DaRkLiFe

5 exploits Active since Oct 2008
CVE-2008-4704 EXPLOITDB text WRITEUP
SezHoo 0.1 - Remote Code Execution via IP Parameter
PHP remote file inclusion vulnerability in SezHooTabsAndActions.php in SezHoo 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter.
CVE-2008-4600 EXPLOITDB text WORKING POC
PokerMax Poker League Tournament Script 0.13 - Unauthenticated Authentication Bypass via ValidUserAdmin Cookie
configure.php in PokerMax Poker League Tournament Script 0.13 allows remote attackers to bypass authentication and gain administrative access by setting the ValidUserAdmin cookie.
CVE-2008-6006 EXPLOITDB text WORKING POC
Micronation Banking System <1.5.0 - RCE
Multiple PHP remote file inclusion vulnerabilities in Micronation Banking System (minba) 1.5.0 allow remote attackers to execute arbitrary PHP code via a URL in the minsoft_path parameter to (1) utdb_access.php and (2) utgn_message.php in utility/.
CVE-2008-4735 EXPLOITDB text WORKING POC
CoAST 0.95 - Remote Code Execution via sections_file Parameter
PHP remote file inclusion vulnerability in header.php in Concord Asset, Software, and Ticket system (CoAST) 0.95 allows remote attackers to execute arbitrary PHP code via a URL in the sections_file parameter.
CVE-2008-5066 EXPLOITDB text WORKING POC
Agares Media ThemeSiteScript 1.0 - Remote Code Execution via Frontpage Right PHP File Inclusion
PHP remote file inclusion vulnerability in upload/admin/frontpage_right.php in Agares Media ThemeSiteScript 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter.