|
2007-01-07
|
|
AllMyVisitors 0.4.0 - 'index.php' Remote File Inclusion
|
3 |
WEB
|
bd0rk
|
|
2007-01-07
|
|
AllMyLinks 0.5.0 - 'index.php' Remote File Inclusion
|
4 |
WEB
|
GoLd_M
|
|
2007-01-07
|
|
WordPress Core 2.0.5 - Trackback UTF-7 SQL Injection
|
4 |
WEB
|
Stefan Esser
|
|
2007-01-07
|
|
AllMyGuests 0.3.0 - 'AMG_serverpath' Remote File Inclusion
|
4 |
WEB
|
beks
|
|
2007-01-07
|
|
L2J Statistik Script 0.09 - 'index.php' Local File Inclusion
|
4 |
WEB
|
Codebreak
|
|
2007-01-06
|
|
NUNE News Script 2.0pre2 - Multiple Remote File Inclusions
|
4 |
WEB
|
Mehmet Ince
|
|
2007-01-05
|
|
Quote&Ordering System 1.0 - 'ordernum' Multiple Vulnerabilities
|
4 |
WEB
|
ajann
|
|
2007-01-05
|
|
Coppermine Photo Gallery 1.4.10 - 'xpl.php' SQL Injection
|
5 |
WEB
|
DarkFig
|
|
2007-01-05
|
|
ig shop 1.0 - Code Execution / SQL Injection
|
4 |
WEB
|
Michael Brooks
|
|
2007-01-05
|
|
iG Calendar 1.0 - 'user.php?id' SQL Injection
|
4 |
WEB
|
Michael Brooks
|
|
2007-01-04
|
|
DigiRez 3.4 - 'book_id' SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-01-04
|
|
Aratix 0.2.2b11 - '/inc/init.inc.php' Remote File Inclusion
|
4 |
WEB
|
nuffsaid
|
|
2007-01-03
|
|
Simple Web Content Management System - SQL Injection
|
4 |
WEB
|
DarkFig
|
|
2007-01-03
|
|
VerliAdmin 0.3 - 'language.php' Local File Inclusion
|
4 |
WEB
|
Kw3[R]Ln
|
|
2007-01-03
|
|
E-Smart Cart 1.0 - 'Product_ID' SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-01-03
|
|
LocazoList 2.01a beta5 - 'subcatID' SQL Injection
|
4 |
WEB
|
ajann
|
|
2007-01-01
|
|
TaskTracker 1.5 - 'Customize.asp' Remote Add Administrator
|
4 |
WEB
|
ajann
|
|
2007-01-01
|
|
NewsCMSLite - 'newsCMS.mdb' Remote Password Disclosure
|
3 |
WEB
|
KaBuS
|
|
2007-01-01
|
|
WWWBoard 2.0 - 'passwd.txt' Remote Password Disclosure
|
4 |
WEB
|
bd0rk
|
|
2007-01-01
|
|
AutoDealer 2.0 - 'detail.asp?iPro' SQL Injection
|
3 |
WEB
|
ajann
|
|
2007-01-01
|
|
Vizayn Haber - 'haberdetay.asp?id' SQL Injection
|
5 |
WEB
|
chernobiLe
|
|
2007-01-01
|
|
RBlog 1.0 - 'admin.mdb' Remote Password Disclosure
|
4 |
WEB
|
Aria-Security Team
|
|
2006-12-31
|
|
Bubla 0.9.2 - 'bu_dir' Multiple Remote File Inclusions
|
3 |
WEB
|
DeltahackingTEAM
|
|
2006-12-31
|
|
MDForum 2.0.1 - 'PNSVlang' Remote Code Execution
|
2 |
WEB
|
Kacper
|
|
2006-12-31
|
|
P-News 1.16/1.17 - 'user.dat' Remote Password Disclosure
|
4 |
WEB
|
3l3ctric-Cracker
