|
2007-04-12
|
|
Request It 1.0b - 'index.php?id' Remote File Inclusion
|
4 |
WEB
|
hackberry
|
|
2007-04-12
|
|
Expow 0.8 - 'autoindex.php?cfg_file' Remote File Inclusion
|
4 |
WEB
|
mdx
|
|
2007-04-12
|
|
e107 0.7.8 - 'mailout.php' (Authenticated) Access Escalation
|
4 |
WEB
|
Gammarays
|
|
2007-04-12
|
|
MyBulletinBoard (MyBB) 1.2.2 - 'CLIENT-IP' SQL Injection
|
4 |
WEB
|
Elekt
|
|
2007-04-12
|
|
RicarGBooK 1.2.1 - 'lang' Local File Inclusion
|
4 |
WEB
|
Dj7xpl
|
|
2007-04-12
|
|
WebKalk2 1.9.0 - 'absolute_path' Remote File Inclusion
|
4 |
WEB
|
GoLd_M
|
|
2007-04-12
|
|
mxBB Module MX Shotcast 1.0 RC2 - 'getinfo1.php' Remote File Inclusion
|
4 |
WEB
|
bd0rk
|
|
2007-04-11
|
|
Joomla! Component mosmedia 1.0.8 - Remote File Inclusion
|
4 |
WEB
|
GoLd_M
|
|
2007-04-11
|
|
Mambo Module Calendar (Agenda) 1.5.5 - Remote File Inclusion
|
4 |
WEB
|
Cold Zero
|
|
2007-04-11
|
|
Mambo Module Weather - 'absolute_path' Remote File Inclusion
|
4 |
WEB
|
Cold Zero
|
|
2007-04-11
|
|
CodeBreak 1.1.2 - 'codebreak.php' Remote File Inclusion
|
4 |
WEB
|
John Martinelli
|
|
2007-04-11
|
|
PunBB 1.2.14 - Remote Code Execution
|
4 |
WEB
|
DarkFig
|
|
2007-04-11
|
|
TOSMO/Mambo 1.4.13a - 'absolute_path' Remote File Inclusion
|
4 |
WEB
|
Cold Zero
|
|
2007-04-11
|
|
Mambo Component zOOm Media Gallery 2.5 Beta 2 - Remote File Inclusion
|
3 |
WEB
|
iskorpitx
|
|
2007-04-10
|
|
SimpCMS 04.10.2007 - 'site' Remote File Inclusion
|
4 |
WEB
|
Dr.RoVeR
|
|
2007-04-10
|
|
pl-PHP Beta 0.9 - Multiple Vulnerabilities
|
4 |
WEB
|
Omni
|
|
2007-04-10
|
|
Joomla! / Mambo Component Taskhopper 1.1 - Remote File Inclusion
|
4 |
WEB
|
Cold Zero
|
|
2007-04-10
|
|
InoutMailingListManager 3.1 - Remote Command Execution
|
3 |
WEB
|
BlackHawk
|
|
2007-04-10
|
|
Crea-Book 1.0 - Admin Access Bypass / Database Disclosure / Code Execution
|
3 |
WEB
|
Xst3nZ
|
|
2007-04-10
|
|
Weatimages 1.7.1 - ini[langpack] Remote File Inclusion
|
3 |
WEB
|
Co-Sarper-Der
|
|
2007-04-10
|
|
PHPGalleryScript 1.0 - 'init.gallery.php?include_class' Remote File Inclusion
|
4 |
WEB
|
anonymous
|
|
2007-04-10
|
|
HIOX GUEST BOOK (HGB) 4.0 - Remote Code Execution
|
4 |
WEB
|
Dj7xpl
|
|
2007-04-09
|
|
Pathos CMS 0.92-2 - 'warn.php' Remote File Inclusion
|
4 |
WEB
|
kezzap66345
|
|
2007-04-09
|
|
PHP121 Instant Messenger 2.2 - Local File Inclusion
|
5 |
WEB
|
Dj7xpl
|
|
2007-04-09
|
|
Battle.net Clan Script for PHP 1.5.1 - SQL Injection
|
4 |
WEB
|
h a c k e r _ X
|
|
2007-04-08
|
|
PcP-Guestbook 3.0 - 'lang' Local File Inclusion
|
2 |
WEB
|
Dj7xpl
|
|
2007-04-08
|
|
ScarNews 1.2.1 - 'sn_admin_dir' Local File Inclusion
|
4 |
WEB
|
BeyazKurt
|
|
2007-04-08
|
|
WitShare 0.9 - 'index.php?menu' Local File Inclusion
|
4 |
WEB
|
the_Edit0r
|
|
2007-04-08
|
|
MyBlog: PHP and MySQL Blog/CMS software - Remote File Inclusion
|
4 |
WEB
|
the_Edit0r
|
|
2007-04-08
|
|
PHP-Nuke Module eBoard 1.0.7 - GLOBALS[name] Local File Inclusion
|
4 |
WEB
|
bd0rk
|
|
2007-04-08
|
|
Scorp Book 1.0 - 'smilies.php?config' Remote File Inclusion
