|
2008-01-06
|
|
PortalApp 4.0 - SQL Injection / Cross-Site Scripting / Authentication Bypass
|
1 |
WEB
|
r3dm0v3
|
|
2008-01-06
|
|
XOOPS mod_gallery Zend_Hash_key + Extract - Remote File Inclusion
|
0 |
WEB
|
Eugene Minaev
|
|
2008-01-06
|
|
Uebimiau Web-Mail 2.7.10/2.7.2 - Remote File Disclosure
|
1 |
WEB
|
Eugene Minaev
|
|
2008-01-06
|
|
RunCMS Newbb_plus 0.92 - Client IP SQL Injection
|
1 |
WEB
|
Eugene Minaev
|
|
2008-01-06
|
|
WordPress Plugin Wp-FileManager 1.2 - Arbitrary File Upload
|
1 |
WEB
|
Houssamix
|
|
2008-01-05
|
|
MODx CMS 0.9.6.1 - Multiple Vulnerabilities
|
1 |
WEB
|
BugReport.IR
|
|
2008-01-05
|
|
NetRisk 1.9.7 - Remote Password Change
|
1 |
WEB
|
Cod3rZ
|
|
2008-01-05
|
|
Invision Power Board (IP.Board) 2.1.7 - 'ACTIVE' Cross-Site Scripting / SQL Injection
|
1 |
WEB
|
Eugene Minaev
|
|
2008-01-05
|
|
Tribisur 2.0 - SQL Injection
|
1 |
WEB
|
x0kster
|
|
2008-01-05
|
|
snetworks PHP Classifieds 5.0 - Remote File Inclusion
|
0 |
WEB
|
Crackers_Child
|
|
2008-01-05
|
|
ClipShare 2.6 - Remote User Password Change
|
0 |
WEB
|
Pr0metheuS
|
|
2008-01-05
|
|
samPHPweb 4.2.2 - 'songinfo.php' SQL Injection
|
0 |
WEB
|
BackDoor
|
|
2008-01-04
|
|
WebPortal CMS 0.6-beta - Remote Password Change
|
0 |
WEB
|
The:Paradox
|
|
2008-01-04
|
|
samPHPweb 4.2.2 - 'db.php' Remote File Inclusion
|
0 |
WEB
|
Crackers_Child
|
|
2008-01-04
|
|
NetRisk 1.9.7 - Local/Remote File Inclusion
|
0 |
WEB
|
S.W.A.T.
|
|
2008-01-03
|
|
Site@School 2.4.10 - Blind SQL Injection
|
0 |
WEB
|
EgiX
|
|
2008-01-03
|
|
MyPHP Forum 3.0 - 'Final' SQL Injection
|
0 |
WEB
|
The:Paradox
|
|
2008-01-02
|
|
ClipShare - 'UID' SQL Injection
|
0 |
WEB
|
Krit
|
|
2008-01-01
|
|
AGENCY4NET WEBFTP 1 - 'download2.php' File Disclosure
|
0 |
WEB
|
GoLd_M
|
|
2007-12-31
|
|
Joomla! Component PU Arcade 2.1.3 - SQL Injection
|
0 |
WEB
|
Houssamix
|
|
2007-12-31
|
|
WebPortal CMS 0.6.0 - 'index.php' SQL Injection
|
0 |
WEB
|
x0kster
|
|
2007-12-31
|
|
oneSCHOOL - 'admin/login.asp' SQL Injection
|
0 |
WEB
|
Guga360
|
|
2007-12-31
|
|
ZenPhoto 1.1.3 - 'rss.php?albumnr' SQL Injection
|
0 |
WEB
|
Silentz
|
|
2007-12-31
|
|
MyPHP Forum 3.0 (Final) - Multiple SQL Injections
|
0 |
WEB
|
x0kster
|
|
2007-12-31
|
|
IPTBB 0.5.4 - 'id' SQL Injection
|
0 |
WEB
|
MhZ91
|
|
2007-12-30
|
|
w-Agora 4.2.1 - 'cat' SQL Injection
|
0 |
WEB
|
IHTeam
|
|
2007-12-30
|
|
SanyBee Gallery 0.1.1 - 'p' Local File Inclusion
|
0 |
WEB
|
jackal
|
|
2007-12-30
|
|
