| .:Date:. |
.:Title:. |
.:Impact:. |
.:Hits:. |
.:PoC:. |
| 2010-04-11 |
AneCMS Multiple Vulnerabilities |
High |
251 | - |
| 2010-03-13 |
Ananta Gazelle SQL Injection Vulnerability |
High |
328 | - |
| 2010-02-28 |
1024CMS Blind SQL Injection Vulnerability |
Medium |
631 |
X |
| 2010-02-17 |
SphereCMS Blind SQL Injection Vulnerability |
Medium |
319 | - |
| 2010-02-2 |
Tinypug Multiple Vulnerabilities |
Medium |
545 |
X |
| 2010-01-19 |
Blaze Apps Multiple Vulnerabilities |
Medium |
340 | - |
| 2009-12-2 |
ezContents CMS <=2.0.3 Multiple Vulnerabilities |
Medium |
2191 | - |
| 2009-04-8 |
SASP CMS Multiple Vulnerabilities |
High |
7018 |
X |
| 2009-03-17 |
PHPRunner <= 4.2 Blind SQL Injection |
Medium |
1563 | - |
| 2009-01-27 |
NewsCMSlite Insecure Cookie Handling |
Medium |
1187 | - |
| 2009-01-22 |
KWWD SQL Injection |
Medium |
1227 | - |
| 2009-01-14 |
phpList <= 2.10.8 Local File inclusion |
High |
6484 |
X |
| 2008-12-20 |
chicomas <=2.0.4 Multiple Vulnerabilities |
High |
1591 | - |
| 2008-12-14 |
CFAGCMS Remote File Inclusion |
Medium |
3610 | - |
| 2008-11-8 |
Enthusiast <=3 Remote Code Execution |
High |
4706 | - |
| 2008-10-27 |
Persia BME E-Catalogue SQL Injection Vulnerability |
High |
4575 | - |
| 2008-10-4 |
CMME Multiple Information disclosure |
Medium |
4423 | - |
| 2008-09-23 |
ParsaWeb CMS SQL Injection |
High |
1475 | - |
| 2008-09-7 |
Masir Camp E-Shop Module <= 3.0 SQL Injection |
Medium |
1528 | - |
| 2008-09-3 |
TransLucid 1.75 (fckeditor) Remote Arbitrary File Upload |
Medium |
1397 | - |
| 2008-08-5 |
IGES CMS <=2.0 Multiple Vulnerabilities |
Medium |
2727 |
X |
| 2008-07-20 |
MyBlog <=0.9.8 Multiple Vulnerabilities |
High |
3176 |
X |
| 2008-07-13 |
Pluck Local File inclusion |
Medium |
2667 |
X |
| 2008-06-20 |
Virtual Support Office-XP Multiple Vulnerabilities. |
High |
2584 |
X |
| 2008-06-20 |
GL-SH Deaf Forum <=6.5.5 Multiple Vulnerabilities |
High |
2781 |
X |
| 2008-06-19 |
eLineStudio Site Composer (ESC) <=2.6 Multiple Vulnerabilities |
High |
2491 |
X |
| 2008-06-19 |
Academic Web Tools CMS <= 1.4.2.8 Multiple Vulnerabilities |
Medium |
2653 |
X |
| 2008-06-18 |
doITlive CMS <=2.50 Multiple Vulnerabilities |
High |
2457 |
X |
| 2008-06-12 |
Pooya Site Builder (PSB) SQL Injection Vulnerabilities |
High |
3174 |
X |
| 2008-06-12 |
Xigla Multiple Products - Multiple Vulnerabilities |
Medium |
1655 | - |
| 2008-06-10 |
Realm CMS <= 2.3 Multiple Vulnerabilities. |
High |
2507 |
X |
| 2008-06-4 |
QuickerSite <= 1.85 Multiple Vulnerabilities |
High |
3534 |
X |
| 2008-05-30 |
Dot Net Nuke (DNN) <= 4.8.3 XSS Vulnerability |
Low |
1808 | - |
| 2008-04-27 |
MegaBBS Forum Multiple Vulnerabilities. |
Medium |
3429 |
X |
| 2008-04-20 |
Acidcat CMS Multiple Vulnerabilities. |
High |
2830 |
X |
| 2008-04-16 |
Carbon Communities forum Multiple Vulnerabilities. |
High |
2986 |
X |
| 2008-04-13 |
cpCommerce Multiple Vulnerabilities |
Medium |
2339 | - |
| 2008-01-28 |
Mambo 4.6.3 Path Disclosure, XSS , XSRF, DOS |
Medium |
3469 | - |
| 2008-01-26 |
[CandyPress] eCommerce suite SQL Injection + XSS + Path Disclosure in CandyPress |
