|
2008-02-12
|
|
Joomla! Component pcchess 0.8 - SQL Injection
|
5 |
WEB
|
S@BUN
|
|
2008-02-12
|
|
Joomla! Component Rapid Recipe 1.6.5 - SQL Injection
|
5 |
WEB
|
S@BUN
|
|
2008-02-12
|
|
vKios 2.0.0 - 'cat' SQL Injection
|
5 |
WEB
|
NTOS-Team
|
|
2008-02-10
|
|
Mix Systems CMS - 'parent/id' SQL Injection
|
5 |
WEB
|
halkfild
|
|
2008-02-10
|
|
PacerCMS 0.6 - 'last_module' Remote Code Execution
|
5 |
WEB
|
GoLd_M
|
|
2008-02-10
|
|
SAPID CMF Build 87 - 'last_module' Remote Code Execution
|
5 |
WEB
|
GoLd_M
|
|
2008-02-10
|
|
ITechBids 6.0 - 'item_id' SQL Injection
|
5 |
WEB
|
SoSo H H
|
|
2008-02-10
|
|
PK-Designs PKs Movie Database 3.0.3 - Cross-Site Scripting / SQL Injection
|
4 |
WEB
|
Houssamix
|
|
2008-02-09
|
|
Mambo Component Comments 0.5.8.5g - SQL Injection
|
5 |
WEB
|
CheebaHawk215
|
|
2008-02-09
|
|
Journalness 4.1 - 'last_module' Remote Code Execution
|
5 |
WEB
|
Iron
|
|
2008-02-09
|
|
Open-Realty 2.4.3 - 'last_module' Remote Code Execution
|
3 |
WEB
|
Iron
|
|
2008-02-09
|
|
DomPHP 0.82 - 'index.php' Local File Inclusion
|
4 |
WEB
|
Houssamix
|
|
2008-02-09
|
|
Limbo CMS 1.0.4.2 - 'Cuid' cookie Blind SQL Injection
|
4 |
WEB
|
The:Paradox
|
|
2008-02-08
|
|
Mambo Component com_gallery - SQL Injection
|
5 |
WEB
|
S@BUN
|
|
2008-02-08
|
|
Joomla! Component NeoGallery 1.1 - SQL Injection
|
5 |
WEB
|
S@BUN
|
|
2008-02-08
|
|
PowerNews 2.5.6 - Local File Inclusion
|
5 |
WEB
|
DSecRG
|
|
2008-02-07
|
|
Joomla! Component com_noticias 1.0 - SQL Injection
|
5 |
WEB
|
xcorpitx
|
|
2008-02-07
|
|
Joomla! Component com_doc - SQL Injection
|
5 |
WEB
|
S@BUN
|
|
2008-02-07
|
|
Mambo Component Sermon 0.2 - 'gid' SQL Injection
|
5 |
WEB
|
S@BUN
|
|
2008-02-07
|
|
osCommerce Addon Customer Testimonials 3.1 - SQL Injection
|
5 |
WEB
|
it's my
|
|
2008-02-06
|
|
Mihalism Multi Host Download - 'Username' Blind SQL Injection
|
5 |
WEB
|
Moubik
|
|
2008-02-06
|
|
Mambo Component com_downloads - SQL Injection
|
5 |
WEB
|
S@BUN
|
|
2008-02-06
|
|
Joomla! Component Ynews 1.0.0 - 'id' SQL Injection
|
5 |
WEB
|
Crackers_Child
|
|
2008-02-06
|
|
Astanda Directory Project 1.2 - 'link_id' SQL Injection
|
5 |
WEB
|
you_kn0w
|
|
2008-02-06
|
|
MyBulletinBoard (MyBB) 1.2.11 - 'private.php' SQL Injection (1)
|
4 |
WEB
|
F
|
|
2008-02-06
|
|
OpenSiteAdmin 0.9.1.1 - Multiple File Inclusions
|
4 |
WEB
|
Trancek
|
|
2008-02-05
|
|
WordPress MU < 1.3.2 - 'active_plugins' Code Execution
|
5 |
WEB
|
Alexander Concha
|
|
2008-02-05
|
|
PhotoKorn Gallery 1.543 - 'pic' SQL Injection
|
5 |
WEB
|
you_kn0w
|
|
2008-02-05
|
|
All Club CMS 0.0.2 - 'index.php' SQL Injection
|
4 |
WEB
|
ka0x
|
|
2008-02-05
|
|
RMSOFT Gallery System 2.0 - 'id' SQL Injection
|
5 |
WEB
|
you_kn0w
|
|
2008-02-04
|
|
All Club CMS 0.0.1f - 'index.php' Local File Inclusion
|
4 |
WEB
|
Trancek
|
|
2008-02-04
|
|
VHD Web Pack 2.0 - 'index.php' Local File Inclusion
|
4 |
WEB
|
DSecRG
|
|
2008-02-04
|
|
Mambo Component Shambo2 - 'itemID' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-02-04
|
|
Mambo Component 'com_awesom' 0.3.2 - 'listid' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-02-04
|
|
XOOPS 2.0.18 - Local File Inclusion / URL Redirecting
|
4 |
WEB
|
DSecRG
|
|
2008-02-04
|
|
ITechBids 5.0 - 'item_id' SQL Injection
|
4 |
WEB
|
QTRinux
|
|
2008-02-03
|
|
Joomla! Component com_Marketplace 1.1.1 - SQL Injection
|
4 |
WEB
|
SoSo H H
|
|
2008-02-03
|
|
WordPress Plugin st_newsletter - SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-02-03
