Crackers_Child

59 exploits Active since Aug 2006
CVE-2007-6129 EXPLOITDB text WORKING POC
Amber Script 1.0 - Path Traversal
Directory traversal vulnerability in scripts/include/show_content.php in Amber Script 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.
EIP-2026-105271 EXPLOITDB text WORKING POC
ASPapp Knowledge Base - 'CatId' SQL Injection (2)
CVE-2008-1919 EXPLOITDB text WORKING POC
YourFreeWorld Apartment Search Script - SQL Injection
SQL injection vulnerability in listtest.php in YourFreeWorld Apartment Search Script allows remote attackers to execute arbitrary SQL commands via the r parameter.
CVE-2007-3451 EXPLOITDB text WORKING POC
PHP 6ALBlog - RCE
PHP remote file inclusion vulnerability in admin/index.php in 6ALBlog allows remote authenticated administrators to execute arbitrary PHP code via a URL in the pg parameter.
CVE-2008-0804 EXPLOITDB text WORKING POC
Thecus N5200pro Nas Server Control Panel - Code Injection
PHP remote file inclusion vulnerability in usrgetform.html in Thecus N5200Pro NAS Server allows remote attackers to execute arbitrary PHP code via a URL in the name parameter.
CVE-2006-5512 EXPLOITDB text WORKING POC
Zwahlen Informatik Online Shop - XSS
Cross-site scripting (XSS) vulnerability in article.htm in Zwahlen Online Shop allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
CVE-2007-3133 EXPLOITDB text WORKING POC
W1l3d4 Webmarket - SQL Injection
SQL injection vulnerability in urunbak.asp in W1L3D4 WEBmarket 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4176 EXPLOITDB text WORKING POC
ASP Indir Fot Video Scripti - SQL Injection
SQL injection vulnerability in izle.asp in FoT Video scripti 1.1 beta allows remote attackers to execute arbitrary SQL commands via the oyun parameter.
CVE-2008-4574 EXPLOITDB text WORKING POC
Aspindir Ayco Okul Portali - SQL Injection
SQL injection vulnerability in default.asp in Ayco Okul Portali allows remote attackers to execute arbitrary SQL commands via the linkid parameter.