|
|
2006-12-31
|
|
Vz (Adp) Forum 2.0.3 - Remote Password Disclosure
|
3 |
WEB
|
3l3ctric-Cracker
|
|
2006-12-30
|
|
WordPress Plugin Enigma 2 Bridge - 'boarddir' Remote File Inclusion
|
5 |
WEB
|
Mehmet Ince
|
|
2006-12-30
|
|
Enigma 2 Coppermine Bridge - 'boarddir' Remote File Inclusion
|
3 |
WEB
|
Mehmet Ince
|
|
2006-12-30
|
|
IMGallery 2.5 - Create Uploader Script
|
4 |
WEB
|
Kacper
|
|
2006-12-30
|
|
Click N Print Coupons 2006.01 - 'key' SQL Injection
|
4 |
WEB
|
ajann
|
|
2006-12-30
|
|
FreeStyle Wiki 3.6.2 - 'user.dat' Password Disclosure
|
4 |
WEB
|
bd0rk
|
|
2006-12-30
|
|
SoftArtisans SAFileUp 5.0.14 - 'viewsrc.asp' Script Source Disclosure
|
4 |
WEB
|
Inge Henriksen
|
|
2006-12-30
|
|
Cacti 0.8.6i - 'copy_cacti_user.php' SQL Injection Create Admin
|
4 |
WEB
|
rgod
|
|
2006-12-30
|
|
Voodoo chat 1.0RC1b - 'users.dat' Password Disclosure
|
3 |
WEB
|
bd0rk
|
|
2006-12-30
|
|
x-news 1.1 - 'users.txt' Remote Password Disclosure
|
3 |
WEB
|
bd0rk
|
|
2006-12-29
|
|
EasyNews PRO News Publishing 4.0 - Password Disclosure
|
4 |
WEB
|
bd0rk
|
|
2006-12-28
|
|
WebText 0.4.5.2 - Remote Code Execution
|
4 |
WEB
|
Kacper
|
|
2006-12-28
|
|
ASPTicker 1.0 - Authentication Bypass
|
4 |
WEB
|
ajann
|
|
2006-12-28
|
|
phpBB2 Plus 1.53 - Acronym Mod SQL Injection
|
4 |
WEB
|
the master
|
|
2006-12-28
|
|
wywo inout board 1.0 - Multiple Vulnerabilities
|
4 |
WEB
|
ajann
|
|
2006-12-28
|
|
aFAQ 1.0 - 'faqDsp.asp?catcode' SQL Injection
|
4 |
WEB
|
ajann
|
|
2006-12-27
|
|
Cacti 0.8.6i - 'cmd.php?popen()' Remote Injection
|
4 |
WEB
|
rgod
|
|
2006-12-27
|
|
Limbo CMS Module event 1.0 - Remote File Inclusion
|
3 |
WEB
|
Mehmet Ince
|
|
2006-12-27
|
|
Fantastic News 2.1.4 - Multiple Remote File Inclusions
|
4 |
WEB
|
Mr-m07
|
|
2006-12-27
|
|
Bubla 1.0.0rc2 - '/bu/process.php' Remote File Inclusion
|
4 |
WEB
|
DeltahackingTEAM
|
|
2006-12-27
|
|
Yrch 1.0 - 'plug.inc.phppath' Remote File Inclusion
|
4 |
WEB
|
DeltahackingTEAM
|
|
2006-12-26
|
|
PHP-Update 2.7 - '/admin/uploads.php' Remote Code Execution
|
4 |
WEB
|
undefined1_
|
|
2006-12-26
|
|
myPHPCalendar 10192000b - 'cal_dir' Remote File Inclusion
|
4 |
WEB
|
Cr@zy_King
|
|
2006-12-26
|
|
mxBB Module pafiledb 2.0.1b - Remote File Inclusion
|
4 |
WEB
|
bd0rk
|
|
2006-12-26
|
|
PHP-Update 2.7 - Multiple Vulnerabilities
|
4 |
WEB
|
rgod
|
|
2006-12-26
|
|
Cahier de texte 2.2 - Bypass General Access Protection