|
|
A-Blog 2.0 - Cross-Site Scripting / SQL Injection
|
4 |
WEB
|
Khashayar Fereidani
|
|
2008-02-03
|
|
Joomla! Component mosDirectory 2.3.2 - 'catid' SQL Injection
|
4 |
WEB
|
GoLd_M
|
|
2008-02-02
|
|
BlogPHP 2 - 'id' Cross-Site Scripting / SQL Injection
|
4 |
WEB
|
Khashayar Fereidani
|
|
2008-02-02
|
|
phpShop 0.8.1 - SQL Injection / Filter Bypass
|
4 |
WEB
|
the redc0ders
|
|
2008-02-02
|
|
BookmarkX script 2007 - 'topicid' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-02-02
|
|
WordPress Plugin Wordspew - SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-02-02
|
|
The Everything Development System Pre-1.0 - SQL Injection
|
4 |
WEB
|
sub
|
|
2008-02-02
|
|
WordPress Plugin dmsguestbook 1.7.0 - Multiple Vulnerabilities
|
4 |
WEB
|
NBBN
|
|
2008-02-01
|
|
Joomla! Component NeoReferences 1.3.1 - 'catid' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-02-01
|
|
LightBlog 9.5 - 'cp_upload_image.php' Arbitrary File Upload
|
4 |
WEB
|
Omni
|
|
2008-01-31
|
|
Mambo Component Restaurant 1.0 - SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-01-31
|
|
Mambo Component 'com_catalogshop' 1.0b1 - SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-01-31
|
|
Mambo Component 'com_akogallery' 2.5b - SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-01-31
|
|
sflog! 0.96 - Remote File Disclosure
|
3 |
WEB
|
muuratsalo
|
|
2008-01-31
|
|
Mindmeld 1.2.0.10 - Multiple Remote File Inclusions
|
3 |
WEB
|
David Wharton
|
|
2008-01-30
|
|
PHP Links 1.3 - 'smarty.php' Remote File Inclusion
|
4 |
WEB
|
Houssamix
|
|
2008-01-30
|
|
PHP Links 1.3 - 'id' SQL Injection
|
4 |
WEB
|
Houssamix
|
|
2008-01-30
|
|
Joomla! Component ChronoForms 2.3.5 - Remote File Inclusion
|
4 |
WEB
|
Crackers_Child
|
|
2008-01-30
|
|
Coppermine Photo Gallery 1.4.14 - Remote Command Execution
|
4 |
WEB
|
waraxe
|
|
2008-01-30
|
|
ibProArcade 3.3.0 - SQL Injection
|
4 |
WEB
|
RST/GHC
|
|
2008-01-30
|
|
WordPress Plugin WassUp 1.4.3 - 'to_date' SQL Injection
|
4 |
WEB
|
enter_the_dragon
|
|
2008-01-30
|
|
Mambo Component EstateAgent 0.1 - SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-01-30
|
|
Mambo Component jokes 1.0 - 'cat' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-01-30
|
|
Mambo Component Recipes 1.00 - 'id' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-01-30
|
|
WordPress Plugin Adserve 0.2 - 'adclick.php' SQL Injection
|
4 |
WEB
|
enter_the_dragon
|
|
2008-01-30
|
|
Connectix Boards 0.8.2 - 'template_path' Remote File Inclusion
|
4 |
WEB
|
Houssamix
|
|
2008-01-30
|
|
Mambo Component musepoes - 'aid' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-01-30
|
|
Mambo Component 'com_glossary' 2.0 - 'catid' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-01-29
|
|
Mambo Component 'com_mamml' - 'listid' SQL Injection
|
3 |
WEB
|
S@BUN
|
|
2008-01-29
|
|
Mambo Component 'com_fq' - 'listid' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-01-29
|
|
Mambo Component 'com_newsletter' 4.5 - 'listid' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-01-29
|
|
phpCMS 1.2.2 - 'file' Remote File Disclosure
|
4 |
WEB
|
DSecRG
|
|
2008-01-29
|
|
Smart Publisher 1.0.1 - 'filedata' Remote Code Execution
|
4 |
WEB
|
GoLd_M
|
|
2008-01-29
|
|
Bigware Shop 2.0 - 'pollid' SQL Injection
|
3 |
WEB
|
D4m14n
|
|
2008-01-28
|
|
bubbling library 1.32 - 'uri' Remote File Disclosure
|
3 |
WEB
|
Stack
|
|
2008-01-28
|
|
phpMyClub 0.0.1 - 'page_courante' Local File Inclusion
|
4 |
WEB
|
S.W.A.T.