High |
2849 |
X |
| 2008-01-23 |
Web Wiz Rich Text Editor Directory traversal + HTM/HTML file creation on the server |
Medium |
1576 | - |
| 2008-01-23 |
Web Wiz NewsPad Directory traversal |
Low |
1336 | - |
| 2008-01-23 |
Web Wiz Forums Directory traversal |
Low |
1580 | - |
| 2008-01-22 |
Mozilla Firefox 2.0.0.11 Hide The Source Code |
Low |
1304 | - |
| 2008-01-20 |
Bloofox CMS SQL Injection (Authentication bypass) , Source code disclosure |
Medium |
1575 | - |
| 2008-01-7 |
OneCMS Vulnerabilities |
High |
2125 |
X |
| 2008-01-2 |
MODx CMS Source code disclosure, local file inclusion |
Medium |
10411 | - |
| 2007-12-30 |
Bitweaver source code disclosure, arbitrary file upload |
Medium |
1312 | - |
| 2007-12-24 |
Jupiter Cms Multiple Vulnerabilities |
High |
3071 |
X |
| 2007-12-24 |
PHP <= 5.2.5 Safe Mode Bypass |
Medium |
5927 |
X |
| 2007-12-13 |
Hosting Controller 6.1 - Users can change other's host headers. |
Medium |
917 | - |
| 2007-12-13 |
Hosting Controller 6.1 - Users can enable or disable all Hosting Controller forums by SQL Injection. |
Medium |
1650 |
X |
| 2007-12-13 |
Hosting Controller 6.1 - Users can find web site path. |
Medium |
778 | - |
| 2007-12-13 |
Hosting Controller 6.1 - Users can import unwanted plan or change the plans. |
Medium |
699 | - |
| 2007-12-13 |
Hosting Controller 6.1 - Users can find Hosting Controller setup directory. |
Medium |
1418 |
X |
| 2007-12-13 |
Hosting Controller 6.1 - Users can see all usernames in the server by |
Medium |
1290 |
X |
| 2007-12-13 |
Hosting Controller 6.1 - Users can enable or disable pay type. |
Medium |
598 | - |
| 2007-12-13 |
Hosting Controller 6.1 - Users can delete all of gateway information. |
Medium |
518 | - |
| 2007-12-13 |
Hosting Controller 6.1 - Users can uninstall other's FrontPage extensions. |
Medium |
505 | - |
| 2007-12-13 |
Hosting Controller 6.1 - Users can change his credit amount or increase his discount. |
Medium |
962 |
X |
| 2007-12-13 |
Hosting Controller 6.1 - SQL Injection in "/accounts/accountmanager.asp" |
Medium |
1027 |
X |
| 2007-12-13 |
Hosting Controller 6.1 - Remote Attacker can change all user's profiles. |
Medium |
912 |
X |
| 2007-12-13 |
Hosting Controller 6.1 - Remote Users Can Make a New User |
High |
1003 |
X |
| 2007-12-13 |
Hosting Controller 6.1 - Remote Authenticated Users Execute a File Under Administrative Priviledge |
High |
1077 |
X |
| 2007-12-13 |
Hosting Controller 6.1 - Lets Remote Users Gain Admin Priviledge |
High |
1047 |
X |
| 2007-12-10 |
Snitz Forums 2000 Active.asp Remote SQL Injection Vulnerability |
High |
1253 |
X |
| 2007-11-25 |
RunCMS <= 1.6 disclaimer.php Remote File Overwrite Exploit |
High |
4631 |
X |
| 2007-11-25 |
RunCMS <= 1.6 Local File Inclusion Vulnerability |
Medium |
654 | - |
| 2007-11-22 |
SkyPortal vRC6 Multiple Remote Vulnerabilities |
High |
1061 |
X |
| 2007-11-22 |
bcoos 1.0.10 (LFI / SQL Injection) Multiple Remote Vulnerabilities |
Medium |
719 | - |
| 2007-10-25 |
Mozilla Firefox <= 2.0.0.7 Remote Denial of Service Exploit |
Low |
805 | - |
