|
2008-09-20
|
|
Plaincart 1.1.2 - 'p' SQL Injection
|
0 |
WEB
|
r45c4l
|
|
2008-09-20
|
|
Diesel Pay Script - 'area' SQL Injection
|
0 |
WEB
|
ZoRLu
|
|
2008-09-20
|
|
MyFWB 1.0 - 'index.php' SQL Injection
|
0 |
WEB
|
0x90
|
|
2008-09-20
|
|
Explay CMS 2.1 - Insecure Cookie Handling
|
1 |
WEB
|
Stack
|
|
2008-09-20
|
|
Advanced Electron Forum 1.0.6 - Remote Code Execution
|
1 |
WEB
|
GulfTech Security
|
|
2008-09-19
|
|
Explay CMS 2.1 - Persistent Cross-Site Scripting / Cross-Site Request Forgery
|
1 |
WEB
|
hodik
|
|
2008-09-19
|
|
easyLink 1.1.0 - 'detail.php' SQL Injection
|
1 |
WEB
|
Egypt Coder
|
|
2008-09-19
|
|
Pluck CMS 4.5.3 - 'update.php' Remote File Corruption
|
1 |
WEB
|
Nine:Situations:Group
|
|
2008-09-18
|
|
AssetMan 2.5-b - SQL Injection using Session Fixation
|
0 |
WEB
|
Neo Anderson
|
|
2008-09-18
|
|
ProActive CMS - 'template' Local File Inclusion
|
0 |
WEB
|
r45c4l
|
|
2008-09-18
|
|
Diesel Joke Site - 'picture_category.php' SQL Injection
|
0 |
WEB
|
SarBoT511
|
|
2008-09-18
|
|
CYASK 3.x - 'neturl' Local File Disclosure
|
0 |
WEB
|
xy7
|
|
2008-09-18
|
|
ProArcadeScript 1.3 - 'random' SQL Injection
|
0 |
WEB
|
SuNHouSe2
|
|
2008-09-18
|
|
addalink 4 - 'category_id' SQL Injection
|
0 |
WEB
|
ka0x
|
|
2008-09-18
|
|
E-PHP CMS - 'article.php' SQL Injection
|
1 |
WEB
|
HaCkeR_EgY
|
|
2008-09-17
|
|
addalink 4 Beta - Write Approved Links
|
1 |
WEB
|
Pepelux
|
|
2008-09-17
|
|
X10media Mp3 Search Engine 1.5.5 - Remote File Inclusion
|
1 |
WEB
|
THUNDER
|
|
2008-09-17
|
|
Technote 7 - 'shop_this_skin_path' Remote File Inclusion
|
1 |
WEB
|
webDEViL
|
|
2008-09-17
|
|
PHP Crawler 0.8 - Remote File Inclusion
|
1 |
WEB
|
Piker
|
|
2008-09-17
|
|
phpRealty 0.3 - 'INC' Remote File Inclusion
|
1 |
WEB
|
ka0x
|
|
2008-09-16
|
|
Hotel Reservation System - 'city.asp' Blind SQL Injection
|
1 |
WEB
|
JosS
|
|
2008-09-16
|
|
Gonafish LinksCaffePRO 4.5 - 'index.php' SQL Injection
|
1 |
WEB
|
sl4xUz
|
|
2008-09-16
|
|
Attachmax Dolphin 2.1.0 - Multiple Vulnerabilities
|
0 |
WEB
|
K-159
|
|
2008-09-16
|
|
iScripts EasyIndex - 'produid' SQL Injection
|
0 |
WEB
|
SirGod
|
|
2008-09-15
|
|
Link Bid Script 1.5 - Multiple SQL Injections
|
0 |
WEB
|
SirGod
|
|
2008-09-15
|
|
Pre Real Estate Listings - 'search.php' SQL Injection
