Julian Rodriguez

6 exploits Active since Jul 2008
CVE-2008-6838 EXPLOITDB text WRITEUP
Zoph 0.7.2.1 - Cross-Site Scripting via _off Parameter
Cross-site scripting (XSS) vulnerability in search.php in Zoph 0.7.2.1 allows remote attackers to inject arbitrary web script or HTML via the _off parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6837 EXPLOITDB text WRITEUP
Zoph 0.7.2.1 - SQL Injection
SQL injection vulnerability in Zoph 0.7.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different issue than CVE-2008-3258. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-3202 EXPLOITDB text WORKING POC
Xomol CMS 1.2 - Cross-Site Scripting via current_url Parameter
Cross-site scripting (XSS) vulnerability in index.php in Xomol CMS 1.2 allows remote attackers to inject arbitrary web script or HTML via the current_url parameter in a tellafriend action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6839 EXPLOITDB text WORKING POC
TGS Content Management 0.3.2r2 - Cross-Site Scripting via msg, goodmsg, dir, or id Parameters
Multiple cross-site scripting (XSS) vulnerabilities in TGS Content Management 0.3.2r2 allow remote attackers to inject arbitrary web script or HTML via the (1) msg and (2) goodmsg parameters to (a) login.php and (b) index.php, and the (3) dir and (4) id parameters to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6839 EXPLOITDB text WORKING POC
TGS Content Management 0.3.2r2 - Cross-Site Scripting via msg, goodmsg, dir, or id Parameters
Multiple cross-site scripting (XSS) vulnerabilities in TGS Content Management 0.3.2r2 allow remote attackers to inject arbitrary web script or HTML via the (1) msg and (2) goodmsg parameters to (a) login.php and (b) index.php, and the (3) dir and (4) id parameters to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-3201 EXPLOITDB text WORKING POC
Pagefusion 1.5 - Cross-Site Scripting via acct_fname, acct_lname, PID, PGID, or rez Parameters
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Pagefusion 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) acct_fname and (2) acct_lname parameters in an edit action, and the (3) PID, (4) PGID, and (5) rez parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.