matpo bilder galerie 1.1 - Remote File Inclusion
|
0 |
WEB
|
Crackers_Child
|
|
2007-12-30
|
|
Bitweaver R2 CMS - Arbitrary File Upload / Disclosure
|
0 |
WEB
|
BugReport.IR
|
|
2007-12-30
|
|
XCMS 1.83 - Remote Command Execution
|
0 |
WEB
|
x0kster
|
|
2007-12-30
|
|
Mihalism Multi Host 2.0.7 - 'download.php' Remote File Disclosure
|
0 |
WEB
|
GoLd_M
|
|
2007-12-30
|
|
kontakt formular 1.4 - Remote File Inclusion
|
0 |
WEB
|
bd0rk
|
|
2007-12-30
|
|
CMS Made Simple 1.2.2 Module TinyMCE - SQL Injection
|
0 |
WEB
|
EgiX
|
|
2007-12-29
|
|
CCMS 3.1 Demo - SQL Injection
|
0 |
WEB
|
Pr0metheuS
|
|
2007-12-29
|
|
Mihalism Multi Forum Host 3.0.x - Remote File Inclusion
|
0 |
WEB
|
GoLd_M
|
|
2007-12-29
|
|
jPORTAL 2.3.1 & UserPatch - 'forum.php' Remote Code Execution
|
0 |
WEB
|
irk4z
|
|
2007-12-28
|
|
NoseRub 0.5.2 - Login SQL Injection
|
0 |
WEB
|
Felix Groebert
|
|
2007-12-28
|
|
Hot or Not Clone by Jnshosts.com - Database Backup Dump
|
0 |
WEB
|
RoMaNcYxHaCkEr
|
|
2007-12-28
|
|
XCMS 1.82 - Local/Remote File Inclusion
|
0 |
WEB
|
nexen
|
|
2007-12-28
|
|
xml2owl 0.1.1 - 'showcode.php' Remote Command Execution
|
0 |
WEB
|
MhZ91
|
|
2007-12-27
|
|
Joovili 3.0.6 - 'joovili.images.php' Remote File Disclosure
|
0 |
WEB
|
EcHoLL
|
|
2007-12-27
|
|
ZeusCMS 0.3 - Blind SQL Injection
|
0 |
WEB
|
EgiX
|
|
2007-12-26
|
|
PNPHPBB2 < 1.2i - 'PHPEx' Local File Inclusion
|
0 |
WEB
|
irk4z
|
|
2007-12-26
|
|
XZero Community Classifieds 4.95.11 - Remote File Inclusion
|
0 |
WEB
|
Kw3[R]Ln
|
|
2007-12-26
|
|
XZero Community Classifieds 4.95.11 - Local File Inclusion / SQL Injection
|
0 |
WEB
|
Kw3[R]Ln
|
|
2007-12-26
|
|
Blakord Portal Beta 1.3.A (All Modules) - SQL Injection
|
0 |
WEB
|
JosS
|
|
2007-12-26
|
|
RunCMS 1.6 - Blind SQL Injection (IDS Evasion)
|
0 |
WEB
|
sh2kerr
|
|
2007-12-25
|
|
eSyndiCat Link Exchange Script 2005-2006 - SQL Injection
|
0 |
WEB
|
EgiX
|
|
2007-12-25
|
|
RunCMS 1.6 - Multiple Vulnerabilities
|
0 |
WEB
|
DSecRG
|
|
2007-12-25
|
|
PMOS Help Desk 2.4 - Remote Command Execution
|
0 |
WEB
|
EgiX
|
|
2007-12-25
|
|
MailMachine Pro 2.2.4 - SQL Injection
|
0 |
WEB
|
MhZ91
|
|
2007-12-25
|
|
RunCMS 1.6 - Get Admin Cookie Blind SQL Injection
|
0 |
WEB
|
sh2kerr
|
|
2007-12-25
|
|
AuraCMS 2.2 - Remote Add Administrator
|
0 |
WEB
|
k1tk4t
|
|
2007-12-25
|
|
TeamCalPro 3.1.000 - Multiple Local/Remote File Inclusions
|
0 |
WEB
|
GoLd_M
|
|
2007-12-24
|
|
Joomla! Component mosDirectory 2.3.2 - Remote File Inclusion
