|
2006-06-08
|
|
Enterprise Payroll Systems 1.1 - 'footer' Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2006-06-08
|
|
CMS-Bandits 2.5 - 'spaw_root' Remote File Inclusion
|
4 |
WEB
|
Federico Fazzi
|
|
2006-06-08
|
|
Back-End CMS 0.7.2.1 - 'jpcache.php' Remote File Inclusion
|
3 |
WEB
|
Federico Fazzi
|
|
2006-06-07
|
|
Xtreme/Ditto News 1.0 - 'post.php' Remote File Inclusion
|
3 |
WEB
|
Kacper
|
|
2006-06-07
|
|
OpenEMR 2.8.1 - 'fileroot' Remote File Inclusion
|
3 |
WEB
|
Kacper
|
|
2006-06-06
|
|
myNewsletter 1.1.2 - 'adminLogin.asp' Authentication Bypass
|
3 |
WEB
|
FarhadKey
|
|
2006-06-06
|
|
Wikiwig 4.1 - 'wk_lang.php' Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2006-06-05
|
|
Dmx Forum 2.1a - 'edit.php' Remote Password Disclosure
|
4 |
WEB
|
DarkFig
|
|
2006-06-05
|
|
DreamAccount 3.1 - 'da_path' Remote File Inclusion
|
4 |
WEB
|
Aesthetico
|
|
2006-06-05
|
|
dotWidget CMS 1.0.6 - 'file_path' Remote File Inclusion
|
4 |
WEB
|
Aesthetico
|
|
2006-06-05
|
|
Particle Wiki 1.0.2 - SQL Injection
|
4 |
WEB
|
FarhadKey
|
|
2006-06-05
|
|
Claroline 1.7.6 - 'includePath' Remote Code Execution
|
4 |
WEB
|
rgod
|
|
2006-06-04
|
|
SCart 2.0 - 'page' Remote Code Execution
|
3 |
WEB
|
K-159
|
|
2006-06-04
|
|
FunkBoard CF0.71 - 'profile.php' Remote User Pass Change
|
3 |
WEB
|
ajann
|
|
2006-06-03
|
|
LifeType 1.0.4 - SQL Injection
|
3 |
WEB
|
rgod
|
|
2006-06-03
|
|
ProPublish 2.0 - 'catid' SQL Injection
|
3 |
WEB
|
FarhadKey
|
|
2006-06-03
|
|
CS-Cart 1.3.3 - 'classes_dir' Remote File Inclusion
|
2 |
WEB
|
Kacper
|
|
2006-06-03
|
|
WebspotBlogging 3.0.1 - 'path' Remote File Inclusion
|
3 |
WEB
|
Kacper
|
|
2006-06-03
|
|
BlueShoes Framework 4.6 - Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2006-06-03
|
|
DotClear 1.2.4 - 'prepend.php' Remote File Inclusion
|
5 |
WEB
|
rgod
|
|
2006-06-03
|
|
PixelPost 1-5rc1-2 - Privilege Escalation
|
4 |
WEB
|
rgod
|
|
2006-06-02
|
|
PHP-Nuke 7.9 Final - 'phpbb_root_path' Remote File Inclusions
|
3 |
WEB
|
ddoshomo
|
|
2006-06-02
|
|
Informium 0.12.0 - 'common-menu.php' Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2006-06-02
|
|
ashNews 0.83 - 'pathtoashnews' Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2006-06-02
|
|
Igloo 0.1.9 - 'Wiki.php' Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2006-06-02
|
|
Redaxo 3.2 - 'INCLUDE_PATH' Remote File Inclusion
|
3 |
WEB
|
beford
|
|
2006-06-01
|
|
Bytehoard 2.1 - 'server.php' Remote File Inclusion
|
3 |
WEB
|
beford
|
|
2006-06-01
|
|
aspWebLinks 2.0 - SQL Injection / Admin Pass Change
|
4 |
WEB
|
ajann
|
|
2006-06-01
|
|
AssoCIateD CMS 1.1.3 - 'ROOT_PATH' Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2006-06-01
|
|
TinyPHP Forum 3.6 - 'profile.php' Remote Code Execution
|
4 |
WEB
|
Hessam-x
|
|
2006-05-31
|
|
metajour 2.1 - 'system_path' Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2006-05-31
|
|
Ottoman CMS 1.1.3 - '?default_path=' Remote File Inclusion (1)
