Author: CWH Underground

Country:

Reported research: 35

Advisories

Risk	Topic & Details
High	Wolf CMS Arbitrary File Upload Exploit Remote \| 2015-04-19
High	WeBid 1.1.1 Unrestricted File Upload Exploit Remote \| 2015-03-06
Med.	Clipbucket 2.7 RC3 0.9 Blind SQL Injection (CVE assigned) Remote \| 2015-03-02
High	PodHawk 1.85 Shell Upload Remote \| 2013-06-24
Med.	Elemata CMS RC3.0 SQL Injection (CVE assigned) Remote \| 2013-06-24
High	imacs CMS 0.3.0 Shell Upload Remote \| 2013-06-20
High	Fly-High CMS 2012-07-08 Shell Upload Remote \| 2013-06-18
High	Bloofox CMS 0.5.0 Shell Upload Remote \| 2013-06-18
High	Havalite CMS 1.1.7 Shell Upload Remote \| 2013-06-18
High	Libretto CMS 2.2.2 Shell Upload Remote \| 2013-06-15
High	230 CMS 1.1.2012 PHP Code Injection Remote \| 2013-06-13
High	mkCMS 3.6 PHP Code Injection Remote \| 2013-06-12
Med.	Fobuc Guestbook 0.9 SQL Injection Remote \| 2013-06-12
High	Lokboard 1.1 PHP Code Injection Remote \| 2013-06-11
High	MaxForum 2.0.0 Multiple Vulnerabilities Remote \| 2013-06-10
Med.	NanoBB 0.7 Cross Site Scripting & SQL Injection Remote \| 2013-06-10
High	Napata CMS 1.5.2013 PHP Code Injection Remote \| 2013-06-06
Med.	Cuppa CMS Remote / Local File Inclusion Remote \| 2013-06-05
High	gpEasy CMS 4.0 Shell Upload Remote \| 2013-06-05
High	CMS Gratis Indonesia PHP Code Injection Remote \| 2013-06-05
High	PhpTax 0.8 Remote Code Execution Remote \| 2013-06-03
Low	PHP4DVD 2.0 Code Injection Remote \| 2013-06-03
Med.	Facil-CMS 0.1RC Multiple Local File Inclusion Vulnerabilities (CVE assigned) Remote \| 2009-09-08
High	Page Manager CMS Remote Arbitrary File Upload Vulnerability (CVE assigned) Remote \| 2009-09-08
High	Kwalbum <= 2.0.2 Arbitary File Upload Vulnerability (CVE assigned) Remote \| 2008-12-21
Med.	CMS little (index.php term) Remote SQL Injection Exploit (CVE assigned) Remote \| 2008-12-21
Med.	Lito Lite CMS (cate.php cid) Remote SQL Injection Exploit (CVE assigned) Remote \| 2008-12-21
Low	TxtBlog (index.php m) Local File Inclusion Vulnerability (CVE assigned) Remote \| 2008-12-21
Low	SyndeoCMS 2.6.0 (LFI/XSS) Multiple Remote Vulnerabilities (CVE assigned) Remote \| 2008-12-01
High	212cafe Board 0.07 (view.php qID) SQL Injection Vulnerability (CVE assigned) Remote \| 2008-10-24

Author: CWH Underground

Reported research: 35

Advisories

High

Remote | 2015-04-19

High

Remote | 2015-03-06

Med.

Clipbucket 2.7 RC3 0.9 Blind SQL Injection (CVE assigned)

Remote | 2015-03-02

High

Remote | 2013-06-24

Med.

Elemata CMS RC3.0 SQL Injection (CVE assigned)

Remote | 2013-06-24

High

Remote | 2013-06-20

High

Remote | 2013-06-18

High

Remote | 2013-06-18

High

Remote | 2013-06-18

High

Remote | 2013-06-15

High

Remote | 2013-06-13

High

Remote | 2013-06-12

Med.

Remote | 2013-06-12

High

Remote | 2013-06-11

High

Remote | 2013-06-10

Med.

Remote | 2013-06-10

High

Remote | 2013-06-06

Med.

Remote | 2013-06-05

High

Remote | 2013-06-05

High

Remote | 2013-06-05

High

Remote | 2013-06-03

Low

Remote | 2013-06-03

Med.

Facil-CMS 0.1RC Multiple Local File Inclusion Vulnerabilities (CVE assigned)

Remote | 2009-09-08

High

Page Manager CMS Remote Arbitrary File Upload Vulnerability (CVE assigned)

Remote | 2009-09-08

High

Kwalbum <= 2.0.2 Arbitary File Upload Vulnerability (CVE assigned)

Remote | 2008-12-21

Med.

CMS little (index.php term) Remote SQL Injection Exploit (CVE assigned)

Remote | 2008-12-21

Med.

Lito Lite CMS (cate.php cid) Remote SQL Injection Exploit (CVE assigned)

Remote | 2008-12-21

Low

TxtBlog (index.php m) Local File Inclusion Vulnerability (CVE assigned)

Remote | 2008-12-21

Low

SyndeoCMS 2.6.0 (LFI/XSS) Multiple Remote Vulnerabilities (CVE assigned)

Remote | 2008-12-01

High

212cafe Board 0.07 (view.php qID) SQL Injection Vulnerability (CVE assigned)

Remote | 2008-10-24

Do you know.. we can display your:

- Twitter Link - Website Link - Zone-H Link - Description of profile - email (let us know if you want show public)

Let's us know! submit@cxsec.org

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)