|
2008-06-26
|
|
A+ PHP Scripts - Nms Insecure Cookie Handling
|
19 |
WEB
|
Virangar Security
|
|
2008-06-26
|
|
phpBLASTER CMS 1.0 RC1 - Multiple Local File Inclusions
|
19 |
WEB
|
CraCkEr
|
|
2008-06-26
|
|
Cheats Complete Website 1.1.1 - 'itemID' SQL Injection
|
18 |
WEB
|
InjEctOr5
|
|
2008-06-26
|
|
Drinks Complete Website 2.1.0 - 'drinkid' SQL Injection
|
14 |
WEB
|
InjEctOr5
|
|
2008-06-26
|
|
Easysitenetwork Jokes Complete Website 2.1.3 - 'jokeid' SQL Injection
|
18 |
WEB
|
InjEctOr5
|
|
2008-06-26
|
|
Tips Complete Website 1.2.0 - 'tipid' SQL Injection
|
16 |
WEB
|
InjEctOr5
|
|
2008-06-26
|
|
Riddles Complete Website 1.2.1 - 'riddleid' SQL Injection
|
17 |
WEB
|
InjEctOr5
|
|
2008-06-26
|
|
Seagull PHP Framework 0.6.4 - 'FCKeditor' Arbitrary File Upload
|
17 |
WEB
|
EgiX
|
|
2008-06-26
|
|
Galmeta Post CMS 0.2 - Multiple Local File Inclusions
|
19 |
WEB
|
CWH Underground
|
|
2008-06-26
|
|
PHP-Fusion Mod Kroax 4.42 - 'category' SQL Injection
|
19 |
WEB
|
boom3rang
|
|
2008-06-26
|
|
polypager 1.0rc2 - SQL Injection / Cross-Site Scripting
|
17 |
WEB
|
CWH Underground
|
|
2008-06-26
|
|
Keller Web Admin CMS 0.94 Pro - Local File Inclusion (1)
|
16 |
WEB
|
CWH Underground
|
|
2008-06-25
|
|
Joomla! Component netinvoice 1.2.0 SP1 - SQL Injection
|
21 |
WEB
|
His0k4
|
|
2008-06-25
|
|
PHPmotion 2.0 - 'update_profile.php' Arbitrary File Upload
|
17 |
WEB
|
EgiX
|
|
2008-06-25
|
|
MyPHP CMS 0.3.1 - 'pid' SQL Injection
|
15 |
WEB
|
CWH Underground
|
|
2008-06-25
|
|
Page Manager CMS 2006-02-04 - Arbitrary File Upload
|
18 |
WEB
|
CWH Underground
|
|
2008-06-25
|
|
Mambo Component Articles - 'artid' Blind SQL Injection
|
20 |
WEB
|
Ded MustD!e
|
|
2008-06-25
|
|
Jokes & Funny Pics Script - 'sb_jokeid' SQL Injection
|
19 |
WEB
|
Hussin X
|
|
2008-06-25
|
|
mUnky 0.0.1 - 'zone' Local File Inclusion
|
18 |
WEB
|
StAkeR
|
|
2008-06-25
|
|
Webdevindo-CMS 0.1 - 'hal' SQL Injection
|
20 |
WEB
|
CWH Underground
|
|
2008-06-24
|
|
TOKOKITA - 'produk_id' SQL Injection
|
20 |
WEB
|
k1tk4t
|
|
2008-06-24
|
|
Link ADS 1 - 'linkid' SQL Injection
|
17 |
WEB
|
Hussin X
|
|
2008-06-24
|
|
E-topbiz ViralDX 2.07 - 'bannerid' SQL Injection
|
18 |
WEB
|
Hussin X
|
|
2008-06-24
|
|
HiveMaker Directory 1.0.2 - 'cid' SQL Injection
|
22 |
WEB
|
security fears team
