|
2006-08-01
|
|
NewsLetter 3.5 - 'NL_PATH' Remote File Inclusion
|
2 |
WEB
|
SHiKaA
|
|
2006-07-31
|
|
MyNewsGroups 0.6b - 'myng_root' Remote Inclusion
|
3 |
WEB
|
Philipp Niedziela
|
|
2006-07-31
|
|
PhpReactor 1.2.7pl1 - 'pathtohomedir' Remote File Inclusion
|
3 |
WEB
|
CeNGiZ-HaN
|
|
2006-07-30
|
|
Joomla! Component LMO 1.0b2 - Remote File Inclusion
|
3 |
WEB
|
vitux
|
|
2006-07-30
|
|
Joomla! Component com_bayesiannaivefilter 1.1 - Remote File Inclusion
|
3 |
WEB
|
Pablin77
|
|
2006-07-30
|
|
Mambo Component User Home Pages 0.5 - Remote File Inclusion
|
3 |
WEB
|
Kurdish Security
|
|
2006-07-30
|
|
ATutor 1.5.3.1 - 'links' Blind SQL Injection
|
2 |
WEB
|
rgod
|
|
2006-07-29
|
|
vbPortal 3.0.2 < 3.6.0 b1 - 'cookie' Remote Code Execution
|
2 |
WEB
|
r00t
|
|
2006-07-29
|
|
Mambo Component mambatStaff 3.1b - Remote File Inclusion
|
2 |
WEB
|
Dr.Jr7
|
|
2006-07-29
|
|
Mambo Component 'com_colophon' 1.2 - Remote File Inclusion
|
3 |
WEB
|
Drago84
|
|
2006-07-28
|
|
Mambo Component MGM 0.95r2 - Remote File Inclusion
|
2 |
WEB
|
A-S-T TEAM
|
|
2006-07-28
|
|
Mambo Component Security Images 3.0.5 - Remote File Inclusion
|
2 |
WEB
|
Drago84
|
|
2006-07-27
|
|
Portail PHP 1.7 - 'chemin' Remote File Inclusion
|
2 |
WEB
|
Mehmet Ince
|
|
2006-07-27
|
|
Mambo Component 'com_a6mambohelpdesk' 18RC1 - Remote File Inclusion
|
2 |
WEB
|
Dr.Jr7
|
|
2006-07-27
|
|
WMNews 0.2a - 'base_datapath' Remote File Inclusion
|
2 |
WEB
|
uNfz
|
|
2006-07-25
|
|
Etomite CMS 0.6.1 - 'rfiles.php' Remote Command Execution
|
3 |
WEB
|
rgod
|
|
2006-07-25
|
|
Etomite CMS 0.6.1 - 'Username' SQL Injection (mq = off)
|
3 |
WEB
|
rgod
|
|
2006-07-24
|
|
Mambo Component PrinceClan Chess 0.8 - Remote File Inclusion
|
4 |
WEB
|
OLiBekaS
|
|
2006-07-24
|
|
X7 Chat 2.0.4 - 'old_prefix' Blind SQL Injection
|
4 |
WEB
|
rgod
|
|
2006-07-23
|
|
Mambo Component multibanners 1.0.1 - Remote File Inclusion
|
4 |
WEB
|
Blue|Spy
|
|
2006-07-23
|
|
Mambo Component Mam-Moodle alpha - Remote File Inclusion
|
3 |
WEB
|
jank0
|
|
2006-07-23
|
|
ArticlesOne 07232006 - 'page' Remote File Inclusion
|
3 |
WEB
|
CyberLord
|
|
2006-07-23
|
|
Mambo Component MoSpray 18RC1 - Remote File Inclusion
|
3 |
WEB
|
Kurdish Security
|
|
2006-07-23
|
|
PHP Live! 3.2.1 - 'help.php' Remote File Inclusion
|
3 |
WEB
|
magnific
|
|
2006-07-22
|
|
