1 beta2 - Local File Inclusion / Cross-Site Scripting
|
7 |
WEB
|
CraCkEr
|
|
2008-06-22
|
|
Hedgehog-CMS 1.21 - 'header.php' Local File Inclusion
|
7 |
WEB
|
CraCkEr
|
|
2008-06-22
|
|
HomePH Design 2.10 RC2 - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting
|
7 |
WEB
|
CraCkEr
|
|
2008-06-22
|
|
HoMaP-CMS 0.1 - 'plugin_admin.php' Remote File Inclusion
|
7 |
WEB
|
CraCkEr
|
|
2008-06-22
|
|
MiGCMS 2.0.5 - Multiple Remote File Inclusions
|
7 |
WEB
|
CraCkEr
|
|
2008-06-22
|
|
RSS-aggregator - 'path' Remote File Inclusion
|
7 |
WEB
|
Ghost Hacker
|
|
2008-06-22
|
|
PageSquid CMS 0.3 Beta - 'index.php' SQL Injection
|
7 |
WEB
|
CWH Underground
|
|
2008-06-22
|
|
IGSuite 3.2.4 - Reverse Shell / Blind SQL Injection
|
7 |
WEB
|
Guido Landi
|
|
2008-06-22
|
|
phpDMCA 1.0.0 - Multiple Remote File Inclusions
|
7 |
WEB
|
CraCkEr
|
|
2008-06-22
|
|
CMS Mini 0.2.2 - Multiple Local File Inclusions
|
7 |
WEB
|
CWH Underground
|
|
2008-06-22
|
|
shibby shop 2.2 - Multiple Vulnerabilities
|
7 |
WEB
|
KnocKout
|
|
2008-06-22
|
|
DUdForum 3.0 - 'iFor' SQL Injection
|
7 |
WEB
|
Bl@ckbe@rD
|
|
2008-06-22
|
|
Joomla! Component EXP Shop - 'catid' SQL Injection
|
7 |
WEB
|
His0k4
|
|
2008-06-21
|
|
phpAuction 3.2.1 - 'item.php' SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-06-21
|
|
AJ HYIP ACME - 'news.php' SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-06-21
|
|
Online Fantasy Football League (OFFL) 0.2.6 - 'teams.php' SQL Injection
|
7 |
WEB
|
t0pP8uZz
|
|
2008-06-21
|
|
CCLeague Pro 1.2 - Insecure Cookie Authentication
|
7 |
WEB
|
t0pP8uZz
|
|
2008-06-21
|
|
LE.CMS 1.4 - Arbitrary File Upload
|
7 |
WEB
|
t0pP8uZz
|
|
2008-06-21
|
|
LaserNet CMS 1.5 - Arbitrary File Upload
|
7 |
WEB
|
t0pP8uZz
|
|
2008-06-21
|
|
Scientific Image DataBase 0.41 - Blind SQL Injection
|
7 |
WEB
|
t0pP8uZz
|
|
2008-06-21
|
|
Aprox CMS Engine 5.1.0.4 - Local File Inclusion
|
7 |
WEB
|
SkyOut
|
|
2008-06-21
|
|
PHP KnowledgeBase Script 2.4 - 'cat_id' SQL Injection
|
7 |
WEB
|
S.L TEAM
|
|
2008-06-21
|
|
eNews 0.1 - 'delete.php' Arbitrary Delete Post
|
7 |
WEB
|
ilker Kandemir
|
|
2008-06-21
|
|
@CMS 2.1.1 - SQL Injection
|
7 |
WEB
|
Mr.SQL
|
|
2008-06-21
|
|
SiteXS CMS 0.1.1 - Arbitrary File Upload / Cross-Site Scripting
|
7 |
WEB
|
CWH Underground
|
|
2008-06-20
|
|
phpAuction - 'profile.php' SQL Injection (1)
|
7 |
WEB
|
Mr.SQL
|
|
2008-06-20
|
|
emuCMS 0.3 - 'cat_id' SQL Injection
|
7 |
WEB
|
TurkishWarriorr
|
|
2008-06-20
|
|
jaxultrabb 2.0 - Local File Inclusion / Cross-Site Scripting
