|
2009-06-03
|
|
Joomla! Component Seminar 1.28 - 'id' Blind SQL Injection
|
1 |
WEB
|
ThE g0bL!N
|
|
2009-06-03
|
|
Podcast Generator 1.2 - Unauthorized Re-Installation
|
2 |
WEB
|
StAkeR
|
|
2009-06-03
|
|
EgyPlus 7ml 1.0.1 - Authentication Bypass
|
2 |
WEB
|
Qabandi
|
|
2009-06-03
|
|
My Mini Bill - 'orderid' SQL Injection
|
2 |
WEB
|
ThE g0bL!N
|
|
2009-06-02
|
|
Podcast Generator 1.2 - 'GLOBALS[]' Multiple Vulnerabilities
|
2 |
WEB
|
StAkeR
|
|
2009-06-02
|
|
WebEyes Guest Book 3 - 'yorum.asp?mesajid' SQL Injection
|
2 |
WEB
|
Bl@ckbe@rD
|
|
2009-06-02
|
|
propertymax pro free - SQL Injection / Cross-Site Scripting
|
1 |
WEB
|
SirGod
|
|
2009-06-02
|
|
WebCal - 'webCal3_detail.asp?event_id' SQL Injection
|
1 |
WEB
|
Bl@ckbe@rD
|
|
2009-06-02
|
|
flashlight free edition - Local File Inclusion / SQL Injection
|
1 |
WEB
|
K4m1k451
|
|
2009-06-02
|
|
Alstrasoft Article Manager Pro - Arbitrary File Upload
|
0 |
WEB
|
ZoRLu
|
|
2009-06-02
|
|
Online Grades & Attendance 3.2.6 - Blind SQL Injection
|
0 |
WEB
|
YEnH4ckEr
|
|
2009-06-02
|
|
Online Grades & Attendance 3.2.6 - Multiple Local File Inclusions
|
0 |
WEB
|
YEnH4ckEr
|
|
2009-06-01
|
|
ASP Football Pool 2.3 - Remote Database Disclosure
|
0 |
WEB
|
ByALBAYX
|
|
2009-06-01
|
|
AdaptBB 1.0 - 'forumspath' Remote File Inclusion
|
1 |
WEB
|
Mehmet Ince
|
|
2009-06-01
|
|
PAD Site Scripts 3.6 - Arbitrary Database Backup
|
1 |
WEB
|
TiGeR-Dz
|
|
2009-06-01
|
|
R2 NewsLetter Lite/Pro/Stats - 'admin.mdb' Database Disclosure
|
1 |
WEB
|
TiGeR-Dz
|
|
2009-06-01
|
|
ecsportal rel 6.5 - 'article_view_photo.php?id' SQL Injection
|
1 |
WEB
|
taRentReXx
|
|
2009-06-01
|
|
Joomla! Component Joomlaequipment (com_juser) 2.0.4 - SQL Injection
|
1 |
WEB
|
Chip d3 bi0s
|
|
2009-06-01
|
|
Online Grades & Attendance 3.2.6 - Multiple SQL Injections
|
1 |
WEB
|
YEnH4ckEr
|
|
2009-06-01
|
|
Online Grades & Attendance 3.2.6 - Credentials Changer SQL
|
1 |
WEB
|
YEnH4ckEr
|
|
2009-06-01
|
|
unclassified NewsBoard 1.6.4 - Multiple Vulnerabilities
|
1 |
WEB
|
girex
|
|
2009-06-01
|
|
Escon SupportPortal Pro 3.0 - 'tid' Blind SQL Injection
|
1 |
WEB
|
OzX
|
|
2009-06-01
|
|
Open-school 1.0 - 'id' SQL Injection
|
0 |
WEB
|
OzX
|
|
2009-06-01
|
|
elitecms 1.01 - SQL Injection / Cross-Site Scripting
|
2 |
WEB
|
xeno_hive
|
|
2009-06-01
|
|
OCS Inventory NG 1.02 - Multiple SQL Injections
|
2 |
WEB