PHP Forge 3 Beta 2 - 'cfg_racine' Remote File Inclusion
|
2 |
WEB
|
Virangar Security
|
|
2006-07-21
|
|
LoudBlog 0.5 - SQL Injection / Admin Credentials Disclosure
|
4 |
WEB
|
rgod
|
|
2006-07-20
|
|
SiteDepth CMS 3.0.1 - 'SD_DIR' Remote File Inclusion
|
3 |
WEB
|
Aesthetico
|
|
2006-07-20
|
|
iManage CMS 4.0.12 - 'absolute_path' Remote File Inclusion
|
3 |
WEB
|
Matdhule
|
|
2006-07-18
|
|
PHP-Post 1.0 - Cookie Modification Privilege Escalation
|
3 |
WEB
|
FarhadKey
|
|
2006-07-18
|
|
ToendaCMS 1.0.0 - 'FCKeditor' Arbitrary File Upload
|
3 |
WEB
|
rgod
|
|
2006-07-18
|
|
Invision Power Board 2.1 < 2.1.6 - SQL Injection (2)
|
3 |
WEB
|
w4g.not null
|
|
2006-07-18
|
|
Eskolar CMS 0.9.0.0 - Blind SQL Injection
|
4 |
WEB
|
Jacek Wlodarczyk
|
|
2006-07-17
|
|
Mambo Component MiniBB 1.5a - Remote File Inclusion
|
3 |
WEB
|
Matdhule
|
|
2006-07-17
|
|
Mambo Component pollxt 1.22.07 - Remote File Inclusion
|
3 |
WEB
|
vitux
|
|
2006-07-17
|
|
Mambo Component Sitemap 2.0.0 - Remote File Inclusion
|
2 |
WEB
|
Matdhule
|
|
2006-07-17
|
|
Mambo Module HTMLArea3 1.5 - Remote File Inclusion
|
2 |
WEB
|
Matdhule
|
|
2006-07-17
|
|
Mambo Component com_hashcash 1.2.1 - Remote File Inclusion
|
2 |
WEB
|
Matdhule
|
|
2006-07-17
|
|
Mambo Component perForms 1.0 - Remote File Inclusion
|
2 |
WEB
|
endeneu
|
|
2006-07-17
|
|
Mambo Component pc_cookbook 0.3 - Remote File Inclusion
|
4 |
WEB
|
Matdhule
|
|
2006-07-17
|
|
Mambo Component com_loudmouth 4.0j - Remote File Inclusion
|
3 |
WEB
|
h4ntu
|
|
2006-07-17
|
|
Mambo Component ExtCalendar 2.0 - Remote File Inclusion
|
2 |
WEB
|
OLiBekaS
|
|
2006-07-17
|
|
Mambo Component SMF Forum 1.3.1.3 - Remote File Inclusion
|
1 |
WEB
|
ASIANEAGLE
|
|
2006-07-17
|
|
Mambo Component com_videodb 0.3en - Remote File Inclusion
|
2 |
WEB
|
h4ntu
|
|
2006-07-17
|
|
mail2forum phpBB Mod 1.2 - 'm2f_root_path' Remote File Inclusion
|
2 |
WEB
|
OLiBekaS
|
|
2006-07-16
|
|
FlushCMS 1.0.0-pre2 - 'class.rich.php' Remote File Inclusion
|
2 |
WEB
|
igi
|
|
2006-07-15
|
|
MyBulletinBoard (MyBB) 1.1.5 - 'CLIENT-IP' SQL Injection
|
3 |
WEB
|
rgod
|
|
2006-07-14
|
|
Invision Power Board 2.1 < 2.1.6 - SQL Injection (1)
|
2 |
WEB
|
RusH
|
|
2006-07-13
|
|
CzarNews 1.14 - 'tpath' Remote File Inclusion
|
3 |
WEB
|
SHiKaA
|
|
2006-07-13
|
|
Phorum 5 - 'pm.php' Arbitrary Local Inclusion
|
2 |
WEB
|
rgod
|
|
