High-Tech Bridge SA Security Research Lab

21 exploits Active since Jan 2012
CVE-2011-5072 EXPLOITDB WORKING POC
Support Incident Tracker < 3.65 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in Support Incident Tracker (aka SiT!) before 3.65 allow remote attackers to execute arbitrary SQL commands via the (1) start parameter to portal/kb.php; (2) contractid parameter to contract_add_service.php; (3) id parameter to edit_escalation_path.php; (4) unlock, (5) lock, or (6) selected parameter to holding_queue.php; inc parameter in a report action to (7) report_customers.php or (8) report_incidents_by_site.php; (9) start parameter to search.php; or (10) sites parameter to transactions.php.
CVE-2011-5073 EXPLOITDB WORKING POC
Support Incident Tracker < 3.65 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Support Incident Tracker (aka SiT!) before 3.65 allow remote attackers to inject arbitrary web script or HTML via the (1) mode parameter to contact_support.php; (2) contractid parameter to contract_add_service.php; (3) user parameter to edit_backup_users.php; (4) id parameter to edit_escalation_path.php; the Referer to (5) forgotpwd.php, (6) an approvalpage action to billable_incidents.php, or (7) transactions.php; (8) action parameter to inbox.php; (9) search_string parameter in a findcontact action to incident_add.php; table1 parameter to (10) report_customers.php, (11) report_incidents_by_engineer.php, (12) report_incidents_by_site.php, or (13) report_marketing.php; or the (14) startdate or (15) enddate parameter to report_incidents_by_vendor.php.
CVE-2012-2208 EXPLOITDB text WRITEUP
Piwigo < 2.3.3 - Remote File Inclusion via Upgrade Language Parameter
Directory traversal vulnerability in upgrade.php in Piwigo before 2.3.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
CVE-2012-1935 EXPLOITDB text WRITEUP
Newscoop 3.5.x < 3.5.5 and 4.x < 4 RC4 - Cross-Site Scripting via Back Parameter or Token/Email Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4.x before 4 RC4 allow remote attackers to inject arbitrary web script or HTML via the (1) Back parameter to admin/ad.php, or the (2) token or (3) f_email parameter to admin/password_check_token.php.
CVE-2012-1934 EXPLOITDB text WRITEUP
Newscoop - SQL Injection via f_country_code Parameter
SQL injection vulnerability in admin/country/edit.php in Newscoop before 3.5.5 and 4.x before 4 RC4 allows remote attackers to execute arbitrary SQL commands via the f_country_code parameter.
CVE-2012-1933 EXPLOITDB text WRITEUP
Newscoop 3.5.x < 3.5.5 and 4 < RC4 - Remote Code Execution via GLOBALS[g_campsiteDir] Parameter
Multiple PHP remote file inclusion vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4 before RC4, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[g_campsiteDir] parameter to (1) include/phorum_load.php, (2) conf/install_conf.php, or (3) conf/liveuser_configuration.php.
EIP-2026-116408 EXPLOITDB text WORKING POC
threedify designer 5.0.2 - Multiple Vulnerabilities
CVE-2012-0985 EXPLOITDB html WORKING POC
Sony VAIO PC Wireless LAN Wizard 1.0-4.11 - Buffer Overflow
Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAIO PC Wireless LAN Wizard 1.0; VAIO Wireless Wizard 1.00, 1.00_64, 1.0.1, 2.0, and 3.0; SmartWi Connection Utility 4.7, 4.7.4, 4.8, 4.9, 4.10, and 4.11; and VAIO Easy Connect software 1.0.0 and 1.1.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the second argument of the (1) SetTmpProfileOption or (2) ConnectToNetwork method.
CVE-2012-0984 EXPLOITDB text WORKING POC
XOOPS < 2.5.5 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in XOOPS before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) to_userid parameter to modules/pm/pmlite.php or the (2) current_file, (3) imgcat_id, or (4) target parameter to class/xoopseditor/tinymce/tinymce/jscripts/tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php.
EIP-2026-113546 EXPLOITDB text WORKING POC
WordPress Plugin Ajax Category Dropdown 0.1.5 - Multiple Vulnerabilities
EIP-2026-113035 EXPLOITDB html WORKING POC
VCalendar 1.1.5 - Cross-Site Request Forgery
CVE-2011-5074 EXPLOITDB text WORKING POC
Support Incident Tracker < 3.65 - Cross-Site Request Forgery via User Profile Edit
Multiple cross-site request forgery (CSRF) vulnerabilities in Support Incident Tracker (aka SiT!) before 3.65 allow remote attackers to hijack the authentication of administrators for requests that change administrator email, add a new administrator, or insert arbitrary script via (1) user_profile_edit.php or (2) user_add.php.
CVE-2012-2227 EXPLOITDB text WRITEUP
PluXml < 5.1.5 - Path Traversal via default_lang Parameter
Directory traversal vulnerability in update/index.php in PluXml before 5.1.6 allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the default_lang parameter.
CVE-2012-2209 EXPLOITDB text WRITEUP
Piwigo < 2.3.4 - Cross-Site Scripting via Admin Panel Parameters
Multiple cross-site scripting (XSS) vulnerabilities in admin.php in Piwigo before 2.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) section parameter in the configuration module, (2) installstatus parameter in the languages_new module, or (3) theme parameter in the theme module.
EIP-2026-111068 EXPLOITDB text WORKING POC
phpGraphy 0.9.13b - Multiple Vulnerabilities
EIP-2026-111039 EXPLOITDB text WORKING POC
PHPDug 2.0.0 - Multiple Vulnerabilities
CVE-2012-4679 EXPLOITDB text WRITEUP
Newscoop < 3.5.5 - Cross-Site Scripting via f_user_name Parameter
Cross-site scripting (XSS) vulnerability in admin/login.php in Newscoop before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the f_user_name parameter.
EIP-2026-107222 EXPLOITDB text WORKING POC
Free Simple CMS 1.0 - Multiple Vulnerabilities
EIP-2026-106975 EXPLOITDB text WORKING POC
Extcalendar 2.0b2 - 'cal_search.php' SQL Injection
EIP-2026-106348 EXPLOITDB text WORKING POC
dalbum 1.43 - Multiple Vulnerabilities
EIP-2026-104847 EXPLOITDB text WORKING POC
4Images 1.7.9 - Multiple Vulnerabilities