|
2008-10-25
|
|
Tlnews 2.2 - Insecure Cookie Handling
|
2 |
WEB
|
x0r
|
|
2008-10-24
|
|
BuzzyWall 1.3.1 - 'id' Remote File Disclosure
|
2 |
WEB
|
b3hz4d
|
|
2008-10-24
|
|
phpdaily - SQL Injection / Cross-Site Scripting / Local File Download
|
2 |
WEB
|
0xFFFFFF
|
|
2008-10-24
|
|
NEPT Image Uploader 1.0 - Arbitrary File Upload
|
1 |
WEB
|
Dentrasi
|
|
2008-10-24
|
|
Aj RSS Reader - 'url' SQL Injection
|
1 |
WEB
|
yassine_enp
|
|
2008-10-24
|
|
Joomla! Component Kbase 1.0 - SQL Injection
|
2 |
WEB
|
H!tm@N
|
|
2008-10-24
|
|
Joomla! Component archaic binary Gallery 0.2 - Directory Traversal
|
2 |
WEB
|
H!tm@N
|
|
2008-10-23
|
|
SiteEngine 5.x - Multiple Vulnerabilities
|
2 |
WEB
|
xy7
|
|
2008-10-23
|
|
WebSVN 2.0 - Cross-Site Scripting / File Handling / Code Execution
|
2 |
WEB
|
GulfTech Security
|
|
2008-10-23
|
|
miniPortail 2.2 - Cross-Site Scripting / Local File Inclusion
|
1 |
WEB
|
StAkeR
|
|
2008-10-23
|
|
MindDezign Photo Gallery 2.2 - Arbitrary Add Admin
|
1 |
WEB
|
CWH Underground
|
|
2008-10-23
|
|
MindDezign Photo Gallery 2.2 - SQL Injection
|
1 |
WEB
|
CWH Underground
|
|
2008-10-23
|
|
aflog 1.01 - Multiple Insecure Cookie Handling Vulnerabilities
|
2 |
WEB
|
JosS
|
|
2008-10-23
|
|
Joomla! Component RWCards 3.0.11 - Local File Inclusion
|
2 |
WEB
|
Vrs-hCk
|
|
2008-10-23
|
|
txtshop 1.0b (Windows) - 'Language' Local File Inclusion
|
1 |
WEB
|
Pepelux
|
|
2008-10-23
|
|
CSPartner 1.0 - Delete All Users / SQL Injection
|
1 |
WEB
|
StAkeR
|
|
2008-10-22
|
|
YDC - 'cat' SQL Injection
|
1 |
WEB
|
Hussin X
|
|
2008-10-22
|
|
DorsaCMS - 'ShowPage.aspx' SQL Injection
|
1 |
WEB
|
syst3m_f4ult
|
|
2008-10-22
|
|
Joomla! Component ionFiles 4.4.2 - File Disclosure
|
0 |
WEB
|
Vrs-hCk
|
|
2008-10-22
|
|
LoudBlog 0.8.0a - 'ajax.php' SQL Injection
|
0 |
WEB
|
Xianur0
|
|
2008-10-22
|
|
phpcrs 2.06 - 'importFunction' Local File Inclusion
|
0 |
WEB
|
Pepelux
|
|
2008-10-22
|
|
Iamma Simple Gallery 1.0/2.0 - Arbitrary File Upload
|
1 |
WEB
|
x0r
|
|
2008-10-22
|
|
Joomla! Component Daily Message 1.0.3 - 'id' SQL Injection
|
0 |
WEB
|
H!tm@N
|
|
2008-10-21
|
|
ShopMaker CMS 1.0 - 'id' SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-10-21
|
|
LightBlog 9.8 - 'GET' / 'POST' / 'COOKIE' Local File Inclusion
|
2 |
WEB
|
JosS
|
|
2008-10-21
|
|
Limbo CMS - Private Messaging Component SQL Injection
|
0 |
WEB
|
StAkeR
|
|
2008-10-20
|
|
XOOPS Module makale 0.26 - SQL Injection
|
2 |
WEB
|
EcHoLL
|
|
2008-10-20
|
|
Joomla! Component ds-syndicate - 'feed_id' SQL Injection
|
2 |
WEB
|
boom3rang
|
|
2008-10-19
|
|
e107 < 0.7.13 - 'usersettings.php' Blind SQL Injection
|
1 |
WEB
|
girex
|
|
2008-10-20
|
|
WBB Plugin rGallery 1.09 - 'itemID' Blind SQL Injection
|
1 |
WEB
|
Five-Three-Nine
|
|
2008-10-19
|
|
