InATeam

11 exploits Active since Sep 2007
CVE-2007-5231 EXPLOITDB php WORKING POC
Zomplog - Improper Input Validation
Unrestricted file upload vulnerability in admin/upload_files.php in Zomplog 3.8.1 and earlier allows remote authenticated administrators to upload and execute arbitrary .php files by sending a modified MIME type. NOTE: this can be exploited by unauthenticated attackers by leveraging CVE-2007-5230.
CVE-2007-5230 EXPLOITDB php WORKING POC
Zomplog - Access Control
admin/upload_files.php in Zomplog 3.8.1 and earlier does not check for administrative credentials, which allows remote attackers to perform administrative actions via a direct request. NOTE: this can be leveraged for code execution by exploiting CVE-2007-5231.
CVE-2007-5643 EXPLOITDB php WORKING POC
Lussumo Vanilla < 1.1.3 - SQL Injection
Multiple SQL injection vulnerabilities in Lussumo Vanilla 1.1.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the CategoryID parameter to ajax/sortcategories.php or (2) an unspecified vector to ajax/sortroles.php.
CVE-2007-4932 EXPLOITDB php WORKING POC
Shop-script < 2.0 - Improper Input Validation
admin.php in Shop-Script FREE 2.0 and earlier sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to access the admin panel.
CVE-2007-5278 EXPLOITDB php WORKING POC
Zomplog - Access Control
Zomplog 3.8.1 and earlier stores potentially sensitive information under the web root with insufficient access control, which allows remote attackers to download files that were uploaded by users, as demonstrated by obtaining a directory listing via a direct request to /upload and then retrieving individual files. NOTE: in a non-default configuration, the directory listing is denied, but filenames may be predicable.
EIP-2026-114415 EXPLOITDB php WORKING POC
xBtiTracker - SQL Injection
CVE-2007-5644 EXPLOITDB php WORKING POC
Lussumo Vanilla < 1.1.3 - Access Control
Lussumo Vanilla 1.1.3 and earlier does not require admin privileges for (1) ajax/sortcategories.php and (2) ajax/sortroles.php, which allows remote attackers to conduct unauthorized sort operations and other activities.
CVE-2007-4933 EXPLOITDB php WORKING POC
Shop-script - Code Injection
Direct static code injection vulnerability in includes/admin/sub/conf_appearence.php in Shop-Script FREE 2.0 and earlier allows remote attackers to inject arbitrary PHP code into cfg/appearence.inc.php via a save_appearence action in admin.php, as demonstrated with the (1) productscount, (2) colscount, and (3) darkcolor parameters.
CVE-2007-6202 EXPLOITDB php WORKING POC
Neocrome Seditio CMS <121 - SQL Injection
SQL injection vulnerability in plugins/search/search.php in Neocrome Seditio CMS 121 and earlier allows remote attackers to execute arbitrary SQL commands via the pag_sub[] parameter to plug.php.
CVE-2008-1513 EXPLOITDB php WORKING POC
Danneo CMS <0.5.1 - SQL Injection
SQL injection vulnerability in index.php in Danneo CMS 0.5.1 and earlier, when the Referers statistics option is enabled, allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header.
CVE-2008-3784 EXPLOITDB text WORKING POC
BtiTracker <1.4.7, xBtiTracker <2.0.542 - SQL Injection
SQL injection vulnerability in scrape.php in BtiTracker 1.4.7 and earlier and xBtiTracker 2.0.542 and earlier allows remote attackers to execute arbitrary SQL commands via the info_hash parameter.