IRCRASH (Dr.Crash Or Khashayar Fereidani)

5 exploits Active since May 2008
CVE-2008-2081 EXPLOITDB text WRITEUP
Siteman 2.0.x2 - Authenticated Path Traversal via Module Parameter
Directory traversal vulnerability in index.php in Siteman 2.0.x2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the module parameter.
CVE-2008-2072 EXPLOITDB text WRITEUP
Virtual Design Studio vlbook 1.21 - Cross-Site Scripting via l Parameter
Cross-site scripting (XSS) vulnerability in index.php in Virtual Design Studio vlbook 1.21 allows remote attackers to inject arbitrary web script or HTML via the l parameter, a different vector than CVE-2006-3260.
CVE-2008-2073 EXPLOITDB text WRITEUP
vlbook 1.21 - Path Traversal via l Parameter
Directory traversal vulnerability in include/global.inc.php in Virtual Design Studio vlbook 1.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the l parameter.
CVE-2008-2082 EXPLOITDB text WRITEUP
Siteman 2.0.x2 - Cross-Site Scripting via Module Parameter
Cross-site scripting (XSS) vulnerability in index.php in Siteman 2.0.x2 allows remote attackers to inject arbitrary web script or HTML via the module parameter, which leaks the path in an error message.
CVE-2008-2076 EXPLOITDB text WRITEUP
ActualScripts ActualAnalyzer Lite 2.78 - Remote File Inclusion via Admin.php Style Parameter
Directory traversal vulnerability in admin.php in ActualScripts ActualAnalyzer Lite 2.78 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the style parameter.