|
4 |
WEB
|
Dj7xpl
|
|
2007-04-06
|
|
SmodCMS 2.10 - Slownik ssid SQL Injection
|
4 |
WEB
|
Kacper
|
|
2007-04-06
|
|
SmodBIP 1.06 - aktualnosci zoom SQL Injection
|
4 |
WEB
|
Kacper
|
|
2007-04-06
|
|
cattaDoc 2.21 - 'download2.php?fn1' Remote File Disclosure
|
4 |
WEB
|
GoLd_M
|
|
2007-04-06
|
|
Beryo 2.0 - 'downloadpic.php?chemin' Remote File Disclosure
|
4 |
WEB
|
GoLd_M
|
|
2007-04-05
|
|
WebSPELL 4.01.02 - 'picture.php' File Disclosure
|
4 |
WEB
|
Trex
|
|
2007-04-05
|
|
XOOPS Module Jobs 2.4 - 'cid' SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-04-05
|
|
phpMyNewsletter 0.8 (beta5) - Multiple Vulnerabilities
|
4 |
WEB
|
BlackHawk
|
|
2007-04-05
|
|
XOOPS Module WF-Links 1.03 - 'cid' SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-04-05
|
|
PHP-Generics 1.0.0 Beta - Multiple Remote File Inclusions
|
4 |
WEB
|
bd0rk
|
|
2007-04-05
|
|
CodeWand phpBrowse - 'site_path' Remote File Inclusion
|
4 |
WEB
|
kezzap66345
|
|
2007-04-05
|
|
Sisplet CMS 05.10 - 'site_path' Remote File Inclusion
|
4 |
WEB
|
kezzap66345
|
|
2007-04-04
|
|
XOOPS Module Rha7 Downloads 1.0 - 'visit.php' SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-04-04
|
|
Mutant 0.9.2 - 'mutant_functions.php' Remote File Inclusion
|
4 |
WEB
|
bd0rk
|
|
2007-04-04
|
|
XOOPS Module WF-Snippets 1.02 (c) - Blind SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-04-04
|
|
CyBoards PHP Lite 1.21 - 'script_path' Remote File Inclusion
|
4 |
WEB
|
bd0rk
|
|
2007-04-04
|
|
AROUNDMe 0.7.7 - Multiple Remote File Inclusions
|
3 |
WEB
|
kezzap66345
|
|
2007-04-04
|
|
phpMyNewsletter 0.6.10 - 'customize.php' Remote File Inclusion
|
3 |
WEB
|
frog-m@n
|
|
2007-04-03
|
|
MySpeach 3.0.7 - Local/Remote File Inclusion
|
3 |
WEB
|
Xst3nZ
|
|
2007-04-03
|
|
WordPress Core 2.1.2 - 'xmlrpc' SQL Injection
|
4 |
WEB
|
Sumit Siddharth
|
|
2007-04-03
|
|
XOOPS Module PopnupBlog 2.52 - 'postid' Blind SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-04-03
|
|
MyBulletinBoard (MyBB) 1.2.3 - Remote Code Execution
|
4 |
WEB
|
DarkFig
|
|
2007-04-02
|
|
XOOPS Module Zmagazine 1.0 - 'print.php' SQL Injection
|
5 |
WEB
|
ajann
|
|
2007-04-02
|
|
XOOPS Module XFsection 1.07 - 'articleId' Blind SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-04-02
|
|
XOOPS Module WF-Section 1.01 - 'articleId' SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-04-02
|
|
Really Simple PHP and Ajax (RSPA) 2007-03-23 - Remote File Inclusion
|
4 |
WEB
|
Hamid Ebadi
|
|
2007-04-02
|
|
PHP-Fusion Module Arcade 1.0 - 'cid' SQL Injection
|
3 |
WEB
|
Mehmet Ince
|
|
2007-04-02
|
|
PHP-Fusion Module topliste 1.0 - 'cid' SQL Injection
|
3 |
WEB
|
Mehmet Ince
|
|
2007-04-02
|
|
MapLab MS4W 2.2.1 - Remote File Inclusion
|
3 |
WEB
|
ka0x
|
|
2007-04-01
|
|
XOOPS Module RM+Soft Gallery 1.0 - Blind SQL Injection
|
3 |
WEB
|
ajann
|
|
2007-04-01
|
|
XOOPS Module myAlbum-P 2.0 - 'cid' SQL Injection
|
3 |
WEB
|
ajann
|
|
2007-04-01
|
|
FlexPHPNews 0.0.5 - 'newsid' SQL Injection
|
3 |
WEB
|
Dj7xpl
|