|
0 |
WEB
|
ShockShadow
|
|
2007-12-24
|
|
Agares phpAutoVideo 2.21 - Local/Remote File Inclusion
|
1 |
WEB
|
MhZ91
|
|
2007-12-24
|
|
Jupiter 1.1.5ex - Privilege Escalation
|
1 |
WEB
|
BugReport.IR
|
|
2007-12-24
|
|
ThemeSiteScript 1.0 - 'index.php?loadadminpage' Remote File Inclusion
|
1 |
WEB
|
Koller
|
|
2007-12-24
|
|
CuteNews 1.4.5 - Admin Password md5 Hash Fetching
|
0 |
WEB
|
waraxe
|
|
2007-12-24
|
|
MeGaCheatZ 1.1 - Multiple SQL Injections
|
1 |
WEB
|
MhZ91
|
|
2007-12-24
|
|
WebSihirbazi 5.1.1 - 'pageid' SQL Injection
|
1 |
WEB
|
bypass
|
|
2007-12-23
|
|
MMSLamp - 'idpro' SQL Injection
|
1 |
WEB
|
x0kster
|
|
2007-12-23
|
|
Adult Script 1.6.5 - Multiple SQL Injections
|
1 |
WEB
|
MhZ91
|
|
2007-12-23
|
|
PHP ZLink 0.3 - 'go.php' SQL Injection
|
1 |
WEB
|
DNX
|
|
2007-12-22
|
|
zBlog 1.2 - SQL Injection
|
1 |
WEB
|
Houssamix
|
|
2007-12-22
|
|
IP Reg 0.3 - Multiple SQL Injections
|
1 |
WEB
|
MhZ91
|
|
2007-12-22
|
|
Wallpaper Site 1.0.09 - 'category.php' SQL Injection
|
1 |
WEB
|
Koller
|
|
2007-12-21
|
|
Shadowed Portal 5.7d3 - 'POST' Remote File Inclusion
|
1 |
WEB
|
The:Paradox
|
|
2007-12-21
|
|
Shadowed Portal 5.7d3 - Remote Command Execution
|
1 |
WEB
|
The:Paradox
|
|
2007-12-21
|
|
Social Engine 2.0 - Multiple Local File Inclusions
|
1 |
WEB
|
MhZ91
|
|
2007-12-21
|
|
mBlog 1.2 - 'page' Remote File Disclosure
|
1 |
WEB
|
irk4z
|
|
2007-12-21
|
|
1024 CMS 1.3.1 - Local File Inclusion / SQL Injection
|
1 |
WEB
|
irk4z
|
|
2007-12-21
|
|
Arcadem LE 2.04 - 'loadadminpage' Remote File Inclusion
|
1 |
WEB
|
KnocKout
|
|
2007-12-21
|
|
NmnNewsletter 1.0.7 - 'output' Remote File Inclusion
|
1 |
WEB
|
CraCkEr
|
|
2007-12-21
|
|
nicLOR CMS - 'sezione_news.php' SQL Injection
|
1 |
WEB
|
x0kster
|
|
2007-12-19
|
|
xeCMS 1.x - 'view.php' Remote File Disclosure
|
1 |
WEB
|
p4imi0
|
|
2007-12-18
|
|
PhpMyDesktop/Arcade 1.0 Final - 'phpdns_basedir' Remote File Inclusion
|
1 |
WEB
|
RoMaNcYxHaCkEr
|
|
2007-12-18
|
|
Dokeos 1.8.4 - Arbitrary File Upload
|
1 |
WEB
|
RoMaNcYxHaCkEr
|
|
2007-12-18
|
|
PHPMyRealty 1.0.x - 'search.php' SQL Injection
|
1 |
WEB
|
Koller
|
|
2007-12-18
|
|
FreeWebShop 2.2.7 - 'cookie' Admin Password Grabber
|
1 |
WEB
|
k1tk4t
|
|
2007-12-18
|
|
MySpace Content Zone 3.x - Arbitrary File Upload
|
1 |
WEB
|
Don
|
|
2007-12-18
|
|
FreeWebShop 2.2.1 - Blind SQL Injection
|
1 |
WEB
|
k1tk4t
|
|
2007-12-18
|
|
MOG-WebShop - 'index.php?group' SQL Injection
