BugReport
Full Archive|Join Us|About Us|Contact Us
.:Date:. .:Title:. .:Impact:. .:Hits:. .:PoC:.
2014-04-9 Timapoo <= 1.0.0 Multiple Vulnerability High 5059-
2014-02-1 noCMS <= 2.4 Multiple Vulnerability High 9515 X
2012-05-19 PHP CGI Argument Injection Remote Exploit (PHP Version) High 19523 X
2011-08-23 JCE Joomla Extension <=2.0.10 Multiple Vulnerabilities (Updated!) High 339294 X
2011-07-11 Ferdows CMS Pro <=1.1.0 and Ferdows CMS <=9.0.5 Multiple Vulnerabilities Medium 11584 X
2010-10-26 Microsoft Office Groove 2007 DLL Hijacking Exploit (grooveperfmon.dll) High 10369 X
2010-09-13 Adobe LiveCycle ES DLL Hijacking Exploit (.dll) High 11288 X
2010-09-5 chillyCMS Multiple Vulnerabilities Medium 7053-
2010-08-10 ACollab Multiple Vulnerabilities High 6045-
2010-04-11 AneCMS Multiple Vulnerabilities High 6125-
2010-03-13 Ananta Gazelle SQL Injection Vulnerability High 8201-
2010-02-28 1024CMS Blind SQL Injection Vulnerability Medium 12519 X
2010-02-17 SphereCMS Blind SQL Injection Vulnerability Medium 6810-
2010-02-2 Tinypug Multiple Vulnerabilities Medium 11044 X
2010-01-19 Blaze Apps Multiple Vulnerabilities Medium 5968-
2009-12-2 ezContents CMS <=2.0.3 Multiple Vulnerabilities Medium 13738-
2009-04-8 SASP CMS Multiple Vulnerabilities High 19107 X
2009-03-17 PHPRunner <= 4.2 Blind SQL Injection Medium 7972-
2009-01-27 NewsCMSlite Insecure Cookie Handling Medium 6843-
2009-01-22 KWWD SQL Injection Medium 5979-
2009-01-14 phpList <= 2.10.8 Local File inclusion High 21177 X
2008-12-20 chicomas <=2.0.4 Multiple Vulnerabilities High 7738-
2008-12-14 CFAGCMS Remote File Inclusion Medium 11267-
2008-11-8 Enthusiast <=3 Remote Code Execution High 11313-
2008-10-27 Persia BME E-Catalogue SQL Injection Vulnerability High 10271-
2008-10-4 CMME Multiple Information disclosure Medium 11605-
2008-09-23 ParsaWeb CMS SQL Injection High 7153-
2008-09-7 Masir Camp E-Shop Module <= 3.0 SQL Injection Medium 7577-
2008-09-3 TransLucid 1.75 (fckeditor) Remote Arbitrary File Upload Medium 12569-
2008-08-5 IGES CMS <=2.0 Multiple Vulnerabilities Medium 13535 X
2008-07-20 MyBlog <=0.9.8 Multiple Vulnerabilities High 16342 X
2008-07-13 Pluck Local File inclusion Medium 13013 X
2008-06-20 Virtual Support Office-XP Multiple Vulnerabilities. High 13624 X
2008-06-20 GL-SH Deaf Forum <=6.5.5 Multiple Vulnerabilities High 17524 X
2008-06-19 eLineStudio Site Composer (ESC) <=2.6 Multiple Vulnerabilities High 12689 X
2008-06-19 Academic Web Tools CMS <= 1.4.2.8 Multiple Vulnerabilities Medium 10079 X
2008-06-18 doITlive CMS <=2.50 Multiple Vulnerabilities High 9072 X
2008-06-12 Pooya Site Builder (PSB) SQL Injection Vulnerabilities High 8221 X
2008-06-12 Xigla Multiple Products - Multiple Vulnerabilities Medium 3985-
2008-06-10 Realm CMS <= 2.3 Multiple Vulnerabilities. High 6868 X
2008-06-4 QuickerSite <= 1.85 Multiple Vulnerabilities High 12984 X
2008-05-30 Dot Net Nuke (DNN) <= 4.8.3 XSS Vulnerability Low 5232-
2008-04-27 MegaBBS Forum Multiple Vulnerabilities. Medium 9571 X