|
2007-04-01
|
|
XOOPS Module debaser 0.92 - 'genre.php' Blind SQL Injection
|
3 |
WEB
|
ajann
|
|
2007-04-01
|
|
XOOPS Module Camportail 1.1 - 'camid' SQL Injection
|
3 |
WEB
|
ajann
|
|
2007-04-01
|
|
CWB PRO 1.5 - 'INCLUDE_PATH' Remote File Inclusion
|
2 |
WEB
|
GoLd_M
|
|
2007-04-01
|
|
XOOPS Module Kshop 1.17 - 'id' SQL Injection
|
3 |
WEB
|
ajann
|
|
2007-04-01
|
|
XOOPS Module Tiny Event 1.01 - 'id' SQL Injection
|
3 |
WEB
|
ajann
|
|
2007-04-01
|
|
BT-sondage 1.12 - 'gestion_sondage.php' Remote File Inclusion
|
2 |
WEB
|
Crackers_Child
|
|
2007-04-01
|
|
XOOPS Module eCal 2.24 - 'display.php' SQL Injection
|
2 |
WEB
|
ajann
|
|
2007-04-01
|
|
WinMail Server 4.4 build 1124 - 'WebMail' Remote Add Super User
|
3 |
WEB
|
rgod
|
|
2007-03-31
|
|
XOOPS Module Tutoriais - 'viewcat.php' SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-03-31
|
|
XOOPS Module Core - 'viewcat.php' SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-03-31
|
|
XOOPS Module Library - 'viewcat.php' SQL Injection
|
5 |
WEB
|
ajann
|
|
2007-03-31
|
|
XOOPS Module Lykos Reviews 1.00 - 'index.php' SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-03-30
|
|
JSBoard 2.0.10 - 'login.php?table' Local File Inclusion
|
4 |
WEB
|
GoLd_M
|
|
2007-03-30
|
|
phpBB MOD Forum picture and META tags 1.7 - Remote File Inclusion
|
4 |
WEB
|
bd0rk
|
|
2007-03-30
|
|
XOOPS Module Repository - 'viewcat.php' SQL Injection
|
3 |
WEB
|
ajann
|
|
2007-03-30
|
|
JC URLShrink 1.3.1 - Remote Code Execution
|
4 |
WEB
|
Dj7xpl
|
|
2007-03-29
|
|
Advanced Login 0.7 - 'root' Remote File Inclusion
|
3 |
WEB
|
Bithedz
|
|
2007-03-29
|
|
Kaqoo Auction - 'install_root' Multiple Remote File Inclusions
|
4 |
WEB
|
ThE dE@Th
|
|
2007-03-29
|
|
Picture-Engine 1.2.0 - 'wall.php?cat' SQL Injection
|
4 |
WEB
|
Kacper
|
|
2007-03-29
|
|
XOOPS Module MyAds Bug Fix 2.04jp - 'index.php' SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-03-29
|
|
sBLOG 0.7.3 Beta - '/inc/lang.php' Local File Inclusion
|
4 |
WEB
|
GoLd_M
|
|
2007-03-29
|
|
Softerra Time-Assistant 6.2 - 'inc_dir' Remote File Inclusion
|
4 |
WEB
|
K-159
|
|
2007-03-28
|
|
CodeBB 1.0 Beta 2 - 'phpbb_root_path' Remote File Inclusion
|
4 |
WEB
|
Alkomandoz Hacker
|
|
2007-03-28
|
|
MangoBery CMS 0.5.5 - 'quotes.php' Remote File Inclusion
|
4 |
WEB
|
kezzap66345
|
|
2007-03-28
|
|
XOOPS Module Friendfinder 3.3 - 'view.php?id' SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-03-28
|
|
iPhotoAlbum 1.1 - 'header.php' Remote File Inclusion
|
4 |
WEB
|
GoLd_M
|
|
2007-03-28
|
|
XOOPS module Articles 1.03 - 'index.php?cat_id' SQL Injection
|
5 |
WEB
|
ajann
|
|
2007-03-27
|
|
Web Content System 2.7.1 - Remote File Inclusion
|
4 |
WEB
|
kezzap66345
|
|
2007-03-27
|
|
PHP-Nuke Module Eve-Nuke 0.1 - 'mysql.php' Remote File Inclusion
|
4 |
WEB
|
ThE TiGeR
|
|
2007-03-27
|
|
Joomla! Component D4JeZine 2.8 - Blind SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-03-27
|
|
XOOPS module Articles 1.02 - 'print.php?id' SQL Injection
|
4 |