|
1 |
WEB
|
JosS
|
|
2008-09-15
|
|
CzarNews 1.20 - Account Hijacking SQL Injection
|
1 |
WEB
|
0ut0fbound
|
|
2008-09-15
|
|
CzarNews 1.20 - 'cookie' SQL Injection
|
1 |
WEB
|
StAkeR
|
|
2008-09-14
|
|
cPanel 11.x - 'Fantastico' Local File Inclusion
|
1 |
WEB
|
joker_1
|
|
2008-09-14
|
|
Kasseler CMS 1.1.0/1.2.0 Lite - SQL Injection
|
0 |
WEB
|
~!Dok_tOR!~
|
|
2008-09-14
|
|
Free PHP VX Guestbook 1.06 - Insecure Cookie Handling
|
0 |
WEB
|
Stack
|
|
2008-09-13
|
|
Free PHP VX Guestbook 1.06 - Arbitrary Database Backup
|
0 |
WEB
|
SirGod
|
|
2008-09-13
|
|
Linkarity - 'link.php' SQL Injection
|
1 |
WEB
|
Egypt Coder
|
|
2008-09-13
|
|
FoT Video scripti 1.1b - 'oyun' SQL Injection
|
1 |
WEB
|
Crackers_Child
|
|
2008-09-13
|
|
phpsmartcom 0.2 - Local File Inclusion / SQL Injection
|
0 |
WEB
|
r3dm0v3
|
|
2008-09-13
|
|
Talkback 2.3.6 - Multiple Local File Inclusion / PHPInfo Disclosure Vulnerabilities
|
0 |
WEB
|
SirGod
|
|
2008-09-13
|
|
Sports Clubs Web Panel 0.0.1 - Remote Game Delete
|
0 |
WEB
|
ka0x
|
|
2008-09-13
|
|
pLink 2.07 - 'linkto.php' Blind SQL Injection
|
0 |
WEB
|
Stack
|
|
2008-09-12
|
|
WebPortal CMS 0.7.4 - 'FCKeditor' Arbitrary File Upload
|
0 |
WEB
|
S.W.A.T.
|
|
2008-09-12
|
|
pNews 2.03 - 'newsid' SQL Injection
|
0 |
WEB
|
r45c4l
|
|
2008-09-12
|
|
vbLOGIX Tutorial Script 1.0 - 'cat_id' SQL Injection
|
0 |
WEB
|
FIREH4CK3R
|
|
2008-09-12
|
|
SkaLinks 1.5 - 'register.php' Arbitrary Add Editor
|
0 |
WEB
|
mr.al7rbi
|
|
2008-09-12
|
|
iBoutique 4.0 - 'cat' SQL Injection
|
0 |
WEB
|
r45c4l
|
|
2008-09-12
|
|
WebPortal CMS 0.7.4 - 'download.php' SQL Injection
|
0 |
WEB
|
StAkeR
|
|
2008-09-12
|
|
pForum 1.30 - 'showprofil.php' SQL Injection
|
0 |
WEB
|
tmh
|
|
2008-09-12
|
|
PHPWebGallery 1.3.4 - Blind SQL Injection (2)
|
0 |
WEB
|
ka0x
|
|
2008-09-12
|
|
Sports Clubs Web Panel 0.0.1 - Arbitrary File Upload
|
0 |
WEB
|
Stack
|
|
2008-09-11
|
|
Yourownbux 4.0 - 'cookie' Authentication Bypass
|
0 |
WEB
|
Tec-n0x
|
|
2008-09-11
|
|
Easy Photo Gallery 2.1 - Arbitrary Add Admin / remove user
|
0 |
WEB
|
Stack
|
|
2008-09-11
|
|
PHPWebGallery 1.3.4 - Blind SQL Injection (1)
|
1 |
WEB
|
Stack
|
|
2008-09-11
|
|
Sports Clubs Web Panel 0.0.1 - 'id' SQL Injection
|
1 |
WEB
|
Virangar Security
|
|