|
4 |
WEB
|
Kacper
|
|
2006-05-31
|
|
pppBlog 0.3.8 - System Disclosure
|
4 |
WEB
|
rgod
|
|
2006-05-30
|
|
gnopaste 0.5.3 - 'common.php' Remote File Inclusion
|
3 |
WEB
|
SmokeZ
|
|
2006-05-29
|
|
Nukedit 4.9.6 - Unauthorized Admin Add
|
4 |
WEB
|
FarhadKey
|
|
2006-05-29
|
|
Speedy ASP Forum - 'profileupdate.asp' User Pass Change
|
3 |
WEB
|
ajann
|
|
2006-05-29
|
|
Fastpublish CMS 1.6.9 - config[fsBase] Remote File Inclusion
|
3 |
WEB
|
Kacper
|
|
2006-05-28
|
|
CosmicShoppingCart - 'search.php' SQL Injection
|
3 |
WEB
|
Vympel
|
|
2006-05-28
|
|
Blend Portal 1.2.0 - 'phpBB Mod' Remote File Inclusion
|
4 |
WEB
|
nukedx
|
|
2006-05-28
|
|
ASPSitem 2.0 - SQL Injection / Database Disclosure
|
2 |
WEB
|
nukedx
|
|
2006-05-28
|
|
Activity MOD Plus 1.1.0 - 'phpBB Mod' File Inclusion
|
2 |
WEB
|
nukedx
|
|
2006-05-28
|
|
UBBCentral UBB.Threads 5.x/6.x - Multiple Remote File Inclusions
|
3 |
WEB
|
nukedx
|
|
2006-05-28
|
|
EggBlog < 3.07 - Remote SQL Injection / Privilege Escalation
|
3 |
WEB
|
nukedx
|
|
2006-05-28
|
|
F@cile Interactive Web 0.8x - Remote File Inclusion / Cross-Site Scripting
|
4 |
WEB
|
nukedx
|
|
2006-05-28
|
|
Enigma Haber 4.3 - Multiple SQL Injections
|
4 |
WEB
|
nukedx
|
|
2006-05-28
|
|
tinyBB 0.3 - Remote File Inclusion / SQL Injection
|
5 |
WEB
|
nukedx
|
|
2006-05-27
|
|
MiniNuke 2.x - SQL Injection (Add Admin)
|
4 |
WEB
|
nukedx
|
|
2006-05-27
|
|
PrideForum 1.0 - 'forum.asp' SQL Injection
|
4 |
WEB
|
ajann
|
|
2006-05-27
|
|
Hot Open Tickets 11012004 - 'CLASS_PATH' Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2006-05-26
|
|
Easy-Content Forums 1.0 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities
|
4 |
WEB
|
ajann
|
|
2006-05-26
|
|
qjForum - 'member.asp' SQL Injection
|
4 |
WEB
|
ajann
|
|
2006-05-26
|
|
Plume CMS 1.0.3 - 'manager_path' Remote File Inclusion
|
4 |
WEB
|
beford
|
|
2006-05-25
|
|
APC ActionApps CMS 2.8.1 - Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2006-05-25
|
|
DoceboLms 2.0.5 - 'help.php' Remote File Inclusion
|
4 |
WEB
|
beford
|
|
2006-05-25
|
|
V-Webmail 1.6.4 - 'pear_dir' Remote File Inclusion
|
2 |
WEB
|
beford
|
|
2006-05-25
|
|
Socketmail 2.2.6 - 'site_path' Remote File Inclusion
|
2 |
WEB
|
Aesthetico
|
|
2006-05-25
|
|
Back-End CMS 0.7.2.2 - 'BE_config.php' Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2006-05-25
|
|
open-medium.CMS 0.25 - '404.php' Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2006-05-25
|
|
BASE 1.2.4 - melissa Snort Frontend Remote File Inclusion
|
3 |
WEB
|
str0ke
|
|
2006-05-24
|
|
Drupal 4.7 - 'Attachment mod_mime' Remote Command Execution
|
4 |
WEB
|
rgod
|
|
2006-05-23
|
|
phpCommunityCalendar 4.0.3 - Cross-Site Scripting / SQL Injection
|
3 |
WEB
|
X0r_1
|
|
2006-05-23
|
|
Docebo 3.0.3 - Multiple Remote File Inclusions
|
4 |
WEB
|
Kacper
|
|
2006-05-23
|
|
Nucleus CMS 3.22 - 'DIR_LIBS' Remote File Inclusion
|