2006-07-13
|
|
phpBB 3 - 'memberlist.php' SQL Injection
|
4 |
WEB
|
rgod
|
|
2006-07-10
|
|
SQuery 4.5 - 'gore.php' Remote File Inclusion
|
3 |
WEB
|
SHiKaA
|
|
2006-07-10
|
|
EJ3 TOPo 2.2 - 'descripcion' Remote Command Execution
|
4 |
WEB
|
Hessam-x
|
|
2006-07-09
|
|
Ottoman CMS 1.1.3 - '?default_path=' Remote File Inclusion (2)
|
5 |
WEB
|
Jacek Wlodarczyk
|
|
2006-07-09
|
|
Sabdrimer PRO 2.2.4 - 'pluginpath' Remote File Inclusion
|
3 |
WEB
|
A.nosrati
|
|
2006-07-08
|
|
Mambo Component com_forum 1.2.4RC3 - Remote File Inclusion
|
3 |
WEB
|
h4ntu
|
|
2006-07-08
|
|
Mambo Component SimpleBoard 1.1.0 - Remote File Inclusion
|
4 |
WEB
|
h4ntu
|
|
2006-07-07
|
|
PAPOO 3_RC3 - SQL Injection / Admin Credentials Disclosure
|
4 |
WEB
|
rgod
|
|
2006-07-07
|
|
Pivot 1.30 RC2 - Privilege Escalation / Remote Code Execution
|
5 |
WEB
|
rgod
|
|
2006-07-06
|
|
Hosting Controller 6.1 Hotfix 3.1 - Privilege Escalation
|
4 |
WEB
|
Soroush Dalili
|
|
2006-07-05
|
|
MyPHP CMS 0.3 - 'domain' Remote File Inclusion
|
4 |
WEB
|
Kw3[R]Ln
|
|
2006-07-04
|
|
WonderEdit Pro CMS (template_path) - Remote File Inclusion
|
4 |
WEB
|
OLiBekaS
|
|
2006-07-04
|
|
Mambo Module galleria 1.0b - Remote File Inclusion
|
4 |
WEB
|
sikunYuk
|
|
2006-07-02
|
|
BXCP 0.3.0.4 - 'where' SQL Injection
|
3 |
WEB
|
x23
|
|
2006-07-01
|
|
SmartSite CMS 1.0 - 'root' Multiple Remote File Inclusions
|
3 |
WEB
|
CrAsh_oVeR_rIdE
|
|
2006-07-01
|
|
Randshop 1.1.1 - 'header.inc.php' Remote File Inclusion
|
4 |
WEB
|
OLiBekaS
|
|
2006-07-01
|
|
Plume CMS 1.1.3 - 'dbinstall.php' Remote File Inclusion
|
4 |
WEB
|
Hamid Ebadi
|
|
2006-07-01
|
|
Stud.IP 1.3.0-2 - Multiple Remote File Inclusions
|
4 |
WEB
|
Hamid Ebadi
|
|
2006-07-01
|
|
DZCP (deV!L_z Clanportal) 1.34 - 'id' SQL Injection
|
4 |
WEB
|
x128
|
|
2006-06-29
|
|
GeekLog 1.4.0sr3 - 'f(u)ckeditor' Remote Code Execution
|
3 |
WEB
|
rgod
|
|
2006-06-29
|
|
GeekLog 1.4.0sr3 - '_CONF[path]' Remote File Inclusion
|
4 |
WEB
|
Kw3[R]Ln
|
|
2006-06-28
|
|
XOOPS myAds Module - 'lid' SQL Injection
|
4 |
WEB
|
KeyCoder
|
|
2006-06-28
|
|
Blog:CMS 4.0.0k - SQL Injection
|
4 |
WEB
|
rgod
|
|
2006-06-28
|
|
RsGallery2 < 1.11.2 - 'rsgallery.html.php' File Inclusion
|
4 |
WEB
|
marriottvn
|
|
2006-06-27
|
|
Scout Portal Toolkit 1.4.0 - 'forumid' SQL Injection
|
4 |
WEB
|
simo64
|
|
2006-06-27
|
|
Mambo Component Pearl 1.6 - Multiple Remote File Inclusions
|
4 |
WEB
|
Kw3[R]Ln
|
|
2006-06-26
|
|
Mambo Module CBSms 1.0 - Remote File Inclusion
|
3 |
WEB
|
Kw3[R]Ln
|
|
2006-06-25
|
|
DreamAccount 3.1 - 'auth.api.php' Remote File Inclusion
|
3 |
WEB
|
CrAsh_oVeR_rIdE
|
|
2006-06-25
|
|
DeluxeBB 1.07 - Remote Create Admin
|
5 |
WEB
|
Hessam-x
|
|
2006-06-25
|
|
THoRCMS 1.3.1 - 'phpbb_root_path' Remote File Inclusion
|
4 |
WEB
|
Kw3[R]Ln
|
|
2006-06-25
|
|
MagNet BeeHive CMS (header) - Remote File Inclusion
|
4 |
WEB
|
Kw3[R]Ln
|
|
2006-06-25
|
|
MyBulletinBoard (MyBB) 1.1.3 - 'usercp.php' Create Admin
|
4 |
WEB
|
Hessam-x
|
|
2006-06-24
|
|
phpMySms 2.0 - 'ROOT_PATH' Remote File Inclusion
|
4 |
WEB
|
Persian-Defacer
|
|
2006-06-23
|
|
Jaws 0.6.2 - Search gadget SQL Injection
|
4 |
WEB
|
rgod
|
|
2006-06-22
|
|
w-Agora 4.2.0 - 'inc_dir' Remote File Inclusion
|
4 |
WEB
|
the_day
|
|
2006-06-22
|
|
Harpia CMS 1.0.5 - Remote File Inclusion
|
4 |
WEB
|
Kw3[R]Ln
|
|
2006-06-22
|
|
ralf image Gallery 0.7.4 - Multiple Vulnerabilities
|
3 |
WEB
|
Aesthetico
|
|
2006-06-22
|
|
Mambo 4.6rc1 - Weblinks Blind SQL Injection (2)
|
3 |
WEB
|
rgod
|
|
2006-06-21
|
|
DataLife Engine 4.1 - SQL Injection
|
4 |
WEB
|
RusH
|
|
2006-06-21
|
|
DataLife Engine 4.1 - SQL Injection
|
4 |
WEB
|
RusH
|
|
2006-06-20
|
|
SmartSite CMS 1.0 - 'root' Remote File Inclusion
|
4 |
WEB
|
Archit3ct
|
|
2006-06-20
|
|
dotProject 2.0.3 - 'baseDir' Remote File Inclusion
|
4 |
WEB
|
h4ntu
|
|
2006-06-20
|
|
BandSite CMS 1.1.1 - 'ROOT_PATH' Remote File Inclusion
|
4 |
WEB
|
Kw3[R]Ln
|
|
2006-06-20
|
|
Ultimate PHP Board 1.96 GOLD - Multiple Vulnerabilities
|
4 |
WEB
|
Michael Brooks
|
|
2006-06-19
|
|
ASP Stats Generator 2.1.1 - SQL Injection
|
4 |
WEB
|
Hamid Ebadi
|
|
2006-06-19
|
|
WeBBoA Host Script 1.1 - SQL Injection
|
3 |
WEB
|
EntriKa
|
|
2006-06-19
|
|
Micro CMS 0.3.5 - 'microcms_path' Remote File Inclusion
|
5 |
WEB
|
CeNGiZ-HaN
|
|
2006-06-19
|
|
IdeaBox 1.1 - 'gorumDir' Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2006-06-18
|
|
PHP Live Helper 1.x - 'abs_path' Remote File Inclusion
|
4 |
WEB
|
SnIpEr_SA
|
|
2006-06-18
|
|
Indexu 5.0.1 - 'admin_template_path' Remote File Inclusion
|
5 |
WEB
|
CrAsh_oVeR_rIdE
|
|
2006-06-17
|
|
Ad Manager Pro 2.6 - 'ipath' Remote File Inclusion
|
4 |
WEB
|
Basti
|
|
2006-06-17
|
|
