|
2009-06-29
|
|
Clicknet CMS 2.1 - 'side' Arbitrary File Disclosure
|
2 |
WEB
|
ThE g0bL!N
|
|
2009-06-29
|
|
PHP-Sugar 0.80 - 'index.php?t' Local File Inclusion
|
2 |
WEB
|
ahmadbady
|
|
2009-06-29
|
|
Almnzm - 'COOKIE: customer' SQL Injection
|
2 |
WEB
|
Qabandi
|
|
2009-06-29
|
|
osTicket 1.6 RC4 - Admin Login Blind SQL Injection
|
1 |
WEB
|
Adam Baldwin
|
|
2009-06-29
|
|
Joomla! Component com_K2 -q 1.0.1b - 'category' SQL Injection
|
1 |
WEB
|
Chip d3 bi0s
|
|
2009-06-29
|
|
Joomla! Component com_php - 'id' Blind SQL Injection
|
1 |
WEB
|
Chip d3 bi0s
|
|
2009-06-29
|
|
Messages Library 2.0 - 'cat.php?CatID' SQL Injection
|
1 |
WEB
|
SecurityRules
|
|
2009-06-29
|
|
WHOISCART - Authentication Bypass / Information Disclosure
|
1 |
WEB
|
SecurityRules
|
|
2009-06-26
|
|
Mega File Manager 1.0 - 'index.php' Local File Inclusion
|
1 |
WEB
|
SirGod
|
|
2009-06-26
|
|
ForumPal FE 1.1 - Authentication Bypass
|
1 |
WEB
|
ThE g0bL!N
|
|
2009-06-26
|
|
PHP-Address Book 4.0.x - Multiple SQL Injections
|
1 |
WEB
|
YEnH4ckEr
|
|
2009-06-26
|
|
Virtue Online Test Generator - Authentication Bypass / SQL Injection / Cross-Site Scripting
|
1 |
WEB
|
HxH
|
|
2009-06-25
|
|
MD-Pro 1.083.x - Survey Module 'pollID' Blind SQL Injection
|
0 |
WEB
|
XaDoS
|
|
2009-06-25
|
|
AlumniServer 1.0.1 - 'resetpwemail' Blind SQL Injection
|
0 |
WEB
|
YEnH4ckEr
|
|
2009-06-25
|
|
AlumniServer 1.0.1 - Authentication Bypass
|
0 |
WEB
|
YEnH4ckEr
|
|
2009-06-25
|
|
MyFusion 6b - settings[locale] Local File Inclusion
|
0 |
WEB
|
CraCkEr
|
|
2009-06-25
|
|
Joomla! Component com_pinboard - 'task' SQL Injection
|
0 |
WEB
|
Stack
|
|
2009-06-24
|
|
Joomla! Component com_amocourse - 'catid' SQL Injection
|
0 |
WEB
|
Chip d3 bi0s
|
|
2009-06-24
|
|
LightOpenCMS 0.1 - 'smarty.php?cwd' Local File Inclusion
|
0 |
WEB
|
JosS
|
|
2009-06-24
|
|
PHPEcho CMS 2.0-rc3 - 'forum' Cross-Site Scripting Cookie Stealing / Blind SQL Injection
|
0 |
WEB
|
JosS
|
|
2009-06-24
|
|
Tribiq CMS 5.0.12c - Cross-Site Scripting / Local File Inclusion
|
1 |
WEB
|
CraCkEr
|
|
2009-06-24
|
|
Joomla! Component com_pinboard - Arbitrary File Upload
|
1 |
WEB
|
ViRuSMaN
|
|
2009-06-24
|
|
Glossword 1.8.11 - 'index.php?x' Local File Inclusion
|
1 |
WEB
|
t0fx
|
|
2009-06-24
|
|
BASE 1.2.4 - (Authentication Bypass) Insecure Cookie Handling
|
1 |
WEB
|
Tim Medin
|
|
