DSecRG

73 exploits Active since Dec 2007
CVE-2008-1557 EXPLOITDB text WORKING POC
BolinOS 4.6.1 - Exposure of Sensitive Information via phpinfo Page
BolinOS 4.6.1 allows remote attackers to obtain sensitive information via a direct request to system/actionspages/_b/contentFiles/gBphpInfo.php, which calls the phpinfo function.
CVE-2008-0332 EXPLOITDB text WORKING POC
aria 0.99-6 - Path Traversal via Page Parameter
Directory traversal vulnerability in arias/help/effect.php in aria 0.99-6 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter.
CVE-2009-1316 EXPLOITDB text WRITEUP
AbleSpace 1.0 - SQL Injection via eid or id Parameter
Multiple SQL injection vulnerabilities in AbleSpace 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to events_view.php and the (2) id parameter to events_clndr_view.php.
EIP-2026-104804 EXPLOITDB text WRITEUP
1024 CMS 1.4.4 - Multiple Local/Remote File Inclusions
EIP-2026-104068 EXPLOITDB text WORKING POC
SAP cFolders - Cross-Site Scripting / HTML Injection
CVE-2009-1554 EXPLOITDB text WORKING POC
Sun Woodstock 4.2 - Cross-Site Scripting via UTF-7 PATH_INFO
Cross-site scripting (XSS) vulnerability in ThemeServlet.java in Sun Woodstock 4.2, as used in Sun GlassFish Enterprise Server and other products, allows remote attackers to inject arbitrary web script or HTML via a UTF-7 string in the PATH_INFO, which is displayed on the 404 error page, as demonstrated by the PATH_INFO to theme/META-INF.
CVE-2008-1145 EXPLOITDB text WRITEUP
WEBrick <1.8.5-p115, 1.8.6-p114, 1.9-1.9.0-1 - Path Traversal
Directory traversal vulnerability in WEBrick in Ruby 1.8 before 1.8.5-p115 and 1.8.6-p114, and 1.9 through 1.9.0-1, when running on systems that support backslash (\) path separators or case-insensitive file names, allows remote attackers to access arbitrary files via (1) "..%5c" (encoded backslash) sequences or (2) filenames that match patterns in the :NondisclosureName option.
CVE-2009-0038 EXPLOITDB text WRITEUP
Apache Geronimo Application Server <2.1.3 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) ip, (3) username, or (4) description parameter to console/portal/Server/Monitoring; or (5) the PATH_INFO to the default URI under console/portal/.
CVE-2009-1553 EXPLOITDB text WORKING POC
GlassFish Enterprise Server 2.1 - Stored Cross-Site Scripting via Admin Console Query Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) applications/applications.jsf, (2) configuration/configuration.jsf, (3) customMBeans/customMBeans.jsf, (4) resourceNode/resources.jsf, (5) sysnet/registration.jsf, or (6) webService/webServicesGeneral.jsf; or the name parameter to (7) configuration/auditModuleEdit.jsf, (8) configuration/httpListenerEdit.jsf, or (9) resourceNode/jdbcResourceEdit.jsf.
CVE-2009-1553 EXPLOITDB text WORKING POC
GlassFish Enterprise Server 2.1 - Stored Cross-Site Scripting via Admin Console Query Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) applications/applications.jsf, (2) configuration/configuration.jsf, (3) customMBeans/customMBeans.jsf, (4) resourceNode/resources.jsf, (5) sysnet/registration.jsf, or (6) webService/webServicesGeneral.jsf; or the name parameter to (7) configuration/auditModuleEdit.jsf, (8) configuration/httpListenerEdit.jsf, or (9) resourceNode/jdbcResourceEdit.jsf.
CVE-2009-1553 EXPLOITDB text WORKING POC
GlassFish Enterprise Server 2.1 - Stored Cross-Site Scripting via Admin Console Query Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) applications/applications.jsf, (2) configuration/configuration.jsf, (3) customMBeans/customMBeans.jsf, (4) resourceNode/resources.jsf, (5) sysnet/registration.jsf, or (6) webService/webServicesGeneral.jsf; or the name parameter to (7) configuration/auditModuleEdit.jsf, (8) configuration/httpListenerEdit.jsf, or (9) resourceNode/jdbcResourceEdit.jsf.
CVE-2009-1553 EXPLOITDB text WORKING POC
GlassFish Enterprise Server 2.1 - Stored Cross-Site Scripting via Admin Console Query Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) applications/applications.jsf, (2) configuration/configuration.jsf, (3) customMBeans/customMBeans.jsf, (4) resourceNode/resources.jsf, (5) sysnet/registration.jsf, or (6) webService/webServicesGeneral.jsf; or the name parameter to (7) configuration/auditModuleEdit.jsf, (8) configuration/httpListenerEdit.jsf, or (9) resourceNode/jdbcResourceEdit.jsf.
