GoLd_M

171 exploits Active since Jul 2005
CVE-2007-1809 EXPLOITDB text WRITEUP
GraFX Company WebSite Builder PRO 1.5 - RCE
Multiple PHP remote file inclusion vulnerabilities in GraFX Company WebSite Builder (CWB) PRO 1.5 allow remote attackers to execute arbitrary PHP code via a URL in the INCLUDE_PATH parameter to (1) cls_headline_prod.php, (2) cls_listorders.php, or (3) cls_viewpastorders.php in include/, different vectors than CVE-2007-1513.
CVE-2007-1640 EXPLOITDB text WRITEUP
ClassWeb <2.03 - RCE
Multiple PHP remote file inclusion vulnerabilities in ClassWeb 2.03 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the BASE parameter to (1) language.php and (2) phpadmin/survey.php.
CVE-2007-0500 EXPLOITDB text WORKING POC
Bradabra <2.0.5 - RCE
PHP remote file inclusion vulnerability in include/includes.php in Bradabra 2.0.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter.
CVE-2007-4957 EXPLOITDB text WORKING POC
Chupix Cms - Path Traversal
Multiple directory traversal vulnerabilities in download.php in Chupix CMS 0.2.3 allow remote attackers to read or overwrite arbitrary files via a .. (dot dot) in the (1) fichier or (2) repertoire parameter, or create arbitrary directories via a .. (dot dot) in the (3) repertoire parameter.
CVE-2007-2611 EXPLOITDB text WRITEUP
CGX 20050314 - RCE
Multiple PHP remote file inclusion vulnerabilities in CGX 20050314 allow remote attackers to execute arbitrary PHP code via a URL in the pathCGX parameter to (1) mtdialogo.php, (2) ltdialogo.php, (3) login.php, and (4) logingecon.php in inc/; and multiple unspecified files in frm/, sql/, and cns/.
CVE-2007-1930 EXPLOITDB text WORKING POC
Cattadoc - Path Traversal
Directory traversal vulnerability in download2.php in cattaDoc 2.21, and possibly other versions including 3.0, allows remote attackers to read arbitrary files via a .. (dot dot) in the fn1 parameter.
CVE-2007-2364 EXPLOITDB text WRITEUP
burnCMS 0.2 - RCE
Multiple PHP remote file inclusion vulnerabilities in burnCMS 0.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) mysql.class.php or (2) postgres.class.php in lib/db/; or (3) authuser.php, (4) misc.php, or (5) connect.php in lib/.
CVE-2007-1929 EXPLOITDB text WORKING POC
GNA Beryo - Path Traversal
Directory traversal vulnerability in downloadpic.php in Beryo 2.0, and possibly other versions including 2.4, allows remote attackers to read arbitrary files via a .. (dot dot) in the chemin parameter.
CVE-2008-0091 EXPLOITDB text WORKING POC
Agency4net Webftp - Path Traversal
Directory traversal vulnerability in download2.php in AGENCY4NET WEBFTP 1 allows remote attackers to read and delete arbitrary files via a .. (dot dot) in the file parameter.
CVE-2007-3590 EXPLOITDB text WORKING POC
B1gbb - XSS
Cross-site scripting (XSS) vulnerability in visitenkarte.php in b1gBB 2.24.0 allows remote attackers to inject arbitrary web script or HTML via the user parameter.
CVE-2007-5820 EXPLOITDB text WORKING POC
AxDCMS 0.1.1 - Path Traversal
Directory traversal vulnerability in index.php in Ax Developer CMS (AxDCMS) 0.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter.
CVE-2007-2301 EXPLOITDB text WRITEUP
audioCMS arash 0.1.4 - RCE
Multiple PHP remote file inclusion vulnerabilities in audioCMS arash 0.1.4 allow remote attackers to execute arbitrary PHP code via a URL in the arashlib_dir parameter to (1) edit.inc.php and (2) list_features.inc.php in arash_lib/include, and (3) arash_gadmin.class.php and (4) arash_sadmin.class.php in arash_lib/class/.
EIP-2026-105127 EXPLOITDB perl WORKING POC
Alstrasoft Article Manager Pro 1.6 - Blind SQL Injection
CVE-2007-0171 EXPLOITDB text WRITEUP
AllMyLinks <0.5.0 - RCE
PHP remote file inclusion vulnerability in index.php in AllMyLinks 0.5.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AML_opensite parameter.
CVE-2008-6414 EXPLOITDB text WORKING POC
AJ Square AJ Auction - SQL Injection
SQL injection vulnerability in detail.php in AJ Auction Pro Platinum Skin 2 allows remote attackers to execute arbitrary SQL commands via the item_id parameter.
CVE-2007-0837 EXPLOITDB text WORKING POC
AgerMenu <0.03 - RCE
PHP remote file inclusion vulnerability in examples/inc/top.inc.php in AgerMenu 0.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter.
CVE-2007-1621 EXPLOITDB perl WORKING POC
Active PHP Bookmark Notes <0.2.5 - RCE
PHP remote file inclusion vulnerability in templates/head.php in Active PHP Bookmark Notes (APB) 0.2.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the APB_SETTINGS[template_path] parameter. NOTE: this issue might be related to CVE-2003-1254.
CVE-2008-0794 EXPLOITDB text WORKING POC
Affiliate Market - Path Traversal
Directory traversal vulnerability in user/header.php in Affiliate Market 0.1 BETA allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
CVE-2007-1219 EXPLOITDB text WRITEUP
Admin Phorum 3.3.1a - Code Injection
PHP remote file inclusion vulnerability in actions/del.php in Admin Phorum 3.3.1a allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter.
CVE-2008-4873 EXPLOITDB text WORKING POC
Sepal SPBOARD 4.5 - RCE
board.cgi in Sepal SPBOARD 4.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter during a down_file action.
CVE-2007-4256 EXPLOITDB text WORKING POC
YNP Portal System 2.2.0 - Path Traversal
Directory traversal vulnerability in showpage.cgi in YNP Portal System 2.2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter.