|
2008-12-29
|
|
eDContainer 2.22 - Local File Inclusion
|
1 |
WEB
|
GoLd_M
|
|
2008-12-29
|
|
eDNews 2.0 - Local File Inclusion
|
1 |
WEB
|
GoLd_M
|
|
2008-12-29
|
|
webClassifieds 2005 - Authentication Bypass
|
1 |
WEB
|
AnGeL25dZ
|
|
2008-12-28
|
|
Silentum LoginSys 1.0.0 - Insecure Cookie Handling
|
1 |
WEB
|
Osirys
|
|
2008-12-28
|
|
Flexphplink Pro - Arbitrary File Upload
|
1 |
WEB
|
Osirys
|
|
2008-12-28
|
|
ForumApp 3.3 - Remote Database Disclosure
|
1 |
WEB
|
Cyber.Zer0
|
|
2008-12-28
|
|
PHP-Fusion Mod TI - 'id' SQL Injection
|
1 |
WEB
|
Khashayar Fereidani
|
|
2008-12-28
|
|
OwenPoll 1.0 - Insecure Cookie Handling
|
2 |
WEB
|
Osirys
|
|
2008-12-28
|
|
Alstrasoft Web Email Script Enterprise - 'id' SQL Injection
|
1 |
WEB
|
Bgh7
|
|
2008-12-28
|
|
FubarForum 1.6 - Arbitrary Authentication Bypass
|
2 |
WEB
|
k3yv4n
|
|
2008-12-28
|
|
DeluxeBB 1.2 - Blind SQL Injection
|
1 |
WEB
|
StAkeR
|
|
2008-12-28
|
|
Joomla! Component PAX Gallery 0.1 - Blind SQL Injection
|
2 |
WEB
|
XaDoS
|
|
2008-12-28
|
|
Miniweb 2.0 - Authentication Bypass
|
1 |
WEB
|
bizzit
|
|
2008-12-24
|
|
BloofoxCMS 0.3.4 - 'lang' Local File Inclusion
|
2 |
WEB
|
fuzion
|
|
2008-12-24
|
|
ClaSS 0.8.60 - 'export.php' Local File Inclusion
|
1 |
WEB
|
fuzion
|
|
2008-12-24
|
|
PHP-Fusion 7.0.2 - Blind SQL Injection
|
1 |
WEB
|
StAkeR
|
|
2008-12-24
|
|
Joomla! Component 5starhotels - SQL Injection
|
1 |
WEB
|
EcHoLL
|
|
2008-12-24
|
|
Joomla! Component mDigg 2.2.8 - 'category' SQL Injection
|
1 |
WEB
|
boom3rang
|
|
2008-12-24
|
|
Joomla! Component Live Ticker 1.0 - Blind SQL Injection
|
1 |
WEB
|
boom3rang
|
|
2008-12-24
|
|
Joomla! Component Ice Gallery 0.5b2 - 'catid' Blind SQL Injection
|
1 |
WEB
|
boom3rang
|
|
2008-12-24
|
|
ILIAS 3.7.4 - 'ref_id' Blind SQL Injection
|
1 |
WEB
|
Lidloses_Auge
|
|
2008-12-24
|
|
doop CMS 1.4.0b - Cross-Site Request Forgery / Arbitrary File Upload
|
1 |
WEB
|
x0r
|
|
2008-12-23
|
|
Joomla! Component com_allhotels - Blind SQL Injection
|
1 |
WEB
|
Hussin X
|
|
2008-12-23
|
|
Joomla! Component com_lowcosthotels - Blind SQL Injection
|
1 |
WEB
|
Hussin X
|
|
2008-12-23
|
|
StormBoard 1.0.1 - SQL Injection
|
1 |
WEB
|
Samir-M
|
|
2008-12-23
|
|
phpEmployment - 'PHP Upload' Arbitrary File Upload
|
1 |
WEB
|
ahmadbady
|
|
2008-12-23
|
|
PHPAdBoard - PHP uploads Arbitrary File Upload
|
1 |
WEB
|
ahmadbady
|
|
2008-12-23
|
|
phpGreetCards - Cross-Site Scripting / Arbitrary File Upload
|
0 |
WEB
|
ahmadbady
|
|
2008-12-23
|
|
CMS NetCat 3.12 - Multiple Vulnerabilities
|
2 |
WEB
|
s4avrd0w
|
|
2008-12-23
|
|
CMS NetCat 3.12 - 'password_recovery.php' Blind SQL Injection
|
2 |
WEB
|
s4avrd0w
|
|
2008-12-23
|
|
PHPLD 3.3 - Blind SQL Injection
|
2 |
WEB
|
fuzion
|
|
2008-12-23
|
|
PHPmotion 2.1 - Cross-Site Request Forgery
|
2 |
WEB
|
Ausome1
|
|
2008-12-22
|
|
Roundcube Webmail 0.2b - Remote Code Execution
|
2 |
WEB
|
Hunger
|
|
2008-12-22
|
|
REDPEACH CMS - SQL Injection
|
2 |
WEB
|
Lidloses_Auge
|
|
2008-12-22
|
|
Calendar Script 1.1 - Authentication Bypass
|
2 |
WEB
|
StAkeR
|
|
2008-12-22
|
|
Roundcube Webmail 0.2-3 Beta - Code Execution
|
1 |
WEB
|
Jacobo Avariento
|
|
2008-12-22
|
|
SolarCMS 0.53.8 - 'Forum' Remote Cookies Disclosure
|
1 |
WEB
|
StAkeR
|
|
2008-12-22
|
|
Joomla! Component Volunteer 2.0 - SQL Injection
|
1 |
WEB
|
boom3rang
|
|
2008-12-22
|
|
yourplace 1.0.2 - Multiple Vulnerabilities / Remote Code Execution
|
1 |
WEB
|
Osirys
|
|
2008-12-22
|
|
Pligg 9.9.5b - Arbitrary File Upload / SQL Injection
|
1 |
WEB
|
Ams
|
|
2008-12-22
|
|
WordPress Plugin Page Flip Image Gallery 0.2.2 - Remote File Disclosure
|
1 |
WEB
|
GoLd_M
|
|
2008-12-22
|
|
Text Lines Rearrange Script - 'Filename' File Disclosure
|
1 |
WEB
|
SirGod
|
|
2008-12-22
|
|
RSS Simple News - SQL Injection
|
1 |
WEB
|
Piker
|
|
2008-12-21
|
|
phpg 1.6 - Cross-Site Scripting / Full Path Disclosure / Denial of Service
|
1 |
WEB
|
Anarchy Angel
|
|
2008-12-21
|
|
Joomla! Component com_tophotelmodule 1.0 - Blind SQL Injection
|
1 |
WEB
|
boom3rang
|
|
2008-12-21
|
|
Joomla! Component com_hbssearch 1.0 - Blind SQL Injection
|
2 |
WEB
|
boom3rang
|
|
2008-12-21
|
|
BLOG 1.55B - 'image_upload.php' Arbitrary File Upload
|
1 |
WEB
|
Piker
|
|
2008-12-21
|
|
Emefa Guestbook 3.0 - Remote Database Disclosure
|
2 |
WEB
|
Cyber.Zer0
|
|
2008-12-21
|
|
Chicomas 2.0.4 - Database Backup / File Disclosure / Cross-Site Scripting
|
2 |
WEB
|
BugReport.IR
|
|
2008-12-21
|
|
ReVou Twitter Clone - Arbitrary File Upload
|
1 |
WEB
|
S.W.A.T.
|
|
2008-12-21
|
|
Userlocator 3.0 - Blind SQL Injection
|
1 |
WEB
|
katharsis
|
|
2008-12-19
|
|
Constructr CMS 3.02.5 stable - Multiple Vulnerabilities
|
1 |
WEB
|
fuzion
|
|
2008-12-19
|
|
OneOrZero helpdesk 1.6.x. - Arbitrary File Upload
|
1 |
WEB
|
Ams
|
|
2008-12-19
|
|
FreeLyrics 1.0 - Remote File Disclosure
|
1 |
WEB
|
Piker
|
|
2008-12-19
|
|
myPHPscripts Login Session 2.0 - Cross-Site Scripting / Database Disclosure
|
1 |
WEB
|
Osirys
|
|
2008-12-19
|
|
Extract Website - 'Filename' File Disclosure
|
1 |
WEB
|
Cold Zero
|
|
2008-12-19
|
|
Online Keyword Research Tool - 'download.php' File Disclosure
|
1 |
WEB
|
Cold Zero
|
|
2008-12-19
|
|
ReVou Twitter Clone - Admin Password Change
|
1 |
WEB
|
G4N0K
|
|
2008-12-19
|
|
MyPBS - 'seasonID' SQL Injection
|
1 |
WEB
|
Piker
|
|
2008-12-18
|
|
MyPHPsite - Local File Inclusion
|
2 |
WEB
|
Piker
|
|
2008-12-18
|
|
Gobbl CMS 1.0 - Insecure Cookie Handling
|
2 |
WEB
|
x0r
|
|
2008-12-18
|
|
Injader CMS 2.1.1 - 'id' SQL Injection
|
1 |
WEB
|
fuzion
|
|
2008-12-18
|
|
phpclanwebsite 1.23.3 fix pack #5 - Multiple Vulnerabilities
