|
2007-07-03
|
|
PNPHPBB2 < 1.2i - 'viewforum.php' SQL Injection
|
4 |
WEB
|
Coloss
|
|
2007-07-03
|
|
MyCMS 0.9.8 - Remote Command Execution (1)
|
5 |
WEB
|
BlackHawk
|
|
2007-07-03
|
|
MyCMS 0.9.8 - Remote Command Execution (2)
|
5 |
WEB
|
BlackHawk
|
|
2007-07-03
|
|
Girlserv ads 1.5 - 'details_news.php' SQL Injection
|
5 |
WEB
|
Cold Zero
|
|
2007-07-03
|
|
SuperCali PHP Event Calendar 0.4.0 - SQL Injection
|
4 |
WEB
|
t0pP8uZz
|
|
2007-07-02
|
|
vbzoom 1.x - 'forum.php?MainID' SQL Injection
|
5 |
WEB
|
Cold Zero
|
|
2007-07-02
|
|
PHPDirector 0.21 - 'videos.php?id' SQL Injection
|
5 |
WEB
|
Kw3[R]Ln
|
|
2007-07-02
|
|
AV Arcade 2.1b - 'index.php?id' SQL Injection
|
5 |
WEB
|
Kw3[R]Ln
|
|
2007-07-02
|
|
YouTube Clone Script - 'msg.php?id' SQL Injection
|
5 |
WEB
|
t0pP8uZz
|
|
2007-07-01
|
|
phpEventCalendar 0.2.3 - 'eventdisplay.php' SQL Injection
|
5 |
WEB
|
Iron
|
|
2007-07-01
|
|
Easybe 1-2-3 Music Store - 'process.php' SQL Injection
|
5 |
WEB
|
t0pP8uZz
|
|
2007-07-01
|
|
ArcadeBuilder Game Portal Manager 1.7 - SQL Injection
|
5 |
WEB
|
t0pP8uZz
|
|
2007-06-30
|
|
sPHPell 1.01 - Multiple Remote File Inclusions
|
5 |
WEB
|
Mehmet Ince
|
|
2007-06-30
|
|
XCMS 1.1 - 'Galerie.php' Local File Inclusion
|
5 |
WEB
|
BlackNDoor
|
|
2007-06-30
|
|
TotalCalendar 2.402 - 'view_event.php' SQL Injection
|
5 |
WEB
|
t0pP8uZz
|
|
2007-06-30
|
|
Ripe Website Manager (CMS) 0.8.9 - Remote File Inclusion
|
5 |
WEB
|
BlackNDoor
|
|
2007-06-30
|
|
Buddy Zone 1.5 - Multiple SQL Injections
|
5 |
WEB
|
t0pP8uZz
|
|
2007-06-29
|
|
Buddy Zone 1.5 - 'view_sub_cat.php?cat_id' SQL Injection
|
5 |
WEB
|
t0pP8uZz
|
|
2007-06-28
|
|
WebChat 0.78 - 'login.php?rid' SQL Injection
|
5 |
WEB
|
r00t
|
|
2007-06-28
|
|
GL-SH Deaf Forum 6.4.4 - Local File Inclusion
|
5 |
WEB
|
Katatafish
|
|
2007-06-28
|
|
b1gbb 2.24.0 - SQL Injection / Cross-Site Scripting
|
5 |
WEB
|
GoLd_M
|
|
2007-06-27
|
|
QuickTicket 1.2 - 'qti_checkname.php' Local File Inclusion
|
5 |
WEB
|
Katatafish
|
|
2007-06-27
|
|
QuickTalk forum 1.3 - 'lang' Local File Inclusion
|
5 |
WEB
|
Katatafish
|
|
2007-06-26
|
|
Elkagroup Image Gallery 1.0 - SQL Injection
|
5 |
WEB
|
t0pP8uZz
|
|
2007-06-26
|
|
WordPress Core 2.2 - 'wp-app.php' Arbitrary File Upload
|
5 |
WEB
|
Alexander Concha
|
|
2007-06-26
|
|
EVA-Web 1.1 < 2.2 - 'index.php3' Remote File Inclusion
