|
2008-04-06
|
|
Blog PixelMotion - 'sauvBase.php' Arbitrary Database Backup
|
1 |
WEB
|
JIKO
|
|
2008-04-06
|
|
MyBB Plugin Custom Pages 1.0 - SQL Injection
|
1 |
WEB
|
Lidloses_Auge
|
|
2008-04-05
|
|
Software Index 1.1 - 'cid' SQL Injection
|
0 |
WEB
|
t0pP8uZz
|
|
2008-04-05
|
|
Links Directory 1.1 - 'cat_id' SQL Injection
|
1 |
WEB
|
t0pP8uZz
|
|
2008-04-05
|
|
Picture Rating 1.0 - Blind SQL Injection
|
1 |
WEB
|
t0pP8uZz
|
|
2008-04-05
|
|
visualpic 0.3.1 - Remote File Inclusion
|
1 |
WEB
|
Cr@zy_King
|
|
2008-04-05
|
|
Gaming Directory 1.0 - 'cat_id' SQL Injection
|
0 |
WEB
|
t0pP8uZz
|
|
2008-04-05
|
|
Cobalt 0.1 - Multiple SQL Injections
|
1 |
WEB
|
U238
|
|
2008-04-05
|
|
Easynet Forum Host - 'forum.php' SQL Injection
|
1 |
WEB
|
t0pP8uZz
|
|
2008-04-05
|
|
Entertainment Directory 1.1 - SQL Injection
|
1 |
WEB
|
t0pP8uZz
|
|
2008-04-05
|
|
Blogator-script 0.95 - Change User Password
|
1 |
WEB
|
Virangar Security
|
|
2008-04-04
|
|
Dragoon 0.1 - 'lng' Local File Inclusion
|
1 |
WEB
|
w0cker
|
|
2008-04-04
|
|
Blogator-script 0.95 - 'id_art' SQL Injection
|
2 |
WEB
|
Virangar Security
|
|
2008-04-04
|
|
PIGMy-SQL 1.4.1 - 'getdata.php' Blind SQL Injection
|
1 |
WEB
|
t0pP8uZz
|
|
2008-04-04
|
|
Blogator-script 0.95 - 'incl_page' Remote File Inclusion
|
2 |
WEB
|
JIKO
|
|
2008-04-04
|
|
PHP Photo Gallery 1.0 - 'photo_id' SQL Injection
|
2 |
WEB
|
t0pP8uZz
|
|
2008-04-04
|
|
Affiliate Directory - 'cat_id' SQL Injection
|
2 |
WEB
|
t0pP8uZz
|
|
2008-04-04
|
|
Comdev News Publisher 4.1.2 - SQL Injection
|
2 |
WEB
|
t0pP8uZz
|
|
2008-04-04
|
|
Sabros.us 1.75 - 'thumbnails.php' Remote File Disclosure
|
1 |
WEB
|
HaCkeR_EgY
|
|
2008-04-04
|
|
Vastal I-Tech Software Zone - 'cat_id' SQL Injection
|
1 |
WEB
|
t0pP8uZz
|
|
2008-04-04
|
|
XPOZE Pro 3.05 - 'reed' SQL Injection
|
1 |
WEB
|
t0pP8uZz
|
|
2008-04-03
|
|
KwsPHP Module ConcoursPhoto 2.0 - 'C_ID' SQL Injection
|
2 |
WEB
|
Stack
|
|
2008-04-03
|
|
KwsPHP Module jeuxflash 1.0 - 'cat' SQL Injection
|
2 |
WEB
|
Houssamix
|
|
2008-04-03
|
|
KwsPHP 1.3.456 Module Archives - 'id' SQL Injection
|
2 |
WEB
|
S@BUN
|
|
2008-04-03
|
|
KwsPHP 1.3.456 Module Galerie - 'id_gal' SQL Injection
|
2 |
WEB
|
S@BUN
|
|
2008-04-02
|
|
