AmnPardaz Security Research & Penetration Testing Group

8 exploits Active since Dec 2007
CVE-2008-0738 EXPLOITDB WORKING POC
CandyPress Store < 4.1 - SQL Injection via idcust or tableName Parameter
Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, and earlier 4.1.x versions, allow remote attackers to execute arbitrary SQL commands via the (1) idcust parameter to (a) ajax_getTiers.asp and (b) ajax_getCust.asp in ajax/, and the (2) tableName parameter to (c) ajax/ajax_tableFields.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0547 EXPLOITDB text WORKING POC
CandyPress < 4.1.1.26 - Cross-Site Scripting via helpfield Parameter
Cross-site scripting (XSS) vulnerability in admin/utilities_ConfigHelp.asp in CandyPress (CP) 4.1.1.26, and probably earlier 4.x and 3.x versions, allows remote attackers to inject arbitrary web script or HTML via the helpfield parameter.
CVE-2008-0546 EXPLOITDB text WORKING POC
CandyPress 4.1.1.26 - SQL Injection via idProduct or options Parameter
Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, and earlier 4.1.x versions, allow remote attackers to execute arbitrary SQL commands via the (1) idProduct and (2) options parameters to (a) ajax/ajax_optInventory.asp, or the (2) recid parameter to (b) ajax/ajax_getBrands.asp.
CVE-2008-0737 EXPLOITDB text WORKING POC
CandyPress 4.x and 3.x - SQL Injection via helpfield Parameter
SQL injection vulnerability in admin/utilities_ConfigHelp.asp in CandyPress (CP) 4.1.1.26, and other 4.x and 3.x versions, allows remote attackers to execute arbitrary SQL commands via the helpfield parameter.
CVE-2008-0736 EXPLOITDB text WORKING POC
CandyPress 4.1.1.26 - Path Exposure via FedExAccount Parameter
admin/SA_shipFedExMeter.asp in CandyPress (CP) 4.1.1.26, and possibly other 4.x and 3.x versions, allows remote attackers to obtain the path via a certain value of the FedExAccount parameter.
EIP-2026-108937 EXPLOITDB php WORKING POC
Jupiter 1.1.5ex - Privilege Escalation
CVE-2007-6561 EXPLOITDB php WORKING POC
PDFLib - Stack-Based Buffer Overflow via Long Filename in PDF_load_image Function
Multiple stack-based buffer overflows in PDFLib allow user-assisted remote attackers to execute arbitrary code via a long filename argument to the PDF_load_image function that results in an overflow in the pdc_fsearch_fopen function, and possibly other vectors.
CVE-2008-0739 EXPLOITDB text WORKING POC
CandyPress < 4.1 - SQL Injection via FedExAccount Parameter
SQL injection vulnerability in admin/SA_shipFedExMeter.asp in CandyPress (CP) 4.1.1.26, and earlier 4.x and 3.x versions, allows remote attackers to execute arbitrary SQL commands via the FedExAccount parameter.