|
5 |
WEB
|
g00ns
|
|
2007-06-26
|
|
PHPSiteBackup 0.1 - 'pcltar.lib.php' Remote File Inclusion
|
5 |
WEB
|
GoLd_M
|
|
2007-06-25
|
|
eDocStore - 'doc.php?doc_id' SQL Injection
|
5 |
WEB
|
t0pP8uZz
|
|
2007-06-25
|
|
Pagetool 1.07 - 'news_id' SQL Injection
|
5 |
WEB
|
Katatafish
|
|
2007-06-25
|
|
DreamLog 0.5 - 'upload.php' Arbitrary File Upload
|
5 |
WEB
|
Dj7xpl
|
|
2007-06-25
|
|
SiteDepth CMS 3.44 - 'ShowImage.php?name' File Disclosure
|
5 |
WEB
|
H4 / XPK
|
|
2007-06-25
|
|
6ALBlog - 'newsid' SQL Injection
|
5 |
WEB
|
Crackers_Child
|
|
2007-06-25
|
|
bugmall shopping cart 2.5 - SQL Injection / Cross-Site Scripting
|
5 |
WEB
|
t0pP8uZz
|
|
2007-06-25
|
|
b1gbb 2.24.0 - 'footer.inc.php?tfooter' Remote File Inclusion
|
5 |
WEB
|
Rf7awy
|
|
2007-06-24
|
|
phpTrafficA 1.4.2 - 'pageid' SQL Injection
|
5 |
WEB
|
laurent gaffié
|
|
2007-06-24
|
|
e107 < 0.7.8 - 'photograph' Arbitrary File Upload
|
5 |
WEB
|
g00ns
|
|
2007-06-24
|
|
Simple Invoices 2007 05 25 - 'index.php?submit' SQL Injection
|
5 |
WEB
|
Kacper
|
|
2007-06-24
|
|
dagger Web engine 23jan2007 - Remote File Inclusion
|
5 |
WEB
|
Katatafish
|
|
2007-06-24
|
|
Pluxml 0.3.1 - Remote Code Execution
|
5 |
WEB
|
DarkFig
|
|
2007-06-24
|
|
Pharmacy System 2.0 - 'index.php?ID' SQL Injection
|
5 |
WEB
|
t0pP8uZz
|
|
2007-06-22
|
|
NetClassifieds - SQL Injection / Cross-Site Scripting / Full Path
|
5 |
WEB
|
laurent gaffié
|
|
2007-06-22
|
|
Sun Board 1.00.00 alpha - Remote File Inclusion
|
5 |
WEB
|
GoLd_M
|
|
2007-06-22
|
|
Powl 0.94 - 'htmledit.php' Remote File Inclusion
|
5 |
WEB
|
Kw3[R]Ln
|
|
2007-06-21
|
|
SerWeb 0.9.4 - 'load_lang.php' Remote File Inclusion
|
5 |
WEB
|
Kw3[R]Ln
|
|
2007-06-20
|
|
LAN Management System (LMS) 1.9.6 - Remote File Inclusion
|
5 |
WEB
|
Kw3[R]Ln
|
|
2007-06-20
|
|
Musoo 0.21 - Remote File Inclusion
|
5 |
WEB
|
GoLd_M
|
|
2007-06-20
|
|
XOOPS Module wiwimod 0.4 - Remote File Inclusion
|
5 |
WEB
|
GoLd_M
|
|
2007-06-20
|
|
W1L3D4 WEBmarket 0.1 - SQL Injection
|
6 |
WEB
|
Crackers_Child
|
|
2007-06-20
|
|
LiveCMS 3.4 - 'categoria.php?cid' SQL Injection
|
5 |
WEB
|
g00ns
|
|
2007-06-19
|
|
Jasmine CMS 1.0 - SQL Injection / Remote Code Execution
|
5 |
WEB
|
Silentz
|
|
2007-06-18
|
|
MiniBill 1.2.5 - 'run_billing.php' Remote File Inclusion
|
5 |
WEB
|
Abo0od
|
|
2007-06-18
|
|