PhpBlock a8.4 - 'PATH_TO_CODE' Remote File Inclusion
|
2 |
WEB
|
w0cker
|
|
2008-04-02
|
|
DaZPHP 0.1 - 'prefixdir' Local File Inclusion
|
2 |
WEB
|
w0cker
|
|
2008-04-02
|
|
Joomla! Component OnlineFlashQuiz 1.0.2 - Remote File Inclusion
|
2 |
WEB
|
NoGe
|
|
2008-04-01
|
|
RunCMS Module bamagalerie3 - SQL Injection
|
1 |
WEB
|
DreamTurk
|
|
2008-04-01
|
|
Nuked-klaN 1.7.6 - Multiple Vulnerabilities
|
2 |
WEB
|
Charles Fol
|
|
2008-04-01
|
|
Joomla! Component actualite 1.0 - 'id' SQL Injection
|
1 |
WEB
|
Stack
|
|
2008-04-01
|
|
EggBlog 4.0 - SQL Injection
|
1 |
WEB
|
girex
|
|
2008-04-01
|
|
Mambo Component Ahsshop 1.51 - 'vara' SQL Injection
|
1 |
WEB
|
S@BUN
|
|
2008-04-01
|
|
FaScript FaPhoto 1.0 - 'show.php' SQL Injection
|
1 |
WEB
|
Khashayar Fereidani
|
|
2008-04-01
|
|
EasyNews 40tr - SQL Injection / Cross-Site Scripting / Local File Inclusion
|
1 |
WEB
|
Khashayar Fereidani
|
|
2008-03-31
|
|
Neat weblog 0.2 - 'articleId' SQL Injection
|
1 |
WEB
|
Khashayar Fereidani
|
|
2008-03-31
|
|
Woltlab Burning Board Addon JGS-Treffen 2.0.2 - SQL Injection
|
1 |
WEB
|
anonymous
|
|
2008-03-31
|
|
PHPSpamManager 0.53b - 'body.php' Remote File Disclosure
|
2 |
WEB
|
GoLd_M
|
|
2008-03-31
|
|
WordPress Plugin Download - 'dl_id' SQL Injection
|
2 |
WEB
|
BL4CK
|
|
2008-03-30
|
|
JShop 1.x < 2.x - 'xPage' Local File Inclusion
|
2 |
WEB
|
v0l4arrra
|
|
2008-03-30
|
|
KISGB (tmp_theme) 5.1.1 - Local File Inclusion
|
2 |
WEB
|
Cr@zy_King
|
|
2008-03-30
|
|
mxBB Module mx_blogs 2.0.0-beta - Remote File Inclusion
|
2 |
WEB
|
bd0rk
|
|
2008-03-30
|
|
Smoothflash - 'cid' SQL Injection
|
2 |
WEB
|
S@BUN
|
|
2008-03-28
|
|
AuraCMS 2.x - '/user.php' Security Code Bypass / Arbitrary Add Administrator
|
2 |
WEB
|
NTOS-Team
|
|
2008-03-28
|
|
Joomla! Component MyAlbum 1.0 - 'album' SQL Injection
|
2 |
WEB
|
parad0x
|
|
2008-03-26
|
|
JAF CMS 4.0 RC2 - Multiple Remote File Inclusions
|
2 |
WEB
|
CraCkEr
|
|
2008-03-25
|
|
TopperMod 1.0 - 'mod.php' Local File Inclusion
|
1 |
WEB
|
girex
|
|
2008-03-25
|
|
TopperMod 2.0 - SQL Injection
|
2 |
WEB
|
girex
|
|
2008-03-25
|
|
Joomla! Component Alphacontent 2.5.8 - 'id' SQL Injection
|
2 |
WEB
|
cO2
|
|
2008-03-25
|
|
BolinOS 4.6.1 - Local File Inclusion / Cross-Site Scripting
