|
2007-09-20
|
|
phpBB Plus 1.53 - 'phpbb_root_path' Remote File Inclusion
|
8 |
WEB
|
Mehrad
|
|
2007-09-19
|
|
OneCMS 2.4 - 'abc' SQL Injection
|
8 |
WEB
|
str0ke
|
|
2007-09-19
|
|
Streamline PHP Media Server 1.0-beta4 - Remote File Inclusion
|
8 |
WEB
|
BiNgZa
|
|
2007-09-18
|
|
phpBB Mod Ktauber.com StylesDemo - Blind SQL Injection
|
9 |
WEB
|
nexen
|
|
2007-09-18
|
|
modifyform - 'modifyform.html' Remote File Inclusion
|
8 |
WEB
|
mozi
|
|
2007-09-18
|
|
KwsPHP 1.0 sondages Module - SQL Injection
|
8 |
WEB
|
Houssamix
|
|
2007-09-18
|
|
phpsyncml 0.1.2 - Remote File Inclusion
|
8 |
WEB
|
S.W.A.T.
|
|
2007-09-17
|
|
Shop-Script FREE 2.0 - Remote Command Execution
|
8 |
WEB
|
InATeam
|
|
2007-09-16
|
|
Omnistar Article Manager Software - 'article.php' SQL Injection
|
8 |
WEB
|
Cold Zero
|
|
2007-09-16
|
|
SimpCMS - 'keyword' SQL Injection
|
7 |
WEB
|
Cold Zero
|
|
2007-09-16
|
|
Joomla! Component joom12pic 1.0 - Remote File Inclusion
|
8 |
WEB
|
Morgan
|
|
2007-09-15
|
|
Joomla! Component flash fun! 1.0 - Remote File Inclusion
|
8 |
WEB
|
Morgan
|
|
2007-09-15
|
|
KwsPHP 1.0 stats Module - SQL Injection
|
8 |
WEB
|
s4mi
|
|
2007-09-15
|
|
KwsPHP 1.0 Member_Space Module - SQL Injection
|
8 |
WEB
|
s4mi
|
|
2007-09-15
|
|
KwsPHP 1.0 - 'login.php' SQL Injection
|
8 |
WEB
|
s4mi
|
|
2007-09-15
|
|
Chupix CMS 0.2.3 - 'download.php' Remote File Disclosure
|
8 |
WEB
|
GoLd_M
|
|
2007-09-14
|
|
Gelato - 'index.php?post' SQL Injection
|
8 |
WEB
|
s0cratex
|
|
2007-09-14
|
|
JBlog 1.0 - 'index.php?id' SQL Injection
|
8 |
WEB
|
s4mi
|
|
2007-09-14
|
|
PHP Webquest 2.5 - 'id_actividad' SQL Injection
|
8 |
WEB
|
D4real_TeaM
|
|
2007-09-14
|
|
phpFFL 1.24 - 'PHPFFL_FILE_ROOT' Remote File Inclusion
|
8 |
WEB
|
Dj7xpl
|
|
2007-09-14
|
|
Ajax File Browser 3b - 'settings.inc.php?approot' Remote File Inclusion
|
8 |
WEB
|
arfis project
|
|
2007-09-13
|
|
GForge < 4.6b2 - 'skill_delete' SQL Injection
|
8 |
WEB
|
Sumit Siddharth