|
|
2008-06-24
|
|
DUcalendar 1.0 - 'iEve' SQL Injection
|
18 |
WEB
|
Bl@ckbe@rD
|
|
2008-06-24
|
|
ShareCMS 0.1 - Multiple SQL Injections
|
21 |
WEB
|
CWH Underground
|
|
2008-06-24
|
|
Relative Real Estate Systems 3.0 - 'listing_id' SQL Injection
|
18 |
WEB
|
K-159
|
|
2008-06-23
|
|
Demo4 CMS 1b - 'FCKeditor' Arbitrary File Upload
|
19 |
WEB
|
Stack
|
|
2008-06-23
|
|
cmsWorks 2.2 RC4 - 'FCKeditor' Arbitrary File Upload
|
16 |
WEB
|
Stack
|
|
2008-06-23
|
|
cmsWorks 2.2 RC4 - 'mod_root' Remote File Inclusion
|
18 |
WEB
|
CraCkEr
|
|
2008-06-23
|
|
ourvideo CMS 9.5 - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting
|
18 |
WEB
|
CraCkEr
|
|
2008-06-23
|
|
mm chat 1.5 - Local File Inclusion / Cross-Site Scripting
|
16 |
WEB
|
CraCkEr
|
|
2008-06-23
|
|
TinXCMS 1.1 - Local File Inclusion / Cross-Site Scripting
|
18 |
WEB
|
CraCkEr
|
|
2008-06-23
|
|
Dagger CMS 2008 - 'dir_inc' Remote File Inclusion
|
16 |
WEB
|
CraCkEr
|
|
2008-06-23
|
|
Joomla! Component FacileForms 1.4.4 - Remote File Inclusion
|
17 |
WEB
|
Kacak
|
|
2008-06-23
|
|
Demo4 CMS - 'id' SQL Injection
|
15 |
WEB
|
CWH Underground
|
|
2008-06-23
|
|
MyBlog: PHP and MySQL Blog/CMS software - SQL Injection / Cross-Site Scripting
|
17 |
WEB
|
CWH Underground
|
|
2008-06-23
|
|
MVC-Web CMS 1.0/1.2 - 'newsid' SQL Injection
|
19 |
WEB
|
Bl@ckbe@rD
|
|
2008-06-23
|
|
ResearchGuide 0.5 - 'id' SQL Injection
|
17 |
WEB
|
dun
|
|
2008-06-23
|
|
Ready2Edit - 'menuid' SQL Injection
|
18 |
WEB
|
Mr.SQL
|
|
2008-06-23
|
|
BlogPHP 2.0 - Privilege Escalation / SQL Injection
|
18 |
WEB
|
Cod3rZ
|
|
2008-06-23
|
|
HoMaP-CMS 0.1 - 'go' SQL Injection
|
19 |
WEB
|
SxCx
|
|
2008-06-23
|
|
emuCMS 0.3 - 'FCKeditor' Arbitrary File Upload
|
19 |
WEB
|
Stack
|
|
2008-06-22
|
|
odars CMS 1.0.2 - Remote File Inclusion
|
17 |
WEB
|
CraCkEr
|
|
2008-06-22
|
|
cmreams CMS 1.3.1.1 beta2 - Local File Inclusion / Cross-Site Scripting
|
18 |
WEB
|
CraCkEr
|
|
2008-06-22
|
|
Hedgehog-CMS 1.21 - 'header.php' Local File Inclusion
|
16 |
WEB
|
CraCkEr
|
|
2008-06-22
|
|
HomePH Design 2.10 RC2 - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting
|
18 |
WEB
|
CraCkEr
|
|
2008-06-22
|
|
HoMaP-CMS 0.1 - 'plugin_admin.php' Remote File Inclusion
|
16 |
WEB
|
CraCkEr
|
|
2008-06-22
|
|
