|
2007-12-21
|
|
NmnNewsletter 1.0.7 - 'output' Remote File Inclusion
|
4 |
WEB
|
CraCkEr
|
|
2007-12-21
|
|
nicLOR CMS - 'sezione_news.php' SQL Injection
|
4 |
WEB
|
x0kster
|
|
2007-12-19
|
|
xeCMS 1.x - 'view.php' Remote File Disclosure
|
4 |
WEB
|
p4imi0
|
|
2007-12-18
|
|
PhpMyDesktop/Arcade 1.0 Final - 'phpdns_basedir' Remote File Inclusion
|
4 |
WEB
|
RoMaNcYxHaCkEr
|
|
2007-12-18
|
|
Dokeos 1.8.4 - Arbitrary File Upload
|
4 |
WEB
|
RoMaNcYxHaCkEr
|
|
2007-12-18
|
|
PHPMyRealty 1.0.x - 'search.php' SQL Injection
|
5 |
WEB
|
Koller
|
|
2007-12-18
|
|
FreeWebShop 2.2.7 - 'cookie' Admin Password Grabber
|
4 |
WEB
|
k1tk4t
|
|
2007-12-18
|
|
MySpace Content Zone 3.x - Arbitrary File Upload
|
4 |
WEB
|
Don
|
|
2007-12-18
|
|
FreeWebShop 2.2.1 - Blind SQL Injection
|
4 |
WEB
|
k1tk4t
|
|
2007-12-18
|
|
MOG-WebShop - 'index.php?group' SQL Injection
|
4 |
WEB
|
k1tk4t
|
|
2007-12-18
|
|
gf-3xplorer 2.4 - Cross-Site Scripting / Local File Inclusion
|
4 |
WEB
|
MhZ91
|
|
2007-12-14
|
|
PHP Real Estate - 'fullnews.php?id' SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2007-12-14
|
|
Form Tools 1.5.0b - Multiple Remote File Inclusions
|
4 |
WEB
|
RoMaNcYxHaCkEr
|
|
2007-12-14
|
|
Oreon 1.4 / Centreon 1.4.1 - Multiple Remote File Inclusion Vulnerabilities
|
4 |
WEB
|
Michael Brooks
|
|
2007-12-14
|
|
Anon Proxy Server 0.1000 - Remote Command Execution
|
4 |
WEB
|
Michael Brooks
|
|
2007-12-14
|
|
123tkShop 0.9.1 - Remote Authentication Bypass
|
4 |
WEB
|
Michael Brooks
|
|
2007-12-13
|
|
Adult Script 1.6 - Unauthorized Administrative Access
|
4 |
WEB
|
Liz0ziM
|
|
2007-12-13
|
|
hosting controller 6.1 hot fix 3.3 - Multiple Vulnerabilities
|
4 |
WEB
|
BugReport.IR
|
|
2007-12-13
|
|
xml2owl 0.1.1 - 'filedownload.php' Remote File Disclosure
|
4 |
WEB
|
GoLd_M
|
|
2007-12-13
|
|
Mms Gallery PHP 1.0 - 'id' Remote File Disclosure
|
4 |
WEB
|
GoLd_M
|
|
2007-12-13
|
|
CMS Galaxie Software - 'category_id' SQL Injection
|
4 |
WEB
|
MurderSkillz
|
|
2007-12-13
|
|
CityWriter 0.9.7 - 'head.php' Remote File Inclusion
|
4 |
WEB
|
RoMaNcYxHaCkEr
|
|
2007-12-12
|
|
Fastpublish CMS 1.9999 - config[fsBase] Remote File Inclusion
|
4 |
WEB
|
RoMaNcYxHaCkEr
|
|
2007-12-11
|
|
ViArt CMS/Shop/Helpdesk 3.3.2 - Remote File Inclusion
|
4 |
WEB
|
RoMaNcYxHaCkEr
|
|
2007-12-11
|
|
WordPress Core 2.3.1 - Charset SQL Injection
|
3 |
WEB
|
Abel Cheung
|
|
2007-12-11
|
|
Mcms Easy Web Make - 'index.php?template' Local File Inclusion
|