|
1 |
WEB
|
s4avrd0w
|
|
2008-12-18
|
|
I-Rater Basic - SQL Injection
|
1 |
WEB
|
boom3rang
|
|
2008-12-18
|
|
Calendar Script 1.1 - Insecure Cookie Handling
|
1 |
WEB
|
Osirys
|
|
2008-12-18
|
|
2532/Gigs 1.2.2 Stable - Remote Command Execution
|
1 |
WEB
|
StAkeR
|
|
2008-12-18
|
|
2532/Gigs 1.2.2 Stable - Remote Authentication Bypass
|
1 |
WEB
|
StAkeR
|
|
2008-12-18
|
|
2532/Gigs 1.2.2 Stable - Multiple Vulnerabilities
|
1 |
WEB
|
Osirys
|
|
2008-12-18
|
|
Mini File Host 1.x - Arbitrary '.PHP' File Upload
|
1 |
WEB
|
Pouya_Server
|
|
2008-12-17
|
|
QuickerSite Easy CMS - Database Disclosure
|
2 |
WEB
|
AlpHaNiX
|
|
2008-12-17
|
|
Lizardware CMS 0.6.0 - Blind SQL Injection
|
2 |
WEB
|
StAkeR
|
|
2008-12-17
|
|
TinyMCE 2.0.1 - 'menuID' SQL Injection
|
2 |
WEB
|
AnGeL25dZ
|
|
2008-12-17
|
|
Joomla! Component Tech Article 1.x - SQL Injection
|
2 |
WEB
|
InjEctOr5
|
|
2008-12-17
|
|
r.cms 2.0 - Multiple SQL Injections
|
2 |
WEB
|
Lidloses_Auge
|
|
2008-12-17
|
|
K&S Shopsysteme - Arbitrary File Upload
|
1 |
WEB
|
mNt
|
|
2008-12-17
|
|
BP Blog 6.0/7.0/8.0/9.0 - Remote Database Disclosure
|
2 |
WEB
|
Dxil
|
|
2008-12-17
|
|
RSMScript 1.21 - Cross-Site Scripting / Insecure Cookie Handling
|
2 |
WEB
|
Osirys
|
|
2008-12-16
|
|
Gnews Publisher .NET - SQL Injection
|
2 |
WEB
|
AlpHaNiX
|
|
2008-12-16
|
|
Zelta E Store - Arbitrary File Upload / Bypass / SQL Injection / Blind SQL Injection
|
2 |
WEB
|
ZoRLu
|
|
2008-12-16
|
|
Liberum Help Desk 0.97.3 - SQL Injection / File Disclosure
|
2 |
WEB
|
Cold Zero
|
|
2008-12-16
|
|
Nukedit 4.9.8 - Remote Database Disclosure
|
1 |
WEB
|
Cyber.Zer0
|
|
2008-12-16
|
|
Aiyoota! CMS - Blind SQL Injection
|
1 |
WEB
|
Lidloses_Auge
|
|
2008-12-16
|
|
FLDS 1.2a - 'report.php' SQL Injection
|
1 |
WEB
|
ka0x
|
|
2008-12-16
|
|
Web Wiz Guestbook 8.21 - Database Disclosure
|
1 |
WEB
|
Cold Zero
|
|
2008-12-16
|
|
FaScript FaUpload - SQL Injection
|
1 |
WEB
|
Aria-Security Team
|
|
2008-12-15
|
|
Click&Rank - SQL Injection / Cross-Site Scripting
|
1 |
WEB
|
AlpHaNiX
|
|
2008-12-15
|
|
clickandemail - SQL Injection / Cross-Site Scripting
|
1 |
WEB
|
AlpHaNiX
|
|
2008-12-15
|
|
Click&BaneX - Multiple SQL Injections
|
0 |
WEB
|
AlpHaNiX
|
|
2008-12-15
|
|
CFAGCMS 1 - SQL Injection
|
0 |
WEB
|
ZoRLu
|
|
2008-12-15
|
|
Aperto Blog 0.1.1 - Local File Inclusion / SQL Injection
|
0 |
WEB
|
NoGe
|
|
2008-12-15
|
|
WorkSimple 1.2.1 - Remote File Inclusion / Sensitive Data Disclosure
|
0 |
WEB
|
Osirys
|
|
2008-12-15
|
|
CadeNix - SQL Injection
|
1 |
WEB
|
HaCkeR_EgY
|
|
2008-12-15
|
|
XOOPS Module Amevents - SQL Injection
|
1 |
WEB
|
nétRoot
|
|
2008-12-15
|
|
The Rat CMS Alpha 2 - Authentication Bypass
|
1 |
WEB
|
x0r
|
|
2008-12-15
|
|
Mediatheka 4.2 - Blind SQL Injection
|
1 |
WEB
|
StAkeR