MiGCMS 2.0.5 - Multiple Remote File Inclusions
|
18 |
WEB
|
CraCkEr
|
|
2008-06-22
|
|
RSS-aggregator - 'path' Remote File Inclusion
|
22 |
WEB
|
Ghost Hacker
|
|
2008-06-22
|
|
PageSquid CMS 0.3 Beta - 'index.php' SQL Injection
|
18 |
WEB
|
CWH Underground
|
|
2008-06-22
|
|
IGSuite 3.2.4 - Reverse Shell / Blind SQL Injection
|
19 |
WEB
|
Guido Landi
|
|
2008-06-22
|
|
phpDMCA 1.0.0 - Multiple Remote File Inclusions
|
20 |
WEB
|
CraCkEr
|
|
2008-06-22
|
|
CMS Mini 0.2.2 - Multiple Local File Inclusions
|
17 |
WEB
|
CWH Underground
|
|
2008-06-22
|
|
shibby shop 2.2 - Multiple Vulnerabilities
|
18 |
WEB
|
KnocKout
|
|
2008-06-22
|
|
DUdForum 3.0 - 'iFor' SQL Injection
|
18 |
WEB
|
Bl@ckbe@rD
|
|
2008-06-22
|
|
Joomla! Component EXP Shop - 'catid' SQL Injection
|
18 |
WEB
|
His0k4
|
|
2008-06-21
|
|
phpAuction 3.2.1 - 'item.php' SQL Injection
|
19 |
WEB
|
Hussin X
|
|
2008-06-21
|
|
AJ HYIP ACME - 'news.php' SQL Injection
|
18 |
WEB
|
Hussin X
|
|
2008-06-21
|
|
Online Fantasy Football League (OFFL) 0.2.6 - 'teams.php' SQL Injection
|
19 |
WEB
|
t0pP8uZz
|
|
2008-06-21
|
|
CCLeague Pro 1.2 - Insecure Cookie Authentication
|
18 |
WEB
|
t0pP8uZz
|
|
2008-06-21
|
|
LE.CMS 1.4 - Arbitrary File Upload
|
17 |
WEB
|
t0pP8uZz
|
|
2008-06-21
|
|
LaserNet CMS 1.5 - Arbitrary File Upload
|
18 |
WEB
|
t0pP8uZz
|
|
2008-06-21
|
|
Scientific Image DataBase 0.41 - Blind SQL Injection
|
18 |
WEB
|
t0pP8uZz
|
|
2008-06-21
|
|
Aprox CMS Engine 5.1.0.4 - Local File Inclusion
|
21 |
WEB
|
SkyOut
|
|
2008-06-21
|
|
PHP KnowledgeBase Script 2.4 - 'cat_id' SQL Injection
|
17 |
WEB
|
S.L TEAM
|
|
2008-06-21
|
|
eNews 0.1 - 'delete.php' Arbitrary Delete Post
|
17 |
WEB
|
ilker Kandemir
|
|
2008-06-21
|
|
@CMS 2.1.1 - SQL Injection
|
15 |
WEB
|
Mr.SQL
|
|
2008-06-21
|
|
SiteXS CMS 0.1.1 - Arbitrary File Upload / Cross-Site Scripting
|
17 |
WEB
|
CWH Underground
|
|
2008-06-20
|
|
phpAuction - 'profile.php' SQL Injection (1)
|
20 |
WEB
|
Mr.SQL
|
|
2008-06-20
|
|
emuCMS 0.3 - 'cat_id' SQL Injection
|
16 |
WEB
|
TurkishWarriorr
|
|
2008-06-20
|
|
jaxultrabb 2.0 - Local File Inclusion / Cross-Site Scripting
|
18 |
WEB
|
CWH Underground
|
|
2008-06-20
|
|
Jamroom 3.3.5 - Remote File Inclusion
|
15 |
WEB
|
cyberlog
|
|
2008-06-20
|
|
CiBlog 3.1 - 'id' SQL Injection
|
17 |
WEB
|
Mr.SQL
