Alpha_Programmer

7 exploits Active since May 2005
CVE-2005-1787 EXPLOITDB perl WORKING POC
Phpstat - Improper Input Validation
setup.php in phpStat 1.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the $check variable.
CVE-2005-2000 EXPLOITDB perl WORKING POC
PHP Arena Pafiledb - SQL Injection
Multiple SQL injection vulnerabilities in paFileDB 3.1 and earlier allow remote attackers to execute arbitrary SQL commands via the formname parameter (1) in the login form, (2) in the team login form, or (3) to auth.php, (4) select, (5) id, or (6) query parameter to pafiledb.php, or (7) string parameter to search.php.
CVE-2005-2697 EXPLOITDB perl WORKING POC
MyBB <4 - SQL Injection
SQL injection vulnerability in search.php for MyBulletinBoard (MyBB) 1.00 Release Candidate 1 through 4 allows remote attackers to execute arbitrary SQL commands via the uid parameter. NOTE: this issue might overlap CVE-2005-0282.
CVE-2005-1950 EXPLOITDB perl WORKING POC
Webhints 1.03 - Command Injection
hints.pl in Webhints 1.03 allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.
CVE-2005-1628 EXPLOITDB perl WORKING POC
Web-app.org Webapp - Improper Input Validation
apage.cgi in WebAPP 0.9.9.2.1, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter.
CVE-2005-1950 EXPLOITDB c WORKING POC
Webhints 1.03 - Command Injection
hints.pl in Webhints 1.03 allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.
CVE-2005-1779 EXPLOITDB perl WORKING POC
Maxwebportal - SQL Injection
SQL injection vulnerability in password.asp in MaxWebPortal 1.35, 1.36, 2.0, and 20050418 Next allows remote attackers to execute arbitrary SQL commands via the memKey parameter.