Aung Khant

42 exploits Active since Apr 2010
CVE-2011-0535 EXPLOITDB text WRITEUP
Zikula Application Framework < 1.2.5 - Cross-Site Request Forgery via Users Module
Cross-site request forgery (CSRF) vulnerability in the Users module in Zikula before 1.2.5 allows remote attackers to hijack the authentication of administrators for requests that change account privileges via an edit access_permissions action to index.php.
EIP-2026-114468 EXPLOITDB text WORKING POC
XOOPS 2.x - Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-112960 EXPLOITDB text WORKING POC
Vanilla Forums 2.0.17.x - 'p' Cross-Site Scripting
CVE-2011-4670 EXPLOITDB text WORKING POC
vtiger CRM < 5.2.1 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in vTiger CRM 5.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) viewname parameter in a CalendarAjax action, (2) activity_mode parameter in a DetailView action, (3) contact_id and (4) parent_id parameters in an EditView action, (5) day, (6) month, (7) subtab, (8) view, and (9) viewOption parameters in the index action, and (10) start parameter in the ListView action to the Calendar module; (11) return_action and (12) return_module parameters in the EditView action, and (13) query parameter in an index action to the Campaigns module; (14) return_url and (15) workflow_id parameters in an editworkflow action to the com_vtiger_workflow module; (16) display_view parameter in an index action to the Dashboard module; (17) closingdate_end, (18) closingdate_start, (19) date_closed, (20) owner, (21) leadsource, (22) sales_stage, and (23) type parameters in a ListView action to the Potentials module; (24) folderid parameter in a SaveandRun action to the Reports module; (25) returnaction and (26) groupId parameters in a createnewgroup action, (27) mode and (28) parent parameters in a createrole action, (29) src_module in a ModuleManager action, (30) mode and (31) profile_id parameters in a profilePrivileges action, and (32) roleid parameter in a RoleDetailView to the Settings module; and (33) action parameter to the Home module and (34) module parameter to phprint.php.
CVE-2011-4670 EXPLOITDB text WORKING POC
vtiger CRM < 5.2.1 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in vTiger CRM 5.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) viewname parameter in a CalendarAjax action, (2) activity_mode parameter in a DetailView action, (3) contact_id and (4) parent_id parameters in an EditView action, (5) day, (6) month, (7) subtab, (8) view, and (9) viewOption parameters in the index action, and (10) start parameter in the ListView action to the Calendar module; (11) return_action and (12) return_module parameters in the EditView action, and (13) query parameter in an index action to the Campaigns module; (14) return_url and (15) workflow_id parameters in an editworkflow action to the com_vtiger_workflow module; (16) display_view parameter in an index action to the Dashboard module; (17) closingdate_end, (18) closingdate_start, (19) date_closed, (20) owner, (21) leadsource, (22) sales_stage, and (23) type parameters in a ListView action to the Potentials module; (24) folderid parameter in a SaveandRun action to the Reports module; (25) returnaction and (26) groupId parameters in a createnewgroup action, (27) mode and (28) parent parameters in a createrole action, (29) src_module in a ModuleManager action, (30) mode and (31) profile_id parameters in a profilePrivileges action, and (32) roleid parameter in a RoleDetailView to the Settings module; and (33) action parameter to the Home module and (34) module parameter to phprint.php.
CVE-2011-4559 EXPLOITDB text WORKING POC
vtiger CRM < 5.2.1 - SQL Injection via Calendar Module onlyforuser Parameter
SQL injection vulnerability in the Calendar module in vTiger CRM 5.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the onlyforuser parameter in an index action to index.php.
EIP-2026-112739 EXPLOITDB text WORKING POC
TomatoCart - 'json.php' Security Bypass
CVE-2011-4908 EXPLOITDB CRITICAL text WRITEUP
TinyBrowser < 1.5.13 - Unauthenticated Arbitrary File Upload via upload.php
TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php.
