|
2008-04-14
|
|
BosClassifieds 3.0 - 'index.php' SQL Injection
|
4 |
WEB
|
SoSo H H
|
|
2008-04-14
|
|
SmallBiz eShop - 'content_id' SQL Injection
|
4 |
WEB
|
Stack
|
|
2008-04-14
|
|
SmallBiz 4 Seasons CMS - SQL Injection
|
4 |
WEB
|
cO2
|
|
2008-04-13
|
|
Mumbo Jumbo Media OP4 - Blind SQL Injection
|
5 |
WEB
|
Lidloses_Auge
|
|
2008-04-13
|
|
PostCard 1.0 - Remote Insecure Cookie Handling
|
5 |
WEB
|
t0pP8uZz
|
|
2008-04-13
|
|
CPCommerce 1.1.0 - Cross-Site Scripting / Local File Inclusion
|
4 |
WEB
|
BugReport.IR
|
|
2008-04-13
|
|
Pollbooth 2.0 - 'pollID' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-04-13
|
|
Joomla! Component com_extplorer 2.0.0 RC2 - Local Directory Traversal
|
3 |
WEB
|
Houssamix
|
|
2008-04-13
|
|
1024 CMS 1.4.2 - Local File Inclusion / Blind SQL Injection
|
4 |
WEB
|
girex
|
|
2008-04-12
|
|
CcMail 1.0.1 - Insecure Cookie Handling
|
4 |
WEB
|
t0pP8uZz
|
|
2008-04-11
|
|
PHPAddressBook 2.11 - 'view.php' SQL Injection
|
4 |
WEB
|
Cr@zy_King
|
|
2008-04-11
|
|
Joomla! Component JoomlaXplorer 1.6.2 - Remote s
|
4 |
WEB
|
Houssamix
|
|
2008-04-11
|
|
NewsOffice 1.1 - Remote File Inclusion
|
3 |
WEB
|
RoMaNcYxHaCkEr
|
|
2008-04-11
|
|
PHPKB Knowledge Base Software 1.5 - 'ID' SQL Injection
|
4 |
WEB
|
parad0x
|
|
2008-04-10
|
|
RX Maxsoft - 'fotoID' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-04-10
|
|
LightNEasy 1.2 - no database Remote Hash Retrieve
|
4 |
WEB
|
girex
|
|
2008-04-10
|
|
Ksemail - Local File Inclusion
|
4 |
WEB
|
dun
|
|
2008-04-10
|
|
LiveCart 1.1.1 - 'id' Blind SQL Injection
|
4 |
WEB
|
irvian
|
|
2008-04-09
|
|
KnowledgeQuest 2.6 - SQL Injection
|
4 |
WEB
|
Virangar Security
|
|
2008-04-09
|
|
Phaos R4000 Version - 'file' Remote File Disclosure
|
4 |
WEB
|
HaCkeR_EgY
|
|
2008-04-09
|
|
Free Photo Gallery Site Script - 'path' File Disclosure
|
4 |
WEB
|
JIKO
|
|
2008-04-09
|
|
KnowledgeQuest 2.5 - Arbitrary Add Admin
|
4 |
WEB
|
t0pP8uZz
|
|
2008-04-09
|
|
phpBB Addon Fishing Cat Portal - Remote File Inclusion
|
4 |
WEB
|
bd0rk
|
|
2008-04-08
|
|
Dream4 Koobi 4.4/5.4 - gallery SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-04-08
|
|
Dream4 Koobi Pro 6.25 Showimages - 'galid' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-04-08
|
|
Dream4 Koobi Pro 6.25 Gallery - 'galid' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-04-08
|
|
Dream4 Koobi Pro 6.25 Shop - 'categ' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-04-08
|
|
Dream4 Koobi Pro 6.25 Links - 'categ' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-04-08
|
|
Prediction Football 1.x - 'matchid' SQL Injection
|
3 |
WEB
|
0in
|
|
2008-04-08
|
|
SuperNET Shop 1.0 - SQL Injection
|
4 |
WEB
|
U238
|
|
2008-04-08
|
|
LokiCMS 0.3.3 - Remote Command Execution
|
4 |
WEB
|
girex
|
|
2008-04-08
|
|
FLABER 1.1 RC1 - Remote Command Execution
|
4 |
WEB
|
EgiX
|
|
2008-04-08