Solar Empire 2.9.1.1 - Blind SQL Injection / Hash Retrieve
|
5 |
WEB
|
BlackHawk
|
|
2007-06-17
|
|
MiniBB 2.0.5 - 'Language' Local File Inclusion
|
5 |
WEB
|
Dj7xpl
|
|
2007-06-17
|
|
YourFreeScreamer 1.0 - 'serverPath' Remote File Inclusion
|
5 |
WEB
|
Crackers_Child
|
|
2007-06-16
|
|
PHPMyInventory 2.8 - 'global.inc.php' Remote File Inclusion
|
5 |
WEB
|
o0xxdark0o
|
|
2007-06-14
|
|
PHP::HTML 0.6.4 - 'PHPhtml.php' Remote File Inclusion
|
5 |
WEB
|
o0xxdark0o
|
|
2007-06-14
|
|
Sitellite CMS 4.2.12 - '559668.php' Remote File Inclusion
|
5 |
WEB
|
o0xxdark0o
|
|
2007-06-13
|
|
XOOPS Module cjay content 3 - Remote File Inclusion
|
5 |
WEB
|
g00ns
|
|
2007-06-13
|
|
XOOPS Module XT-Conteudo - 'spaw_root' Remote File Inclusion
|
4 |
WEB
|
g00ns
|
|
2007-06-13
|
|
XOOPS Module XFsection - 'modify.php' Remote File Inclusion
|
5 |
WEB
|
Sp[L]o1T
|
|
2007-06-12
|
|
XOOPS Module horoscope 2.0 - Remote File Inclusion
|
5 |
WEB
|
BeyazKurt
|
|
2007-06-12
|
|
xoops module tinycontent 1.5 - Remote File Inclusion
|
5 |
WEB
|
Sp[L]o1T
|
|
2007-06-12
|
|
Fuzzylime Forum 1.0 - 'low.php?topic' SQL Injection
|
5 |
WEB
|
Silentz
|
|
2007-06-11
|
|
Link Request Contact Form 3.4 - Remote Code Execution
|
5 |
WEB
|
CorryL
|
|
2007-06-09
|
|
GeometriX Download Portal - 'down_indir.asp?id' SQL Injection
|
4 |
WEB
|
CyberGhost
|
|
2007-06-09
|
|
PHP Real Estate Classifieds - Remote File Inclusion
|
5 |
WEB
|
not sec group
|
|
2007-06-08
|
|
e-Vision CMS 2.02 - SQL Injection / Remote Code Execution
|
5 |
WEB
|
Silentz
|
|
2007-06-07
|
|
NewsSync for phpBB 1.5.0rc6 - Remote File Inclusion
|
5 |
WEB
|
GoLd_M
|
|
2007-06-06
|
|
Kartli Alisveris Sistemi 1.0 - SQL Injection
|
5 |
WEB
|
kerem125
|
|
2007-06-06
|
|
WordPress Core 2.2 - 'xmlrpc.php' SQL Injection
|
5 |
WEB
|
Slappter
|
|
2007-06-06
|
|
Comicsense 0.2 - 'index.php?epi' SQL Injection (2)
|
5 |
WEB
|
Silentz
|
|
2007-06-06
|
|
PBLang 4.67.16.a - Remote Code Execution
|
5 |
WEB
|
Silentz
|
|
2007-06-05
|
|
Comicsense 0.2 - 'index.php?epi' SQL Injection (1)
|
5 |
WEB
|
s0cratex
|
|
2007-06-05
|
|
Kravchuk letter script 1.0 - 'scdir' Remote File Inclusion
|
5 |
WEB
|
Mehmet Ince
|
|
2007-06-04
|
|
Madirish Webmail 2.0 - 'addressbook.php' Remote File Inclusion
|
5 |
WEB
|
BoZKuRTSeRDaR
|
|
2007-06-04
|
|
EQdkp 1.3.2 - 'listmembers.php' SQL Injection
