JosS

86 exploits Active since Dec 2005
EIP-2026-111457 EXPLOITDB perl WORKING POC
pPIM 1.01 - 'notes.php' Remote Command Execution
CVE-2007-6158 EXPLOITDB text WORKING POC
Proverbs Web Calendar <1.1 - SQL Injection
Multiple SQL injection vulnerabilities in caladmin.inc.php in Proverbs Web Calendar 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) loginname (aka Username) and (2) loginpass (aka Password) parameters to caladmin.php.
CVE-2008-4177 EXPLOITDB text WORKING POC
Pre Real Estate Listings - SQL Injection via Search Parameter
SQL injection vulnerability in search.php in Pre Real Estate Listings allows remote attackers to execute arbitrary SQL commands via the c parameter.
CVE-2008-2915 EXPLOITDB text WORKING POC
Pre Job Board - SQL Injection via JobSearch.php Position or Keyword Parameter
Multiple SQL injection vulnerabilities in jobseekers/JobSearch.php (aka the search module) in Pre Job Board allow remote attackers to execute arbitrary SQL commands via the (1) position or (2) kw parameter.
CVE-2006-2770 EXPLOITDB text WORKING POC
pppblog < 0.3.8 - Directory Traversal via File Array Parameter
Directory traversal vulnerability in randompic.php in pppBLOG 0.3.8 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an index of the "file" array parameter, as demonstrated by file[0].
CVE-2008-4528 EXPLOITDB text WORKING POC
Phlatline Personal Information Manager 1.01 - Path Traversal via Notes.php ID Parameter
Directory traversal vulnerability in notes.php in Phlatline's Personal Information Manager (pPIM) 1.01 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter in an edit action.
CVE-2008-4490 EXPLOITDB text WORKING POC
phpabook < 0.8.8b - Remote File Inclusion via UserInfo Cookie
Directory traversal vulnerability in config.inc.php in phpAbook 0.8.8b and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the userInfo cookie.
CVE-2009-2402 EXPLOITDB text WORKING POC
PHPEcho CMS <2.0-rc3 - SQL Injection
SQL injection vulnerability in index.php in the forum module in PHPEcho CMS 2.0-rc3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a thread action, a different vector than CVE-2008-0355.
CVE-2008-2914 EXPLOITDB text WORKING POC
PHP JOBWEBSITE PRO - SQL Injection via JobSearch3.php kw or position Parameter
SQL injection vulnerability in jobseekers/JobSearch3.php (aka the search module) in PHP JOBWEBSITE PRO allows remote attackers to execute arbitrary SQL commands via the (1) kw or (2) position parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-1415 EXPLOITDB text WRITEUP
Multiple Time Sheets <5.0 - Path Traversal
Directory traversal vulnerability in index.php in Multiple Time Sheets (MTS) 5.0 and earlier allows remote attackers to read arbitrary files via "../..//" (modified dot dot) sequences in the tab parameter.
CVE-2008-4644 EXPLOITDB text WORKING POC
myWebland myStats - IP Address Restriction Bypass via X-Forwarded-For Header
hits.php in myWebland myStats allows remote attackers to bypass IP address restrictions via a modified X-Forwarded-For HTTP header.
CVE-2008-4455 EXPLOITDB text WORKING POC
MySQL Quick Admin 1.5.5 - Path Traversal via Language Cookie
Directory traversal vulnerability in index.php in EKINdesigns MySQL Quick Admin 1.5.5 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the language cookie.
CVE-2008-4650 EXPLOITDB text WORKING POC
myEvent 1.6 - SQL Injection via viewevent.php eventdate Parameter
SQL injection vulnerability in viewevent.php in myEvent 1.6 allows remote attackers to execute arbitrary SQL commands via the eventdate parameter.
CVE-2008-6183 EXPLOITDB text WORKING POC
My PHP Indexer 1.0 - Path Traversal via d and f Parameters
Multiple directory traversal vulnerabilities in index.php in My PHP Indexer 1.0 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) d and (2) f parameters.
CVE-2010-3210 EXPLOITDB text WORKING POC
Multi-lingual E-Commerce System 0.2 - RCE
Multiple PHP remote file inclusion vulnerabilities in Multi-lingual E-Commerce System 0.2 allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) checkout2-CYM.php, (2) checkout2-EN.php, (3) checkout2-FR.php, (4) cat-FR.php, (5) cat-EN.php, (6) cat-CYM.php, (7) checkout1-CYM.php, (8) checkout1-EN.php, (9) checkout1-FR.php, (10) prod-CYM.php, (11) prod-EN.php, and (12) prod-FR.php in inc/.
CVE-2008-6296 EXPLOITDB text WORKING POC
Maran PHP Shop - Unauthenticated Authentication Bypass via User Cookie
admin.php in Maran PHP Shop allows remote attackers to bypass authentication and gain administrative access by setting the user cookie to "demo."
CVE-2008-4662 EXPLOITDB text WORKING POC
LokiCMS 0.3.4 - Unauthenticated Path Traversal via Language Parameter
Directory traversal vulnerability in admin.php in LokiCMS 0.3.4, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
CVE-2008-5965 EXPLOITDB text SCANNER
LokiCMS <= 0.3.4 - Path Traversal via Page Parameter
Directory traversal vulnerability in index.php in LokiCMS 0.3.4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to check for the existence of arbitrary files via a .. (dot dot) in the page parameter.
CVE-2008-4879 EXPLOITDB text WORKING POC
Maran PHP Shop - SQL Injection via prod.php cat Parameter
SQL injection vulnerability in prod.php in Maran PHP Shop allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2008-4880.
EIP-2026-109473 EXPLOITDB perl WORKING POC
MiNBank 1.5.0 - Remote Command Execution
CVE-2009-2223 EXPLOITDB text WORKING POC
LightOpenCMS 0.1 - Path Traversal via cwd Parameter
Directory traversal vulnerability in locms/smarty.php in LightOpenCMS 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cwd parameter. NOTE: remote file inclusion attacks may be possible.
CVE-2008-6177 EXPLOITDB text WORKING POC
LightBlog 9.8 - Path Traversal and Arbitrary File Execution via Username Parameter
Multiple directory traversal vulnerabilities in LightBlog 9.8, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) username parameter to view_member.php, (2) username_post parameter to login.php, and the (3) Lightblog_username cookie parameter to check_user.php.
CVE-2008-4632 EXPLOITDB text WORKING POC
Kure 0.6.3 - Path Traversal via Post and Doc Parameters
Multiple directory traversal vulnerabilities in index.php in Kure 0.6.3, when magic_quotes_gpc is disabled, allow remote attackers to read and possibly execute arbitrary local files via a .. (dot dot) in the (1) post and (2) doc parameters.
CVE-2008-4606 EXPLOITDB text WORKING POC
IP Reg <= 0.4 - SQL Injection via location_id or vlan_id Parameter
Multiple SQL injection vulnerabilities in IP Reg 0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) location_id parameter to locationdel.php and (2) vlan_id parameter to vlanedit.php. NOTE: the vlanview.php and vlandel.php vectors are already covered by CVE-2007-6579.
CVE-2008-4509 EXPLOITDB perl WORKING POC
FOSS Gallery 1.0 beta - Unauthenticated Arbitrary File Upload via processFiles.php
Unrestricted file upload vulnerability in processFiles.php in FOSS Gallery Admin and FOSS Gallery Public 1.0 beta allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the root directory.