|
3 |
WEB
|
DSecRG
|
|
2008-03-25
|
|
e107 Plugin My_Gallery 2.3 - Arbitrary File Download
|
1 |
WEB
|
Jerome Athias
|
|
2008-03-24
|
|
Destar 0.2.2-5 - Arbitrary Add Admin
|
2 |
WEB
|
nonroot
|
|
2008-03-24
|
|
HIS-Webshop - 'his-webshop.pl t' Remote File Disclosure
|
2 |
WEB
|
Zero X
|
|
2008-03-24
|
|
PowerPHPBoard 1.00b - Multiple Local File Inclusions
|
2 |
WEB
|
DSecRG
|
|
2008-03-24
|
|
PowerBook 1.21 - 'index.php' Local File Inclusion
|
2 |
WEB
|
DSecRG
|
|
2008-03-24
|
|
phpBB Module XS-Mod 2.3.1 - Local File Inclusion
|
2 |
WEB
|
bd0rk
|
|
2008-03-23
|
|
Joomla! Component Cinema 1.0 - SQL Injection
|
2 |
WEB
|
S@BUN
|
|
2008-03-23
|
|
Joomla! Component d3000 1.0.0 - SQL Injection
|
1 |
WEB
|
S@BUN
|
|
2008-03-23
|
|
Destar 0.2.2-5 - Arbitrary Add New User
|
1 |
WEB
|
nonroot
|
|
2008-03-23
|
|
Joomla! Component rekry 1.0.0 - 'op_id' SQL Injection
|
0 |
WEB
|
Sniper456
|
|
2008-03-22
|
|
Cuteflow Bin 1.5.0 - 'login.php' Local File Inclusion
|
1 |
WEB
|
KnocKout
|
|
2008-03-22
|
|
PHP-Nuke Platinum 7.6.b.5 - 'dynamic_titles.php' SQL Injection
|
1 |
WEB
|
Inphex
|
|
2008-03-22
|
|
Joomla! Component custompages 1.1 - Remote File Inclusion
|
1 |
WEB
|
Sniper456
|
|
2008-03-21
|
|
XLPortal 2.2.4 - 'Search' SQL Injection
|
2 |
WEB
|
cOndemned
|
|
2008-03-21
|
|
PostNuke 0.764 - Blind SQL Injection
|
1 |
WEB
|
The:Paradox
|
|
2008-03-21
|
|
D.E. Classifieds - 'cat_id' SQL Injection
|
2 |
WEB
|
S@BUN
|
|
2008-03-21
|
|
RunCMS Module Photo 3.02 - 'cid' SQL Injection
|
2 |
WEB
|
S@BUN
|
|
2008-03-21
|
|
phpAddressBook 2.11 - Multiple Local File Inclusions
|
2 |
WEB
|
0x90
|
|
2008-03-20
|
|
ASPapp Knowledge Base - SQL Injection
|
2 |
WEB
|
xcorpitx
|
|
2008-03-20
|
|
RunCMS Module section - 'artid' SQL Injection
|
1 |
WEB
|
Cr@zy_King
|
|
2008-03-19
|
|
PEEL CMS 3.x - Admin Hash Extraction / Arbitrary File Upload
|
2 |
WEB
|
Charles Fol
|
|
2008-03-19
|
|
Joomla! Component Restaurante 1.0 - 'id' SQL Injection
|
2 |
WEB
|
S@BUN
|
|
2008-03-19
|
|
Mambo Component Accombo 1.x - 'id' SQL Injection
|
1 |
WEB
|
S@BUN
|
|
2008-03-19
|
|
Joomla! Component Alberghi 2.1.3 - 'id' SQL Injection
|
1 |
WEB
|
S@BUN
|
|
2008-03-19
|
|
Joomla! Component joovideo 1.2.2 - 'id' SQL Injection
|
1 |
WEB
|