|
|
2008-06-20
|
|
IPTBB 0.5.6 - 'act' Local File Inclusion
|
21 |
WEB
|
storm
|
|
2008-06-20
|
|
Lightweight news portal (LNP) 1.0b - Multiple Vulnerabilities
|
19 |
WEB
|
storm
|
|
2008-06-20
|
|
FubarForum 1.5 - 'index.php' Local File Inclusion
|
19 |
WEB
|
cOndemned
|
|
2008-06-20
|
|
FireAnt 1.3 - 'index.php' Local File Inclusion
|
18 |
WEB
|
cOndemned
|
|
2008-06-20
|
|
GL-SH Deaf Forum 6.5.5 - Multiple Vulnerabilities
|
18 |
WEB
|
BugReport.IR
|
|
2008-06-20
|
|
Virtual Support Office XP 3.0.29 - Multiple Vulnerabilities
|
16 |
WEB
|
BugReport.IR
|
|
2008-06-19
|
|
AJ Auction 1.0 - 'id' SQL Injection
|
18 |
WEB
|
Hussin X
|
|
2008-06-19
|
|
AJ Auction Web 2.0 - 'cate_id' SQL Injection
|
17 |
WEB
|
Hussin X
|
|
2008-06-19
|
|
Lotus Core CMS 1.0.1 - Remote File Inclusion
|
21 |
WEB
|
Ciph3r
|
|
2008-06-19
|
|
CaupoShop Classic 1.3 - 'saArticle[ID]' SQL Injection
|
18 |
WEB
|
anonymous
|
|
2008-06-19
|
|
Orlando CMS 0.6 - Remote File Inclusion
|
22 |
WEB
|
Ciph3r
|
|
2008-06-19
|
|
CMS-BRD - 'menuclick' SQL Injection
|
19 |
WEB
|
dun
|
|
2008-06-19
|
|
samart-cms 2.0 - 'contentsid' SQL Injection
|
21 |
WEB
|
dun
|
|
2008-06-19
|
|
Yektaweb Academic Web Tools CMS 1.4.2.8 - Multiple Vulnerabilities
|
17 |
WEB
|
BugReport.IR
|
|
2008-06-19
|
|
OwnRS blog beta3 - SQL Injection / Cross-Site Scripting
|
17 |
WEB
|
CWH Underground
|
|
2008-06-19
|
|
eLineStudio Site Composer (ESC) 2.6 - Multiple Vulnerabilities
|
18 |
WEB
|
BugReport.IR
|
|
2008-06-18
|
|
BoatScripts Classifieds - 'type' SQL Injection
|
21 |
WEB
|
Stack
|
|
2008-06-18
|
|
Carscripts Classifieds - 'cat' SQL Injection
|
18 |
WEB
|
Stack
|
|
2008-06-18
|
|
nweb2fax 0.2.7 - Multiple Vulnerabilities
|
22 |
WEB
|
dun
|
|
2008-06-18
|
|
Easy Webstore 1.2 - SQL Injection
|
18 |
WEB
|
Mr.SQL
|
|
2008-06-18
|
|
Mybizz-Classifieds - 'cat' SQL Injection
|
17 |
WEB
|
HaCkeR_EgY
|
|
2008-06-18
|
|
Maxtrade AIO 1.3.23 - 'categori' SQL Injection
|
15 |
WEB
|
HaCkeR_EgY
|
|
2008-06-18
|
|
netBIOS - 'newsid' SQL Injection
|
15 |
WEB
|
security fears team
|
|
2008-06-18
|
|
AspWebCalendar 2008 - Arbitrary File Upload
|
18 |
WEB
|
Alemin_Krali
|
|
2008-06-18
|
|
doITlive CMS 2.50 - SQL Injection / Cross-Site Scripting
|
17 |
WEB
|
BugReport.IR
|
|
2008-06-18
|
|
traindepot 0.1 - Local File Inclusion / Cross-Site Scripting