2009-06-23
|
|
phpCollegeExchange 0.1.5c - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting
|
0 |
WEB
|
CraCkEr
|
|
2009-06-23
|
|
Zen Cart 1.3.8 - SQL Execution
|
0 |
WEB
|
BlackH
|
|
2009-06-23
|
|
Zen Cart 1.3.8 - Remote Code Execution
|
1 |
WEB
|
BlackH
|
|
2009-06-22
|
|
MyBB 1.4.6 - Remote Code Execution
|
1 |
WEB
|
The:Paradox
|
|
2009-06-22
|
|
RS-CMS 2.1 - 'key' SQL Injection
|
1 |
WEB
|
Mr.tro0oqy
|
|
2009-06-22
|
|
Joomla! Component com_tickets 2.1 - 'id' SQL Injection
|
1 |
WEB
|
Chip d3 bi0s
|
|
2009-06-22
|
|
SourceBans 1.4.2 - Arbitrary Change Admin Email
|
2 |
WEB
|
Mr. Anonymous
|
|
2009-06-22
|
|
Kasseler CMS - File Disclosure / Cross-Site Scripting
|
2 |
WEB
|
S(r1pt
|
|
2009-06-22
|
|
Gravy Media Photo Host 1.0.8 - Local File Disclosure
|
2 |
WEB
|
Lo$er
|
|
2009-06-22
|
|
Campsite 3.3.0 RC1 - Multiple Remote File Inclusions
|
2 |
WEB
|
CraCkEr
|
|
2009-06-22
|
|
AWScripts Gallery Search Engine 1.x - Insecure Cookie
|
2 |
WEB
|
TiGeR-Dz
|
|
2009-06-22
|
|
elgg - Cross-Site Scripting / Cross-Site Request Forgery / Change Password
|
2 |
WEB
|
lorddemon
|
|
2009-06-22
|
|
phpMyAdmin - 'pmaPWN!' Code Injection / Remote Code Execution
|
2 |
WEB
|
Hacking Expose!
|
|
2009-06-22
|
|
phpDatingClub 3.7 - SQL Injection / Cross-Site Scripting Injection
|
2 |
WEB
|
ThE g0bL!N
|
|
2009-06-22
|
|
pc4 Uploader 10.0 - Remote File Disclosure
|
2 |
WEB
|
Qabandi
|
|
2009-06-22
|
|
MIDAS 1.43 - (Authentication Bypass) Insecure Cookie Handling
|
2 |
WEB
|
HxH
|
|
2009-06-18
|
|
CMS buzz - Cross-Site Scripting / Password Change / HTML Injection
|
2 |
WEB
|
ThE g0bL!N
|
|
2009-06-17
|
|
PHPortal 1.0 - Insecure Cookie Handling
|
2 |
WEB
|
KnocKout
|
|
2009-06-17
|
|
FretsWeb 1.2 - 'name' Blind SQL Injection
|
2 |
WEB
|
YEnH4ckEr
|
|
2009-06-17
|
|
FretsWeb 1.2 - Multiple Local File Inclusions
|
2 |
WEB
|
YEnH4ckEr
|
|
2009-06-17
|
|
Fuzzylime CMS 3.03a - Local Inclusion / Arbitrary File Corruption
|
1 |
WEB
|
StAkeR
|
|
2009-06-17
|
|
TekBase All-in-One 3.1 - Multiple SQL Injections
|
2 |
WEB
|
n3wb0ss
|
|
2009-06-17
|
|
PHPFK 7.03 - 'page_bottom.php' Local File Inclusion
|
1 |
WEB
|
ahmadbady
|
|
2009-06-16
|
|
XOOPS 2.3.3 - '.htaccess' Remote File Disclosure
|
2 |
WEB
|
daath
|
|
2009-06-15
|
|
Joomla! Component Jumi - 'fileid' Blind SQL Injection
|
1 |
WEB
|
Chip d3 bi0s
|
|
2009-06-15
