|
2008-05-04
|
|
Cplinks 1.03 - Authentication Bypass / SQL Injection / Cross-Site Scripting
|
0 |
WEB
|
InjEctOr5
|
|
2008-05-03
|
|
phpDirectorySource 1.1 - Multiple SQL Injections
|
0 |
WEB
|
InjEctOr5
|
|
2008-05-03
|
|
SmartBlog 1.3 - 'index.php' SQL Injection
|
0 |
WEB
|
His0k4
|
|
2008-05-03
|
|
BlogMe PHP 1.1 - 'comments.php' SQL Injection
|
1 |
WEB
|
His0k4
|
|
2008-05-02
|
|
ItCMS 1.9 - 'boxpop.php' Remote Code Execution
|
1 |
WEB
|
Cod3rZ
|
|
2008-05-02
|
|
Open Auto Classifieds 1.4.3b - SQL Injection
|
1 |
WEB
|
InjEctOr5
|
|
2008-05-01
|
|
Vlbook 1.21 - Cross-Site Scripting / Local File Inclusion
|
1 |
WEB
|
Khashayar Fereidani
|
|
2008-05-01
|
|
ActualAnalyzer Lite (free) 2.78 - Local File Inclusion
|
1 |
WEB
|
Khashayar Fereidani
|
|
2008-05-01
|
|
Joomla! Component Webhosting - 'catid' Blind SQL Injection
|
1 |
WEB
|
cO2
|
|
2008-04-30
|
|
Interact 2.4.1 - Multiple Remote File Inclusions
|
1 |
WEB
|
RoMaNcYxHaCkEr
|
|
2008-04-30
|
|
Harris WapChat 1 - Multiple Remote File Inclusions
|
1 |
WEB
|
k1n9k0ng
|
|
2008-04-30
|
|
OxYProject 0.85 - 'edithistory.php' Remote Code Execution
|
1 |
WEB
|
GoLd_M
|
|
2008-04-30
|
|
Project Based Calendaring System (PBCS) 0.7.1 - Multiple Vulnerabilities
|
1 |
WEB
|
GoLd_M
|
|
2008-04-29
|
|
LokiCMS 0.3.3 - Arbitrary File Delete
|
0 |
WEB
|
cOndemned
|
|
2008-04-29
|
|
SugarCRM Community Edition 4.5.1/5.0.0 - File Disclosure
|
0 |
WEB
|
Roberto Suggi Liverani
|
|
2008-04-28
|
|
Joovili 3.1 - 'browse.videos.php' SQL Injection
|
1 |
WEB
|
HaCkeR_EgY
|
|
2008-04-28
|
|
Softbiz Web Host Directory Script - 'host_id' SQL Injection
|
1 |
WEB
|
K-159
|
|
2008-04-28
|
|
Prozilla Hosting Index - 'cat_id' SQL Injection
|
1 |
WEB
|
K-159
|
|
2008-04-27
|
|
Joomla! Component paxxgallery 0.2 - 'gid' Blind SQL Injection
|
0 |
WEB
|
ZAMUT
|
|
2008-04-27
|
|
ODFaq 2.1.0 - Blind SQL Injection
|
1 |
WEB
|
cO2
|
|
2008-04-27
|
|
Joomla! Component Alphacontent 2.5.8 - Blind SQL Injection
|
1 |
WEB
|
cO2
|
|
2008-04-27
|
|
Content Management System for Phprojekt 0.6.1 - File Disclosure
|
1 |
WEB
|
Houssamix
|
|
2008-04-27
|
|
FluentCMS - 'view.php' SQL Injection
|
1 |
WEB
|
cO2
|
|
2008-04-27
|
|
Jokes Site Script - 'jokes.php' SQL Injection
|
1 |
WEB
|
ProgenTR
|
|
2008-04-27
|
|
Megabbs Forum 2.2 - SQL Injection / Cross-Site Scripting
|
1 |
WEB
|
BugReport.IR
|
|
2008-04-26
|
|
PHPizabi 0.848b C1 HFP3 - Database Information Disclosure
|
1 |
WEB
|
YOUCODE
|
|
2008-04-26
|
|
RunCMS Module MyArticles 0.6 Beta-1 - SQL Injection
|
1 |
WEB
|
Cr@zy_King
|
|
2008-04-26
|
|
PHP Forge 3 Beta 2 - 'id' SQL Injection
|
1 |
WEB
|
JIKO
|
|
2008-04-26
|
|
Angelo-Emlak 1.0 - Multiple SQL Injections
|
1 |
WEB
|
U238
|
|
2008-04-26
|
|
Clever Copy 3.0 - 'postview.php' SQL Injection
|
1 |
WEB
|
U238
|
|
2008-04-26
|
|