|
8 |
WEB
|
CWH Underground
|
|
2008-06-20
|
|
Jamroom 3.3.5 - Remote File Inclusion
|
7 |
WEB
|
cyberlog
|
|
2008-06-20
|
|
CiBlog 3.1 - 'id' SQL Injection
|
6 |
WEB
|
Mr.SQL
|
|
2008-06-20
|
|
IPTBB 0.5.6 - 'act' Local File Inclusion
|
7 |
WEB
|
storm
|
|
2008-06-20
|
|
Lightweight news portal (LNP) 1.0b - Multiple Vulnerabilities
|
7 |
WEB
|
storm
|
|
2008-06-20
|
|
FubarForum 1.5 - 'index.php' Local File Inclusion
|
6 |
WEB
|
cOndemned
|
|
2008-06-20
|
|
FireAnt 1.3 - 'index.php' Local File Inclusion
|
7 |
WEB
|
cOndemned
|
|
2008-06-20
|
|
GL-SH Deaf Forum 6.5.5 - Multiple Vulnerabilities
|
7 |
WEB
|
BugReport.IR
|
|
2008-06-20
|
|
Virtual Support Office XP 3.0.29 - Multiple Vulnerabilities
|
7 |
WEB
|
BugReport.IR
|
|
2008-06-19
|
|
AJ Auction 1.0 - 'id' SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-06-19
|
|
AJ Auction Web 2.0 - 'cate_id' SQL Injection
|
7 |
WEB
|
Hussin X
|
|
2008-06-19
|
|
Lotus Core CMS 1.0.1 - Remote File Inclusion
|
7 |
WEB
|
Ciph3r
|
|
2008-06-19
|
|
CaupoShop Classic 1.3 - 'saArticle[ID]' SQL Injection
|
7 |
WEB
|
anonymous
|
|
2008-06-19
|
|
Orlando CMS 0.6 - Remote File Inclusion
|
7 |
WEB
|
Ciph3r
|
|
2008-06-19
|
|
CMS-BRD - 'menuclick' SQL Injection
|
7 |
WEB
|
dun
|
|
2008-06-19
|
|
samart-cms 2.0 - 'contentsid' SQL Injection
|
7 |
WEB
|
dun
|
|
2008-06-19
|
|
Yektaweb Academic Web Tools CMS 1.4.2.8 - Multiple Vulnerabilities
|
7 |
WEB
|
BugReport.IR
|
|
2008-06-19
|
|
OwnRS blog beta3 - SQL Injection / Cross-Site Scripting
|
6 |
WEB
|
CWH Underground
|
|
2008-06-19
|
|
eLineStudio Site Composer (ESC) 2.6 - Multiple Vulnerabilities
|
7 |
WEB
|
BugReport.IR
|
|
2008-06-18
|
|
BoatScripts Classifieds - 'type' SQL Injection
|
7 |
WEB
|
Stack
|
|
2008-06-18
|
|
Carscripts Classifieds - 'cat' SQL Injection
|
7 |
WEB
|
Stack
|
|
2008-06-18
|
|
nweb2fax 0.2.7 - Multiple Vulnerabilities
|
6 |
WEB
|
dun
|
|
2008-06-18
|
|
Easy Webstore 1.2 - SQL Injection
|
7 |
WEB
|
Mr.SQL
|
|
2008-06-18
|
|
Mybizz-Classifieds - 'cat' SQL Injection
|
7 |
WEB
|
HaCkeR_EgY
|
|
2008-06-18
|
|
Maxtrade AIO 1.3.23 - 'categori' SQL Injection
|
7 |
WEB
|
HaCkeR_EgY
|
|
2008-06-18
|
|
netBIOS - 'newsid' SQL Injection
|
7 |
WEB
|
security fears team
|
|
2008-06-18
|
|
AspWebCalendar 2008 - Arbitrary File Upload
|
7 |
WEB
|
Alemin_Krali
|
|
2008-06-18
|
|
doITlive CMS 2.50 - SQL Injection / Cross-Site Scripting
|
7 |
WEB
|
BugReport.IR
|
|
2008-06-18
|
|
traindepot 0.1 - Local File Inclusion / Cross-Site Scripting
|
7 |
WEB
|
CWH Underground
|
|