|
|
2008-01-27
|
|
WordPress Plugin fGallery 2.4.1 - 'fimrss.php' SQL Injection
|
4 |
WEB
|
Houssamix
|
|
2008-01-27
|
|
WordPress Plugin WP-Cal 0.3 - 'editevent.php' SQL Injection
|
4 |
WEB
|
Houssamix
|
|
2008-01-26
|
|
Bubbling Library 1.32 - Multiple Local File Inclusions
|
4 |
WEB
|
Stack
|
|
2008-01-26
|
|
phpIP 4.3.2 - Multiple SQL Injections
|
4 |
WEB
|
Charles Hooper
|
|
2008-01-26
|
|
Simple Forum 3.2 - File Disclosure / Cross-Site Scripting
|
3 |
WEB
|
tomplixsee
|
|
2008-01-25
|
|
CandyPress eCommerce suite 4.1.1.26 - Multiple Vulnerabilities
|
4 |
WEB
|
BugReport.IR
|
|
2008-01-25
|
|
flinx 1.3 - 'id' SQL Injection
|
4 |
WEB
|
Houssamix
|
|
2008-01-25
|
|
Tiger PHP News System 1.0b build 39 - SQL Injection
|
4 |
WEB
|
0in
|
|
2008-01-24
|
|
Seagull 0.6.3 - 'files' Remote File Disclosure
|
4 |
WEB
|
fuzion
|
|
2008-01-23
|
|
Aconon Mail 2004 - Directory Traversal
|
4 |
WEB
|
Arno Toll
|
|
2008-01-23
|
|
Liquid-Silver CMS 0.1 - 'update' Local File Inclusion
|
4 |
WEB
|
Stack
|
|
2008-01-23
|
|
SLAED CMS 2.5 Lite - 'newlang' Local File Inclusion
|
3 |
WEB
|
The_HuliGun
|
|
2008-01-23
|
|
Siteman 1.1.9 - 'cat' Remote File Disclosure
|
4 |
WEB
|
Khashayar Fereidani
|
|
2008-01-23
|
|
Web Wiz NewsPad 1.02 - 'sub' Directory Traversal
|
4 |
WEB
|
BugReport.IR
|
|
2008-01-23
|
|
Web Wiz Rich Text Editor 4.0 - Multiple Vulnerabilities
|
4 |
WEB
|
BugReport.IR
|
|
2008-01-23
|
|
Web Wiz Forums 9.07 - 'sub' Directory Traversal
|
4 |
WEB
|
BugReport.IR
|
|
2008-01-23
|
|
LulieBlog 1.02 - SQL Injection
|
4 |
WEB
|
Khashayar Fereidani
|
|
2008-01-23
|
|
Foojan Wms 1.0 - 'story' SQL Injection
|
4 |
WEB
|
Khashayar Fereidani
|
|
2008-01-22
|
|
Invision Gallery 2.0.7 - SQL Injection
|
5 |
WEB
|
RST/GHC
|
|
2008-01-22
|
|
PHP-Nuke 8.0 Final - 'sid' SQL Injection
|
4 |
WEB
|
RST/GHC
|
|
2008-01-22
|
|
PHP-Nuke < 8.0 - 'sid' SQL Injection
|
4 |
WEB
|
RST/GHC
|
|
2008-01-22
|
|
YaBB SE 1.5.5 - Remote Command Execution
|
4 |
WEB
|
RST/GHC
|
|
2008-01-22
|
|
SetCMS 3.6.5 - Remote Command Execution
|
4 |
WEB
|
RST/GHC
|
|
2008-01-22
|
|
Coppermine Photo Gallery 1.4.10 - SQL Injection
|
4 |
WEB
|
RST/GHC
|
|
2008-01-22
|
|
Easysitenetwork Recipe - 'categoryId' SQL Injection
|
4 |
WEB
|
S@BUN
|
|
2008-01-22
|
|
aflog 1.01 - Cross-Site Scripting / SQL Injection
|
4 |
WEB
|
