|
2007-07-17
|
|
Expert Advisior - 'index.php?id' SQL Injection
|
8 |
WEB
|
t0pP8uZz
|
|
2007-07-16
|
|
Traffic Stats - 'referralUrl.php?offset' SQL Injection
|
7 |
WEB
|
t0pP8uZz
|
|
2007-07-14
|
|
paFileDB 3.6 - 'search.php' SQL Injection
|
8 |
WEB
|
pUm
|
|
2007-07-14
|
|
Prozilla Directory Script - 'Directory.php?cat_id' SQL Injection
|
8 |
WEB
|
t0pP8uZz
|
|
2007-07-14
|
|
Realtor 747 - 'index.php?categoryId' SQL Injection
|
8 |
WEB
|
t0pP8uZz
|
|
2007-07-14
|
|
eSyndiCat Directory Software - Multiple SQL Injections
|
7 |
WEB
|
d3v1l
|
|
2007-07-14
|
|
CMScout 1.23 - 'index.php' SQL Injection
|
8 |
WEB
|
g00ns
|
|
2007-07-14
|
|
MKPortal NoBoard Module (Beta) - Remote File Inclusion
|
8 |
WEB
|
g00ns
|
|
2007-07-12
|
|
MKPortal 1.1.1 reviews / Gallery modules - SQL Injection
|
8 |
WEB
|
Coloss
|
|
2007-07-12
|
|
PsNews 1.1 - 'show.php?newspath' Local File Inclusion
|
8 |
WEB
|
irk4z
|
|
2007-07-11
|
|
SquirrelMail G/PGP Encryption Plugin 2.0 - Command Execution
|
8 |
WEB
|
jmp-esp
|
|
2007-07-10
|
|
Mail Machine 3.989 - Local File Inclusion
|
9 |
WEB
|
H4 / XPK
|
|
2007-07-10
|
|
FlashBB 1.1.8 - 'sendmsg.php' Remote File Inclusion
|
8 |
WEB
|
Kw3[R]Ln
|
|
2007-07-10
|
|
OpenLD 1.2.2 - 'index.php?id' SQL Injection
|
8 |
WEB
|
CypherXero
|
|
2007-07-10
|
|
vBulletin Mod RPG Inferno 2.4 - 'inferno.php' SQL Injection
|
8 |
WEB
|
t0pP8uZz
|
|
2007-07-09
|
|
Aigaion 1.3.3 - 'topic topic_id' SQL Injection
|
8 |
WEB
|
CypherXero
|
|
2007-07-08
|
|
AV Tutorial Script 1.0 - Remote User Pass Change
|
8 |
WEB
|
Dj7xpl
|
|
2007-07-08
|
|
FlashGameScript 1.7 - 'user' SQL Injection
|
8 |
WEB
|
Xenduer77
|
|
2007-07-07
|
|
GameSiteScript 3.1 - profile id SQL Injection
|
8 |
WEB
|
Xenduer77
|
|
2007-07-06
|
|
LimeSurvey (phpsurveyor) 1.49rc2 - Remote File Inclusion
|
8 |
WEB
|
Yakir Wizman
|
|
2007-07-06
|
|
eMeeting Online Dating Software 5.2 - SQL Injection
|
9 |
WEB
|
t0pP8uZz
|
|
2007-07-06
|
|
PHPVID 0.9.9 - 'categories_type.php' SQL Injection
|
8 |
WEB
|
t0pP8uZz
|
|
2007-07-05
|
|
AsteriDex 3.0 - 'callboth.php' Remote Code Execution
|
8 |
WEB
|
Carl Livitt
|
|
2007-07-05
|
|
VRNews 1.1.1 - 'admin.php' Remote Security Bypass
|
8 |
WEB
|
R4M!
|
|
2007-07-03
|
|
PNPHPBB2 < 1.2i - 'viewforum.php' SQL Injection
|
7 |
WEB
|
Coloss
|
|
2007-07-03
|
|
MyCMS 0.9.8 - Remote Command Execution (1)
|
8 |
WEB
|
BlackHawk
|
|
2007-07-03
|
|
MyCMS 0.9.8 - Remote Command Execution (2)
|
8 |
WEB
|
BlackHawk
|
|
2007-07-03
|
|
Girlserv ads 1.5 - 'details_news.php' SQL Injection
|
8 |
WEB
|
Cold Zero
|
|
2007-07-03
|
|
SuperCali PHP Event Calendar 0.4.0 - SQL Injection
|
7 |
WEB
|
t0pP8uZz
|
|
2007-07-02
|
|
vbzoom 1.x - 'forum.php?MainID' SQL Injection
|
8 |
WEB
|
Cold Zero
|
|
2007-07-02
|
|
PHPDirector 0.21 - 'videos.php?id' SQL Injection
|
8 |
WEB
|
Kw3[R]Ln
|
|
2007-07-02
|
|
AV Arcade 2.1b - 'index.php?id' SQL Injection
|
8 |
WEB
|
Kw3[R]Ln
|
|
2007-07-02
|
|
YouTube Clone Script - 'msg.php?id' SQL Injection
|
11 |
WEB
|
t0pP8uZz
|
|
2007-07-01
|
|
phpEventCalendar 0.2.3 - 'eventdisplay.php' SQL Injection
|
8 |
WEB
|
Iron
|
|
2007-07-01
|
|
Easybe 1-2-3 Music Store - 'process.php' SQL Injection
|
8 |
WEB
|
t0pP8uZz
|
|
2007-07-01
|
|
ArcadeBuilder Game Portal Manager 1.7 - SQL Injection
|
8 |
WEB
|
t0pP8uZz
|
|
2007-06-30
|
|
sPHPell 1.01 - Multiple Remote File Inclusions
|
8 |
WEB
|
Mehmet Ince
|
|
2007-06-30
|
|
XCMS 1.1 - 'Galerie.php' Local File Inclusion
|
8 |
WEB
|
BlackNDoor
|
|
2007-06-30
|
|
TotalCalendar 2.402 - 'view_event.php' SQL Injection
|
8 |
WEB
|
t0pP8uZz
|
|
2007-06-30
|
|
Ripe Website Manager (CMS) 0.8.9 - Remote File Inclusion
|
8 |
WEB
|
BlackNDoor
|
|
2007-06-30
|
|
Buddy Zone 1.5 - Multiple SQL Injections
|
8 |
WEB
|
t0pP8uZz
|
|
2007-06-29
|
|
Buddy Zone 1.5 - 'view_sub_cat.php?cat_id' SQL Injection
|
8 |
WEB
|
t0pP8uZz
|
|
2007-06-28
|
|
WebChat 0.78 - 'login.php?rid' SQL Injection
|
8 |
WEB
|
r00t
|
|
2007-06-28
|
|
GL-SH Deaf Forum 6.4.4 - Local File Inclusion
|
8 |
WEB
|
Katatafish
|
|
2007-06-28
|
|
b1gbb 2.24.0 - SQL Injection / Cross-Site Scripting
|
8 |
WEB
|
GoLd_M
|
|
2007-06-27
|
|
QuickTicket 1.2 - 'qti_checkname.php' Local File Inclusion
|
8 |
WEB
|
Katatafish
|
|
2007-06-27
|
|
QuickTalk forum 1.3 - 'lang' Local File Inclusion
|
8 |
WEB
|
Katatafish
|
|
2007-06-26
|
|
Elkagroup Image Gallery 1.0 - SQL Injection
|
8 |
WEB
|
t0pP8uZz
|
|
2007-06-26
|
|
WordPress Core 2.2 - 'wp-app.php' Arbitrary File Upload
|
9 |
WEB
|
Alexander Concha
|
|
2007-06-26
|
|
EVA-Web 1.1 < 2.2 - 'index.php3' Remote File Inclusion