S@BUN
|
|
2008-03-19
|
|
ASPapp Knowledge Base - 'CatId' SQL Injection (1)
|
1 |
WEB
|
xcorpitx
|
|
2008-03-18
|
|
Easy-Clanpage 2.2 - 'id' SQL Injection
|
1 |
WEB
|
n3w7u
|
|
2008-03-18
|
|
KAPhotoservice - 'album.asp' SQL Injection
|
1 |
WEB
|
JosS
|
|
2008-03-18
|
|
Joomla! Component Acajoom 1.1.5 - SQL Injection
|
1 |
WEB
|
fataku
|
|
2008-03-17
|
|
XOOPS Module Dictionary 0.94 - SQL Injection
|
1 |
WEB
|
S@BUN
|
|
2008-03-17
|
|
phpAuction GPL Enhanced 2.51 - Multiple Remote File Inclusions
|
1 |
WEB
|
RoMaNcYxHaCkEr
|
|
2008-03-17
|
|
Exero CMS 1.0.1 - 'theme' Multiple Local File Inclusions
|
2 |
WEB
|
GoLd_M
|
|
2008-03-16
|
|
phpBP RC3 (2.204) FIX4 - SQL Injection
|
2 |
WEB
|
irk4z
|
|
2008-03-16
|
|
mutiple timesheets 5.0 - Multiple Vulnerabilities
|
2 |
WEB
|
JosS
|
|
2008-03-14
|
|
Fuzzylime CMS 3.01 - 'admindir' Remote File Inclusion
|
2 |
WEB
|
irk4z
|
|
2008-03-14
|
|
AuraCMS 2.2.1 - 'X-Forwarded-For' HTTP Header Blind SQL Injection
|
2 |
WEB
|
NTOS-Team
|
|
2008-03-14
|
|
eXV2 Module WebChat 1.60 - 'roomid' SQL Injection
|
2 |
WEB
|
S@BUN
|
|
2008-03-14
|
|
eXV2 Module Viso 2.0.4.3 - 'kid' SQL Injection
|
3 |
WEB
|
S@BUN
|
|
2008-03-14
|
|
eXV2 Module eblog 1.2 - 'blog_id' SQL Injection
|
2 |
WEB
|
S@BUN
|
|
2008-03-14
|
|
eXV2 Module MyAnnonces - 'lid' SQL Injection
|
2 |
WEB
|
S@BUN
|
|
2008-03-12
|
|
EasyGallery 5.0tr - Multiple Vulnerabilities
|
2 |
WEB
|
JosS
|
|
2008-03-12
|
|
EasyCalendar 4.0tr - Multiple Vulnerabilities
|
2 |
WEB
|
JosS
|
|
2008-03-12
|
|
XOOPS Module tutorials 2.1b - 'printpage.php' SQL Injection
|
2 |
WEB
|
S@BUN
|
|
2008-03-12
|
|
eXV2 Module bamaGalerie 3.03 - SQL Injection
|
1 |
WEB
|
S@BUN
|
|
2008-03-12
|
|
Fully Modded phpBB - 'kb.php' SQL Injection
|
2 |
WEB
|
TurkishWarriorr
|
|
2008-03-12
|
|
XOOPS Module My_eGallery 3.04 - 'gid' SQL Injection
|
2 |
WEB
|
S@BUN
|
|
2008-03-12
|
|
XOOPS Module Gallery 0.2.2 - 'gid' SQL Injection
|
2 |
WEB
|
S@BUN
|
|
2008-03-12
|
|
QuickTalk Forum 1.6 - Blind SQL Injection
|
1 |
WEB
|
t0pP8uZz
|
|
2008-03-11
|
|
Danneo CMS 0.5.1 - Blind SQL Injection
|
2 |
WEB
|
InATeam
|
|
2008-03-11
|
|
Joomla! Component ProductShowcase 1.5 - SQL Injection
|
2 |
WEB
|
S@BUN
|
|
2008-03-11
|
|
phpBB Mod FileBase 2.0 - 'id' SQL Injection