|
5 |
WEB
|
DarkFig
|
|
2006-12-26
|
|
The Classified Ad System 1.0 - 'main' SQL Injection
|
4 |
WEB
|
ajann
|
|
2006-12-25
|
|
logahead UNU edition 1.0 - Arbitrary File Upload / Code Execution
|
4 |
WEB
|
CorryL
|
|
2006-12-25
|
|
Okul Merkezi Portal 1.0 - 'ataturk.php' Remote File Inclusion
|
4 |
WEB
|
ShaFuck31
|
|
2006-12-25
|
|
Fishyshoop 0.930b - Remote Add Administrator Account
|
4 |
WEB
|
James Gray
|
|
2006-12-25
|
|
myPHPNuke Module My_eGallery 2.5.6 - 'basepath' Remote File Inclusion
|
4 |
WEB
|
Mehmet Ince
|
|
2006-12-25
|
|
Shadowed Portal Module Character Roster - 'mod_root' Remote File Inclusion
|
4 |
WEB
|
Mehmet Ince
|
|
2006-12-25
|
|
Ciberia Content Federator 1.0.1 - 'path' Remote File Inclusion
|
4 |
WEB
|
DeltahackingTEAM
|
|
2006-12-25
|
|
Irokez Blog 0.7.1 - Multiple Remote File Inclusions
|
3 |
WEB
|
nuffsaid
|
|
2006-12-25
|
|
PhpbbXtra 2.0 - 'phpbb_root_path' Remote File Inclusion
|
4 |
WEB
|
Mehmet Ince
|
|
2006-12-25
|
|
MTCMS 2.0 - '/admin/admin_settings.php' Remote File Inclusion
|
2 |
WEB
|
nuffsaid
|
|
2006-12-25
|
|
eNdonesia 8.4 - '/mod.php/friend.php/admin.php' Multiple Vulnerabilities
|
3 |
WEB
|
z1ckX(ru)
|
|
2006-12-25
|
|
Jinzora 2.7 - 'INCLUDE_PATH' Multiple Remote File Inclusions
|
3 |
WEB
|
nuffsaid
|
|
2006-12-25
|
|
HLStats 1.34 - 'hlstats.php' SQL Injection
|
3 |
WEB
|
Michael Brooks
|
|
2006-12-24
|
|
Ananda Real Estate 3.4 - 'agent' SQL Injection
|
3 |
WEB
|
ajann
|
|
2006-12-24
|
|
Pagetool CMS 1.07 - 'pt_upload.php' Remote File Inclusion
|
3 |
WEB
|
g00ns
|
|
2006-12-24
|
|
Ultimate PHP Board 2.0b1 - '/chat/login.php' Code Execution
|
3 |
WEB
|
nuffsaid
|
|
2006-12-24
|
|
NewsLetter MX 1.0.2 - 'ID' SQL Injection
|
3 |
WEB
|
ajann
|
|
2006-12-24
|
|
File Upload Manager 1.0.6 - 'detail.asp' SQL Injection
|
3 |
WEB
|
ajann
|
|
2006-12-23
|
|
Enthrallweb eNews 1.0 - Remote User Pass Change
|
3 |
WEB
|
ajann
|
|
2006-12-23
|
|
Enthrallweb eCoupons 1.0 - 'myprofile.asp' Remote Pass Change
|
3 |
WEB
|
ajann
|
|
2006-12-23
|
|
Enthrallweb eClassifieds 1.0 - Remote User Pass Change
|
3 |
WEB
|
ajann
|
|
2006-12-23
|
|
Calendar MX BASIC 1.0.2 - 'ID' SQL Injection
|
3 |
WEB
|
ajann
|
|
2006-12-23
|
|
Dragon Business Directory 3.01.12 - 'ID' SQL Injection
|
3 |
WEB
|
ajann
|
|
2006-12-23
|
|
Enthrallweb ePages - 'actualpic.asp' SQL Injection
|
3 |
WEB
|
ajann
|
|
2006-12-23