4 |
WEB
|
rgod
|
|
2006-05-22
|
|
UBBCentral UBB.Threads 6.4.x < 6.5.2 - 'thispath' Remote File Inclusion
|
3 |
WEB
|
V4mu
|
|
2006-05-21
|
|
Fusion News 1.0 (fil_config) - Remote File Inclusion
|
4 |
WEB
|
X0r_1
|
|
2006-05-21
|
|
XOOPS 2.0.13.2 - 'xoopsOption[nocommon]' Remote Command Execution
|
3 |
WEB
|
rgod
|
|
2006-05-20
|
|
Woltlab Burning Board 2.3.5 - 'links.php' SQL Injection
|
3 |
WEB
|
666
|
|
2006-05-20
|
|
CaLogic Calendars 1.2.2 - 'CLPath' Remote File Inclusion
|
3 |
WEB
|
Kacper
|
|
2006-05-19
|
|
phpMyDirectory 10.4.4 - 'ROOT_PATH' Remote File Inclusion
|
3 |
WEB
|
OLiBekaS
|
|
2006-05-19
|
|
Zix Forum 1.12 - 'layid' SQL Injection
|
4 |
WEB
|
FarhadKey
|
|
2006-05-19
|
|
phpListPro 2.0.1 - 'Language' Remote Code Execution
|
3 |
WEB
|
[Oo]
|
|
2006-05-19
|
|
phpBazar 2.1.0 - Remote File Inclusion / Authentication Bypass
|
4 |
WEB
|
[Oo]
|
|
2006-05-17
|
|
ScozNews 1.2.1 - 'mainpath' Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2006-05-17
|
|
Quezza BB 1.0 - 'quezza_root_path' File Inclusion
|
5 |
WEB
|
nukedx
|
|
2006-05-16
|
|
DeluxeBB 1.06 - 'Attachment mod_mime' Remote Command Execution
|
3 |
WEB
|
rgod
|
|
2006-05-16
|
|
PHP-Fusion 6.00.306 - 'srch_where' SQL Injection
|
2 |
WEB
|
rgod
|
|
2006-05-15
|
|
ezusermanager 1.6 - Remote File Inclusion
|
4 |
WEB
|
OLiBekaS
|
|
2006-05-15
|
|
DeluxeBB 1.06 - 'name' SQL Injection (mq=off)
|
4 |
WEB
|
KingOfSka
|
|
2006-05-15
|
|
Squirrelcart 2.2.0 - 'cart_content.php' Remote File Inclusion
|
4 |
WEB
|
OLiBekaS
|
|
2006-05-15
|
|
TR Newsportal 0.36tr1 - 'poll.php' Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2006-05-14
|
|
Sugar Suite Open Source 4.2 - 'OptimisticLock' Command Execution
|
4 |
WEB
|
rgod
|
|
2006-05-13
|
|
phpBB 2.0.20 - Admin/Restore DB/default_lang Remote Command Execution
|
3 |
WEB
|
rgod
|
|
2006-05-12
|
|
PHP Blue Dragon CMS 2.9 - Remote File Inclusion
|
4 |
WEB
|
Kacper
|
|
2006-05-12
|
|
Foing 0.7.0 - 'phpBB' Remote File Inclusion
|
4 |
WEB
|
Kurdish Security
|
|
2006-05-11
|
|
Unclassified NewsBoard 1.6.1 patch 1 - Local File Inclusion
|
4 |
WEB
|
rgod
|
|
2006-05-09
|
|
pafileDB 2.0.1 - 'mxBB'/'phpBB' Remote File Inclusion
|
3 |
WEB
|
Darkfire
|
|
2006-05-09
|
|
phpRaid 3.0.b3 - 'phpBB'/'SMF' Remote File Inclusion
|
4 |
WEB
|
Kurdish Security
|
|
2006-05-08
|
|
phpListPro 2.01 - Multiple Remote File Inclusions
|
3 |
WEB
|
Aesthetico
|
|
2006-05-08
|
|
ActualAnalyzer Pro 6.88 - 'rf' Remote File Inclusion
|
4 |
WEB
|
ReZEN
|
|
2006-05-08
|
|
ActualAnalyzer Server 8.23 - 'rf' Remote File Inclusion
|
3 |
WEB
|
Aesthetico
|
|
2006-05-08
|
|
Claroline E-Learning 1.75 - 'ldap.inc.php' Remote File Inclusion
|
2 |
WEB
|
beford
|
|
2006-05-08
|
|
Dokeos Lms 1.6.4 - 'authldap.php' Remote File Inclusion
|
2 |
WEB
|
beford
|
|
2006-05-07
|
|
EQdkp 1.3.0 - 'dbal.php' Remote File Inclusion
|
3 |
WEB
|
OLiBekaS
|
|
2006-05-07
|
|
ACal 2.2.6 - 'day.php' Remote File Inclusion
|
3 |
WEB
|
PiNGuX
|
|
2006-05-07
|
|
Jetbox CMS 2.1 - 'relative_script_path' Remote File Inclusion
|
4 |
WEB
|
beford
|
|
2006-05-07
|
|
PHP-Fusion 6.00.306 - Multiple Vulnerabilities
|
5 |
WEB
|
rgod
|
|
2006-05-06
|
|
VP-ASP 6.00 - 'shopcurrency.asp' SQL Injection
|
4 |
WEB
|
tracewar
|
|
2006-05-06
|
|
HiveMail 1.3 - 'addressbook.add.php' Remote Code Execution
|
4 |
WEB
|
[Oo]
|
|
2006-05-06
|
|
AWStats 6.5 - 'migrate' Remote Shell Command Injection
|
3 |
WEB
|
redsand
|
|
2006-05-05
|
|
TotalCalendar 2.30 - 'inc' Remote File Inclusion
|
4 |
WEB
|
Aesthetico
|
|
2006-05-05
|
|
StatIt 4 - 'statitpath' Remote File Inclusion
|
4 |
WEB
|
IGNOR3
|
|
2006-05-05
|
|
Limbo CMS 1.0.4.2 - 'catid' SQL Injection
|
2 |
WEB
|
[Oo]
|
|
2006-05-04
|
|
Auction 1.3m - 'phpbb_root_path' Remote File Inclusion
|
4 |
WEB
|
webDEViL
|
|
2006-05-03
|
|
Albinator 2.0.6 - 'Config_rootdir' Remote File Inclusion
|
4 |
WEB
|
webDEViL
|
|
2006-05-02
|
|
Fast Click 1.1.3/2.3.8 - 'show.php' Remote File Inclusion
|
4 |
WEB
|
R@1D3N
|
|
2006-05-02
|
|
X7 Chat 2.0 - 'help_file' Remote Command Execution
|
2 |
WEB
|
rgod
|
|
2006-05-01
|
|
Invision Power Board 2.1.5 - 'from_contact' SQL Injection
|
3 |
WEB
|
Ykstortion Security
|
|
2006-04-30
|
|
Aardvark Topsites PHP 4.2.2 - 'lostpw.php' Remote File Inclusion
|
3 |
WEB
|
cijfer
|
|
2006-04-30
|
|
phpMyAgenda 3.0 Final - 'rootagenda' Remote File Inclusion
|
3 |
WEB
|
Aesthetico
|
|
2006-04-30
|
|
Aardvark Topsites PHP 4.2.2 - 'path' Remote File Inclusion
|
4 |
WEB
|
[Oo]
|
|
2006-04-29
|
|
Limbo CMS 1.0.4.2 - 'sql.php' Remote File Inclusion
|
3 |
WEB
|
[Oo]
|
|
2006-04-29
|
|
Knowledge Base Mod 2.0.2 - 'phpBB' Remote File Inclusion
|
2 |
WEB
|
[Oo]
|
|
2006-04-29
|
|
openPHPNuke 2.3.3 - Remote File Inclusion
|
2 |
WEB
|
[Oo]
|
|
2006-04-29
|
|
Invision Power Board 2.1.5 - 'search.php' Remote Code Execution
|
3 |
WEB
|
Javier Olascoaga
|
|
2006-04-28
|
|
Advanced Guestbook 2.4.0 - 'phpBB' Remote File Inclusion
|
4 |
WEB
|
n0m3rcy
|
|
2006-04-28
|
|
TopList 1.3.8 - 'phpBB Hack' Remote File Inclusion (2)
|
3 |
WEB
|
FOX_MULDER
|
|
2006-04-28
|
|
Advanced Guestbook 2.4.0 - 'phpBB' File Inclusion
|
3 |
WEB
|
[Oo]
|
|
2006-04-27
|
|
TopList 1.3.8 - 'phpBB Hack' Remote File Inclusion (1)
|
3 |
WEB
|
[Oo]
|
|
2006-04-26
|
|
Invision Power Board 2.1.5 - 'lastdate' Remote Code Execution
|
3 |
WEB
|
RusH
|
|
2006-04-24
|
|
BK Forum 4.0 - 'member.asp' SQL Injection
|
4 |
WEB
|
n0m3rcy
|
|
2006-04-24
|
|
FlexBB 0.5.5 - '/function/showprofile.php' SQL Injection
|
4 |
WEB
|
Devil-00
|
|
2006-04-23
|
|
Built2Go PHP Movie Review 2B - Remote File Inclusion
|
4 |
WEB
|
Camille Myers
|
|
2006-04-23
|
|
Clansys 1.1 - 'index.php' PHP Code Insertion
|
3 |
WEB
|
nukedx
|
|
2006-04-22
|
|
My Gaming Ladder Combo System 7.0 - Remote Code Execution
|
4 |
WEB
|
nukedx
|
|
2006-04-21
|
|
dForum 1.5 - 'DFORUM_PATH' Multiple Remote File Inclusions
|
4 |
WEB
|
nukedx
|