Vivvo CMS 3.4 - Multiple Vulnerabilities
|
1 |
WEB
|
Xianur0
|
|
2008-10-19
|
|
Yappa-ng 2.3.3-beta0 - 'album' Local File Inclusion
|
1 |
WEB
|
Vrs-hCk
|
|
2008-10-19
|
|
Fast Click SQL 1.1.7 Lite - 'init.php' Remote File Inclusion
|
1 |
WEB
|
NoGe
|
|
2008-10-18
|
|
PHP Easy Downloader 1.5 - Remote File Creation
|
1 |
WEB
|
StAkeR
|
|
2008-10-18
|
|
Nuke ET 3.4 - 'FCKeditor' Arbitrary File Upload
|
1 |
WEB
|
EgiX
|
|
2008-10-18
|
|
miniBloggie 1.0 - 'del.php' Blind SQL Injection
|
1 |
WEB
|
StAkeR
|
|
2008-10-18
|
|
Meeting Room Booking System (MRBS) < 1.4 - SQL Injection
|
1 |
WEB
|
Xianur0
|
|
2008-10-18
|
|
zeeproperty - 'adid' SQL Injection
|
1 |
WEB
|
Hussin X
|
|
2008-10-18
|
|
phpFastNews 1.0.0 - Insecure Cookie Handling
|
1 |
WEB
|
Qabandi
|
|
2008-10-18
|
|
XOOPS Module GesGaleri - SQL Injection
|
2 |
WEB
|
EcHoLL
|
|
2008-10-17
|
|
WordPress Plugin st_newsletter - 'stnl_iframe.php' SQL Injection
|
1 |
WEB
|
r45c4l
|
|
2008-10-16
|
|
Post Affiliate Pro 2.0 - 'md' Local File Inclusion
|
1 |
WEB
|
ZeN
|
|
2008-10-16
|
|
Calendars for the Web 4.02 - Admin Authentication Bypass
|
1 |
WEB
|
SecVuln
|
|
2008-10-16
|
|
PHP Easy Downloader 1.5 - 'file' File Disclosure
|
1 |
WEB
|
LMaster
|
|
2008-10-16
|
|
iGaming CMS 2.0 Alpha 1 - 'search.php' SQL Injection
|
1 |
WEB
|
StAkeR
|
|
2008-10-16
|
|
Mantis Bug Tracker 1.1.3 - Remote Code Execution
|
1 |
WEB
|
EgiX
|
|
2008-10-16
|
|
Kure 0.6.3 - 'index.php' Local File Inclusion
|
1 |
WEB
|
JosS
|
|
2008-10-16
|
|
PokerMax Poker League 0.13 - Insecure Cookie Handling
|
1 |
WEB
|
DaRkLiFe
|
|
2008-10-16
|
|
IP Reg 0.4 - Multiple SQL Injections
|
1 |
WEB
|
JosS
|
|
2008-10-16
|
|
Mic_blog 0.0.3 - SQL Injection / Privilege Escalation
|
1 |
WEB
|
StAkeR
|
|
2008-10-16
|
|
Mosaic Commerce - 'cid' SQL Injection
|
1 |
WEB
|
Ali Abbasi
|
|
2008-10-16
|
|
CafeEngine - Multiple SQL Injections
|
2 |
WEB
|
0xFFFFFF
|
|
2008-10-15
|
|
myEvent 1.6 - 'eventdate' SQL Injection
|
2 |
WEB
|
JosS
|
|
2008-10-15
|
|
mystats - 'hits.php' Multiple Vulnerabilities
|
0 |
WEB
|
JosS
|
|
2008-10-15
|
|
AstroSPACES 1.1.1 - 'id' SQL Injection
|
2 |
WEB
|
TurkishWarriorr
|
|
2008-10-14
|
|
PHPWebGallery 1.7.2 - Session Hijacking / Code Execution
|
1 |
WEB
|
EgiX
|
|
2008-10-14
|
|
My PHP Dating - 'id' SQL Injection
|
1 |
WEB
|
Hakxer
|
|
2008-10-14
|
|
SezHoo 0.1 - Remote File Inclusion
|
2 |
WEB
|
DaRkLiFe
|
|
2008-10-14
|
|
Nuked-klaN 1.7.7 / SP4.4 - Multiple Vulnerabilities
|
2 |
WEB
|
Charles Fol
|
|
2008-10-14
|
|
XOOPS Module xhresim - SQL Injection
|
1 |
WEB
|
EcHoLL
|
|
2008-10-14
|
|
WordPress Plugin WP Comment Remix 1.4.3 - SQL Injection
|
1 |
WEB
|
g30rg3_x
|
|
2008-10-13
|
|
IndexScript 3.0 - 'parent_id' SQL Injection
|
1 |
WEB
|
d3v1l
|
|
2008-10-13
|
|
