|
2008-05-21
|
|
6rbScript - 'news.php' SQL Injection
|
18 |
WEB
|
Hussin X
|
|
2008-05-21
|
|
Alcatel OmniPCX Office 210/061.1 - Remote Command Execution
|
18 |
WEB
|
DSecRG
|
|
2008-05-21
|
|
Netious CMS 0.4 - 'pageid' SQL Injection
|
17 |
WEB
|
InjEctOr5
|
|
2008-05-20
|
|
PHP Jokesite 2.0 - 'cat_id' SQL Injection
|
21 |
WEB
|
InjEctOr5
|
|
2008-05-20
|
|
MX-System 2.7.3 - 'index.php' SQL Injection
|
18 |
WEB
|
cOndemned
|
|
2008-05-20
|
|
ComicShout 2.5 - 'comic_id' SQL Injection
|
20 |
WEB
|
Niiub
|
|
2008-05-20
|
|
Mantis Bug Tracker 1.1.1 - Code Execution / Cross-Site Scripting / Cross-Site Request Forgery
|
16 |
WEB
|
USH
|
|
2008-05-20
|
|
eCMS 0.4.2 - SQL Injection / Security Bypass
|
20 |
WEB
|
Virangar Security
|
|
2008-05-20
|
|
EntertainmentScript 1.4.0 - 'page.php' Local File Inclusion
|
20 |
WEB
|
Stack
|
|
2008-05-19
|
|
EntertainmentScript 1.4.0 - 'play.php' SQL Injection
|
19 |
WEB
|
Mr.SQL
|
|
2008-05-19
|
|
MercuryBoard 1.1.5 - 'login.php' Blind SQL Injection
|
14 |
WEB
|
EgiX
|
|
2008-05-19
|
|
AlkalinePHP 0.80.00 Beta - 'thread.php' SQL Injection
|
17 |
WEB
|
Stack
|
|
2008-05-19
|
|
microssys CMS 1.5 - Remote File Inclusion
|
20 |
WEB
|
Raz0r
|
|
2008-05-18
|
|
MyPicGallery 1.0 - Arbitrary Add Admin
|
15 |
WEB
|
t0pP8uZz
|
|
2008-05-18
|
|
PHP-AGTC Membership System 1.1a - Arbitrary Add Admin
|
15 |
WEB
|
t0pP8uZz
|
|
2008-05-18
|
|
MeltingIce File System 1.0 - Arbitrary Add User
|
20 |
WEB
|
t0pP8uZz
|
|
2008-05-18
|
|
GNU/Gallery 1.1.1.0 - 'admin.php' Local File Inclusion
|
18 |
WEB
|
t0pP8uZz
|
|
2008-05-18
|
|
Easycms 0.4.2 - Multiple Vulnerabilities
|
19 |
WEB
|
t0pP8uZz
|
|
2008-05-18
|
|
AlkalinePHP 0.77.35 - 'adduser.php' Arbitrary Add Admin
|
20 |
WEB
|
t0pP8uZz
|
|
2008-05-18
|
|
Lulieblog 1.2 - Multiple Vulnerabilities
|
19 |
WEB
|
Cod3rZ
|
|
2008-05-18
|
|
Ajax Framework - 'lang' Local File Inclusion
|
18 |
WEB
|
dun
|
|
2008-05-18
|
|
TAGWORX.CMS 3.00.02 - Multiple SQL Injections
|
17 |
WEB
|
dun
|
|
2008-05-18
|
|
CMS WebManager-Pro - Multiple SQL Injections
|
18 |
WEB
|
dun
|
|
2008-05-17
|
|
Smeego 1.0 - 'Cookie lang' Local File Inclusion
|
19 |
WEB
|
0in
|
|
2008-05-17
|
|
FicHive 1.0 - 'category' Blind SQL Injection
|
17 |
WEB
|
His0k4
|
|
2008-05-17
|
|
How2ASP.net WebBoard 4.1 - SQL Injection
|