CVSS 9.8
EIP-2026-112051 EXPLOITDB text WORKING POC
SilverStripe CMS 2.4.x - 'BackURL' Open Redirection
EIP-2026-111205 EXPLOITDB text WORKING POC
phpShop 0.8.1 - 'page' Cross-Site Scripting
CVE-2012-1112 EXPLOITDB text WORKING POC
Open-Realty CMS <2.5.8 - Path Traversal
Directory traversal vulnerability in Open-Realty CMS 2.5.8 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the select_users_template parameter to index.php.
EIP-2026-110244 EXPLOITDB html WORKING POC
Open-Realty 2.5.8 - Cross-Site Request Forgery
EIP-2026-110012 EXPLOITDB text WORKING POC
ocPortal 7.1.5 - 'redirect' Open Redirection
CVE-2010-5096 EXPLOITDB text WORKING POC
MyBB < 1.6.1 - SQL Injection via Search or Private Keywords Parameter
Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) before 1.6.1 allow remote attackers to execute arbitrary SQL commands via the keywords parameter in a (1) do_search action to search.php or (2) do_stuff action to private.php. NOTE: the vendor disputes this issue, saying "Although this doesn't lead to an SQL injection, it does provide a general MyBB SQL error.
CVE-2010-5096 EXPLOITDB text WORKING POC
MyBB < 1.6.1 - SQL Injection via Search or Private Keywords Parameter
Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) before 1.6.1 allow remote attackers to execute arbitrary SQL commands via the keywords parameter in a (1) do_search action to search.php or (2) do_stuff action to private.php. NOTE: the vendor disputes this issue, saying "Although this doesn't lead to an SQL injection, it does provide a general MyBB SQL error.
EIP-2026-109272 EXPLOITDB text WORKING POC
Mambo 4.6.x - Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-109273 EXPLOITDB text WORKING POC
Mambo 4.6.x < 4.6.5 - SQL Injection
EIP-2026-108913 EXPLOITDB text WORKING POC
Joomla! Plugin Beatz 1.1 - Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-108177 EXPLOITDB text WRITEUP
Joomla! 1.6 - Multiple SQL Injections
CVE-2011-0005 EXPLOITDB text WORKING POC
Joomla com_search 1.0.x-1.0.15 - Cross-Site Scripting via Ordering Parameter
Cross-site scripting (XSS) vulnerability in the com_search module for Joomla! 1.0.x through 1.0.15 allows remote attackers to inject arbitrary web script or HTML via the ordering parameter to index.php.
EIP-2026-108180 EXPLOITDB text WORKING POC
Joomla! 1.6.3 - Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-108188 EXPLOITDB text WORKING POC
Joomla! < 1.7.0 - Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-108074 EXPLOITDB ruby WORKING POC
Jcow Social Networking Script 4.2 < 5.2 - Arbitrary Code Execution (Metasploit)
CVE-2012-1110 EXPLOITDB text WORKING POC
Etano < 1.22 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Etano 1.22 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user, (2) email, (3) email2, (4) f17_zip, or (5) agree parameter to join.php; (6) PATH_INFO, (7) st, (8) f17_city, (9) f17_country, (10) f17_state, (11) f17_zip, (12) f19, (13) wphoto, (14) search, or (15) v parameter to search.php; (16) PATH_INFO or (17) st parameter to photo_search.php; or (18) return parameter to photo_view.php.
CVE-2012-1110 EXPLOITDB text WORKING POC
Etano < 1.22 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Etano 1.22 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user, (2) email, (3) email2, (4) f17_zip, or (5) agree parameter to join.php; (6) PATH_INFO, (7) st, (8) f17_city, (9) f17_country, (10) f17_state, (11) f17_zip, (12) f19, (13) wphoto, (14) search, or (15) v parameter to search.php; (16) PATH_INFO or (17) st parameter to photo_search.php; or (18) return parameter to photo_view.php.