ParsBlogger - 'links.asp' SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-10-13
|
|
LokiCMS 0.3.4 - 'admin.php' Create Local File Inclusion
|
2 |
WEB
|
JosS
|
|
2008-10-13
|
|
LokiCMS 0.3.4 - 'writeconfig()' Remote Command Execution
|
2 |
WEB
|
girex
|
|
2008-10-12
|
|
My PHP Indexer 1.0 - 'index.php' Local File Download
|
0 |
WEB
|
JosS
|
|
2008-10-12
|
|
NewLife Blogger 3.0 - Insecure Cookie Handling / SQL Injection
|
0 |
WEB
|
Pepelux
|
|
2008-10-12
|
|
LokiCMS 0.3.4 - 'index.php' Arbitrary Check File
|
1 |
WEB
|
JosS
|
|
2008-10-12
|
|
Real Estate Scripts 2008 - 'cat' SQL Injection
|
1 |
WEB
|
Hakxer
|
|
2008-10-12
|
|
Globsy 1.0 - Remote File Rewriting
|
1 |
WEB
|
StAkeR
|
|
2008-10-12
|
|
mini-pub 0.3 - Local Directory Traversal / File Disclosure
|
0 |
WEB
|
GoLd_M
|
|
2008-10-12
|
|
mini-pub 0.3 - File Disclosure / Code Execution
|
1 |
WEB
|
muuratsalo
|
|
2008-10-11
|
|
Absolute Poll Manager XE 4.1 - 'xlacomments.asp' SQL Injection
|
1 |
WEB
|
Hakxer
|
|
2008-10-11
|
|
Joomla! Component ownbiblio 1.5.3 - 'catid' SQL Injection
|
1 |
WEB
|
H!tm@N
|
|
2008-10-10
|
|
SlimCMS 1.0.0 - 'redirect.php' Privilege Escalation
|
0 |
WEB
|
StAkeR
|
|
2008-10-10
|
|
Easynet4u Link Host - 'cat_id' SQL Injection
|
1 |
WEB
|
BeyazKurt
|
|
2008-10-10
|
|
MunzurSoft Wep Portal W3 - 'kat' SQL Injection
|
1 |
WEB
|
LUPUS
|
|
2008-10-10
|
|
Joomla! Component mad4Joomla! - SQL Injection
|
0 |
WEB
|
H!tm@N
|
|
2008-10-10
|
|
Joomla! Component Ignite Gallery 0.8.3 - SQL Injection
|
1 |
WEB
|
H!tm@N
|
|
2008-10-10
|
|
Easynet4u faq Host - 'faq.php' SQL Injection
|
1 |
WEB
|
SuB-ZeRo
|
|
2008-10-10
|
|
Easynet4u Forum Host - 'forum.php' SQL Injection
|
1 |
WEB
|
SuB-ZeRo
|
|
2008-10-10
|
|
Ayco Okul Portali - 'linkid' SQL Injection
|
1 |
WEB
|
Crackers_Child
|
|
2008-10-09
|
|
Scriptsez Easy Image Downloader - Local File Download
|
1 |
WEB
|
JosS
|
|
2008-10-09
|
|
Stash 1.0.3 - SQL Injection User Credentials Disclosure
|
1 |
WEB
|
gnix
|
|
2008-10-09
|
|
Scriptsez Mini Hosting Panel - 'members.php' Local File Inclusion
|
0 |
WEB
|
JosS
|
|
2008-10-09
|
|
IranMC Arad Center - SQL Injection
|
0 |
WEB
|
Hussin X
|
|
2008-10-09
|
|
Kusaba 1.0.4 - Remote Code Execution (2)
|
0 |
WEB
|
Sausage
|
|
2008-10-09
|
|
Camera Life 2.6.2b4 - SQL Injection / Cross-Site Scripting
|
0 |
WEB
|
BackDoor
|
|
2008-10-09
|
|
Joomla! Component Joomtracker 1.01 - SQL Injection
|
0 |
WEB
|
rsauron
|
|
2008-10-09
|
|
Gforge 4.6 rc1 - 'skill_edit' SQL Injection
|
0 |
WEB
|
beford
|
|
2008-10-09
|
|
GForge 4.5.19 - Multiple SQL Injections
|
0 |
WEB
|
beford
|
|
2008-10-09
|
|
Kusaba 1.0.4 - Remote Code Execution (1)
|
2 |
WEB
|
Sausage
|
|
2008-10-08
|
|
WebBiscuits Modules Controller 1.1 - Remote File Inclusion / Remote File Disclosure
|
1 |
WEB
|
GoLd_M
|
|
2008-10-08
|
|
