|
2009-08-24
|
|
Arcade Trade Script 1.0b - (Authentication Bypass) Insecure Cookie Handling
|
1 |
WEB
|
Mr.tro0oqy
|
|
2009-08-24
|
|
Moa Gallery 1.1.0 - 'gallery_id' SQL Injection
|
1 |
WEB
|
Mr.tro0oqy
|
|
2009-08-18
|
|
asaher pro 1.0.4 - Remote Database Backup
|
2 |
WEB
|
alnjm33
|
|
2009-08-18
|
|
Traidnt UP 2.0 - SQL Injection
|
1 |
WEB
|
Jafer Al Zidjali
|
|
2009-08-18
|
|
Best Dating Script - Arbitrary File Upload
|
1 |
WEB
|
jetli007
|
|
2009-08-18
|
|
CBAuthority - ClickBank Affiliate Management SQL Injection
|
1 |
WEB
|
Angela Chang
|
|
2009-08-18
|
|
PHP Email Manager - 'remove.php?ID' SQL Injection
|
1 |
WEB
|
MuShTaQ
|
|
2009-08-18
|
|
Ultimate Fade-in Slideshow 1.51 - Arbitrary File Upload
|
0 |
WEB
|
NeX HaCkEr
|
|
2009-08-18
|
|
phpfreeBB 1.0 - Blind SQL Injection
|
2 |
WEB
|
Moudi
|
|
2009-08-18
|
|
Fotoshow PRO - 'category' SQL Injection
|
2 |
WEB
|
darkmasking
|
|
2009-08-18
|
|
Joomla! Component MisterEstate - Blind SQL Injection
|
2 |
WEB
|
jdc
|
|
2009-08-18
|
|
Infinity 2.x - 'options[style_dir]' Local File Disclosure
|
2 |
WEB
|
SwEET-DeViL
|
|
2009-08-18
|
|
E CMS 1.0 - 'index.php?s' SQL Injection
|
2 |
WEB
|
Red-D3v1L
|
|
2009-08-18
|
|
autonomous lan party 0.98.3 - Remote File Inclusion
|
2 |
WEB
|
cr4wl3r
|
|
2009-08-18
|
|
2WIRE Gateway - Authentication Bypass / Password Reset (2)
|
2 |
WEB
|
bugz
|
|
2009-08-18
|
|
Videos Broadcast Yourself 2 - 'UploadID' SQL Injection
|
2 |
WEB
|
Mr.SQL
|
|
2009-08-18
|
|
Arcadem Pro 2.8 - 'article' Blind SQL Injection
|
2 |
WEB
|
Mr.SQL
|
|
2009-08-18
|
|
DreamPics Builder - 'exhibition_id' SQL Injection
|
2 |
WEB
|
Mr.SQL
|
|
2009-08-18
|
|
vTiger CRM 5.0.4 - Remote Code Execution / Cross-Site Request Forgery / Local File Inclusion / Cross
|
1 |
WEB
|
USH
|
|
2009-08-18
|
|
SPIP < 2.0.9 - Arbitrary Copy All Passwords to '.XML' File
|
3 |
WEB
|
Kernel_Panik
|
|
2009-08-18
|
|
AJ Auction Pro OOPD 2.x - 'id' SQL Injection
|
2 |
WEB
|
NoGe
|
|
2009-08-18
|
|
BaBB 2.8 - Remote Code Injection
|
2 |
WEB
|
Khashayar Fereidani
|
|
2009-08-18
|
|
PHP-Lance 1.52 - Multiple Local File Inclusions
|
2 |
WEB
|
jetli007
|
|
2009-08-14
|
|
MyWeight 1.0 - Arbitrary File Upload
|
2 |
WEB
|
Mr.tro0oqy
|
|
2009-08-14
|
|
DS CMS 1.0 - 'nFileId' SQL Injection
|
2 |
WEB
|
Mr.tro0oqy
|
|
2009-08-14
|
|
PHP Competition System 0.84 - 'competition' SQL Injection
|
2 |
WEB
|
Mr.SQL
|
|
2009-08-14
|
|
Ignition 1.2 - 'comment' Remote Code Injection
|
2 |
WEB
|
Khashayar Fereidani
|
|
2009-08-13
|
|
tgs CMS 0.x - Cross-Site Scripting / SQL Injection / File Disclosure
|
2 |
WEB
|
[]ViZiOn
|
|
2009-08-13
|
|
Gazelle CMS 1.0 - Arbitrary File Upload
|
2 |
WEB
|
RoMaNcYxHaCkEr
|
|
2009-08-27
|
|
WordPress Plugin WP-Syntax 0.9.1 - Remote Command Execution
|
2 |
WEB
|
Raz0r
|
|
2009-08-13
|
|
JBLOG 1.5.1 - SQL Table Backup
|
2 |
WEB
|
Ams
|
|
2009-08-12
|
|
Gazelle CMS 1.0 - Multiple Vulnerabilities / Remote Code Execution