4 |
WEB
|
MhZ91
|
|
2007-12-11
|
|
SquirrelMail G/PGP Encryption Plugin - 'deletekey()' Command Injection
|
4 |
WEB
|
Backdoored
|
|
2007-12-10
|
|
MonAlbum 0.87 - Arbitrary File Upload / Password Grabber
|
4 |
WEB
|
v0l4arrra
|
|
2007-12-10
|
|
falcon CMS 1.4.3 - Remote File Inclusion / Cross-Site Scripting
|
4 |
WEB
|
MhZ91
|
|
2007-12-10
|
|
Falt4 CMS rc4 10.9.2007 - Multiple Vulnerabilities
|
4 |
WEB
|
H-Security Labs
|
|
2007-12-10
|
|
Lotfian.com DATABASE DRIVEN TRAVEL SITE - SQL Injection
|
4 |
WEB
|
Aria-Security Team
|
|
2007-12-09
|
|
SH-News 3.0 - 'comments.php' SQL Injection
|
4 |
WEB
|
hadihadi
|
|
2007-12-09
|
|
DWdirectory 2.1 - SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2007-12-09
|
|
Ace Image Hosting Script - 'id' SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2007-12-09
|
|
Content Injector 1.53 - 'index.php' SQL Injection
|
4 |
WEB
|
S.W.A.T.
|
|
2007-12-09
|
|
Flat PHP Board 1.2 - Multiple Vulnerabilities
|
4 |
WEB
|
KiNgOfThEwOrLd
|
|
2007-12-08
|
|
PolDoc CMS 0.96 - 'download_file.php' File Disclosure
|
3 |
WEB
|
GoLd_M
|
|
2007-12-06
|
|
MWOpen E-Commerce - 'leggi_commenti.asp' SQL Injection
|
4 |
WEB
|
KiNgOfThEwOrLd
|
|
2007-12-06
|
|
SerWeb 2.0.0 dev1 2007-02-20 - Multiple Local/Remote File Inclusion Vulnerabilities
|
4 |
WEB
|
GoLd_M
|
|
2007-12-05
|
|
WordPress Plugin PictPress 0.91 - Remote File Disclosure
|
4 |
WEB
|
GoLd_M
|
|
2007-12-05
|
|
EZContents 1.4.5 - 'index.php?link' Remote File Disclosure
|
5 |
WEB
|
p4imi0
|
|
2007-12-05
|
|
SineCMS 2.3.4 - Calendar SQL Injection
|
5 |
WEB
|
KiNgOfThEwOrLd
|
|
2007-12-05
|
|
Joomla! / Mambo Component rsgallery 2.0b5 - 'catid' SQL Injection
|
5 |
WEB
|
K-159
|
|
2007-12-03
|
|
Snitz Forums 2000 - 'Active.asp' SQL Injection
|
4 |
WEB
|
BugReport.IR
|
|
2007-12-03
|
|
phpBB Garage 1.2.0 Beta3 - SQL Injection
|
4 |
WEB
|
maku234
|
|
2007-12-01
|
|
Rayzz Script 2.0 - Local/Remote File Inclusion
|
4 |
WEB
|
Crackers_Child
|
|
2007-12-01
|
|
tellmatic 1.0.7 - Multiple Remote File Inclusions
|
4 |
WEB
|
ShAy6oOoN
|
|
2007-11-29
|
|
ftp Admin 0.1.0 - Local File Inclusion / Cross-Site Scripting / Authentication Bypass
|
5 |
WEB
|
Omni
|
|
2007-11-29
|
|
LearnLoop 2.0beta7 - 'sFilePath' Remote File Disclosure
|
5 |
WEB
|
GoLd_M
|
|
2007-11-29
|
|
KML share 1.1 - 'region.php?layer' Remote File Disclosure
|
5 |
WEB
|
GoLd_M
|
|
2007-11-29
|
|
Seditio CMS 121 - SQL Injection
|
5 |
WEB
|
InATeam
|
|
2007-11-29
|
|
WebED 0.0.9 - 'index.php' Remote File Disclosure
|
5 |
WEB
|
GoLd_M
|
|
2007-11-29
|
|
Web-MeetMe 3.0.3 - 'play.php' Remote File Disclosure
|
5 |
WEB
|
Evil.Man
|
|
2007-11-28
|
|
NoAh 0.9 pre 1.2 - 'filepath' Remote File Disclosure
|
5 |
WEB
|
GoLd_M
|
|
2007-11-28
|
|
TuMusika Evolution 1.7R5 - Remote File Disclosure
|
5 |
WEB
|
GoLd_M
|
|
2007-11-28
|
|
Charrays CMS 0.9.3 - Multiple Remote File Inclusions
|
5 |
WEB
|
MhZ91
|
|
2007-11-28
|
|
EHCP 0.22.8 - Multiple Remote File Inclusions
|
5 |
WEB
|
MhZ91
|
|
2007-11-28
|
|
PHP-CON 1.3 - 'include.php' Remote File Inclusion
|
5 |
WEB
|
GoLd_M
|
|
2007-11-27
|
|
project alumni 1.0.9 - 'index.php?act' Local File Inclusion
|
5 |
WEB
|
tomplixsee
|
|
2007-11-27
|
|
wpQuiz 2.7 - Multiple SQL Injections
|
5 |
WEB
|
Kacper
|
|
2007-11-27
|
|
PHP-Nuke NSN Script Depository 1.0.0 - Remote Source Disclosure
|
5 |
WEB
|
KiNgOfThEwOrLd
|
|
2007-11-27
|
|
Eurologon CMS - 'files.php' Arbitrary File Download
|
5 |
WEB
|
KiNgOfThEwOrLd
|
|
2007-11-27
|
|
Eurologon CMS - Multiple SQL Injections
|
5 |
WEB
|
KiNgOfThEwOrLd
|
|
2007-11-26
|
|
Tilde CMS 4.x - 'aarstal' SQL Injection
|
5 |
WEB
|
KiNgOfThEwOrLd
|
|
2007-11-26
|
|
DeluxeBB 1.09 - Remote Admin Email Change
|
5 |
WEB
|
nexen
|
|
2007-11-25
|
|
Softbiz Freelancers Script 1 - SQL Injection
|
5 |
WEB
|
Khashayar Fereidani
|
|
2007-11-25
|
|
IAPR COMMENCE 1.3 - Multiple Remote File Inclusions
|
5 |
WEB
|
ShAy6oOoN
|
|
2007-11-25
|
|
RunCMS 1.6 - 'disclaimer.php' Remote File Overwrite
|
5 |
WEB
|
BugReport.IR
|
|
2007-11-24
|
|
RunCMS 1.6 - Local File Inclusion
|
5 |
WEB
|
BugReport.IR
|
|
2007-11-24
|
|
project alumni 1.0.9 - Cross-Site Scripting / SQL Injection
|
5 |
WEB
|
tomplixsee
|
|
2007-11-24
|
|
PBLang 4.99.17.q - Remote File Rewriting / Command Execution
|
5 |
WEB
|
KiNgOfThEwOrLd
|
|
2007-11-24
|
|
WorkingOnWeb 2.0.1400 - 'events.php' SQL Injection
|
5 |
WEB
|
ka0x
|
|
2007-11-24
|
|
Amber Script 1.0 - 'show_content.php?id' Local File Inclusion
|
5 |
WEB
|
Crackers_Child
|
|
2007-11-23
|
|
Mp3 ToolBox 1.0 Beta 5 - 'skin_file' Remote File Inclusion
|
5 |
WEB
|
Crackers_Child
|
|
2007-11-23
|
|
Irola My-Time 3.5 - SQL Injection
|
5 |
WEB
|
Aria-Security Team
|
|
2007-11-22
|
|
KB-Bestellsystem - 'kb_whois.cgi' Command Execution
|
5 |
WEB
|
Zero X
|
|
2007-11-22
|
|
PHPKIT 1.6.4pl1 - 'article.php' SQL Injection
|
5 |
WEB
|
Shadowleet
|
|
2007-11-22
|
|
Content Injector 1.52 - 'index.php?cat' SQL Injection
|
5 |
WEB
|
S.W.A.T.
|
|
2007-11-22
|
|
NetAuctionHelp 4.1 - 'nsearch' SQL Injection
|
5 |
WEB
|
Aria-Security Team
|
|
2007-11-22
|
|
VigileCMS 1.8 - Stealth Remote Command Execution
|
5 |
WEB
|
The:Paradox
|
|
2007-11-22
|
|
DevMass Shopping Cart 1.0 - Remote File Inclusion
|
4 |
WEB
|
S.W.A.T.
|
|
2007-11-21
|
|
Alstrasoft e-Friends 4.98 - 'seid' Multiple SQL Injections
|
4 |
WEB
|
K-159
|
|
2007-11-21
|
|
TalkBack 2.2.7 - Multiple Remote File Inclusions
|
4 |
WEB
|
NoGe
|
|
2007-11-21
|
|
Ucms 1.8 - Backdoor Remote Command Execution
|
4 |
WEB
|
D4m14n
|
|
2007-11-20
|
|
skyportal vrc6 - Multiple Vulnerabilities
|
4 |
WEB
|
BugReport.IR
|
|
2007-11-20
|
|
bcoos 1.0.10 - Local File Inclusion / SQL Injection
|
4 |
WEB
|
BugReport.IR
|
|
2007-11-19
|
|
Joomla! Component juser 1.0.14 - Remote File Inclusion
|
4 |
WEB
|
NoGe
|
|
2007-11-18
|
|
Sciurus Hosting Panel - Remote Code Injection
|
4 |
WEB
|
Liz0ziM
|
|
2007-11-18
|
|
IceBB 1.0-rc6 - Remote Database Authentication Details
|
4 |
WEB
|
Gu1ll4um3r0m41n
|
|
2007-11-18
|
|
HotScripts Clone Script - SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2007-11-18
|
|
Vigile CMS 1.4 - Multiple Vulnerabilities
|
4 |
WEB
|
DevilAuron
|
|
2007-11-17
|
|
phpBBViet 02.03.2007 - 'phpbb_root_path' Remote File Inclusion
|
4 |
WEB
|
Mehmet Ince
|
|
2007-11-17
|
|
meBiblio 0.4.5 - 'action' Remote File Inclusion
|
5 |
WEB
|
ShAy6oOoN
|
|
2007-11-16
|
|
net-finity - 'links.php' SQL Injection
|
5 |
WEB
|
VerY-SecReT
|
|
2007-11-16
|
|
Myspace Clone Script - 'index.php' Remote File Inclusion
|
5 |
WEB
|
VerY-SecReT
|
|
2007-11-16
|
|
ProfileCMS 1.0 - 'id' SQL Injection
|
5 |
WEB
|
K-159
|
|
2007-11-16
|
|
Joomla! Component Carousel Flash Image Gallery - Remote File Inclusion
|
5 |
WEB
|
Crackers_Child
|
|
2007-11-14
|
|
Toko Instan 7.6 - Multiple SQL Injections
|
5 |
WEB
|
k1tk4t
|
|
2007-11-13
|
|
Myspace Clone Script - SQL Injection
|
5 |
WEB
|
t0pP8uZz
|
|
2007-11-12
|
|
patBBcode 1.0 - 'bbcodeSource.php' Remote File Inclusion
|
5 |
WEB
|
p4sswd
|
|
2007-11-11
|
|
Softbiz Link Directory Script - SQL Injection
|
5 |
WEB
|
Khashayar Fereidani
|
|
2007-11-11
|
|
Softbiz Banner Exchange Network Script 1.0 - SQL Injection
