|
2007-01-31
|
|
Michelles L2J Dropcalc 4 - SQL Injection
|
1 |
WEB
|
Codebreak
|
|
2007-01-30
|
|
PHPBB2 MODificat 0.2.0 - 'functions.php' Remote File Inclusion
|
1 |
WEB
|
Mehmet Ince
|
|
2007-01-30
|
|
MyNews 4.2.2 - 'themefunc.php' Remote File Inclusion
|
1 |
WEB
|
GoLd_M
|
|
2007-01-30
|
|
CascadianFAQ 4.1 - 'index.php' SQL Injection
|
1 |
WEB
|
ajann
|
|
2007-01-30
|
|
PHPFootball 1.6 - Remote Database Disclosure
|
1 |
WEB
|
ajann
|
|
2007-01-30
|
|
Galeria Zdjec 3.0 - 'zd_numer.php' Local File Inclusion
|
1 |
WEB
|
ajann
|
|
2007-01-29
|
|
Webfwlog 0.92 - 'debug.php' Remote File Disclosure
|
1 |
WEB
|
GoLd_M
|
|
2007-01-29
|
|
GuppY 4.5.16 - Remote Command Execution
|
1 |
WEB
|
rgod
|
|
2007-01-28
|
|
PHP Generic library & Framework - 'INCLUDE_PATH' Remote File Inclusion
|
1 |
WEB
|
Mehmet Ince
|
|
2007-01-28
|
|
xNews 1.3 - 'xNews.php' SQL Injection
|
0 |
WEB
|
ajann
|
|
2007-01-28
|
|
Foro Domus 2.10 - 'phpbb_root_path' Remote File Inclusion
|
1 |
WEB
|
Mehmet Ince
|
|
2007-01-28
|
|
EclipseBB 0.5.0 Lite - 'phpbb_root_path' Remote File Inclusion
|
1 |
WEB
|
Mehmet Ince
|
|
2007-01-27
|
|
PHPMyReports 3.0.11 - 'lib_head.php' Remote File Inclusion
|
1 |
WEB
|
GoLd_M
|
|
2007-01-27
|
|
chernobiLe Portal 1.0 - 'default.asp' SQL Injection
|
1 |
WEB
|
ajann
|
|
2007-01-27
|
|
Xt-Stats 2.4.0.b3 (server_base_dir) - Remote File Inclusion
|
1 |
WEB
|
ThE dE@Th
|
|
2007-01-27
|
|
ACGVannu 1.3 - 'index2.php' Remote User Pass Change
|
0 |
WEB
|
ajann
|
|
2007-01-27
|
|
Drunken:Golem Portal 0.5.1 Alpha 2 - Remote File Inclusion
|
1 |
WEB
|
MackRulZ
|
|
2007-01-27
|
|
ACGVclick 0.2.0 - 'path' Remote File Inclusion
|
1 |
WEB
|
ajann
|
|
2007-01-27
|
|
nsGalPHP - '/includes/config.inc.php?racineTBS' Remote File Inclusion
|
1 |
WEB
|
S.W.A.T.