|
|
The Recipe Script 5 - Cross-Site Scripting
|
1 |
WEB
|
ThE g0bL!N
|
|
2009-06-15
|
|
PHPortal 1 - 'topicler.php?id' SQL Injection
|
1 |
WEB
|
Mehmet Ince
|
|
2009-06-15
|
|
vBulletin Radio and TV Player AddOn - HTML Injection
|
1 |
WEB
|
d3v1l
|
|
2009-06-15
|
|
PHPCollegeExchange 0.1.5c - 'listing_view.php?itemnr' SQL Injection
|
1 |
WEB
|
SirGod
|
|
2009-06-15
|
|
WordPress Plugin Photoracer 1.0 - 'id' SQL Injection
|
1 |
WEB
|
Kacper
|
|
2009-06-15
|
|
Joomla! Component com_iJoomla_rss - Blind SQL Injection
|
1 |
WEB
|
Mehmet Ince
|
|
2009-06-15
|
|
TorrentTrader Classic 1.09 - Multiple Vulnerabilities
|
1 |
WEB
|
waraxe
|
|
2009-06-15
|
|
Evernew Free Joke Script 1.2 - Remote Change Password
|
1 |
WEB
|
Hakxer
|
|
2009-06-15
|
|
adaptweb 0.9.2 - Local File Inclusion / SQL Injection
|
1 |
WEB
|
SirGod
|
|
2009-06-15
|
|
elvin bts 1.2.0 - Multiple Vulnerabilities
|
1 |
WEB
|
SirGod
|
|
2009-06-15
|
|
DB Top Sites 1.0 - 'index.php?u' Local File Inclusion
|
0 |
WEB
|
SirGod
|
|
2009-06-15
|
|
DB Top Sites 1.0 - Remote Command Execution
|
1 |
WEB
|
SirGod
|
|
2009-06-15
|
|
formmail 1.92 - Multiple Vulnerabilities
|
1 |
WEB
|
USH
|
|
2009-06-15
|
|
SugarCRM 5.2.0e - Remote Code Execution
|
1 |
WEB
|
USH
|
|
2009-06-15
|
|
Mundi Mail 0.8.2 - 'top' Remote File Inclusion
|
0 |
WEB
|
Br0ly
|
|
2009-06-15
|
|
impleo music Collection 2.0 - SQL Injection / Cross-Site Scripting
|
0 |
WEB
|
SirGod
|
|
2009-06-15
|
|
Joomla! Component com_Projectfork 2.0.10 - Local File Inclusion
|
0 |
WEB
|
ByALBAYX
|
|
2009-06-12
|
|
Uebimiau Web-Mail 3.2.0-1.8 - Remote File / Overwrite
|
0 |
WEB
|
GoLd_M
|
|
2009-06-12
|
|
TransLucid 1.75 - Multiple Vulnerabilities
|
0 |
WEB
|
intern0t
|
|
2009-06-12
|
|
tbdev 01-01-2008 - Multiple Vulnerabilities
|
0 |
WEB
|
intern0t
|
|
2009-06-12
|
|
pivot 1.40.4-7 - Multiple Vulnerabilities
|
0 |
WEB
|
intern0t
|
|
2009-06-12
|
|
phpWebThings 1.5.2 - MD5 Hash Retrieve/File Disclosure
|
1 |
WEB
|
StAkeR
|
|
2009-06-12
|
|
campus virtual-lms - Cross-Site Scripting / SQL Injection
|
1 |
WEB
|
Yasión
|
|
2009-06-12
|
|
4Images 1.7.7 - Filter Bypass HTML Injection / Cross-Site Scripting
|
1 |
WEB
|
Qabandi
|
|
2009-06-12
|
|
Zip Store Chat 4.0/5.0 - Authentication Bypass
|
1 |
WEB
|
ByALBAYX
|
|
2009-06-11
|
|
Sniggabo CMS - 'article.php?id' SQL Injection
|
1 |
WEB
|
Lidloses_Auge