|
1 |
WEB
|
IHTeam
|
|
2009-08-12
|
|
Plume CMS 1.2.3 - Multiple SQL Injections
|
2 |
WEB
|
Sense of Security
|
|
2009-08-12
|
|
Gallarific 1.1 - '/gallery.php' Arbitrary Delete/Edit Category
|
2 |
WEB
|
ilker Kandemir
|
|
2009-08-12
|
|
Shorty 0.7.1b - (Authentication Bypass) Insecure Cookie Handling
|
2 |
WEB
|
Pedro Laguna
|
|
2009-08-11
|
|
OCS Inventory NG 1.2.1 - 'systemid' SQL Injection
|
2 |
WEB
|
Guilherme Marinheiro
|
|
2009-08-11
|
|
Joomla! Component idoblog 1.1b30 (com_idoblog) - SQL Injection
|
2 |
WEB
|
kkr
|
|
2009-08-11
|
|
WordPress Core 2.8.3 - Remote Admin Reset Password
|
2 |
WEB
|
laurent gaffié
|
|
2009-08-10
|
|
Joomla! Component Kunena Forums (com_kunena) - Blind SQL Injection
|
2 |
WEB
|
ilker Kandemir
|
|
2009-08-10
|
|
CMS Made Simple 1.6.2 - Local File Disclosure
|
2 |
WEB
|
IHTeam
|
|
2009-08-10
|
|
Mini-CMS 1.0.1 - 'page.php' SQL Injection
|
2 |
WEB
|
Ins3t
|
|
2009-08-10
|
|
Papoo CMS 3.7.3 - (Authenticated) Arbitrary Code Execution
|
2 |
WEB
|
RedTeam Pentesting
|
|
2009-08-10
|
|
SmilieScript 1.0 - Authentication Bypass
|
2 |
WEB
|
Mr.tro0oqy
|
|
2009-08-07
|
|
logoshows bbs 2.0 - File Disclosure / Insecure Cookie Handling
|
2 |
WEB
|
ZoRLu
|
|
2009-08-07
|
|
Logoshows BBS 2.0 - Authentication Bypass
|
2 |
WEB
|
Dns-Team
|
|
2009-08-07
|
|
Joomla! Component com_pms 2.0.4 - 'Ignore-List' SQL Injection
|
2 |
WEB
|
M4dhead
|
|
2009-08-07
|
|
IsolSoft Support Center 2.5 - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-08-07
|
|
Facil Helpdesk - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting
|
0 |
WEB
|
Moudi
|
|
2009-08-07
|
|
PHPCityPortal - Authentication Bypass
|
1 |
WEB
|
CoBRa_21
|
|
2009-08-07
|
|
Arab Portal 2.2 - Blind Cookie Authentication Bypass
|
2 |
WEB
|
Jafer Al Zidjali
|
|
2009-08-07
|
|
Typing Pal 1.0 - 'idTableProduit' SQL Injection
|
1 |
WEB
|
Red-D3v1L
|
|
2009-08-07
|
|
Logoshows BBS 2.0 - 'forumid' SQL Injection
|
2 |
WEB
|
Ruzgarin_Oglu
|
|
2009-08-07
|
|
Banner Exchange Script 1.0 - 'targetid' Blind SQL Injection
|
2 |
WEB
|
599eme Man
|
|
2009-08-07
|
|
PHotoLa Gallery 1.0 - Authentication Bypass
|
2 |
WEB
|
Red-D3v1L
|
|
2009-08-07
|
|
Alwasel 1.5 - Multiple SQL Injections
|
2 |
WEB
|
SwEET-DeViL
|
|
2009-08-06
|
|
LM Starmail 2.0 - SQL Injection / File Inclusion
|
1 |
WEB
|
int_main();
|
|
2009-08-06
|
|
TYPO3 CMS 4.0 - 'showUid' SQL Injection
|
2 |
WEB
|
Ro0T-MaFia
|
|
2009-08-06
|
|
PHP Script Forum Hoster - Topic Delete / Cross-Site Scripting
|
2 |
WEB
|
int_main();
|
|
2009-08-05
|
|
Portel 2008 - 'decide.php?patron' Blind SQL Injection
|
2 |
WEB
|
Chip d3 bi0s
|
|
2009-08-05
|
|
opennews 1.0 - SQL Injection / Remote Code Execution
|
2 |
WEB
|
SirGod
|
|
2009-08-05
|
|
AccessoriesMe PHP Affiliate Script 1.4 - Blind SQL Injection / Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-08-05
|
|
Irokez CMS 0.7.1 - SQL Injection
|
2 |
WEB
|
Ins3t
|
|
2009-08-05
|
|