2008-09-11
|
|
Autodealers CMS AutOnline - 'id' SQL Injection
|
1 |
WEB
|
ZoRLu
|
|
2008-09-11
|
|
minb 0.1.0 - Remote Code Execution
|
1 |
WEB
|
Khashayar Fereidani
|
|
2008-09-11
|
|
phsBlog 0.2 - Bypass SQL Injection Filtering
|
0 |
WEB
|
Khashayar Fereidani
|
|
2008-09-11
|
|
D-iscussion Board 3.01 - 'topic' Local File Inclusion
|
0 |
WEB
|
SirGod
|
|
2008-09-11
|
|
Easy Photo Gallery 2.1 - Cross-Site Scripting / File Disclosure/Bypass / SQL Injection
|
0 |
WEB
|
Khashayar Fereidani
|
|
2008-09-11
|
|
Sports Clubs Web Panel 0.0.1 - 'p' Local File Inclusion
|
0 |
WEB
|
StAkeR
|
|
2008-09-11
|
|
Autodealers CMS AutOnline - 'pageid' SQL Injection
|
1 |
WEB
|
r45c4l
|
|
2008-09-11
|
|
PHPWebGallery 1.3.4 - Cross-Site Scripting / Local File Inclusion
|
1 |
WEB
|
Khashayar Fereidani
|
|
2008-09-10
|
|
Zanfi CMS lite / Jaw Portal free - 'page' SQL Injection
|
1 |
WEB
|
Cru3l.b0y
|
|
2008-09-10
|
|
PHPVID 1.1 - Cross-Site Scripting / SQL Injection
|
1 |
WEB
|
r45c4l
|
|
2008-09-10
|
|
WordPress Core 2.6.1 - Admin Takeover (SQL Column Truncation)
|
0 |
WEB
|
iso^kpsbr
|
|
2008-09-10
|
|
aspwebalbum 3.2 - Multiple Vulnerabilities
|
0 |
WEB
|
e.wiZz!
|
|
2008-09-10
|
|
Zanfi CMS lite 2.1 / Jaw Portal free - 'FCKeditor' Arbitrary File Upload
|
0 |
WEB
|
reptil
|
|
2008-09-10
|
|
AvailScript Jobs Portal Script - 'jid' SQL Injection
|
0 |
WEB
|
InjEctOr5
|
|
2008-09-10
|
|
Libera CMS 1.12 - 'cookie' SQL Injection
|
0 |
WEB
|
StAkeR
|
|
2008-09-10
|
|
Zanfi CMS lite 1.2 - Multiple Local File Inclusions
|
1 |
WEB
|
SirGod
|
|
2008-09-09
|
|
AvailScript Classmate Script - 'viewprofile.php' SQL Injection
|
0 |
WEB
|
Stack
|
|
2008-09-09
|
|
AvailScript Photo Album - 'pics.php' Multiple Vulnerabilities
|
0 |
WEB
|
sl4xUz
|
|
2008-09-09
|
|
Kim Websites 1.0 - 'FCKeditor' Arbitrary File Upload
|
0 |
WEB
|
Ciph3r
|
|
2008-09-09
|
|
AvailScript Article Script - 'articles.php' Multiple Vulnerabilities
|
0 |
WEB
|
sl4xUz
|
|
2008-09-09
|
|
CMS Buzz - 'id' SQL Injection
|
0 |
WEB
|
security fears team
|
|
2008-09-09
|
|
Stash 1.0.3 - Insecure Cookie Handling
|
1 |
WEB
|
Ciph3r
|
|
2008-09-09
|
|
Creator CMS 5.0 - 'sideid' SQL Injection
|
0 |
WEB
|
ThE X-HaCkEr
|
|
2008-09-09
|
|
Live TV Script - 'index.php?mid' SQL Injection
|
0 |
WEB
|
