DNX

31 exploits Active since Feb 2007
CVE-2007-6466 EXPLOITDB perl WORKING POC
FreeWebshop 2.2.1 - SQL Injection via prod/cat/group Parameters
Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 allow remote attackers to execute arbitrary SQL commands via (1) the prod parameter in a details action, (2) the cat parameter in a browse list action, or (3) the group parameter in a categories action. NOTE: it was later reported that MOG - Web Shop (MOG-WebShop), a product based on the same code, is also affected.
CVE-2007-4736 EXPLOITDB perl WORKING POC
CartKeeper CKGold Shopping Cart 2.0 - SQL Injection via category_id Parameter
SQL injection vulnerability in category.php in CartKeeper CKGold Shopping Cart 2.0 allows remote attackers to execute arbitrary SQL commands via the category_id parameter.
EIP-2026-106058 EXPLOITDB perl WORKING POC
Collabtive 0.6.3 - Multiple Vulnerabilities
CVE-2008-0735 EXPLOITDB perl WORKING POC
AuraCMS 2.2 - SQL Injection via Albums Parameter
SQL injection vulnerability in mod/gallery/ajax/gallery_data.php in AuraCMS 2.2 allows remote attackers to execute arbitrary SQL commands via the albums parameter.
CVE-2007-5175 EXPLOITDB text WORKING POC
actsite 1.991 Beta - Remote Code Execution via BaseCfg[BaseDir] Parameter
PHP remote file inclusion vulnerability lib/base.php in actSite 1.991 Beta allows remote attackers to execute arbitrary PHP code via a URL in the BaseCfg[BaseDir] parameter.
CVE-2007-5174 EXPLOITDB text WORKING POC
actSite 1.56 - Path Traversal via News.php Do Parameter
Directory traversal vulnerability in phpinc/news.php in actSite 1.56 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the do parameter.