Cyber-Zone (ABDELKHALEK)

59 exploits Active since May 2005
CVE-2008-6387 EXPLOITDB text WRITEUP
Activewebsoftwares Quick Tree View .net - Information Disclosure
Quick Tree View .NET 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to qtv.mdb.
CVE-2008-6285 EXPLOITDB text WORKING POC
Businessvein Php TV Portal < 2.0 - SQL Injection
SQL injection vulnerability in index.php in PHP TV Portal 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the mid parameter.
CVE-2008-6390 EXPLOITDB text WORKING POC
Ocean12tech Membership Manager Pro - SQL Injection
SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-109549 EXPLOITDB text WORKING POC
Mole Group Airline Ticket Script - Authentication Bypass
CVE-2008-6380 EXPLOITDB text WRITEUP
Activewebsoftwares Active Web Helpdesk - SQL Injection
SQL injection vulnerability in default.aspx in Active Web Helpdesk 2.0 allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter.
CVE-2008-6580 EXPLOITDB text WRITEUP
Funscripts Red Reservations - Access Control
The Red_Reservations script for ColdFusion stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database via a direct request to (1) makered.mdb and (2) makered97.mdb.
CVE-2008-6356 EXPLOITDB text WRITEUP
Donnafontenot Evcal Events Calendar - Access Control
evCal Events Calendar stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to (1) evcal.mdb and (2) evcal97.mdb.
EIP-2026-100250 EXPLOITDB text WORKING POC
dMx READ - Remote Database Disclosure
EIP-2026-100094 EXPLOITDB text WORKING POC
Active Web Helpdesk 2 - Authentication Bypass