shinmai
|
|
2008-01-21
|
|
MoinMoin 1.5.x - 'MOIND_ID' Cookie Login Bypass
|
4 |
WEB
|
nonroot
|
|
2008-01-21
|
|
Alstrasoft Forum Pay Per Post Exchange 2.0 - SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2008-01-21
|
|
Lama Software 14.12.2007 - Multiple Remote File Inclusions
|
4 |
WEB
|
QTRinux
|
|
2008-01-21
|
|
IDM-OS 1.0 - 'Filename' File Disclosure
|
4 |
WEB
|
MhZ91
|
|
2008-01-21
|
|
OZJournals 2.1.1 - 'id' File Disclosure
|
5 |
WEB
|
shinmai
|
|
2008-01-21
|
|
BoastMachine 3.1 - 'mail.php' id SQL Injection
|
4 |
WEB
|
Virangar Security
|
|
2008-01-21
|
|
Mooseguy Blog System 1.0 - 'month' SQL Injection
|
4 |
WEB
|
The_HuliGun
|
|
2008-01-21
|
|
Coppermine Photo Gallery 1.4.10 - 'cpg1410_xek.php' SQL Injection
|
3 |
WEB
|
bazik
|
|
2008-01-20
|
|
bloofox 0.3 - SQL Injection / File Disclosure
|
4 |
WEB
|
BugReport.IR
|
|
2008-01-20
|
|
360 Web Manager 3.0 - 'IDFM' SQL Injection
|
4 |
WEB
|
Ded MustD!e
|
|
2008-01-20
|
|
Frimousse 0.0.2 - 'explorerdir.php' Local Directory Traversal
|
4 |
WEB
|
Houssamix
|
|
2008-01-20
|
|
TikiWiki Project < 1.9.9 - 'tiki-listmovies.php' Directory Traversal
|
4 |
WEB
|
Sha0
|
|
2008-01-20
|
|
Mini File Host 1.2.1 - 'language' Local File Inclusion
|
4 |
WEB
|
shinmai
|
|
2008-01-19
|
|
WordPress Plugin WP-Forum 1.7.4 - SQL Injection
|
4 |
WEB
|
websec Team
|
|
2008-01-18
|
|
Small Axe 0.3.1 - 'cfile' Remote File Inclusion
|
4 |
WEB
|
RoMaNcYxHaCkEr
|
|
2008-01-18
|
|
Gradman 0.1.3 - 'info.php' Local File Inclusion
|
4 |
WEB
|
Syndr0me
|
|
2008-01-18
|
|
AuraCMS 1.62 - 'stat.php' Remote Code Execution
|
4 |
WEB
|
k1tk4t
|
|
2008-01-17
|
|
Mini File Host 1.2 - 'language' Local File Inclusion
|
3 |
WEB
|
Scary-Boys
|
|
2008-01-17
|
|
PHPEcho CMS 2.0 - 'id' SQL Injection
|
3 |
WEB
|
Stack
|
|
2008-01-16
|
|
MyBulletinBoard (MyBB) 1.2.10 - Multiple Vulnerabilities
|
4 |
WEB
|
waraxe
|
|
2008-01-16
|
|
MyBulletinBoard (MyBB) 1.2.10 - Remote Code Execution
|
3 |
WEB
|
Silentz
|
|
2008-01-16
|
|
Gradman 0.1.3 - 'agregar_info.php' Local File Inclusion
|
4 |
WEB
|
JosS
|
|
2008-01-16
|
|
PHP-RESIDENCE 0.7.2 - 'Search' SQL Injection
|
3 |
WEB
|
Khashayar Fereidani
|
|
2008-01-16
|
|
PixelPost 1.7 - Blind SQL Injection
|
3 |
WEB
|
Silentz
|
|
2008-01-16
|
|
alitalk 1.9.1.1 - Multiple Vulnerabilities
|
4 |
WEB
|
tomplixsee
|
