James Bercegay - Security Researcher - Exploit Intelligence Platform

CVE-2005-1672 EXPLOITDB text WRITEUP

Help Center Live - Cross-Site Scripting via Multiple Input Parameters

Multiple cross-site scripting (XSS) vulnerabilities in Help Center Live allow remote attackers to inject arbitrary web script or HTML via the (1) find parameter to index.php, (2) name or (3) message field of a chat request, or (4) the message body when opening a trouble ticket.

View Code

CVE-2008-3374 EXPLOITDB text WORKING POC

Gregarius < 0.5.4 - SQL Injection via rsargs Array Parameter

SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rsargs array parameter in an __exp__getFeedContent action.

View Code

CVE-2006-0823 EXPLOITDB text WRITEUP

Geeklog 1.4.0-1.4.0sr1 and 1.3.11-1.3.11sr4 - SQL Injection via Userid or Sessid Parameter

Multiple SQL injection vulnerabilities in Geeklog 1.4.0 before 1.4.0sr1 and 1.3.11 before 1.3.11sr4 allow remote attackers to inject arbitrary SQL commands via the (1) userid variable to users.php or (2) sessid variable to lib-sessions.php.

View Code

EIP-2026-106661 EXPLOITDB text WRITEUP

e107 < 0.7.11 - Arbitrary Variable Overwriting

View Code

CVE-2006-4525 EXPLOITDB text WRITEUP

CubeCart < 3.0.12 - Cross-Site Scripting via Links Array

Cross-site scripting (XSS) vulnerability in CubeCart 3.0.12 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the links array.

View Code

CVE-2008-6394 EXPLOITDB text WRITEUP

CS-Cart <= 1.3.5 - SQL Injection via cs_cookies[customer_user_id] Cookie Parameter

SQL injection vulnerability in core/user.php in CS-Cart 1.3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the cs_cookies[customer_user_id] cookie parameter.

View Code

CVE-2008-3845 EXPLOITDB text WRITEUP

Crafty Syntax Live Help <2.14.6 - SQL Injection

Multiple SQL injection vulnerabilities in Crafty Syntax Live Help (CSLH) 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to (1) is_xmlhttp.php and (2) is_flush.php.

View Code

CVE-2006-4844 EXPLOITDB text WRITEUP

Claroline < 1.7.7 - Remote Code Execution via extAuthSource Parameter

PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and earlier, as used in Dokeos and possibly other products, allows remote attackers to execute arbitrary PHP code via a URL in the extAuthSource[newUser] parameter.

View Code

CVE-2005-1642 EXPLOITDB text WRITEUP

Woltlab Burning Board 2.x and earlier - SQL Injection via Email Verification

SQL injection vulnerability in the verify_email function in Woltlab Burning Board 2.x and earlier allows remote attackers to execute arbitrary SQL commands via the $email variable.

View Code

CVE-2005-1200 EXPLOITDB text WRITEUP

AZ Bulletin Board 1.0.07a-1.0.07c - Remote File Inclusion via dir_src or abs_layer Parameter

PHP remote file inclusion vulnerability in main_index.php in AZ Bulletin Board (AZbb) 1.0.07a through 1.0.07c allows remote attackers to execute arbitrary PHP code by modifying the (1) dir_src or (2) abs_layer parameter to reference a URL on a remote web server that contains the code.

View Code

EIP-2026-105322 EXPLOITDB text WRITEUP

AutoRank PHP < 2.0.4 - SQL Injection (PoC)

View Code

EIP-2026-104882 EXPLOITDB text WRITEUP

Aardvark Topsites < 4.1.0 - Multiple Vulnerabilities

View Code

CVE-2008-5090 EXPLOITDB text WRITEUP

Advanced Electron Forum < 1.0.7 - Remote Code Execution via BBCode Email Parameter

Electron Inc. Advanced Electron Forum before 1.0.7 allows remote attackers to execute arbitrary PHP code via PHP code embedded in bbcode in the email parameter, which is processed by the preg_replace function with the eval switch.

View Code

CVE-2006-0806 EXPLOITDB text WRITEUP

ADOdb 4.71 - Cross-Site Scripting via next_page Parameter

Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71, as used in multiple packages such as phpESP, allow remote attackers to inject arbitrary web script or HTML via (1) the next_page parameter in adodb-pager.inc.php and (2) other unspecified vectors related to PHP_SELF.

View Code

EIP-2026-104628 EXPLOITDB text WRITEUP

MetaDot < 5.6.5.4b5 - Multiple Vulnerabilities

View Code

EIP-2026-104334 EXPLOITDB text WRITEUP

Max Web Portal < 1.30 - Multiple Vulnerabilities

View Code

EIP-2026-104493 EXPLOITDB text WRITEUP

WinMX < 2.6 - Design Error

View Code

EIP-2026-104441 EXPLOITDB text WRITEUP

Snitz Forums 2000 < 3.4.0.3 - Multiple Vulnerabilities

View Code

EIP-2026-104395 EXPLOITDB text WORKING POC

phpLinks < 2.1.2 - Multiple Vulnerabilities

View Code

EIP-2026-104394 EXPLOITDB text WRITEUP

PHP Topsites < 2.2 - Multiple Vulnerabilities

View Code

EIP-2026-104389 EXPLOITDB text WRITEUP

P-Synch < 6.2.5 - Multiple Vulnerabilities

View Code

EIP-2026-104336 EXPLOITDB text WRITEUP

MegaBrowser < 0.71b - Multiple Vulnerabilities

View Code

EIP-2026-104259 EXPLOITDB text WRITEUP

FTP Service < 1.2 - Multiple Vulnerabilities

View Code

CVE-2008-6985 EXPLOITDB text WRITEUP

Zen Cart 1.2.0-1.3.8a - SQL Injection via Shopping Cart ID Parameter

Multiple SQL injection vulnerabilities in includes/classes/shopping_cart.php in Zen Cart 1.2.0 through 1.3.8a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter when (1) adding or (2) updating the shopping cart.

View Code

EIP-2026-103339 EXPLOITDB ruby WORKING POC

Webmin < 1.920 - 'rpc.cgi' Remote Code Execution (Metasploit)

View Code