16 |
WEB
|
CWH Underground
|
|
2008-05-17
|
|
WR-Meeting 1.0 - 'msnum' Local File Disclosure
|
26 |
WEB
|
Cr@zy_King
|
|
2008-05-16
|
|
Zomplog 3.8.2 - 'force_download.php' File Disclosure
|
19 |
WEB
|
Stack
|
|
2008-05-16
|
|
Archangel Weblog 0.90.02 - 'post_id' SQL Injection
|
19 |
WEB
|
Stack
|
|
2008-05-16
|
|
Zomplog 3.8.2 - 'newuser.php' Arbitrary Add Admin
|
17 |
WEB
|
ArxWolf
|
|
2008-05-16
|
|
StanWeb.CMS - SQL Injection
|
19 |
WEB
|
JosS
|
|
2008-05-15
|
|
IMGallery 2.5 - Multiple SQL Injections
|
18 |
WEB
|
cOndemned
|
|
2008-05-15
|
|
Multi-Page Comment System 1.1.0 - Insecure Cookie Handling
|
18 |
WEB
|
t0pP8uZz
|
|
2008-05-15
|
|
Web Slider 0.6 - Insecure Cookie/Authentication Handling
|
18 |
WEB
|
t0pP8uZz
|
|
2008-05-15
|
|
RantX 1.0 - Insecure Admin Authentication
|
16 |
WEB
|
t0pP8uZz
|
|
2008-05-15
|
|
Pet Grooming Management System 2.0 - Arbitrary Add Admin
|
21 |
WEB
|
t0pP8uZz
|
|
2008-05-15
|
|
68 Classifieds 4.0 - 'category.php' SQL Injection
|
18 |
WEB
|
HaCkeR_EgY
|
|
2008-05-15
|
|
newsmanager 2.0 - Remote File Inclusion / File Disclosure / SQL Injection
|
22 |
WEB
|
GoLd_M
|
|
2008-05-15
|
|
Kostenloses Linkmanagementscript - SQL Injection
|
19 |
WEB
|
Virangar Security
|
|
2008-05-14
|
|
Kostenloses Linkmanagementscript - Remote File Inclusion
|
20 |
WEB
|
HaCkeR_EgY
|
|
2008-05-14
|
|
rgboard 3.0.12 - Remote File Inclusioni / Cross-Site Scripting
|
17 |
WEB
|
e.wiZz!
|
|
2008-05-14
|
|
Lanius CMS 1.2.16 - 'FCKeditor' Arbitrary File Upload
|
19 |
WEB
|
EgiX
|
|
2008-05-14
|
|
Internet PhotoShow (Special Edition) - Insecure Cookie Handling
|
19 |
WEB
|
t0pP8uZz
|
|
2008-05-14
|
|
ActiveKB 1.5 - Insecure Cookie Handling/Arbitrary Admin Access
|
21 |
WEB
|
t0pP8uZz
|
|
2008-05-14
|
|
AS-GasTracker 1.0.0 - Insecure Cookie Handling
|
15 |
WEB
|
t0pP8uZz
|
|
2008-05-14
|
|
Feedback and Rating Script 1.0 - 'detail.php' SQL Injection
|
18 |
WEB
|
t0pP8uZz
|
|
2008-05-14
|
|
Freelance Auction Script 1.0 - 'browseproject.php' SQL Injection
|
18 |
WEB
|
t0pP8uZz
|
|
2008-05-13
|
|
Linkspile - 'cat_id' SQL Injection
|
19 |
WEB
|
HaCkeR_EgY
|
|
2008-05-13
|
|
The Real Estate Script - 'docID' SQL Injection
|
19 |
WEB
|
HaCkeR_EgY
|
|
2008-05-13
|
|
EMO Realty Manager - 'ida' SQL Injection
|
16 |
WEB
|
HaCkeR_EgY
|
|
2008-05-13
