Fernando Munoz - Security Researcher - Exploit Intelligence Platform

CVE-2014-8998 METASPLOIT ruby WORKING POC

X7 Chat <2.0.5.1 - Authenticated RCE

lib/message.php in X7 Chat 2.0.0 through 2.0.5.1 allows remote authenticated users to execute arbitrary PHP code via a crafted HTTP header to index.php, which is processed by the preg_replace function with the eval switch.

View Code

CVE-2007-4717 EXPLOITDB text WRITEUP

Claroline < 1.8.5 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in Claroline before 1.8.6 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) dir parameter in admin/adminusers.php, the (2) action parameter in admin/advancedUserSearch.php, and the (3) view parameter in admin/campusProblem.php.

View Code

CVE-2007-4717 EXPLOITDB text WRITEUP

Claroline < 1.8.5 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in Claroline before 1.8.6 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) dir parameter in admin/adminusers.php, the (2) action parameter in admin/advancedUserSearch.php, and the (3) view parameter in admin/campusProblem.php.

View Code

CVE-2007-4717 EXPLOITDB text WRITEUP

Claroline < 1.8.5 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in Claroline before 1.8.6 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) dir parameter in admin/adminusers.php, the (2) action parameter in admin/advancedUserSearch.php, and the (3) view parameter in admin/campusProblem.php.

View Code

CVE-2007-4718 EXPLOITDB html WRITEUP

Claroline < 1.8.5 - Path Traversal

Directory traversal vulnerability in inc/lib/language.lib.php in Claroline before 1.8.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.

View Code

CVE-2014-8998 EXPLOITDB ruby WORKING POC

X7 Chat <2.0.5.1 - Authenticated RCE

lib/message.php in X7 Chat 2.0.0 through 2.0.5.1 allows remote authenticated users to execute arbitrary PHP code via a crafted HTTP header to index.php, which is processed by the preg_replace function with the eval switch.

View Code