|
5 |
WEB
|
Silentz
|
|
2007-06-04
|
|
Sendcard 3.4.1 - Local File Inclusion / Remote Code Execution
|
5 |
WEB
|
Silentz
|
|
2007-06-03
|
|
PNPHPBB2 < 1.2 - 'index.php' SQL Injection
|
5 |
WEB
|
Kacper
|
|
2007-06-02
|
|
Quick.Cart 2.2 - Local/Remote File Inclusion / Remote Code Execution
|
5 |
WEB
|
Kacper
|
|
2007-06-01
|
|
XOOPS Module icontent 1.0/4.5 - Remote File Inclusion
|
5 |
WEB
|
GoLd_M
|
|
2007-06-01
|
|
RevokeBB 1.0 RC4 - Blind SQL Injection / Hash Retrieve
|
5 |
WEB
|
BlackHawk
|
|
2007-06-01
|
|
Particle Gallery 1.0.1 - SQL Injection
|
5 |
WEB
|
Silentz
|
|
2007-05-30
|
|
Vizayn Urun Tanitim Sistemi 0.2 - 'tr' SQL Injection
|
4 |
WEB
|
BAHADIR
|
|
2007-05-29
|
|
Pheap 2.0 - Authentication Bypass / Remote Code Execution
|
4 |
WEB
|
Silentz
|
|
2007-05-29
|
|
AdminBot 9.0.5 - 'live_status.lib.php' Remote File Inclusion
|
4 |
WEB
|
ThE TiGeR
|
|
2007-05-29
|
|
Inout Search Engine - Remote Code Execution
|
5 |
WEB
|
BlackHawk
|
|
2007-05-28
|
|
Joomla! Component Phil-a-Form 1.2.0.0 - SQL Injection
|
5 |
WEB
|
CypherXero
|
|
2007-05-28
|
|
wanewsletter 2.1.3 - Remote File Inclusion
|
5 |
WEB
|
Mogatil
|
|
2007-05-28
|
|
Vistered Little 1.6a - 'skin' Remote File Disclosure
|
5 |
WEB
|
GoLd_M
|
|
2007-05-27
|
|
Fundanemt 2.2.0 - 'spellcheck.php' Remote Code Execution
|
5 |
WEB
|
Kacper
|
|
2007-05-27
|
|
Frequency Clock 0.1b - 'securelib' Remote File Inclusion
|
5 |
WEB
|
ThE TiGeR
|
|
2007-05-26
|
|
TROforum 0.1 - 'admin.php?site_url' Remote File Inclusion
|
5 |
WEB
|
Mehmet Ince
|
|
2007-05-26
|
|
Mazens PHP Chat V3 (basepath) - Remote File Inclusion
|
5 |
WEB
|
ThE TiGeR
|
|
2007-05-25
|
|
FlaP 1.0b - 'pachtofile' Remote File Inclusion
|
5 |
WEB
|
Mehmet Ince
|
|
2007-05-25
|
|
OpenBASE 0.6a - 'root_prefix' Remote File Inclusion
|
5 |
WEB
|
DeltahackingTEAM
|
|
2007-05-25
|
|
vBulletin vBGSiteMap 2.41 - 'root' Remote File Inclusion
|
5 |
WEB
|
Cold Zero
|
|
2007-05-25
|
|
My Little Forum 1.7 - 'user.php?id' SQL Injection
|
5 |
WEB
|
Silentz
|
|
2007-05-25
|
|
gCards 1.46 - SQL Injection / Remote Code Execution
|
5 |
WEB
|
Silentz
|
|
2007-05-25
|
|
Webavis 0.1.1 - 'class.php?root' Remote File Inclusion
|
5 |
WEB
|
ThE TiGeR
|
|
2007-05-24
|
|
FirmWorX 0.1.2 - Multiple Remote File Inclusions
|
5 |
WEB
|
DeltahackingTEAM
|
|
2007-05-24
|
|
CPCommerce 1.1.0 - 'id_category' SQL Injection
