DarkBicho - Security Researcher - Exploit Intelligence Platform

CVE-2004-0664 EXPLOITDB text WRITEUP

PowerPortal 1.x - Path Traversal

Directory traversal vulnerability in modules.php in PowerPortal 1.x allows remote attackers to list arbitrary directories via a .. (dot dot) in the files parameter.

View Code

EIP-2026-111427 EXPLOITDB text WRITEUP

PostNuke 0.72/0.75 Reviews Module - Cross-Site Scripting

View Code

CVE-2004-2625 EXPLOITDB text WORKING POC

Outblaze Email - XSS

Cross-site scripting (XSS) vulnerability in Outblaze Email allows remote attackers to inject arbitrary web script or HTML via Javascript in an attribute of an IMG tag.

View Code

EIP-2026-107319 EXPLOITDB text WORKING POC

Fusionphp Fusion News 3.6.1 - Cross-Site Scripting

View Code

CVE-2004-0660 EXPLOITDB text WORKING POC

CuteNews 1.3.1 - XSS

Cross-site scripting (XSS) vulnerability in (1) show_archives.php, (2) show_news.php, and possibly other php files in CuteNews 1.3.1 allows remote attackers to inject arbitrary script or HTML via the id parameter.

View Code

CVE-2004-0660 EXPLOITDB text WRITEUP

CuteNews 1.3.1 - XSS

Cross-site scripting (XSS) vulnerability in (1) show_archives.php, (2) show_news.php, and possibly other php files in CuteNews 1.3.1 allows remote attackers to inject arbitrary script or HTML via the id parameter.

View Code

CVE-2004-0660 EXPLOITDB text WRITEUP

CuteNews 1.3.1 - XSS

Cross-site scripting (XSS) vulnerability in (1) show_archives.php, (2) show_news.php, and possibly other php files in CuteNews 1.3.1 allows remote attackers to inject arbitrary script or HTML via the id parameter.

View Code

CVE-2004-0660 EXPLOITDB text WRITEUP

CuteNews 1.3.1 - XSS

Cross-site scripting (XSS) vulnerability in (1) show_archives.php, (2) show_news.php, and possibly other php files in CuteNews 1.3.1 allows remote attackers to inject arbitrary script or HTML via the id parameter.

View Code

EIP-2026-105695 EXPLOITDB text WRITEUP

Calendarix 0.8.20071118 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities

View Code

CVE-2004-0665 EXPLOITDB text WORKING POC

csFAQ - Info Disclosure

csFAQ.cgi in csFAQ allows remote attackers to gain sensitive information via an invalid database parameter, which reveals the path to the web server in an error message.

View Code