Joomla! 1.0.9 - 'Weblinks' Blind SQL Injection
|
4 |
WEB
|
rgod
|
|
2006-06-17
|
|
FlashBB 1.1.8 - 'phpbb_root_path' Remote File Inclusion
|
2 |
WEB
|
h4ntu
|
|
2006-06-17
|
|
Mambo 4.6rc1 - Weblinks Blind SQL Injection (1)
|
2 |
WEB
|
rgod
|
|
2006-06-16
|
|
CMS Faethon 1.3.2 - 'mainpath' Remote File Inclusion
|
3 |
WEB
|
K-159
|
|
2006-06-15
|
|
Bitweaver 1.3 - 'tmpImagePath' Attachment mod_mime
|
4 |
WEB
|
rgod
|
|
2006-06-15
|
|
DeluxeBB 1.06 - 'templatefolder' Remote File Inclusion
|
4 |
WEB
|
Andreas Sandblad
|
|
2006-06-14
|
|
Content-Builder (CMS) 0.7.2 - Multiple Include Vulnerabilities
|
3 |
WEB
|
Kacper
|
|
2006-06-14
|
|
PHP Blue Dragon CMS 2.9.1 - 'template.php' File Inclusion
|
4 |
WEB
|
Federico Fazzi
|
|
2006-06-14
|
|
The Bible Portal Project 2.12 - 'destination' File Inclusion
|
5 |
WEB
|
Kacper
|
|
2006-06-13
|
|
MyBulletinBoard (MyBB) < 1.1.3 - Remote Code Execution
|
4 |
WEB
|
Javier Olascoaga
|
|
2006-06-13
|
|
Minerva 2.0.8a Build 237 - 'phpbb_root_path' File Inclusion
|
5 |
WEB
|
Kacper
|
|
2006-06-13
|
|
aWebNews 1.5 - 'visview.php' Remote File Inclusion
|
3 |
WEB
|
SpC-x
|
|
2006-06-12
|
|
DCP-Portal 6.1.x - 'root' Remote File Inclusion
|
3 |
WEB
|
Federico Fazzi
|
|
2006-06-12
|
|
blur6ex 0.3.462 - 'ID' Admin Disclosure / Blind SQL Injection
|
3 |
WEB
|
rgod
|
|
2006-06-11
|
|
Content-Builder (CMS) 0.7.5 - Multiple Include Vulnerabilities
|
4 |
WEB
|
Federico Fazzi
|
|
2006-06-11
|
|
AWF CMS 1.11 - 'spaw_root' Remote File Inclusion
|
3 |
WEB
|
Federico Fazzi
|
|
2006-06-11
|
|
RCblog 1.03 - 'POST' Remote Command Execution
|
3 |
WEB
|
Hessam-x
|
|
2006-06-11
|
|
MaxiSepet 1.0 - 'link' SQL Injection
|
3 |
WEB
|
nukedx
|
|
2006-06-11
|
|
free QBoard 1.1 - 'qb_path' Remote File Inclusion
|
3 |
WEB
|
Kacper
|
|
2006-06-11
|
|
WebprojectDB 0.1.3 - 'INCDIR' Remote File Inclusion
|
3 |
WEB
|
Kacper
|
|
2006-06-10
|
|
phpOnDirectory 1.0 - Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2006-06-10
|
|
aePartner 0.8.3 - 'dir[data]' Remote File Inclusion
|
5 |
WEB
|
Kacper
|
|
2006-06-10
|
|
empris r20020923 - 'phormationdir' Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2006-06-09
|
|
MailEnable Enterprise 2.0 - 'ASP' Multiple Vulnerabilities
|
4 |
WEB
|
Soroush Dalili
|
|
2006-06-08
|
|
Guestex Guestbook 1.00 - 'email' Remote Code Execution
|
4 |
WEB
|
K-sPecial
|