|
|
2007-09-13
|
|
Joomla! Component Joomlaradio 5.0 - Remote File Inclusion
|
8 |
WEB
|
Morgan
|
|
2007-09-13
|
|
KwsPHP Module jeuxflash 1.0 - 'id' SQL Injection
|
8 |
WEB
|
Houssamix
|
|
2007-09-14
|
|
WordPress Core 1.5.1.1 < 2.2.2 - Multiple Vulnerabilities
|
8 |
WEB
|
Lance M. Havok
|
|
2007-09-11
|
|
X-Cart - Multiple Remote File Inclusions
|
8 |
WEB
|
aLiiF
|
|
2007-09-11
|
|
NuclearBB Alpha 2 - 'ROOT_PATH' Remote File Inclusion
|
8 |
WEB
|
Rootshell Security
|
|
2007-09-10
|
|
AuraCMS 2.1 - Remote File Attachment / Local File Inclusion
|
8 |
WEB
|
k1tk4t
|
|
2007-09-10
|
|
phpRealty 0.02 - 'MGR' Multiple Remote File Inclusions
|
8 |
WEB
|
QTRinux
|
|
2007-09-10
|
|
Sisfo Kampus 2006 - 'dwoprn.php?f' Arbitrary File Download
|
8 |
WEB
|
k-one
|
|
2007-09-09
|
|
AuraCMS 1.5rc - Multiple SQL Injections
|
8 |
WEB
|
k1tk4t
|
|
2007-09-08
|
|
WebED 0.8999a - Multiple Remote File Inclusions
|
8 |
WEB
|
MhZ91
|
|
2007-09-08
|
|
Joomla! Component Restaurante - Arbitrary File Upload
|
8 |
WEB
|
Cold Zero
|
|
2007-09-08
|
|
PHPress 0.2.0 - 'adisplay.php?lang' Local File Inclusion
|
8 |
WEB
|
Nice Name Crew
|
|
2007-09-08
|
|
Txx CMS 0.2 - Multiple Remote File Inclusions
|
8 |
WEB
|
Nice Name Crew
|
|
2007-09-08
|
|
Sisfo Kampus 2006 - 'blanko.preview.php' Local File Disclosure
|
8 |
WEB
|
QTRinux
|
|
2007-09-08
|
|
Fuzzylime CMS 3.0 - Local File Inclusion
|
7 |
WEB
|
not sec group
|
|
2007-09-08
|
|
Focus/SIS 1.0/2.2 - Remote File Inclusion
|
8 |
WEB
|
ThE TiGeR
|
|
2007-09-08
|
|
TLM CMS 3.2 - Multiple SQL Injections
|
8 |
WEB
|
k1tk4t
|
|
2007-09-07
|
|
Online Fantasy Football League (OFFL) 0.2.6 - Remote File Inclusion
|
8 |
WEB
|
MhZ91
|
|
2007-09-07
|
|
RW::Download 2.0.3 lite - 'index.php?dlid' SQL Injection
|
9 |
WEB
|
k1tk4t
|
|
2007-09-07
|
|
Webace-Linkscript 1.3 SE - 'start.php' SQL Injection
|
8 |
WEB
|
k1tk4t
|
|
2007-09-06
|
|
PHPMytourney - 'menu.php' Remote File Inclusion
|
8 |
WEB
|
S.W.A.T.