|
Nico Leidecker
|
|
2009-06-01
|
|
RadCLASSIFIEDS Gold 2 - 'seller' SQL Injection
|
2 |
WEB
|
Br0ly
|
|
2009-05-29
|
|
Traidnt Up 2.0 - Cookie Authentication Bypass
|
2 |
WEB
|
Qabandi
|
|
2009-05-29
|
|
Million Dollar Text Links 1.0 - 'id' SQL Injection
|
2 |
WEB
|
Qabandi
|
|
2009-05-29
|
|
ZeusCart 2.3 - 'maincatid' SQL Injection
|
2 |
WEB
|
Br0ly
|
|
2009-05-29
|
|
Arab Portal 2.2 - Authentication Bypass
|
2 |
WEB
|
sniper code
|
|
2009-05-29
|
|
ecshop 2.6.2 - Multiple Remote Command Execution Vulnerabilities
|
2 |
WEB
|
Securitylab.ir
|
|
2009-05-29
|
|
Zen Help Desk 2.1 - Authentication Bypass
|
1 |
WEB
|
TiGeR-Dz
|
|
2009-05-29
|
|
212Cafe WebBoard 2.90 Beta - Remote File Disclosure
|
1 |
WEB
|
MrDoug
|
|
2009-05-29
|
|
Joomla! Component JVideo 0.3.x - SQL Injection
|
1 |
WEB
|
Chip d3 bi0s
|
|
2009-05-29
|
|
amember 3.1.7 - Cross-Site Scripting / SQL Injection / HTML Injection
|
1 |
WEB
|
intern0t
|
|
2009-05-29
|
|
small pirate 2.1 - Cross-Site Scripting / SQL Injection
|
1 |
WEB
|
YEnH4ckEr
|
|
2009-05-27
|
|
Impact Software AdPeeps 8.5d1 - Cross-Site Scripting / HTML Injection
|
1 |
WEB
|
intern0t
|
|
2009-05-27
|
|
Evernew Free Joke Script 1.2 - 'cat_id' SQL Injection
|
1 |
WEB
|
taRentReXx
|
|
2009-05-27
|
|
SiteX 0.7.4.418 - 'THEME_FOLDER' Local File Inclusion
|
0 |
WEB
|
ahmadbady
|
|
2009-05-27
|
|
Easy Px 41 CMS 09.00.00B1 - 'fiche' Local File Inclusion
|
0 |
WEB
|
ThE g0bL!N
|
|
2009-05-27
|
|
Joomla! Component AgoraGroup 0.3.5.3 - Blind SQL Injection
|
0 |
WEB
|
Chip d3 bi0s
|
|
2009-05-27
|
|
Million Dollar Text Links 1.x - Insecure Cookie Handling
|
0 |
WEB
|
HxH
|
|
2009-05-26
|
|
Dokuwiki 2009-02-14 - Temporary/Remote File Inclusion
|
0 |
WEB
|
Nine:Situations:Group
|
|
2009-05-26
|
|
Joomla! Component Com_Agora 3.0.0 RC1 - Arbitrary File Upload
|
1 |
WEB
|
ByALBAYX
|
|
2009-05-26
|
|
WebMember 1.0 - 'formID' SQL Injection
|
1 |
WEB
|
KIM
|
|
2009-05-26
|
|
ZeeCareers 2.0 - 'addAdminmembercode.php' Arbitrary Add Admin
|
2 |
WEB
|
x.CJP.x
|
|
2009-05-26
|
|
phpBugTracker 1.0.3 - Authentication Bypass
|
2 |
WEB
|
ByALBAYX
|
|
2009-05-26
|
|
ShaadiClone 2.0 - 'addAdminmembercode.php' Arbitrary Add Admin
|
2 |
WEB
|
x.CJP.x
|
|
2009-05-26
|
|
Flash Image Gallery 1.1 - Arbitrary Configuration File Disclosure
|
2 |
WEB
|
DarkbiteX
|
|
2009-05-26
|
|
MyForum 1.3 - Authentication Bypass
|
2 |
WEB
|