|
|
2009-06-11
|
|
yogurt 0.3 - Cross-Site Scripting / SQL Injection
|
1 |
WEB
|
Br0ly
|
|
2009-06-11
|
|
TorrentVolve 1.4 - 'deleteTorrent' Delete Arbitrary File
|
1 |
WEB
|
Br0ly
|
|
2009-06-11
|
|
Splog 1.2 Beta - Multiple SQL Injections
|
1 |
WEB
|
YEnH4ckEr
|
|
2009-06-11
|
|
PHPWebThings 1.5.2 - 'help.php?module' Local File Inclusion
|
1 |
WEB
|
Br0ly
|
|
2009-06-10
|
|
Open Biller 0.1 - 'Username' Blind SQL Injection
|
1 |
WEB
|
YEnH4ckEr
|
|
2009-06-10
|
|
mrcgiguy freeticket - Cookie Handling / SQL Injection
|
1 |
WEB
|
ThE g0bL!N
|
|
2009-06-10
|
|
Desi Short URL Script - (Authentication Bypass) Insecure Cookie Handling
|
1 |
WEB
|
N@bilX
|
|
2009-06-10
|
|
School Data Navigator - 'page' Local/Remote File Inclusion
|
1 |
WEB
|
Br0ly
|
|
2009-06-10
|
|
LightNEasy sql/no-db 2.2.x - System Configuration Disclosure
|
1 |
WEB
|
StAkeR
|
|
2009-06-09
|
|
phpMyAdmin - '/scripts/setup.php' PHP Code Injection
|
1 |
WEB
|
Adrian _pagvac_ Pastor
|
|
2009-06-09
|
|
Joomla! Component com_vehiclemanager 1.0 - Remote File Inclusion
|
0 |
WEB
|
Mehmet Ince
|
|
2009-06-09
|
|
Joomla! Component com_realestatemanager 1.0 - Remote File Inclusion
|
1 |
WEB
|
Mehmet Ince
|
|
2009-06-09
|
|
MRCGIGUY Hot Links - 'report.php?id' SQL Injection
|
1 |
WEB
|
ThE g0bL!N
|
|
2009-06-09
|
|
mrcgiguy the ticket system 2.0 PHP - Multiple Vulnerabilities
|
1 |
WEB
|
ThE g0bL!N
|
|
2009-06-09
|
|
S-CMS 2.0b3 - 'Username' Blind SQL Injection
|
0 |
WEB
|
YEnH4ckEr
|
|
2009-06-09
|
|
S-CMS 2.0b3 - Multiple SQL Injections
|
1 |
WEB
|
YEnH4ckEr
|
|
2009-06-09
|
|
S-CMS 2.0b3 - Multiple Local File Inclusions
|
1 |
WEB
|
YEnH4ckEr
|
|
2009-06-09
|
|
Joomla! Component com_media_library 1.5.3 - Remote File Inclusion
|
1 |
WEB
|
Mehmet Ince
|
|
2009-06-09
|
|
Joomla! Component Akobook 2.3 - 'gbid' SQL Injection
|
1 |
WEB
|
Ab1i
|
|
2009-06-09
|
|
Joomla! Component BookLibrary 1.5.2.4 - Remote File Inclusion
|
1 |
WEB
|
Mehmet Ince
|
|
2009-06-08
|
|
Shop Script Pro 2.12 - SQL Injection
|
1 |
WEB
|
Ams
|
|
2009-06-08
|
|
Joomla! Component com_portafolio - 'cid' SQL Injection
|
1 |
WEB
|
Chip d3 bi0s
|
|
2009-06-08
|
|
Automated link exchange portal 1.3 - Multiple Vulnerabilities
|
1 |
WEB
|
TiGeR-Dz
|
|
2009-06-08
|
|
DM FileManager 3.9.2 - Insecure Cookie Handling
|
1 |
WEB
|
ThE g0bL!N
|
|
2009-06-08
|
|
Grestul 1.2 - Remote Add Administrator Account
|
1 |
WEB
|
ThE g0bL!N
|
|
2009-06-08
|
|
virtue news - SQL Injection / Cross-Site Scripting
|
1 |
WEB
|
snakespc
|
|
2009-06-08
|
|
Frontis 3.9.01.24 - 'source_class' SQL Injection
|
1 |
WEB
|
snakespc
|
|
2009-06-08
|
|
Joomla! Component MooFAQ (com_moofaq) - Local File Inclusion
|
2 |
WEB
|
Chip d3 bi0s
|
|
2009-06-08
|
|
Interlogy Profile Manager Basic - Insecure Cookie Handling
|
1 |
WEB
|
ZoRLu
|
|
2009-06-08
|
|
Virtue Shopping Mall - 'cid' SQL Injection
|
1 |
WEB
|
OzX
|
|
2009-06-08
|
|
Virtue Book Store - 'cid' SQL Injection
|
1 |
WEB
|
OzX
|
|
2009-06-08
|
|
Virtue Classifieds - 'category' SQL Injection
|
1 |
WEB
|
OzX
|
|
2009-06-08
|
|
Joomla! Component com_school 1.4 - 'classid' SQL Injection
|
1 |
WEB
|
Chip d3 bi0s
|
|
2009-06-08
|
|
FipsCMS Light 2.1 - 'db.mdb' Remote Database Disclosure
|
1 |
WEB
|
ByALBAYX
|
|
2009-06-08
|
|
VT-Auth 1.0 - 'zHk8dEes3.txt' File Disclosure
|
1 |
WEB
|
ByALBAYX
|
|
2009-06-08
|
|
MyCars Automotive - Authentication Bypass
|
2 |
WEB
|
snakespc
|
|
2009-06-05
|
|
Kjtechforce mailman b1 - 'dest' Blind SQL Injection
|
2 |
WEB
|
YEnH4ckEr
|
|
2009-06-05
|
|
Kjtechforce mailman b1 - Delete Row 'code' SQL Injection
|
2 |
WEB
|
YEnH4ckEr
|
|
2009-06-05
|
|
Pixelactivo 3.0 - Authentication Bypass
|
2 |
WEB
|
ThE g0bL!N
|
|
2009-06-05
|
|
Pixelactivo 3.0 - 'idx' SQL Injection
|
2 |
WEB
|
snakespc
|
|
2009-06-04
|
|
Host Directory PRO 2.1.0 - Remote Change Admin Password
|
2 |
WEB
|
TiGeR-Dz
|
|
2009-06-04
|
|
Web Directory PRO - Remote Database Backup
|
2 |
WEB
|
TiGeR-Dz
|
|
2009-06-04
|
|
Host Directory PRO 2.1.0 - Remote Database Backup
|
1 |
WEB
|
ZoRLu
|
|
2009-06-04
|
|
Web Directory PRO - 'Admins.php' Change Admin Password
|
2 |
WEB
|
TiGeR-Dz
|
|
2009-06-04
|
|
SuperCali PHP Event Calendar - Arbitrary Change Admin Password
|
2 |
WEB
|
TiGeR-Dz
|
|
2009-06-03
|
|
Joomla! Component com_mosres - Multiple SQL Injections
|
2 |
WEB
|
Chip d3 bi0s
|
|
2009-06-03
|
|
Movie PHP Script 2.0 - 'init.php?anticode' Code Execution
|
2 |
WEB
|
SirGod
|
|
2009-06-03
|
|
Joomla! Component Omilen Photo Gallery 0.5b - Local File Inclusion
|
2 |
WEB
|
ByALBAYX
|
|
2009-06-03
|
|
Supernews 2.6 - 'index.php?noticia' SQL Injection
|
2 |
WEB
|
DD3str0y3r
|
|
2009-06-03
|
|
OCS Inventory NG 1.02 - Remote File Disclosure
|
2 |
WEB
|
Nico Leidecker
|