Content Management System for Phprojekt 0.6.1 - Remote File Inclusion
|
1 |
WEB
|
RoMaNcYxHaCkEr
|
|
2008-04-26
|
|
PostNuke Module pnFlashGames 2.5 - SQL Injection
|
1 |
WEB
|
Kacper
|
|
2008-04-26
|
|
Siteman 2.x - Code Execution / Local File Inclusion / Cross-Site Scripting
|
1 |
WEB
|
Khashayar Fereidani
|
|
2008-04-25
|
|
Joomla! Component Joomla-Visites 1.1 RC2 - Remote File Inclusion
|
1 |
WEB
|
NoGe
|
|
2008-04-25
|
|
PostNuke Module PostSchedule 1.0 - 'eid' SQL Injection
|
1 |
WEB
|
Kacper
|
|
2008-04-25
|
|
MiniBB 2.2 - Cross-Site Scripting / SQL Injection / Full Path Disclosure
|
1 |
WEB
|
girex
|
|
2008-04-24
|
|
Joomla! Component JPad 1.0 - (Authenticated) SQL Injection
|
1 |
WEB
|
His0k4
|
|
2008-04-23
|
|
Joomla! Component Community Builder 1.0.1 - Blind SQL Injection
|
1 |
WEB
|
$hur!k'n
|
|
2008-04-23
|
|
YouTube Clone Script - 'spages.php' Remote Code Execution
|
1 |
WEB
|
Inphex
|
|
2008-04-23
|
|
Joomla! Component Filiale 1.0.4 - 'idFiliale' SQL Injection
|
0 |
WEB
|
str0xo
|
|
2008-04-23
|
|
E RESERV 2.1 - 'index.php' SQL Injection
|
0 |
WEB
|
JIKO
|
|
2008-04-22
|
|
WordPress Plugin Spreadsheet 0.6 - SQL Injection
|
0 |
WEB
|
1ten0.0net1
|
|
2008-04-22
|
|
Web Calendar 4.1 - Blind SQL Injection
|
0 |
WEB
|
t0pP8uZz
|
|
2008-04-22
|
|
Joomla! Component FlippingBook 1.0.4 - SQL Injection
|
0 |
WEB
|
cO2
|
|
2008-04-21
|
|
TR News 2.1 - 'nb' SQL Injection
|
1 |
WEB
|
His0k4
|
|
2008-04-21
|
|
RedDot CMS 7.5 - 'LngId' SQL Injection
|
1 |
WEB
|
IRM Plc.
|
|
2008-04-21
|
|
Crazy Goomba 1.2.1 - 'id' SQL Injection
|
1 |
WEB
|
ZoRLu
|
|
2008-04-21
|
|
BlogWorx 1.0 - 'id' SQL Injection
|
1 |
WEB
|
U238
|
|
2008-04-20
|
|
Acidcat CMS 3.4.1 - Multiple Vulnerabilities
|
1 |
WEB
|
BugReport.IR
|
|
2008-04-20
|
|
KubeLance 1.6.4 - 'ipn.php' Local File Inclusion
|
1 |
WEB
|
Crackers_Child
|
|
2008-04-20
|
|
HostDirectory Pro - Insecure Cookie Handling
|
1 |
WEB
|
Crackers_Child
|
|
2008-04-20
|
|
W1L3D4 philboard 1.0 - 'philboard_reply.asp' SQL Injection
|
1 |
WEB
|
U238
|
|
2008-04-19
|
|
Aterr 0.9.1 - PHP5 Local File Inclusion
|
1 |
WEB
|
KnocKout
|
|
2008-04-19
|
|
XOOPS Module Recipe 2.2 - 'detail.php' SQL Injection
|
0 |
WEB
|
S@BUN
|
|
2008-04-19
|
|
Apartment Search Script - 'listtest.php' SQL Injection
|
1 |
WEB
|
Crackers_Child
|
|
2008-04-19
|
|
PHP-Fusion 6.01.14 - Blind SQL Injection
|
1 |
WEB
|
The:Paradox
|
|
2008-04-19
|
|
AllMyGuests 0.4.1 - 'AMG_id' SQL Injection
|
1 |
WEB
|
Player
|
|
2008-04-18
|
|
Simple Customer 1.2 - 'contact.php' SQL Injection
|
1 |
WEB
|
t0pP8uZz
|
|
2008-04-18
|
|
PhShoutBox 1.5 - Insecure Cookie Handling
|
1 |
WEB
|
t0pP8uZz
|
|
2008-04-18
|
|
OpenInvoice 0.9 - Arbitrary Change User Password
|
1 |
WEB
|
t0pP8uZz
|
|
2008-04-18
|
|
2532/Gigs 1.2.2 - Arbitrary Database Backup/Download
|
1 |
WEB
|
t0pP8uZz
|
|