2008-06-17
|
|
WebCalendar 1.0.4 - 'includedir' Remote File Inclusion
|
7 |
WEB
|
Cr@zy_King
|
|
2008-06-17
|
|
eroCMS 1.4 - 'site' SQL Injection
|
7 |
WEB
|
Mr.SQL
|
|
2008-06-17
|
|
MyShoutPro 1.2 - Final Insecure Cookie Handling
|
7 |
WEB
|
Stack
|
|
2008-06-17
|
|
FreeCMS.us 0.2 - 'FCKeditor' Arbitrary File Upload
|
7 |
WEB
|
Stack
|
|
2008-06-17
|
|
PHP Site Lock 2.0 - 'index.php' SQL Injection
|
7 |
WEB
|
Mr.SQL
|
|
2008-06-17
|
|
ThaiQuickCart 3 - 'sLanguage' Cookie Local File Inclusion
|
7 |
WEB
|
CWH Underground
|
|
2008-06-17
|
|
easyTrade 2.x - 'id' SQL Injection
|
7 |
WEB
|
anonymous
|
|
2008-06-17
|
|
ClipShare < 3.0.1 - 'tid' SQL Injection
|
7 |
WEB
|
SuNHouSe2
|
|
2008-06-17
|
|
FreeCMS.us 0.2 - 'index.php' SQL Injection
|
7 |
WEB
|
Mr.SQL
|
|
2008-06-17
|
|
Basic-CMS - SQL Injection
|
7 |
WEB
|
Mr.SQL
|
|
2008-06-17
|
|
Bizon-CMS 2.0 - 'Id' SQL Injection
|
8 |
WEB
|
Mr.SQL
|
|
2008-06-17
|
|
Comparison Engine Power 1.0 - Blind SQL Injection
|
7 |
WEB
|
Mr.SQL
|
|
2008-06-16
|
|
Joomla! Component Simple Shop Galore 3.x - 'catid' SQL Injection
|
7 |
WEB
|
eXeCuTeR
|
|
2008-06-16
|
|
MyMarket 1.72 - Blind SQL Injection
|
7 |
WEB
|
anonymous
|
|
2008-06-16
|
|
Open Azimyt CMS 0.22 - 'lang' Local File Inclusion
|
7 |
WEB
|
DSecRG
|
|
2008-06-16
|
|
Nitro Web Gallery 1.4.3 - 'section' SQL Injection
|
7 |
WEB
|
Mr.SQL
|
|
2008-06-15
|
|
SH-News 3.0 - Insecure Cookie Handling
|
7 |
WEB
|
Virangar Security
|
|
2008-06-15
|
|
Oxygen 2.0 - 'repquote' SQL Injection
|
7 |
WEB
|
anonymous
|
|
2008-06-15
|
|
Simple Machines Forum (SMF) 1.1.4 - SQL Injection
|
7 |
WEB
|
The:Paradox
|
|
2008-06-15
|
|
Anata CMS 1.0b5 - 'change.php' Arbitrary Add Admin
|
6 |
WEB
|
CWH Underground
|
|
2008-06-15
|
|
Advanced Webhost Billing System (AWBS) 2.7.1 - 'news.php' SQL Injection
|
7 |
WEB
|
Mr.SQL
|
|
2008-06-15
|
|
Devalcms 1.4a - 'currentfile' Local File Inclusion
|
7 |
WEB
|
CWH Underground
|
|
2008-06-14
|
|
Alstrasoft AskMe Pro 2.1 - Multiple SQL Injections
|
7 |
WEB
|
t0pP8uZz
|
|
2008-06-14
|
|
PHPEasyNews 1.13 RC2 - 'POST' SQL Injection
|
7 |
WEB
|
t0pP8uZz
|
|
2008-06-14
|
|
ezcms 1.2 - Blind SQL Injection / Authentication Bypass
|
7 |
WEB
|
t0pP8uZz
|
|
2008-06-14
|
|
xeCMS 1.0.0 RC2 - Insecure Cookie Handling
|
7 |
WEB
|
t0pP8uZz
|
|
2008-06-14
|
|
DIY - 'did' Blind SQL Injection
|
7 |
WEB
|
Mr.SQL
|
|
2008-06-14
|
|
Cartweaver 3 - 'prodId' Blind SQL Injection
|
7 |
WEB
|
anonymous
|
|
2008-06-14
|
|
SHOUTcast Admin Panel 2.0 - 'page' Local File Inclusion
|
7 |
WEB