|
1 |
WEB
|
k1tk4t
|
|
2007-12-18
|
|
gf-3xplorer 2.4 - Cross-Site Scripting / Local File Inclusion
|
1 |
WEB
|
MhZ91
|
|
2007-12-14
|
|
PHP Real Estate - 'fullnews.php?id' SQL Injection
|
1 |
WEB
|
t0pP8uZz
|
|
2007-12-14
|
|
Form Tools 1.5.0b - Multiple Remote File Inclusions
|
1 |
WEB
|
RoMaNcYxHaCkEr
|
|
2007-12-14
|
|
Oreon 1.4 / Centreon 1.4.1 - Multiple Remote File Inclusion Vulnerabilities
|
1 |
WEB
|
Michael Brooks
|
|
2007-12-14
|
|
Anon Proxy Server 0.1000 - Remote Command Execution
|
1 |
WEB
|
Michael Brooks
|
|
2007-12-14
|
|
123tkShop 0.9.1 - Remote Authentication Bypass
|
1 |
WEB
|
Michael Brooks
|
|
2007-12-13
|
|
Adult Script 1.6 - Unauthorized Administrative Access
|
0 |
WEB
|
Liz0ziM
|
|
2007-12-13
|
|
hosting controller 6.1 hot fix 3.3 - Multiple Vulnerabilities
|
0 |
WEB
|
BugReport.IR
|
|
2007-12-13
|
|
xml2owl 0.1.1 - 'filedownload.php' Remote File Disclosure
|
0 |
WEB
|
GoLd_M
|
|
2007-12-13
|
|
Mms Gallery PHP 1.0 - 'id' Remote File Disclosure
|
0 |
WEB
|
GoLd_M
|
|
2007-12-13
|
|
CMS Galaxie Software - 'category_id' SQL Injection
|
0 |
WEB
|
MurderSkillz
|
|
2007-12-13
|
|
CityWriter 0.9.7 - 'head.php' Remote File Inclusion
|
0 |
WEB
|
RoMaNcYxHaCkEr
|
|
2007-12-12
|
|
Fastpublish CMS 1.9999 - config[fsBase] Remote File Inclusion
|
0 |
WEB
|
RoMaNcYxHaCkEr
|
|
2007-12-11
|
|
ViArt CMS/Shop/Helpdesk 3.3.2 - Remote File Inclusion
|
0 |
WEB
|
RoMaNcYxHaCkEr
|
|
2007-12-11
|
|
WordPress Core 2.3.1 - Charset SQL Injection
|
0 |
WEB
|
Abel Cheung
|
|
2007-12-11
|
|
Mcms Easy Web Make - 'index.php?template' Local File Inclusion
|
0 |
WEB
|
MhZ91
|
|
2007-12-11
|
|
SquirrelMail G/PGP Encryption Plugin - 'deletekey()' Command Injection
|
0 |
WEB
|
Backdoored
|
|
2007-12-10
|
|
MonAlbum 0.87 - Arbitrary File Upload / Password Grabber
|
0 |
WEB
|
v0l4arrra
|
|
2007-12-10
|
|
falcon CMS 1.4.3 - Remote File Inclusion / Cross-Site Scripting
|
0 |
WEB
|
MhZ91
|
|
2007-12-10
|
|
Falt4 CMS rc4 10.9.2007 - Multiple Vulnerabilities
|
0 |
WEB
|
H-Security Labs
|
|
2007-12-10
|
|
Lotfian.com DATABASE DRIVEN TRAVEL SITE - SQL Injection
|
0 |
WEB
|
Aria-Security Team
|
|
2007-12-09
|
|
SH-News 3.0 - 'comments.php' SQL Injection
|
0 |
WEB
|
hadihadi
|
|
2007-12-09
|
|
DWdirectory 2.1 - SQL Injection
|
0 |
WEB
|
t0pP8uZz
|
|
2007-12-09
|
|
Ace Image Hosting Script - 'id' SQL Injection
|
0 |
WEB
|
t0pP8uZz
|
|
2007-12-09
|
|
Content Injector 1.53 - 'index.php' SQL Injection
|
0 |
WEB
|
S.W.A.T.
