IRCRASH (Dr.Crash Or Khashayar Fereidani)

5 exploits Active since May 2008
CVE-2008-2081 EXPLOITDB text WRITEUP
Siteman - Path Traversal
Directory traversal vulnerability in index.php in Siteman 2.0.x2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the module parameter.
CVE-2008-2072 EXPLOITDB text WRITEUP
Virtual Design Studios Vlbook - XSS
Cross-site scripting (XSS) vulnerability in index.php in Virtual Design Studio vlbook 1.21 allows remote attackers to inject arbitrary web script or HTML via the l parameter, a different vector than CVE-2006-3260.
CVE-2008-2073 EXPLOITDB text WRITEUP
Virtual Design Studios Vlbook - Path Traversal
Directory traversal vulnerability in include/global.inc.php in Virtual Design Studio vlbook 1.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the l parameter.
CVE-2008-2082 EXPLOITDB text WRITEUP
Siteman - XSS
Cross-site scripting (XSS) vulnerability in index.php in Siteman 2.0.x2 allows remote attackers to inject arbitrary web script or HTML via the module parameter, which leaks the path in an error message.
CVE-2008-2076 EXPLOITDB text WRITEUP
Actualscripts Actualanalyzer Lite - Path Traversal
Directory traversal vulnerability in admin.php in ActualScripts ActualAnalyzer Lite 2.78 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the style parameter.