|
|
2007-01-26
|
|
FD Script 1.3.2 - 'download.php' Remote File Disclosure
|
1 |
WEB
|
ajann
|
|
2007-01-26
|
|
AINS 0.02b - 'ains_main.php?ains_path' Remote File Inclusion
|
0 |
WEB
|
ThE dE@Th
|
|
2007-01-26
|
|
MyPHPcommander 2.0 - 'package.php' Remote File Inclusion
|
1 |
WEB
|
Cold Zero
|
|
2007-01-25
|
|
Virtual Path 1.0 - '/vp/configure.php' Remote File Inclusion
|
1 |
WEB
|
GoLd_M
|
|
2007-01-25
|
|
forum livre 1.0 - SQL Injection / Cross-Site Scripting
|
1 |
WEB
|
ajann
|
|
2007-01-25
|
|
Aztek Forum 4.0 - Multiple Vulnerabilities
|
1 |
WEB
|
DarkFig
|
|
2007-01-25
|
|
GPS CMS 1.2 - 'print.asp' SQL Injection
|
1 |
WEB
|
ajann
|
|
2007-01-25
|
|
makit Newsposter Script 3.0 - SQL Injection
|
1 |
WEB
|
ajann
|
|
2007-01-24
|
|
Xero Portal - 'phpbb_root_path' Remote File Inclusion
|
0 |
WEB
|
Mehmet Ince
|
|
2007-01-24
|
|
vhostadmin 0.1 - 'MODULES_DIR' Remote File Inclusion
|
0 |
WEB
|
3l3ctric-Cracker
|
|
2007-01-24
|
|
ASP NEWS 3.0 - 'news_detail.asp' SQL Injection
|
0 |
WEB
|
ajann
|
|
2007-01-24
|
|
ASP EDGE 1.2b - 'user.asp' SQL Injection
|
0 |
WEB
|
ajann
|
|
2007-01-24
|
|
RPW 1.0.2 - 'config.php?sql_language' Remote File Inclusion
|
0 |
WEB
|
3l3ctric-Cracker
|
|
2007-01-23
|
|
phpXD 0.3 - 'path' Remote File Inclusion
|
0 |
WEB
|
3l3ctric-Cracker
|
|
2007-01-23
|
|
BBClone 0.31 - 'selectlang.php' Remote File Inclusion
|
0 |
WEB
|
3l3ctric-Cracker
|
|
2007-01-23
|
|
Vote-Pro 4.0 - 'poll_frame.php?poll_id' Remote Code Execution
|
1 |
WEB
|
r0ut3r
|
|
2007-01-22
|
|
VisoHotlink 1.01 - 'functions.visohotlink.php' Remote File Inclusion
|
1 |
WEB
|
bd0rk
|
|
2007-01-21
|
|
Upload Service 1.0 - 'top.php?maindir' Remote File Inclusion
|
1 |
WEB
|
y3dips
|
|
2007-01-21
|
|
webSPELL 4.01.02 - 'gallery.php' Blind SQL Injection
|
1 |
WEB
|
r00t
|
|
2007-01-21
|
|
Mafia Scum Tools 2.0.0 - 'index.php?gen' Remote File Inclusion
|
1 |
WEB
|
DeltahackingTEAM
|
|
2007-01-21
|
|
WebChat 0.77 - 'defines.php?WEBCHATPATH' Remote File Inclusion
|
1 |
WEB
|
v1per-haCker
|
|
2007-01-20
|
|
MySpeach 2.1b - 'up.php' Remote File Inclusion
|
1 |
WEB
|
3l3ctric-Cracker
|
|
2007-01-20
|
|
PHPIndexPage 1.0.1 - 'config.php' Remote File Inclusion
|
1 |
WEB
|
DeltahackingTEAM
|
|
2007-01-20
|
|
Neon Labs Website 3.2 - 'nl.php?g_strRootDir' Remote File Inclusion
|
0 |
WEB
|
3l3ctric-Cracker
|
|
2007-01-20
|
|
Bradabra 2.0.5 - '/include/includes.php' Remote File Inclusion
|
1 |
WEB
|
GoLd_M
|
|
2007-01-20
|
|
PHPSherpa - '/include/config.inc.php' Remote File Inclusion
|
1 |
WEB
|
3l3ctric-Cracker