ThE g0bL!N
|
|
2009-05-26
|
|
Kensei Board 2.0.0b - Multiple SQL Injections
|
2 |
WEB
|
cOndemned
|
|
2009-05-26
|
|
Joomla! Component com_rsgallery2 1.14.x/2.x - Remote Backdoor Access
|
2 |
WEB
|
Jan Van Niekerk
|
|
2009-05-26
|
|
roomphplanning 1.6 - Multiple Vulnerabilities
|
2 |
WEB
|
ThE g0bL!N
|
|
2009-05-26
|
|
Gallarific - 'user.php' Arbirary Change Admin Information
|
2 |
WEB
|
TiGeR-Dz
|
|
2009-05-26
|
|
Ultimate Media Script 2.0 - Remote Change Content
|
0 |
WEB
|
ThE g0bL!N
|
|
2009-05-26
|
|
eZoneScripts Hotornot2 Script - (Authentication Bypass) Multiple Remote Vulnerabilities
|
1 |
WEB
|
sniper code
|
|
2009-05-26
|
|
Webradev Download Protect 1.0 - Remote File Inclusion
|
1 |
WEB
|
asL-Sabia
|
|
2009-05-26
|
|
WordPress Plugin Lytebox - 'wp-lytebox' Local File Inclusion
|
2 |
WEB
|
TurkGuvenligi
|
|
2009-05-26
|
|
CPCommerce 1.2.x - 'GLOBALS[prefix]' Arbitrary File Inclusion
|
1 |
WEB
|
StAkeR
|
|
2009-05-26
|
|
Mole Adult Portal Script - 'profile.php?user_id' SQL Injection
|
1 |
WEB
|
Qabandi
|
|
2009-05-26
|
|
MyFirstCMS 1.0.2 - Arbitrary File Delete
|
1 |
WEB
|
darkjoker
|
|
2009-05-26
|
|
Cute Editor ASP.NET - Remote File Disclosure
|
1 |
WEB
|
Securitylab.ir
|
|
2009-05-26
|
|
vBulletin vbBux/vbPlaza 2.x - 'vbplaza.php' Blind SQL Injection
|
1 |
WEB
|
Cold Zero
|
|
2009-05-26
|
|
Dokuwiki 2009-02-14 - Local File Inclusion
|
2 |
WEB
|
girex
|
|
2009-05-26
|
|
Joomla! Component Boy Scout Advancement 0.3 - 'id' SQL Injection
|
2 |
WEB
|
YEnH4ckEr
|
|
2009-05-26
|
|
minitwitter 0.3-beta - SQL Injection / Cross-Site Scripting
|
2 |
WEB
|
YEnH4ckEr
|
|
2009-05-22
|
|
photovideotube 1.11 - Multiple Vulnerabilities
|
2 |
WEB
|
Hakxer
|
|
2009-05-22
|
|
Mole Group Restaurant Directory Script 3.0 - Change Admin Password
|
2 |
WEB
|
G4N0K
|
|
2009-05-22
|
|
Mole Group Sky Hunter/Bus Ticket Scripts - Change Admin Password
|
2 |
WEB
|
G4N0K
|
|
2009-05-22
|
|
ZaoCMS (PhpCommander) - Arbitrary File Upload
|
2 |
WEB
|
Qabandi
|
|
2009-05-22
|
|
ZaoCMS - 'user_updated.php' Remote Change Password
|
2 |
WEB
|
ThE g0bL!N
|
|
2009-05-22
|
|
ZaoCMS - 'user_id' SQL Injection
|
1 |
WEB
|
Qabandi
|
|
2009-05-22
|
|
Tutorial Share 3.5.0 - Insecure Cookie Handling
|
1 |
WEB
|
Evil-Cod3r
|
|
2009-05-21
|
|
ZaoCMS - 'download.php' Remote File Disclosure
|
2 |
WEB
|
ThE g0bL!N
|
|
2009-05-21
|
|
ZaoCMS - Insecure Cookie Handling
