Kacper

159 exploits Active since Dec 2003
CVE-2007-0369 EXPLOITDB php WORKING POC
phpbp RC3 (2.204) and earlier - SQL Injection via Comment Forum
SQL injection vulnerability in phpBP RC3 (2.204) and earlier allows remote attackers to execute arbitrary SQL commands via the comment forum.
CVE-2006-7128 EXPLOITDB perl WORKING POC
JAF CMS 4.0 RC1 - Remote File Inclusion via Forum Website Parameter
PHP remote file inclusion vulnerability in forum/forum.php JAF CMS 4.0 RC1 allows remote attackers to execute arbitrary PHP code via a URL in the website parameter.
CVE-2006-4961 EXPLOITDB php WORKING POC
Php Blue Dragon <2.9.1 - SQL Injection
SQL injection vulnerability in the GetModuleConfig function in public_includes/pub_kernel/pbd_modules.php in Php Blue Dragon 2.9.1 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter to index.php.
CVE-2006-4960 EXPLOITDB php WORKING POC
Php Blue Dragon <= 2.9.1 - Cross-Site Scripting via m Parameter
Cross-site scripting (XSS) vulnerability in index.php Php Blue Dragon 2.9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the m parameter, which is reflected in an error message resulting from a failed SQL query.
CVE-2006-4878 EXPLOITDB php WORKING POC
David Bennett PHP-Post <1.0 - Path Traversal
Directory traversal vulnerability in footer.php in David Bennett PHP-Post (PHPp) 1.0 and earlier allows remote attackers to read and include arbitrary local files via a .. (dot dot) sequence in the template parameter. NOTE: this was later reported to affect 1.0.1, and demonstrated for code execution by uploading and accessing an avatar file.
CVE-2007-5912 EXPLOITDB text WORKING POC
jPORTAL 2 - SQL Injection via Mailer to Parameter
SQL injection vulnerability in mailer.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the to parameter.
CVE-2006-2576 EXPLOITDB text WORKING POC
Docebo < 3.0.3 - Remote File Inclusion via GLOBALS Overwrite
Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in (1) GLOBALS[where_framework] to (a) lib.simplesel.php, (b) lib.filelist.php, (c) tree.documents.php, (d) lib.repo.php, and (e) lib.php, and (2) GLOBALS[where_scs] to (f) lib.teleskill.php. NOTE: this issue might be resultant from a global overwrite vulnerability.
CVE-2007-3138 EXPLOITDB php WORKING POC
Open Solution Quick.Cart < 2.2 - Directory Traversal via sLanguage Cookie
Directory traversal vulnerability in index.php in Open Solution Quick.Cart 2.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in an sLanguage cookie, which is used to define a value in config/general.php.
CVE-2007-0763 EXPLOITDB php WORKING POC
F3Site 2.1 - Cross-Site Scripting via News Comment Autor Field
Cross-site scripting (XSS) vulnerability in the news comment functionality in F3Site 2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the Autor field.
CVE-2006-4062 EXPLOITDB text WORKING POC
Dmitry Sheiko SAPID Shop <1.2 - RCE
PHP remote file inclusion vulnerability in usr/extensions/get_tree.inc.php in Dmitry Sheiko SAPID Shop 1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[root_path] parameter.
CVE-2006-4026 EXPLOITDB text WORKING POC
SAPID CMS 123 rc3 - Remote Code Execution via root_path Parameter
PHP remote file inclusion vulnerability in SAPID CMS 123 rc3 allows remote attackers to execute arbitrary PHP code via a URL in the (1) root_path parameter in usr/extensions/get_infochannel.inc.php and the (2) GLOBALS["root_path"] parameter in usr/extensions/get_tree.inc.php.
CVE-2006-6633 EXPLOITDB php WORKING POC
YapBB < 1.2_beta2 - Remote File Inclusion via GLOBALS[include_Bit] Parameter
PHP remote file inclusion vulnerability in include/yapbb_session.php in YapBB 1.2 Beta2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[include_Bit] parameter.