|
|
2007-01-18
|
|
phpBP RC3 (2.204) - SQL Injection / Remote Code Execution
|
1 |
WEB
|
Kacper
|
|
2007-01-18
|
|
ComVironment 4.0 - 'grab_globals.lib.php' Remote File Inclusion
|
1 |
WEB
|
GoLd_M
|
|
2007-01-17
|
|
Oreon 1.2.3 RC4 - '/lang/index.php' Remote File Inclusion
|
1 |
WEB
|
3l3ctric-Cracker
|
|
2007-01-17
|
|
Uberghey 0.3.1 - 'FrontPage.php' Remote File Inclusion
|
1 |
WEB
|
GoLd_M
|
|
2007-01-17
|
|
Woltlab Burning Board 1.0.2/2.3.6 - 'search.php' SQL Injection (3)
|
1 |
WEB
|
666
|
|
2007-01-17
|
|
PHPMyphorum 1.5a - '/mep/frame.php' Remote File Inclusion
|
1 |
WEB
|
v1per-haCker
|
|
2007-01-17
|
|
Woltlab Burning Board 1.0.2/2.3.6 - 'search.php' SQL Injection (2)
|
0 |
WEB
|
trew
|
|
2007-01-17
|
|
Woltlab Burning Board 1.0.2/2.3.6 - 'search.php' SQL Injection (1)
|
1 |
WEB
|
silent vapor
|
|
2007-01-17
|
|
MGB 0.5.4.5 - 'email.php?id' SQL Injection
|
0 |
WEB
|
SlimTim10
|
|
2007-01-15
|
|
Okul Web Otomasyon Sistemi 4.0.1 - SQL Injection
|
1 |
WEB
|
ilker Kandemir
|
|
2007-01-15
|
|
KGB 1.9 - 'sesskglogadmin.php' Local File Inclusion
|
1 |
WEB
|
Kacper
|
|
2007-01-14
|
|
JV2 Folder Gallery 3.0 - 'download.php' Remote File Disclosure
|
1 |
WEB
|
PeTrO
|
|
2007-01-14
|
|
ThWboard 3.0b2.84-php5 - SQL Injection / Code Execution
|
1 |
WEB
|
rgod
|
|
2007-01-13
|
|
FdWeB Espace Membre 2.01 - 'path' Remote File Inclusion
|
1 |
WEB
|
ajann
|
|
2007-01-13
|
|
DigiAffiliate 1.4 - 'id' SQL Injection
|
1 |
WEB
|
ajann
|
|
2007-01-12
|
|
Poplar Gedcom Viewer 2.0 - 'common.php' Remote File Inclusion
|
1 |
WEB
|
GoLd_M
|
|
2007-01-12
|
|
Mint Haber Sistemi 2.7 - 'duyuru.asp?id' SQL Injection
|
1 |
WEB
|
chernobiLe
|
|
2007-01-12
|
|
TLM CMS 1.1 - 'i-accueil.php?chemin' Remote File Inclusion
|
1 |
WEB
|
GoLd_M
|
|
2007-01-12
|
|
LunarPoll 1.0 - 'show.php?PollDir' Remote File Inclusion
|
1 |
WEB
|
ilker Kandemir
|
|
2007-01-12
|
|
sNews 1.5.30 - Remote Reset Admin Pass / Command Execution
|
1 |
WEB
|
rgod
|
|
2007-01-11
|
|
vp-asp shopping cart 6.09 - SQL Injection / Cross-Site Scripting
|
1 |
WEB
|
ajann
|
|
2007-01-11
|
|
Article System 0.1 - 'INCLUDE_DIR' Remote File Inclusion
|
1 |
WEB
|
3l3ctric-Cracker
|
|
2007-01-10
|
|
Jshop Server 1.3 - 'fieldValidation.php' Remote File Inclusion
|
0 |
WEB
|
irvian
|
|
2007-01-10
|
|
WordPress Core 2.0.6 - 'wp-trackback.php' SQL Injection
|
0 |
WEB
|
rgod
|
|
2007-01-09
|
|
Axiom Photo/News Gallery 0.8.6 - Remote File Inclusion
|
0 |
WEB
|
DeltahackingTEAM
|
|
2007-01-09
|
|
uniForum 4 - 'wbsearch.aspx' SQL Injection
|
1 |
WEB
|
ajann