InjEctOr5
|
|
2008-09-09
|
|
Hot Links SQL-PHP 3 - 'report.php' Multiple Vulnerabilities
|
0 |
WEB
|
sl4xUz
|
|
2008-09-09
|
|
Stash 1.0.3 - Multiple SQL Injections
|
0 |
WEB
|
Khashayar Fereidani
|
|
2008-09-09
|
|
Alstrasoft Forum - 'catid' SQL Injection
|
0 |
WEB
|
r45c4l
|
|
2008-09-07
|
|
E-Shop Shopping Cart Script - 'search_results.php' SQL Injection
|
0 |
WEB
|
Mormoroth
|
|
2008-09-07
|
|
WordPress Core 2.6.1 - SQL Column Truncation
|
0 |
WEB
|
irk4z
|
|
2008-09-07
|
|
Alstrasoft Forum - 'cat' SQL Injection
|
1 |
WEB
|
r45c4l
|
|
2008-09-07
|
|
Masir Camp E-Shop Module 3.0 - 'ordercode' SQL Injection
|
1 |
WEB
|
BugReport.IR
|
|
2008-09-06
|
|
MemHT Portal 3.9.0 - Remote Create Shell
|
1 |
WEB
|
Ams
|
|
2008-09-06
|
|
Simple Machines Forum (SMF) 1.1.5 (Windows x86) - Admin Reset Password
|
0 |
WEB
|
Raz0r
|
|
2008-09-06
|
|
Integramod 1.4.x - Insecure Directory Download Database
|
2 |
WEB
|
TheJT
|
|
2008-09-06
|
|
Vastal I-Tech Dating Zone - 'fage' SQL Injection
|
1 |
WEB
|
ZoRLu
|
|
2008-09-05
|
|
Vastal I-Tech Shaadi Zone 1.0.9 - 'tage' SQL Injection
|
2 |
WEB
|
e.wiZz!
|
|
2008-09-05
|
|
EsFaq 2.0 - 'idcat' SQL Injection
|
2 |
WEB
|
SuB-ZeRo
|
|
2008-09-05
|
|
Vastal I-Tech Cosmetics Zone - 'cat_id' SQL Injection
|
1 |
WEB
|
Stack
|
|
2008-09-05
|
|
Vastal I-Tech Freelance Zone - 'coder_id' SQL Injection
|
1 |
WEB
|
Stack
|
|
2008-09-05
|
|
Vastal I-Tech Mag Zone - 'cat_id' SQL Injection
|
1 |
WEB
|
Stack
|
|
2008-09-05
|
|
Vastal I-Tech MMORPG Zone - 'game_id' SQL Injection
|
1 |
WEB
|
Stack
|
|
2008-09-05
|
|
Vastal I-Tech Jobs Zone - 'news_id' SQL Injection
|
1 |
WEB
|
Stack
|
|
2008-09-05
|
|
Vastal I-Tech DVD Zone - 'cat_id' SQL Injection
|
1 |
WEB
|
DeViL iRaQ
|
|
2008-09-05
|
|
Vastal I-Tech Share Zone - 'id' SQL Injection
|
1 |
WEB
|
DeViL iRaQ
|
|
2008-09-05
|
|
Vastal I-Tech Toner Cart - 'id' SQL Injection
|
1 |
WEB
|
DeViL iRaQ
|
|
2008-09-05
|
|
Vastal I-Tech Visa Zone - 'news_id' SQL Injection
|
2 |
WEB
|
DeViL iRaQ
|
|
2008-09-05
|
|
Vastal I-Tech Agent Zone - 'ann_id' SQL Injection
|
2 |
WEB
|
DeViL iRaQ
|
|
2008-09-05
|
|
WebCMS Portal Edition - 'id' Blind SQL Injection
|
2 |
WEB
|
JosS
|
|
2008-09-05
|
|
Devalcms 1.4a - Cross-Site Scripting / Remote Code Execution
|
1 |
WEB
|