|
22 |
WEB
|
CWH Underground
|
|
2008-06-17
|
|
WebCalendar 1.0.4 - 'includedir' Remote File Inclusion
|
18 |
WEB
|
Cr@zy_King
|
|
2008-06-17
|
|
eroCMS 1.4 - 'site' SQL Injection
|
24 |
WEB
|
Mr.SQL
|
|
2008-06-17
|
|
MyShoutPro 1.2 - Final Insecure Cookie Handling
|
19 |
WEB
|
Stack
|
|
2008-06-17
|
|
FreeCMS.us 0.2 - 'FCKeditor' Arbitrary File Upload
|
17 |
WEB
|
Stack
|
|
2008-06-17
|
|
PHP Site Lock 2.0 - 'index.php' SQL Injection
|
17 |
WEB
|
Mr.SQL
|
|
2008-06-17
|
|
ThaiQuickCart 3 - 'sLanguage' Cookie Local File Inclusion
|
20 |
WEB
|
CWH Underground
|
|
2008-06-17
|
|
easyTrade 2.x - 'id' SQL Injection
|
19 |
WEB
|
anonymous
|
|
2008-06-17
|
|
ClipShare < 3.0.1 - 'tid' SQL Injection
|
17 |
WEB
|
SuNHouSe2
|
|
2008-06-17
|
|
FreeCMS.us 0.2 - 'index.php' SQL Injection
|
16 |
WEB
|
Mr.SQL
|
|
2008-06-17
|
|
Basic-CMS - SQL Injection
|
20 |
WEB
|
Mr.SQL
|
|
2008-06-17
|
|
Bizon-CMS 2.0 - 'Id' SQL Injection
|
16 |
WEB
|
Mr.SQL
|
|
2008-06-17
|
|
Comparison Engine Power 1.0 - Blind SQL Injection
|
16 |
WEB
|
Mr.SQL
|
|
2008-06-16
|
|
Joomla! Component Simple Shop Galore 3.x - 'catid' SQL Injection
|
17 |
WEB
|
eXeCuTeR
|
|
2008-06-16
|
|
MyMarket 1.72 - Blind SQL Injection
|
18 |
WEB
|
anonymous
|
|
2008-06-16
|
|
Open Azimyt CMS 0.22 - 'lang' Local File Inclusion
|
18 |
WEB
|
DSecRG
|
|
2008-06-16
|
|
Nitro Web Gallery 1.4.3 - 'section' SQL Injection
|
16 |
WEB
|
Mr.SQL
|
|
2008-06-15
|
|
SH-News 3.0 - Insecure Cookie Handling
|
17 |
WEB
|
Virangar Security
|
|
2008-06-15
|
|
Oxygen 2.0 - 'repquote' SQL Injection
|
18 |
WEB
|
anonymous
|
|
2008-06-15
|
|
Simple Machines Forum (SMF) 1.1.4 - SQL Injection
|
18 |
WEB
|
The:Paradox
|
|
2008-06-15
|
|
Anata CMS 1.0b5 - 'change.php' Arbitrary Add Admin
|
17 |
WEB
|
CWH Underground
|
|
2008-06-15
|
|
Advanced Webhost Billing System (AWBS) 2.7.1 - 'news.php' SQL Injection
|
18 |
WEB
|
Mr.SQL
|
|
2008-06-15
|
|
Devalcms 1.4a - 'currentfile' Local File Inclusion
|
19 |
WEB
|
CWH Underground
|
|
2008-06-14
|
|
Alstrasoft AskMe Pro 2.1 - Multiple SQL Injections
|
18 |
WEB
|
t0pP8uZz
|
|
2008-06-14
|
|
PHPEasyNews 1.13 RC2 - 'POST' SQL Injection
|
18 |
WEB
|
t0pP8uZz
|
|
2008-06-14
|
|
ezcms 1.2 - Blind SQL Injection / Authentication Bypass
|
17 |
WEB
|
t0pP8uZz
|
