InjEctOr5

73 exploits Active since May 2008
CVE-2009-1664 EXPLOITDB text WORKING POC
Easy Scripts Answer and Question Script - Unauthenticated Password Change via myaccount.php
myaccount.php in Easy Scripts Answer and Question Script does not verify the original password before changing passwords, which allows remote attackers to change the password of other users and gain privileges via modified userid, txtpassword, and txtRpassword parameters.
CVE-2009-1663 EXPLOITDB text WORKING POC
Easy Scripts Answer and Question Script - Unauthenticated Arbitrary File Upload via myaccount.php
Unrestricted file upload vulnerability in myaccount.php in Easy Scripts Answer and Question Script allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the uploads/[username] directory.
CVE-2009-1655 EXPLOITDB text WORKING POC
Easy Scripts Answer and Question Script - Authenticated SQL Injection via Userid Parameter
Multiple SQL injection vulnerabilities in myaccount.php in Easy Scripts Answer and Question Script allow remote authenticated users to execute arbitrary SQL commands via the (1) user name (userid parameter) and (2) password.
CVE-2009-1654 EXPLOITDB text WORKING POC
Easy Scripts Answer and Question Script - Cross-Site Scripting via questionid Parameter
Cross-site scripting (XSS) vulnerability in questiondetail.php in Easy Scripts Answer and Question Script allows remote attackers to inject arbitrary web script or HTML via the questionid parameter.
CVE-2008-7117 EXPLOITDB text WRITEUP
WeBid 0.5.4 - Arbitrary CSS File Modification via file Parameter
eledicss.php in WeBid auction script 0.5.4 allows remote attackers to modify arbitrary cascading style sheets (CSS) files via a certain request with the file parameter set to style.css. NOTE: this can probably be leveraged for cross-site scripting (XSS) attacks.
CVE-2008-7116 EXPLOITDB text WRITEUP
WeBid 0.5.4 - SQL Injection via Admin Panel Username Parameter
SQL injection vulnerability in the admin panel (admin/) in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the username.
CVE-2008-6003 EXPLOITDB text WORKING POC
AJ Auction Pro Platinum 2 - SQL Injection
SQL injection vulnerability in sellers_othersitem.php in AJ Auction Pro Platinum 2 allows remote attackers to execute arbitrary SQL commands via the seller_id parameter.
CVE-2008-4082 EXPLOITDB text WORKING POC
Brim 2.0.0 - Authenticated SQL Injection via Tasks Plugin Search Action
SQL injection vulnerability in the Tasks plugin in Brim 2.0.0, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via an arbitrary field in a search action to index.php.
CVE-2008-2180 EXPLOITDB text WORKING POC
cpLinks 1.03 - SQL Injection via Admin Username or Search Parameters
Multiple SQL injection vulnerabilities in cpLinks 1.03, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) admin_username parameter (aka the username field) to admin/index.php and the (2) search_text and (3) search_category parameters to search.php. NOTE: some of these details are obtained from third party information.
CVE-2008-6154 EXPLOITDB text WORKING POC
Hispah Text Links Ads 1.1 - SQL Injection via idcat Parameter
SQL injection vulnerability in index.php in Hispah Text Links Ads 1.1 allows remote attackers to execute arbitrary SQL commands via the idcat parameter.
CVE-2008-7118 EXPLOITDB text WRITEUP
WeBid 0.5.4 - Unauthenticated Sensitive Information Exposure via Direct Request
WeBid auction script 0.5.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain SQL query logs via a direct request for logs/cron.log.
EIP-2026-113169 EXPLOITDB text WRITEUP
W2B Restaurant 1.2 - 'conf.inc' Configuration File Disclosure
CVE-2008-6518 EXPLOITDB text WRITEUP
VidiScript - Authenticated Remote Code Execution via Avatar Upload
Unrestricted file upload vulnerability in the profile feature in VidiScript allows registered remote authenticated users to execute arbitrary code by uploading a PHP file as an Avatar, then accessing the avatar via a direct request.
CVE-2009-1750 EXPLOITDB text WRITEUP
VidSharePro - Authenticated Arbitrary File Upload and Remote Code Execution
Unrestricted file upload vulnerability in VidSharePro allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors.
EIP-2026-112669 EXPLOITDB text WRITEUP
Ticket Support Script - 'ticket.php' Arbitrary File Upload
CVE-2008-5921 EXPLOITDB text WORKING POC
Umer Inc Songs Portal - SQL Injection
SQL injection vulnerability in albums.php in Umer Inc Songs Portal allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5168 EXPLOITDB text WORKING POC
Tips Complete Website 1.2.0 - SQL Injection
SQL injection vulnerability in tip.php in Tips Complete Website 1.2.0 allows remote attackers to execute arbitrary SQL commands via the tipid parameter.
CVE-2008-4039 EXPLOITDB text WORKING POC
spice_classifieds - SQL Injection via cat_path Parameter
SQL injection vulnerability in index.php in Spice Classifieds allows remote attackers to execute arbitrary SQL commands via the cat_path parameter.
CVE-2008-6358 EXPLOITDB text WORKING POC
Social Groupie - SQL Injection via id Parameter
SQL injection vulnerability in group_index.php in Social Groupie allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6367 EXPLOITDB text WRITEUP
Social Groupie - Authenticated Arbitrary File Upload via Photos/create_album.php
Unrestricted file upload vulnerability in Photos/create_album.php in Social Groupie allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in Member_images/.
CVE-2008-5166 EXPLOITDB text WORKING POC
Riddles Website 1.2.1 - SQL Injection
SQL injection vulnerability in riddle.php in Riddles Website 1.2.1 allows remote attackers to execute arbitrary SQL commands via the riddleid parameter.
CVE-2009-2770 EXPLOITDB text WORKING POC
PowerUpload 2.4 - Unauthenticated Authentication Bypass via MIME-Encoded Admin Cookie
PowerUpload 2.4 allows remote attackers to bypass authentication and gain administrative access via a MIME encoded value of admin for the myadminname cookie.
EIP-2026-111041 EXPLOITDB text WRITEUP
phpEmployment - 'conf.inc' File Disclosure
CVE-2008-2113 EXPLOITDB text WORKING POC
PHPEasyData 1.5.4 - SQL Injection via annuaire.php cat_id Parameter
SQL injection vulnerability in annuaire.php in PHPEasyData 1.5.4 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
EIP-2026-110915 EXPLOITDB text WRITEUP
phpAdBoard - 'conf.inc' Remote Configuration File Disclosure