GulfTech Security

165 exploits Active since Mar 2004

CVE-2008-3758 EXPLOITDB text WORKING POC

Lussumo Vanilla <= 1.1.4 - Cross-Site Scripting (XSS) via NewPassword, Account Picture, and Icon Fields

Multiple cross-site scripting (XSS) vulnerabilities in Lussumo Vanilla 1.1.4 and earlier (1) allow remote attackers to inject arbitrary web script or HTML via the NewPassword parameter to people.php, and allow remote authenticated users to inject arbitrary web script or HTML via the (2) Account picture and (3) Icon fields in account.php. NOTE: some of these details are obtained from third party information.

View Code

CVE-2004-1420 EXPLOITDB text WRITEUP

WHM AutoPilot <= 2.4.6.5 - Cross-Site Scripting via site_title or http_images Parameter

Multiple cross-site scripting (XSS) vulnerabilities in header.php in WHM AutoPilot 2.4.6.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) site_title or (2) http_images parameter.

View Code

EIP-2026-113012 EXPLOITDB text WRITEUP

vBulletin < 3.0.0 RC4 - Cross Site Scripting

View Code

CVE-2008-3369 EXPLOITDB text WRITEUP

ViArt Shop < 3.5 - SQL Injection via products_rss.php category_id Parameter

SQL injection vulnerability in products_rss.php in ViArt Shop 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the category_id parameter.

View Code

CVE-2008-5920 EXPLOITDB text WRITEUP

WebSVN 1.x - Remote Code Execution via Username preg_replace Eval Switch

The create_anchors function in utils.inc in WebSVN 1.x allows remote attackers to execute arbitrary PHP code via a crafted username that is processed by the preg_replace function with the eval switch.

View Code

CVE-2008-6970 EXPLOITDB text WORKING POC

UBB.threads < 7.3.1 - SQL Injection via Forum[] Array Parameter

SQL injection vulnerability in dosearch.inc.php in UBB.threads 7.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the Forum[] array parameter.

View Code

CVE-2004-1923 EXPLOITDB text WRITEUP

Tiki CMS/Groupware < 1.8.1 - Exposure of Sensitive Information via Direct Request to Multiple Scripts

Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to gain sensitive information via a direct request to (1) banner_click.php, (2) categorize.php, (3) tiki-admin_include_directory.php, (4) tiki-directory_search.php, which reveal the web server path in an error message.

View Code

CVE-2005-2058 EXPLOITDB text WRITEUP

UBB.Threads - SQL Injection via Multiple Parameters

Multiple SQL injection vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to execute arbitrary SQL commands via the Number parameter to (1) download.php, (2) modifypost.php, (3) mailthread.php, or (4) notifymod.php, (5) month or (6) year parameter to calendar.php, (7) message parameter to viewmessage.php, (8) main parameter to addfav.php, or (9) posted parameter to grabnext.php.

View Code

CVE-2005-2058 EXPLOITDB text WRITEUP

UBB.Threads - SQL Injection via Multiple Parameters

Multiple SQL injection vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to execute arbitrary SQL commands via the Number parameter to (1) download.php, (2) modifypost.php, (3) mailthread.php, or (4) notifymod.php, (5) month or (6) year parameter to calendar.php, (7) message parameter to viewmessage.php, (8) main parameter to addfav.php, or (9) posted parameter to grabnext.php.

View Code

CVE-2005-2058 EXPLOITDB text WRITEUP

UBB.Threads - SQL Injection via Multiple Parameters

Multiple SQL injection vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to execute arbitrary SQL commands via the Number parameter to (1) download.php, (2) modifypost.php, (3) mailthread.php, or (4) notifymod.php, (5) month or (6) year parameter to calendar.php, (7) message parameter to viewmessage.php, (8) main parameter to addfav.php, or (9) posted parameter to grabnext.php.

View Code

CVE-2005-2058 EXPLOITDB text WRITEUP

UBB.Threads - SQL Injection via Multiple Parameters

Multiple SQL injection vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to execute arbitrary SQL commands via the Number parameter to (1) download.php, (2) modifypost.php, (3) mailthread.php, or (4) notifymod.php, (5) month or (6) year parameter to calendar.php, (7) message parameter to viewmessage.php, (8) main parameter to addfav.php, or (9) posted parameter to grabnext.php.

View Code

CVE-2005-2058 EXPLOITDB text WORKING POC

UBB.Threads - SQL Injection via Multiple Parameters

Multiple SQL injection vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to execute arbitrary SQL commands via the Number parameter to (1) download.php, (2) modifypost.php, (3) mailthread.php, or (4) notifymod.php, (5) month or (6) year parameter to calendar.php, (7) message parameter to viewmessage.php, (8) main parameter to addfav.php, or (9) posted parameter to grabnext.php.

View Code

CVE-2005-2058 EXPLOITDB text WRITEUP

UBB.Threads - SQL Injection via Multiple Parameters

Multiple SQL injection vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to execute arbitrary SQL commands via the Number parameter to (1) download.php, (2) modifypost.php, (3) mailthread.php, or (4) notifymod.php, (5) month or (6) year parameter to calendar.php, (7) message parameter to viewmessage.php, (8) main parameter to addfav.php, or (9) posted parameter to grabnext.php.

View Code

CVE-2005-2058 EXPLOITDB text WRITEUP

UBB.Threads - SQL Injection via Multiple Parameters

Multiple SQL injection vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to execute arbitrary SQL commands via the Number parameter to (1) download.php, (2) modifypost.php, (3) mailthread.php, or (4) notifymod.php, (5) month or (6) year parameter to calendar.php, (7) message parameter to viewmessage.php, (8) main parameter to addfav.php, or (9) posted parameter to grabnext.php.

View Code

CVE-2008-3768 EXPLOITDB text WRITEUP

Turnkey Web Tools SunShop <4.1.5 - SQL Injection

Multiple SQL injection vulnerabilities in class.ajax.php in Turnkey Web Tools SunShop Shopping Cart before 4.1.5 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in an edit_registry action to index.php, (2) a vector involving the check_email function, and other vectors.

View Code

EIP-2026-112533 EXPLOITDB text WRITEUP

Synology Photostation < 6.7.2-3429 - Multiple Vulnerabilities

View Code

CVE-2004-1225 EXPLOITDB text WRITEUP

SugarCRM Sugar Sales < 2.0.1a - SQL Injection via Record Parameter

SQL injection vulnerability in SugarCRM Sugar Sales before 2.0.1a allows remote attackers to execute arbitrary SQL commands and gain privileges via the record parameter in a DetailView action to index.php, and record parameters in other functionality.

View Code

CVE-2004-1227 EXPLOITDB text WORKING POC

SugarCRM Sugar Sales < 2.0.1c - Directory Traversal via Module, Action, or Theme Parameters

Directory traversal vulnerability in SugarCRM Sugar Sales 2.0.1c and earlier allows remote attackers to read arbitrary files and possibly execute arbitrary PHP code via .. (dot dot) sequences in the (1) module, (2) action, or (3) theme parameters to index.php, (4) the theme parameter to Login.php, and possibly other parameters or scripts.

View Code

CVE-2005-4891 EXPLOITDB CRITICAL perl WORKING POC

Simple Machine Forum <1.0.4 - SQL Injection

Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements.

CVSS 9.8

View Code

EIP-2026-112194 EXPLOITDB text WORKING POC

SitePanel2 2.6.1 - Multiple Input Validation Vulnerabilities

View Code

CVE-2006-4019 EXPLOITDB text WRITEUP

SquirrelMail <1.4.7 - Code Injection

Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users.

View Code

CVE-2005-2095 EXPLOITDB text WRITEUP

SquirrelMail <= 1.4.4 - Remote Code Execution via Extract Function

options_identities.php in SquirrelMail 1.4.4 and earlier uses the extract function to process the $_POST variable, which allows remote attackers to modify or read the preferences of other users, conduct cross-site scripting XSS) attacks, and write arbitrary files.

View Code

CVE-2005-0270 EXPLOITDB text WRITEUP

ReviewPost PHP Pro < 2.84 - Cross-Site Scripting via si, cat, page, or report Parameter

Multiple cross-site scripting (XSS) vulnerabilities in ReviewPost PHP Pro before 2.84 allow remote attackers to inject arbitrary web script or HTML via the (1) si parameter to showcat.php, (2) cat or (3) page parameter to showproduct.php, or (4) report parameter to reportproduct.php.

View Code

EIP-2026-111826 EXPLOITDB text WORKING POC

RunCMS 1.1/1.2 Module Newbb_plus/Messages - SQL Injection

View Code

EIP-2026-111436 EXPLOITDB text WRITEUP

PostNuke < 0.726 Phoenix - Multiple Vulnerabilities

View Code