Kacak

5 exploits Active since May 2008
CVE-2008-2481 EXPLOITDB text WORKING POC
Phpraider - Code Injection
PHP remote file inclusion vulnerability in authentication/phpbb3/phpbb3.functions.php in phpRaider 1.0.7 and 1.0.7a, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the pConfig_auth[phpbb_path] parameter.
CVE-2008-4054 EXPLOITDB text WORKING POC
Kolifa Download Script - SQL Injection
SQL injection vulnerability in indir.php in Kolifa.net Download Script 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2990 EXPLOITDB text WRITEUP
Joomla Com Facileforms - Code Injection
PHP remote file inclusion vulnerability in facileforms.frame.php in the FacileForms (com_facileforms) component 1.4.4 for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the ff_compath parameter.
CVE-2008-3030 EXPLOITDB text WORKING POC
Efes Tech Shop - SQL Injection
SQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in an urunler action.
CVE-2009-0447 EXPLOITDB text WORKING POC
MyDesign Sayac 2.0 - SQL Injection
Multiple SQL injection vulnerabilities in default.asp in MyDesign Sayac 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the user parameter (aka UserName field) or (2) the pass parameter (aka Pass field) to (a) admin/admin.asp or (b) the default URI under admin/. NOTE: some of these details are obtained from third party information.