Angela Chang

EIP-2026-113346 EXPLOITDB text WORKING POC

Webscene eCommerce - 'productlist.php' SQL Injection

View Code

CVE-2009-4986 EXPLOITDB text WORKING POC

In-Portal 4.3.1 - Path Traversal via Env Parameter

Directory traversal vulnerability in index.php in In-Portal 4.3.1, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the env parameter.

View Code

CVE-2009-3205 EXPLOITDB text WORKING POC

CBAuthority - SQL Injection via id Parameter in view_product Action

SQL injection vulnerability in main.php in CBAuthority allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_product action.

View Code

CVE-2009-4957 EXPLOITDB text WRITEUP

Interspire ActiveKB - Path Traversal via Panel Parameter

Directory traversal vulnerability in loadpanel.php in Interspire ActiveKB allows remote attackers to read arbitrary files and possibly have unspecified other impact via directory traversal sequences in the Panel parameter.

View Code