|
5 |
WEB
|
Kacper
|
|
2007-05-24
|
|
Dokeos 1.6.5 - 'courseLog.php?scormcontopen' SQL Injection
|
5 |
WEB
|
Silentz
|
|
2007-05-23
|
|
Dokeos 1.8.0 - 'my_progress.php?course' SQL Injection
|
5 |
WEB
|
Silentz
|
|
2007-05-23
|
|
Scallywag - 'template.php?path' Remote File Inclusion
|
5 |
WEB
|
Mehmet Ince
|
|
2007-05-23
|
|
NavBoard 2.6.0 - Remote Code Execution
|
5 |
WEB
|
Dj7xpl
|
|
2007-05-22
|
|
BtiTracker 1.4.1 - Become Admin SQL Injection
|
4 |
WEB
|
m@ge|ozz
|
|
2007-05-21
|
|
Ol BookMarks Manager 0.7.4 - SQL Injection
|
5 |
WEB
|
Mehmet Ince
|
|
2007-05-21
|
|
TutorialCMS 1.01 - Authentication Bypass
|
5 |
WEB
|
Silentz
|
|
2007-05-21
|
|
Ol BookMarks Manager 0.7.4 - 'root' Remote File Inclusion
|
5 |
WEB
|
ThE TiGeR
|
|
2007-05-21
|
|
WordPress Core 2.1.3 - 'admin-ajax.php' SQL Injection Blind Fishing
|
5 |
WEB
|
waraxe
|
|
2007-05-20
|
|
Alstrasoft Template Seller Pro 3.25 - Remote Code Execution
|
4 |
WEB
|
BlackHawk
|
|
2007-05-20
|
|
Alstrasoft Template Seller Pro 3.25 - Admin Password Change
|
5 |
WEB
|
BlackHawk
|
|
2007-05-20
|
|
Alstrasoft Live Support 1.21 - Admin Credential Retrieve
|
5 |
WEB
|
BlackHawk
|
|
2007-05-20
|
|
Alstrasoft e-Friends 4.21 - Admin Session Retrieve
|
5 |
WEB
|
BlackHawk
|
|
2007-05-20
|
|
Zomplog 3.8 - 'mp3playlist.php' SQL Injection
|
5 |
WEB
|
NeoMorphS
|
|
2007-05-19
|
|
SunLight CMS 5.3 - 'root' Remote File Inclusion
|
5 |
WEB
|
Mehmet Ince
|
|
2007-05-18
|
|
MolyX BOARD 2.5.0 - 'index.php?lang' Local File Inclusion
|
5 |
WEB
|
MurderSkillz
|
|
2007-05-18
|
|
Libstats 1.0.3 - 'template_csv.php' Remote File Inclusion
|
5 |
WEB
|
Mehmet Ince
|
|
2007-05-17
|
|
Build it Fast (bif3) 0.4.1 - Multiple Remote File Inclusions
|
5 |
WEB
|
Alkomandoz Hacker
|
|
2007-05-17
|
|
GeekLog 2.x - 'ImageImageMagick.php' Remote File Inclusion
|
4 |
WEB
|
diesl0w
|
|
2007-05-17
|
|
Mambo Component com_yanc 1.4 Beta - 'id' SQL Injection
|
5 |
WEB
|
Mehmet Ince
|
|
2007-05-16
|
|
FAQEngine 4.16.03 - 'question.php?questionref' SQL Injection
|
4 |
WEB
|
Silentz
|
|
2007-05-16
|
|
SimpNews 2.40.01 - 'newnr' SQL Injection
|
5 |
WEB
|
Silentz
|
|
2007-05-16
|
|
PHPGlossar 0.8 - 'format_menue' Remote File Inclusion
|
4 |
WEB
|
kezzap66345
|
|
2007-05-16
|
|
runawaysoft haber portal 1.0 - 'tr' Multiple Vulnerabilities
|
5 |
WEB
|
kerem125
|