|
|
Enthrallweb emates 1.0 - 'newsdetail.asp' SQL Injection
|
4 |
WEB
|
ajann
|
|
2006-12-23
|
|
Enthrallweb eCars 1.0 - 'types.asp' SQL Injection
|
4 |
WEB
|
ajann
|
|
2006-12-23
|
|
Enthrallweb eJobs - 'newsdetail.asp' SQL Injection
|
4 |
WEB
|
ajann
|
|
2006-12-23
|
|
Enthrallweb eHomes 1.0 - Multiple (SQL Injection / Cross-Site Scripting) Vulnerabilities
|
4 |
WEB
|
ajann
|
|
2006-12-23
|
|
Enthrallweb ePhotos 1.0 - 'subLevel2.asp' SQL Injection
|
4 |
WEB
|
ajann
|
|
2006-12-23
|
|
SH-News 0.93 - 'misc.php' Remote File Inclusion
|
4 |
WEB
|
bd0rk
|
|
2006-12-23
|
|
b2 Blog 0.5 - 'b2verifauth.php' Remote File Inclusion
|
4 |
WEB
|
mdx
|
|
2006-12-22
|
|
3editor CMS 0.42 - 'index.php' Local File Inclusion
|
4 |
WEB
|
3l3ctric-Cracker
|
|
2006-12-23
|
|
open NewsLetter 2.5 - Multiple Vulnerabilities (2)
|
4 |
WEB
|
BlackHawk
|
|
2006-12-22
|
|
EternalMart Guestbook 1.10 - '/admin/auth.php' Remote File Inclusion
|
4 |
WEB
|
mdx
|
|
2006-12-22
|
|
KISGB 5.1.1 - 'Authenticate.php' Remote File Inclusion
|
3 |
WEB
|
mdx
|
|
2006-12-21
|
|
MKPortal M1.1.1 - 'Urlobox' Cross-Site Request Forgery
|
3 |
WEB
|
Demential
|
|
2006-12-21
|
|
inertianews 0.02b - 'inertianews_main.php' Remote File Inclusion
|
5 |
WEB
|
bd0rk
|
|
2006-12-21
|
|
Ixprim CMS 1.2 - Blind SQL Injection
|
4 |
WEB
|
DarkFig
|
|
2006-12-21
|
|
PowerClan 1.14a - 'footer.inc.php' Remote File Inclusion
|
4 |
WEB
|
nuffsaid
|
|
2006-12-21
|
|
PgmReloaded 0.8.5 - Multiple Remote File Inclusions
|
4 |
WEB
|
nuffsaid
|
|
2006-12-21
|
|
Newxooper-PHP 0.9.1 - 'mapage.php' Remote File Inclusion
|
4 |
WEB
|
3l3ctric-Cracker
|
|
2006-12-21
|
|
PHP/Mysql Site Builder 0.0.2 - 'htm2PHP.php' File Disclosure
|
4 |
WEB
|
the master
|
|
2006-12-20
|
|
PHP Advanced Transfer Manager 1.30 - Source Code Disclosure
|
4 |
WEB
|
Kacper
|
|
2006-12-20
|
|
TextSend 1.5 - '/config/sender.php' Remote File Inclusion
|
4 |
WEB
|
nuffsaid
|
|
2006-12-20
|
|
Valdersoft Shopping Cart 3.0 - Multiple Remote File Inclusions
|
5 |
WEB
|
mdx
|
|
2006-12-19
|
|
cwmExplorer 1.0 - 'show_file' Source Code Disclosure
|
4 |
WEB
|
ajann
|
|
2006-12-19
|
|
Burak Yilmaz Download Portal - 'down.asp' SQL Injection
|
3 |
WEB
|
ShaFuck31
|
|
2006-12-19
|
|
cwmCounter 5.1.1 - 'statistic.php' Remote File Inclusion
|
4 |
WEB
|
bd0rk
|
|
2006-12-19
|
|
cwmVote 1.0 - 'archive.php' Remote File Inclusion
|
4 |
WEB
|
bd0rk
|
|
