Dr.Jr7

6 exploits Active since Apr 2006
CVE-2006-2040 EXPLOITDB text WRITEUP
Photokorn - SQL Injection
Multiple SQL injection vulnerabilities in photokorn 1.53 and 1.542 allow remote attackers to execute arbitrary SQL commands via the (1) cat, (2) pic and (3) page parameter in index.php; (4) id parameter in postcard.php; and (5) cat parameter in print.php.
CVE-2006-2040 EXPLOITDB text WRITEUP
Photokorn - SQL Injection
Multiple SQL injection vulnerabilities in photokorn 1.53 and 1.542 allow remote attackers to execute arbitrary SQL commands via the (1) cat, (2) pic and (3) page parameter in index.php; (4) id parameter in postcard.php; and (5) cat parameter in print.php.
CVE-2006-2040 EXPLOITDB text WRITEUP
Photokorn - SQL Injection
Multiple SQL injection vulnerabilities in photokorn 1.53 and 1.542 allow remote attackers to execute arbitrary SQL commands via the (1) cat, (2) pic and (3) page parameter in index.php; (4) id parameter in postcard.php; and (5) cat parameter in print.php.
CVE-2006-3930 EXPLOITDB text WORKING POC
Mambo Component <18RC1 - RCE
PHP remote file inclusion vulnerability in admin.a6mambohelpdesk.php in a6mambohelpdesk Mambo Component 18RC1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
CVE-2006-3947 EXPLOITDB text WORKING POC
Mambo Mambatstaff < 3.1b - Code Injection
PHP remote file inclusion vulnerability in components/com_mambatstaff/mambatstaff.php in the Mambatstaff 3.1b and earlier component for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2006-1683 EXPLOITDB text WRITEUP
Chipmunk Guestbook - SQL Injection
SQL injection vulnerability in admin/login.php in Chipmunk Guestbook allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the User name.