CWH Underground

145 exploits Active since Jun 2006
CVE-2013-1748 EXPLOITDB text WORKING POC
PHP Address Book 8.2.5 - SQL Injection via edit.php or import.php Parameters
Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) edit.php or (2) import.php. NOTE: the view.php id vector is already covered by CVE-2008-2565.1 and the edit.php id vector is already covered by CVE-2008-2565.2.
CVE-2008-7066 EXPLOITDB perl WORKING POC
OpenForum 0.66 Beta - Unauthenticated Password Reset via Direct Request
OpenForum 0.66 Beta allows remote attackers to bypass authentication and reset passwords of other users via a direct request with the update parameter set to 1 and modified user and password parameters.
CVE-2008-5202 EXPLOITDB text WORKING POC
OTManager CMS 24a - Cross-Site Scripting via Conteudo Parameter
Cross-site scripting (XSS) vulnerability in index.php in OTManager CMS 24a allows remote attackers to inject arbitrary web script or HTML via the conteudo parameter.
CVE-2008-2856 EXPLOITDB text WORKING POC
OwnRS Beta 3 - SQL Injection via clanek.php id Parameter
SQL injection vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6193 EXPLOITDB text WORKING POC
MyBlog - Cleartext Password Storage
Sam Crew MyBlog stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
CVE-2008-3497 EXPLOITDB text WORKING POC
MyPHP CMS 0.3.1 - SQL Injection via pid Parameter
SQL injection vulnerability in pages.php in MyPHP CMS 0.3.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
EIP-2026-109834 EXPLOITDB text WORKING POC
NanoBB 0.7 - Multiple Vulnerabilities
CVE-2008-2770 EXPLOITDB text WRITEUP
MycroCMS 0.5 - SQL Injection via Entry ID Parameter
SQL injection vulnerability in index.php in MycroCMS 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the entry_id parameter.
EIP-2026-109349 EXPLOITDB text WORKING POC
Max Forum - Multiple Vulnerabilities
CVE-2008-5636 EXPLOITDB perl WORKING POC
Lito Lite CMS - SQL Injection via cid Parameter
SQL injection vulnerability in cate.php in Lito Lite CMS, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cid parameter.
EIP-2026-109206 EXPLOITDB text WORKING POC
Lokboard - 'index_4.php' PHP Code Injection
EIP-2026-109500 EXPLOITDB text WRITEUP
mkCMS - 'index.php' Arbitrary PHP Code Execution
CVE-2008-6620 EXPLOITDB text WRITEUP
GraFX miniCWB < 2.1.1 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php in GraFX miniCWB 2.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) errcontext, (2) _GET, (3) _POST, (4) _SESSION, (5) _SERVER, and (6) fckphp_config[Debug_SERVER] parameters.
CVE-2008-6789 EXPLOITDB text WORKING POC
MindDezign Photo Gallery 2.2 - SQL Injection via Username Parameter
SQL injection vulnerability in MindDezign Photo Gallery 2.2 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action to the admin module in index.php, a different vector than CVE-2008-6788.
CVE-2008-6790 EXPLOITDB perl WORKING POC
MindDezign Photo Gallery 2.2 - Unauthenticated Privilege Escalation via Username Parameter
The admin module in MindDezign Photo Gallery 2.2 allows remote attackers to add administrative users and gain privileges via a modified username parameter in an edit account action to index.php.
CVE-2008-3191 EXPLOITDB text WRITEUP
mForum 0.1a - SQL Injection via User Profile Fields
Multiple SQL injection vulnerabilities in usercp.php in mForum 0.1a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) City, (2) Interest, (3) Email, (4) Icq, (5) msn, or (6) Yahoo Messenger field in an edit_profile action.
CVE-2008-2648 EXPLOITDB text WORKING POC
meBiblio 0.4.7 - Unauthenticated Arbitrary File Upload and Remote Code Execution via PHP File Upload
Unrestricted file upload vulnerability in upload/uploader.html in meBiblio 0.4.7 allows remote attackers to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the files/ directory.
CVE-2008-5954 EXPLOITDB text WORKING POC
KTP Computer Customer Database - SQL Injection via lname Parameter
SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the lname parameter in a login action to an unspecified component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-5677 EXPLOITDB text WRITEUP
Kwalbum < 2.0.2 - Authenticated Arbitrary File Upload and Remote Code Execution via Executable File Extension
Unrestricted file upload vulnerability in Kwalbum 2.0.4, 2.0.2, and earlier, when PICS_PATH is located in the web root, allows remote authenticated users with upload capability to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file under items/, related to the ReplaceBadFilenameChars function in include/ItemAdder.php. NOTE: some of these details are obtained from third party information.
CVE-2008-5953 EXPLOITDB perl WORKING POC
KTP Computer Customer Database - Remote File Inclusion via Path Traversal in p Parameter
Directory traversal vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter to the default URI.
CVE-2008-6734 EXPLOITDB text WORKING POC
Keller Web Admin CMS 0.94 Pro - Path Traversal via Action Parameter
Directory traversal vulnerability in Public/index.php in Keller Web Admin CMS 0.94 Pro allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter.
EIP-2026-107788 EXPLOITDB php WORKING POC
imacs CMS 0.3.0 - Unrestricted Arbitrary File Upload
CVE-2008-2966 EXPLOITDB text WORKING POC
JaxUltraBB < 2.0 - Path Traversal via User Parameter
Directory traversal vulnerability in viewprofile.php in JaxUltraBB 2.0 and earlier allows remote attackers to read arbitrary local files via a .. (dot dot) in the user parameter. party information.
EIP-2026-107950 EXPLOITDB text WORKING POC
IPTBB 0.5.6 - Arbitrary Add Admin
CVE-2008-2417 EXPLOITDB text WORKING POC
How2ASP.net Webboard 4.1 - SQL Injection via qNo Parameter
SQL injection vulnerability in showQAnswer.asp in How2ASP.net Webboard 4.1 allows remote attackers to execute arbitrary SQL commands via the qNo parameter.