|
2009-08-12
|
|
Gazelle CMS 1.0 - Multiple Vulnerabilities / Remote Code Execution
|
10 |
WEB
|
IHTeam
|
|
2009-08-12
|
|
Plume CMS 1.2.3 - Multiple SQL Injections
|
12 |
WEB
|
Sense of Security
|
|
2009-08-12
|
|
Gallarific 1.1 - '/gallery.php' Arbitrary Delete/Edit Category
|
13 |
WEB
|
ilker Kandemir
|
|
2009-08-12
|
|
Shorty 0.7.1b - (Authentication Bypass) Insecure Cookie Handling
|
13 |
WEB
|
Pedro Laguna
|
|
2009-08-11
|
|
OCS Inventory NG 1.2.1 - 'systemid' SQL Injection
|
16 |
WEB
|
Guilherme Marinheiro
|
|
2009-08-11
|
|
Joomla! Component idoblog 1.1b30 (com_idoblog) - SQL Injection
|
13 |
WEB
|
kkr
|
|
2009-08-11
|
|
WordPress Core 2.8.3 - Remote Admin Reset Password
|
12 |
WEB
|
laurent gaffié
|
|
2009-08-10
|
|
Joomla! Component Kunena Forums (com_kunena) - Blind SQL Injection
|
17 |
WEB
|
ilker Kandemir
|
|
2009-08-10
|
|
CMS Made Simple 1.6.2 - Local File Disclosure
|
14 |
WEB
|
IHTeam
|
|
2009-08-10
|
|
Mini-CMS 1.0.1 - 'page.php' SQL Injection
|
13 |
WEB
|
Ins3t
|
|
2009-08-10
|
|
Papoo CMS 3.7.3 - (Authenticated) Arbitrary Code Execution
|
14 |
WEB
|
RedTeam Pentesting
|
|
2009-08-10
|
|
SmilieScript 1.0 - Authentication Bypass
|
18 |
WEB
|
Mr.tro0oqy
|
|
2009-08-07
|
|
logoshows bbs 2.0 - File Disclosure / Insecure Cookie Handling
|
15 |
WEB
|
ZoRLu
|
|
2009-08-07
|
|
Logoshows BBS 2.0 - Authentication Bypass
|
13 |
WEB
|
Dns-Team
|
|
2009-08-07
|
|
Joomla! Component com_pms 2.0.4 - 'Ignore-List' SQL Injection
|
12 |
WEB
|
M4dhead
|
|
2009-08-07
|
|
IsolSoft Support Center 2.5 - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting
|
13 |
WEB
|
Moudi
|
|
2009-08-07
|
|
Facil Helpdesk - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting
|
11 |
WEB
|
Moudi
|
|
2009-08-07
|
|
PHPCityPortal - Authentication Bypass
|
12 |
WEB
|
CoBRa_21
|
|
2009-08-07
|
|
Arab Portal 2.2 - Blind Cookie Authentication Bypass
|
12 |
WEB
|
Jafer Al Zidjali
|
|
2009-08-07
|
|
Typing Pal 1.0 - 'idTableProduit' SQL Injection
|
16 |
WEB
|
Red-D3v1L
|
|
2009-08-07
|
|
Logoshows BBS 2.0 - 'forumid' SQL Injection
|
13 |
WEB
|
Ruzgarin_Oglu
|
|
2009-08-07
|
|
Banner Exchange Script 1.0 - 'targetid' Blind SQL Injection
|
15 |
WEB
|
599eme Man
|
|
2009-08-07
|
|
PHotoLa Gallery 1.0 - Authentication Bypass
|
13 |
WEB
|
Red-D3v1L
|
|
2009-08-07
|
|
Alwasel 1.5 - Multiple SQL Injections
|
14 |
WEB
|
SwEET-DeViL
|
|
2009-08-06
|
|
LM Starmail 2.0 - SQL Injection / File Inclusion
|
12 |
WEB
|
int_main();
|
|
2009-08-06
|
|
TYPO3 CMS 4.0 - 'showUid' SQL Injection
|
15 |
WEB
|
Ro0T-MaFia
|
|
2009-08-06
|
|
PHP Script Forum Hoster - Topic Delete / Cross-Site Scripting
|
12 |
WEB
|
int_main();
|
|
2009-08-05
|
|
Portel 2008 - 'decide.php?patron' Blind SQL Injection
|
13 |
WEB
|
Chip d3 bi0s
|
|
2009-08-05
|
|
opennews 1.0 - SQL Injection / Remote Code Execution
|
14 |
WEB
|
SirGod
|
|
2009-08-05
|
|
AccessoriesMe PHP Affiliate Script 1.4 - Blind SQL Injection / Cross-Site Scripting
|
12 |
WEB
|
Moudi
|
|
2009-08-05
|
|
Irokez CMS 0.7.1 - SQL Injection
|
11 |
WEB
|
Ins3t
|
|
2009-08-05
|
|
tenrok 1.1.0 - File Disclosure / Remote Code Execution
|
12 |
WEB
|
SirGod
|
|
2009-08-05
|
|
mybackup 1.4.0 - File Download / Remote File Inclusion
|
14 |
WEB
|
SirGod
|
|
2009-08-04
|
|
In-portal 4.3.1 - 'index.php?env' Local File Inclusion
|
14 |
WEB
|
Angela Chang
|
|
2009-08-04
|
|
Perl$hop E-Commerce Script - Trust Boundary Input Parameter Injection
|
15 |
WEB
|
Shadow
|
|
2009-08-04
|
|
ShopMaker CMS 2.0 - Blind SQL Injection / Local File Inclusion
|
11 |
WEB
|
PLATEN
|
|
2009-08-04
|
|
elgg 1.5 - '/_css/js.php' Local File Inclusion
|
14 |
WEB
|
eLwaux
|
|
2009-08-04
|
|
MOC Designs PHP News 1.1 - Authentication Bypass
|
11 |
WEB
|
SirGod
|
|
2009-08-03
|
|
Payment Processor Script (PPScript) - 'shop.htm cid' SQL Injection
|
13 |
WEB
|
ZoRLu
|
|
2009-08-03
|
|
MAXcms 3.11.20b - Remote File Inclusion / File Disclosure
|
11 |
WEB
|
GoLd_M
|
|
2009-08-03
|
|
Discloser 0.0.4-rc2 - 'index.php?more' SQL Injection
|
13 |
WEB
|
Salvatore Fresta
|
|
2009-08-03
|
|
Blink Blog System - Authentication Bypass
|
11 |
WEB
|
Salvatore Fresta
|
|
2009-08-03
|
|
Arab Portal 2.2 - 'mod.php' Local File Inclusion
|
13 |
WEB
|
Qabandi
|
|
2009-08-03
|
|
Multi Website 1.5 - index PHP action SQL Injection
|
12 |
WEB
|
SarBoT511
|
|
2009-08-03
|
|
elvin bts 1.2.2 - SQL Injection / Cross-Site Scripting
|
14 |
WEB
|
599eme Man
|
|
2009-08-03
|
|
Questions Answered 1.3 - Authentication Bypass
|
13 |
WEB
|
snakespc
|
|
2009-08-03
|
|
x10 media adult script 1.7 - Multiple Vulnerabilities
|
13 |
WEB
|
Moudi
|
|
2009-08-03
|
|
Miniweb 2.0 Module Survey Pro - Blind SQL Injection / Cross-Site Scripting
|
13 |
WEB
|
Moudi
|
|
2009-08-03
|
|
Miniweb 2.0 Module Publisher - Blind SQL Injection / Cross-Site Scripting
|
14 |
WEB
|
Moudi
