Author: ahmadbady

Country:

Reported research: 34

Advisories

Risk	Topic & Details
High	mxCamArchive 2.2 Bypass Config Download Vulnerability (CVE assigned) Remote \| 2009-08-14
High	phpAdBoard (php uploads) Arbitrary File Upload Vulnerability (CVE assigned) Remote \| 2009-08-10
High	phpEmployment (php upload) Arbitrary File Upload Vulnerability (CVE assigned) Remote \| 2009-08-10
Med.	OraMon 2.0.1 Remote Config File Disclosure Vulnerability (CVE assigned) Remote \| 2009-07-26
Low	phpGreetCards XSS/Arbitrary File Upload Vulnerability (CVE assigned) Remote \| 2009-07-12
Med.	PHP-Sugar 0.80 (index.php t) Local File Inclusion Vulnerability (CVE assigned) Remote \| 2009-07-11
High	Jax FormMailer 3.0.0 Remote File Inclusion Vulnerability (CVE assigned) Remote \| 2009-07-11
High	phpFK 7.03 (page_bottom.php) Local File Inclusion Vulnerability (CVE assigned) Remote \| 2009-06-22
High	SiteX <= 0.7.4.418 (THEME_FOLDER) Local File Inclusion Vulnerabilities (CVE assigned) Remote \| 2009-06-02
High	Flyspeck CMS 6.8 Remote LFI / Change Add Admin Exploit (CVE assigned) Remote \| 2009-05-25
Med.	Pluck 4.6.2 (langpref) Local File Inclusion Vulnerabilities (CVE assigned) Remote \| 2009-05-24
High	TinyButStrong 3.4.0 (script) Local File Disclosure Vulnerability (CVE assigned) Remote \| 2009-05-18
Med.	Simple Customer 1.3 Arbitrary Change Admin Password Exploit (CVE assigned) Remote \| 2009-05-17
High	Qt quickteam Multiple Remote File Inclusion Vulnerabilities (CVE assigned) Remote \| 2009-05-07
High	SMA-DB 0.3.12 (RFI/XSS) Multiple Remote Vulnerabilities (CVE assigned) Remote \| 2009-04-29
High	WebPortal CMS 0.8b Multiple Remote/Local File Inclusion Vulnerabilities (CVE assigned) Remote \| 2009-04-29
High	e-cart.biz Shopping Cart Arbitrary File Upload Vulnerability (CVE assigned) Remote \| 2009-04-29
High	blogplus 1.0 Multiple Local File Inclusion Vulnerabilities (CVE assigned) Remote \| 2009-04-10
Med.	Tizag Countdown Creator .v.3 Insecure Upload Vulnerability (CVE assigned) Remote \| 2009-03-21
Med.	BlogHelper (common_db.inc) Remote Config File Disclosure Vulnerability (CVE assigned) Remote \| 2009-03-08
High	zFeeder 1.6 (admin.php) No Authentication Vulnerability (CVE assigned) Remote \| 2009-03-08
Med.	PollHelper (poll.inc) Remote Config File Disclosure Vulnerability (CVE assigned) Remote \| 2009-03-08
Med.	phpfan 3.3.4 (init.php includepath) Remote File Inclusion Vulnerability (CVE assigned) Remote \| 2009-02-26
Med.	phpSkelSite 1.4 (RFI/LFI/XSS) Multiple Remote Vulnerabilities (CVE assigned) Remote \| 2009-02-18
High	YACS CMS 8.11 update_trailer.php Remote File Inclusion Vulnerability (CVE assigned) Remote \| 2009-02-17
High	webframe 0.76 Multiple File Inclusion Vulnerabilities (CVE assigned) Remote \| 2009-02-12
High	Realtor 747 (define.php INC_DIR) Remote File Inclusion Vulnerability (CVE assigned) Remote \| 2009-02-11
Low	Simple PHP Newsletter 1.5 (olang) Local File Inclusion Vulnerabilities (CVE assigned) Remote \| 2009-01-31
Med.	SCMS v1 (index.php p) Local File Inclusion Vulnerability (CVE assigned) Remote \| 2009-01-31
High	playSMS 0.9.3 Multiple Remote/Local File Inclusion Vulnerabilities (CVE assigned) Remote \| 2009-01-10

Author: ahmadbady

Country:

Reported research: 34

Advisories

High

mxCamArchive 2.2 Bypass Config Download Vulnerability (CVE assigned)

Remote | 2009-08-14

High

phpAdBoard (php uploads) Arbitrary File Upload Vulnerability (CVE assigned)

Remote | 2009-08-10

High

phpEmployment (php upload) Arbitrary File Upload Vulnerability (CVE assigned)

Remote | 2009-08-10

Med.

OraMon 2.0.1 Remote Config File Disclosure Vulnerability (CVE assigned)

Remote | 2009-07-26

Low

phpGreetCards XSS/Arbitrary File Upload Vulnerability (CVE assigned)

Remote | 2009-07-12

Med.

PHP-Sugar 0.80 (index.php t) Local File Inclusion Vulnerability (CVE assigned)

Remote | 2009-07-11

High

Jax FormMailer 3.0.0 Remote File Inclusion Vulnerability (CVE assigned)

Remote | 2009-07-11

High

phpFK 7.03 (page_bottom.php) Local File Inclusion Vulnerability (CVE assigned)

Remote | 2009-06-22

High

SiteX <= 0.7.4.418 (THEME_FOLDER) Local File Inclusion Vulnerabilities (CVE assigned)

Remote | 2009-06-02

High

Flyspeck CMS 6.8 Remote LFI / Change Add Admin Exploit (CVE assigned)

Remote | 2009-05-25

Med.

Pluck 4.6.2 (langpref) Local File Inclusion Vulnerabilities (CVE assigned)

Remote | 2009-05-24

High

TinyButStrong 3.4.0 (script) Local File Disclosure Vulnerability (CVE assigned)

Remote | 2009-05-18

Med.

Simple Customer 1.3 Arbitrary Change Admin Password Exploit (CVE assigned)

Remote | 2009-05-17

High

Qt quickteam Multiple Remote File Inclusion Vulnerabilities (CVE assigned)

Remote | 2009-05-07

High

SMA-DB 0.3.12 (RFI/XSS) Multiple Remote Vulnerabilities (CVE assigned)

Remote | 2009-04-29

High

WebPortal CMS 0.8b Multiple Remote/Local File Inclusion Vulnerabilities (CVE assigned)

Remote | 2009-04-29

High

e-cart.biz Shopping Cart Arbitrary File Upload Vulnerability (CVE assigned)

Remote | 2009-04-29

High

blogplus 1.0 Multiple Local File Inclusion Vulnerabilities (CVE assigned)

Remote | 2009-04-10

Med.

Tizag Countdown Creator .v.3 Insecure Upload Vulnerability (CVE assigned)

Remote | 2009-03-21

Med.

BlogHelper (common_db.inc) Remote Config File Disclosure Vulnerability (CVE assigned)

Remote | 2009-03-08

High

zFeeder 1.6 (admin.php) No Authentication Vulnerability (CVE assigned)

Remote | 2009-03-08

Med.

PollHelper (poll.inc) Remote Config File Disclosure Vulnerability (CVE assigned)

Remote | 2009-03-08

Med.

phpfan 3.3.4 (init.php includepath) Remote File Inclusion Vulnerability (CVE assigned)

Remote | 2009-02-26

Med.

phpSkelSite 1.4 (RFI/LFI/XSS) Multiple Remote Vulnerabilities (CVE assigned)

Remote | 2009-02-18

High

YACS CMS 8.11 update_trailer.php Remote File Inclusion Vulnerability (CVE assigned)

Remote | 2009-02-17

High

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)