DarkFig

81 exploits Active since Mar 2006
CVE-2006-4601 EXPLOITDB perl WORKING POC
Annuaire 1two - SQL Injection
SQL injection vulnerability in index.php in Annuaire 1Two 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-5320 EXPLOITDB text WRITEUP
Morian Album Photo Sans Nom - Path Traversal
Directory traversal vulnerability in getimg.php in Album Photo Sans Nom 1.6 allows remote attackers to read arbitrary files via the img parameter.
CVE-2007-0205 EXPLOITDB php WORKING POC
Alexphpteam Alex Guestbook - Path Traversal
Directory traversal vulnerability in admin/skins.php for @lex Guestbook 4.0.2 and earlier allows remote attackers to create files in arbitrary directories via ".." sequences in the (1) aj_skin and (2) skin_edit parameters. NOTE: this can be leveraged for file inclusion by creating a skin file in the lang directory, then referencing that file via the lang parameter to index.php, which passes a sanity check in livre_include.php.
EIP-2026-103593 EXPLOITDB perl WORKING POC
Net Portal Dynamic System 5.0 - Register Users Denial of Service
EIP-2026-103237 EXPLOITDB php WORKING POC
VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Code Execution
CVE-2008-0403 EXPLOITDB text WRITEUP
Belkin F5d9230-4 - Authentication Bypass
The web server in Belkin Wireless G Plus MIMO Router F5D9230-4 does not require authentication for SaveCfgFile.cgi, which allows remote attackers to read and modify configuration via a direct request to SaveCfgFile.cgi.