tenrok 1.1.0 - File Disclosure / Remote Code Execution
|
2 |
WEB
|
SirGod
|
|
2009-08-05
|
|
mybackup 1.4.0 - File Download / Remote File Inclusion
|
2 |
WEB
|
SirGod
|
|
2009-08-04
|
|
In-portal 4.3.1 - 'index.php?env' Local File Inclusion
|
2 |
WEB
|
Angela Chang
|
|
2009-08-04
|
|
Perl$hop E-Commerce Script - Trust Boundary Input Parameter Injection
|
2 |
WEB
|
Shadow
|
|
2009-08-04
|
|
ShopMaker CMS 2.0 - Blind SQL Injection / Local File Inclusion
|
2 |
WEB
|
PLATEN
|
|
2009-08-04
|
|
elgg 1.5 - '/_css/js.php' Local File Inclusion
|
1 |
WEB
|
eLwaux
|
|
2009-08-04
|
|
MOC Designs PHP News 1.1 - Authentication Bypass
|
1 |
WEB
|
SirGod
|
|
2009-08-03
|
|
Payment Processor Script (PPScript) - 'shop.htm cid' SQL Injection
|
1 |
WEB
|
ZoRLu
|
|
2009-08-03
|
|
MAXcms 3.11.20b - Remote File Inclusion / File Disclosure
|
2 |
WEB
|
GoLd_M
|
|
2009-08-03
|
|
Discloser 0.0.4-rc2 - 'index.php?more' SQL Injection
|
2 |
WEB
|
Salvatore Fresta
|
|
2009-08-03
|
|
Blink Blog System - Authentication Bypass
|
2 |
WEB
|
Salvatore Fresta
|
|
2009-08-03
|
|
Arab Portal 2.2 - 'mod.php' Local File Inclusion
|
2 |
WEB
|
Qabandi
|
|
2009-08-03
|
|
Multi Website 1.5 - index PHP action SQL Injection
|
2 |
WEB
|
SarBoT511
|
|
2009-08-03
|
|
elvin bts 1.2.2 - SQL Injection / Cross-Site Scripting
|
2 |
WEB
|
599eme Man
|
|
2009-08-03
|
|
Questions Answered 1.3 - Authentication Bypass
|
2 |
WEB
|
snakespc
|
|
2009-08-03
|
|
x10 media adult script 1.7 - Multiple Vulnerabilities
|
2 |
WEB
|
Moudi
|
|
2009-08-03
|
|
Miniweb 2.0 Module Survey Pro - Blind SQL Injection / Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-08-03
|
|
Miniweb 2.0 Module Publisher - Blind SQL Injection / Cross-Site Scripting
|
2 |
WEB
|
Moudi
|
|
2009-08-03
|
|
simplePHPWeb 0.2 - 'files.php' Authentication Bypass
|
1 |
WEB
|
SirGod
|
|
2009-08-03
|
|
SimpleLoginSys 0.5 - Authentication Bypass
|
1 |
WEB
|
SirGod
|
|
2009-08-03
|
|
TT Web Site Manager 0.5 - Authentication Bypass
|
2 |
WEB
|
SirGod
|
|
2009-08-03
|
|
QuickDev 4 - 'download.php' File Disclosure
|
2 |
WEB
|
SirGod
|
|
2009-08-03
|
|
Netpet CMS 1.9 - 'confirm.php?language' Local File Inclusion
|
2 |
WEB
|
SirGod
|
|
2009-08-03
|
|
Ajax Short URL Script - Authentication Bypass
|
2 |
WEB
|
Cicklow
|
|
2009-08-03
|
|
ProjectButler 1.5.0 - 'pda_projects.php?offset' Remote File Inclusion
|
2 |
WEB
|
cr4wl3r
|
|
2009-08-03
|
|
AW BannerAd - Authentication Bypass
|
2 |
WEB
|
Ro0T-MaFia
|
|
2009-08-01
|
|
Mobilelib Gold 3.0 - Authentication Bypass / SQL Injection
|
2 |
WEB
|
SwEET-DeViL
|
|
2009-08-01
|
|
aa33code 0.0.1 - Local File Inclusion / Authentication Bypass / File Disclosure
|
2 |
WEB
|
SirGod
|
|
2009-08-01
|
|
PortalXP Teacher Edition 1.2 - Multiple SQL Injections
|
2 |
WEB
|
SirGod
|
|
2009-08-01
|
|
Joomla! Component com_jfusion - 'itemID' Blind SQL Injection
|
2 |
WEB
|
Chip d3 bi0s
|
|
2009-08-01
|
|
MAXcms 3.11.20b - Multiple Remote File Inclusions