|
8 |
WEB
|
g00ns
|
|
2007-06-26
|
|
PHPSiteBackup 0.1 - 'pcltar.lib.php' Remote File Inclusion
|
8 |
WEB
|
GoLd_M
|
|
2007-06-25
|
|
eDocStore - 'doc.php?doc_id' SQL Injection
|
8 |
WEB
|
t0pP8uZz
|
|
2007-06-25
|
|
Pagetool 1.07 - 'news_id' SQL Injection
|
8 |
WEB
|
Katatafish
|
|
2007-06-25
|
|
DreamLog 0.5 - 'upload.php' Arbitrary File Upload
|
8 |
WEB
|
Dj7xpl
|
|
2007-06-25
|
|
SiteDepth CMS 3.44 - 'ShowImage.php?name' File Disclosure
|
8 |
WEB
|
H4 / XPK
|
|
2007-06-25
|
|
6ALBlog - 'newsid' SQL Injection
|
8 |
WEB
|
Crackers_Child
|
|
2007-06-25
|
|
bugmall shopping cart 2.5 - SQL Injection / Cross-Site Scripting
|
8 |
WEB
|
t0pP8uZz
|
|
2007-06-25
|
|
b1gbb 2.24.0 - 'footer.inc.php?tfooter' Remote File Inclusion
|
8 |
WEB
|
Rf7awy
|
|
2007-06-24
|
|
phpTrafficA 1.4.2 - 'pageid' SQL Injection
|
8 |
WEB
|
laurent gaffié
|
|
2007-06-24
|
|
e107 < 0.7.8 - 'photograph' Arbitrary File Upload
|
8 |
WEB
|
g00ns
|
|
2007-06-24
|
|
Simple Invoices 2007 05 25 - 'index.php?submit' SQL Injection
|
8 |
WEB
|
Kacper
|
|
2007-06-24
|
|
dagger Web engine 23jan2007 - Remote File Inclusion
|
8 |
WEB
|
Katatafish
|
|
2007-06-24
|
|
Pluxml 0.3.1 - Remote Code Execution
|
8 |
WEB
|
DarkFig
|
|
2007-06-24
|
|
Pharmacy System 2.0 - 'index.php?ID' SQL Injection
|
8 |
WEB
|
t0pP8uZz
|
|
2007-06-22
|
|
NetClassifieds - SQL Injection / Cross-Site Scripting / Full Path
|
8 |
WEB
|
laurent gaffié
|
|
2007-06-22
|
|
Sun Board 1.00.00 alpha - Remote File Inclusion
|
8 |
WEB
|
GoLd_M
|
|
2007-06-22
|
|
Powl 0.94 - 'htmledit.php' Remote File Inclusion
|
8 |
WEB
|
Kw3[R]Ln
|
|
2007-06-21
|
|
SerWeb 0.9.4 - 'load_lang.php' Remote File Inclusion
|
8 |
WEB
|
Kw3[R]Ln
|
|
2007-06-20
|
|
LAN Management System (LMS) 1.9.6 - Remote File Inclusion
|
8 |
WEB
|
Kw3[R]Ln
|
|
2007-06-20
|
|
Musoo 0.21 - Remote File Inclusion
|
8 |
WEB
|
GoLd_M
|
|
2007-06-20
|
|
XOOPS Module wiwimod 0.4 - Remote File Inclusion
|
8 |
WEB
|
GoLd_M
|
|
2007-06-20
|
|
W1L3D4 WEBmarket 0.1 - SQL Injection
|
9 |
WEB
|
Crackers_Child
|
|
2007-06-20
|
|
LiveCMS 3.4 - 'categoria.php?cid' SQL Injection
|
8 |
WEB
|
g00ns
|
|
2007-06-19
|
|
Jasmine CMS 1.0 - SQL Injection / Remote Code Execution
|
9 |
WEB
|
Silentz
|
|
2007-06-18
|
|
MiniBill 1.2.5 - 'run_billing.php' Remote File Inclusion
|
9 |
WEB
|
Abo0od
|
|
2007-06-18
|
|