2006-12-19
|
|
PHPFanBase 2.x - 'protection.php' Remote File Inclusion
|
4 |
WEB
|
Cold Zero
|
|
2006-12-19
|
|
phpProfiles 3.1.2b - Multiple Remote File Inclusions
|
4 |
WEB
|
nuffsaid
|
|
2006-12-19
|
|
Paristemi 0.8.3b - 'buycd.php' Remote File Inclusion
|
4 |
WEB
|
nuffsaid
|
|
2006-12-19
|
|
PHP-Update 2.7 - 'extract()' Authentication Bypass / Shell Injection
|
4 |
WEB
|
rgod
|
|
2006-12-18
|
|
RateMe 1.3.2 - 'main.inc.php' Remote File Inclusion
|
4 |
WEB
|
Al7ejaz Hacker
|
|
2006-12-18
|
|
Uploader & Downloader 3.0 - 'id_user' SQL Injection
|
4 |
WEB
|
the master
|
|
2006-12-18
|
|
VerliAdmin 0.3 - 'index.php' Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2006-12-18
|
|
Azucar CMS 1.3 - '/admin/index_sitios.php' File Inclusion
|
4 |
WEB
|
nuffsaid
|
|
2006-12-16
|
|
mxBB Module Meeting 1.1.2 - Remote File Inclusion
|
4 |
WEB
|
ajann
|
|
2006-12-16
|
|
mxbb module charts 1.0.0 - Remote File Inclusion
|
4 |
WEB
|
ajann
|
|
2006-12-16
|
|
mxBB Module WebLinks 2.05 - Remote File Inclusion
|
4 |
WEB
|
ajann
|
|
2006-12-16
|
|
Bandwebsite 1.5 - 'LOGIN' Remote Add Admin
|
4 |
WEB
|
H0tTurk-
|
|
2006-12-16
|
|
extreme-fusion 4.02 - Remote Code Execution
|
4 |
WEB
|
Kacper
|
|
2006-12-14
|
|
AR Memberscript - 'usercp_menu.php' Remote File Inclusion
|
4 |
WEB
|
ex0
|
|
2006-12-14
|
|
yaplap 0.6.1b - 'ldap.php' Remote File Inclusion
|
4 |
WEB
|
DeltahackingTEAM
|
|
2006-12-13
|
|
PHPMyCMS 0.3 - 'basic.inc.php' Remote File Inclusion
|
4 |
WEB
|
v1per-haCker
|
|
2006-12-12
|
|
mxBB Module newssuite 1.03 - Remote File Inclusion
|
4 |
WEB
|
3l3ctric-Cracker
|
|
2006-12-12
|
|
mxBB Module kb_mods 2.0.2 - Remote File Inclusion
|
4 |
WEB
|
3l3ctric-Cracker
|
|
2006-12-12
|
|
Blog:CMS 4.1.3 - 'NP_UserSharing.php' Remote File Inclusion
|
4 |
WEB
|
HACKERS PAL
|
|
2006-12-12
|
|
mxBB Module mx_modsdb 1.0 - Remote File Inclusion
|
4 |
WEB
|
Lu7k
|
|
2006-12-11
|
|
Barman 0.0.1r3 - 'Interface.php' Remote File Inclusion
|
4 |
WEB
|
DeltahackingTEAM
|
|
2006-12-11
|
|
mxBB Module Activity Games 0.92 - Remote File Inclusion
|
4 |
WEB
|
3l3ctric-Cracker
|
|
2006-12-11
|
|
mxBB Module ErrorDocs 1.0 - 'common.php' Remote File Inclusion
|
3 |
WEB
|
bd0rk
|
|
2006-12-10
|
|
PHPAlbum 0.4.1 Beta 6 - 'language.php' Local File Inclusion
|
5 |
WEB
|
Kacper
|
|
2006-12-09
|
|
HR Assist 1.05 - 'vdateUsr.asp' Remote Authentication Bypass
|
4 |
WEB
|
ajann
|