|
2 |
WEB
|
t0pP8uZz
|
|
2008-03-11
|
|
Bloo 1.00 - Multiple SQL Injections
|
1 |
WEB
|
MhZ91
|
|
2008-03-11
|
|
Mapbender 2.4.4 - 'gaz' SQL Injection
|
1 |
WEB
|
RedTeam Pentesting
|
|
2008-03-11
|
|
Mapbender 2.4.4 - 'mapFiler.php' Remote Code Execution
|
1 |
WEB
|
RedTeam Pentesting
|
|
2008-03-10
|
|
phpMyNewsletter 0.8b5 - 'msg_id' SQL Injection
|
2 |
WEB
|
Charles Fol
|
|
2008-03-10
|
|
Mambo Component eWriting 1.2.1 - 'cat' SQL Injection
|
1 |
WEB
|
Don
|
|
2008-03-09
|
|
BM Classifieds 20080409 - Multiple SQL Injections
|
1 |
WEB
|
xcorpitx
|
|
2008-03-09
|
|
QuickTicket 1.5 - 'qti_usr.php' SQL Injection
|
1 |
WEB
|
croconile
|
|
2008-03-08
|
|
Joomla! Component Candle 1.0 - 'cid' SQL Injection
|
1 |
WEB
|
S@BUN
|
|
2008-03-07
|
|
zKup CMS 2.0 < 2.3 - Arbitrary File Upload
|
1 |
WEB
|
Charles Fol
|
|
2008-03-07
|
|
zKup CMS 2.0 < 2.3 - Remote Add Admin
|
2 |
WEB
|
Charles Fol
|
|
2008-03-06
|
|
XOOPS Module wfdownloads - 'cid' SQL Injection
|
1 |
WEB
|
S@BUN
|
|
2008-03-06
|
|
XOOPS Module Glossario 2.2 - 'sid' SQL Injection
|
1 |
WEB
|
S@BUN
|
|
2008-03-04
|
|
Mitra Informatika Solusindo cart - SQL Injection
|
1 |
WEB
|
bius
|
|
2008-03-01
|
|
Dynamic photo Gallery 1.02 - 'albumID' SQL Injection
|
1 |
WEB
|
Aria-Security Team
|
|
2008-03-01
|
|
phpComasy 0.8 - 'mod_project_id' SQL Injection
|
1 |
WEB
|
Cr@zy_King
|
|
2008-03-01
|
|
phpArcadeScript 3.0RC2 - 'userid' SQL Injection
|
1 |
WEB
|
SoSo H H
|
|
2008-03-01
|
|
Mambo Component com_Musica - 'id' SQL Injection
|
0 |
WEB
|
Aria-Security Team
|
|
2008-02-29
|
|
Dream4 Koobi CMS 4.3.0 < 4.2.3 - 'categ' SQL Injection
|
1 |
WEB
|
JosS
|
|
2008-02-28
|
|
Centreon 1.4.2.3 - 'get_image.php' Remote File Disclosure
|
1 |
WEB
|
Julien CAYSSOL
|
|
2008-02-28
|
|
PHP-Nuke Module My_eGallery 2.7.9 - SQL Injection
|
1 |
WEB
|
Aria-Security Team
|
|
2008-02-28
|
|
Barryvan Compo Manager 0.3 - Remote File Inclusion
|
1 |
WEB
|
MhZ91
|
|
2008-02-28
|
|
Podcast Generator 1.0 Beta 2 - Remote File Inclusion / File Disclosure
|
1 |
WEB
|
GoLd_M
|
|
2008-02-28
|
|
SiteBuilderElite 1.2 - Multiple Remote File Inclusions
|
1 |
WEB
|
MhZ91
|
|
2008-02-28
|
|
Dream4 Koobi Pro 5.7 - 'categ' SQL Injection
|
1 |
WEB
|
Cr@zy_King
|