AdMan 1.1.20070907 - 'campaignId' SQL Injection
|
0 |
WEB
|
SuB-ZeRo
|
|
2008-10-08
|
|
HispaH textlinksads - 'index.php' SQL Injection
|
1 |
WEB
|
InjEctOr5
|
|
2008-10-08
|
|
DFF PHP Framework API - 'Data Feed File' Remote File Inclusion
|
1 |
WEB
|
GoLd_M
|
|
2008-10-07
|
|
TorrentTrader Classic 1.04 - Blind SQL Injection
|
1 |
WEB
|
BazOka-HaCkEr
|
|
2008-10-07
|
|
Built2Go PHP Realestate 1.5 - 'event_detail.php' SQL Injection
|
0 |
WEB
|
d3v1l
|
|
2008-10-07
|
|
PHP Autos 2.9.1 - 'catid' SQL Injection
|
0 |
WEB
|
Mr.SQL
|
|
2008-10-07
|
|
PHP Auto Dealer 2.7 - 'v_cat' SQL Injection
|
0 |
WEB
|
Mr.SQL
|
|
2008-10-07
|
|
PHP Realtor 1.5 - 'v_cat' SQL Injection
|
0 |
WEB
|
Mr.SQL
|
|
2008-10-07
|
|
Yourownbux 4.0 - 'cookie' SQL Injection
|
0 |
WEB
|
Tec-n0x
|
|
2008-10-07
|
|
Joomla! Component com_hotspots - SQL Injection
|
0 |
WEB
|
cOndemned
|
|
2008-10-07
|
|
Yerba SACphp 6.3 - Multiple Vulnerabilities
|
0 |
WEB
|
StAkeR
|
|
2008-10-06
|
|
Yerba SACphp 6.3 - Local File Inclusion
|
1 |
WEB
|
Pepelux
|
|
2008-10-06
|
|
asiCMS alpha 0.208 - Multiple Remote File Inclusions
|
1 |
WEB
|
NoGe
|
|
2008-10-05
|
|
PHP-Fusion Mod triscoop_race_system - 'raceid' SQL Injection
|
0 |
WEB
|
boom3rang
|
|
2008-10-05
|
|
PHP-Fusion Mod recept - 'kat_id' SQL Injection
|
0 |
WEB
|
boom3rang
|
|
2008-10-05
|
|
PHP-Fusion Mod raidtracker_panel - 'INFO_RAID_ID' SQL Injection
|
0 |
WEB
|
boom3rang
|
|
2008-10-05
|
|
PHP-Fusion Mod manuals - 'manual' SQL Injection
|
0 |
WEB
|
boom3rang
|
|
2008-10-05
|
|
FOSS Gallery Public 1.0 - Arbitrary File Upload (PoC)
|
0 |
WEB
|
Pepelux
|
|
2008-10-05
|
|
phpAbook 0.8.8b - 'cookie' Local File Inclusion
|
0 |
WEB
|
JosS
|
|
2008-10-05
|
|
Fastpublish CMS 1.9999 - Local File Inclusion / SQL Injection
|
0 |
WEB
|
~!Dok_tOR!~
|
|
2008-10-05
|
|
geccBBlite 2.0 - 'id' SQL Injection
|
0 |
WEB
|
Piker
|
|
2008-10-05
|
|
OpenNMS < 1.5.96 - Multiple Vulnerabilities
|
0 |
WEB
|
BugSec LTD
|
|
2008-10-05
|
|
Galerie 3.2 - 'pic' WBB Lite Addon Blind SQL Injection
|
0 |
WEB
|
J0hn.X3r
|
|
2008-10-05
|
|
FOSS Gallery Public 1.0 - Arbitrary File Upload
|
0 |
WEB
|
JosS
|
|
2008-10-04
|
|
FOSS Gallery Admin 1.0 - Arbitrary File Upload
|
1 |
WEB
|
Pepelux
|
|
2008-10-04
|
|
JMweb - 'src' Local File Inclusion
|
1 |
WEB
|
SirGod
|
|
2008-10-04
|
|
pPIM 1.01 - 'notes.php' Local File Inclusion
|
1 |
WEB
|
JosS
|
|
2008-10-03
|
|
Kwalbum 2.0.2 - Arbitrary File Upload
|
1 |
WEB
|
CWH Underground
|
|
2008-10-03
|
|
CCMS 3.1 - 'skin' Local File Inclusion
|
0 |
WEB
|
SirGod
|
|
2008-10-03
|
|
AdaptCMS Lite 1.3 - Blind SQL Injection
|
1 |
WEB
|
StAkeR
|
|
2008-10-03
|
|
Full PHP Emlak Script - 'arsaprint.php' SQL Injection
|
1 |
WEB
|
Hussin X
|
|
2008-10-03
|
|
IP Reg 0.4 - Blind SQL Injection
|
1 |
WEB
|
StAkeR
|
