Aung Khant

42 exploits Active since Apr 2010
CVE-2012-1110 EXPLOITDB text WORKING POC
Etano < 1.22 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Etano 1.22 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user, (2) email, (3) email2, (4) f17_zip, or (5) agree parameter to join.php; (6) PATH_INFO, (7) st, (8) f17_city, (9) f17_country, (10) f17_state, (11) f17_zip, (12) f19, (13) wphoto, (14) search, or (15) v parameter to search.php; (16) PATH_INFO or (17) st parameter to photo_search.php; or (18) return parameter to photo_view.php.
EIP-2026-106832 EXPLOITDB text WORKING POC
Elgg 1.7.10 - Multiple Vulnerabilities
CVE-2012-0873 EXPLOITDB text WORKING POC
Boonex Dolphin < 7.0.8 - Cross-Site Scripting via Explanation or ViewFriends Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Boonex Dolphin before 7.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) explain parameter to explanation.php or the (2) photos_only, (3) online_only, or (4) mode parameters to viewFriends.php.
CVE-2012-0873 EXPLOITDB text WORKING POC
Boonex Dolphin < 7.0.8 - Cross-Site Scripting via Explanation or ViewFriends Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Boonex Dolphin before 7.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) explain parameter to explanation.php or the (2) photos_only, (3) online_only, or (4) mode parameters to viewFriends.php.
EIP-2026-106281 EXPLOITDB text WORKING POC
Curverider Elgg 1.7.9 - Multiple Cross-Site Scripting Vulnerabilities
CVE-2012-0865 EXPLOITDB text WRITEUP
CubeCart < 3.0.20 - Open Redirect via switch.php r Parameter or admin/login.php goto Parameter
Multiple open redirect vulnerabilities in CubeCart 3.0.20 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) r parameter to switch.php or (2) goto parameter to admin/login.php.
CVE-2012-0865 EXPLOITDB text WRITEUP
CubeCart < 3.0.20 - Open Redirect via switch.php r Parameter or admin/login.php goto Parameter
Multiple open redirect vulnerabilities in CubeCart 3.0.20 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) r parameter to switch.php or (2) goto parameter to admin/login.php.
CVE-2012-0865 EXPLOITDB text WRITEUP
CubeCart < 3.0.20 - Open Redirect via switch.php r Parameter or admin/login.php goto Parameter
Multiple open redirect vulnerabilities in CubeCart 3.0.20 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) r parameter to switch.php or (2) goto parameter to admin/login.php.
EIP-2026-106120 EXPLOITDB text WORKING POC
Concrete 5.4.1 1 - 'rcID' Cross-Site Scripting
EIP-2026-105511 EXPLOITDB text WORKING POC
BlastChat Client 3.3 - Cross-Site Scripting
CVE-2012-4745 EXPLOITDB text WORKING POC
Acuity CMS 2.6.2 - Cross-Site Scripting via UserName Parameter
Cross-site scripting (XSS) vulnerability in admin/login.asp in Acuity CMS 2.6.2 allows remote attackers to inject arbitrary web script or HTML via the UserName parameter.
CVE-2010-1586 EXPLOITDB text WRITEUP
HP System Management Homepage 2.x.x.x - Open Redirect via RedirectUrl Parameter
Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter.
CVE-2010-4647 EXPLOITDB text WORKING POC
Eclipse IDE < 3.6.2 - Cross-Site Scripting via Help Contents Query String
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE before 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) help/index.jsp or (2) help/advanced/content.jsp.
CVE-2010-4647 EXPLOITDB text WORKING POC
Eclipse IDE < 3.6.2 - Cross-Site Scripting via Help Contents Query String
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE before 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) help/index.jsp or (2) help/advanced/content.jsp.
EIP-2026-101275 EXPLOITDB text WRITEUP
FirePass 7.0 SSL VPN - 'refreshURL' Open Redirection
EIP-2026-100099 EXPLOITDB text WORKING POC
Acuity CMS 2.6.2 - '/admin/file_manager/file_upload_submit.asp' Multiple Arbitrary File Upload / Code Executions
EIP-2026-100098 EXPLOITDB text WRITEUP
Acuity CMS 2.6.2 - '/admin/file_manager/browse.asp?path' Traversal Arbitrary File Access