G4N0K

66 exploits Active since Dec 2006
CVE-2008-6628 EXPLOITDB WORKING POC
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-6268. Reason: This candidate is a duplicate of CVE-2008-6268. Notes: All CVE users should reference CVE-2008-6268 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2008-6231 EXPLOITDB WORKING POC
Pre Classified Listing PHP - Unauthenticated Authentication Bypass via Cookie Manipulation
Pre Classified Listing PHP allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".
CVE-2006-6819 EXPLOITDB WORKING POC
AlstraSoft Web Host Directory - Info Disclosure
AlstraSoft Web Host Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a backup database via a direct request for admin/backup/db.
CVE-2008-6715 EXPLOITDB text WRITEUP
Pre ADS Portal < 2.0 - Cross-Site Scripting via msg Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS Portal 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) homeadmin/adminhome.php and (2) homeadmin/signinform.php.
CVE-2008-6965 EXPLOITDB text WRITEUP
AJ Square AJ Auction - Unauthenticated Authentication Bypass via Direct Script Request
AJ Square AJ Auction OOPD, Pro Platinum Skin #1, Pro Platinum Skin #2, and Web 2.0 send a redirect but do not exit when certain scripts are called directly, which allows remote attackers to bypass authentication via a direct request to (1) site.php, (2) auction.php, (3) mail.php, (4) fee_setting.php, (5) earnings.php, (6) insertion_fee_settings.php, (7) custom_category.php, (8) subcategory.php, (9) category.php, (10) report.php, (11) store_manager.php, and (12) choose_sell_format.php in admin/, and possibly other vectors.
CVE-2008-6940 EXPLOITDB text WRITEUP
TurnkeyForms Web Hosting Directory - Unauthenticated Sensitive Information Exposure via Direct Database Backup Request
TurnkeyForms Web Hosting Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain a database backup via a direct request to admin/backup/db.
CVE-2008-6939 EXPLOITDB text WRITEUP
TurnkeyForms Web Hosting Directory - Unauthenticated Authentication Bypass via Cookie Manipulation
TurnkeyForms Web Hosting Directory allows remote attackers to bypass authentication and (1) gain administrative privileges by setting the adm cookie to 1 or (2) gain privileges as another user by setting the logged cookie to the target username.
CVE-2008-6268 EXPLOITDB text WORKING POC
WEBBDOMAIN Multi Languages WebShop Online 1.02 - SQL Injection via detail.php id Parameter
SQL injection vulnerability in detail.php in WEBBDOMAIN Multi Languages WebShop Online 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6267 EXPLOITDB text WORKING POC
Multi Languages WebShop Online 1.02 - Cross-Site Scripting via detail.php name Parameter
Cross-site scripting (XSS) vulnerability in detail.php in Multi Languages WebShop Online 1.02 allows remote attackers to inject arbitrary web script or HTML via the name parameter.
CVE-2008-6231 EXPLOITDB text WRITEUP
Pre Classified Listing PHP - Unauthenticated Authentication Bypass via Cookie Manipulation
Pre Classified Listing PHP allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".
CVE-2008-6227 EXPLOITDB text WORKING POC
Pre Multi-Vendor Shopping Malls - SQL Injection via buyer_detail.php sid/cid Parameters
SQL injection vulnerability in buyer_detail.php in Pre Multi-Vendor Shopping Malls allows remote attackers to execute arbitrary SQL commands via the (1) sid and (2) cid parameters.
CVE-2008-7045 EXPLOITDB text WRITEUP
AJ Square Free Polling Script - Unauthenticated Authentication Bypass via Direct Request to admin/resetvote.php
AJ Square Free Polling Script (AJPoll) Database version allows remote attackers to bypass authentication and reset poll votes via a direct request to admin/resetvote.php.
CVE-2008-7044 EXPLOITDB text WRITEUP
AJ Square Free Polling Script - SQL Injection via ques Parameter
SQL injection vulnerability in admin/include/newpoll.php in AJ Square Free Polling Script (AJPoll) Database version allows remote attackers to execute arbitrary SQL commands via the ques parameter.
CVE-2008-5651 EXPLOITDB text WORKING POC
MyioSoft EasyBookMarker 4.0 - SQL Injection
SQL injection vulnerability in plugins/bookmarker/bookmarker_backend.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the Parent parameter.
CVE-2009-1646 EXPLOITDB perl WORKING POC
Mini-stream RM Downloader 3.0.0.9 - Stack-based Buffer Overflow via Long RTSP URL
Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long rtsp URL in a .ram file.
CVE-2009-1641 EXPLOITDB perl WORKING POC
Mini-stream Ripper 3.0.1.1 - Remote Code Execution via Long RTSP URL or HREF Attribute
Multiple stack-based buffer overflows in Mini-stream Ripper 3.0.1.1 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file.
CVE-2009-1641 EXPLOITDB perl WORKING POC
Mini-stream Ripper 3.0.1.1 - Remote Code Execution via Long RTSP URL or HREF Attribute
Multiple stack-based buffer overflows in Mini-stream Ripper 3.0.1.1 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file.
CVE-2009-1642 EXPLOITDB perl WORKING POC
Mini-stream ASX to MP3 Converter 3.0.0.7 - Stack-based Buffer Overflow via Long rtsp URL or HREF Attribute
Multiple stack-based buffer overflows in Mini-stream ASX to MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. NOTE: the latter was also subsequently reported in "prior to 3.1.3.7."
CVE-2009-1645 EXPLOITDB perl WORKING POC
Mini-stream Easy RM-MP3 Converter 3.0.0.7 - Remote Code Execution via Long RTSP URL or HREF Attribute
Multiple stack-based buffer overflows in Mini-stream Easy RM-MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file.
CVE-2009-1642 EXPLOITDB perl WORKING POC
Mini-stream ASX to MP3 Converter 3.0.0.7 - Stack-based Buffer Overflow via Long rtsp URL or HREF Attribute
Multiple stack-based buffer overflows in Mini-stream ASX to MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. NOTE: the latter was also subsequently reported in "prior to 3.1.3.7."
CVE-2009-1645 EXPLOITDB perl WORKING POC
Mini-stream Easy RM-MP3 Converter 3.0.0.7 - Remote Code Execution via Long RTSP URL or HREF Attribute
Multiple stack-based buffer overflows in Mini-stream Easy RM-MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file.
EIP-2026-117034 EXPLOITDB perl WORKING POC
Destiny Media Player 1.61 - '.rdl' Local Buffer Overflow
CVE-2008-6912 EXPLOITDB text WRITEUP
Zeeways SHAADICLONE 2.0 - Unauthenticated Authentication Bypass via Direct Admin Page Access
Zeeways SHAADICLONE 2.0 allows remote attackers to bypass authentication and gain administrative privileges via a direct request to admin/home.php.
CVE-2008-6912 EXPLOITDB text WRITEUP
Zeeways SHAADICLONE 2.0 - Unauthenticated Authentication Bypass via Direct Admin Page Access
Zeeways SHAADICLONE 2.0 allows remote attackers to bypass authentication and gain administrative privileges via a direct request to admin/home.php.
CVE-2008-5221 EXPLOITDB php WORKING POC
wportfolio < 0.3 - Unauthenticated Admin Password Change via account_save Action
The account_save action in admin/userinfo.php in wPortfolio 0.3 and earlier does not require authentication and does not require knowledge of the original password, which allows remote attackers to change the admin account password via modified password and password_retype parameters.