| .:Date:. |
.:Title:. |
.:Impact:. |
.:Hits:. |
.:PoC:. |
| 2010-02-28 |
1024CMS Blind SQL Injection Vulnerability |
Medium |
149 |
X |
| 2010-02-17 |
SphereCMS Blind SQL Injection Vulnerability |
Medium |
52 | - |
| 2010-02-2 |
Tinypug Multiple Vulnerabilities |
Medium |
165 |
X |
| 2010-01-19 |
Blaze Apps Multiple Vulnerabilities |
Medium |
128 | - |
| 2009-12-2 |
ezContents CMS <=2.0.3 Multiple Vulnerabilities |
Medium |
819 | - |
| 2009-04-8 |
SASP CMS Multiple Vulnerabilities |
High |
6638 |
X |
| 2009-03-17 |
PHPRunner <= 4.2 Blind SQL Injection |
Medium |
1323 | - |
| 2009-01-27 |
NewsCMSlite Insecure Cookie Handling |
Medium |
989 | - |
| 2009-01-22 |
KWWD SQL Injection |
Medium |
1038 | - |
| 2009-01-14 |
phpList <= 2.10.8 Local File inclusion |
High |
5259 |
X |
| 2008-12-20 |
chicomas <=2.0.4 Multiple Vulnerabilities |
High |
1310 | - |
| 2008-12-14 |
CFAGCMS Remote File Inclusion |
Medium |
2783 | - |
| 2008-11-8 |
Enthusiast <=3 Remote Code Execution |
High |
3453 | - |
| 2008-10-27 |
Persia BME E-Catalogue SQL Injection Vulnerability |
High |
3376 | - |
| 2008-10-4 |
CMME Multiple Information disclosure |
Medium |
3226 | - |
| 2008-09-23 |
ParsaWeb CMS SQL Injection |
High |
1255 | - |
| 2008-09-7 |
Masir Camp E-Shop Module <= 3.0 SQL Injection |
Medium |
1318 | - |
| 2008-09-3 |
TransLucid 1.75 (fckeditor) Remote Arbitrary File Upload |
Medium |
1162 | - |
| 2008-08-5 |
IGES CMS <=2.0 Multiple Vulnerabilities |
Medium |
2260 |
X |
| 2008-07-20 |
MyBlog <=0.9.8 Multiple Vulnerabilities |
High |
2532 |
X |
| 2008-07-13 |
Pluck Local File inclusion |
Medium |
2239 |
X |
| 2008-06-20 |
Virtual Support Office-XP Multiple Vulnerabilities. |
High |
2160 |
X |
| 2008-06-20 |
GL-SH Deaf Forum <=6.5.5 Multiple Vulnerabilities |
High |
2393 |
X |
| 2008-06-19 |
eLineStudio Site Composer (ESC) <=2.6 Multiple Vulnerabilities |
High |
2135 |
X |
| 2008-06-19 |
Academic Web Tools CMS <= 1.4.2.8 Multiple Vulnerabilities |
Medium |
2280 |
X |
| 2008-06-18 |
doITlive CMS <=2.50 Multiple Vulnerabilities |
High |
2096 |
X |
| 2008-06-12 |
Pooya Site Builder (PSB) SQL Injection Vulnerabilities |
High |
2782 |
X |
| 2008-06-12 |
Xigla Multiple Products - Multiple Vulnerabilities |
Medium |
1462 | - |
| 2008-06-10 |
Realm CMS <= 2.3 Multiple Vulnerabilities. |
High |
2157 |
X |
| 2008-06-4 |
QuickerSite <= 1.85 Multiple Vulnerabilities |
High |
3103 |
X |
| 2008-05-30 |
Dot Net Nuke (DNN) <= 4.8.3 XSS Vulnerability |
Low |
1551 | - |
| 2008-04-27 |
MegaBBS Forum Multiple Vulnerabilities. |
Medium |
2974 |
X |
| 2008-04-20 |
Acidcat CMS Multiple Vulnerabilities. |
High |
2478 |
X |
| 2008-04-16 |
Carbon Communities forum Multiple Vulnerabilities. |
High |
2656 |
X |
| 2008-04-13 |
cpCommerce Multiple Vulnerabilities |
Medium |
2150 | - |
| 2008-01-28 |
Mambo 4.6.3 Path Disclosure, XSS , XSRF, DOS |
Medium |
3111 | - |
| 2008-01-26 |
[CandyPress] eCommerce suite SQL Injection + XSS + Path Disclosure in CandyPress |
High |
2640 |
X |
| 2008-01-23 |