|
|
2009-08-03
|
|
simplePHPWeb 0.2 - 'files.php' Authentication Bypass
|
13 |
WEB
|
SirGod
|
|
2009-08-03
|
|
SimpleLoginSys 0.5 - Authentication Bypass
|
10 |
WEB
|
SirGod
|
|
2009-08-03
|
|
TT Web Site Manager 0.5 - Authentication Bypass
|
14 |
WEB
|
SirGod
|
|
2009-08-03
|
|
QuickDev 4 - 'download.php' File Disclosure
|
12 |
WEB
|
SirGod
|
|
2009-08-03
|
|
Netpet CMS 1.9 - 'confirm.php?language' Local File Inclusion
|
11 |
WEB
|
SirGod
|
|
2009-08-03
|
|
Ajax Short URL Script - Authentication Bypass
|
11 |
WEB
|
Cicklow
|
|
2009-08-03
|
|
ProjectButler 1.5.0 - 'pda_projects.php?offset' Remote File Inclusion
|
12 |
WEB
|
cr4wl3r
|
|
2009-08-03
|
|
AW BannerAd - Authentication Bypass
|
12 |
WEB
|
Ro0T-MaFia
|
|
2009-08-01
|
|
Mobilelib Gold 3.0 - Authentication Bypass / SQL Injection
|
13 |
WEB
|
SwEET-DeViL
|
|
2009-08-01
|
|
aa33code 0.0.1 - Local File Inclusion / Authentication Bypass / File Disclosure
|
12 |
WEB
|
SirGod
|
|
2009-08-01
|
|
PortalXP Teacher Edition 1.2 - Multiple SQL Injections
|
11 |
WEB
|
SirGod
|
|
2009-08-01
|
|
Joomla! Component com_jfusion - 'itemID' Blind SQL Injection
|
12 |
WEB
|
Chip d3 bi0s
|
|
2009-08-01
|
|
MAXcms 3.11.20b - Multiple Remote File Inclusions
|
13 |
WEB
|
NoGe
|
|
2009-08-01
|
|
Arab Portal 2.x - 'forum.php' SQL Injection
|
11 |
WEB
|
rEcruit
|
|
2009-07-30
|
|
linkSpheric 0.74b6 - 'listID' SQL Injection
|
11 |
WEB
|
NoGe
|
|
2009-07-30
|
|
PunBB Reputation.php Mod 2.0.4 - Local File Inclusion
|
11 |
WEB
|
Dante90
|
|
2009-07-30
|
|
MUJE CMS 1.0.4.34 - Local File Inclusion
|
14 |
WEB
|
SirGod
|
|
2009-07-30
|
|
Really Simple CMS 0.3a - 'PT' Local File Inclusion
|
13 |
WEB
|
SirGod
|
|
2009-07-30
|
|
d.net CMS - Local File Inclusion / SQL Injection
|
14 |
WEB
|
SirGod
|
|
2009-07-30
|
|
cmsphp 0.21 - Local File Inclusion / Cross-Site Scripting
|
14 |
WEB
|
SirGod
|
|
2009-07-30
|
|
dit.cms 1.3 - 'path/sitemap/relPath' Local File Inclusion
|
15 |
WEB
|
SirGod
|
|
2009-07-30
|
|
Orbis CMS 1.0 - File Delete / Download File / Arbitrary File Upload / SQL Injection
|
12 |
WEB
|
SirGod
|
|
2009-07-30
|
|
justVisual 1.2 - 'fs_jVroot' Remote File Inclusion
|
17 |
WEB
|
SirGod
|
|
2009-07-30
|
|
Ultrize TimeSheet 1.2.2 - 'readfile()' Local File Disclosure
|
13 |
WEB
|
GoLd_M
|
|
2009-07-28
|
|
ultrize timesheet 1.2.2 - Remote File Inclusion
|
13 |
WEB
|
NoGe
|
|
2009-07-28
|
|
