Charles "real" F.

CVE-2008-7123 EXPLOITDB php WORKING POC

zkup CMS 2.0-2.3 - Remote Code Execution via Null Byte Injection in Login Parameter

Static code injection vulnerability in admin/configuration/modifier.php in zKup CMS 2.0 through 2.3 allows remote attackers to inject arbitrary PHP code into fichiers/config.php via a null byte (%00) in the login parameter in an ajout action, which bypasses the regular expression check.

View Code

CVE-2008-1506 EXPLOITDB php WORKING POC

peel < 3.0 - Exposure of Sensitive Information via phpinfo.php

PEEL, possibly 3.x and earlier, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.

View Code

CVE-2008-1496 EXPLOITDB php WORKING POC

PEEL - SQL Injection via Email Parameter or Timestamp Parameter

Multiple SQL injection vulnerabilities in PEEL, possibly 3.x and earlier, allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to (a) membre.php, and the (2) timestamp parameter to (b) the details action in achat/historique_commandes.php and (c) the facture action in factures/facture_html.php.

View Code

CVE-2008-1495 EXPLOITDB php WORKING POC

PEEL - Authenticated Arbitrary File Upload via Modified Content Type in administrer/produits.php

Unrestricted file upload vulnerability in administrer/produits.php in PEEL, possibly 3.x and earlier, allows remote authenticated administrators to upload and execute arbitrary PHP files via a modified content type in an ajout action, as demonstrated by (1) image/gif and (2) application/pdf.

View Code

CVE-2008-7124 EXPLOITDB php WORKING POC

zKup CMS 2.0-2.3 - Unauthenticated Privilege Escalation via Direct Admin Configuration Access

zKup CMS 2.0 through 2.3 does not require administrative authentication for admin/configuration/modifier.php, which allows remote attackers to gain administrator privileges via a direct request, as demonstrated by adding a new administrator.

View Code

CVE-2008-7124 EXPLOITDB php WORKING POC

zKup CMS 2.0-2.3 - Unauthenticated Privilege Escalation via Direct Admin Configuration Access

zKup CMS 2.0 through 2.3 does not require administrative authentication for admin/configuration/modifier.php, which allows remote attackers to gain administrator privileges via a direct request, as demonstrated by adding a new administrator.

View Code

EIP-2026-111221 EXPLOITDB php WORKING POC

phpTournois G4 - Arbitrary File Upload / Code Execution

View Code

EIP-2026-110891 EXPLOITDB php WORKING POC

PHP-Nuke Platinium 7.6.b.5 - Remote Code Execution

View Code

CVE-2008-1507 EXPLOITDB php WORKING POC

PEEL < 3.0 - Default Credentials for Admin Access

PEEL, possibly 3.x and earlier, has (1) a default [email protected] account with password admin, and (2) a default [email protected] account with password cinema, which allows remote attackers to gain administrative access.

View Code

EIP-2026-109988 EXPLOITDB php WORKING POC

Nuked-klaN 1.7.6 - Multiple Vulnerabilities

View Code

CVE-2008-6833 EXPLOITDB php WORKING POC

fuzzylime_cms - Path Traversal via commsrss.php files Parameter

Directory traversal vulnerability in commsrss.php in fuzzylime (cms) before 3.01b allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in a files array element for a blogs action, as demonstrated by the files[0] parameter.

View Code