|
|
Pligg CMS 9.9.0 - 'editlink.php' SQL Injection
|
4 |
WEB
|
Guido Landi
|
|
2008-04-08
|
|
ExBB 0.22 - Local/Remote File Inclusion
|
3 |
WEB
|
The:Paradox
|
|
2008-04-08
|
|
phpTournois G4 - Arbitrary File Upload / Code Execution
|
3 |
WEB
|
Charles Fol
|
|
2008-04-07
|
|
iScripts Socialware - 'id' SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2008-04-07
|
|
My Gaming Ladder 7.5 - 'ladderid' SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2008-04-07
|
|
724CMS 4.01 Enterprise - 'index.php' SQL Injection
|
4 |
WEB
|
Lidloses_Auge
|
|
2008-04-07
|
|
ChartDirector 4.1 - 'viewsource.php' File Disclosure
|
4 |
WEB
|
Stack
|
|
2008-04-07
|
|
Mole 2.1.0 - 'viewsource.php' Remote File Disclosure
|
4 |
WEB
|
GoLd_M
|
|
2008-04-07
|
|
Dragoon 0.1 - 'root' Remote File Inclusion
|
4 |
WEB
|
RoMaNcYxHaCkEr
|
|
2008-04-07
|
|
LinPHA 1.3.3 Plugin Maps - Remote Command Execution
|
4 |
WEB
|
EgiX
|
|
2008-04-07
|
|
Drake CMS 0.4.11 - Blind SQL Injection
|
4 |
WEB
|
EgiX
|
|
2008-04-07
|
|
Prozilla Freelancers - 'project' SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2008-04-06
|
|
Prozilla Cheat Script 2.0 - 'id' SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2008-04-06
|
|
Prozilla Topsites 1.0 - Arbitrary Edit/Add Users
|
4 |
WEB
|
t0pP8uZz
|
|
2008-04-06
|
|
Prozilla Reviews Script 1.0 - Arbitrary Delete User
|
4 |
WEB
|
t0pP8uZz
|
|
2008-04-06
|
|
Prozilla Forum Service - 'forum' SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2008-04-06
|
|
Prozilla Top 100 1.2 - Arbitrary Delete Stats
|
4 |
WEB
|
t0pP8uZz
|
|
2008-04-06
|
|
Site Sift Listings - 'id' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-04-06
|
|
Blog PixelMotion - 'categorie' SQL Injection
|
4 |
WEB
|
parad0x
|
|
2008-04-06
|
|
Blog PixelMotion - 'modif_config.php' Arbitrary File Upload
|
4 |
WEB
|
JIKO
|
|
2008-04-06
|
|
Blog PixelMotion - 'sauvBase.php' Arbitrary Database Backup
|
4 |
WEB
|
JIKO
|
|
2008-04-06
|
|
MyBB Plugin Custom Pages 1.0 - SQL Injection
|
4 |
WEB
|
Lidloses_Auge
|
|
2008-04-05
|
|
Software Index 1.1 - 'cid' SQL Injection
|
3 |
WEB
|
t0pP8uZz
|
|
2008-04-05
|
|
Links Directory 1.1 - 'cat_id' SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2008-04-05
|
|
Picture Rating 1.0 - Blind SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2008-04-05
|
|
visualpic 0.3.1 - Remote File Inclusion
|
4 |
WEB
|
Cr@zy_King
|
|
2008-04-05
|
|
Gaming Directory 1.0 - 'cat_id' SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2008-04-05
|
|
Cobalt 0.1 - Multiple SQL Injections
|
3 |
WEB
|
U238
|
|
2008-04-05
|
|
Easynet Forum Host - 'forum.php' SQL Injection
|
3 |
WEB
|
t0pP8uZz
|
|
2008-04-05
|
|
Entertainment Directory 1.1 - SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2008-04-05
|
|
Blogator-script 0.95 - Change User Password
|
4 |
WEB
|
Virangar Security
|
|
2008-04-04
|
|