|
3 |
WEB
|
NoGe
|
|
2009-08-01
|
|
Arab Portal 2.x - 'forum.php' SQL Injection
|
2 |
WEB
|
rEcruit
|
|
2009-07-30
|
|
linkSpheric 0.74b6 - 'listID' SQL Injection
|
1 |
WEB
|
NoGe
|
|
2009-07-30
|
|
PunBB Reputation.php Mod 2.0.4 - Local File Inclusion
|
1 |
WEB
|
Dante90
|
|
2009-07-30
|
|
MUJE CMS 1.0.4.34 - Local File Inclusion
|
1 |
WEB
|
SirGod
|
|
2009-07-30
|
|
Really Simple CMS 0.3a - 'PT' Local File Inclusion
|
1 |
WEB
|
SirGod
|
|
2009-07-30
|
|
d.net CMS - Local File Inclusion / SQL Injection
|
1 |
WEB
|
SirGod
|
|
2009-07-30
|
|
cmsphp 0.21 - Local File Inclusion / Cross-Site Scripting
|
1 |
WEB
|
SirGod
|
|
2009-07-30
|
|
dit.cms 1.3 - 'path/sitemap/relPath' Local File Inclusion
|
1 |
WEB
|
SirGod
|
|
2009-07-30
|
|
Orbis CMS 1.0 - File Delete / Download File / Arbitrary File Upload / SQL Injection
|
0 |
WEB
|
SirGod
|
|
2009-07-30
|
|
justVisual 1.2 - 'fs_jVroot' Remote File Inclusion
|
0 |
WEB
|
SirGod
|
|
2009-07-30
|
|
Ultrize TimeSheet 1.2.2 - 'readfile()' Local File Disclosure
|
1 |
WEB
|
GoLd_M
|
|
2009-07-28
|
|
ultrize timesheet 1.2.2 - Remote File Inclusion
|
2 |
WEB
|
NoGe
|
|
2009-07-28
|
|
TinyBrowser (TinyMCE Editor File browser) 1.41.6 - Multiple Vulnerabilities
|
1 |
WEB
|
Aung Khant
|
|
2009-07-28
|
|
PaoLiber 1.1 - 'login_ok' Authentication Bypass
|
2 |
WEB
|
SirGod
|
|
2009-07-28
|
|
PaoBacheca Guestbook 2.1 - 'login_ok' Authentication Bypass
|
1 |
WEB
|
SirGod
|
|
2009-07-28
|
|
PaoLink 1.0 - 'login_ok' Authentication Bypass
|
2 |
WEB
|
SirGod
|
|
2009-07-28
|
|
In-portal 4.3.1 - Arbitrary File Upload
|
2 |
WEB
|
Mr.tro0oqy
|
|
2009-07-28
|
|
PunBB Reputation.php Mod 2.0.4 - Blind SQL Injection
|
1 |
WEB
|
Dante90
|
|
2009-07-28
|
|
phpArcadeScript 4.0 - 'id' SQL Injection
|
1 |
WEB
|
MizoZ
|
|
2009-07-28
|
|
PHP Paid 4 Mail Script - 'paidbanner.php?ID' SQL Injection
|
1 |
WEB
|
ThE g0bL!N
|
|
2009-07-27
|
|
SerWeb 2.1.0-dev1 2009-07-02 - Multiple Remote File Inclusions
|
0 |
WEB
|
GoLd_M
|
|
2009-07-27
|
|
Magician Blog 1.0 - Authentication Bypass
|
0 |
WEB
|
Evil-Cod3r
|
|
2009-07-27
|
|
Magician Blog 1.0 - 'ids' SQL Injection
|
0 |
WEB
|
Evil-Cod3r
|
|
2009-07-27
|
|
Limny 1.01 - Authentication Bypass
|
1 |
WEB
|
SirGod
|
|
2009-07-27
|
|
PunBB Automatic Image Upload 1.3.5 - Arbitrary File Delete
|
1 |
WEB
|
Dante90
|
|
2009-07-27
|
|
PunBB Automatic Image Upload 1.3.5 - SQL Injection
|
1 |
WEB
|
Dante90
|
|
2009-07-27
|
|
Joomla! Component IXXO Cart! Standalone and - SQL Injection
|
2 |
WEB
|
sm0k3
|
|
2009-07-27
|
|
Allomani Movies & Clips 2.7.0 - Blind SQL Injection
|
1 |
WEB
|
Qabandi
|
|
2009-07-27
|
|
Allomani Songs & Clips 2.7.0 - Blind SQL Injection
|
2 |
WEB
|
Qabandi
|
|
2009-07-27
|
|
Allomani Mobile 2.5 - Blind SQL Injection
|
2 |
WEB
|
Qabandi
|
|
2009-07-27
|
|
Inout Adserver - 'id' SQL Injection
|
0 |
WEB
|
boom3rang
|
|
2009-07-27
|
|
Super Mod System 3.0 - 's' SQL Injection
|
0 |
WEB
|
MizoZ
|