CVE-2007-6172 EXPLOITDB text WORKING POC
wpQuiz 2.7 - SQL Injection via id Parameter
Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewimage.php and (2) comments.php.
EIP-2026-114491 EXPLOITDB text WORKING POC
Xtreme/Ditto News 1.0 - 'post.php' Remote File Inclusion
CVE-2009-0515 EXPLOITDB text WRITEUP
yanocc < 0.1.0 - Remote File Inclusion via Lang Parameter Path Traversal
Directory traversal vulnerability in check_lang.php in Yet Another NOCC (YANOCC) 0.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
CVE-2006-5421 EXPLOITDB php WORKING POC
WSN Forum < 1.3.4 - Remote Code Execution via Avatar Image Path Manipulation
WSN Forum 1.3.4 and earlier allows remote attackers to execute arbitrary PHP code via a modified pathname in the pathtoconfig parameter that points to an avatar image that contains PHP code, which is then accessed from prestart.php. NOTE: this issue has been labeled remote file inclusion, but that label only applies to the attack, not the underlying vulnerability.
CVE-2006-2888 EXPLOITDB text WORKING POC
Wikiwig - Remote File Inclusion via WK[wkPath] Parameter
PHP remote file inclusion vulnerability in _wk/wk_lang.php in Wikiwig 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the WK[wkPath] parameter.
CVE-2009-2122 EXPLOITDB text WORKING POC
Paolo Palmonari Photoracer <1.0 - SQL Injection
SQL injection vulnerability in viewimg.php in the Paolo Palmonari Photoracer plugin 1.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-2860 EXPLOITDB text WORKING POC
Webspotblogging 3.0.1 - Remote Code Execution via Path Parameter in Multiple Scripts
PHP remote file inclusion vulnerability in Webspotblogging 3.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) inc/logincheck.inc.php, (2) inc/adminheader.inc.php, (3) inc/global.php, or (4) inc/mainheader.inc.php. NOTE: some of these vectors were also reported for 3.0 in a separate disclosure.
CVE-2006-6856 EXPLOITDB php WORKING POC
WebText CMS <0.4.5.2 - Code Injection
Direct static code injection vulnerability in WebText CMS 0.4.5.2 and earlier allows remote attackers to inject arbitrary PHP code into a script in wt/users/ via the im parameter during a profile edit (edycja) operation, which is then executed via a direct request for this script.
CVE-2006-5155 EXPLOITDB php WORKING POC
VideoDB 2.2.1 - Remote File Inclusion via config[pdf_module] Parameter
PHP remote file inclusion vulnerability in core/pdf.php in VideoDB 2.2.1 and earlier allows remote attackers to execute arbitrary PHP code via the config[pdf_module] parameter.
CVE-2006-2995 EXPLOITDB text WORKING POC
WebprojectDB <= 0.1.3 - Remote File Inclusion via INCDIR Parameter
Multiple PHP remote file inclusion vulnerabilities in WebprojectDB 0.1.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the INCDIR parameter in (1) include/nav.php and (2) include/lang.php.
CVE-2006-6666 EXPLOITDB text WORKING POC
VerliAdmin < 0.3 - Authenticated Remote File Inclusion via q Parameter
PHP remote file inclusion vulnerability in index.php in VerliAdmin 0.3 and earlier allows remote authenticated users to execute arbitrary PHP code via a URL in the q parameter.
CVE-2007-1708 EXPLOITDB text WRITEUP
ttCMS 4 and earlier - Remote File Inclusion via lib_path Parameter
PHP remote file inclusion vulnerability in lib/db/ez_sql.php in ttCMS 4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the lib_path parameter.
CVE-2006-2557 EXPLOITDB text WORKING POC
Florian Amrhein NewsPortal < 0.37 - Remote File Inclusion via file_newsportal Parameter
PHP remote file inclusion vulnerability in extras/poll/poll.php in Florian Amrhein NewsPortal before 0.37, and TR Newsportal (TRanx rebuilded), allows remote attackers to execute arbitrary PHP code via a URL in the file_newsportal parameter.