Solar Empire 2.9.1.1 - Blind SQL Injection / Hash Retrieve
|
8 |
WEB
|
BlackHawk
|
|
2007-06-17
|
|
MiniBB 2.0.5 - 'Language' Local File Inclusion
|
8 |
WEB
|
Dj7xpl
|
|
2007-06-17
|
|
YourFreeScreamer 1.0 - 'serverPath' Remote File Inclusion
|
8 |
WEB
|
Crackers_Child
|
|
2007-06-16
|
|
PHPMyInventory 2.8 - 'global.inc.php' Remote File Inclusion
|
9 |
WEB
|
o0xxdark0o
|
|
2007-06-14
|
|
PHP::HTML 0.6.4 - 'PHPhtml.php' Remote File Inclusion
|
8 |
WEB
|
o0xxdark0o
|
|
2007-06-14
|
|
Sitellite CMS 4.2.12 - '559668.php' Remote File Inclusion
|
8 |
WEB
|
o0xxdark0o
|
|
2007-06-13
|
|
XOOPS Module cjay content 3 - Remote File Inclusion
|
8 |
WEB
|
g00ns
|
|
2007-06-13
|
|
XOOPS Module XT-Conteudo - 'spaw_root' Remote File Inclusion
|
8 |
WEB
|
g00ns
|
|
2007-06-13
|
|
XOOPS Module XFsection - 'modify.php' Remote File Inclusion
|
8 |
WEB
|
Sp[L]o1T
|
|
2007-06-12
|
|
XOOPS Module horoscope 2.0 - Remote File Inclusion
|
8 |
WEB
|
BeyazKurt
|
|
2007-06-12
|
|
xoops module tinycontent 1.5 - Remote File Inclusion
|
8 |
WEB
|
Sp[L]o1T
|
|
2007-06-12
|
|
Fuzzylime Forum 1.0 - 'low.php?topic' SQL Injection
|
8 |
WEB
|
Silentz
|
|
2007-06-11
|
|
Link Request Contact Form 3.4 - Remote Code Execution
|
8 |
WEB
|
CorryL
|
|
2007-06-09
|
|
GeometriX Download Portal - 'down_indir.asp?id' SQL Injection
|
8 |
WEB
|
CyberGhost
|
|
2007-06-09
|
|
PHP Real Estate Classifieds - Remote File Inclusion
|
8 |
WEB
|
not sec group
|
|
2007-06-08
|
|
e-Vision CMS 2.02 - SQL Injection / Remote Code Execution
|
9 |
WEB
|
Silentz
|
|
2007-06-07
|
|
NewsSync for phpBB 1.5.0rc6 - Remote File Inclusion
|
8 |
WEB
|
GoLd_M
|
|
2007-06-06
|
|
Kartli Alisveris Sistemi 1.0 - SQL Injection
|
8 |
WEB
|
kerem125
|
|
2007-06-06
|
|
WordPress Core 2.2 - 'xmlrpc.php' SQL Injection
|
8 |
WEB
|
Slappter
|
|
2007-06-06
|
|
Comicsense 0.2 - 'index.php?epi' SQL Injection (2)
|
8 |
WEB
|
Silentz
|
|
2007-06-06
|
|
PBLang 4.67.16.a - Remote Code Execution
|
8 |
WEB
|
Silentz
|
|
2007-06-05
|
|
Comicsense 0.2 - 'index.php?epi' SQL Injection (1)
|
8 |
WEB
|
s0cratex
|
|
2007-06-05
|
|
Kravchuk letter script 1.0 - 'scdir' Remote File Inclusion
|
8 |
WEB
|
Mehmet Ince
|
|
2007-06-04
|
|
Madirish Webmail 2.0 - 'addressbook.php' Remote File Inclusion
|
8 |
WEB
|
BoZKuRTSeRDaR
|
|
2007-06-04
|
|
EQdkp 1.3.2 - 'listmembers.php' SQL Injection
|
8 |
WEB
|
Silentz
|
|
2007-06-04
|
|
Sendcard 3.4.1 - Local File Inclusion / Remote Code Execution
|
8 |
WEB
|
Silentz
|
|
2007-06-03
|
|
PNPHPBB2 < 1.2 - 'index.php' SQL Injection
|
8 |
WEB
|
Kacper
|
|
2007-06-02
|
|
Quick.Cart 2.2 - Local/Remote File Inclusion / Remote Code Execution
|
8 |
WEB
|
Kacper
|
|
2007-06-01
|
|
XOOPS Module icontent 1.0/4.5 - Remote File Inclusion
|
9 |
WEB
|
GoLd_M
|
|
2007-06-01
|
|
RevokeBB 1.0 RC4 - Blind SQL Injection / Hash Retrieve
|
8 |
WEB
|
BlackHawk
|
|
2007-06-01
|
|
Particle Gallery 1.0.1 - SQL Injection
|
8 |
WEB
|
Silentz
|
|
2007-05-30
|
|
Vizayn Urun Tanitim Sistemi 0.2 - 'tr' SQL Injection
|
7 |
WEB
|
BAHADIR
|
|
2007-05-29
|
|
Pheap 2.0 - Authentication Bypass / Remote Code Execution
|
8 |
WEB
|
Silentz
|
|
2007-05-29
|
|
AdminBot 9.0.5 - 'live_status.lib.php' Remote File Inclusion
|
7 |
WEB
|
ThE TiGeR
|
|
2007-05-29
|
|
Inout Search Engine - Remote Code Execution
|
8 |
WEB
|
BlackHawk
|
|
2007-05-28
|
|
Joomla! Component Phil-a-Form 1.2.0.0 - SQL Injection
|
8 |
WEB
|
CypherXero
|
|
2007-05-28
|
|
wanewsletter 2.1.3 - Remote File Inclusion
|
9 |
WEB
|
Mogatil
|
|
2007-05-28
|
|
Vistered Little 1.6a - 'skin' Remote File Disclosure
|
8 |
WEB
|
GoLd_M
|
|
2007-05-27
|
|
Fundanemt 2.2.0 - 'spellcheck.php' Remote Code Execution
|
8 |
WEB
|
Kacper
|
|
2007-05-27
|
|
Frequency Clock 0.1b - 'securelib' Remote File Inclusion
|
8 |
WEB
|
ThE TiGeR
|
|
2007-05-26
|
|
TROforum 0.1 - 'admin.php?site_url' Remote File Inclusion
|
8 |
WEB
|
Mehmet Ince
|
|
2007-05-26
|
|
Mazens PHP Chat V3 (basepath) - Remote File Inclusion
|
8 |
WEB
|
ThE TiGeR
|
|
2007-05-25
|
|
FlaP 1.0b - 'pachtofile' Remote File Inclusion
|
8 |
WEB
|
Mehmet Ince
|
|
2007-05-25
|
|
OpenBASE 0.6a - 'root_prefix' Remote File Inclusion
|
8 |
WEB
|
DeltahackingTEAM
|
|
2007-05-25
|
|
vBulletin vBGSiteMap 2.41 - 'root' Remote File Inclusion
|
8 |
WEB
|
Cold Zero
|
|
2007-05-25
|
|
My Little Forum 1.7 - 'user.php?id' SQL Injection
|
8 |
WEB
|
Silentz
|
|
2007-05-25
|
|
gCards 1.46 - SQL Injection / Remote Code Execution
|
8 |
WEB
|
Silentz
|
|
2007-05-25
|
|
Webavis 0.1.1 - 'class.php?root' Remote File Inclusion
|
8 |
WEB
|
ThE TiGeR
|
|
2007-05-24
|
|
FirmWorX 0.1.2 - Multiple Remote File Inclusions
|
9 |
WEB
|
DeltahackingTEAM
|
|
2007-05-24
|
|
CPCommerce 1.1.0 - 'id_category' SQL Injection
|
8 |
WEB
|
Kacper
|
