DaRkLiFe

5 exploits Active since Oct 2008
CVE-2008-4704 EXPLOITDB text WRITEUP
Mitre Sezhoo - Code Injection
PHP remote file inclusion vulnerability in SezHooTabsAndActions.php in SezHoo 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter.
CVE-2008-4600 EXPLOITDB text WORKING POC
Steve Dawson Pokermax Poker League Tournament Script - Access Control
configure.php in PokerMax Poker League Tournament Script 0.13 allows remote attackers to bypass authentication and gain administrative access by setting the ValidUserAdmin cookie.
CVE-2008-6006 EXPLOITDB text WORKING POC
Micronation Banking System <1.5.0 - RCE
Multiple PHP remote file inclusion vulnerabilities in Micronation Banking System (minba) 1.5.0 allow remote attackers to execute arbitrary PHP code via a URL in the minsoft_path parameter to (1) utdb_access.php and (2) utgn_message.php in utility/.
CVE-2008-4735 EXPLOITDB text WORKING POC
Coast - Code Injection
PHP remote file inclusion vulnerability in header.php in Concord Asset, Software, and Ticket system (CoAST) 0.95 allows remote attackers to execute arbitrary PHP code via a URL in the sections_file parameter.
CVE-2008-5066 EXPLOITDB text WORKING POC
Agaresmedia Themesitescript - Code Injection
PHP remote file inclusion vulnerability in upload/admin/frontpage_right.php in Agares Media ThemeSiteScript 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter.