Alberto Trivero

23 exploits Active since Jan 2005
CVE-2009-3759 EXPLOITDB HIGH text WRITEUP
Citrix XenCenterWeb - Cross-Site Request Forgery via Password Change or VM Stop
Multiple cross-site request forgery (CSRF) vulnerabilities in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allow remote attackers to hijack the authentication of administrators for (1) requests that change the password via the username parameter to config/changepw.php or (2) stop a virtual machine via the stop_vmname parameter to hardstopvm.php. NOTE: some of these details are obtained from third party information.
CVSS 8.8
CVE-2009-3758 EXPLOITDB text WRITEUP
Citrix XenCenterWeb - SQL Injection via login.php Username Parameter
SQL injection vulnerability in login.php in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information.
CVE-2009-3757 EXPLOITDB text WRITEUP
Citrix XenCenterWeb - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to config/edituser.php; (2) location, (3) sessionid, and (4) vmname parameters to console.php; (5) vmrefid and (6) vmname parameters to forcerestart.php; and (7) vmname and (8) vmrefid parameters to forcesd.php. NOTE: some of these details are obtained from third party information.
CVE-2009-3760 EXPLOITDB text WRITEUP
Citrix XenCenterWeb - Remote Code Execution via config/writeconfig.php Pool1 Parameter
Static code injection vulnerability in config/writeconfig.php in the sample code in the XenServer Resource Kit in Citrix XenCenterWeb allows remote attackers to inject arbitrary PHP code into include/config.ini.php via the pool1 parameter. NOTE: some of these details are obtained from third party information.
EIP-2026-113490 EXPLOITDB perl WORKING POC
WordPress Core 1.5.1.1 - SQL Injection
CVE-2005-0872 EXPLOITDB text WRITEUP
phpBB Topic Calendar 1.0.1 - Cross-Site Scripting via Start Parameter
Cross-site scripting (XSS) vulnerability in calendar_scheduler.php in the Topic Calendar 1.0.1 module for phpBB allows remote attackers to inject arbitrary web script or HTML via the start parameter.
EIP-2026-112881 EXPLOITDB perl WORKING POC
Ultimate PHP Board 1.9.6 GOLD - users.dat Password Decryptor
CVE-2005-2030 EXPLOITDB perl WORKING POC
Ultimate PHP Board (UPB) 1.9.6 GOLD - Info Disclosure
Ultimate PHP Board (UPB) 1.9.6 GOLD uses weak encryption for passwords in the users.dat file, which allows attackers to easily decrypt the passwords and gain privileges, possibly after exploiting CVE-2005-2005 to obtain users.dat.
EIP-2026-112880 EXPLOITDB text WORKING POC
Ultimate PHP Board 1.8/1.9 - Multiple Cross-Site Scripting Vulnerabilities
CVE-2005-1524 EXPLOITDB perl WORKING POC
Cacti < 0.8.6d - Remote Code Execution via top_graph_header.php config[library_path] Parameter
PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the config[library_path] parameter.
CVE-2005-1701 EXPLOITDB perl WORKING POC
PortailPHP 1.3 - SQL Injection via id Parameter
SQL injection vulnerability in PortailPHP 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter to the (1) News, (2) File, (3) Liens, or (4) Faq modules.
EIP-2026-111410 EXPLOITDB perl WORKING POC
PortailPHP 1.3 - 'ID' SQL Injection
CVE-2005-1500 EXPLOITDB perl WORKING POC
myBloggie 2.1.1 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in myBloggie 2.1.1 allow remote attackers to execute arbitrary SQL commands via (1) the keyword parameter in search.php; or (2) the date_no parameter in viewdate mode, (3) the cat_id parameter in viewcat mode, the (4) month_no or (5) year parameter in viewmonth mode, or (6) post_id parameter in viewid mode to index.php. NOTE: item (1) was discovered to affect 2.1.3 as well.
EIP-2026-109755 EXPLOITDB text WORKING POC
MyBulletinBoard (MyBB) RC4 - Multiple Cross-Site Scripting / SQL Injections
CVE-2005-1833 EXPLOITDB perl WORKING POC
MyBulletinBoard < 1.00_rc4 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to calendar.php, (2) idsql parameter to online.php, (3) usersearch parameter to memberlist.php, (4) pid parameter to editpost.php, (5) fid parameter to forumdisplay.php, (6) tid parameter to newreply.php, (7) sid parameter to search.php, (8) tid or (9) pid parameter to showthread.php, (10) tid parameter to usercp2.php, (11) tid parameter to printthread.php, or (12) pid parameter to reputation.php.
CVE-2005-1498 EXPLOITDB text WORKING POC
myBloggie 2.1.1 - Cross-Site Scripting via Year Parameter in viewmode.php
Multiple cross-site scripting (XSS) vulnerabilities in myBloggie 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) year parameter in viewmode.php, or the (2) cat_id, (3) month_no, or (4) post_id parameter in index.php, which are not properly sanitized before they are displayed in an error message. NOTE: issues 2, 3, and 4 may be due to a problem in associated products rather than myBloggie itself.
CVE-2005-0307 EXPLOITDB text WORKING POC
MercuryBoard 1.1.1 - Cross-Site Scripting via Multiple Index.php Parameters
Multiple cross-site scripting (XSS) vulnerabilities in index.php in MercuryBoard 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) s, (2) l, (3) a, (4) t, (5) to, or (6) re parameters.
EIP-2026-105678 EXPLOITDB perl WORKING POC
Cacti 0.8.6d - Remote Command Execution
CVE-2009-4849 EXPLOITDB text WRITEUP
ToutVirtual VirtualIQ Pro 3.2 build 7882 and 3.5 build 8691 - Cross-Site Request Forgery
Multiple cross-site request forgery (CSRF) vulnerabilities in ToutVirtual VirtualIQ Pro 3.2 build 7882 and 3.5 build 8691 allow remote attackers to hijack the authentication of administrators for requests that (1) create a new user account via a save action to tvserver/user/user.do, (2) shutdown a virtual machine, (3) start a virtual machine, (4) restart a virtual machine, or (5) schedule an activity.
CVE-2005-2066 EXPLOITDB perl WORKING POC
ASP Nuke 0.80 - SQL Injection via TaskID Parameter
SQL injection vulnerability in comment_post.asp in ASP Nuke 0.80 allows remote attackers to execute arbitrary SQL statements via the TaskID parameter.
CVE-2005-2064 EXPLOITDB text WORKING POC
ASP Nuke 0.80 - Cross-Site Scripting via Multiple Registration Parameters
Multiple cross-site scripting vulnerabilities in ASP Nuke 0.80 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to forgot_password.asp, or the (2) FirstName, (3) LastName, (4) Username, (5) Password, (6) Address1, (7) Address2, (8) City, (9) ZipCode, (10) Email parameter to register.asp.
CVE-2005-2065 EXPLOITDB text WORKING POC
ASP Nuke 0.80 - HTTP Response Splitting via LangCode Parameter
HTTP response splitting vulnerability in language_select.asp in ASP Nuke 0.80 allows remote attackers to spoof web content and poison web caches via CRLF ("%0d%0a") sequences in the LangCode parameter.
CVE-2005-2064 EXPLOITDB text WORKING POC
ASP Nuke 0.80 - Cross-Site Scripting via Multiple Registration Parameters
Multiple cross-site scripting vulnerabilities in ASP Nuke 0.80 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to forgot_password.asp, or the (2) FirstName, (3) LastName, (4) Username, (5) Password, (6) Address1, (7) Address2, (8) City, (9) ZipCode, (10) Email parameter to register.asp.