John Cobb

EIP-2026-115942 EXPLOITDB python WORKING POC

Nitro Pro 8.0.3.1 - Crash (PoC)

View Code

EIP-2026-114922 EXPLOITDB perl WORKING POC

Apple Safari 4.0.4 (531.21.10) - Stack Overflow / Denial of Service

View Code

EIP-2026-112313 EXPLOITDB text WRITEUP

Soft4e ECW-Shop 6.0.2 - 'index.php' HTML Injection

View Code

EIP-2026-112314 EXPLOITDB text WORKING POC

Soft4e ECW-Shop 6.0.2 - 'index.php' SQL Injection

View Code

CVE-2008-4139 EXPLOITDB text WORKING POC

Opensolution Quick.cms.lite - XSS

Cross-site scripting (XSS) vulnerability in admin.php in OpenSolution Quick.Cms.Lite 2.1 allows remote attackers to inject arbitrary web script or HTML via the query string.

View Code

CVE-2008-4140 EXPLOITDB text WORKING POC

Opensolution Quick.cart - XSS

Cross-site scripting (XSS) vulnerability in admin.php in Quick.Cart 3.1 allows remote attackers to inject arbitrary web script or HTML via the query string.

View Code

CVE-2004-1206 EXPLOITDB text WRITEUP

pnTresMailer 6.0.3 - Path Traversal

Directory traversal vulnerability in codebrowserpntm.php in pnTresMailer 6.0.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the filetodownload parameter.

View Code

EIP-2026-110362 EXPLOITDB text WORKING POC

osCommerce 2.2 - 'Contact_us.php' Cross-Site Scripting

View Code

EIP-2026-109844 EXPLOITDB text WRITEUP

Naxtor Shopping Cart 1.0 - 'Shop_Display_Products.php' SQL Injection

View Code

CVE-2005-2476 EXPLOITDB text WORKING POC

Naxtor Shopping Cart - XSS

Cross-site scripting (XSS) vulnerability in lost_passowrd.php in Naxtor Shopping Cart 1.0 allows remote attackers to inject arbitrary web script or HTML via the email parameter.

View Code

EIP-2026-107770 EXPLOITDB text WORKING POC

iGeneric iG Shop 1.x - Multiple SQL Injections

View Code

EIP-2026-106768 EXPLOITDB text WORKING POC

ECW Shop 6.0.2 - 'index.php' Cross-Site Scripting

View Code

CVE-2005-1033 EXPLOITDB text WRITEUP

CubeCart 2.0.6 - Info Disclosure

CubeCart 2.0.6 allows remote attackers to obtain sensitive information via an invalid (1) language parameter to index.php, (2) PHPSESSID parameter to index.php, (3) product parameter to tellafriend.php, (4) add parameter to view_cart.php, or (5) product parameter to view_product.php, which reveals the path in a PHP error message.

View Code

CVE-2005-1033 EXPLOITDB text WRITEUP

CubeCart 2.0.6 - Info Disclosure

CubeCart 2.0.6 allows remote attackers to obtain sensitive information via an invalid (1) language parameter to index.php, (2) PHPSESSID parameter to index.php, (3) product parameter to tellafriend.php, (4) add parameter to view_cart.php, or (5) product parameter to view_product.php, which reveals the path in a PHP error message.

View Code

CVE-2005-1033 EXPLOITDB text WRITEUP

CubeCart 2.0.6 - Info Disclosure

CubeCart 2.0.6 allows remote attackers to obtain sensitive information via an invalid (1) language parameter to index.php, (2) PHPSESSID parameter to index.php, (3) product parameter to tellafriend.php, (4) add parameter to view_cart.php, or (5) product parameter to view_product.php, which reveals the path in a PHP error message.

View Code

CVE-2005-1033 EXPLOITDB text WRITEUP

CubeCart 2.0.6 - Info Disclosure

CubeCart 2.0.6 allows remote attackers to obtain sensitive information via an invalid (1) language parameter to index.php, (2) PHPSESSID parameter to index.php, (3) product parameter to tellafriend.php, (4) add parameter to view_cart.php, or (5) product parameter to view_product.php, which reveals the path in a PHP error message.

View Code

CVE-2005-0442 EXPLOITDB text WRITEUP

Devellion Cubecart - Path Traversal

Directory traversal vulnerability in index.php for CubeCart 2.0.4 allows remote attackers to read arbitrary files via the language parameter.

View Code

CVE-2005-0443 EXPLOITDB text WRITEUP

Devellion Cubecart - XSS

index.php in CubeCart 2.0.4 allows remote attackers to (1) obtain the full path for the web server or (2) conduct cross-site scripting (XSS) attacks via an invalid language parameter, which echoes the parameter in a PHP error message.

View Code