G4N0K

66 exploits Active since Dec 2006
CVE-2008-6628 EXPLOITDB WORKING POC
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-6268. Reason: This candidate is a duplicate of CVE-2008-6268. Notes: All CVE users should reference CVE-2008-6268 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2008-6231 EXPLOITDB WORKING POC
Preprojects Pre Classified Listings - Credentials Management
Pre Classified Listing PHP allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".
CVE-2006-6819 EXPLOITDB WORKING POC
AlstraSoft Web Host Directory - Info Disclosure
AlstraSoft Web Host Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a backup database via a direct request for admin/backup/db.
CVE-2008-6715 EXPLOITDB text WRITEUP
Preprojects Pre Ads Portal < 2.0 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS Portal 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) homeadmin/adminhome.php and (2) homeadmin/signinform.php.
CVE-2008-6965 EXPLOITDB text WRITEUP
AJ Square AJ Auction - Authentication Bypass
AJ Square AJ Auction OOPD, Pro Platinum Skin #1, Pro Platinum Skin #2, and Web 2.0 send a redirect but do not exit when certain scripts are called directly, which allows remote attackers to bypass authentication via a direct request to (1) site.php, (2) auction.php, (3) mail.php, (4) fee_setting.php, (5) earnings.php, (6) insertion_fee_settings.php, (7) custom_category.php, (8) subcategory.php, (9) category.php, (10) report.php, (11) store_manager.php, and (12) choose_sell_format.php in admin/, and possibly other vectors.
CVE-2008-6940 EXPLOITDB text WRITEUP
Turnkeyforms Web Hosting Directory - Access Control
TurnkeyForms Web Hosting Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain a database backup via a direct request to admin/backup/db.
CVE-2008-6939 EXPLOITDB text WRITEUP
Turnkeyforms Web Hosting Directory - Authentication Bypass
TurnkeyForms Web Hosting Directory allows remote attackers to bypass authentication and (1) gain administrative privileges by setting the adm cookie to 1 or (2) gain privileges as another user by setting the logged cookie to the target username.
CVE-2008-6268 EXPLOITDB text WORKING POC
Sadi Samami Multi Languages Webshop Online - SQL Injection
SQL injection vulnerability in detail.php in WEBBDOMAIN Multi Languages WebShop Online 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6267 EXPLOITDB text WORKING POC
Sadi Samami Multi Languages Webshop Online - XSS
Cross-site scripting (XSS) vulnerability in detail.php in Multi Languages WebShop Online 1.02 allows remote attackers to inject arbitrary web script or HTML via the name parameter.
CVE-2008-6231 EXPLOITDB text WRITEUP
Preprojects Pre Classified Listings - Credentials Management
Pre Classified Listing PHP allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".
CVE-2008-6227 EXPLOITDB text WORKING POC
Preproject Pre Multi-vendor Shopping Malls - SQL Injection
SQL injection vulnerability in buyer_detail.php in Pre Multi-Vendor Shopping Malls allows remote attackers to execute arbitrary SQL commands via the (1) sid and (2) cid parameters.
CVE-2008-7045 EXPLOITDB text WRITEUP
Ajsquare Free Polling Script - Authentication Bypass
AJ Square Free Polling Script (AJPoll) Database version allows remote attackers to bypass authentication and reset poll votes via a direct request to admin/resetvote.php.
CVE-2008-7044 EXPLOITDB text WRITEUP
Ajsquare Free Polling Script - SQL Injection
SQL injection vulnerability in admin/include/newpoll.php in AJ Square Free Polling Script (AJPoll) Database version allows remote attackers to execute arbitrary SQL commands via the ques parameter.
CVE-2008-5651 EXPLOITDB text WORKING POC
MyioSoft EasyBookMarker 4.0 - SQL Injection
SQL injection vulnerability in plugins/bookmarker/bookmarker_backend.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the Parent parameter.
CVE-2009-1646 EXPLOITDB perl WORKING POC
Mini-stream RM Downloader - Memory Corruption
Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long rtsp URL in a .ram file.
CVE-2009-1641 EXPLOITDB perl WORKING POC
Mini-stream Ripper - Memory Corruption
Multiple stack-based buffer overflows in Mini-stream Ripper 3.0.1.1 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file.
CVE-2009-1641 EXPLOITDB perl WORKING POC
Mini-stream Ripper - Memory Corruption
Multiple stack-based buffer overflows in Mini-stream Ripper 3.0.1.1 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file.
CVE-2009-1642 EXPLOITDB perl WORKING POC
Mini-stream TO Mp3 Converter - Memory Corruption
Multiple stack-based buffer overflows in Mini-stream ASX to MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. NOTE: the latter was also subsequently reported in "prior to 3.1.3.7."
CVE-2009-1645 EXPLOITDB perl WORKING POC
Mini-stream Easy Rm-mp3 Converter - Memory Corruption
Multiple stack-based buffer overflows in Mini-stream Easy RM-MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file.
CVE-2009-1642 EXPLOITDB perl WORKING POC
Mini-stream TO Mp3 Converter - Memory Corruption
Multiple stack-based buffer overflows in Mini-stream ASX to MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. NOTE: the latter was also subsequently reported in "prior to 3.1.3.7."
CVE-2009-1645 EXPLOITDB perl WORKING POC
Mini-stream Easy Rm-mp3 Converter - Memory Corruption
Multiple stack-based buffer overflows in Mini-stream Easy RM-MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file.
EIP-2026-117034 EXPLOITDB perl WORKING POC
Destiny Media Player 1.61 - '.rdl' Local Buffer Overflow
CVE-2008-6912 EXPLOITDB text WRITEUP
Zeeways Shaadiclone - Authentication Bypass
Zeeways SHAADICLONE 2.0 allows remote attackers to bypass authentication and gain administrative privileges via a direct request to admin/home.php.
CVE-2008-6912 EXPLOITDB text WRITEUP
Zeeways Shaadiclone - Authentication Bypass
Zeeways SHAADICLONE 2.0 allows remote attackers to bypass authentication and gain administrative privileges via a direct request to admin/home.php.
CVE-2008-5221 EXPLOITDB php WORKING POC
wPortfolio <0.3 - Auth Bypass
The account_save action in admin/userinfo.php in wPortfolio 0.3 and earlier does not require authentication and does not require knowledge of the original password, which allows remote attackers to change the admin account password via modified password and password_retype parameters.