|
|
2008-12-15
|
|
BabbleBoard 1.1.6 - Cross-Site Request Forgery/Cookie Grabber
|
1 |
WEB
|
SirGod
|
|
2008-12-15
|
|
FLDS 1.2a - 'lpro.php' SQL Injection
|
0 |
WEB
|
nuclear
|
|
2008-12-15
|
|
EZ Publish < 3.9.5/3.10.1/4.0.1 - 'token' Privilege Escalation
|
0 |
WEB
|
s4avrd0w
|
|
2008-12-15
|
|
CodeAvalanche RateMySite - Database Disclosure
|
0 |
WEB
|
Pouya_Server
|
|
2008-12-15
|
|
CodeAvalanche Articles - Database Disclosure
|
1 |
WEB
|
Pouya_Server
|
|
2008-12-15
|
|
CodeAvalanche FreeWallpaper - Remote Database Disclosure
|
1 |
WEB
|
Pouya_Server
|
|
2008-12-15
|
|
CodeAvalanche FreeForAll - Database Disclosure
|
1 |
WEB
|
Pouya_Server
|
|
2008-12-15
|
|
CodeAvalanche Directory - Database Disclosure
|
1 |
WEB
|
Pouya_Server
|
|
2008-12-15
|
|
Forest Blog 1.3.2 - Remote Database Disclosure
|
1 |
WEB
|
Cold Zero
|
|
2008-12-14
|
|
isweb CMS 3.0 - SQL Injection / Cross-Site Scripting
|
1 |
WEB
|
XaDoS
|
|
2008-12-14
|
|
ASPSiteWare RealtyListing 1.0/2.0 - SQL Injection
|
1 |
WEB
|
AlpHaNiX
|
|
2008-12-14
|
|
ASPSiteWare Automotive Dealer 1.0/2.0 - SQL Injection
|
1 |
WEB
|
AlpHaNiX
|
|
2008-12-14
|
|
ASPSiteWare Home Builder 1.0/2.0 - SQL Injection
|
1 |
WEB
|
AlpHaNiX
|
|
2008-12-14
|
|
Flatnux - html/JavaScript Injection Cookie Grabber
|
1 |
WEB
|
gmda
|
|
2008-12-14
|
|
CFAGCMS 1 - Remote File Inclusion
|
1 |
WEB
|
BeyazKurt
|
|
2008-12-14
|
|
Mediatheka 4.2 - 'lang' Local File Inclusion
|
1 |
WEB
|
Osirys
|
|
2008-12-14
|
|
AvailScript Classmate Script - Arbitrary File Upload
|
1 |
WEB
|
S.W.A.T.
|
|
2008-12-14
|
|
AvailScript Article Script - Arbitrary File Upload
|
1 |
WEB
|
S.W.A.T.
|
|
2008-12-14
|
|
The Rat CMS Alpha 2 - 'download.php' Priviledge Escalation
|
1 |
WEB
|
x0r
|
|
2008-12-14
|
|
FLDS 1.2a - 'redir.php' SQL Injection
|
1 |
WEB
|
nuclear
|
|
2008-12-14
|
|
PHP weather 2.2.2 - Local File Inclusion / Cross-Site Scripting
|
1 |
WEB
|
ahmadbady
|
|
2008-12-14
|
|
CodeAvalanche FreeForum - Database Disclosure
|
1 |
WEB
|
Ghost Hacker
|
|
2008-12-14
|
|
iyzi Forum 1.0b3 - Database Disclosure
|
1 |
WEB
|
Ghost Hacker
|
|
2008-12-14
|
|
autositephp 2.0.3 - Local File Inclusion / Cross-Site Request Forgery / Edit File
|
0 |
WEB
|
SirGod
|
|
2008-12-14
|
|
ASP-DEV Internal E-Mail System - Authentication Bypass
|
0 |
WEB
|
Pouya_Server
|
|
2008-12-14
|
|
ASPired2Quote - Remote Database Disclosure
|
0 |
WEB
|
Pouya_Server
|
|
2008-12-14
|
|
Discussion Web 4 - Remote Database Disclosure
|
0 |
WEB
|
Pouya_Server
|
|
2008-12-14
|
|
Simple Text-File Login script (SiTeFiLo) 1.0.6 - File Disclosure / Remote File Inclusion
|
1 |
WEB
|
Osirys
|
|
2008-12-14
|
|
FlexPHPNews 0.0.6 / PRO - Authentication Bypass
|
1 |
WEB
|
Osirys
|
|
2008-12-12
|
|
Joomla! Component live chat - SQL Injection / Open Proxy
|
1 |
WEB
|
jdc
|
