CWH Underground

145 exploits Active since Jun 2006
CVE-2008-6788 EXPLOITDB perl WORKING POC
Minddezign Photo Gallery - SQL Injection
SQL injection vulnerability in MindDezign Photo Gallery 2.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in an info action to index.php.
CVE-2008-6311 EXPLOITDB WORKING POC
Butterflymedia Butterfly Organizer - SQL Injection
SQL injection vulnerability in view.php in Butterfly Organizer 2.0.1 allows remote attackers to execute arbitrary SQL commands via the mytable parameter. NOTE: the id vector is covered by another CVE name.
CVE-2013-10055 EXPLOITDB text WORKING POC
Havalite CMS 1.1.7 - Unauthenticated RCE
An unauthenticated arbitrary file upload vulnerability exists in Havalite CMS version 1.1.7 (and possibly earlier) in the upload.php script. The application fails to enforce proper file extension validation and authentication checks, allowing remote attackers to upload malicious PHP files via a crafted multipart/form-data POST request. Once uploaded, the attacker can access the file directly under havalite/tmp/files/, resulting in remote code execution.
CVE-2013-10054 EXPLOITDB text WORKING POC
LibrettoCMS 1.1.7 - Unauthenticated RCE
An unauthenticated arbitrary file upload vulnerability exists in LibrettoCMS version 1.1.7 (and possibly earlier) contains an unauthenticated arbitrary file upload vulnerability in its File Manager plugin. The upload handler located at adm/ui/js/ckeditor/plugins/pgrfilemanager/php/upload.php fails to properly validate file extensions, allowing attackers to upload files with misleading extensions and subsequently rename them to executable .php scripts. This enables remote code execution on the server without authentication.
CVE-2008-6789 EXPLOITDB perl WORKING POC
Minddezign Photo Gallery - SQL Injection
SQL injection vulnerability in MindDezign Photo Gallery 2.2 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action to the admin module in index.php, a different vector than CVE-2008-6788.
CVE-2008-6788 EXPLOITDB text WORKING POC
Minddezign Photo Gallery - SQL Injection
SQL injection vulnerability in MindDezign Photo Gallery 2.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in an info action to index.php.
CVE-2008-5201 EXPLOITDB text WORKING POC
OTManager CMS 24a - Path Traversal
Directory traversal vulnerability in index.php in OTManager CMS 24a allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conteudo parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.
CVE-2008-3180 EXPLOITDB text WORKING POC
ContentNow CMS 1.4.1 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in upload/file/language_menu.php in ContentNow CMS 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) pageid parameter or (2) PATH_INFO.
CVE-2008-5271 EXPLOITDB text WORKING POC
SyndeoCMS 2.6.0 - XSS
Cross-site scripting (XSS) vulnerability in index.php in Fred Stuurman SyndeoCMS 2.6.0 allows remote attackers to inject arbitrary web script or HTML via the section parameter.
CVE-2008-4332 EXPLOITDB text WRITEUP
Cannot Php Infoboard - SQL Injection
SQL injection vulnerability in the showjavatopic function in func.php in PHP infoBoard V.7 Plus allows remote attackers to execute arbitrary SQL commands via the idcat parameter to showtopic.php.
CVE-2008-3505 EXPLOITDB text WORKING POC
PolyPager <1.0 rc2 - XSS
Cross-site scripting (XSS) vulnerability in PolyPager 1.0 rc2 and earlier allows remote attackers to inject arbitrary web script or HTML via the nr parameter to the default URI.
CVE-2008-2855 EXPLOITDB text WORKING POC
Ownrs - XSS
Cross-site scripting (XSS) vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2008-2838 EXPLOITDB text WORKING POC
Traindepot - Path Traversal
Directory traversal vulnerability in index.php in Traindepot 0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the module parameter.
CVE-2008-2813 EXPLOITDB text WORKING POC
Shoutcastadmin Wallcity-server Shoutcast Admin Panel - Path Traversal
Directory traversal vulnerability in index.php in WallCity-Server Shoutcast Admin Panel 2.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
CVE-2008-2566 EXPLOITDB text WORKING POC
Php-address Book < 3.1.5 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in PHP Address Book 3.1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the group parameter to (1) index.php or (2) the default URI.
CVE-2008-2565 EXPLOITDB text WORKING POC
Php-address Book < 4.0 - SQL Injection
Multiple SQL injection vulnerabilities in PHP Address Book 3.1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.php and (2) edit.php. NOTE: it was later reported that 4.0.x is also affected.
CVE-2008-2560 EXPLOITDB text WORKING POC
Fourtwosevenbb 427bb - SQL Injection
SQL injection vulnerability in showpost.php in 427BB 2.3.1 allows remote attackers to execute arbitrary SQL commands via the post parameter.
CVE-2008-6328 EXPLOITDB text WORKING POC
Butterflymedia Butterfly Organizer - SQL Injection
SQL injection vulnerability in view.php in Butterfly Organizer 2.0.0 and 2.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5955 EXPLOITDB text WORKING POC
Wbstreet 1.0 - SQL Injection
SQL injection vulnerability in show.php in Wbstreet (aka PHPSTREET Webboard) 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5952 EXPLOITDB text WORKING POC
KTPCCD CMS - SQL Injection
SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the tid parameter in a vtech action to the default URI.
CVE-2008-2997 EXPLOITDB text WORKING POC
Gravityboardx Gravity Board X - XSS
Cross-site scripting (XSS) vulnerability in index.php in Gravity Board X (GBX) 2.0 Beta allows remote attackers to inject arbitrary web script or HTML via the subject parameter in a postnewsubmit (aka create new thread) action.
CVE-2008-2996 EXPLOITDB text WORKING POC
Gravityboardx Gravity Board X - SQL Injection
Multiple SQL injection vulnerabilities in index.php in Gravity Board X (GBX) 2.0 Beta, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) searchquery parameter in a getsearch action, and the (2) board_id parameter in a viewboard action.
CVE-2008-2965 EXPLOITDB text WORKING POC
Jaxbot Jaxultrabb < 2.0 - XSS
Cross-site scripting (XSS) vulnerability in viewforum.php in JaxUltraBB (JUBB) 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter.
CVE-2008-2963 EXPLOITDB text WORKING POC
Myblog - SQL Injection
Multiple SQL injection vulnerabilities in MyBlog allow remote attackers to execute arbitrary SQL commands via the (1) view parameter to (a) index.php, and the (2) id parameter to (b) member.php and (c) post.php.
CVE-2008-2962 EXPLOITDB text WORKING POC
Myblog - XSS
Multiple cross-site scripting (XSS) vulnerabilities in MyBlog allow remote attackers to inject arbitrary web script or HTML via the (1) s and (2) sort parameters to index.php, and the (3) id parameter to post.php.