CVE-2009-1553 EXPLOITDB text WORKING POC
GlassFish Enterprise Server 2.1 - Stored Cross-Site Scripting via Admin Console Query Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) applications/applications.jsf, (2) configuration/configuration.jsf, (3) customMBeans/customMBeans.jsf, (4) resourceNode/resources.jsf, (5) sysnet/registration.jsf, or (6) webService/webServicesGeneral.jsf; or the name parameter to (7) configuration/auditModuleEdit.jsf, (8) configuration/httpListenerEdit.jsf, or (9) resourceNode/jdbcResourceEdit.jsf.
CVE-2009-1553 EXPLOITDB text WORKING POC
GlassFish Enterprise Server 2.1 - Stored Cross-Site Scripting via Admin Console Query Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) applications/applications.jsf, (2) configuration/configuration.jsf, (3) customMBeans/customMBeans.jsf, (4) resourceNode/resources.jsf, (5) sysnet/registration.jsf, or (6) webService/webServicesGeneral.jsf; or the name parameter to (7) configuration/auditModuleEdit.jsf, (8) configuration/httpListenerEdit.jsf, or (9) resourceNode/jdbcResourceEdit.jsf.
CVE-2009-1553 EXPLOITDB text WORKING POC
GlassFish Enterprise Server 2.1 - Stored Cross-Site Scripting via Admin Console Query Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) applications/applications.jsf, (2) configuration/configuration.jsf, (3) customMBeans/customMBeans.jsf, (4) resourceNode/resources.jsf, (5) sysnet/registration.jsf, or (6) webService/webServicesGeneral.jsf; or the name parameter to (7) configuration/auditModuleEdit.jsf, (8) configuration/httpListenerEdit.jsf, or (9) resourceNode/jdbcResourceEdit.jsf.
CVE-2009-1553 EXPLOITDB text WORKING POC
GlassFish Enterprise Server 2.1 - Stored Cross-Site Scripting via Admin Console Query Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) applications/applications.jsf, (2) configuration/configuration.jsf, (3) customMBeans/customMBeans.jsf, (4) resourceNode/resources.jsf, (5) sysnet/registration.jsf, or (6) webService/webServicesGeneral.jsf; or the name parameter to (7) configuration/auditModuleEdit.jsf, (8) configuration/httpListenerEdit.jsf, or (9) resourceNode/jdbcResourceEdit.jsf.
CVE-2009-0039 EXPLOITDB html WORKING POC
Apache Geronimo Application Server 2.1-2.1.3 - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to hijack the authentication of administrators for requests that (1) change the web administration password, (2) upload applications, and perform unspecified other administrative actions, as demonstrated by (3) a Shutdown request to console/portal//Server/Shutdown.
CVE-2009-0038 EXPLOITDB text WRITEUP
Apache Geronimo Application Server <2.1.3 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) ip, (3) username, or (4) description parameter to console/portal/Server/Monitoring; or (5) the PATH_INFO to the default URI under console/portal/.
CVE-2008-5518 EXPLOITDB text WRITEUP
Apache Geronimo Application Server <2.1.3 - Path Traversal
Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3) version, or (4) fileType parameter to console/portal//Services/Repository (aka the Services/Repository portlet); the (5) createDB parameter to console/portal/Embedded DB/DB Manager (aka the Embedded DB/DB Manager portlet); or the (6) filename parameter to the createKeystore script in the Security/Keystores portlet.
CVE-2008-2421 EXPLOITDB text WORKING POC
SAP Web Application Server 7.0 - Cross-Site Scripting via PATH_INFO to Web GUI
Cross-site scripting (XSS) vulnerability in the Web GUI in SAP Web Application Server (WAS) 7.0, Web Dynpro for ABAP (aka WD4A or WDA), and Web Dynpro for BSP allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under bc/gui/sap/its/webgui/.
EIP-2026-102357 EXPLOITDB html WRITEUP
APC PowerChute Network Shutdown - HTTP Response Splitting / Cross-Site Scripting
EIP-2026-101169 EXPLOITDB text WRITEUP
AXIS 70U - Network Document Server Privilege Escalation / Cross-Site Scripting
CVE-2008-1331 EXPLOITDB text WRITEUP
OmniPCX Office OXO210 < 210/091.001 and OXO600 < 610/014.001 - Remote Command Execution via FastJSData.cgi id2 Parameter
cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access services OXO210 before 210/091.001, OXO600 before 610/014.001, and other versions, allows remote attackers to execute arbitrary commands and "obtain OXO resources" via shell metacharacters in the id2 parameter.