|
|
2007-01-09
|
|
MOTIONBORG Web Real Estate 2.1 - SQL Injection
|
1 |
WEB
|
ajann
|
|
2007-01-09
|
|
PPC Search Engine 1.61 - 'INC' Multiple Remote File Inclusions
|
1 |
WEB
|
IbnuSina
|
|
2007-01-08
|
|
@lex Guestbook 4.0.2 - Remote Command Execution
|
1 |
WEB
|
DarkFig
|
|
2007-01-08
|
|
Magic Photo Storage Website - '_config[site_path]' File Inclusion
|
0 |
WEB
|
k1tk4t
|
|
2007-01-07
|
|
AllMyVisitors 0.4.0 - 'index.php' Remote File Inclusion
|
1 |
WEB
|
bd0rk
|
|
2007-01-07
|
|
AllMyLinks 0.5.0 - 'index.php' Remote File Inclusion
|
1 |
WEB
|
GoLd_M
|
|
2007-01-07
|
|
WordPress Core 2.0.5 - Trackback UTF-7 SQL Injection
|
1 |
WEB
|
Stefan Esser
|
|
2007-01-07
|
|
AllMyGuests 0.3.0 - 'AMG_serverpath' Remote File Inclusion
|
1 |
WEB
|
beks
|
|
2007-01-07
|
|
L2J Statistik Script 0.09 - 'index.php' Local File Inclusion
|
1 |
WEB
|
Codebreak
|
|
2007-01-06
|
|
NUNE News Script 2.0pre2 - Multiple Remote File Inclusions
|
1 |
WEB
|
Mehmet Ince
|
|
2007-01-05
|
|
Quote&Ordering System 1.0 - 'ordernum' Multiple Vulnerabilities
|
0 |
WEB
|
ajann
|
|
2007-01-05
|
|
Coppermine Photo Gallery 1.4.10 - 'xpl.php' SQL Injection
|
0 |
WEB
|
DarkFig
|
|
2007-01-05
|
|
ig shop 1.0 - Code Execution / SQL Injection
|
0 |
WEB
|
Michael Brooks
|
|
2007-01-05
|
|
iG Calendar 1.0 - 'user.php?id' SQL Injection
|
0 |
WEB
|
Michael Brooks
|
|
2007-01-04
|
|
DigiRez 3.4 - 'book_id' SQL Injection
|
0 |
WEB
|
ajann
|
|
2007-01-04
|
|
Aratix 0.2.2b11 - '/inc/init.inc.php' Remote File Inclusion
|
0 |
WEB
|
nuffsaid
|
|
2007-01-03
|
|
Simple Web Content Management System - SQL Injection
|
0 |
WEB
|
DarkFig
|
|
2007-01-03
|
|
VerliAdmin 0.3 - 'language.php' Local File Inclusion
|
0 |
WEB
|
Kw3[R]Ln
|
|
2007-01-03
|
|
E-Smart Cart 1.0 - 'Product_ID' SQL Injection
|
0 |
WEB
|
ajann
|
|
2007-01-03
|
|
LocazoList 2.01a beta5 - 'subcatID' SQL Injection
|
0 |
WEB
|
ajann
|
|
2007-01-01
|
|
TaskTracker 1.5 - 'Customize.asp' Remote Add Administrator
|
1 |
WEB
|
ajann
|
|
2007-01-01
|
|
NewsCMSLite - 'newsCMS.mdb' Remote Password Disclosure
|
1 |
WEB
|
KaBuS
|
|
2007-01-01
|
|
WWWBoard 2.0 - 'passwd.txt' Remote Password Disclosure
|
1 |
WEB
|
bd0rk
|
|
2007-01-01
|
|
AutoDealer 2.0 - 'detail.asp?iPro' SQL Injection
|
1 |
WEB
|
ajann
|
|
2007-01-01
|
|
Vizayn Haber - 'haberdetay.asp?id' SQL Injection
|
1 |
WEB
|
chernobiLe
|
|
2007-01-01
|
|
RBlog 1.0 - 'admin.mdb' Remote Password Disclosure
|
1 |
WEB
|
Aria-Security Team
|
|
2006-12-31
|
|
Bubla 0.9.2 - 'bu_dir' Multiple Remote File Inclusions
|
0 |
WEB
|