|
CWH Underground
|
|
2008-06-14
|
|
PHPMyCart 1.3 - 'cat' SQL Injection
|
7 |
WEB
|
anonymous
|
|
2008-06-14
|
|
Family Connections CMS 1.4 - Multiple SQL Injections
|
7 |
WEB
|
CWH Underground
|
|
2008-06-14
|
|
Contenido 4.8.4 - Remote File Inclusion / Cross-Site Scripting
|
7 |
WEB
|
RoMaNcYxHaCkEr
|
|
2008-06-14
|
|
Pre Job Board - 'JobSearch.php' SQL Injection
|
7 |
WEB
|
JosS
|
|
2008-06-13
|
|
Mambo 4.6.4 - 'Output.php' Remote File Inclusion
|
7 |
WEB
|
irk4z
|
|
2008-06-13
|
|
PHP JOBWEBSITE PRO - 'JobSearch3.php' SQL Injection
|
6 |
WEB
|
JosS
|
|
2008-06-13
|
|
GLLCTS2 - 'sort' Blind SQL Injection
|
7 |
WEB
|
anonymous
|
|
2008-06-13
|
|
E-Smart Cart - 'productsofcat.asp' SQL Injection
|
6 |
WEB
|
JosS
|
|
2008-06-13
|
|
Pre ADS Portal 2.0 - SQL Injection
|
7 |
WEB
|
K-159
|
|
2008-06-13
|
|
Pre News Manager 1.0 - 'id' SQL Injection
|
7 |
WEB
|
K-159
|
|
2008-06-13
|
|
WebChamado 1.1 - 'tsk_id' SQL Injection
|
7 |
WEB
|
Virangar Security
|
|
2008-06-13
|
|
Easy-Clanpage 3.0b1 - 'section' Local File Inclusion
|
7 |
WEB
|
Loader007
|
|
2008-06-13
|
|
Butterfly ORGanizer 2.0.0 - Arbitrary Delete (Category/Account)
|
7 |
WEB
|
Stack
|
|
2008-06-13
|
|
Mambo Component Galleries 1.0 - 'aid' SQL Injection
|
7 |
WEB
|
Houssamix
|
|
2008-06-13
|
|
WebChamado 1.1 - Arbitrary Add Admin
|
7 |
WEB
|
CWH Underground
|
|
2008-06-13
|
|
Butterfly ORGanizer 2.0.0 - SQL Injection / Cross-Site Scripting
|
6 |
WEB
|
CWH Underground
|
|
2008-06-12
|
|
GLLCTS2 < 4.2.4 - 'detail' SQL Injection
|
7 |
WEB
|
TheDefaced
|
|
2008-06-12
|
|
Clever Copy 3.0 - 'results.php' SQL Injection
|
7 |
WEB
|
anonymous
|
|
2008-06-12
|
|
Facil-CMS 0.1RC - Multiple Local File Inclusions
|
7 |
WEB
|
CWH Underground
|
|
2008-06-12
|
|
Gravity Board X 2.0 Beta - SQL Injection / Cross-Site Scripting
|
7 |
WEB
|
CWH Underground
|
|
2008-06-11
|
|
JAMM CMS - 'id' Blind SQL Injection
|
7 |
WEB
|
anonymous
|
|
2008-06-11
|
|
Pooya Site Builder (PSB) 6.0 - Multiple SQL Injections
|
7 |
WEB
|
BugReport.IR
|
|
2008-06-11
|
|
MycroCMS 0.5 - Blind SQL Injection
|
7 |
WEB
|
CWH Underground
|
|
2008-06-11
|
|
IPTBB 0.5.6 - Arbitrary Add Admin
|
7 |
WEB
|
CWH Underground
|
|
2008-06-11
|
|
eFiction 3.0 - 'toplists.php' SQL Injection
|
7 |
WEB
|
Mr.SQL
|
|
2008-06-11
|
|
FOG Forum 0.8.1 - Multiple Local File Inclusions
|
7 |
WEB
|
CWH Underground
|
|
2008-06-10
|
|
Yuhhu 2008 SuperStar - 'board' SQL Injection
|
7 |
WEB
|
RMx
|
|
2008-06-10
|
|
TNT Forum 0.9.4 - Local File Inclusion
|
7 |
WEB
|
CWH Underground
|
