|
2006-07-01
|
|
SmartSite CMS 1.0 - 'root' Multiple Remote File Inclusions
|
17 |
WEB
|
CrAsh_oVeR_rIdE
|
|
2006-07-01
|
|
Randshop 1.1.1 - 'header.inc.php' Remote File Inclusion
|
19 |
WEB
|
OLiBekaS
|
|
2006-07-01
|
|
Plume CMS 1.1.3 - 'dbinstall.php' Remote File Inclusion
|
17 |
WEB
|
Hamid Ebadi
|
|
2006-07-01
|
|
Stud.IP 1.3.0-2 - Multiple Remote File Inclusions
|
19 |
WEB
|
Hamid Ebadi
|
|
2006-07-01
|
|
DZCP (deV!L_z Clanportal) 1.34 - 'id' SQL Injection
|
21 |
WEB
|
x128
|
|
2006-06-29
|
|
GeekLog 1.4.0sr3 - 'f(u)ckeditor' Remote Code Execution
|
18 |
WEB
|
rgod
|
|
2006-06-29
|
|
GeekLog 1.4.0sr3 - '_CONF[path]' Remote File Inclusion
|
20 |
WEB
|
Kw3[R]Ln
|
|
2006-06-28
|
|
XOOPS myAds Module - 'lid' SQL Injection
|
18 |
WEB
|
KeyCoder
|
|
2006-06-28
|
|
Blog:CMS 4.0.0k - SQL Injection
|
20 |
WEB
|
rgod
|
|
2006-06-28
|
|
RsGallery2 < 1.11.2 - 'rsgallery.html.php' File Inclusion
|
17 |
WEB
|
marriottvn
|
|
2006-06-27
|
|
Scout Portal Toolkit 1.4.0 - 'forumid' SQL Injection
|
17 |
WEB
|
simo64
|
|
2006-06-27
|
|
Mambo Component Pearl 1.6 - Multiple Remote File Inclusions
|
16 |
WEB
|
Kw3[R]Ln
|
|
2006-06-26
|
|
Mambo Module CBSms 1.0 - Remote File Inclusion
|
18 |
WEB
|
Kw3[R]Ln
|
|
2006-06-25
|
|
DreamAccount 3.1 - 'auth.api.php' Remote File Inclusion
|
16 |
WEB
|
CrAsh_oVeR_rIdE
|
|
2006-06-25
|
|
DeluxeBB 1.07 - Remote Create Admin
|
20 |
WEB
|
Hessam-x
|
|
2006-06-25
|
|
THoRCMS 1.3.1 - 'phpbb_root_path' Remote File Inclusion
|
18 |
WEB
|
Kw3[R]Ln
|
|
2006-06-25
|
|
MagNet BeeHive CMS (header) - Remote File Inclusion
|
16 |
WEB
|
Kw3[R]Ln
|
|
2006-06-25
|
|
MyBulletinBoard (MyBB) 1.1.3 - 'usercp.php' Create Admin
|
17 |
WEB
|
Hessam-x
|
|
2006-06-24
|
|
phpMySms 2.0 - 'ROOT_PATH' Remote File Inclusion
|
19 |
WEB
|
Persian-Defacer
|
|
2006-06-23
|
|
Jaws 0.6.2 - Search gadget SQL Injection
|
23 |
WEB
|
rgod
|
|
2006-06-22
|
|
w-Agora 4.2.0 - 'inc_dir' Remote File Inclusion
|
20 |
WEB
|
the_day
|
|
2006-06-22
|
|
Harpia CMS 1.0.5 - Remote File Inclusion
|
19 |
WEB
|
Kw3[R]Ln
|
|
2006-06-22
|
|
ralf image Gallery 0.7.4 - Multiple Vulnerabilities
|
18 |
WEB
|
Aesthetico
|
|
2006-06-22
|
|
Mambo 4.6rc1 - Weblinks Blind SQL Injection (2)
|
17 |
WEB
|
rgod
|
|
2006-06-21
|
|
DataLife Engine 4.1 - SQL Injection
|
16 |
WEB
|
RusH
|
|
2006-06-21
|
|