|
|
2007-12-09
|
|
Flat PHP Board 1.2 - Multiple Vulnerabilities
|
0 |
WEB
|
KiNgOfThEwOrLd
|
|
2007-12-08
|
|
PolDoc CMS 0.96 - 'download_file.php' File Disclosure
|
1 |
WEB
|
GoLd_M
|
|
2007-12-06
|
|
MWOpen E-Commerce - 'leggi_commenti.asp' SQL Injection
|
1 |
WEB
|
KiNgOfThEwOrLd
|
|
2007-12-06
|
|
SerWeb 2.0.0 dev1 2007-02-20 - Multiple Local/Remote File Inclusion Vulnerabilities
|
0 |
WEB
|
GoLd_M
|
|
2007-12-05
|
|
WordPress Plugin PictPress 0.91 - Remote File Disclosure
|
0 |
WEB
|
GoLd_M
|
|
2007-12-05
|
|
EZContents 1.4.5 - 'index.php?link' Remote File Disclosure
|
0 |
WEB
|
p4imi0
|
|
2007-12-05
|
|
SineCMS 2.3.4 - Calendar SQL Injection
|
0 |
WEB
|
KiNgOfThEwOrLd
|
|
2007-12-05
|
|
Joomla! / Mambo Component rsgallery 2.0b5 - 'catid' SQL Injection
|
0 |
WEB
|
K-159
|
|
2007-12-03
|
|
Snitz Forums 2000 - 'Active.asp' SQL Injection
|
0 |
WEB
|
BugReport.IR
|
|
2007-12-03
|
|
phpBB Garage 1.2.0 Beta3 - SQL Injection
|
0 |
WEB
|
maku234
|
|
2007-12-01
|
|
Rayzz Script 2.0 - Local/Remote File Inclusion
|
0 |
WEB
|
Crackers_Child
|
|
2007-12-01
|
|
tellmatic 1.0.7 - Multiple Remote File Inclusions
|
0 |
WEB
|
ShAy6oOoN
|
|
2007-11-29
|
|
ftp Admin 0.1.0 - Local File Inclusion / Cross-Site Scripting / Authentication Bypass
|
0 |
WEB
|
Omni
|
|
2007-11-29
|
|
LearnLoop 2.0beta7 - 'sFilePath' Remote File Disclosure
|
0 |
WEB
|
GoLd_M
|
|
2007-11-29
|
|
KML share 1.1 - 'region.php?layer' Remote File Disclosure
|
0 |
WEB
|
GoLd_M
|
|
2007-11-29
|
|
Seditio CMS 121 - SQL Injection
|
0 |
WEB
|
InATeam
|
|
2007-11-29
|
|
WebED 0.0.9 - 'index.php' Remote File Disclosure
|
0 |
WEB
|
GoLd_M
|