2008-04-20 Acidcat CMS Multiple Vulnerabilities. High 7178 X
2008-04-16 Carbon Communities forum Multiple Vulnerabilities. High 8770 X
2008-04-13 cpCommerce Multiple Vulnerabilities Medium 4309-
2008-01-28 Mambo 4.6.3 Path Disclosure, XSS , XSRF, DOS Medium 9044-
2008-01-26 [CandyPress] eCommerce suite SQL Injection + XSS + Path Disclosure in CandyPress High 7144 X
2008-01-23 Web Wiz Rich Text Editor Directory traversal + HTM/HTML file creation on the server Medium 3447-
2008-01-23 Web Wiz NewsPad Directory traversal Low 3199-
2008-01-23 Web Wiz Forums Directory traversal Low 4847-
2008-01-22 Mozilla Firefox 2.0.0.11 Hide The Source Code Low 4481-
2008-01-20 Bloofox CMS SQL Injection (Authentication bypass) , Source code disclosure Medium 3808-
2008-01-7 OneCMS Vulnerabilities High 6429 X
2008-01-2 MODx CMS Source code disclosure, local file inclusion Medium 13177-
2007-12-30 Bitweaver source code disclosure, arbitrary file upload Medium 3153-
2007-12-24 Jupiter Cms Multiple Vulnerabilities High 8476 X
2007-12-24 PHP <= 5.2.5 Safe Mode Bypass Medium 18859 X
2007-12-13 Hosting Controller 6.1 - Users can change other's host headers. Medium 2820-
2007-12-13 Hosting Controller 6.1 - Users can enable or disable all Hosting Controller forums by SQL Injection. Medium 5795 X
2007-12-13 Hosting Controller 6.1 - Users can find web site path. Medium 2448-
2007-12-13 Hosting Controller 6.1 - Users can import unwanted plan or change the plans. Medium 2782-
2007-12-13 Hosting Controller 6.1 - Users can find Hosting Controller setup directory. Medium 6138 X
2007-12-13 Hosting Controller 6.1 - Users can see all usernames in the server by Medium 5087 X
2007-12-13 Hosting Controller 6.1 - Users can enable or disable pay type. Medium 2529-
2007-12-13 Hosting Controller 6.1 - Users can delete all of gateway information. Medium 2268-
2007-12-13 Hosting Controller 6.1 - Users can uninstall other's FrontPage extensions. Medium 2263-
2007-12-13 Hosting Controller 6.1 - Users can change his credit amount or increase his discount. Medium 5098 X
2007-12-13 Hosting Controller 6.1 - SQL Injection in "/accounts/accountmanager.asp" Medium 5305 X
2007-12-13 Hosting Controller 6.1 - Remote Attacker can change all user's profiles. Medium 5626 X
2007-12-13 Hosting Controller 6.1 - Remote Users Can Make a New User High 4657 X
2007-12-13 Hosting Controller 6.1 - Remote Authenticated Users Execute a File Under Administrative Priviledge High 6607 X
2007-12-13 Hosting Controller 6.1 - Lets Remote Users Gain Admin Priviledge High 4864 X
2007-12-10 Snitz Forums 2000 Active.asp Remote SQL Injection Vulnerability High 5191 X
2007-11-25 RunCMS <= 1.6 disclaimer.php Remote File Overwrite Exploit High 12336 X
2007-11-25 RunCMS <= 1.6 Local File Inclusion Vulnerability Medium 2513-
2007-11-22 SkyPortal vRC6 Multiple Remote Vulnerabilities High 4473 X
2007-11-22 bcoos 1.0.10 (LFI / SQL Injection) Multiple Remote Vulnerabilities Medium 2808-
2007-10-25 Mozilla Firefox <= 2.0.0.7 Remote Denial of Service Exploit Low 3157-

Copyright © 2007-2014 AmnPardaz