Exoduks

10 exploits Active since Sep 2004
CVE-2004-1592 EXPLOITDB text WORKING POC
ocPortal <1.0.3 - RCE
PHP remote file inclusion vulnerability in index.php in ocPortal 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the req_path parameter to reference a URL on a remote web server that contains a malicious funcs.php script.
EIP-2026-109456 EXPLOITDB text WRITEUP
MidiCart PHP - 'Item_List.php?MainGroup' Cross-Site Scripting
EIP-2026-109457 EXPLOITDB text WORKING POC
MidiCart PHP - 'Item_List.php?MainGroup' SQL Injection
EIP-2026-109458 EXPLOITDB text WORKING POC
MidiCart PHP - 'Item_List.php?SecondGroup' Cross-Site Scripting
EIP-2026-109459 EXPLOITDB text WORKING POC
MidiCart PHP - 'Item_List.php?SecondGroup' SQL Injection
EIP-2026-109461 EXPLOITDB text WRITEUP
MidiCart PHP - 'Search_List.php?SearchString' Cross-Site Scripting
CVE-2005-1503 EXPLOITDB text WORKING POC
MidiCart PHP Shopping Cart - SQL Injection
Multiple SQL injection vulnerabilities in MidiCart PHP Shopping Cart allow remote attackers to execute arbitrary SQL commands via the (1) searchstring parameter to search_list.php, the (2) maingroup or (3) secondgroup parameters to item_list.php, or (4) code_no parameter to item_show.php.
EIP-2026-109460 EXPLOITDB text WORKING POC
MidiCart PHP - 'Item_Show.php?Code_No' SQL Injection
EIP-2026-106390 EXPLOITDB text WORKING POC
DCP-Portal 6.1.1 - Multiple SQL Injections
CVE-2004-1659 EXPLOITDB text WRITEUP
Cutephp Cutenews - XSS
Cross-site scripting (XSS) vulnerability in index.php in CuteNews 1.3.6 and earlier allows remote attackers with Administrator, Editor, Journalist or Commenter privileges to inject arbitrary web script or HTML via the mod parameter.