|
|
Meto Forum 1.1 - Multiple SQL Injections
|
19 |
WEB
|
U238
|
|
2008-05-13
|
|
CaLogic Calendars 1.2.2 - 'langsel' SQL Injection
|
18 |
WEB
|
His0k4
|
|
2008-05-13
|
|
Web Group Communication Center (WGCC) 1.0.3 - SQL Injection
|
17 |
WEB
|
myvx
|
|
2008-05-13
|
|
e-107 Plugin ZoGo-Shop 1.16 Beta 13 - SQL Injection
|
18 |
WEB
|
Cr@zy_King
|
|
2008-05-13
|
|
e107 Plugin BLOG Engine 2.2 - 'rid' Blind SQL Injection
|
18 |
WEB
|
Saime
|
|
2008-05-13
|
|
EQdkp 1.3.2f - 'user_id' Authentication Bypass
|
20 |
WEB
|
vortfu
|
|
2008-05-12
|
|
AJ HYIP ACME - 'topic_detail.php' SQL Injection
|
17 |
WEB
|
InjEctOr5
|
|
2008-05-12
|
|
Advanced Image Hosting (AIH) 2.1 - SQL Injection
|
15 |
WEB
|
Stack
|
|
2008-05-12
|
|
CMS Made Simple 1.2.4 Module FileManager - Arbitrary File Upload
|
19 |
WEB
|
EgiX
|
|
2008-05-12
|
|
PHP Classifieds Script 05122008 - SQL Injection
|
18 |
WEB
|
InjEctOr5
|
|
2008-05-12
|
|
Mega File Hosting Script 1.2 - 'fid' SQL Injection
|
20 |
WEB
|
TurkishWarriorr
|
|
2008-05-12
|
|
Battle.net Clan Script 1.5.x - SQL Injection
|
16 |
WEB
|
Stack
|
|
2008-05-12
|
|
BigACE 2.4 - Multiple Remote File Inclusions
|
22 |
WEB
|
BiNgZa
|
|
2008-05-12
|
|
ClanLite 2.x - SQL Injection / Cross-Site Scripting
|
21 |
WEB
|
ZoRLu
|
|
2008-05-12
|
|
ZeusCart 2.0 - 'category_list.php' SQL Injection
|
17 |
WEB
|
t0pP8uZz
|
|
2008-05-12
|
|
AJ Classifieds 2008 - 'index.php' SQL Injection
|
17 |
WEB
|
t0pP8uZz
|
|
2008-05-12
|
|
AJ Auction 6.2.1 - 'classifide_ad.php' SQL Injection
|
19 |
WEB
|
t0pP8uZz
|
|
2008-05-12
|
|
AJ Article 1.0 - 'featured_article.php' SQL Injection
|
15 |
WEB
|
t0pP8uZz
|
|
2008-05-11
|
|
Vortex CMS - 'pageid' Blind SQL Injection
|
19 |
WEB
|
Lidloses_Auge
|
|
2008-05-11
|
|
QuickUpCMS - Multiple SQL Injections Vulnerabilities
|
17 |
WEB
|
Lidloses_Auge
|
|
2008-05-11
|
|
Joomla! Component xsstream-dm 0.01b - SQL Injection
|
17 |
WEB
|
Houssamix
|
|
2008-05-11
|
|
PhpBlock a8.5 - Multiple Remote File Inclusions
|
20 |
WEB
|
CraCkEr
|
|
2008-05-10
|
|
Joomla! Component Datsogallery 1.6 - Blind SQL Injection
|
16 |
WEB
|
+toxa+
|
|
2008-05-10
|
|
Ktools Photostore 3.5.2 - Multiple SQL Injections
|
16 |
WEB
|
DNX
|
|
2008-05-10
|
|
Advanced Links Management (ALM) 1.52 - SQL Injection
|
17 |
WEB
|
His0k4
|
|
2008-05-09