|
|
2007-09-05
|
|
AnyInventory 2.0 - 'Environment.php' Remote File Inclusion
|
8 |
WEB
|
ThE TiGeR
|
|
2007-09-04
|
|
PHPOF 20040226 - 'DB_adodb.class.php' Remote File Inclusion
|
8 |
WEB
|
ThE TiGeR
|
|
2007-09-03
|
|
STPHPLibrary - 'STPHPLIB_DIR' Remote File Inclusion
|
8 |
WEB
|
leetsecurity
|
|
2007-09-03
|
|
eNetman 20050830 - 'index.php' Remote File Inclusion
|
8 |
WEB
|
JaheeM
|
|
2007-09-02
|
|
Yvora CMS 1.0 - 'error_view.php?ID' SQL Injection
|
8 |
WEB
|
k1tk4t
|
|
2007-09-02
|
|
Weblogicnet - 'files_dir' Multiple Remote File Inclusions
|
8 |
WEB
|
bius
|
|
2007-09-01
|
|
Joomla! 1.5 Beta1/Beta2/RC1 - SQL Injection
|
8 |
WEB
|
Silentz
|
|
2007-08-31
|
|
CKGold Shopping Cart 2.0 - 'category.php' Blind SQL Injection
|
8 |
WEB
|
k1tk4t
|
|
2007-08-31
|
|
phpBB Links MOD 1.2.2 - SQL Injection
|
8 |
WEB
|
Don
|
|
2007-08-30
|
|
Ourspace 2.0.9 - 'uploadmedia.cgi' Arbitrary File Upload
|
8 |
WEB
|
Don
|
|
2007-08-30
|
|
NMDeluxe 2.0.0 - 'id' SQL Injection
|
8 |
WEB
|
not sec group
|
|
2007-08-29
|
|
Pakupaku CMS 0.4 - Arbitrary File Upload / Local File Inclusion
|
8 |
WEB
|
GoLd_M
|
|
2007-08-29
|
|
phpBG 0.9.1 - 'rootdir' Remote File Inclusion
|
8 |
WEB
|
GoLd_M
|
|
2007-08-29
|
|
PHPNS 1.1 - 'shownews.php?id' SQL Injection
|
8 |
WEB
|
SmOk3
|
|
2007-08-29
|
|
ABC estore 3.0 - 'cat_id' Blind SQL Injection
|
8 |
WEB
|
k1tk4t
|
|
2007-08-29
|
|
xGB 2.0 - 'xGB.php' Remote Security Bypass
|
8 |
WEB
|
DarkFuneral
|
|
2007-08-28
|
|
PHPNuke-Clan 4.2.0 - 'mvcw_conver.php' Remote File Inclusion
|
8 |
WEB
|
DNX
|
|
2007-08-28
|
|
VWar 1.5.0 R15 - 'mvcw.php' Remote File Inclusion
|
8 |
WEB
|
DNX
|
|
2007-08-28
|
|
DL PayCart 1.01 - 'viewitem.php?ItemID' Blind SQL Injection
|
8 |
WEB
|
irvian
|
|
2007-08-28
|
|
ACG News 1.0 - 'aid'/'catid' SQL Injection
|
8 |
WEB
|
SmOk3
|
|
2007-08-28
|
|
Micro CMS 3.5 - 'revert-content.php' SQL Injection
|
7 |
WEB
|
not sec group
|
|
2007-08-27
|
|
WBB2-Addon: Acrotxt 1.0 - 'show' SQL Injection
|
6 |
WEB
|
D4m14n
|
|
2007-08-27
|
|
Arcadem 2.01 - SQL Injection / Remote File Inclusion
|
7 |
WEB
|
SmOk3
|
|
2007-08-27
|
|
SomeryC 0.2.4 - 'include.php?skindir' Remote File Inclusion
|
7 |
WEB
|
Katatafish
|
|
2007-08-26
|
|
2532/Gigs 1.2.1 - 'activateuser.php' Local File Inclusion
|
8 |
WEB
|
bd0rk
|
|
2007-08-25
|
|
SunShop Shopping Cart 4.0 RC 6 - 'Search' Blind SQL Injection
|
8 |
WEB
|
k1tk4t
|
|
2007-08-23
|
|
Joomla! Component BibTeX 1.3 - Blind SQL Injection
|
8 |
WEB
|
ajann
|
|
2007-08-23
|
|
