BeyazKurt

24 exploits Active since Mar 2007
CVE-2008-4427 EXPLOITDB WORKING POC
Phlatline Personal Information Manager < 1.0 - Unauthenticated Arbitrary Password Change
changepassword.php in Phlatline's Personal Information Manager (pPIM) 1.0 and earlier does not require administrative authentication, which allows remote attackers to change arbitrary passwords.
CVE-2008-4428 EXPLOITDB WORKING POC
Phlatline Personal Information Manager < 1.0 - Unauthenticated Arbitrary File Upload via upload.php
Unrestricted file upload vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 and earlier allows remote attackers to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the file in the top-level directory.
CVE-2008-6118 EXPLOITDB text WORKING POC
Goople CMS 1.7 - Unauthenticated Authentication Bypass via Loggedin Cookie
win/content/upload.php in Goople CMS 1.7 allows remote attackers to bypass authentication and gain administrative access by setting the loggedin cookie to 1.
CVE-2008-4426 EXPLOITDB text WORKING POC
Phlatline Personal Information Manager 1.0 - Cross-Site Scripting via events.php date parameter
Cross-site scripting (XSS) vulnerability in events.php in Phlatline's Personal Information Manager (pPIM) 1.0 allows remote attackers to inject arbitrary web script or HTML via the date parameter in a new action.
CVE-2008-4425 EXPLOITDB text WORKING POC
Phlatline Personal Information Manager 1.0 - Path Traversal & Arbitrary File Deletion via Upload.php
Directory traversal vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 allows remote attackers to delete arbitrary files via directory traversal sequences in the file parameter within a delfile action.
CVE-2007-3236 EXPLOITDB text WRITEUP
XOOPS Horoscope Module 1.0 - Remote File Inclusion via xoopsConfig[root_path] Parameter
PHP remote file inclusion vulnerability in footer.php in the Horoscope 1.0 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the xoopsConfig[root_path] parameter.
EIP-2026-113224 EXPLOITDB perl WORKING POC
Web Service Deluxe News Manager 1.0.1 Deluxe - 'footer.php' Local File Inclusion
CVE-2007-1932 EXPLOITDB text WORKING POC
ScarNews 1.2.1 - Unauthenticated Directory Traversal via sn_admin_dir Parameter
Directory traversal vulnerability in scarnews.inc.php in ScarNews 1.2.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sn_admin_dir parameter.
CVE-2008-6781 EXPLOITDB text WRITEUP
Sites for Scripts Gaming Directory - SQL Injection via cat_id Parameter
SQL injection vulnerability in directory.php in Sites for Scripts (SFS) Gaming Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2008-6783 EXPLOITDB text WORKING POC
Sites for Scripts EZ Home Business Directory - SQL Injection via cat_id Parameter
SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Home Business Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2008-6782 EXPLOITDB text WRITEUP
ez_hosting_directory - SQL Injection via cat_id Parameter
SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Hosting Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2008-6808 EXPLOITDB text WRITEUP
Scripts for Sites EZ Link Directory - SQL Injection via cat_id Parameter
SQL injection vulnerability in links.php in Scripts for Sites (SFS) EZ Link Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2008-4528 EXPLOITDB text WORKING POC
Phlatline Personal Information Manager 1.01 - Path Traversal via Notes.php ID Parameter
Directory traversal vulnerability in notes.php in Phlatline's Personal Information Manager (pPIM) 1.01 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter in an edit action.
CVE-2008-7240 EXPLOITDB text WORKING POC
Linux Web Shop (LWS) php User Base 1.3beta - Path Traversal
Directory traversal vulnerability in include/unverified.inc.php in Linux Web Shop (LWS) php User Base 1.3beta allows remote attackers to include and execute arbitrary local files via the template parameter.
CVE-2008-3385 EXPLOITDB text WORKING POC
php Help Agent 1.0-1.1 Full - Path Traversal
Directory traversal vulnerability in include/head_chat.inc.php in php Help Agent 1.0 and 1.1 Full allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the content parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.
CVE-2008-1042 EXPLOITDB text WORKING POC
Linux Web Shop php Download Manager < 1.1 - Path Traversal via Content Parameter
Directory traversal vulnerability in include/body.inc.php in Linux Web Shop (LWS) php Download Manager 1.0 and 1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the content parameter.
CVE-2007-2303 EXPLOITDB perl WORKING POC
News Manager Deluxe 1.0.1 - Remote File Inclusion via Template Parameter
Directory traversal vulnerability in includes/footer.php in News Manager Deluxe (NMDeluxe) 1.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter.
CVE-2008-6119 EXPLOITDB text WORKING POC
Goople CMS 1.7 - Static Code Injection via Username and Password Parameters
Static code injection vulnerability in gooplecms/admin/account/action/editpass.php in Goople CMS 1.7 allows remote attackers to inject arbitrary PHP code into admin/userandpass.php via the (1) username and (2) password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-2743 EXPLOITDB text WORKING POC
GlossWord 1.8.1 - Remote File Inclusion via sys[path_addon] Parameter
PHP remote file inclusion vulnerability in custom_vars.php in GlossWord 1.8.1 allows remote attackers to execute arbitrary PHP code via a URL in the sys[path_addon] parameter.
EIP-2026-106728 EXPLOITDB text WORKING POC
Easynet4u Link Host - 'cat_id' SQL Injection
CVE-2008-5922 EXPLOITDB text WORKING POC
CFAGCMS 1 - Remote Code Execution via Main or Right Parameter Injection
Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Cant Find A Gaming CMS (CFAGCMS) 1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) main and (2) right parameters.
CVE-2007-2560 EXPLOITDB perl WORKING POC
ACGVannu < 1.3 - Directory Traversal via Rubrik Parameter
Directory traversal vulnerability in theme/acgv.php in ACGVannu 1.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the rubrik parameter.
CVE-2008-6493 EXPLOITDB text WRITEUP
Easy Content Management Publishing - Unauthenticated Database Download via Direct Request
Easy Content Management Publishing stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for Database/News.mdb.
CVE-2007-1445 EXPLOITDB text WORKING POC
betaparticle_blog 7.0-7.0.2 - SQL Injection via Layout Parameter
SQL injection vulnerability in the heme preview feature for default.asp in BP Blog 7.0 through 7.0.2 allows remote attackers to execute arbitrary SQL commands via the layout parameter.