|
2 |
WEB
|
ThE g0bL!N
|
|
2009-05-21
|
|
Article Directory - 'page.php' Blind SQL Injection
|
2 |
WEB
|
ThE g0bL!N
|
|
2009-05-21
|
|
Article Directory - Authentication Bypass
|
2 |
WEB
|
Hakxer
|
|
2009-05-21
|
|
Flash Quiz Beta 2 - Multiple SQL Injections
|
2 |
WEB
|
YEnH4ckEr
|
|
2009-05-21
|
|
asp inline Corporate Calendar - SQL Injection / Cross-Site Scripting
|
2 |
WEB
|
Bl@ckbe@rD
|
|
2009-05-21
|
|
VICIDIAL 2.0.5-173 - Authentication Bypass
|
2 |
WEB
|
Striker7
|
|
2009-05-20
|
|
Jorp 1.3.05.09 - Arbitrary Remove Projects/Tasks
|
2 |
WEB
|
YEnH4ckEr
|
|
2009-05-20
|
|
bSpeak 1.10 - 'forumid' Blind SQL Injection
|
1 |
WEB
|
snakespc
|
|
2009-05-20
|
|
PHP Article Publisher - Arbitrary Authentication Bypass
|
2 |
WEB
|
ThE g0bL!N
|
|
2009-05-20
|
|
DMXReady Registration Manager 1.1 - Arbitrary File Upload
|
2 |
WEB
|
Securitylab.ir
|
|
2009-05-20
|
|
Realty Web-Base 1.0 - 'list_list.php?id' SQL Injection
|
2 |
WEB
|
ThE g0bL!N
|
|
2009-05-20
|
|
NC LinkList 1.3.1 - Remote Command Injection
|
1 |
WEB
|
ThE g0bL!N
|
|
2009-05-20
|
|
NC GBook 1.0 - Remote Command Injection
|
1 |
WEB
|
ThE g0bL!N
|
|
2009-05-20
|
|
Catviz 0.4.0 beta1 - Local File Inclusion / Cross-Site Scripting
|
1 |
WEB
|
ByALBAYX
|
|
2009-05-20
|
|
Exjune Officer Message System 1 - Multiple Vulnerabilities
|
2 |
WEB
|
ByALBAYX
|
|
2009-05-20
|
|
Joomla! Component Casino 0.3.1 - Multiple SQL Injections s
|
2 |
WEB
|
ByALBAYX
|
|
2009-05-19
|
|
DM FileManager 3.9.2 - Authentication Bypass
|
2 |
WEB
|
snakespc
|
|
2009-05-19
|
|
Dog Pedigree Online Database 1.0.1b - Blind SQL Injection
|
2 |
WEB
|
YEnH4ckEr
|
|
2009-05-19
|
|
Dog Pedigree Online Database 1.0.1b - Insecure Cookie Handling
|
1 |
WEB
|
YEnH4ckEr
|
|
2009-05-19
|
|
Dog Pedigree Online Database 1.0.1b - Multiple SQL Injections
|
0 |
WEB
|
YEnH4ckEr
|
|
2009-05-19
|
|
vidshare pro - SQL Injection / Cross-Site Scripting
|
0 |
WEB
|
snakespc
|
|
2009-05-19
|
|
Coppermine Photo Gallery 1.4.22 - SQL Injection
|
1 |
WEB
|
girex
|
|
2009-05-19
|
|
PAD Site Scripts 3.6 - Insecure Cookie Handling
|
1 |
WEB
|
Mr.tro0oqy
|
|
2009-05-19
|
|
Namad (IMenAfzar) 2.0.0.0 - Remote File Disclosure
|
1 |
WEB
|
Securitylab.ir
|
|
2009-05-19
|
|
Joomla! Component com_gsticketsystem - 'catid' Blind SQL Injection
|
1 |
WEB
|
InjEctOr5
|
|
2009-05-19
|
|
VidShare Pro - Arbitrary File Upload
|
1 |
WEB