2008-04-18
|
|
5th Avenue Shopping Cart - 'category_id' SQL Injection
|
1 |
WEB
|
Aria-Security Team
|
|
2008-04-18
|
|
Grape Statistics 0.2a - 'location' Remote File Inclusion
|
1 |
WEB
|
MajnOoNxHaCkEr
|
|
2008-04-17
|
|
e107 module 123 flash chat 6.8.0 - Remote File Inclusion
|
1 |
WEB
|
by_casper41
|
|
2008-04-16
|
|
XplodPHP AutoTutorials 2.1 - 'id' SQL Injection
|
0 |
WEB
|
cO2
|
|
2008-04-16
|
|
Carbon Communities 2.4 - Multiple Vulnerabilities
|
1 |
WEB
|
BugReport.IR
|
|
2008-04-15
|
|
LaserNet CMS 1.5 - SQL Injection
|
1 |
WEB
|
cO2
|
|
2008-04-15
|
|
LightNEasy sqlite / no database 1.2.2 - Multiple Vulnerabilities
|
1 |
WEB
|
girex
|
|
2008-04-15
|
|
Classifieds Caffe - 'cat_id' SQL Injection
|
1 |
WEB
|
JosS
|
|
2008-04-14
|
|
KwsPHP - 'Upload' Remote Code Execution
|
1 |
WEB
|
Ajax
|
|
2008-04-14
|
|
Dream4 Koobi Pro 6.25 Poll - 'poll_id' SQL Injection
|
1 |
WEB
|
S@BUN
|
|
2008-04-14
|
|
Dream4 Koobi CMS 4.2.4/4.2.5/4.3.0 - Multiple SQL Injections
|
0 |
WEB
|
JosS
|
|
2008-04-14
|
|
BosNews 4.0 - 'article' SQL Injection
|
1 |
WEB
|
Crackers_Child
|
|
2008-04-14
|
|
BosClassifieds 3.0 - 'index.php' SQL Injection
|
1 |
WEB
|
SoSo H H
|
|
2008-04-14
|
|
SmallBiz eShop - 'content_id' SQL Injection
|
1 |
WEB
|
Stack
|
|
2008-04-14
|
|
SmallBiz 4 Seasons CMS - SQL Injection
|
1 |
WEB
|
cO2
|
|
2008-04-13
|
|
Mumbo Jumbo Media OP4 - Blind SQL Injection
|
1 |
WEB
|
Lidloses_Auge
|
|
2008-04-13
|
|
PostCard 1.0 - Remote Insecure Cookie Handling
|
1 |
WEB
|
t0pP8uZz
|
|
2008-04-13
|
|
CPCommerce 1.1.0 - Cross-Site Scripting / Local File Inclusion
|
1 |
WEB
|
BugReport.IR
|
|
2008-04-13
|
|
Pollbooth 2.0 - 'pollID' SQL Injection
|
1 |
WEB
|
S@BUN
|
|
2008-04-13
|
|
Joomla! Component com_extplorer 2.0.0 RC2 - Local Directory Traversal
|
1 |
WEB
|
Houssamix
|
|
2008-04-13
|
|
1024 CMS 1.4.2 - Local File Inclusion / Blind SQL Injection
|
1 |
WEB
|
girex
|
|
2008-04-12
|
|
CcMail 1.0.1 - Insecure Cookie Handling
|
1 |
WEB
|
t0pP8uZz
|
|
2008-04-11
|
|
PHPAddressBook 2.11 - 'view.php' SQL Injection
|
1 |
WEB
|
Cr@zy_King
|
|
2008-04-11
|
|
Joomla! Component JoomlaXplorer 1.6.2 - Remote s
|
1 |
WEB
|
Houssamix
|
|
2008-04-11
|
|
NewsOffice 1.1 - Remote File Inclusion
|
0 |
WEB
|
RoMaNcYxHaCkEr
|
|
2008-04-11
|
|
PHPKB Knowledge Base Software 1.5 - 'ID' SQL Injection
|
1 |
WEB
|
parad0x
|
|
2008-04-10
|
|
RX Maxsoft - 'fotoID' SQL Injection
|
1 |
WEB
|
S@BUN
|
|
2008-04-10
|
|
LightNEasy 1.2 - no database Remote Hash Retrieve
|
1 |
WEB
|
girex
|
|
2008-04-10
|
|
Ksemail - Local File Inclusion
|
1 |
WEB
|
dun
|
|
2008-04-10
|
|
LiveCart 1.1.1 - 'id' Blind SQL Injection
|
1 |
WEB
|
irvian
|
|
2008-04-09
|
|
KnowledgeQuest 2.6 - SQL Injection
|
1 |
WEB
|
Virangar Security
|
|
2008-04-09
|
|
Phaos R4000 Version - 'file' Remote File Disclosure
|
0 |