Joomla! Component EventList 0.8 - 'did' SQL Injection
|
8 |
WEB
|
ajann
|
|
2007-08-23
|
|
Joomla! Component Nice Talk 0.9.3 - 'tagid' SQL Injection
|
8 |
WEB
|
ajann
|
|
2007-08-23
|
|
Joomla! Component RSfiles 1.0.2 - 'path' File Download
|
8 |
WEB
|
ajann
|
|
2007-08-23
|
|
Mambo Component Remository - 'cat' SQL Injection
|
8 |
WEB
|
ajann
|
|
2007-08-23
|
|
Joomla! Component NeoRecruit 1.4 - 'id' SQL Injection
|
8 |
WEB
|
ajann
|
|
2007-08-21
|
|
litecommerce 2004 - 'category_id' SQL Injection
|
7 |
WEB
|
k1tk4t
|
|
2007-08-20
|
|
Mambo Component SimpleFAQ 2.11 - SQL Injection
|
8 |
WEB
|
k1tk4t
|
|
2007-08-19
|
|
Squirrelcart 1.x - 'cart.php' Remote File Inclusion
|
8 |
WEB
|
ShaiMagal
|
|
2007-08-16
|
|
GetMyOwnArcade - 'search.php?query' SQL Injection
|
8 |
WEB
|
RoXur777
|
|
2007-08-14
|
|
IBM Rational ClearQuest - Web Authentication Bypass / SQL Injection
|
8 |
WEB
|
s4squatch
|
|
2007-08-13
|
|
Prozilla Webring Website Script - 'category.php?cat' SQL Injection
|
8 |
WEB
|
t0pP8uZz
|
|
2007-08-13
|
|
SOTEeSKLEP 3.5RC9 - 'file' Remote File Disclosure
|
8 |
WEB
|
dun
|
|
2007-08-10
|
|
Pixlie 1.7 - 'pixlie.php?root' Remote File Disclosure
|
8 |
WEB
|
Rizgar
|
|
2007-08-10
|
|
PHP Blue Dragon CMS 3.0.0 - Remote Code Execution
|
8 |
WEB
|
Kacper
|
|
2007-08-10
|
|
PHP blue dragon CMS 3.0.0 - Remote File Inclusion
|
8 |
WEB
|
Kacper
|
|
2007-08-10
|
|
PHP Blue Dragon CMS 3.0.0 - SQL Injection
|
8 |
WEB
|
Kacper
|
|
2007-08-09
|
|
Ncaster 1.7.2 - 'archive.php' Remote File Inclusion
|
8 |
WEB
|
k1n9k0ng
|
|
2007-08-08
|
|
FishCart 3.2 RC2 - 'fc_example.php' Remote File Inclusion
|
9 |
WEB
|
k1n9k0ng
|
|
2007-08-07
|
|
FrontAccounting 1.12 build 31 - Remote File Inclusion
|
8 |
WEB
|
kezzap66345
|
|
2007-08-07
|
|
PHPNews 0.93 - 'format_menue' Remote File Inclusion
|
8 |
WEB
|
kezzap66345
|
|
2007-08-07
|
|
PhpHostBot 1.06 - 'svr_rootscript' Remote File Inclusion
|
8 |
WEB
|
K-159
|
|
2007-08-06
|
|
Prozilla Pub Site Directory - 'Directory.php?cat' SQL Injection
|
8 |
WEB
|
t0pP8uZz
|
|
2007-08-06
|
|
Cartweaver 2.16.11 - 'ProdID' SQL Injection
|
9 |
WEB
|
meoconx
|
|
2007-08-06
|
|
YNP Portal System 2.2.0 - 'showpage.cgi p' Remote File Disclosure
|
8 |
WEB
|
GoLd_M
|
|
2007-08-06
|
|
Lanius CMS 1.2.14 - Multiple SQL Injections
|
8 |
WEB
|
k1tk4t
|
|
2007-08-05
|
|
Envolution 1.1.0 - 'topic' SQL Injection
|
9 |
WEB
|
k1tk4t
|
|
2007-08-05
|
|
AuraCMS Forum Module - SQL Injection
|
8 |
WEB
|
k1tk4t
|
|
2007-08-02
|
|
paBugs 2.0 Beta 3 - 'main.php?cid' SQL Injection
|
8 |
WEB
|
uimp
|
|
2007-07-31
|
|
Joomla! Component com_gmaps 1.00 - 'mapId' SQL Injection
|
7 |
WEB
|
Mehmet Ince
|
|
2007-07-30
|
|
wolioCMS - Authentication Bypass / SQL Injection
|
7 |
WEB
|
k1tk4t
|
|
2007-07-29
|
|
LinPHA 1.3.1 - 'new_images.php' Blind SQL Injection
|
7 |
WEB
|
EgiX
|
|
2007-07-28
|
|
PHP123 Top Sites - 'category.php?cat' SQL Injection
|
6 |
WEB
|
t0pP8uZz
|
|
2007-07-28
|
|
SimpleBlog 3.0 - 'comments_get.asp?id' SQL Injection
|
6 |
WEB
|
g00ns
|
|
2007-07-27
|
|
Adult Directory - 'cat_id' SQL Injection
|
7 |
WEB
|
t0pP8uZz
|
|
2007-07-27
|
|
Seditio CMS 121 - 'pfs.php' Arbitrary File Upload
|
8 |
WEB
|
A.D.T
|
|
2007-07-25
|
|
IndexScript 2.8 - 'cat_id' SQL Injection
|
8 |
WEB
|
xssvgamer
|
|
2007-07-25
|
|
Webyapar 2.0 - Multiple SQL Injections
|
9 |
WEB
|
bypass
|
|
2007-07-24
|
|
Article Directory - 'index.php' Remote File Inclusion
|
8 |
WEB
|
mozi
|
|
2007-07-24
|
|
Entertainment CMS - Local File Inclusion / Remote Command Execution
|
9 |
WEB
|
Kw3[R]Ln
|
|
2007-07-24
|
|
Confixx Pro 3.3.1 - 'saveserver.php' Remote File Inclusion
|
9 |
WEB
|
H4 / XPK
|
|
2007-07-22
|
|
bwired - 'index.php?newsID' SQL Injection
|
8 |
WEB
|
g00ns
|
|
2007-07-22
|
|
Joomla! 1.5 Beta 2 - 'Search' Remote Code Execution
|
8 |
WEB
|
Johannes Greil
|
|
2007-07-21
|
|
JBlog 1.0 - Create / Delete Admin Authentication Bypass
|
8 |
WEB
|
s4mi
|
|
2007-07-21
|
|
RGameScript Pro - 'page.php?id' Remote File Inclusion
|
8 |
WEB
|
Warpboy
|
|
2007-07-21
|
|
WSN Links Basic Edition - 'catid' SQL Injection
|
8 |
WEB
|
t0pP8uZz
|
|
2007-07-20
|
|
Blog System 1.x - 'index.php?news_id' SQL Injection
|
9 |
WEB
|
t0pP8uZz
|
|
2007-07-19
|
|
Joomla! Component Pony Gallery 1.5 - SQL Injection
|
8 |
WEB
|
ajann
|
|
2007-07-18
|
|
Md-Pro 1.0.8x - Topics topicid SQL Injection
|
9 |
WEB
|
anonymous
|
|
2007-07-18
|
|
A-shop 0.70 - Remote File Deletion
|
8 |
WEB
|
Timq
|
|
2007-07-18
|
|
phpBB Module SupaNav 1.0.0 - 'link_main.php' Remote File Inclusion
|
8 |
WEB
|
bd0rk
|
|
2007-07-18
|
|
BBS E-Market - 'postscript.php?p_mode' Remote File Inclusion
|
8 |
WEB
|
mozi
|
|
2007-07-18
|
|
Joomla! Component Expose RC35 - Arbitrary File Upload
|
8 |
WEB
|
Cold Zero
|
|
2007-07-18
|
|
QuickEStore 8.2 - 'insertorder.cfm' SQL Injection
|
8 |
WEB
|
meoconx
|
|
2007-07-18
|
|
Vivvo CMS 3.4 - 'index.php' Blind SQL Injection
|
8 |
WEB
|
ajann
|
|
2007-07-18
|
|
Pictures Rating - 'index.php?msgid' SQL Injection
|
8 |
WEB
|
t0pP8uZz
|