DataLife Engine 4.1 - SQL Injection
|
21 |
WEB
|
RusH
|
|
2006-06-20
|
|
SmartSite CMS 1.0 - 'root' Remote File Inclusion
|
19 |
WEB
|
Archit3ct
|
|
2006-06-20
|
|
dotProject 2.0.3 - 'baseDir' Remote File Inclusion
|
17 |
WEB
|
h4ntu
|
|
2006-06-20
|
|
BandSite CMS 1.1.1 - 'ROOT_PATH' Remote File Inclusion
|
19 |
WEB
|
Kw3[R]Ln
|
|
2006-06-20
|
|
Ultimate PHP Board 1.96 GOLD - Multiple Vulnerabilities
|
19 |
WEB
|
Michael Brooks
|
|
2006-06-19
|
|
ASP Stats Generator 2.1.1 - SQL Injection
|
20 |
WEB
|
Hamid Ebadi
|
|
2006-06-19
|
|
WeBBoA Host Script 1.1 - SQL Injection
|
17 |
WEB
|
EntriKa
|
|
2006-06-19
|
|
Micro CMS 0.3.5 - 'microcms_path' Remote File Inclusion
|
19 |
WEB
|
CeNGiZ-HaN
|
|
2006-06-19
|
|
IdeaBox 1.1 - 'gorumDir' Remote File Inclusion
|
18 |
WEB
|
Kacper
|
|
2006-06-18
|
|
PHP Live Helper 1.x - 'abs_path' Remote File Inclusion
|
15 |
WEB
|
SnIpEr_SA
|
|
2006-06-18
|
|
Indexu 5.0.1 - 'admin_template_path' Remote File Inclusion
|
20 |
WEB
|
CrAsh_oVeR_rIdE
|
|
2006-06-17
|
|
Ad Manager Pro 2.6 - 'ipath' Remote File Inclusion
|
17 |
WEB
|
Basti
|
|
2006-06-17
|
|
Joomla! 1.0.9 - 'Weblinks' Blind SQL Injection
|
21 |
WEB
|
rgod
|
|
2006-06-17
|
|
FlashBB 1.1.8 - 'phpbb_root_path' Remote File Inclusion
|
18 |
WEB
|
h4ntu
|
|
2006-06-17
|
|
Mambo 4.6rc1 - Weblinks Blind SQL Injection (1)
|
18 |
WEB
|
rgod
|
|
2006-06-16
|
|
CMS Faethon 1.3.2 - 'mainpath' Remote File Inclusion
|
20 |
WEB
|
K-159
|
|
2006-06-15
|
|
Bitweaver 1.3 - 'tmpImagePath' Attachment mod_mime
|
19 |
WEB
|
rgod
|
|
2006-06-15
|
|
DeluxeBB 1.06 - 'templatefolder' Remote File Inclusion
|
21 |
WEB
|
Andreas Sandblad
|
|
2006-06-14
|
|
Content-Builder (CMS) 0.7.2 - Multiple Include Vulnerabilities
|
18 |
WEB
|
Kacper
|
|
2006-06-14
|
|
PHP Blue Dragon CMS 2.9.1 - 'template.php' File Inclusion
|
18 |
WEB
|
Federico Fazzi
|
|
2006-06-14
|
|
The Bible Portal Project 2.12 - 'destination' File Inclusion
|
22 |
WEB
|
Kacper
|
|
2006-06-13
|
|
MyBulletinBoard (MyBB) < 1.1.3 - Remote Code Execution
|
20 |
WEB
|
Javier Olascoaga
|
|
2006-06-13
|
|
Minerva 2.0.8a Build 237 - 'phpbb_root_path' File Inclusion
|
20 |
WEB
|
Kacper
|
|
2006-06-13
|
|
aWebNews 1.5 - 'visview.php' Remote File Inclusion
|
17 |
WEB
|
SpC-x
|
|
2006-06-12
|
|
DCP-Portal 6.1.x - 'root' Remote File Inclusion
|
20 |
WEB
|
Federico Fazzi
|
|
2006-06-12
|
|
blur6ex 0.3.462 - 'ID' Admin Disclosure / Blind SQL Injection
|
19 |
WEB
|
rgod
|
|
2006-06-11
|
|
Content-Builder (CMS) 0.7.5 - Multiple Include Vulnerabilities
|
22 |
WEB
|
Federico Fazzi
|
|
2006-06-11
|
|
AWF CMS 1.11 - 'spaw_root' Remote File Inclusion
|
21 |
WEB
|
Federico Fazzi
|
|
2006-06-11
|
|
RCblog 1.03 - 'POST' Remote Command Execution
|
18 |
WEB
|
Hessam-x
|
|
2006-06-11
|
|
MaxiSepet 1.0 - 'link' SQL Injection
|
19 |
WEB
|
nukedx
|
|
2006-06-11
|
|
free QBoard 1.1 - 'qb_path' Remote File Inclusion
|
20 |
WEB
|
Kacper
|
|
2006-06-11
|
|
WebprojectDB 0.1.3 - 'INCDIR' Remote File Inclusion
|
20 |
WEB
|
Kacper
|
|
2006-06-10
|
|
phpOnDirectory 1.0 - Remote File Inclusion
|
21 |
WEB
|
Kacper
|
|
2006-06-10
|
|
aePartner 0.8.3 - 'dir[data]' Remote File Inclusion
|
19 |
WEB
|
Kacper
|
|
2006-06-10
|
|
empris r20020923 - 'phormationdir' Remote File Inclusion
|
19 |
WEB
|
Kacper
|
|
2006-06-09
|
|
MailEnable Enterprise 2.0 - 'ASP' Multiple Vulnerabilities
|
18 |
WEB
|
Soroush Dalili
|
|
2006-06-08
|
|
Guestex Guestbook 1.00 - 'email' Remote Code Execution
|
16 |
WEB
|
K-sPecial
|
|
2006-06-08
|
|
Enterprise Payroll Systems 1.1 - 'footer' Remote File Inclusion
|
20 |
WEB
|
Kacper
|
|
2006-06-08
|
|
CMS-Bandits 2.5 - 'spaw_root' Remote File Inclusion
|
20 |
WEB
|
Federico Fazzi
|
|
2006-06-08
|
|
Back-End CMS 0.7.2.1 - 'jpcache.php' Remote File Inclusion
|
19 |
WEB
|
Federico Fazzi
|
|
2006-06-07
|
|
Xtreme/Ditto News 1.0 - 'post.php' Remote File Inclusion
|
17 |
WEB
|
Kacper
|
|
2006-06-07
|
|
OpenEMR 2.8.1 - 'fileroot' Remote File Inclusion
|
20 |
WEB
|
Kacper
|
|
2006-06-06
|
|
myNewsletter 1.1.2 - 'adminLogin.asp' Authentication Bypass
|
15 |
WEB
|
FarhadKey
|
|
2006-06-06
|
|
Wikiwig 4.1 - 'wk_lang.php' Remote File Inclusion
|
18 |
WEB
|
Kacper
|
|
2006-06-05
|
|
Dmx Forum 2.1a - 'edit.php' Remote Password Disclosure
|
19 |
WEB
|
DarkFig
|
|
2006-06-05
|
|
DreamAccount 3.1 - 'da_path' Remote File Inclusion
|
19 |
WEB
|
Aesthetico
|
|
2006-06-05
|
|
dotWidget CMS 1.0.6 - 'file_path' Remote File Inclusion
|
19 |
WEB
|
Aesthetico
|
|
2006-06-05
|
|
Particle Wiki 1.0.2 - SQL Injection
|
18 |
WEB
|
FarhadKey
|
|
2006-06-05
|
|
Claroline 1.7.6 - 'includePath' Remote Code Execution
|
17 |
WEB
|
rgod
|
|
2006-06-04
|
|
SCart 2.0 - 'page' Remote Code Execution
|
22 |
WEB
|
K-159
|
|
2006-06-04
|
|
FunkBoard CF0.71 - 'profile.php' Remote User Pass Change
|
17 |
WEB
|
ajann
|
|
2006-06-03
|
|
LifeType 1.0.4 - SQL Injection
|
18 |
WEB
|
rgod
|
|
2006-06-03
|
|
ProPublish 2.0 - 'catid' SQL Injection
|
17 |
WEB
|
FarhadKey
|
|
2006-06-03
|
|
CS-Cart 1.3.3 - 'classes_dir' Remote File Inclusion
|
18 |
WEB
|
Kacper
|
|
2006-06-03
|
|
WebspotBlogging 3.0.1 - 'path' Remote File Inclusion
|
16 |
WEB
|
Kacper
|
|
2006-06-03
|
|
BlueShoes Framework 4.6 - Remote File Inclusion
|
14 |
WEB
|
Kacper
|
|
2006-06-03
|
|
DotClear 1.2.4 - 'prepend.php' Remote File Inclusion
|
19 |
WEB
|
rgod
|
|
2006-06-03
|
|
PixelPost 1-5rc1-2 - Privilege Escalation
|
15 |
WEB
|
rgod
|
|
2006-06-02
|
|
PHP-Nuke 7.9 Final - 'phpbb_root_path' Remote File Inclusions
|
16 |
WEB
|
ddoshomo
|
|
2006-06-02
|
|
Informium 0.12.0 - 'common-menu.php' Remote File Inclusion
|
19 |
WEB
|
Kacper
|
|
2006-06-02
|
|
ashNews 0.83 - 'pathtoashnews' Remote File Inclusion
|
16 |
WEB
|
Kacper
|
|
2006-06-02
|
|
Igloo 0.1.9 - 'Wiki.php' Remote File Inclusion
|
18 |
WEB
|
Kacper
|
|
2006-06-02
|
|
Redaxo 3.2 - 'INCLUDE_PATH' Remote File Inclusion
|
18 |
WEB
|
beford
|
|
2006-06-01
|
|
Bytehoard 2.1 - 'server.php' Remote File Inclusion
|
20 |
WEB
|
beford
|
|
2006-06-01
|
|
aspWebLinks 2.0 - SQL Injection / Admin Pass Change
|
18 |
WEB
|
ajann
|
|
2006-06-01
|
|
AssoCIateD CMS 1.1.3 - 'ROOT_PATH' Remote File Inclusion
|
19 |
WEB
|
Kacper
|
|
2006-06-01
|
|
TinyPHP Forum 3.6 - 'profile.php' Remote Code Execution
|
17 |
WEB
|
Hessam-x
|
|
2006-05-31
|
|
metajour 2.1 - 'system_path' Remote File Inclusion
|
20 |
WEB
|
Kacper
|
|
2006-05-31
|
|
Ottoman CMS 1.1.3 - '?default_path=' Remote File Inclusion (1)
|
22 |
WEB
|
Kacper
|
|
2006-05-31
|
|
pppBlog 0.3.8 - System Disclosure
|
20 |
WEB
|
rgod
|
|
2006-05-30
|
|
gnopaste 0.5.3 - 'common.php' Remote File Inclusion
|
17 |
WEB
|
SmokeZ
|
|
2006-05-29
|
|
Nukedit 4.9.6 - Unauthorized Admin Add
|
17 |
WEB
|
FarhadKey
|
|
2006-05-29
|
|
Speedy ASP Forum - 'profileupdate.asp' User Pass Change
|
16 |
WEB
|
ajann
|
|
2006-05-29
|
|
Fastpublish CMS 1.6.9 - config[fsBase] Remote File Inclusion
|
16 |
WEB
|
Kacper
|
|
2006-05-28
|
|
CosmicShoppingCart - 'search.php' SQL Injection
|
20 |
WEB
|
Vympel
|
|
2006-05-28
|
|
Blend Portal 1.2.0 - 'phpBB Mod' Remote File Inclusion
|
18 |
WEB
|
nukedx
|
|
2006-05-28
|
|
ASPSitem 2.0 - SQL Injection / Database Disclosure
|
18 |
WEB
|
nukedx
|
|
2006-05-28
|
|
Activity MOD Plus 1.1.0 - 'phpBB Mod' File Inclusion
|
19 |
WEB
|
nukedx
|
|
2006-05-28
|
|
UBBCentral UBB.Threads 5.x/6.x - Multiple Remote File Inclusions
|
17 |
WEB
|
nukedx
|
|
2006-05-28
|
|
EggBlog < 3.07 - Remote SQL Injection / Privilege Escalation
|
17 |
WEB
|
nukedx
|
|
2006-05-28
|
|
F@cile Interactive Web 0.8x - Remote File Inclusion / Cross-Site Scripting
|
17 |
WEB
|
nukedx
|
|
2006-05-28
|
|
Enigma Haber 4.3 - Multiple SQL Injections
|
18 |
WEB
|
nukedx
|
|
2006-05-28
|
|
tinyBB 0.3 - Remote File Inclusion / SQL Injection
|
17 |
WEB
|
nukedx
|
|
2006-05-27
|
|
MiniNuke 2.x - SQL Injection (Add Admin)
|
18 |
WEB
|
nukedx
|
|
2006-05-27
|
|
PrideForum 1.0 - 'forum.asp' SQL Injection
|
17 |
WEB
|
ajann
|
|
2006-05-27
|
|
Hot Open Tickets 11012004 - 'CLASS_PATH' Remote File Inclusion
|
24 |
WEB
|
Kacper
|
|
2006-05-26
|
|
Easy-Content Forums 1.0 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities
|
21 |
WEB
|
ajann
|
|
2006-05-26
|
|
qjForum - 'member.asp' SQL Injection
|
21 |
WEB
|
ajann
|
|
2006-05-26
|
|
Plume CMS 1.0.3 - 'manager_path' Remote File Inclusion
|
19 |
WEB
|
beford
|
|
2006-05-25
|
|
APC ActionApps CMS 2.8.1 - Remote File Inclusion
|
18 |
WEB
|
Kacper
|
|
2006-05-25
|
|
DoceboLms 2.0.5 - 'help.php' Remote File Inclusion
|
18 |
WEB
|
beford
|
|
2006-05-25
|
|
V-Webmail 1.6.4 - 'pear_dir' Remote File Inclusion
|
20 |
WEB
|
beford
|
|
2006-05-25
|
|
Socketmail 2.2.6 - 'site_path' Remote File Inclusion
|
19 |
WEB
|
Aesthetico
|
|
2006-05-25
|
|
Back-End CMS 0.7.2.2 - 'BE_config.php' Remote File Inclusion
|
19 |
WEB
|
Kacper
|
|
2006-05-25
|
|
open-medium.CMS 0.25 - '404.php' Remote File Inclusion
|
20 |
WEB
|
Kacper
|
|
2006-05-25
|
|
BASE 1.2.4 - melissa Snort Frontend Remote File Inclusion
|
19 |
WEB
|
str0ke
|
|
2006-05-24
|
|
Drupal 4.7 - 'Attachment mod_mime' Remote Command Execution
|
17 |
WEB
|
rgod
|
|
2006-05-23
|
|
phpCommunityCalendar 4.0.3 - Cross-Site Scripting / SQL Injection
|
16 |
WEB
|
X0r_1
|
|
2006-05-23
|
|
Docebo 3.0.3 - Multiple Remote File Inclusions
|
20 |
WEB
|
Kacper
|
|
2006-05-23
|
|
Nucleus CMS 3.22 - 'DIR_LIBS' Remote File Inclusion
|
18 |
WEB
|
rgod
|