WEB
|
WiLdBoY
|
|
2007-03-26
|
|
C-Arbre 0.6PR7 - 'ROOT_PATH' Remote File Inclusion
|
4 |
WEB
|
K-159
|
|
2007-03-26
|
|
PHP-Nuke Module AddressBook 1.2 - Local File Inclusion
|
4 |
WEB
|
bd0rk
|
|
2007-03-26
|
|
IceBB 1.0-rc5 - Remote Code Execution
|
4 |
WEB
|
Hessam-x
|
|
2007-03-26
|
|
IceBB 1.0-rc5 - Remote Create Admin
|
4 |
WEB
|
Hessam-x
|
|
2007-03-25
|
|
PBlang 4.66z - Remote Code Execution
|
4 |
WEB
|
Hessam-x
|
|
2007-03-25
|
|
PBlang 4.66z - Remote Create Admin
|
4 |
WEB
|
Hessam-x
|
|
2007-03-25
|
|
Free Image Hosting 2.0 - 'AD_BODY_TEMP' Remote File Inclusion
|
4 |
WEB
|
Crackers_Child
|
|
2007-03-25
|
|
Mambo Module Flatmenu 1.07 - Remote File Inclusion
|
4 |
WEB
|
Cold Zero
|
|
2007-03-24
|
|
Joomla! Component RWCards 2.4.3 - SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-03-24
|
|
Joomla! Component Car Manager 1.1 - SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-03-24
|
|
ttCMS 4 - 'ez_sql.php?lib_path' Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2007-03-24
|
|
Net-Side.net CMS - 'index.php?cms' Remote File Inclusion
|
4 |
WEB
|
Sharingan
|
|
2007-03-23
|
|
Joomla! Component Joomlaboard 1.1.1 - 'sbp' Remote File Inclusion
|
4 |
WEB
|
Cold Zero
|
|
2007-03-23
|
|
eWebquiz 8 - 'eWebQuiz.asp' SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-03-23
|
|
Joomla! / Mambo Component SWmenu 4.0 - Remote File Inclusion
|
4 |
WEB
|
Cold Zero
|
|
2007-03-23
|
|
Active NewsLetter 4.3 - 'ViewNewspapers.asp' SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-03-23
|
|
Philex 0.2.3 - Remote File Inclusion / File Disclosure
|
4 |
WEB
|
GoLd_M
|
|
2007-03-23
|
|
Active Auction Pro 7.1 - 'default.asp?catid' SQL Injection
|
4 |
WEB
|
CyberGhost
|
|
2007-03-23
|
|
ActiveBuyandSell 6.2 - 'buyersend.asp?catid' SQL Injection
|
4 |
WEB
|
CyberGhost
|
|
2007-03-23
|
|
Active Trade 2 - 'catid' SQL Injection
|
4 |
WEB
|
CyberGhost
|
|
2007-03-23
|
|
RoseOnlineCMS 3 beta2 - 'op' Local File Inclusion
|
3 |
WEB
|
GoLd_M
|
|
2007-03-22
|
|
AspWebCalendar 4.5 - 'eventid' SQL Injection
|
4 |
WEB
|
parad0x
|
|
2007-03-22
|
|
Lms 1.8.9 - Vala Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2007-03-22
|
|
PortailPhp 2.0 - 'idnews' SQL Injection
|
4 |
WEB
|
Mehmet Ince
|
|
2007-03-22
|
|
ClassWeb 2.0.3 - 'BASE' Remote File Inclusion
|
4 |
WEB
|
GoLd_M
|
|
2007-03-21
|
|
Mambo Component nfnaddressbook 0.4 - Remote File Inclusion
|
4 |
WEB
|
Cold Zero
|
|
2007-03-21
|
|
PHP-revista 1.1.2 - Multiple SQL Injections
|
4 |
WEB
|
Cold Zero
|
|
2007-03-21
|
|
Active Photo Gallery - 'catid' SQL Injection
|
4 |
WEB
|
CyberGhost
|
|
2007-03-21
|
|
Active Link Engine - 'default.asp?catid' SQL Injection
|
4 |
WEB
|
CyberGhost
|
|
2007-03-21
|
|
Digital Eye CMS 0.1.1b - 'module.php' Remote File Inclusion
|
4 |
WEB
|
Cold Zero
|
|
2007-03-21
|
|
study planner (studiewijzer) 0.15 - Remote File Inclusion
|
4 |
WEB
|
K-159
|
|
2007-03-20
|
|
Monster Top List 1.4.2 - 'functions.php?root_path' Remote File Inclusion
|
5 |
WEB
|
fluffy_bunny
|