Web Wiz Rich Text Editor Directory traversal + HTM/HTML file creation on the server |
Medium |
1500 | - |
| 2008-01-23 |
Web Wiz NewsPad Directory traversal |
Low |
1278 | - |
| 2008-01-23 |
Web Wiz Forums Directory traversal |
Low |
1508 | - |
| 2008-01-22 |
Mozilla Firefox 2.0.0.11 Hide The Source Code |
Low |
1224 | - |
| 2008-01-20 |
Bloofox CMS SQL Injection (Authentication bypass) , Source code disclosure |
Medium |
1515 | - |
| 2008-01-7 |
OneCMS Vulnerabilities |
High |
1999 |
X |
| 2008-01-2 |
MODx CMS Source code disclosure, local file inclusion |
Medium |
10265 | - |
| 2007-12-30 |
Bitweaver source code disclosure, arbitrary file upload |
Medium |
1229 | - |
| 2007-12-24 |
Jupiter Cms Multiple Vulnerabilities |
High |
2888 |
X |
| 2007-12-24 |
PHP <= 5.2.5 Safe Mode Bypass |
Medium |
5497 |
X |
| 2007-12-13 |
Hosting Controller 6.1 - Users can change other's host headers. |
Medium |
837 | - |
| 2007-12-13 |
Hosting Controller 6.1 - Users can enable or disable all Hosting Controller forums by SQL Injection. |
Medium |
1522 |
X |
| 2007-12-13 |
Hosting Controller 6.1 - Users can find web site path. |
Medium |
709 | - |
| 2007-12-13 |
Hosting Controller 6.1 - Users can import unwanted plan or change the plans. |
Medium |
642 | - |
| 2007-12-13 |
Hosting Controller 6.1 - Users can find Hosting Controller setup directory. |
Medium |
1241 |
X |
| 2007-12-13 |
Hosting Controller 6.1 - Users can see all usernames in the server by |
Medium |
1178 |
X |
| 2007-12-13 |
Hosting Controller 6.1 - Users can enable or disable pay type. |
Medium |
535 | - |
| 2007-12-13 |
Hosting Controller 6.1 - Users can delete all of gateway information. |
Medium |
459 | - |
| 2007-12-13 |
Hosting Controller 6.1 - Users can uninstall other's FrontPage extensions. |
Medium |
451 | - |
| 2007-12-13 |
Hosting Controller 6.1 - Users can change his credit amount or increase his discount. |
Medium |
846 |
X |
| 2007-12-13 |
Hosting Controller 6.1 - SQL Injection in "/accounts/accountmanager.asp" |
Medium |
906 |
X |
| 2007-12-13 |
Hosting Controller 6.1 - Remote Attacker can change all user's profiles. |
Medium |
815 |
X |
| 2007-12-13 |
Hosting Controller 6.1 - Remote Users Can Make a New User |
High |
892 |
X |
| 2007-12-13 |
Hosting Controller 6.1 - Remote Authenticated Users Execute a File Under Administrative Priviledge |
High |
934 |
X |
| 2007-12-13 |
Hosting Controller 6.1 - Lets Remote Users Gain Admin Priviledge |
High |
928 |
X |
| 2007-12-10 |
Snitz Forums 2000 Active.asp Remote SQL Injection Vulnerability |
High |
1084 |
X |
| 2007-11-25 |
RunCMS <= 1.6 disclaimer.php Remote File Overwrite Exploit |
High |
3862 |
X |
| 2007-11-25 |
RunCMS <= 1.6 Local File Inclusion Vulnerability |
Medium |
583 | - |
| 2007-11-22 |
SkyPortal vRC6 Multiple Remote Vulnerabilities |
High |
938 |
X |
| 2007-11-22 |
bcoos 1.0.10 (LFI / SQL Injection) Multiple Remote Vulnerabilities |
Medium |
637 | - |
| 2007-10-25 |
Mozilla Firefox <= 2.0.0.7 Remote Denial of Service Exploit |
Low |
730 | - |