Dragoon 0.1 - 'lng' Local File Inclusion
|
4 |
WEB
|
w0cker
|
|
2008-04-04
|
|
Blogator-script 0.95 - 'id_art' SQL Injection
|
4 |
WEB
|
Virangar Security
|
|
2008-04-04
|
|
PIGMy-SQL 1.4.1 - 'getdata.php' Blind SQL Injection
|
3 |
WEB
|
t0pP8uZz
|
|
2008-04-04
|
|
Blogator-script 0.95 - 'incl_page' Remote File Inclusion
|
4 |
WEB
|
JIKO
|
|
2008-04-04
|
|
PHP Photo Gallery 1.0 - 'photo_id' SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2008-04-04
|
|
Affiliate Directory - 'cat_id' SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2008-04-04
|
|
Comdev News Publisher 4.1.2 - SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2008-04-04
|
|
Sabros.us 1.75 - 'thumbnails.php' Remote File Disclosure
|
5 |
WEB
|
HaCkeR_EgY
|
|
2008-04-04
|
|
Vastal I-Tech Software Zone - 'cat_id' SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2008-04-04
|
|
XPOZE Pro 3.05 - 'reed' SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2008-04-03
|
|
KwsPHP Module ConcoursPhoto 2.0 - 'C_ID' SQL Injection
|
4 |
WEB
|
Stack
|
|
2008-04-03
|
|
KwsPHP Module jeuxflash 1.0 - 'cat' SQL Injection
|
4 |
WEB
|
Houssamix
|
|
2008-04-03
|
|
KwsPHP 1.3.456 Module Archives - 'id' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-04-03
|
|
KwsPHP 1.3.456 Module Galerie - 'id_gal' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-04-02
|
|
PhpBlock a8.4 - 'PATH_TO_CODE' Remote File Inclusion
|
4 |
WEB
|
w0cker
|
|
2008-04-02
|
|
DaZPHP 0.1 - 'prefixdir' Local File Inclusion
|
4 |
WEB
|
w0cker
|
|
2008-04-02
|
|
Joomla! Component OnlineFlashQuiz 1.0.2 - Remote File Inclusion
|
4 |
WEB
|
NoGe
|
|
2008-04-01
|
|
RunCMS Module bamagalerie3 - SQL Injection
|
4 |
WEB
|
DreamTurk
|
|
2008-04-01
|
|
Nuked-klaN 1.7.6 - Multiple Vulnerabilities
|
4 |
WEB
|
Charles Fol
|
|
2008-04-01
|
|
Joomla! Component actualite 1.0 - 'id' SQL Injection
|
4 |
WEB
|
Stack
|
|
2008-04-01
|
|
EggBlog 4.0 - SQL Injection
|
4 |
WEB
|
girex
|
|
2008-04-01
|
|
Mambo Component Ahsshop 1.51 - 'vara' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-04-01
|
|
FaScript FaPhoto 1.0 - 'show.php' SQL Injection
|
3 |
WEB
|
Khashayar Fereidani
|
|
2008-04-01
|
|
EasyNews 40tr - SQL Injection / Cross-Site Scripting / Local File Inclusion
|
4 |
WEB
|
Khashayar Fereidani
|
|
2008-03-31
|
|
Neat weblog 0.2 - 'articleId' SQL Injection
|
4 |
WEB
|
Khashayar Fereidani
|
|
2008-03-31
|
|
Woltlab Burning Board Addon JGS-Treffen 2.0.2 - SQL Injection
|
3 |
WEB
|
anonymous
|
|
2008-03-31
|
|
PHPSpamManager 0.53b - 'body.php' Remote File Disclosure
|
4 |
WEB
|
GoLd_M
|
|
2008-03-31
|
|
WordPress Plugin Download - 'dl_id' SQL Injection
|
4 |
WEB
|
BL4CK
|
|
2008-03-30
|
|
JShop 1.x < 2.x - 'xPage' Local File Inclusion
|
4 |
WEB
|
v0l4arrra
|
|
2008-03-30
|
|
KISGB (tmp_theme) 5.1.1 - Local File Inclusion
|
4 |
WEB
|
Cr@zy_King
|
|
2008-03-30
|
|