|
|
Ktools Photostore 3.5.1 - 'gid' SQL Injection
|
16 |
WEB
|
Mr.SQL
|
|
2008-05-09
|
|
txtCMS 0.3 - 'index.php' Local File Inclusion
|
15 |
WEB
|
cOndemned
|
|
2008-05-09
|
|
Phoenix View CMS Pre Alpha2 - SQL Injection / Local File Inclusion / Cross-Site Scripting
|
19 |
WEB
|
tw8
|
|
2008-05-09
|
|
HispaH Model Search - 'cat.php?cat' SQL Injection
|
18 |
WEB
|
InjEctOr5
|
|
2008-05-09
|
|
SazCart 1.5.1 - 'prodid' SQL Injection
|
20 |
WEB
|
JosS
|
|
2008-05-09
|
|
Admidio 1.4.8 - 'getfile.php' Remote File Disclosure
|
18 |
WEB
|
n3v3rh00d
|
|
2008-05-08
|
|
miniBloggie 1.0 - 'del.php' Arbitrary Delete Post
|
20 |
WEB
|
Cod3rZ
|
|
2008-05-08
|
|
Cyberfolio 7.12 - 'rep' Remote File Inclusion
|
20 |
WEB
|
RoMaNcYxHaCkEr
|
|
2008-05-08
|
|
SazCart 1.5.1 - Multiple Remote File Inclusions
|
18 |
WEB
|
RoMaNcYxHaCkEr
|
|
2008-05-08
|
|
vShare YouTube Clone 2.6 - 'tid' SQL Injection
|
20 |
WEB
|
Saime
|
|
2008-05-08
|
|
Shader TV (Beta) - Multiple SQL Injections
|
20 |
WEB
|
U238
|
|
2008-05-08
|
|
RunCMS 1.6.1 - 'msg_image' SQL Injection
|
18 |
WEB
|
The:Paradox
|
|
2008-05-07
|
|
MusicBox 2.3.7 - 'artistId' SQL Injection
|
18 |
WEB
|
HaCkeR_EgY
|
|
2008-05-07
|
|
EZContents CMS 2.0.0 - Multiple SQL Injections
|
19 |
WEB
|
Virangar Security
|
|
2008-05-07
|
|
CMS Faethon 2.2 Ultimate - Remote File Inclusion / Cross-Site Scripting
|
22 |
WEB
|
RoMaNcYxHaCkEr
|
|
2008-05-07
|
|
OneCMS 2.5 - Blind SQL Injection
|
18 |
WEB
|
Cod3rZ
|
|
2008-05-07
|
|
PostcardMentor - 'cat_fldAuto' SQL Injection
|
19 |
WEB
|
InjEctOr5
|
|
2008-05-07
|
|
GameCMS Lite 1.0 - 'systemId' SQL Injection
|
19 |
WEB
|
InjEctOr5
|
|
2008-05-07
|
|
Galleristic 1.0 - 'cat' SQL Injection
|
18 |
WEB
|
cOndemned
|
|
2008-05-07
|
|
FipsCMS 2.1 - 'print.asp' SQL Injection
|
19 |
WEB
|
InjEctOr5
|
|
2008-05-06
|
|
PHPEasyData 1.5.4 - 'cat_id' SQL Injection
|
17 |
WEB
|
InjEctOr5
|
|
2008-05-06
|
|
Pre Shopping Mall 1.1 - 'search.php' SQL Injection
|
16 |
WEB
|
t0pP8uZz
|
|
2008-05-05
|
|
DeluxeBB 1.2 - Multiple Vulnerabilities
|
20 |
WEB
|
EgiX
|
|
2008-05-05
|
|
Power Editor 2.0 - Remote File Disclosure / Edit
|
20 |
WEB
|
Virangar Security
|
|
2008-05-05
|
|
Miniweb 2.0 - 'historymonth' SQL Injection
|
22 |
WEB
|
HaCkeR_EgY
|
|
2008-05-05
|
|
BackLinkSpider 1.1 - 'cat_id' SQL Injection