WEB
|
HaCkeR_EgY
|
|
2008-04-09
|
|
Free Photo Gallery Site Script - 'path' File Disclosure
|
0 |
WEB
|
JIKO
|
|
2008-04-09
|
|
KnowledgeQuest 2.5 - Arbitrary Add Admin
|
0 |
WEB
|
t0pP8uZz
|
|
2008-04-09
|
|
phpBB Addon Fishing Cat Portal - Remote File Inclusion
|
0 |
WEB
|
bd0rk
|
|
2008-04-08
|
|
Dream4 Koobi 4.4/5.4 - gallery SQL Injection
|
0 |
WEB
|
S@BUN
|
|
2008-04-08
|
|
Dream4 Koobi Pro 6.25 Showimages - 'galid' SQL Injection
|
0 |
WEB
|
S@BUN
|
|
2008-04-08
|
|
Dream4 Koobi Pro 6.25 Gallery - 'galid' SQL Injection
|
0 |
WEB
|
S@BUN
|
|
2008-04-08
|
|
Dream4 Koobi Pro 6.25 Shop - 'categ' SQL Injection
|
0 |
WEB
|
S@BUN
|
|
2008-04-08
|
|
Dream4 Koobi Pro 6.25 Links - 'categ' SQL Injection
|
0 |
WEB
|
S@BUN
|
|
2008-04-08
|
|
Prediction Football 1.x - 'matchid' SQL Injection
|
0 |
WEB
|
0in
|
|
2008-04-08
|
|
SuperNET Shop 1.0 - SQL Injection
|
0 |
WEB
|
U238
|
|
2008-04-08
|
|
LokiCMS 0.3.3 - Remote Command Execution
|
0 |
WEB
|
girex
|
|
2008-04-08
|
|
FLABER 1.1 RC1 - Remote Command Execution
|
0 |
WEB
|
EgiX
|
|
2008-04-08
|
|
Pligg CMS 9.9.0 - 'editlink.php' SQL Injection
|
0 |
WEB
|
Guido Landi
|
|
2008-04-08
|
|
ExBB 0.22 - Local/Remote File Inclusion
|
0 |
WEB
|
The:Paradox
|
|
2008-04-08
|
|
phpTournois G4 - Arbitrary File Upload / Code Execution
|
0 |
WEB
|
Charles Fol
|
|
2008-04-07
|
|
iScripts Socialware - 'id' SQL Injection
|
0 |
WEB
|
t0pP8uZz
|
|
2008-04-07
|
|
My Gaming Ladder 7.5 - 'ladderid' SQL Injection
|
0 |
WEB
|
t0pP8uZz
|
|
2008-04-07
|
|
724CMS 4.01 Enterprise - 'index.php' SQL Injection
|
0 |
WEB
|
Lidloses_Auge
|
|
2008-04-07
|
|
ChartDirector 4.1 - 'viewsource.php' File Disclosure
|
0 |
WEB
|
Stack
|
|
2008-04-07
|
|
Mole 2.1.0 - 'viewsource.php' Remote File Disclosure
|
0 |
WEB
|
GoLd_M
|
|
2008-04-07
|
|
Dragoon 0.1 - 'root' Remote File Inclusion
|
0 |
WEB
|
RoMaNcYxHaCkEr
|
|
2008-04-07
|
|
LinPHA 1.3.3 Plugin Maps - Remote Command Execution
|
0 |
WEB
|
EgiX
|
|
2008-04-07
|
|
Drake CMS 0.4.11 - Blind SQL Injection
|
0 |
WEB
|
EgiX
|
|
2008-04-07
|
|
Prozilla Freelancers - 'project' SQL Injection
|
0 |
WEB
|
t0pP8uZz
|
|
2008-04-06
|
|
Prozilla Cheat Script 2.0 - 'id' SQL Injection
|
0 |
WEB
|
t0pP8uZz
|
|
2008-04-06
|
|
Prozilla Topsites 1.0 - Arbitrary Edit/Add Users
|
0 |
WEB
|
t0pP8uZz
|
|
2008-04-06
|
|
Prozilla Reviews Script 1.0 - Arbitrary Delete User
|
0 |
WEB
|
t0pP8uZz
|
|
2008-04-06
|
|
Prozilla Forum Service - 'forum' SQL Injection
|
0 |
WEB
|
t0pP8uZz
|
|
2008-04-06
|
|
Prozilla Top 100 1.2 - Arbitrary Delete Stats
|
0 |
WEB
|
t0pP8uZz
|
|
2008-04-06
|
|
Site Sift Listings - 'id' SQL Injection
|
0 |
WEB
|
S@BUN
|
|
2008-04-06
|
|
Blog PixelMotion - 'categorie' SQL Injection
|
0 |
WEB
|
parad0x
|
|
2008-04-06
|
|
Blog PixelMotion - 'modif_config.php' Arbitrary File Upload
|
0 |
WEB
|
JIKO
|
