Cyber-Zone (ABDELKHALEK)

59 exploits Active since May 2005
CVE-2008-6387 EXPLOITDB text WRITEUP
Quick Tree View .NET 3.1 - Unauthenticated Sensitive Information Exposure via Direct Database File Access
Quick Tree View .NET 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to qtv.mdb.
CVE-2008-6285 EXPLOITDB text WORKING POC
PHP TV Portal < 2.0 - SQL Injection via mid Parameter
SQL injection vulnerability in index.php in PHP TV Portal 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the mid parameter.
CVE-2008-6390 EXPLOITDB text WORKING POC
Membership Manager Pro - SQL Injection via Login Password Parameter
SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-109549 EXPLOITDB text WORKING POC
Mole Group Airline Ticket Script - Authentication Bypass
CVE-2008-6380 EXPLOITDB text WRITEUP
Active Web Helpdesk 2.0 - SQL Injection via CategoryID Parameter
SQL injection vulnerability in default.aspx in Active Web Helpdesk 2.0 allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter.
CVE-2008-6580 EXPLOITDB text WRITEUP
Red_Reservations - Unauthenticated Sensitive Information Exposure via Direct Database File Access
The Red_Reservations script for ColdFusion stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database via a direct request to (1) makered.mdb and (2) makered97.mdb.
CVE-2008-6356 EXPLOITDB text WRITEUP
evcal_events_calendar - Unauthenticated Sensitive Information Exposure via Direct Database Request
evCal Events Calendar stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to (1) evcal.mdb and (2) evcal97.mdb.
EIP-2026-100250 EXPLOITDB text WORKING POC
dMx READ - Remote Database Disclosure
EIP-2026-100094 EXPLOITDB text WORKING POC
Active Web Helpdesk 2 - Authentication Bypass