|
InjEctOr5
|
|
2009-05-18
|
|
PHP Article Publisher - Remote Change Admin Password
|
2 |
WEB
|
ahmadbady
|
|
2009-05-18
|
|
DGNews 3.0 Beta - 'id' SQL Injection
|
1 |
WEB
|
Cyber-Zone
|
|
2009-05-18
|
|
MaxCMS 2.0 - '/inc/ajax.asp' SQL Injection
|
2 |
WEB
|
Securitylab.ir
|
|
2009-05-18
|
|
Jieqi CMS 1.5 - Remote Code Execution
|
2 |
WEB
|
Securitylab.ir
|
|
2009-05-18
|
|
LightOpenCMS 0.1 - 'id' SQL Injection
|
2 |
WEB
|
Mi4night
|
|
2009-05-18
|
|
Dana Portal - Remote Change Admin Password
|
1 |
WEB
|
Abysssec
|
|
2009-05-18
|
|
douran portal 3.9.0.23 - Multiple Vulnerabilities
|
2 |
WEB
|
Abysssec
|
|
2009-05-18
|
|
ClanWeb 1.4.2 - Remote Change Password / Add Admin
|
2 |
WEB
|
ahmadbady
|
|
2009-05-18
|
|
Pluck CMS 4.6.2 - 'langpref' Local File Inclusion
|
2 |
WEB
|
ahmadbady
|
|
2009-05-18
|
|
Flyspeck CMS 6.8 - Local/Remote File Inclusion / Change Add Admin
|
2 |
WEB
|
ahmadbady
|
|
2009-05-18
|
|
coppermine photo Gallery 1.4.22 - Multiple Vulnerabilities
|
2 |
WEB
|
girex
|
|
2009-05-18
|
|
Online Rental Property Script 5.0 - 'pid' SQL Injection
|
2 |
WEB
|
UnderTaker HaCkEr
|
|
2009-05-18
|
|
PHP Dir Submit - Authentication Bypass
|
2 |
WEB
|
snakespc
|
|
2009-05-18
|
|
Pc4Uploader 9.0 - Blind SQL Injection
|
2 |
WEB
|
Qabandi
|
|
2009-05-15
|
|
my-gesuad 0.9.14 - Authentication Bypass / SQL Injection / Cross-Site Scripting
|
2 |
WEB
|
YEnH4ckEr
|
|
2009-05-15
|
|
my-colex 1.4.2 - Authentication Bypass / SQL Injection / Cross-Site Scripting
|
2 |
WEB
|
YEnH4ckEr
|
|
2009-05-15
|
|
PHPenpals 1.1 - 'mail.php?ID' SQL Injection
|
2 |
WEB
|
Br0ly
|
|
2009-05-15
|
|
DMXReady Registration Manager 1.1 - Database Disclosure
|
2 |
WEB
|
S4S-T3rr0r!sT
|
|
2009-05-15
|
|
2DayBiz Custom T-shirt Design - SQL Injection / Cross-Site Scripting
|
2 |
WEB
|
snakespc
|
|
2009-05-15
|
|
Rama CMS 0.9.8 - 'download.php' File Disclosure
|
2 |
WEB
|
Br0ly
|
|
2009-05-15
|
|
Harland Scripts 11 - Products Remote Command Execution
|
2 |
WEB
|
G4N0K
|
|
2009-05-15
|
|
Joomla! Component ArtForms 2.1 b7 - Remote File Inclusion
|
1 |
WEB
|
iskorpitx
|
|
2009-05-14
|
|
MRCGIGUY Top Sites 1.0.0 - Insecure Cookie Handling
|
1 |
WEB
|
ThE g0bL!N
|
|
2009-05-14
|
|
MRCGIGUY SimpLISTic SQL 2.0.0 - Insecure Cookie Handling
|
1 |
WEB
|
ThE g0bL!N
|
|
2009-05-14
|
|
2DayBiz Template Monster Clone - 'edituser.php' Change Pass
|
1 |
WEB
|
TiGeR-Dz
|