|
19 |
WEB
|
K-159
|
|
2008-05-05
|
|
Kmita Mail 3.0 - 'file' Remote File Inclusion
|
18 |
WEB
|
K-159
|
|
2008-05-05
|
|
Kmita Tellfriend 2.0 - 'file' Remote File Inclusion
|
18 |
WEB
|
K-159
|
|
2008-05-05
|
|
Anserv Auction XL - 'cat' SQL Injection
|
17 |
WEB
|
K-159
|
|
2008-05-05
|
|
Online Rental Property Script 4.5 - 'pid' SQL Injection
|
18 |
WEB
|
K-159
|
|
2008-05-05
|
|
PostNuke Module pnEncyclopedia 0.2.0 - SQL Injection
|
19 |
WEB
|
K-159
|
|
2008-05-04
|
|
Scout Portal Toolkit 1.4.0 - 'ParentId' SQL Injection
|
16 |
WEB
|
JosS
|
|
2008-05-04
|
|
ScorpNews 1.0 - 'site' Remote File Inclusion
|
19 |
WEB
|
Silver
|
|
2008-05-04
|
|
Cplinks 1.03 - Authentication Bypass / SQL Injection / Cross-Site Scripting
|
19 |
WEB
|
InjEctOr5
|
|
2008-05-03
|
|
phpDirectorySource 1.1 - Multiple SQL Injections
|
16 |
WEB
|
InjEctOr5
|
|
2008-05-03
|
|
SmartBlog 1.3 - 'index.php' SQL Injection
|
19 |
WEB
|
His0k4
|
|
2008-05-03
|
|
BlogMe PHP 1.1 - 'comments.php' SQL Injection
|
17 |
WEB
|
His0k4
|
|
2008-05-02
|
|
ItCMS 1.9 - 'boxpop.php' Remote Code Execution
|
17 |
WEB
|
Cod3rZ
|
|
2008-05-02
|
|
Open Auto Classifieds 1.4.3b - SQL Injection
|
18 |
WEB
|
InjEctOr5
|
|
2008-05-01
|
|
Vlbook 1.21 - Cross-Site Scripting / Local File Inclusion
|
19 |
WEB
|
Khashayar Fereidani
|
|
2008-05-01
|
|
ActualAnalyzer Lite (free) 2.78 - Local File Inclusion
|
18 |
WEB
|
Khashayar Fereidani
|
|
2008-05-01
|
|
Joomla! Component Webhosting - 'catid' Blind SQL Injection
|
17 |
WEB
|
cO2
|
|
2008-04-30
|
|
Interact 2.4.1 - Multiple Remote File Inclusions
|
22 |
WEB
|
RoMaNcYxHaCkEr
|
|
2008-04-30
|
|
Harris WapChat 1 - Multiple Remote File Inclusions
|
16 |
WEB
|
k1n9k0ng
|
|
2008-04-30
|
|
OxYProject 0.85 - 'edithistory.php' Remote Code Execution
|
18 |
WEB
|
GoLd_M
|
|
2008-04-30
|
|
Project Based Calendaring System (PBCS) 0.7.1 - Multiple Vulnerabilities
|
22 |
WEB
|
GoLd_M
|
|
2008-04-29
|
|
LokiCMS 0.3.3 - Arbitrary File Delete
|
15 |
WEB
|
cOndemned
|
|
2008-04-29
|
|
SugarCRM Community Edition 4.5.1/5.0.0 - File Disclosure
|
18 |
WEB
|
Roberto Suggi Liverani
|
|
2008-04-28
|
|
Joovili 3.1 - 'browse.videos.php' SQL Injection
|
18 |
WEB
|
HaCkeR_EgY
|
|
2008-04-28
|
|
Softbiz Web Host Directory Script - 'host_id' SQL Injection
|
16 |
WEB
|
K-159
|