TinyBrowser (TinyMCE Editor File browser) 1.41.6 - Multiple Vulnerabilities
|
12 |
WEB
|
Aung Khant
|
|
2009-07-28
|
|
PaoLiber 1.1 - 'login_ok' Authentication Bypass
|
15 |
WEB
|
SirGod
|
|
2009-07-28
|
|
PaoBacheca Guestbook 2.1 - 'login_ok' Authentication Bypass
|
13 |
WEB
|
SirGod
|
|
2009-07-28
|
|
PaoLink 1.0 - 'login_ok' Authentication Bypass
|
14 |
WEB
|
SirGod
|
|
2009-07-28
|
|
In-portal 4.3.1 - Arbitrary File Upload
|
13 |
WEB
|
Mr.tro0oqy
|
|
2009-07-28
|
|
PunBB Reputation.php Mod 2.0.4 - Blind SQL Injection
|
13 |
WEB
|
Dante90
|
|
2009-07-28
|
|
phpArcadeScript 4.0 - 'id' SQL Injection
|
12 |
WEB
|
MizoZ
|
|
2009-07-28
|
|
PHP Paid 4 Mail Script - 'paidbanner.php?ID' SQL Injection
|
12 |
WEB
|
ThE g0bL!N
|
|
2009-07-27
|
|
SerWeb 2.1.0-dev1 2009-07-02 - Multiple Remote File Inclusions
|
13 |
WEB
|
GoLd_M
|
|
2009-07-27
|
|
Magician Blog 1.0 - Authentication Bypass
|
11 |
WEB
|
Evil-Cod3r
|
|
2009-07-27
|
|
Magician Blog 1.0 - 'ids' SQL Injection
|
11 |
WEB
|
Evil-Cod3r
|
|
2009-07-27
|
|
Limny 1.01 - Authentication Bypass
|
13 |
WEB
|
SirGod
|
|
2009-07-27
|
|
PunBB Automatic Image Upload 1.3.5 - Arbitrary File Delete
|
13 |
WEB
|
Dante90
|
|
2009-07-27
|
|
PunBB Automatic Image Upload 1.3.5 - SQL Injection
|
13 |
WEB
|
Dante90
|
|
2009-07-27
|
|
Joomla! Component IXXO Cart! Standalone and - SQL Injection
|
12 |
WEB
|
sm0k3
|
|
2009-07-27
|
|
Allomani Movies & Clips 2.7.0 - Blind SQL Injection
|
14 |
WEB
|
Qabandi
|
|
2009-07-27
|
|
Allomani Songs & Clips 2.7.0 - Blind SQL Injection
|
13 |
WEB
|
Qabandi
|
|
2009-07-27
|
|
Allomani Mobile 2.5 - Blind SQL Injection
|
15 |
WEB
|
Qabandi
|
|
2009-07-27
|
|
Inout Adserver - 'id' SQL Injection
|
13 |
WEB
|
boom3rang
|
|
2009-07-27
|
|
Super Mod System 3.0 - 's' SQL Injection
|
13 |
WEB
|
MizoZ
|
|
2009-07-27
|
|
PHP Paid 4 Mail Script - 'home.php' Remote File Inclusion
|
14 |
WEB
|
int_main();
|
|
2009-07-27
|
|
VS PANEL 7.5.5 - 'Cat_ID' SQL Injection
|
13 |
WEB
|
octopos
|
|
2009-07-27
|
|
iwiccle 1.01 - Local File Inclusion / SQL Injection
|
12 |
WEB
|
SirGod
|
|
2009-07-27
|
|
URA 3.0 - 'cat' SQL Injection
|
11 |
WEB
|
Chip d3 bi0s
|
|
2009-07-27
|
|
garagesalesjunkie - SQL Injection / Cross-Site Scripting
|
11 |
WEB
|
Moudi
|
|
2009-07-27
|
|
XOOPS Celepar Module Qas - Blind SQL Injection / Cross-Site Scripting
|
11 |
WEB
|
Moudi
|
|
2009-07-27
|
|
skadate dating - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting
|
12 |
WEB
|
Moudi
|
|
2009-07-27
|
|
almond Classifieds ads - Blind SQL Injection / Cross-Site Scripting
|
13 |
WEB
|
Moudi
|
|
2009-07-27
|
|
Joomla! Component Almond Classifieds com_aclassf 7.5 - Multiple Vulnerabilities
|
12 |
WEB
|
Moudi
|
|
2009-07-24
|
|
Pixaria Gallery 2.3.5 - 'file' Remote File Disclosure
|
13 |
WEB
|
Qabandi
|
|
2009-07-24
|
|
Scripteen Free Image Hosting Script 2.3 - Insecure Cookie Handling
|
11 |
WEB
|
Qabandi
|
|
2009-07-24
|
|
Clip Bucket 1.7.1 - Insecure Cookie Handling
|
13 |
WEB
|
Qabandi
|
|
2009-07-24
|
|
PHP Live! 3.2.2 - 'questid' SQL Injection (2)
|
11 |
WEB
|
skys
|
|
2009-07-24
|
|
Scripteen Free Image Hosting Script 2.3 - SQL Injection
|
11 |
WEB
|
Coksnuss
|
|
2009-07-24
|
|
Deonixscripts Templates Management 1.3 - SQL Injection
|
10 |
WEB
|
d3b4g
|
|
2009-07-24
|
|
WordPress Core 2.8.1 - 'url' Cross-Site Scripting
|
11 |
WEB
|
superfreakaz0rz
|
|
2009-07-24
|
|
XOOPS Celepar Module Qas - 'codigo' SQL Injection
|
13 |
WEB
|
s4r4d0
|
|
2009-07-24
|
|
SaphpLesson 4.0 - Authentication Bypass
|
12 |
WEB
|
SwEET-DeViL
|
|
2009-07-24
|
|
Basilic 1.5.13 - 'index.php?idAuthor' SQL Injection
|
12 |
WEB
|
NoGe
|
|
2009-07-24
|
|
Joomla! Extension UIajaxIM 1.1 - JavaScript Execution
|
13 |
WEB
|
599eme Man
|
|
2009-07-24
|
|
Million-Dollar Pixel Ads Platinum - SQL Injection / Cross-Site Scripting
|
11 |
WEB
|
Moudi
|
|
2009-07-23
|
|
PHP Melody 1.5.3 - Arbitrary File Upload Injection
|
13 |
WEB
|
Chip d3 bi0s
|
|
2009-07-23
|
|
Joomla! Component com_Joomlaoads - 'packageId' SQL Injection
|
12 |
WEB
|
Mr.tro0oqy
|
|
2009-07-23
|
|
AWCM 2.1 - Local File Inclusion / Authentication Bypass
|
14 |
WEB
|
SwEET-DeViL
|
|
2009-07-23
|
|
Groone's GLink ORGanizer 2.1 - 'cat' Blind SQL Injection
|
14 |
WEB
|
599eme Man
|
|
2009-07-23
|
|
e107 Plugin my_gallery 2.4.1 - 'readfile()' Local File Disclosure
|
15 |
WEB
|
NoGe
|
|
2009-07-22
|
|
Phorum 5.2.11 - Persistent Cross-Site Scripting
|
13 |
WEB
|
Crashfr
|
|
2009-07-21
|
|
Meta Search Engine Script - 'url' Local File Disclosure
|
13 |
WEB
|
Moudi
|
|
2009-07-21
|
|
phpDirectorySource 1.0 - Cross-Site Scripting / SQL Injection
|
11 |
WEB
|
Moudi
|
|
2009-07-21
|
|
AnotherPHPBook (APB) 1.3.0 - Authentication Bypass
|
11 |
WEB
|
n3w7u
|
|
2009-07-20
|
|
powerUpload 2.4 - (Authentication Bypass) Insecure Cookie Handling
|
13 |
WEB
|
InjEctOr5
|