|
5 |
WEB
|
Khashayar Fereidani
|
|
2007-11-11
|
|
Softbiz Ad Management plus Script 1 - SQL Injection
|
5 |
WEB
|
Khashayar Fereidani
|
|
2007-11-11
|
|
Softbiz Auctions Script - 'product_desc.php' SQL Injection
|
5 |
WEB
|
Khashayar Fereidani
|
|
2007-11-09
|
|
jPORTAL 2.3.1 - 'articles.php' SQL Injection
|
5 |
WEB
|
Alexsize
|
|
2007-11-06
|
|
jPORTAL 2 - 'mailer.php' SQL Injection
|
5 |
WEB
|
Kacper
|
|
2007-11-05
|
|
ASP Message Board 2.2.1c - SQL Injection
|
5 |
WEB
|
Q7x
|
|
2007-11-05
|
|
JBC Explorer 7.20 RC 1 - Remote Code Execution
|
5 |
WEB
|
DarkFig
|
|
2007-11-04
|
|
SyndeoCMS 2.5.01 - 'cmsdir' Remote File Inclusion
|
4 |
WEB
|
mdx
|
|
2007-11-04
|
|
nuBoard 0.5 - 'site' Remote File Inclusion
|
5 |
WEB
|
GoLd_M
|
|
2007-11-04
|
|
Vortex Portal 1.0.42 - Remote File Inclusion
|
5 |
WEB
|
ShAy6oOoN
|
|
2007-11-03
|
|
scWiki 1.0 Beta 2 - 'common.php?pathdot' Remote File Inclusion
|
5 |
WEB
|
GoLd_M
|
|
2007-11-03
|
|
Quick and Dirty Blog (qdblog) 0.4 - 'categories.php' Local File Inclusion
|
5 |
WEB
|
GoLd_M
|
|
2007-11-03
|
|
GuppY 4.6.3 - 'index.php?selskin' Remote File Inclusion
|
6 |
WEB
|
irk4z
|
|
2007-11-02
|
|
Ax Developer CMS 0.1.1 - 'index.php?module' Local File Inclusion
|
5 |
WEB
|
GoLd_M
|
|
2007-11-02
|
|
DM Guestbook 0.4.1 - Multiple Local File Inclusions
|
5 |
WEB
|
GoLd_M
|
|
2007-11-02
|
|
Scribe 0.2 - PHP Remote Code Execution
|
4 |
WEB
|
KiNgOfThEwOrLd
|
|
2007-11-02
|
|
Synergiser 1.2 RC1 - Local File Inclusion / Full Path Disclosure
|
4 |
WEB
|
KiNgOfThEwOrLd
|
|
2007-11-01
|
|
WordPress Plugin BackUpWordPress 0.4.2b - Remote File Inclusion
|
4 |
WEB
|
S.W.A.T.
|
|
2007-10-31
|
|
ISPworker 1.21 - 'download.php' Remote File Disclosure
|
4 |
WEB
|
GoLd_M
|
|
2007-10-31
|
|
ModuleBuilder 1.0 - 'file' Remote File Disclosure
|
4 |
WEB
|
GoLd_M
|
|
2007-10-30
|
|
PHP-AGTC Membership System 1.1a - Remote Add Admin
|
4 |
WEB
|
0x90
|
|
2007-10-30
|
|
phpFaber URLInn 2.0.5 - 'dir_ws' Remote File Inclusion
|
4 |
WEB
|
BiNgZa
|
|
2007-10-30
|
|
MiniBB 2.1 - 'table' SQL Injection
|
4 |
WEB
|
irk4z
|
|
2007-10-29
|
|
ProfileCMS 1.0 - Arbitrary File Upload
|
4 |
WEB
|
r00t@zapak.com
|