DeltahackingTEAM
|
|
2006-12-31
|
|
MDForum 2.0.1 - 'PNSVlang' Remote Code Execution
|
0 |
WEB
|
Kacper
|
|
2006-12-31
|
|
P-News 1.16/1.17 - 'user.dat' Remote Password Disclosure
|
1 |
WEB
|
3l3ctric-Cracker
|
|
2006-12-31
|
|
Vz (Adp) Forum 2.0.3 - Remote Password Disclosure
|
0 |
WEB
|
3l3ctric-Cracker
|
|
2006-12-30
|
|
WordPress Plugin Enigma 2 Bridge - 'boarddir' Remote File Inclusion
|
1 |
WEB
|
Mehmet Ince
|
|
2006-12-30
|
|
Enigma 2 Coppermine Bridge - 'boarddir' Remote File Inclusion
|
0 |
WEB
|
Mehmet Ince
|
|
2006-12-30
|
|
IMGallery 2.5 - Create Uploader Script
|
0 |
WEB
|
Kacper
|
|
2006-12-30
|
|
Click N Print Coupons 2006.01 - 'key' SQL Injection
|
0 |
WEB
|
ajann
|
|
2006-12-30
|
|
FreeStyle Wiki 3.6.2 - 'user.dat' Password Disclosure
|
0 |
WEB
|
bd0rk
|
|
2006-12-30
|
|
SoftArtisans SAFileUp 5.0.14 - 'viewsrc.asp' Script Source Disclosure
|
0 |
WEB
|
Inge Henriksen
|
|
2006-12-30
|
|
Cacti 0.8.6i - 'copy_cacti_user.php' SQL Injection Create Admin
|
0 |
WEB
|
rgod
|
|
2006-12-30
|
|
Voodoo chat 1.0RC1b - 'users.dat' Password Disclosure
|
1 |
WEB
|
bd0rk
|
|
2006-12-30
|
|
x-news 1.1 - 'users.txt' Remote Password Disclosure
|
0 |
WEB
|
bd0rk
|
|
2006-12-29
|
|
EasyNews PRO News Publishing 4.0 - Password Disclosure
|
1 |
WEB
|
bd0rk
|
|
2006-12-28
|
|
WebText 0.4.5.2 - Remote Code Execution
|
1 |
WEB
|
Kacper
|
|
2006-12-28
|
|
ASPTicker 1.0 - Authentication Bypass
|
1 |
WEB
|
ajann
|
|
2006-12-28
|
|
phpBB2 Plus 1.53 - Acronym Mod SQL Injection
|
1 |
WEB
|
the master
|
|
2006-12-28
|
|
wywo inout board 1.0 - Multiple Vulnerabilities
|
1 |
WEB
|
ajann
|
|
2006-12-28
|
|
aFAQ 1.0 - 'faqDsp.asp?catcode' SQL Injection
|
1 |
WEB
|
ajann
|
|
2006-12-27
|
|
Cacti 0.8.6i - 'cmd.php?popen()' Remote Injection
|
1 |
WEB
|
rgod
|
|
2006-12-27
|
|
Limbo CMS Module event 1.0 - Remote File Inclusion
|
0 |
WEB
|
Mehmet Ince
|
|
2006-12-27
|
|
Fantastic News 2.1.4 - Multiple Remote File Inclusions
|
1 |
WEB
|
Mr-m07
|
|
2006-12-27
|
|
Bubla 1.0.0rc2 - '/bu/process.php' Remote File Inclusion
|
0 |
WEB
|
DeltahackingTEAM
|
|
2006-12-27
|
|
Yrch 1.0 - 'plug.inc.phppath' Remote File Inclusion
|
0 |
WEB
|
DeltahackingTEAM
|
|
2006-12-26
|
|
PHP-Update 2.7 - '/admin/uploads.php' Remote Code Execution
|
0 |
WEB
|
undefined1_
|
|
2006-12-26
|
|
myPHPCalendar 10192000b - 'cal_dir' Remote File Inclusion
|
0 |
WEB
|
Cr@zy_King
|
|
2006-12-26
|
|
mxBB Module pafiledb 2.0.1b - Remote File Inclusion
|
0 |
WEB
|
bd0rk
|
|
2006-12-26
|
|
PHP-Update 2.7 - Multiple Vulnerabilities
|
0 |
WEB
|
rgod
|