Khashayar Fereidani
|
|
2008-09-05
|
|
AWStats Totals 1.14 - 'AWStatstotals.php' Remote Code Execution
|
2 |
WEB
|
Ricardo Almeida
|
|
2008-09-04
|
|
ACG-ScriptShop - 'cid' SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-09-04
|
|
qwicsite pro - SQL Injection / Cross-Site Scripting
|
2 |
WEB
|
Cr@zy_King
|
|
2008-09-04
|
|
ACG-PTP 1.0.6 - 'adid' SQL Injection
|
1 |
WEB
|
Hussin X
|
|
2008-09-03
|
|
Living Local Website - 'listtest.php' SQL Injection
|
1 |
WEB
|
Hussin X
|
|
2008-09-03
|
|
TransLucid 1.75 - 'FCKeditor' Arbitrary File Upload
|
1 |
WEB
|
BugReport.IR
|
|
2008-09-03
|
|
aspwebalbum 3.2 - Arbitrary File Upload / SQL Injection / Cross-Site Scripting
|
1 |
WEB
|
Alemin_Krali
|
|
2008-09-03
|
|
Moodle 1.8.4 - Remote Code Execution
|
2 |
WEB
|
zurlich.lpt
|
|
2008-09-03
|
|
Spice Classifieds - 'cat_path' SQL Injection
|
2 |
WEB
|
InjEctOr5
|
|
2008-09-02
|
|
CS-Cart 1.3.5 - Authentication Bypass
|
2 |
WEB
|
GulfTech Security
|
|
2008-09-02
|
|
AJ HYIP ACME - 'readarticle.php' SQL Injection
|
2 |
WEB
|
InjEctOr5
|
|
2008-09-02
|
|
AJ HYIP ACME - 'comment.php' SQL Injection
|
1 |
WEB
|
security fears team
|
|
2008-09-02
|
|
Reciprocal Links Manager 1.1 - 'site' SQL Injection
|
1 |
WEB
|
Hussin X
|
|
2008-09-02
|
|
Coupon Script 4.0 - 'id' SQL Injection
|
1 |
WEB
|
Hussin X
|
|
2008-09-02
|
|
myPHPNuke < 1.8.8_8rc2 - 'artid' SQL Injection
|
2 |
WEB
|
MustLive
|
|
2008-09-01
|
|
e107 Plugin BLOG Engine 2.2 - 'uid' SQL Injection
|
2 |
WEB
|
Virangar Security
|
|
2008-09-01
|
|
WeBid 0.5.4 - 'FCKeditor' Arbitrary File Upload
|
2 |
WEB
|
Stack
|
|
2008-09-01
|
|
CMSbright - 'id_rub_page' SQL Injection
|
2 |
WEB
|
h4ck3r
|
|
2008-09-01
|
|
EasyClassifields 3.0 - 'go' SQL Injection
|
1 |
WEB
|
e.wiZz!
|
|
2008-09-01
|
|
WeBid 0.5.4 - 'item.php' SQL Injection
|
1 |
WEB
|
Stack
|
|
2008-08-31
|
|
webid 0.5.4 - Multiple Vulnerabilities
|
1 |
WEB
|
InjEctOr5
|
|
2008-08-31
|
|
myPHPNuke < 1.8.8_8rc2 - Cross-Site Scripting / SQL Injection
|
1 |
WEB
|
MustLive
|
|
2008-08-31
|
|
Words tag script 1.2 - 'word' SQL Injection
|
1 |
WEB
|
Hussin X
|
|
2008-08-31
|
|
Web Directory Script 1.5.3 - 'site' SQL Injection
|
2 |
WEB
|
Hussin X
|
|
2008-08-30
|
|
Brim 2.0.0 - SQL Injection / Cross-Site Scripting
|
2 |
WEB
|
InjEctOr5
|