mxBB Module mx_blogs 2.0.0-beta - Remote File Inclusion
|
4 |
WEB
|
bd0rk
|
|
2008-03-30
|
|
Smoothflash - 'cid' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-03-28
|
|
AuraCMS 2.x - '/user.php' Security Code Bypass / Arbitrary Add Administrator
|
4 |
WEB
|
NTOS-Team
|
|
2008-03-28
|
|
Joomla! Component MyAlbum 1.0 - 'album' SQL Injection
|
4 |
WEB
|
parad0x
|
|
2008-03-26
|
|
JAF CMS 4.0 RC2 - Multiple Remote File Inclusions
|
4 |
WEB
|
CraCkEr
|
|
2008-03-25
|
|
TopperMod 1.0 - 'mod.php' Local File Inclusion
|
3 |
WEB
|
girex
|
|
2008-03-25
|
|
TopperMod 2.0 - SQL Injection
|
4 |
WEB
|
girex
|
|
2008-03-25
|
|
Joomla! Component Alphacontent 2.5.8 - 'id' SQL Injection
|
4 |
WEB
|
cO2
|
|
2008-03-25
|
|
BolinOS 4.6.1 - Local File Inclusion / Cross-Site Scripting
|
5 |
WEB
|
DSecRG
|
|
2008-03-25
|
|
e107 Plugin My_Gallery 2.3 - Arbitrary File Download
|
3 |
WEB
|
Jerome Athias
|
|
2008-03-24
|
|
Destar 0.2.2-5 - Arbitrary Add Admin
|
4 |
WEB
|
nonroot
|
|
2008-03-24
|
|
HIS-Webshop - 'his-webshop.pl t' Remote File Disclosure
|
4 |
WEB
|
Zero X
|
|
2008-03-24
|
|
PowerPHPBoard 1.00b - Multiple Local File Inclusions
|
4 |
WEB
|
DSecRG
|
|
2008-03-24
|
|
PowerBook 1.21 - 'index.php' Local File Inclusion
|
4 |
WEB
|
DSecRG
|
|
2008-03-24
|
|
phpBB Module XS-Mod 2.3.1 - Local File Inclusion
|
4 |
WEB
|
bd0rk
|
|
2008-03-23
|
|
Joomla! Component Cinema 1.0 - SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-03-23
|
|
Joomla! Component d3000 1.0.0 - SQL Injection
|
3 |
WEB
|
S@BUN
|
|
2008-03-23
|
|
Destar 0.2.2-5 - Arbitrary Add New User
|
3 |
WEB
|
nonroot
|
|
2008-03-23
|
|
Joomla! Component rekry 1.0.0 - 'op_id' SQL Injection
|
4 |
WEB
|
Sniper456
|
|
2008-03-22
|
|
Cuteflow Bin 1.5.0 - 'login.php' Local File Inclusion
|
4 |
WEB
|
KnocKout
|
|
2008-03-22
|
|
PHP-Nuke Platinum 7.6.b.5 - 'dynamic_titles.php' SQL Injection
|
4 |
WEB
|
Inphex
|
|
2008-03-22
|
|
Joomla! Component custompages 1.1 - Remote File Inclusion
|
4 |
WEB
|
Sniper456
|
|
2008-03-21
|
|
XLPortal 2.2.4 - 'Search' SQL Injection
|
4 |
WEB
|
cOndemned
|
|
2008-03-21
|
|
PostNuke 0.764 - Blind SQL Injection
|
3 |
WEB
|
The:Paradox
|
|
2008-03-21
|
|
D.E. Classifieds - 'cat_id' SQL Injection
|
5 |
WEB
|
S@BUN
|
|
2008-03-21
|
|
RunCMS Module Photo 3.02 - 'cid' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-03-21
|
|
phpAddressBook 2.11 - Multiple Local File Inclusions
|
4 |
WEB
|
0x90
|
|
2008-03-20
|
|
ASPapp Knowledge Base - SQL Injection
|
4 |
WEB
|
xcorpitx
|
|
2008-03-20
|
|
RunCMS Module section - 'artid' SQL Injection
|
4 |
WEB
|
Cr@zy_King
|
|
2008-03-19
|
|
PEEL CMS 3.x - Admin Hash Extraction / Arbitrary File Upload
|
4 |
WEB
|
Charles Fol
|
|
2008-03-19
|
|
Joomla! Component Restaurante 1.0 - 'id' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-03-19
|
|
Mambo Component Accombo 1.x - 'id' SQL Injection
|
3 |
WEB
|
S@BUN
|
